@azure/msal-browser 4.20.0 → 4.21.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (272) hide show
  1. package/README.md +30 -0
  2. package/dist/app/IPublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientApplication.mjs +1 -1
  4. package/dist/app/PublicClientNext.mjs +1 -1
  5. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +2 -3
  6. package/dist/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  8. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  9. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  10. package/dist/cache/AccountManager.mjs +1 -1
  11. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  12. package/dist/cache/BrowserCacheManager.mjs +1 -1
  13. package/dist/cache/CacheHelpers.mjs +1 -1
  14. package/dist/cache/CacheKeys.mjs +1 -1
  15. package/dist/cache/CookieStorage.mjs +1 -1
  16. package/dist/cache/DatabaseStorage.mjs +1 -1
  17. package/dist/cache/EncryptedData.mjs +1 -1
  18. package/dist/cache/LocalStorage.mjs +1 -1
  19. package/dist/cache/MemoryStorage.mjs +1 -1
  20. package/dist/cache/SessionStorage.mjs +1 -1
  21. package/dist/cache/TokenCache.mjs +1 -1
  22. package/dist/config/Configuration.mjs +1 -1
  23. package/dist/controllers/ControllerFactory.mjs +1 -1
  24. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  25. package/dist/controllers/StandardController.d.ts.map +1 -1
  26. package/dist/controllers/StandardController.mjs +36 -9
  27. package/dist/controllers/StandardController.mjs.map +1 -1
  28. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  29. package/dist/crypto/BrowserCrypto.mjs +1 -1
  30. package/dist/crypto/CryptoOps.mjs +1 -1
  31. package/dist/crypto/PkceGenerator.mjs +1 -1
  32. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  33. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  34. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +2 -3
  35. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
  36. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  37. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  38. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  39. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  40. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  41. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  42. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  43. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  44. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  45. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  46. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  47. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  48. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  49. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  50. package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
  51. package/dist/custom-auth-path/config/Configuration.mjs +1 -1
  52. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  53. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  54. package/dist/custom-auth-path/controllers/StandardController.mjs +36 -9
  55. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  56. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  57. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  58. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  59. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  60. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  61. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  62. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  63. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  64. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  65. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCredentialResult.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  149. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  150. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  151. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  152. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  153. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  154. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  155. package/dist/custom-auth-path/error/NativeAuthError.d.ts.map +1 -1
  156. package/dist/custom-auth-path/error/NativeAuthError.mjs +3 -4
  157. package/dist/custom-auth-path/error/NativeAuthError.mjs.map +1 -1
  158. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  159. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  160. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  161. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  162. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  163. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  164. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +15 -6
  165. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  166. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  167. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +4 -4
  168. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
  169. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  170. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  171. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
  172. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  173. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
  174. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  175. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
  176. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  177. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  178. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  179. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  180. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  181. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  182. package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
  183. package/dist/custom-auth-path/protocol/Authorize.mjs +5 -1
  184. package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
  185. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  186. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  187. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  188. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  189. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  190. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  191. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
  192. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  193. package/dist/encode/Base64Decode.mjs +1 -1
  194. package/dist/encode/Base64Encode.mjs +1 -1
  195. package/dist/error/BrowserAuthError.mjs +1 -1
  196. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  197. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  198. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  199. package/dist/error/NativeAuthError.d.ts.map +1 -1
  200. package/dist/error/NativeAuthError.mjs +3 -4
  201. package/dist/error/NativeAuthError.mjs.map +1 -1
  202. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  203. package/dist/error/NestedAppAuthError.mjs +1 -1
  204. package/dist/event/EventHandler.mjs +1 -1
  205. package/dist/event/EventMessage.mjs +1 -1
  206. package/dist/event/EventType.mjs +1 -1
  207. package/dist/index.mjs +1 -1
  208. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  209. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  210. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  211. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +15 -6
  212. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  213. package/dist/interaction_client/PopupClient.mjs +1 -1
  214. package/dist/interaction_client/RedirectClient.mjs +4 -4
  215. package/dist/interaction_client/RedirectClient.mjs.map +1 -1
  216. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  217. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  218. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  219. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  220. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  221. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  222. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  223. package/dist/naa/BridgeError.mjs +1 -1
  224. package/dist/naa/BridgeProxy.mjs +1 -1
  225. package/dist/naa/BridgeStatusCode.mjs +1 -1
  226. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  227. package/dist/navigation/NavigationClient.mjs +1 -1
  228. package/dist/network/FetchClient.mjs +1 -1
  229. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  230. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  231. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  232. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  233. package/dist/packageMetadata.d.ts +1 -1
  234. package/dist/packageMetadata.mjs +2 -2
  235. package/dist/protocol/Authorize.d.ts.map +1 -1
  236. package/dist/protocol/Authorize.mjs +5 -1
  237. package/dist/protocol/Authorize.mjs.map +1 -1
  238. package/dist/request/RequestHelpers.mjs +1 -1
  239. package/dist/response/ResponseHandler.mjs +1 -1
  240. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  241. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  242. package/dist/utils/BrowserConstants.mjs +1 -1
  243. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  244. package/dist/utils/BrowserUtils.mjs +1 -1
  245. package/dist/utils/Helpers.mjs +1 -1
  246. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  247. package/lib/custom-auth-path/msal-custom-auth.cjs +177 -84
  248. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  249. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  250. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  251. package/lib/custom-auth-path/types/error/NativeAuthError.d.ts.map +1 -1
  252. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  253. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  254. package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
  255. package/lib/msal-browser.cjs +179 -86
  256. package/lib/msal-browser.cjs.map +1 -1
  257. package/lib/msal-browser.js +179 -86
  258. package/lib/msal-browser.js.map +1 -1
  259. package/lib/msal-browser.min.js +66 -66
  260. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  261. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  262. package/lib/types/error/NativeAuthError.d.ts.map +1 -1
  263. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  264. package/lib/types/packageMetadata.d.ts +1 -1
  265. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  266. package/package.json +2 -2
  267. package/src/controllers/StandardController.ts +42 -9
  268. package/src/error/NativeAuthError.ts +1 -2
  269. package/src/interaction_client/PlatformAuthInteractionClient.ts +17 -5
  270. package/src/interaction_client/RedirectClient.ts +2 -2
  271. package/src/packageMetadata.ts +1 -1
  272. package/src/protocol/Authorize.ts +8 -0
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v4.20.0 2025-08-12 */
1
+ /*! @azure/msal-browser v4.21.0 2025-08-19 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -276,7 +276,7 @@ const JsonWebTokenTypes = {
276
276
  // Token renewal offset default in seconds
277
277
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
278
278
 
