@azure/msal-browser 4.20.0 → 4.21.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (383) hide show
  1. package/README.md +30 -0
  2. package/dist/app/IPublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientApplication.mjs +1 -1
  4. package/dist/app/PublicClientNext.mjs +1 -1
  5. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +2 -3
  6. package/dist/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  8. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  9. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  10. package/dist/cache/AccountManager.mjs +1 -1
  11. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  12. package/dist/cache/BrowserCacheManager.mjs +1 -1
  13. package/dist/cache/CacheHelpers.mjs +1 -1
  14. package/dist/cache/CacheKeys.mjs +1 -1
  15. package/dist/cache/CookieStorage.mjs +1 -1
  16. package/dist/cache/DatabaseStorage.mjs +1 -1
  17. package/dist/cache/EncryptedData.mjs +1 -1
  18. package/dist/cache/LocalStorage.mjs +1 -1
  19. package/dist/cache/MemoryStorage.mjs +1 -1
  20. package/dist/cache/SessionStorage.mjs +1 -1
  21. package/dist/cache/TokenCache.mjs +1 -1
  22. package/dist/config/Configuration.mjs +1 -1
  23. package/dist/controllers/ControllerFactory.mjs +1 -1
  24. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  25. package/dist/controllers/StandardController.d.ts.map +1 -1
  26. package/dist/controllers/StandardController.mjs +36 -9
  27. package/dist/controllers/StandardController.mjs.map +1 -1
  28. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  29. package/dist/crypto/BrowserCrypto.mjs +1 -1
  30. package/dist/crypto/CryptoOps.mjs +1 -1
  31. package/dist/crypto/PkceGenerator.mjs +1 -1
  32. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  33. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  34. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +2 -3
  35. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
  36. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  37. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  38. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  39. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  40. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  41. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  42. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  43. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  44. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  45. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  46. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  47. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  48. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  49. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  50. package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
  51. package/dist/custom-auth-path/config/Configuration.mjs +1 -1
  52. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  53. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  54. package/dist/custom-auth-path/controllers/StandardController.mjs +36 -9
  55. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  56. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  57. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  58. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  59. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  60. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  61. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  62. package/dist/custom-auth-path/custom_auth/configuration/CustomAuthConfiguration.d.ts +1 -0
  63. package/dist/custom-auth-path/custom_auth/configuration/CustomAuthConfiguration.d.ts.map +1 -1
  64. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
  65. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +2 -2
  66. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs.map +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts +5 -0
  69. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts.map +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +8 -1
  71. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs.map +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.d.ts +2 -1
  75. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.d.ts.map +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +5 -3
  77. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs.map +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts.map +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +2 -2
  97. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs.map +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts.map +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +5 -5
  101. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs.map +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts +3 -0
  104. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts.map +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +8 -1
  106. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs.map +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts +3 -0
  108. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts.map +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +8 -1
  110. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs.map +1 -1
  111. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts +3 -0
  112. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts.map +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +8 -1
  114. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs.map +1 -1
  115. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.d.ts +0 -15
  134. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.d.ts.map +1 -1
  135. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -22
  136. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs.map +1 -1
  137. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.d.ts +0 -10
  149. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.d.ts.map +1 -1
  150. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -15
  151. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs.map +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCredentialResult.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.d.ts +0 -25
  166. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.d.ts.map +1 -1
  167. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -36
  168. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs.map +1 -1
  169. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  170. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  171. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  172. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  173. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  174. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  175. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  176. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  177. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  178. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  179. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  180. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  181. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  182. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  183. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  184. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  185. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  186. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  187. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  188. package/dist/custom-auth-path/error/NativeAuthError.d.ts.map +1 -1
  189. package/dist/custom-auth-path/error/NativeAuthError.mjs +3 -4
  190. package/dist/custom-auth-path/error/NativeAuthError.mjs.map +1 -1
  191. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  192. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  193. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  194. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  195. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  196. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  197. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +15 -6
  198. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  199. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  200. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +4 -4
  201. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
  202. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  203. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  204. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
  205. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  206. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
  207. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  208. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
  209. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  210. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  211. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  212. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  213. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  214. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  215. package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
  216. package/dist/custom-auth-path/protocol/Authorize.mjs +5 -1
  217. package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
  218. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  219. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  220. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  221. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  222. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  223. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  224. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
  225. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  226. package/dist/custom_auth/configuration/CustomAuthConfiguration.d.ts +1 -0
  227. package/dist/custom_auth/configuration/CustomAuthConfiguration.d.ts.map +1 -1
  228. package/dist/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
  229. package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts +5 -0
  230. package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts.map +1 -1
  231. package/dist/custom_auth/core/error/CustomAuthApiError.d.ts +2 -1
  232. package/dist/custom_auth/core/error/CustomAuthApiError.d.ts.map +1 -1
  233. package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts.map +1 -1
  234. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts +1 -1
  235. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts.map +1 -1
  236. package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts +3 -0
  237. package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts.map +1 -1
  238. package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts +3 -0
  239. package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts.map +1 -1
  240. package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts +3 -0
  241. package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts.map +1 -1
  242. package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.d.ts +0 -15
  243. package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.d.ts.map +1 -1
  244. package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.d.ts +0 -10
  245. package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.d.ts.map +1 -1
  246. package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.d.ts +0 -25
  247. package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.d.ts.map +1 -1
  248. package/dist/encode/Base64Decode.mjs +1 -1
  249. package/dist/encode/Base64Encode.mjs +1 -1
  250. package/dist/error/BrowserAuthError.mjs +1 -1
  251. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  252. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  253. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  254. package/dist/error/NativeAuthError.d.ts.map +1 -1
  255. package/dist/error/NativeAuthError.mjs +3 -4
  256. package/dist/error/NativeAuthError.mjs.map +1 -1
  257. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  258. package/dist/error/NestedAppAuthError.mjs +1 -1
  259. package/dist/event/EventHandler.mjs +1 -1
  260. package/dist/event/EventMessage.mjs +1 -1
  261. package/dist/event/EventType.mjs +1 -1
  262. package/dist/index.mjs +1 -1
  263. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  264. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  265. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  266. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +15 -6
  267. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  268. package/dist/interaction_client/PopupClient.mjs +1 -1
  269. package/dist/interaction_client/RedirectClient.mjs +4 -4
  270. package/dist/interaction_client/RedirectClient.mjs.map +1 -1
  271. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  272. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  273. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  274. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  275. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  276. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  277. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  278. package/dist/naa/BridgeError.mjs +1 -1
  279. package/dist/naa/BridgeProxy.mjs +1 -1
  280. package/dist/naa/BridgeStatusCode.mjs +1 -1
  281. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  282. package/dist/navigation/NavigationClient.mjs +1 -1
  283. package/dist/network/FetchClient.mjs +1 -1
  284. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  285. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  286. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  287. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  288. package/dist/packageMetadata.d.ts +1 -1
  289. package/dist/packageMetadata.mjs +2 -2
  290. package/dist/protocol/Authorize.d.ts.map +1 -1
  291. package/dist/protocol/Authorize.mjs +5 -1
  292. package/dist/protocol/Authorize.mjs.map +1 -1
  293. package/dist/request/RequestHelpers.mjs +1 -1
  294. package/dist/response/ResponseHandler.mjs +1 -1
  295. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  296. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  297. package/dist/utils/BrowserConstants.mjs +1 -1
  298. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  299. package/dist/utils/BrowserUtils.mjs +1 -1
  300. package/dist/utils/Helpers.mjs +1 -1
  301. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  302. package/lib/custom-auth-path/msal-custom-auth.cjs +215 -162
  303. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  304. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  305. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  306. package/lib/custom-auth-path/types/custom_auth/configuration/CustomAuthConfiguration.d.ts +1 -0
  307. package/lib/custom-auth-path/types/custom_auth/configuration/CustomAuthConfiguration.d.ts.map +1 -1
  308. package/lib/custom-auth-path/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
  309. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts +5 -0
  310. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts.map +1 -1
  311. package/lib/custom-auth-path/types/custom_auth/core/error/CustomAuthApiError.d.ts +2 -1
  312. package/lib/custom-auth-path/types/custom_auth/core/error/CustomAuthApiError.d.ts.map +1 -1
  313. package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts.map +1 -1
  314. package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts +1 -1
  315. package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts.map +1 -1
  316. package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts +3 -0
  317. package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts.map +1 -1
  318. package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts +3 -0
  319. package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts.map +1 -1
  320. package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts +3 -0
  321. package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts.map +1 -1
  322. package/lib/custom-auth-path/types/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.d.ts +0 -15
  323. package/lib/custom-auth-path/types/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.d.ts.map +1 -1
  324. package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/error_type/SignInError.d.ts +0 -10
  325. package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/error_type/SignInError.d.ts.map +1 -1
  326. package/lib/custom-auth-path/types/custom_auth/sign_up/auth_flow/error_type/SignUpError.d.ts +0 -25
  327. package/lib/custom-auth-path/types/custom_auth/sign_up/auth_flow/error_type/SignUpError.d.ts.map +1 -1
  328. package/lib/custom-auth-path/types/error/NativeAuthError.d.ts.map +1 -1
  329. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  330. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  331. package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
  332. package/lib/msal-browser.cjs +179 -86
  333. package/lib/msal-browser.cjs.map +1 -1
  334. package/lib/msal-browser.js +179 -86
  335. package/lib/msal-browser.js.map +1 -1
  336. package/lib/msal-browser.min.js +66 -66
  337. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  338. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  339. package/lib/types/custom_auth/configuration/CustomAuthConfiguration.d.ts +1 -0
  340. package/lib/types/custom_auth/configuration/CustomAuthConfiguration.d.ts.map +1 -1
  341. package/lib/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
  342. package/lib/types/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts +5 -0
  343. package/lib/types/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts.map +1 -1
  344. package/lib/types/custom_auth/core/error/CustomAuthApiError.d.ts +2 -1
  345. package/lib/types/custom_auth/core/error/CustomAuthApiError.d.ts.map +1 -1
  346. package/lib/types/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts.map +1 -1
  347. package/lib/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts +1 -1
  348. package/lib/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts.map +1 -1
  349. package/lib/types/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts +3 -0
  350. package/lib/types/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts.map +1 -1
  351. package/lib/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts +3 -0
  352. package/lib/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts.map +1 -1
  353. package/lib/types/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts +3 -0
  354. package/lib/types/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts.map +1 -1
  355. package/lib/types/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.d.ts +0 -15
  356. package/lib/types/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.d.ts.map +1 -1
  357. package/lib/types/custom_auth/sign_in/auth_flow/error_type/SignInError.d.ts +0 -10
  358. package/lib/types/custom_auth/sign_in/auth_flow/error_type/SignInError.d.ts.map +1 -1
  359. package/lib/types/custom_auth/sign_up/auth_flow/error_type/SignUpError.d.ts +0 -25
  360. package/lib/types/custom_auth/sign_up/auth_flow/error_type/SignUpError.d.ts.map +1 -1
  361. package/lib/types/error/NativeAuthError.d.ts.map +1 -1
  362. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  363. package/lib/types/packageMetadata.d.ts +1 -1
  364. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  365. package/package.json +2 -2
  366. package/src/controllers/StandardController.ts +42 -9
  367. package/src/custom_auth/configuration/CustomAuthConfiguration.ts +1 -0
  368. package/src/custom_auth/controller/CustomAuthStandardController.ts +2 -1
  369. package/src/custom_auth/core/auth_flow/AuthFlowErrorBase.ts +8 -0
  370. package/src/custom_auth/core/error/CustomAuthApiError.ts +3 -2
  371. package/src/custom_auth/core/network_client/custom_auth_api/BaseApiClient.ts +4 -1
  372. package/src/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.ts +8 -4
  373. package/src/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.ts +16 -0
  374. package/src/custom_auth/core/network_client/custom_auth_api/SignInApiClient.ts +16 -0
  375. package/src/custom_auth/core/network_client/custom_auth_api/SignupApiClient.ts +16 -0
  376. package/src/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.ts +1 -25
  377. package/src/custom_auth/sign_in/auth_flow/error_type/SignInError.ts +1 -17
  378. package/src/custom_auth/sign_up/auth_flow/error_type/SignUpError.ts +1 -41
  379. package/src/error/NativeAuthError.ts +1 -2
  380. package/src/interaction_client/PlatformAuthInteractionClient.ts +17 -5
  381. package/src/interaction_client/RedirectClient.ts +2 -2
  382. package/src/packageMetadata.ts +1 -1
  383. package/src/protocol/Authorize.ts +8 -0
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v4.20.0 2025-08-12 */
1
+ /*! @azure/msal-browser v4.21.1 2025-08-27 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -276,7 +276,7 @@ const JsonWebTokenTypes = {
276
276
  // Token renewal offset default in seconds
277
277
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
278
278
 