279
- /*! @azure/msal-common v15.11.0 2025-08-12 */
279
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
280
280
  /*
281
281
  * Copyright (c) Microsoft Corporation. All rights reserved.
282
282
  * Licensed under the MIT License.
@@ -287,7 +287,7 @@ const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
287
287
  const unexpectedError = "unexpected_error";
288
288
  const postRequestFailed$1 = "post_request_failed";
289
289
 
290
- /*! @azure/msal-common v15.11.0 2025-08-12 */
290
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
291
291
 
292
292
  /*
293
293
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -322,7 +322,7 @@ function createAuthError(code, additionalMessage) {
322
322
  : AuthErrorMessages[code]);
323
323
  }
324
324
 
325
- /*! @azure/msal-common v15.11.0 2025-08-12 */
325
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
326
326
  /*
327
327
  * Copyright (c) Microsoft Corporation. All rights reserved.
328
328
  * Licensed under the MIT License.
@@ -372,7 +372,7 @@ const missingTenantIdError = "missing_tenant_id_error";
372
372
  const methodNotImplemented = "method_not_implemented";
373
373
  const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
374
374
 
375
- /*! @azure/msal-common v15.11.0 2025-08-12 */
375
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
376
376
 
377
377
  /*
378
378
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -446,7 +446,7 @@ function createClientAuthError(errorCode, additionalMessage) {
446
446
  return new ClientAuthError(errorCode, additionalMessage);
447
447
  }
448
448
 
449
- /*! @azure/msal-common v15.11.0 2025-08-12 */
449
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
450
450
 
451
451
  /*
452
452
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -485,7 +485,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
485
485
  },
486
486
  };
487
487
 
488
- /*! @azure/msal-common v15.11.0 2025-08-12 */
488
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
489
489
 
490
490
  /*
491
491
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -676,12 +676,12 @@ class Logger {
676
676
  }
677
677
  }
678
678
 
679
- /*! @azure/msal-common v15.11.0 2025-08-12 */
679
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
680
680
  /* eslint-disable header/header */
681
681
  const name$1 = "@azure/msal-common";
682
- const version$1 = "15.11.0";
682
+ const version$1 = "15.12.0";
683
683
 
684
- /*! @azure/msal-common v15.11.0 2025-08-12 */
684
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
685
685
  /*
686
686
  * Copyright (c) Microsoft Corporation. All rights reserved.
687
687
  * Licensed under the MIT License.
@@ -690,7 +690,7 @@ const AzureCloudInstance = {
690
690
  // AzureCloudInstance is not specified.
691
691
  None: "none"};
692
692
 
693
- /*! @azure/msal-common v15.11.0 2025-08-12 */
693
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
694
694
  /*
695
695
  * Copyright (c) Microsoft Corporation. All rights reserved.
696
696
  * Licensed under the MIT License.
@@ -719,7 +719,7 @@ const authorityMismatch = "authority_mismatch";
719
719
  const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
720
720
  const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
721
721
 
722
- /*! @azure/msal-common v15.11.0 2025-08-12 */
722
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
723
723
 
724
724
  /*
725
725
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -764,7 +764,7 @@ function createClientConfigurationError(errorCode) {
764
764
  return new ClientConfigurationError(errorCode);
765
765
  }
766
766
 
767
- /*! @azure/msal-common v15.11.0 2025-08-12 */
767
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
768
768
  /*
769
769
  * Copyright (c) Microsoft Corporation. All rights reserved.
770
770
  * Licensed under the MIT License.
@@ -861,7 +861,7 @@ class StringUtils {
861
861
  }
862
862
  }
863
863
 
864
- /*! @azure/msal-common v15.11.0 2025-08-12 */
864
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
865
865
 
866
866
  /*
867
867
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -905,7 +905,11 @@ class ScopeSet {
905
905
  * @returns
906
906
  */
907
907
  static createSearchScopes(inputScopeString) {
908
- const scopeSet = new ScopeSet(inputScopeString);
908
+ // Handle empty scopes by using default OIDC scopes for cache lookup
909
+ const scopesToUse = inputScopeString && inputScopeString.length > 0
910
+ ? inputScopeString
911
+ : [...OIDC_DEFAULT_SCOPES];
912
+ const scopeSet = new ScopeSet(scopesToUse);
909
913
  if (!scopeSet.containsOnlyOIDCScopes()) {
910
914
  scopeSet.removeOIDCScopes();
911
915
  }
@@ -1052,7 +1056,7 @@ class ScopeSet {
1052
1056
  }
1053
1057
  }
1054
1058
 
1055
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1059
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
1056
1060
  /*
1057
1061
  * Copyright (c) Microsoft Corporation. All rights reserved.
1058
1062
  * Licensed under the MIT License.
@@ -1134,7 +1138,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1134
1138
  return updatedAccountInfo;
1135
1139
  }
1136
1140
 
1137
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1141
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
1138
1142
 
1139
1143
  /*
1140
1144
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1195,12 +1199,34 @@ function checkMaxAge(authTime, maxAge) {
1195
1199
  }
1196
1200
  }
1197
1201
 
1198
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1202
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
1199
1203
 
1200
1204
  /*
1201
1205
  * Copyright (c) Microsoft Corporation. All rights reserved.
1202
1206
  * Licensed under the MIT License.
1203
1207
  */
1208
+ /**
1209
+ * Canonicalizes a URL by making it lowercase and ensuring it ends with /
1210
+ * Inlined version of UrlString.canonicalizeUri to avoid circular dependency
1211
+ * @param url - URL to canonicalize
1212
+ * @returns Canonicalized URL
1213
+ */
1214
+ function canonicalizeUrl(url) {
1215
+ if (!url) {
1216
+ return url;
1217
+ }
1218
+ let lowerCaseUrl = url.toLowerCase();
1219
+ if (StringUtils.endsWith(lowerCaseUrl, "?")) {
1220
+ lowerCaseUrl = lowerCaseUrl.slice(0, -1);
1221
+ }
1222
+ else if (StringUtils.endsWith(lowerCaseUrl, "?/")) {
1223
+ lowerCaseUrl = lowerCaseUrl.slice(0, -2);
1224
+ }
1225
+ if (!StringUtils.endsWith(lowerCaseUrl, "/")) {
1226
+ lowerCaseUrl += "/";
1227
+ }
1228
+ return lowerCaseUrl;
1229
+ }
1204
1230
  /**
1205
1231
  * Parses hash string from given string. Returns empty string if no hash symbol is found.
1206
1232
  * @param hashString
@@ -1258,9 +1284,38 @@ function mapToQueryString(parameters, encodeExtraParams = true, extraQueryParame
1258
1284
  }
1259
1285
  });
1260
1286
  return queryParameterArray.join("&");
1287
+ }
1288
+ /**
1289
+ * Normalizes URLs for comparison by removing hash, canonicalizing,
1290
+ * and ensuring consistent URL encoding in query parameters.
1291
+ * This fixes redirect loops when URLs contain encoded characters like apostrophes (%27).
1292
+ * @param url - URL to normalize
1293
+ * @returns Normalized URL string for comparison
1294
+ */
1295
+ function normalizeUrlForComparison(url) {
1296
+ if (!url) {
1297
+ return url;
1298
+ }
1299
+ // Remove hash first
1300
+ const urlWithoutHash = url.split("#")[0];
1301
+ try {
1302
+ // Parse the URL to handle encoding consistently
1303
+ const urlObj = new URL(urlWithoutHash);
1304
+ /*
1305
+ * Reconstruct the URL with properly decoded query parameters
1306
+ * This ensures that %27 and ' are treated as equivalent
1307
+ */
1308
+ const normalizedUrl = urlObj.origin + urlObj.pathname + urlObj.search;
1309
+ // Apply canonicalization logic inline to avoid circular dependency
1310
+ return canonicalizeUrl(normalizedUrl);
1311
+ }
1312
+ catch (e) {
1313
+ // Fallback to original logic if URL parsing fails
1314
+ return canonicalizeUrl(urlWithoutHash);
1315
+ }
1261
1316
  }
1262
1317
 
1263
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1318
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
1264
1319
 
1265
1320
  /*
1266
1321
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1424,7 +1479,7 @@ class UrlString {
1424
1479
  }
1425
1480
  }
1426
1481
 
1427
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1482
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
1428
1483
 
1429
1484
  /*
1430
1485
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1563,7 +1618,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
1563
1618
  return null;
1564
1619
  }
1565
1620
 
1566
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1621
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
1567
1622
  /*
1568
1623
  * Copyright (c) Microsoft Corporation. All rights reserved.
1569
1624
  * Licensed under the MIT License.
@@ -1571,7 +1626,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
1571
1626
  const cacheQuotaExceeded = "cache_quota_exceeded";
1572
1627
  const cacheErrorUnknown = "cache_error_unknown";
1573
1628
 
1574
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1629
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
1575
1630
 
1576
1631
  /*
1577
1632
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1616,7 +1671,7 @@ function createCacheError(e) {
1616
1671
  }
1617
1672
  }
1618
1673
 
1619
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1674
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
1620
1675
 
1621
1676
  /*
1622
1677
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2724,7 +2779,7 @@ class DefaultStorageClass extends CacheManager {
2724
2779
  }
2725
2780
  }
2726
2781
 