279
- /*! @azure/msal-common v15.11.0 2025-08-12 */
279
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
280
280
  /*
281
281
  * Copyright (c) Microsoft Corporation. All rights reserved.
282
282
  * Licensed under the MIT License.
@@ -287,7 +287,7 @@ const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
287
287
  const unexpectedError = "unexpected_error";
288
288
  const postRequestFailed$1 = "post_request_failed";
289
289
 
290
- /*! @azure/msal-common v15.11.0 2025-08-12 */
290
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
291
291
 
292
292
  /*
293
293
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -322,7 +322,7 @@ function createAuthError(code, additionalMessage) {
322
322
  : AuthErrorMessages[code]);
323
323
  }
324
324
 
325
- /*! @azure/msal-common v15.11.0 2025-08-12 */
325
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
326
326
  /*
327
327
  * Copyright (c) Microsoft Corporation. All rights reserved.
328
328
  * Licensed under the MIT License.
@@ -372,7 +372,7 @@ const missingTenantIdError = "missing_tenant_id_error";
372
372
  const methodNotImplemented = "method_not_implemented";
373
373
  const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
374
374
 
375
- /*! @azure/msal-common v15.11.0 2025-08-12 */
375
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
376
376
 
377
377
  /*
378
378
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -446,7 +446,7 @@ function createClientAuthError(errorCode, additionalMessage) {
446
446
  return new ClientAuthError(errorCode, additionalMessage);
447
447
  }
448
448
 
449
- /*! @azure/msal-common v15.11.0 2025-08-12 */
449
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
450
450
 
451
451
  /*
452
452
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -485,7 +485,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
485
485
  },
486
486
  };
487
487
 
488
- /*! @azure/msal-common v15.11.0 2025-08-12 */
488
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
489
489
 
490
490
  /*
491
491
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -676,12 +676,12 @@ class Logger {
676
676
  }
677
677
  }
678
678
 
679
- /*! @azure/msal-common v15.11.0 2025-08-12 */
679
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
680
680
  /* eslint-disable header/header */
681
681
  const name$1 = "@azure/msal-common";
682
- const version$1 = "15.11.0";
682
+ const version$1 = "15.12.0";
683
683
 
684
- /*! @azure/msal-common v15.11.0 2025-08-12 */
684
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
685
685
  /*
686
686
  * Copyright (c) Microsoft Corporation. All rights reserved.
687
687
  * Licensed under the MIT License.
@@ -690,7 +690,7 @@ const AzureCloudInstance = {
690
690
  // AzureCloudInstance is not specified.
691
691
  None: "none"};
692
692
 