2727
- /*! @azure/msal-common v15.11.0 2025-08-12 */
2782
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
2728
2783
  /*
2729
2784
  * Copyright (c) Microsoft Corporation. All rights reserved.
2730
2785
  * Licensed under the MIT License.
@@ -2748,7 +2803,7 @@ const ProtocolMode = {
2748
2803
  EAR: "EAR",
2749
2804
  };
2750
2805
 
2751
- /*! @azure/msal-common v15.11.0 2025-08-12 */
2806
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
2752
2807
  /*
2753
2808
  * Copyright (c) Microsoft Corporation. All rights reserved.
2754
2809
  * Licensed under the MIT License.
@@ -3015,7 +3070,7 @@ const PerformanceEvents = {
3015
3070
  const PerformanceEventStatus = {
3016
3071
  InProgress: 1};
3017
3072
 
3018
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3073
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3019
3074
 
3020
3075
  /*
3021
3076
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3094,7 +3149,7 @@ class StubPerformanceClient {
3094
3149
  }
3095
3150
  }
3096
3151
 
3097
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3152
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3098
3153
 
3099
3154
  /*
3100
3155
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3194,7 +3249,7 @@ function isOidcProtocolMode(config) {
3194
3249
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3195
3250
  }
3196
3251
 
3197
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3252
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3198
3253
  /*
3199
3254
  * Copyright (c) Microsoft Corporation. All rights reserved.
3200
3255
  * Licensed under the MIT License.
@@ -3204,7 +3259,7 @@ const CcsCredentialType = {
3204
3259
  UPN: "UPN",
3205
3260
  };
3206
3261
 
3207
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3262
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3208
3263
 
3209
3264
  /*
3210
3265
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3244,7 +3299,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
3244
3299
  };
3245
3300
  }
3246
3301
 
3247
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3302
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3248
3303
  /*
3249
3304
  * Copyright (c) Microsoft Corporation. All rights reserved.
3250
3305
  * Licensed under the MIT License.
@@ -3294,7 +3349,7 @@ const INSTANCE_AWARE = "instance_aware";
3294
3349
  const EAR_JWK = "ear_jwk";
3295
3350
  const EAR_JWE_CRYPTO = "ear_jwe_crypto";
3296
3351
 
3297
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3352
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3298
3353
 
3299
3354
  /*
3300
3355
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3674,7 +3729,7 @@ function addPostBodyParameters(parameters, bodyParameters) {
3674
3729
  });
3675
3730
  }
3676
3731
 
3677
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3732
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3678
3733
  /*
3679
3734
  * Copyright (c) Microsoft Corporation. All rights reserved.
3680
3735
  * Licensed under the MIT License.
@@ -3689,7 +3744,7 @@ const AuthorityType = {
3689
3744
  Ciam: 3,
3690
3745
  };
3691
3746
 
3692
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3747
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3693
3748
  /*
3694
3749
  * Copyright (c) Microsoft Corporation. All rights reserved.
3695
3750
  * Licensed under the MIT License.
@@ -3701,7 +3756,7 @@ function isOpenIdConfigResponse(response) {
3701
3756
  response.hasOwnProperty("jwks_uri"));
3702
3757
  }
3703
3758
 
3704
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3759
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3705
3760
  /*
3706
3761
  * Copyright (c) Microsoft Corporation. All rights reserved.
3707
3762
  * Licensed under the MIT License.
@@ -3711,7 +3766,7 @@ function isCloudInstanceDiscoveryResponse(response) {
3711
3766
  response.hasOwnProperty("metadata"));
3712
3767
  }
3713
3768
 
3714
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3769
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3715
3770
  /*
3716
3771
  * Copyright (c) Microsoft Corporation. All rights reserved.
3717
3772
  * Licensed under the MIT License.
@@ -3721,7 +3776,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
3721
3776
  response.hasOwnProperty("error_description"));
3722
3777
  }
3723
3778
 
3724
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3779
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3725
3780
  /*
3726
3781
  * Copyright (c) Microsoft Corporation. All rights reserved.
3727
3782
  * Licensed under the MIT License.
@@ -3817,7 +3872,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
3817
3872
  };
3818
3873
  };
3819
3874
 
3820
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3875
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3821
3876
 
3822
3877
  /*
3823
3878
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3923,7 +3978,7 @@ RegionDiscovery.IMDS_OPTIONS = {
3923
3978
  },
3924
3979
  };
3925
3980
 
3926
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3981
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3927
3982
  /*
3928
3983
  * Copyright (c) Microsoft Corporation. All rights reserved.
3929
3984
  * Licensed under the MIT License.
@@ -3988,7 +4043,7 @@ function wasClockTurnedBack(cachedAt) {
3988
4043
  return cachedAtSec > nowSeconds();
3989
4044
  }
3990
4045
 
3991
- /*! @azure/msal-common v15.11.0 2025-08-12 */
4046
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
3992
4047
 
3993
4048
  /*
3994
4049
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4250,7 +4305,7 @@ function isAuthorityMetadataExpired(metadata) {
4250
4305
  return metadata.expiresAt <= nowSeconds();
4251
4306
  }
4252
4307
 
4253
- /*! @azure/msal-common v15.11.0 2025-08-12 */
4308
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
4254
4309
 
4255
4310
  /*
4256
4311
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5089,7 +5144,7 @@ function buildStaticAuthorityOptions(authOptions) {
5089
5144
  };
5090
5145
  }
5091
5146
 
5092
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5147
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5093
5148
 
5094
5149
  /*
5095
5150
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5120,7 +5175,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
5120
5175
  }
5121
5176
  }
5122
5177
 
5123
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5178
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5124
5179
 
5125
5180
  /*
5126
5181
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5139,7 +5194,7 @@ class ServerError extends AuthError {
5139
5194
  }
5140
5195
  }
5141
5196
 
5142
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5197
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5143
5198
  /*
5144
5199
  * Copyright (c) Microsoft Corporation. All rights reserved.
5145
5200
  * Licensed under the MIT License.
@@ -5160,7 +5215,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
5160
5215
  };
5161
5216
  }
5162
5217
 
5163
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5218
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5164
5219
 
5165
5220
  /*
5166
5221
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5247,7 +5302,7 @@ class ThrottlingUtils {
5247
5302
  }
5248
5303
  }
5249
5304
 
5250
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5305
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5251
5306
 
5252
5307
  /*
5253
5308
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5278,7 +5333,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
5278
5333
  return new NetworkError(error, httpStatus, responseHeaders);
5279
5334
  }
5280
5335
 
5281
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5336
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5282
5337
 
5283
5338
  /*
5284
5339
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5426,7 +5481,7 @@ class BaseClient {
5426
5481
  }
5427
5482
  }
5428
5483
 
5429
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5484
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5430
5485
  /*
5431
5486
  * Copyright (c) Microsoft Corporation. All rights reserved.
5432
5487
  * Licensed under the MIT License.
@@ -5448,7 +5503,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
5448
5503
  return null;
5449
5504
  }
5450
5505
 
5451
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5506
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5452
5507
 
5453
5508
  /*
5454
5509
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5663,7 +5718,7 @@ class AccountEntity {
5663
5718
  }
5664
5719
  }
5665
5720
 
5666
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5721
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5667
5722
  /*
5668
5723
  * Copyright (c) Microsoft Corporation. All rights reserved.
5669
5724
  * Licensed under the MIT License.
@@ -5679,7 +5734,7 @@ const consentRequired = "consent_required";
5679
5734
  const loginRequired = "login_required";
5680
5735
  const badToken = "bad_token";
5681
5736
 
5682
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5737
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5683
5738
 
5684
5739
  /*
5685
5740
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5751,7 +5806,7 @@ function createInteractionRequiredAuthError(errorCode) {
5751
5806
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
5752
5807
  }
5753
5808
 
5754
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5809
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5755
5810
 
5756
5811
  /*
5757
5812
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5823,7 +5878,7 @@ class ProtocolUtils {
5823
5878
  }
5824
5879
  }
5825
5880
 
5826
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5881
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5827
5882
 
5828
5883
  /*
5829
5884
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5905,7 +5960,7 @@ class PopTokenGenerator {
5905
5960
  }
5906
5961
  }
5907
5962
 
5908
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5963
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5909
5964
  /*
5910
5965
  * Copyright (c) Microsoft Corporation. All rights reserved.
5911
5966
  * Licensed under the MIT License.
@@ -5932,7 +5987,7 @@ class PopTokenGenerator {
5932
5987
  }
5933
5988
  }
5934
5989
 
5935
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5990
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
5936
5991
 
5937
5992
  /*
5938
5993
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6263,7 +6318,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
6263
6318
  return baseAccount;
6264
6319
  }
6265
6320
 
6266
- /*! @azure/msal-common v15.11.0 2025-08-12 */
6321
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
6267
6322
  /*
6268
6323
  * Copyright (c) Microsoft Corporation. All rights reserved.
6269
6324
  * Licensed under the MIT License.
@@ -6281,7 +6336,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
6281
6336
  }
6282
6337
  }
6283
6338
 
6284
- /*! @azure/msal-common v15.11.0 2025-08-12 */
6339
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
6285
6340
 
6286
6341
  /*
6287
6342
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6516,7 +6571,7 @@ class AuthorizationCodeClient extends BaseClient {
6516
6571
  }
6517
6572
  }
6518
6573
 
6519
- /*! @azure/msal-common v15.11.0 2025-08-12 */
6574
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
6520
6575
 
6521
6576
  /*
6522
6577
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6725,7 +6780,7 @@ class RefreshTokenClient extends BaseClient {
6725
6780
  }
6726
6781
  }
6727
6782
 
6728
- /*! @azure/msal-common v15.11.0 2025-08-12 */
6783
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
6729
6784
 
6730
6785
  /*
6731
6786
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6823,7 +6878,7 @@ class SilentFlowClient extends BaseClient {
6823
6878
  }
6824
6879
  }
6825
6880
 
6826
- /*! @azure/msal-common v15.11.0 2025-08-12 */
6881
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
6827
6882
 
6828
6883
  /*
6829
6884
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6838,7 +6893,7 @@ const StubbedNetworkModule = {
6838
6893
  },
6839
6894
  };
6840
6895
 
6841
- /*! @azure/msal-common v15.11.0 2025-08-12 */
6896
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
6842
6897
 
6843
6898
  /*
6844
6899
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7062,7 +7117,7 @@ function extractLoginHint(account) {
7062
7117
  return account.loginHint || account.idTokenClaims?.login_hint || null;
7063
7118
  }
7064
7119
 
7065
- /*! @azure/msal-common v15.11.0 2025-08-12 */
7120
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
7066
7121
 