693
- /*! @azure/msal-common v15.11.0 2025-08-12 */
693
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
694
694
  /*
695
695
  * Copyright (c) Microsoft Corporation. All rights reserved.
696
696
  * Licensed under the MIT License.
@@ -719,7 +719,7 @@ const authorityMismatch = "authority_mismatch";
719
719
  const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
720
720
  const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
721
721
 
722
- /*! @azure/msal-common v15.11.0 2025-08-12 */
722
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
723
723
 
724
724
  /*
725
725
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -764,7 +764,7 @@ function createClientConfigurationError(errorCode) {
764
764
  return new ClientConfigurationError(errorCode);
765
765
  }
766
766
 
767
- /*! @azure/msal-common v15.11.0 2025-08-12 */
767
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
768
768
  /*
769
769
  * Copyright (c) Microsoft Corporation. All rights reserved.
770
770
  * Licensed under the MIT License.
@@ -861,7 +861,7 @@ class StringUtils {
861
861
  }
862
862
  }
863
863
 
864
- /*! @azure/msal-common v15.11.0 2025-08-12 */
864
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
865
865
 
866
866
  /*
867
867
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -905,7 +905,11 @@ class ScopeSet {
905
905
  * @returns
906
906
  */
907
907
  static createSearchScopes(inputScopeString) {
908
- const scopeSet = new ScopeSet(inputScopeString);
908
+ // Handle empty scopes by using default OIDC scopes for cache lookup
909
+ const scopesToUse = inputScopeString && inputScopeString.length > 0
910
+ ? inputScopeString
911
+ : [...OIDC_DEFAULT_SCOPES];
912
+ const scopeSet = new ScopeSet(scopesToUse);
909
913
  if (!scopeSet.containsOnlyOIDCScopes()) {
910
914
  scopeSet.removeOIDCScopes();
911
915
  }
@@ -1052,7 +1056,7 @@ class ScopeSet {
1052
1056
  }
1053
1057
  }
1054
1058
 
1055
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1059
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
1056
1060
  /*
1057
1061
  * Copyright (c) Microsoft Corporation. All rights reserved.
1058
1062
  * Licensed under the MIT License.
@@ -1134,7 +1138,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1134
1138
  return updatedAccountInfo;
1135
1139
  }
1136
1140
 
1137
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1141
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
1138
1142
 
1139
1143
  /*
1140
1144
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1195,12 +1199,34 @@ function checkMaxAge(authTime, maxAge) {
1195
1199
  }
1196
1200
  }
1197
1201
 
1198
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1202
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
1199
1203
 
1200
1204
  /*
1201
1205
  * Copyright (c) Microsoft Corporation. All rights reserved.
1202
1206
  * Licensed under the MIT License.
1203
1207
  */
1208
+ /**
1209
+ * Canonicalizes a URL by making it lowercase and ensuring it ends with /
1210
+ * Inlined version of UrlString.canonicalizeUri to avoid circular dependency
1211
+ * @param url - URL to canonicalize
1212
+ * @returns Canonicalized URL
1213
+ */
1214
+ function canonicalizeUrl(url) {
1215
+ if (!url) {
1216
+ return url;
1217
+ }
1218
+ let lowerCaseUrl = url.toLowerCase();
1219
+ if (StringUtils.endsWith(lowerCaseUrl, "?")) {
1220
+ lowerCaseUrl = lowerCaseUrl.slice(0, -1);
1221
+ }
1222
+ else if (StringUtils.endsWith(lowerCaseUrl, "?/")) {
1223
+ lowerCaseUrl = lowerCaseUrl.slice(0, -2);
1224
+ }
1225
+ if (!StringUtils.endsWith(lowerCaseUrl, "/")) {
1226
+ lowerCaseUrl += "/";
1227
+ }
1228
+ return lowerCaseUrl;
1229
+ }
1204
1230
  /**
1205
1231
  * Parses hash string from given string. Returns empty string if no hash symbol is found.
1206
1232
  * @param hashString
@@ -1258,9 +1284,38 @@ function mapToQueryString(parameters, encodeExtraParams = true, extraQueryParame
1258
1284
  }
1259
1285
  });
1260
1286
  return queryParameterArray.join("&");
1287
+ }
1288
+ /**
1289
+ * Normalizes URLs for comparison by removing hash, canonicalizing,
1290
+ * and ensuring consistent URL encoding in query parameters.
1291
+ * This fixes redirect loops when URLs contain encoded characters like apostrophes (%27).
1292
+ * @param url - URL to normalize
1293
+ * @returns Normalized URL string for comparison
1294
+ */
1295
+ function normalizeUrlForComparison(url) {
1296
+ if (!url) {
1297
+ return url;
1298
+ }
1299
+ // Remove hash first
1300
+ const urlWithoutHash = url.split("#")[0];
1301
+ try {
1302
+ // Parse the URL to handle encoding consistently
1303
+ const urlObj = new URL(urlWithoutHash);
1304
+ /*
1305
+ * Reconstruct the URL with properly decoded query parameters
1306
+ * This ensures that %27 and ' are treated as equivalent
1307
+ */
1308
+ const normalizedUrl = urlObj.origin + urlObj.pathname + urlObj.search;
1309
+ // Apply canonicalization logic inline to avoid circular dependency
1310
+ return canonicalizeUrl(normalizedUrl);
1311
+ }
1312
+ catch (e) {
1313
+ // Fallback to original logic if URL parsing fails
1314
+ return canonicalizeUrl(urlWithoutHash);
1315
+ }
1261
1316
  }
1262
1317
 
1263
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1318
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
1264
1319
 
1265
1320
  /*
1266
1321
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1424,7 +1479,7 @@ class UrlString {
1424
1479
  }
1425
1480
  }
1426
1481
 
1427
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1482
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
1428
1483
 
1429
1484
  /*
1430
1485
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1563,7 +1618,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
1563
1618
  return null;
1564
1619
  }
1565
1620
 
1566
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1621
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
1567
1622
  /*
1568
1623
  * Copyright (c) Microsoft Corporation. All rights reserved.
1569
1624
  * Licensed under the MIT License.
@@ -1571,7 +1626,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
1571
1626
  const cacheQuotaExceeded = "cache_quota_exceeded";
1572
1627
  const cacheErrorUnknown = "cache_error_unknown";
1573
1628
 
1574
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1629
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
1575
1630
 
1576
1631
  /*
1577
1632
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1616,7 +1671,7 @@ function createCacheError(e) {
1616
1671
  }
1617
1672
  }
1618
1673
 
1619
- /*! @azure/msal-common v15.11.0 2025-08-12 */
1674
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
1620
1675
 
1621
1676
  /*
1622
1677
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2724,7 +2779,7 @@ class DefaultStorageClass extends CacheManager {
2724
2779
  }
2725
2780
  }
2726
2781
 
2727
- /*! @azure/msal-common v15.11.0 2025-08-12 */
2782
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
2728
2783
  /*
2729
2784
  * Copyright (c) Microsoft Corporation. All rights reserved.
2730
2785
  * Licensed under the MIT License.
@@ -2748,7 +2803,7 @@ const ProtocolMode = {
2748
2803
  EAR: "EAR",
2749
2804
  };
2750
2805
 
2751
- /*! @azure/msal-common v15.11.0 2025-08-12 */
2806
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
2752
2807
  /*
2753
2808
  * Copyright (c) Microsoft Corporation. All rights reserved.
2754
2809
  * Licensed under the MIT License.
@@ -3015,7 +3070,7 @@ const PerformanceEvents = {
3015
3070
  const PerformanceEventStatus = {
3016
3071
  InProgress: 1};
3017
3072
 
3018
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3073
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3019
3074
 
3020
3075
  /*
3021
3076
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3094,7 +3149,7 @@ class StubPerformanceClient {
3094
3149
  }
3095
3150
  }
3096
3151
 
3097
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3152
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3098
3153
 