7067
7122
  /*
7068
7123
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7325,7 +7380,7 @@ class ServerTelemetryManager {
7325
7380
  }
7326
7381
  }
7327
7382
 
7328
- /*! @azure/msal-common v15.11.0 2025-08-12 */
7383
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
7329
7384
  /*
7330
7385
  * Copyright (c) Microsoft Corporation. All rights reserved.
7331
7386
  * Licensed under the MIT License.
@@ -7333,7 +7388,7 @@ class ServerTelemetryManager {
7333
7388
  const missingKidError = "missing_kid_error";
7334
7389
  const missingAlgError = "missing_alg_error";
7335
7390
 
7336
- /*! @azure/msal-common v15.11.0 2025-08-12 */
7391
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
7337
7392
 
7338
7393
  /*
7339
7394
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7358,7 +7413,7 @@ function createJoseHeaderError(code) {
7358
7413
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
7359
7414
  }
7360
7415
 
7361
- /*! @azure/msal-common v15.11.0 2025-08-12 */
7416
+ /*! @azure/msal-common v15.12.0 2025-08-19 */
7362
7417
 
7363
7418
  /*
7364
7419
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7756,7 +7811,7 @@ function ensureArgumentIsJSONString(argName, argValue, correlationId) {
7756
7811
 
7757
7812
  /* eslint-disable header/header */
7758
7813
  const name = "@azure/msal-browser";
7759
- const version = "4.20.0";
7814
+ const version = "4.21.0";
7760
7815
 
7761
7816
  /*
7762
7817
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -14911,7 +14966,6 @@ const userSwitch = "user_switch";
14911
14966
  const USER_INTERACTION_REQUIRED = "USER_INTERACTION_REQUIRED";
14912
14967
  const USER_CANCEL = "USER_CANCEL";
14913
14968
  const NO_NETWORK = "NO_NETWORK";
14914
- const PERSISTENT_ERROR = "PERSISTENT_ERROR";
14915
14969
  const DISABLED = "DISABLED";
14916
14970
  const ACCOUNT_UNAVAILABLE = "ACCOUNT_UNAVAILABLE";
14917
14971
  const UX_NOT_ALLOWED = "UX_NOT_ALLOWED";
@@ -14938,8 +14992,7 @@ class NativeAuthError extends AuthError {
14938
14992
  function isFatalNativeAuthError(error) {
14939
14993
  if (error.ext &&
14940
14994
  error.ext.status &&
14941
- (error.ext.status === PERSISTENT_ERROR ||
14942
- error.ext.status === DISABLED)) {
14995
+ error.ext.status === DISABLED) {
14943
14996
  return true;
14944
14997
  }
14945
14998
  if (error.ext &&
@@ -15063,10 +15116,10 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15063
15116
  * @param request
15064
15117
  */
15065
15118
  async acquireToken(request, cacheLookupPolicy) {
15066
- this.performanceClient.addQueueMeasurement(PerformanceEvents.NativeInteractionClientAcquireToken, request.correlationId);
15119
+ this.performanceClient.addQueueMeasurement(PerformanceEvents.NativeInteractionClientAcquireToken, this.correlationId);
15067
15120
  this.logger.trace("NativeInteractionClient - acquireToken called.");
15068
15121
  // start the perf measurement
15069
- const nativeATMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.NativeInteractionClientAcquireToken, request.correlationId);
15122
+ const nativeATMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.NativeInteractionClientAcquireToken, this.correlationId);
15070
15123
  const reqTimestamp = nowSeconds();
15071
15124
  const serverTelemetryManager = this.initializeServerTelemetryManager(this.apiId);
15072
15125
  try {
@@ -15085,6 +15138,10 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15085
15138
  catch (e) {
15086
15139
  if (cacheLookupPolicy === CacheLookupPolicy.AccessToken) {
15087
15140
  this.logger.info("MSAL internal Cache does not contain tokens, return error as per cache policy");
15141
+ nativeATMeasurement.end({
15142
+ success: false,
15143
+ brokerErrorCode: "cache_request_failed",
15144
+ });
15088
15145
  throw e;
15089
15146
  }
15090
15147
  // continue with a native call for any and all errors
@@ -15106,7 +15163,6 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15106
15163
  success: false,
15107
15164
  errorCode: error.errorCode,
15108
15165
  subErrorCode: error.subError,
15109
- isNativeBroker: true,
15110
15166
  });
15111
15167
  throw error;
15112
15168
  });
@@ -15115,6 +15171,9 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15115
15171
  if (e instanceof NativeAuthError) {
15116
15172
  serverTelemetryManager.setNativeBrokerErrorCode(e.errorCode);
15117
15173
  }
15174
+ nativeATMeasurement.end({
15175
+ success: false,
15176
+ });
15118
15177
  throw e;
15119
15178
  }
15120
15179
  }
@@ -15236,6 +15295,9 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15236
15295
  const authResult = await this.handleNativeResponse(response, request, reqTimestamp);
15237
15296
  const serverTelemetryManager = this.initializeServerTelemetryManager(this.apiId);
15238
15297
  serverTelemetryManager.clearNativeBrokerErrorCode();
15298
+ if (performanceClient && this.correlationId) {
15299
+ this.performanceClient.addFields({ isNativeBroker: true }, this.correlationId);
15300
+ }
15239
15301
  return authResult;
15240
15302
  }
15241
15303
  catch (e) {
@@ -15552,7 +15614,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15552
15614
  // generate reqCnf if not provided in the request
15553
15615
  let reqCnfData;
15554
15616
  if (!validatedRequest.keyId) {
15555
- const generatedReqCnfData = await invokeAsync(popTokenGenerator.generateCnf.bind(popTokenGenerator), PerformanceEvents.PopTokenGenerateCnf, this.logger, this.performanceClient, request.correlationId)(shrParameters, this.logger);
15617
+ const generatedReqCnfData = await invokeAsync(popTokenGenerator.generateCnf.bind(popTokenGenerator), PerformanceEvents.PopTokenGenerateCnf, this.logger, this.performanceClient, this.correlationId)(shrParameters, this.logger);
15556
15618
  reqCnfData = generatedReqCnfData.reqCnfString;
15557
15619
  validatedRequest.keyId = generatedReqCnfData.kid;
15558
15620
  validatedRequest.signPopToken = true;
@@ -15638,7 +15700,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15638
15700
  this.performanceClient?.addFields({
15639
15701
  embeddedClientId: child_client_id,
15640
15702
  embeddedRedirectUri: child_redirect_uri,
15641
- }, request.correlationId);
15703
+ }, this.correlationId);
15642
15704
  }
15643
15705
  }
15644
15706
 
@@ -15669,6 +15731,10 @@ async function getStandardParameters(config, authority, request, logger, perform
15669
15731
  if (request.platformBroker) {
15670
15732
  // signal ests that this is a WAM call
15671
15733
  addNativeBroker(parameters);
15734
+ // instrument JS-platform bridge specific fields
15735
+ performanceClient.addFields({
15736
+ isPlatformAuthorizeRequest: true,
15737
+ }, request.correlationId);
15672
15738
  // pass the req_cnf for POP
15673
15739
  if (request.authenticationScheme === AuthenticationScheme.POP) {
15674
15740
  const cryptoOps = new CryptoOps(logger, performanceClient);
@@ -17337,8 +17403,8 @@ class RedirectClient extends StandardInteractionClient {
17337
17403
  }
17338
17404
  // If navigateToLoginRequestUrl is true, get the url where the redirect request was initiated
17339
17405
  const loginRequestUrl = this.browserStorage.getTemporaryCache(TemporaryCacheKeys.ORIGIN_URI, true) || Constants.EMPTY_STRING;
17340
- const loginRequestUrlNormalized = UrlString.removeHashFromUrl(loginRequestUrl);
17341
- const currentUrlNormalized = UrlString.removeHashFromUrl(window.location.href);
17406
+ const loginRequestUrlNormalized = normalizeUrlForComparison(loginRequestUrl);
17407
+ const currentUrlNormalized = normalizeUrlForComparison(window.location.href);
17342
17408
  if (loginRequestUrlNormalized === currentUrlNormalized &&
17343
17409
  this.config.auth.navigateToLoginRequestUrl) {
17344
17410
  // We are on the page we need to navigate to - handle hash
@@ -18467,6 +18533,9 @@ class StandardController {
18467
18533
  if (useNative && this.platformAuthProvider) {
18468
18534
  rootMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenRedirect, platformBrokerRequest?.correlationId || "");
18469
18535
  this.logger.trace("handleRedirectPromise - acquiring token from native platform");
18536
+ rootMeasurement.add({
18537
+ isPlatformBrokerRequest: true,
18538
+ });
18470
18539
  const nativeClient = new PlatformAuthInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.handleRedirectPromise, this.performanceClient, this.platformAuthProvider, platformBrokerRequest.accountId, this.nativeInternalStorage, platformBrokerRequest.correlationId);
18471
18540
  redirectResponse = invokeAsync(nativeClient.handleRedirectPromise.bind(nativeClient), PerformanceEvents.HandleNativeRedirectPromiseMeasurement, this.logger, this.performanceClient, rootMeasurement.event.correlationId)(this.performanceClient, rootMeasurement.event.correlationId);
18472
18541
  }
@@ -18602,9 +18671,13 @@ class StandardController {
18602
18671
  result = nativeClient
18603
18672
  .acquireTokenRedirect(request, atrMeasurement)
18604
18673
  .catch((e) => {
18674
+ atrMeasurement.add({
18675
+ brokerErrorName: e.name,
18676
+ brokerErrorCode: e.errorCode,
18677
+ });
18605
18678
  if (e instanceof NativeAuthError &&
18606
18679
  isFatalNativeAuthError(e)) {
18607
- this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
18680
+ this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt platform broker calls
18608
18681
  const redirectClient = this.createRedirectClient(correlationId);
18609
18682
  return redirectClient.acquireToken(request);
18610
18683
  }
@@ -18681,6 +18754,9 @@ class StandardController {
18681
18754
  let result;
18682
18755
  const pkce = this.getPreGeneratedPkceCodes(correlationId);
18683
18756
  if (this.canUsePlatformBroker(request)) {
18757
+ atPopupMeasurement.add({
18758
+ isPlatformBrokerRequest: true,
18759
+ });
18684
18760
  result = this.acquireTokenNative({
18685
18761
  ...request,
18686
18762
  correlationId,
@@ -18688,15 +18764,18 @@ class StandardController {
18688
18764
  .then((response) => {
18689
18765
  atPopupMeasurement.end({
18690
18766
  success: true,
18691
- isNativeBroker: true,
18692
18767
  accountType: getAccountType(response.account),
18693
18768
  });
18694
18769
  return response;
18695
18770
  })
18696
18771
  .catch((e) => {
18772
+ atPopupMeasurement.add({
18773
+ brokerErrorName: e.name,
18774
+ brokerErrorCode: e.errorCode,
18775
+ });
18697
18776
  if (e instanceof NativeAuthError &&
18698
18777
  isFatalNativeAuthError(e)) {
18699
- this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
18778
+ this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to continuing to attempt platform broker calls
18700
18779
  const popupClient = this.createPopupClient(correlationId);
18701
18780