3099
3154
  /*
3100
3155
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3194,7 +3249,7 @@ function isOidcProtocolMode(config) {
3194
3249
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3195
3250
  }
3196
3251
 
3197
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3252
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3198
3253
  /*
3199
3254
  * Copyright (c) Microsoft Corporation. All rights reserved.
3200
3255
  * Licensed under the MIT License.
@@ -3204,7 +3259,7 @@ const CcsCredentialType = {
3204
3259
  UPN: "UPN",
3205
3260
  };
3206
3261
 
3207
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3262
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3208
3263
 
3209
3264
  /*
3210
3265
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3244,7 +3299,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
3244
3299
  };
3245
3300
  }
3246
3301
 
3247
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3302
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3248
3303
  /*
3249
3304
  * Copyright (c) Microsoft Corporation. All rights reserved.
3250
3305
  * Licensed under the MIT License.
@@ -3294,7 +3349,7 @@ const INSTANCE_AWARE = "instance_aware";
3294
3349
  const EAR_JWK = "ear_jwk";
3295
3350
  const EAR_JWE_CRYPTO = "ear_jwe_crypto";
3296
3351
 
3297
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3352
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3298
3353
 
3299
3354
  /*
3300
3355
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3674,7 +3729,7 @@ function addPostBodyParameters(parameters, bodyParameters) {
3674
3729
  });
3675
3730
  }
3676
3731
 
3677
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3732
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3678
3733
  /*
3679
3734
  * Copyright (c) Microsoft Corporation. All rights reserved.
3680
3735
  * Licensed under the MIT License.
@@ -3689,7 +3744,7 @@ const AuthorityType = {
3689
3744
  Ciam: 3,
3690
3745
  };
3691
3746
 
3692
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3747
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3693
3748
  /*
3694
3749
  * Copyright (c) Microsoft Corporation. All rights reserved.
3695
3750
  * Licensed under the MIT License.
@@ -3701,7 +3756,7 @@ function isOpenIdConfigResponse(response) {
3701
3756
  response.hasOwnProperty("jwks_uri"));
3702
3757
  }
3703
3758
 
3704
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3759
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3705
3760
  /*
3706
3761
  * Copyright (c) Microsoft Corporation. All rights reserved.
3707
3762
  * Licensed under the MIT License.
@@ -3711,7 +3766,7 @@ function isCloudInstanceDiscoveryResponse(response) {
3711
3766
  response.hasOwnProperty("metadata"));
3712
3767
  }
3713
3768
 
3714
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3769
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3715
3770
  /*
3716
3771
  * Copyright (c) Microsoft Corporation. All rights reserved.
3717
3772
  * Licensed under the MIT License.
@@ -3721,7 +3776,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
3721
3776
  response.hasOwnProperty("error_description"));
3722
3777
  }
3723
3778
 
3724
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3779
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3725
3780
  /*
3726
3781
  * Copyright (c) Microsoft Corporation. All rights reserved.
3727
3782
  * Licensed under the MIT License.
@@ -3817,7 +3872,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
3817
3872
  };
3818
3873
  };
3819
3874
 
3820
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3875
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3821
3876
 
3822
3877
  /*
3823
3878
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3923,7 +3978,7 @@ RegionDiscovery.IMDS_OPTIONS = {
3923
3978
  },
3924
3979
  };
3925
3980
 
3926
- /*! @azure/msal-common v15.11.0 2025-08-12 */
3981
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3927
3982
  /*
3928
3983
  * Copyright (c) Microsoft Corporation. All rights reserved.
3929
3984
  * Licensed under the MIT License.
@@ -3988,7 +4043,7 @@ function wasClockTurnedBack(cachedAt) {
3988
4043
  return cachedAtSec > nowSeconds();
3989
4044
  }
3990
4045
 
3991
- /*! @azure/msal-common v15.11.0 2025-08-12 */
4046
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
3992
4047
 
3993
4048
  /*
3994
4049
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4250,7 +4305,7 @@ function isAuthorityMetadataExpired(metadata) {
4250
4305
  return metadata.expiresAt <= nowSeconds();
4251
4306
  }
4252
4307
 
4253
- /*! @azure/msal-common v15.11.0 2025-08-12 */
4308
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
4254
4309
 
4255
4310
  /*
4256
4311
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5089,7 +5144,7 @@ function buildStaticAuthorityOptions(authOptions) {
5089
5144
  };
5090
5145
  }
5091
5146
 
5092
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5147
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5093
5148
 
5094
5149
  /*
5095
5150
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5120,7 +5175,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
5120
5175
  }
5121
5176
  }
5122
5177
 
5123
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5178
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5124
5179
 
5125
5180
  /*
5126
5181
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5139,7 +5194,7 @@ class ServerError extends AuthError {
5139
5194
  }
5140
5195
  }
5141
5196
 
5142
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5197
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5143
5198
  /*
5144
5199
  * Copyright (c) Microsoft Corporation. All rights reserved.
5145
5200
  * Licensed under the MIT License.
@@ -5160,7 +5215,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
5160
5215
  };
5161
5216
  }
5162
5217
 
5163
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5218
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5164
5219
 
5165
5220
  /*
5166
5221
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5247,7 +5302,7 @@ class ThrottlingUtils {
5247
5302
  }
5248
5303
  }
5249
5304
 
5250
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5305
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5251
5306
 
5252
5307
  /*
5253
5308
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5278,7 +5333,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
5278
5333
  return new NetworkError(error, httpStatus, responseHeaders);
5279
5334
  }
5280
5335
 
5281
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5336
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5282
5337
 
5283
5338
  /*
5284
5339
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5426,7 +5481,7 @@ class BaseClient {
5426
5481
  }
5427
5482
  }
5428
5483
 
5429
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5484
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5430
5485
  /*
5431
5486
  * Copyright (c) Microsoft Corporation. All rights reserved.
5432
5487
  * Licensed under the MIT License.
@@ -5448,7 +5503,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
5448
5503
  return null;
5449
5504
  }
5450
5505
 
5451
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5506
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5452
5507
 
5453
5508
  /*
5454
5509
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5663,7 +5718,7 @@ class AccountEntity {
5663
5718
  }
5664
5719
  }
5665
5720
 
5666
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5721
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5667
5722
  /*
5668
5723
  * Copyright (c) Microsoft Corporation. All rights reserved.
5669
5724
  * Licensed under the MIT License.
@@ -5679,7 +5734,7 @@ const consentRequired = "consent_required";
5679
5734
  const loginRequired = "login_required";
5680
5735
  const badToken = "bad_token";
5681
5736
 
5682
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5737
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5683
5738
 
5684
5739
  /*
5685
5740
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5751,7 +5806,7 @@ function createInteractionRequiredAuthError(errorCode) {
5751
5806
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
5752
5807
  }
5753
5808
 
5754
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5809
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5755
5810
 
5756
5811
  /*
5757
5812
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5823,7 +5878,7 @@ class ProtocolUtils {
5823
5878
  }
5824
5879
  }
5825
5880
 
5826
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5881
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5827
5882
 
5828
5883
  /*
5829
5884
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5905,7 +5960,7 @@ class PopTokenGenerator {
5905
5960
  }
5906
5961
  }
5907
5962
 
5908
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5963
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5909
5964
  /*
5910
5965
  * Copyright (c) Microsoft Corporation. All rights reserved.
5911
5966
  * Licensed under the MIT License.
@@ -5932,7 +5987,7 @@ class PopTokenGenerator {
5932
5987
  }
5933
5988
  }
5934
5989
 
5935
- /*! @azure/msal-common v15.11.0 2025-08-12 */
5990
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
5936
5991
 
5937
5992
  /*
5938
5993
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6263,7 +6318,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
6263
6318
  return baseAccount;
6264
6319
  }
6265
6320
 
6266
- /*! @azure/msal-common v15.11.0 2025-08-12 */
6321
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
6267
6322
  /*
6268
6323
  * Copyright (c) Microsoft Corporation. All rights reserved.
6269
6324
  * Licensed under the MIT License.
@@ -6281,7 +6336,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
6281
6336
  }
6282
6337
  }
6283
6338
 
6284
- /*! @azure/msal-common v15.11.0 2025-08-12 */
6339
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
6285
6340
 
6286
6341
  /*
6287
6342
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6516,7 +6571,7 @@ class AuthorizationCodeClient extends BaseClient {
6516
6571
  }
6517
6572
  }
6518
6573
 
6519
- /*! @azure/msal-common v15.11.0 2025-08-12 */
6574
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
6520
6575
 
6521
6576
  /*
6522
6577
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6725,7 +6780,7 @@ class RefreshTokenClient extends BaseClient {
6725
6780
  }
6726
6781
  }
6727
6782
 
6728
- /*! @azure/msal-common v15.11.0 2025-08-12 */
6783
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
6729
6784
 
6730
6785
  /*
6731
6786
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6823,7 +6878,7 @@ class SilentFlowClient extends BaseClient {
6823
6878
  }
6824
6879
  }
6825
6880
 
6826
- /*! @azure/msal-common v15.11.0 2025-08-12 */
6881
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
6827
6882
 
6828
6883
  /*
6829
6884
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6838,7 +6893,7 @@ const StubbedNetworkModule = {
6838
6893
  },
6839
6894
  };
6840
6895
 
6841
- /*! @azure/msal-common v15.11.0 2025-08-12 */
6896
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
6842
6897
 
6843
6898
  /*
6844
6899
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7062,7 +7117,7 @@ function extractLoginHint(account) {
7062
7117
  return account.loginHint || account.idTokenClaims?.login_hint || null;
7063
7118
  }
7064
7119
 
7065
- /*! @azure/msal-common v15.11.0 2025-08-12 */
7120
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
7066
7121
 
7067
7122
  /*
7068
7123
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7325,7 +7380,7 @@ class ServerTelemetryManager {
7325
7380
  }
7326
7381
  }
7327
7382
 
7328
- /*! @azure/msal-common v15.11.0 2025-08-12 */
7383
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
7329
7384
  /*
7330
7385
  * Copyright (c) Microsoft Corporation. All rights reserved.
7331
7386
  * Licensed under the MIT License.
@@ -7333,7 +7388,7 @@ class ServerTelemetryManager {
7333
7388
  const missingKidError = "missing_kid_error";
7334
7389
  const missingAlgError = "missing_alg_error";
7335
7390
 
7336
- /*! @azure/msal-common v15.11.0 2025-08-12 */
7391
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
7337
7392
 
7338
7393
  /*
7339
7394
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7358,7 +7413,7 @@ function createJoseHeaderError(code) {
7358
7413
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
7359
7414
  }
7360
7415
 
7361
- /*! @azure/msal-common v15.11.0 2025-08-12 */
7416
+ /*! @azure/msal-common v15.12.0 2025-08-27 */
7362
7417
 
7363
7418
  /*
7364
7419
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7498,8 +7553,10 @@ class AuthFlowResultBase {
7498
7553
  * Error when no required authentication method by Microsoft Entra is supported
7499
7554
  */
7500
7555
  class RedirectError extends CustomAuthError {
7501
- constructor(correlationId) {
7502
- super("redirect", "No required authentication method by Microsoft Entra is supported, a fallback to the web-based authentication flow is needed.", correlationId);
7556
+ constructor(correlationId, redirectReason) {
7557
+ super("redirect", redirectReason ||
7558
+ "Redirect Error, a fallback to the browser-delegated authentication is needed. Use loginPopup instead.", correlationId);
7559
+ this.redirectReason = redirectReason;
7503
7560
  Object.setPrototypeOf(this, RedirectError.prototype);
7504
7561
  }
7505
7562
  }
@@ -7680,6 +7737,13 @@ class AuthActionErrorBase extends AuthFlowErrorBase {
7680
7737
  isTokenExpired() {
7681
7738
  return this.isTokenExpiredError();
7682
7739
  }
7740
+ /**
7741
+ * Check if client app supports the challenge type configured in Entra.
7742
+ * @returns {boolean} True if client app doesn't support the challenge type configured in Entra, "loginPopup" function is required to continue the operation.
7743
+ */
7744
+ isRedirectRequired() {
7745
+ return this.isRedirectError();
7746
+ }
7683
7747
  }
7684
7748
 
7685
7749
  /*
@@ -7756,7 +7820,7 @@ function ensureArgumentIsJSONString(argName, argValue, correlationId) {
7756
7820
 
7757
7821
  /* eslint-disable header/header */
7758
7822
  const name = "@azure/msal-browser";
7759
- const version = "4.20.0";
7823
+ const version = "4.21.1";
7760
7824
 
7761
7825
  /*
7762
7826
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7929,13 +7993,6 @@ class SignInError extends AuthActionErrorBase {
7929
7993
  isUnsupportedChallengeType() {
7930
7994
  return this.isUnsupportedChallengeTypeError();
7931
7995
  }
7932
- /**
7933
- * Check if client app supports the challenge type configured in Entra.
7934
- * @returns {boolean} True if "loginPopup" function is required to continue sthe operation.
7935
- */
7936
- isRedirectRequired() {
7937
- return this.isRedirectError();
7938
- }
7939
7996
  }
7940
7997
  class SignInSubmitPasswordError extends AuthActionErrorBase {
7941
7998
  /**
@@ -7956,13 +8013,6 @@ class SignInSubmitCodeError extends AuthActionErrorBase {
7956
8013
  }
7957
8014
  }
7958
8015
  class SignInResendCodeError extends AuthActionErrorBase {
7959
- /**
7960
- * Check if client app supports the challenge type configured in Entra.
7961
- * @returns {boolean} True if "loginPopup" function is required to continue sthe operation.
7962
- */
7963
- isRedirectRequired() {
7964
- return this.isRedirectError();
7965
- }
7966
8016
  }
7967
8017
 
7968
8018
  /*
@@ -8576,13 +8626,6 @@ class SignUpError extends AuthActionErrorBase {
8576
8626
  isUnsupportedChallengeType() {
8577
8627
  return this.isUnsupportedChallengeTypeError();
8578
8628
  }
8579
- /**
8580
- * Check if client app supports the challenge type configured in Entra.
8581
- * @returns {boolean} True if "loginPopup" function is required to continue sthe operation.
8582
- */
8583
- isRedirectRequired() {
8584
- return this.isRedirectError();
8585
- }
8586
8629
  }
8587
8630
  class SignUpSubmitPasswordError extends AuthActionErrorBase {
8588
8631
  /**
@@ -8592,13 +8635,6 @@ class SignUpSubmitPasswordError extends AuthActionErrorBase {
8592
8635
  isInvalidPassword() {
8593
8636
  return (this.isPasswordIncorrectError() || this.isInvalidNewPasswordError());
8594
8637
  }
8595
- /**
8596
- * Check if client app supports the challenge type configured in Entra.
8597
- * @returns {boolean} True if "loginPopup" function is required to continue sthe operation.
8598
- */
8599
- isRedirectRequired() {
8600
- return this.isRedirectError();
8601
- }
8602
8638
  }
8603
8639
  class SignUpSubmitCodeError extends AuthActionErrorBase {
8604
8640
  /**
@@ -8608,13 +8644,6 @@ class SignUpSubmitCodeError extends AuthActionErrorBase {
8608
8644
  isInvalidCode() {
8609
8645
  return this.isInvalidCodeError();
8610
8646
  }
8611
- /**
8612
- * Check if client app supports the challenge type configured in Entra.
8613
- * @returns {boolean} True if "loginPopup" function is required to continue sthe operation.
8614
- */
8615
- isRedirectRequired() {
8616
- return this.isRedirectError();
8617
- }
8618
8647
  }
8619
8648
  class SignUpSubmitAttributesError extends AuthActionErrorBase {
8620
8649
  /**
@@ -8631,22 +8660,8 @@ class SignUpSubmitAttributesError extends AuthActionErrorBase {
8631
8660
  isAttributesValidationFailed() {
8632
8661
  return this.isAttributeValidationFailedError();
8633
8662
  }
8634
- /**
8635
- * Check if client app supports the challenge type configured in Entra.
8636
- * @returns {boolean} True if "loginPopup" function is required to continue sthe operation.
8637
- */
8638
- isRedirectRequired() {
8639
- return this.isRedirectError();
8640
- }
8641
8663
  }
8642
8664
  class SignUpResendCodeError extends AuthActionErrorBase {
8643
- /**
8644
- * Check if client app supports the challenge type configured in Entra.
8645
- * @returns {boolean} True if "loginPopup" function is required to continue sthe operation.
8646
- */
8647
- isRedirectRequired() {
8648
- return this.isRedirectError();
8649
- }
8650
8665
  }
8651
8666
 
8652
8667
  /*
@@ -10846,13 +10861,6 @@ class ResetPasswordError extends AuthActionErrorBase {
10846
10861
  isUnsupportedChallengeType() {
10847
10862
  return this.isUnsupportedChallengeTypeError();
10848
10863
  }
10849
- /**
10850
- * Check if client app supports the challenge type configured in Entra.
10851
- * @returns {boolean} True if client app doesn't support the challenge type configured in Entra, "loginPopup" function is required to continue the operation.
10852
- */
10853
- isRedirectRequired() {
10854
- return this.isRedirectError();
10855
- }
10856
10864
  }
10857
10865
  class ResetPasswordSubmitPasswordError extends AuthActionErrorBase {
10858
10866
  /**
@@ -10882,22 +10890,8 @@ class ResetPasswordSubmitCodeError extends AuthActionErrorBase {
10882
10890
  isInvalidCode() {
10883
10891
  return this.isInvalidCodeError();
10884
10892
  }
10885
- /**
10886
- * Check if client app supports the challenge type configured in Entra.
10887
- * @returns {boolean} True if client app doesn't support the challenge type configured in Entra, "loginPopup" function is required to continue the operation.
10888
- */
10889
- isRedirectRequired() {
10890
- return this.isRedirectError();
10891
- }
10892
10893
  }
10893
10894
  class ResetPasswordResendCodeError extends AuthActionErrorBase {
10894
- /**
10895
- * Check if client app supports the challenge type configured in Entra.
10896
- * @returns {boolean} True if client app doesn't support the challenge type configured in Entra, "loginPopup" function is required to continue the operation.
10897
- */
10898
- isRedirectRequired() {
10899
- return this.isRedirectError();
10900
- }
10901
10895
  }
10902
10896
 
10903
10897
  /*
@@ -11657,7 +11651,7 @@ class BaseApiClient {
11657
11651
  // Ensure the response doesn't have redirect challenge type
11658
11652
  if (typeof responseData === "object" &&
11659
11653
  responseData.challenge_type === ChallengeType.REDIRECT) {
11660
- throw new RedirectError(correlationId);
11654
+ throw new RedirectError(correlationId, responseData.redirect_reason);
11661
11655
  }
11662
11656
  return {
11663
11657
  ...responseData,
@@ -11681,6 +11675,10 @@ class BaseApiClient {
11681
11675
  * Licensed under the MIT License.
11682
11676
  */
11683
11677
  class ResetPasswordApiClient extends BaseApiClient {
11678
+ constructor(customAuthApiBaseUrl, clientId, httpClient, capabilities) {
11679
+ super(customAuthApiBaseUrl, clientId, httpClient);
11680
+ this.capabilities = capabilities;
11681
+ }
11684
11682
  /**
11685
11683
  * Start the password reset flow
11686
11684
  */
@@ -11688,6 +11686,9 @@ class ResetPasswordApiClient extends BaseApiClient {
11688
11686
  const result = await this.request(RESET_PWD_START, {
11689
11687
  challenge_type: params.challenge_type,
11690
11688
  username: params.username,
11689
+ ...(this.capabilities && {
11690
+ capabilities: this.capabilities,
11691
+ }),
11691
11692
  }, params.telemetryManager, params.correlationId);
11692
11693
  this.ensureContinuationTokenIsValid(result.continuation_token, params.correlationId);
11693
11694
  return result;
@@ -11758,6 +11759,10 @@ class ResetPasswordApiClient extends BaseApiClient {
11758
11759
  * Licensed under the MIT License.
11759
11760
  */
11760
11761
  class SignupApiClient extends BaseApiClient {
11762
+ constructor(customAuthApiBaseUrl, clientId, httpClient, capabilities) {
11763
+ super(customAuthApiBaseUrl, clientId, httpClient);
11764
+ this.capabilities = capabilities;
11765
+ }
11761
11766
  /**
11762
11767
  * Start the sign-up flow
11763
11768
  */
@@ -11769,6 +11774,9 @@ class SignupApiClient extends BaseApiClient {
11769
11774
  attributes: JSON.stringify(params.attributes),
11770
11775
  }),
11771
11776
  challenge_type: params.challenge_type,
11777
+ ...(this.capabilities && {
11778
+ capabilities: this.capabilities,
11779
+ }),
11772
11780
  }, params.telemetryManager, params.correlationId);
11773
11781
  this.ensureContinuationTokenIsValid(result.continuation_token, params.correlationId);
11774
11782
  return result;
@@ -11821,6 +11829,10 @@ class SignupApiClient extends BaseApiClient {
11821
11829
  * Licensed under the MIT License.
11822
11830
  */
11823
11831
  class SignInApiClient extends BaseApiClient {
11832
+ constructor(customAuthApiBaseUrl, clientId, httpClient, capabilities) {
11833
+ super(customAuthApiBaseUrl, clientId, httpClient);
11834
+ this.capabilities = capabilities;
11835
+ }
11824
11836
  /**
11825
11837
  * Initiates the sign-in flow
11826
11838
  * @param username User's email
@@ -11830,6 +11842,9 @@ class SignInApiClient extends BaseApiClient {
11830
11842
  const result = await this.request(SIGNIN_INITIATE, {
11831
11843
  username: params.username,
11832
11844
  challenge_type: params.challenge_type,
11845
+ ...(this.capabilities && {
11846
+ capabilities: this.capabilities,
11847
+ }),
11833
11848
  }, params.telemetryManager, params.correlationId);
11834
11849
  this.ensureContinuationTokenIsValid(result.continuation_token, params.correlationId);
11835
11850
  return result;
@@ -11927,10 +11942,10 @@ class SignInApiClient extends BaseApiClient {
11927
11942
  * Licensed under the MIT License.
11928
11943
  */
11929
11944
  class CustomAuthApiClient {
11930
- constructor(customAuthApiBaseUrl, clientId, httpClient) {
11931
- this.signInApi = new SignInApiClient(customAuthApiBaseUrl, clientId, httpClient);
11932
- this.signUpApi = new SignupApiClient(customAuthApiBaseUrl, clientId, httpClient);
11933
- this.resetPasswordApi = new ResetPasswordApiClient(customAuthApiBaseUrl, clientId, httpClient);
11945
+ constructor(customAuthApiBaseUrl, clientId, httpClient, capabilities) {
11946
+ this.signInApi = new SignInApiClient(customAuthApiBaseUrl, clientId, httpClient, capabilities);
11947
+ this.signUpApi = new SignupApiClient(customAuthApiBaseUrl, clientId, httpClient, capabilities);
11948
+ this.resetPasswordApi = new ResetPasswordApiClient(customAuthApiBaseUrl, clientId, httpClient, capabilities);
11934
11949
  }
11935
11950
  }
11936
11951
 
@@ -14911,7 +14926,6 @@ const userSwitch = "user_switch";
14911
14926
  const USER_INTERACTION_REQUIRED = "USER_INTERACTION_REQUIRED";
14912
14927
  const USER_CANCEL = "USER_CANCEL";
14913
14928
  const NO_NETWORK = "NO_NETWORK";
14914
- const PERSISTENT_ERROR = "PERSISTENT_ERROR";
14915
14929
  const DISABLED = "DISABLED";
14916
14930
  const ACCOUNT_UNAVAILABLE = "ACCOUNT_UNAVAILABLE";
14917
14931
  const UX_NOT_ALLOWED = "UX_NOT_ALLOWED";
@@ -14938,8 +14952,7 @@ class NativeAuthError extends AuthError {
14938
14952
  function isFatalNativeAuthError(error) {
14939
14953
  if (error.ext &&
14940
14954
  error.ext.status &&
14941
- (error.ext.status === PERSISTENT_ERROR ||
14942
- error.ext.status === DISABLED)) {
14955
+ error.ext.status === DISABLED) {
14943
14956
  return true;
14944
14957
  }
14945
14958
  if (error.ext &&
@@ -15063,10 +15076,10 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15063
15076
  * @param request
15064
15077
  */
15065
15078
  async acquireToken(request, cacheLookupPolicy) {
15066
- this.performanceClient.addQueueMeasurement(PerformanceEvents.NativeInteractionClientAcquireToken, request.correlationId);
15079
+ this.performanceClient.addQueueMeasurement(PerformanceEvents.NativeInteractionClientAcquireToken, this.correlationId);
15067
15080
  this.logger.trace("NativeInteractionClient - acquireToken called.");
15068
15081
  // start the perf measurement
15069
- const nativeATMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.NativeInteractionClientAcquireToken, request.correlationId);
15082
+ const nativeATMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.NativeInteractionClientAcquireToken, this.correlationId);
15070
15083
  const reqTimestamp = nowSeconds();
15071
15084
  const serverTelemetryManager = this.initializeServerTelemetryManager(this.apiId);
15072
15085
  try {
@@ -15085,6 +15098,10 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15085
15098
  catch (e) {
15086
15099
  if (cacheLookupPolicy === CacheLookupPolicy.AccessToken) {
15087
15100
  this.logger.info("MSAL internal Cache does not contain tokens, return error as per cache policy");
15101
+ nativeATMeasurement.end({
15102
+ success: false,
15103
+ brokerErrorCode: "cache_request_failed",
15104
+ });
15088
15105
  throw e;
15089
15106
  }
15090
15107
  // continue with a native call for any and all errors
@@ -15106,7 +15123,6 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15106
15123
  success: false,
15107
15124
  errorCode: error.errorCode,
15108
15125
  subErrorCode: error.subError,
15109
- isNativeBroker: true,
15110
15126
  });
15111
15127
  throw error;
15112
15128
  });
@@ -15115,6 +15131,9 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15115
15131
  if (e instanceof NativeAuthError) {
15116
15132
  serverTelemetryManager.setNativeBrokerErrorCode(e.errorCode);
15117
15133
  }
15134
+ nativeATMeasurement.end({
15135
+ success: false,
15136
+ });
15118
15137
  throw e;
15119
15138
  }
15120
15139
  }
@@ -15236,6 +15255,9 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15236
15255
  const authResult = await this.handleNativeResponse(response, request, reqTimestamp);
15237
15256
  const serverTelemetryManager = this.initializeServerTelemetryManager(this.apiId);
15238
15257
  serverTelemetryManager.clearNativeBrokerErrorCode();
15258
+ if (performanceClient && this.correlationId) {
15259
+ this.performanceClient.addFields({ isNativeBroker: true }, this.correlationId);
15260
+ }
15239
15261
  return authResult;
15240
15262
  }
15241
15263
  catch (e) {
@@ -15552,7 +15574,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15552
15574
  // generate reqCnf if not provided in the request
15553
15575
  let reqCnfData;
15554
15576
  if (!validatedRequest.keyId) {
15555
- const generatedReqCnfData = await invokeAsync(popTokenGenerator.generateCnf.bind(popTokenGenerator), PerformanceEvents.PopTokenGenerateCnf, this.logger, this.performanceClient, request.correlationId)(shrParameters, this.logger);
15577
+ const generatedReqCnfData = await invokeAsync(popTokenGenerator.generateCnf.bind(popTokenGenerator), PerformanceEvents.PopTokenGenerateCnf, this.logger, this.performanceClient, this.correlationId)(shrParameters, this.logger);
15556
15578
  reqCnfData = generatedReqCnfData.reqCnfString;
15557
15579
  validatedRequest.keyId = generatedReqCnfData.kid;
15558
15580
  validatedRequest.signPopToken = true;
@@ -15638,7 +15660,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
15638
15660
  this.performanceClient?.addFields({
15639
15661
  embeddedClientId: child_client_id,
15640
15662
  embeddedRedirectUri: child_redirect_uri,
15641
- }, request.correlationId);
15663
+ }, this.correlationId);
15642
15664
  }
15643
15665
  }
15644
15666
 
@@ -15669,6 +15691,10 @@ async function getStandardParameters(config, authority, request, logger, perform
15669
15691
  if (request.platformBroker) {
15670
15692
  // signal ests that this is a WAM call
15671
15693
  addNativeBroker(parameters);
15694
+ // instrument JS-platform bridge specific fields
15695
+ performanceClient.addFields({
15696
+ isPlatformAuthorizeRequest: true,
15697
+ }, request.correlationId);
15672
15698
  // pass the req_cnf for POP
15673
15699
  if (request.authenticationScheme === AuthenticationScheme.POP) {
15674
15700
  const cryptoOps = new CryptoOps(logger, performanceClient);
@@ -17337,8 +17363,8 @@ class RedirectClient extends StandardInteractionClient {
17337
17363
  }
17338
17364
  // If navigateToLoginRequestUrl is true, get the url where the redirect request was initiated
17339
17365
  const loginRequestUrl = this.browserStorage.getTemporaryCache(TemporaryCacheKeys.ORIGIN_URI, true) || Constants.EMPTY_STRING;
17340
- const loginRequestUrlNormalized = UrlString.removeHashFromUrl(loginRequestUrl);
17341
- const currentUrlNormalized = UrlString.removeHashFromUrl(window.location.href);
17366
+ const loginRequestUrlNormalized = normalizeUrlForComparison(loginRequestUrl);
17367
+ const currentUrlNormalized = normalizeUrlForComparison(window.location.href);
17342
17368
  if (loginRequestUrlNormalized === currentUrlNormalized &&
17343
17369
  this.config.auth.navigateToLoginRequestUrl) {
17344
17370
  // We are on the page we need to navigate to - handle hash
@@ -18467,6 +18493,9 @@ class StandardController {
18467
18493
  if (useNative && this.platformAuthProvider) {
18468
18494
  rootMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenRedirect, platformBrokerRequest?.correlationId || "");
18469
18495
  this.logger.trace("handleRedirectPromise - acquiring token from native platform");
18496
+ rootMeasurement.add({
18497
+ isPlatformBrokerRequest: true,
18498
+ });
18470
18499
  const nativeClient = new PlatformAuthInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.handleRedirectPromise, this.performanceClient, this.platformAuthProvider, platformBrokerRequest.accountId, this.nativeInternalStorage, platformBrokerRequest.correlationId);
18471
18500
  redirectResponse = invokeAsync(nativeClient.handleRedirectPromise.bind(nativeClient), PerformanceEvents.HandleNativeRedirectPromiseMeasurement, this.logger, this.performanceClient, rootMeasurement.event.correlationId)(this.performanceClient, rootMeasurement.event.correlationId);
18472
18501
  }
@@ -18602,9 +18631,13 @@ class StandardController {
18602
18631
  result = nativeClient
18603
18632
  .acquireTokenRedirect(request, atrMeasurement)
18604
18633
  .catch((e) => {
18634
+ atrMeasurement.add({
18635
+ brokerErrorName: e.name,
18636
+ brokerErrorCode: e.errorCode,
18637
+ });
18605
18638
  if (e instanceof NativeAuthError &&
18606
18639
  isFatalNativeAuthError(e)) {
18607
- this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
18640
+ this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt platform broker calls
18608
18641
  const redirectClient = this.createRedirectClient(correlationId);
18609
18642
  return redirectClient.acquireToken(request);
18610
18643
  }
@@ -18681,6 +18714,9 @@ class StandardController {
18681
18714
  let result;
18682
18715
  const pkce = this.getPreGeneratedPkceCodes(correlationId);
18683
18716
  if (this.canUsePlatformBroker(request)) {
18717
+ atPopupMeasurement.add({
18718
+ isPlatformBrokerRequest: true,
18719
+ });
18684
18720
  result = this.acquireTokenNative({
18685
18721
  ...request,
18686
18722
  correlationId,
@@ -18688,15 +18724,18 @@ class StandardController {
18688
18724
  .then((response) => {
18689
18725
  atPopupMeasurement.end({
18690
18726
  success: true,
18691
- isNativeBroker: true,
18692
18727
  accountType: getAccountType(response.account),
18693
18728
  });
18694
18729
  return response;
18695
18730
  })
18696
18731
  .catch((e) => {
18732
+ atPopupMeasurement.add({
18733
+ brokerErrorName: e.name,
18734
+ brokerErrorCode: e.errorCode,
18735
+ });
18697
18736
  if (e instanceof NativeAuthError &&
18698
18737
  isFatalNativeAuthError(e)) {
18699
- this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
18738
+ this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to continuing to attempt platform broker calls
18700
18739
  const popupClient = this.createPopupClient(correlationId);
18701
18740
  return popupClient.acquireToken(request, pkce);
18702
18741
  }
@@ -18802,7 +18841,14 @@ class StandardController {
18802
18841
  this.eventHandler.emitEvent(EventType.SSO_SILENT_START, InteractionType.Silent, validRequest);
18803
18842
  let result;
18804
18843
  if (this.canUsePlatformBroker(validRequest)) {
18844
+ this.ssoSilentMeasurement?.add({
18845
+ isPlatformBrokerRequest: true,
18846
+ });
18805
18847
  result = this.acquireTokenNative(validRequest, ApiId.ssoSilent).catch((e) => {
18848
+ this.ssoSilentMeasurement?.add({
18849
+ brokerErrorName: e.name,
18850
+ brokerErrorCode: e.errorCode,
18851
+ });
18806
18852
  // If native token acquisition fails for availability reasons fallback to standard flow
18807
18853
  if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
18808
18854
  this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
@@ -18821,7 +18867,6 @@ class StandardController {
18821
18867
  this.eventHandler.emitEvent(EventType.SSO_SILENT_SUCCESS, InteractionType.Silent, response);
18822
18868
  this.ssoSilentMeasurement?.end({
18823
18869
  success: true,
18824
- isNativeBroker: response.fromNativeBroker,
18825
18870
  accessTokenSize: response.accessToken.length,
18826
18871
  idTokenSize: response.idToken.length,
18827
18872
  accountType: getAccountType(response.account),
@@ -18875,7 +18920,6 @@ class StandardController {
18875
18920
  this.hybridAuthCodeResponses.delete(hybridAuthCode);
18876
18921
  atbcMeasurement.end({
18877
18922
  success: true,
18878
- isNativeBroker: result.fromNativeBroker,
18879
18923
  accessTokenSize: result.accessToken.length,
18880
18924
  idTokenSize: result.idToken.length,
18881
18925
  accountType: getAccountType(result.account),
@@ -18900,6 +18944,9 @@ class StandardController {
18900
18944
  }
18901
18945
  else if (request.nativeAccountId) {
18902
18946
  if (this.canUsePlatformBroker(request, request.nativeAccountId)) {
18947
+ atbcMeasurement.add({
18948
+ isPlatformBrokerRequest: true,
18949
+ });
18903
18950
  const result = await this.acquireTokenNative({
18904
18951
  ...request,
18905
18952
  correlationId,
@@ -18909,6 +18956,10 @@ class StandardController {
18909
18956
  isFatalNativeAuthError(e)) {
18910
18957
  this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
18911
18958
  }
18959
+ atbcMeasurement.add({
18960
+ brokerErrorName: e.name,
18961
+ brokerErrorCode: e.errorCode,
18962
+ });
18912
18963
  throw e;
18913
18964
  });
18914
18965
  atbcMeasurement.end({
@@ -18953,7 +19004,6 @@ class StandardController {
18953
19004
  this.acquireTokenByCodeAsyncMeasurement?.end({
18954
19005
  success: true,
18955
19006
  fromCache: response.fromCache,
18956
- isNativeBroker: response.fromNativeBroker,
18957
19007
  });
18958
19008
  return response;
18959
19009
  })
@@ -19451,7 +19501,6 @@ class StandardController {
19451
19501
  atsMeasurement.end({
19452
19502
  success: true,
19453
19503
  fromCache: result.fromCache,
19454
- isNativeBroker: result.fromNativeBroker,
19455
19504
  accessTokenSize: result.accessToken.length,
19456
19505
  idTokenSize: result.idToken.length,
19457
19506
  });
@@ -19584,7 +19633,6 @@ class StandardController {
19584
19633
  if (request.correlationId) {
19585
19634
  this.performanceClient.addFields({
19586
19635
  fromCache: response.fromCache,
19587
- isNativeBroker: response.fromNativeBroker,
19588
19636
  }, request.correlationId);
19589
19637
  }
19590
19638
  return response;
@@ -19608,7 +19656,12 @@ class StandardController {
19608
19656
  if (isPlatformAuthAllowed(this.config, this.logger, this.platformAuthProvider, silentRequest.authenticationScheme) &&
19609
19657
  silentRequest.account.nativeAccountId) {
19610
19658
  this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform");
19659
+ this.performanceClient.addFields({ isPlatformBrokerRequest: true }, silentRequest.correlationId);
19611
19660
  return this.acquireTokenNative(silentRequest, ApiId.acquireTokenSilent_silentFlow, silentRequest.account.nativeAccountId, cacheLookupPolicy).catch(async (e) => {
19661
+ this.performanceClient.addFields({
19662
+ brokerErrorName: e.name,
19663
+ brokerErrorCode: e.errorCode,
19664
+ }, silentRequest.correlationId);
19612
19665
  // If native token acquisition fails for availability reasons fallback to web flow
19613
19666
  if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
19614
19667
  this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow");
@@ -19723,7 +19776,7 @@ class CustomAuthStandardController extends StandardController {
19723
19776
  this.customAuthConfig = operatingContext.getCustomAuthConfig();
19724
19777
  this.authority = new CustomAuthAuthority(this.customAuthConfig.auth.authority, this.customAuthConfig, this.networkClient, this.browserStorage, this.logger, this.customAuthConfig.customAuth?.authApiProxyUrl);
19725
19778
  const interactionClientFactory = new CustomAuthInterationClientFactory(this.customAuthConfig, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, this.performanceClient, customAuthApiClient ??
19726
- new CustomAuthApiClient(this.authority.getCustomAuthApiDomain(), this.customAuthConfig.auth.clientId, new FetchHttpClient(this.logger)), this.authority);
19779
+ new CustomAuthApiClient(this.authority.getCustomAuthApiDomain(), this.customAuthConfig.auth.clientId, new FetchHttpClient(this.logger), this.customAuthConfig.customAuth?.capabilities?.join(" ")), this.authority);
19727
19780
  this.signInClient = interactionClientFactory.create(SignInClient);
19728
19781
  this.signUpClient = interactionClientFactory.create(SignUpClient);
19729
19782
  this.resetPasswordClient =