  return popupClient.acquireToken(request, pkce);
18702
18781
  }
@@ -18802,7 +18881,14 @@ class StandardController {
18802
18881
  this.eventHandler.emitEvent(EventType.SSO_SILENT_START, InteractionType.Silent, validRequest);
18803
18882
  let result;
18804
18883
  if (this.canUsePlatformBroker(validRequest)) {
18884
+ this.ssoSilentMeasurement?.add({
18885
+ isPlatformBrokerRequest: true,
18886
+ });
18805
18887
  result = this.acquireTokenNative(validRequest, ApiId.ssoSilent).catch((e) => {
18888
+ this.ssoSilentMeasurement?.add({
18889
+ brokerErrorName: e.name,
18890
+ brokerErrorCode: e.errorCode,
18891
+ });
18806
18892
  // If native token acquisition fails for availability reasons fallback to standard flow
18807
18893
  if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
18808
18894
  this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
@@ -18821,7 +18907,6 @@ class StandardController {
18821
18907
  this.eventHandler.emitEvent(EventType.SSO_SILENT_SUCCESS, InteractionType.Silent, response);
18822
18908
  this.ssoSilentMeasurement?.end({
18823
18909
  success: true,
18824
- isNativeBroker: response.fromNativeBroker,
18825
18910
  accessTokenSize: response.accessToken.length,
18826
18911
  idTokenSize: response.idToken.length,
18827
18912
  accountType: getAccountType(response.account),
@@ -18875,7 +18960,6 @@ class StandardController {
18875
18960
  this.hybridAuthCodeResponses.delete(hybridAuthCode);
18876
18961
  atbcMeasurement.end({
18877
18962
  success: true,
18878
- isNativeBroker: result.fromNativeBroker,
18879
18963
  accessTokenSize: result.accessToken.length,
18880
18964
  idTokenSize: result.idToken.length,
18881
18965
  accountType: getAccountType(result.account),
@@ -18900,6 +18984,9 @@ class StandardController {
18900
18984
  }
18901
18985
  else if (request.nativeAccountId) {
18902
18986
  if (this.canUsePlatformBroker(request, request.nativeAccountId)) {
18987
+ atbcMeasurement.add({
18988
+ isPlatformBrokerRequest: true,
18989
+ });
18903
18990
  const result = await this.acquireTokenNative({
18904
18991
  ...request,
18905
18992
  correlationId,
@@ -18909,6 +18996,10 @@ class StandardController {
18909
18996
  isFatalNativeAuthError(e)) {
18910
18997
  this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
18911
18998
  }
18999
+ atbcMeasurement.add({
19000
+ brokerErrorName: e.name,
19001
+ brokerErrorCode: e.errorCode,
19002
+ });
18912
19003
  throw e;
18913
19004
  });
18914
19005
  atbcMeasurement.end({
@@ -18953,7 +19044,6 @@ class StandardController {
18953
19044
  this.acquireTokenByCodeAsyncMeasurement?.end({
18954
19045
  success: true,
18955
19046
  fromCache: response.fromCache,
18956
- isNativeBroker: response.fromNativeBroker,
18957
19047
  });
18958
19048
  return response;
18959
19049
  })
@@ -19451,7 +19541,6 @@ class StandardController {
19451
19541
  atsMeasurement.end({
19452
19542
  success: true,
19453
19543
  fromCache: result.fromCache,
19454
- isNativeBroker: result.fromNativeBroker,
19455
19544
  accessTokenSize: result.accessToken.length,
19456
19545
  idTokenSize: result.idToken.length,
19457
19546
  });
@@ -19584,7 +19673,6 @@ class StandardController {
19584
19673
  if (request.correlationId) {
19585
19674
  this.performanceClient.addFields({
19586
19675
  fromCache: response.fromCache,
19587
- isNativeBroker: response.fromNativeBroker,
19588
19676
  }, request.correlationId);
19589
19677
  }
19590
19678
  return response;
@@ -19608,7 +19696,12 @@ class StandardController {
19608
19696
  if (isPlatformAuthAllowed(this.config, this.logger, this.platformAuthProvider, silentRequest.authenticationScheme) &&
19609
19697
  silentRequest.account.nativeAccountId) {
19610
19698
  this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform");
19699
+ this.performanceClient.addFields({ isPlatformBrokerRequest: true }, silentRequest.correlationId);
19611
19700
  return this.acquireTokenNative(silentRequest, ApiId.acquireTokenSilent_silentFlow, silentRequest.account.nativeAccountId, cacheLookupPolicy).catch(async (e) => {
19701
+ this.performanceClient.addFields({
19702
+ brokerErrorName: e.name,
19703
+ brokerErrorCode: e.errorCode,
19704
+ }, silentRequest.correlationId);
19612
19705
  // If native token acquisition fails for availability reasons fallback to web flow
19613
19706
  if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
19614
19707
  this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow");