@azure/msal-browser 4.24.1 → 5.0.0-alpha.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.d.ts +2 -9
- package/dist/app/IPublicClientApplication.d.ts.map +1 -1
- package/dist/app/IPublicClientApplication.mjs +1 -22
- package/dist/app/IPublicClientApplication.mjs.map +1 -1
- package/dist/app/PublicClientApplication.d.ts +3 -49
- package/dist/app/PublicClientApplication.d.ts.map +1 -1
- package/dist/app/PublicClientApplication.mjs +8 -65
- package/dist/app/PublicClientApplication.mjs.map +1 -1
- package/dist/app/PublicClientNext.d.ts +2 -49
- package/dist/app/PublicClientNext.d.ts.map +1 -1
- package/dist/app/PublicClientNext.mjs +3 -63
- package/dist/app/PublicClientNext.mjs.map +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +3 -2
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +13 -15
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +27 -29
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts +4 -2
- package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +19 -18
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
- package/dist/cache/AccountManager.d.ts.map +1 -1
- package/dist/cache/AccountManager.mjs +25 -20
- package/dist/cache/AccountManager.mjs.map +1 -1
- package/dist/cache/AsyncMemoryStorage.d.ts +14 -7
- package/dist/cache/AsyncMemoryStorage.d.ts.map +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +30 -23
- package/dist/cache/AsyncMemoryStorage.mjs.map +1 -1
- package/dist/cache/BrowserCacheManager.d.ts +22 -25
- package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +108 -169
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs.map +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CacheKeys.mjs.map +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/CookieStorage.mjs.map +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs.map +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/IAsyncStorage.d.ts +10 -5
- package/dist/cache/IAsyncStorage.d.ts.map +1 -1
- package/dist/cache/LocalStorage.d.ts.map +1 -1
- package/dist/cache/LocalStorage.mjs +23 -19
- package/dist/cache/LocalStorage.mjs.map +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs.map +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs.map +1 -1
- package/dist/cache/TokenCache.d.ts +8 -68
- package/dist/cache/TokenCache.d.ts.map +1 -1
- package/dist/cache/TokenCache.mjs +178 -186
- package/dist/cache/TokenCache.mjs.map +1 -1
- package/dist/config/Configuration.d.ts +6 -55
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +16 -30
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/ControllerFactory.d.ts +1 -1
- package/dist/controllers/ControllerFactory.d.ts.map +1 -1
- package/dist/controllers/ControllerFactory.mjs +13 -7
- package/dist/controllers/ControllerFactory.mjs.map +1 -1
- package/dist/controllers/IController.d.ts +5 -6
- package/dist/controllers/IController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts +4 -9
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +48 -64
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.d.ts +9 -30
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +202 -303
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.d.ts +4 -8
- package/dist/controllers/UnknownOperatingContextController.d.ts.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +3 -16
- package/dist/controllers/UnknownOperatingContextController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.d.ts +1 -2
- package/dist/crypto/BrowserCrypto.d.ts.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +2 -4
- package/dist/crypto/BrowserCrypto.mjs.map +1 -1
- package/dist/crypto/CryptoOps.d.ts +4 -2
- package/dist/crypto/CryptoOps.d.ts.map +1 -1
- package/dist/crypto/CryptoOps.mjs +17 -14
- package/dist/crypto/CryptoOps.mjs.map +1 -1
- package/dist/crypto/PkceGenerator.d.ts.map +1 -1
- package/dist/crypto/PkceGenerator.mjs +7 -8
- package/dist/crypto/PkceGenerator.mjs.map +1 -1
- package/dist/crypto/SignedHttpRequest.d.ts +2 -1
- package/dist/crypto/SignedHttpRequest.d.ts.map +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +6 -18
- package/dist/crypto/SignedHttpRequest.mjs.map +1 -1
- package/dist/custom-auth-path/app/IPublicClientApplication.d.ts +2 -9
- package/dist/custom-auth-path/app/IPublicClientApplication.d.ts.map +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.d.ts +3 -49
- package/dist/custom-auth-path/app/PublicClientApplication.d.ts.map +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +4 -63
- package/dist/custom-auth-path/app/PublicClientApplication.mjs.map +1 -1
- package/dist/custom-auth-path/app/PublicClientNext.d.ts +2 -49
- package/dist/custom-auth-path/app/PublicClientNext.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +3 -2
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +13 -15
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +27 -29
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.d.ts +4 -2
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +14 -14
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
- package/dist/custom-auth-path/cache/AccountManager.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +25 -20
- package/dist/custom-auth-path/cache/AccountManager.mjs.map +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.d.ts +14 -7
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +30 -23
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs.map +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts +22 -25
- package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +108 -169
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs.map +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs.map +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/IAsyncStorage.d.ts +10 -5
- package/dist/custom-auth-path/cache/IAsyncStorage.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +23 -19
- package/dist/custom-auth-path/cache/LocalStorage.mjs.map +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs.map +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs.map +1 -1
- package/dist/custom-auth-path/cache/TokenCache.d.ts +8 -68
- package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +6 -55
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +16 -30
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.d.ts +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +5 -3
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/IController.d.ts +5 -6
- package/dist/custom-auth-path/controllers/IController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts +4 -9
- package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts +9 -30
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +202 -303
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/UnknownOperatingContextController.d.ts +4 -8
- package/dist/custom-auth-path/controllers/UnknownOperatingContextController.d.ts.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.d.ts +1 -2
- package/dist/custom-auth-path/crypto/BrowserCrypto.d.ts.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +2 -4
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.d.ts +4 -2
- package/dist/custom-auth-path/crypto/CryptoOps.d.ts.map +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +17 -14
- package/dist/custom-auth-path/crypto/CryptoOps.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.d.ts.map +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +7 -8
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/SignedHttpRequest.d.ts +2 -1
- package/dist/custom-auth-path/crypto/SignedHttpRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +2 -3
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -2
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +9 -9
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +6 -7
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts +1 -2
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +3 -11
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.d.ts +0 -5
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +2 -9
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +4 -4
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.d.ts +8 -2
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +29 -6
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/parameter/JitParams.d.ts +1 -0
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/parameter/JitParams.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.d.ts +11 -2
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +9 -2
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.d.ts +0 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +2 -3
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts +2 -7
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +3 -14
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiRequestTypes.d.ts +0 -5
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiRequestTypes.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiResponseTypes.d.ts +1 -5
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiResponseTypes.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts +0 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +3 -4
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +5 -5
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.d.ts +3 -4
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +5 -4
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +4 -4
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +7 -9
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +3 -3
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +2 -2
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +7 -6
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +5 -14
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +2 -2
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +2 -2
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.d.ts +6 -8
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +36 -57
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.d.ts +0 -6
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +2 -9
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +2 -2
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +3 -3
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +2 -2
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +10 -9
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.d.ts +1 -246
- package/dist/custom-auth-path/error/BrowserAuthError.d.ts.map +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +6 -61
- package/dist/custom-auth-path/error/BrowserAuthError.mjs.map +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +2 -8
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs.map +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.d.ts +0 -23
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.d.ts.map +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +4 -9
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs.map +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +2 -3
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.d.ts +0 -3
- package/dist/custom-auth-path/error/NativeAuthError.d.ts.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +10 -13
- package/dist/custom-auth-path/error/NativeAuthError.mjs.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.d.ts +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.d.ts.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +2 -3
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs.map +1 -1
- package/dist/custom-auth-path/error/NestedAppAuthError.d.ts +0 -9
- package/dist/custom-auth-path/error/NestedAppAuthError.d.ts.map +1 -1
- package/dist/custom-auth-path/event/EventHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +9 -12
- package/dist/custom-auth-path/event/EventHandler.mjs.map +1 -1
- package/dist/custom-auth-path/event/EventMessage.d.ts.map +1 -1
- package/dist/custom-auth-path/event/EventType.d.ts +3 -10
- package/dist/custom-auth-path/event/EventType.d.ts.map +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +4 -11
- package/dist/custom-auth-path/event/EventType.mjs.map +1 -1
- package/dist/custom-auth-path/index.d.ts +34 -6
- package/dist/custom-auth-path/index.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.d.ts +50 -32
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +116 -97
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.d.ts +2 -2
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +3 -3
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts +5 -3
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +71 -85
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts +2 -14
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +64 -153
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts +8 -9
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +103 -112
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.d.ts +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +17 -10
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +11 -10
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +38 -49
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +9 -8
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts +17 -7
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +55 -63
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.d.ts +2 -3
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +8 -10
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts +3 -4
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +11 -48
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/custom-auth-path/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs.map +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs.map +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.d.ts +2 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.d.ts.map +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs.map +1 -1
- package/dist/custom-auth-path/operatingcontext/NestedAppOperatingContext.d.ts +2 -1
- package/dist/custom-auth-path/operatingcontext/NestedAppOperatingContext.d.ts.map +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.d.ts +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.d.ts.map +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +3 -2
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs.map +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts.map +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts +0 -4
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +20 -36
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/request/AuthorizationCodeRequest.d.ts +1 -1
- package/dist/custom-auth-path/request/AuthorizationCodeRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/request/PopupRequest.d.ts +1 -1
- package/dist/custom-auth-path/request/PopupRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/request/RedirectRequest.d.ts +1 -8
- package/dist/custom-auth-path/request/RedirectRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.d.ts +6 -12
- package/dist/custom-auth-path/request/RequestHelpers.d.ts.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +16 -48
- package/dist/custom-auth-path/request/RequestHelpers.mjs.map +1 -1
- package/dist/custom-auth-path/request/SilentRequest.d.ts +1 -1
- package/dist/custom-auth-path/request/SilentRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/request/SsoSilentRequest.d.ts +1 -1
- package/dist/custom-auth-path/request/SsoSilentRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.d.ts +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +5 -5
- package/dist/custom-auth-path/response/ResponseHandler.mjs.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +2 -19
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts +131 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts.map +1 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +126 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs.map +1 -0
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.d.ts +35 -0
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -0
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +45 -0
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs.map +1 -0
- package/dist/custom-auth-path/utils/BrowserConstants.d.ts +0 -8
- package/dist/custom-auth-path/utils/BrowserConstants.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +3 -3
- package/dist/custom-auth-path/utils/BrowserConstants.mjs.map +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs.map +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +5 -6
- package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs.map +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +3 -3
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/dist/custom-auth-path/utils/PopupUtils.d.ts +33 -0
- package/dist/custom-auth-path/utils/PopupUtils.d.ts.map +1 -0
- package/dist/custom-auth-path/utils/PopupUtils.mjs +90 -0
- package/dist/custom-auth-path/utils/PopupUtils.mjs.map +1 -0
- package/dist/custom_auth/CustomAuthConstants.d.ts +2 -3
- package/dist/custom_auth/CustomAuthConstants.d.ts.map +1 -1
- package/dist/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
- package/dist/custom_auth/core/CustomAuthAuthority.d.ts.map +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts +1 -2
- package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts.map +1 -1
- package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.d.ts +0 -5
- package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.d.ts.map +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
- package/dist/custom_auth/core/interaction_client/jit/JitClient.d.ts +8 -2
- package/dist/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
- package/dist/custom_auth/core/interaction_client/jit/parameter/JitParams.d.ts +1 -0
- package/dist/custom_auth/core/interaction_client/jit/parameter/JitParams.d.ts.map +1 -1
- package/dist/custom_auth/core/interaction_client/jit/result/JitActionResult.d.ts +11 -2
- package/dist/custom_auth/core/interaction_client/jit/result/JitActionResult.d.ts.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.d.ts +0 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.d.ts.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts +2 -7
- package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiRequestTypes.d.ts +0 -5
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiRequestTypes.d.ts.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiResponseTypes.d.ts +1 -5
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiResponseTypes.d.ts.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts +0 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts.map +1 -1
- package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.d.ts.map +1 -1
- package/dist/custom_auth/core/telemetry/PublicApiId.d.ts +3 -4
- package/dist/custom_auth/core/telemetry/PublicApiId.d.ts.map +1 -1
- package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
- package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/interaction_client/SignInClient.d.ts +6 -8
- package/dist/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/interaction_client/result/SignInActionResult.d.ts +0 -6
- package/dist/custom_auth/sign_in/interaction_client/result/SignInActionResult.d.ts.map +1 -1
- package/dist/custom_auth/sign_up/interaction_client/SignUpClient.d.ts.map +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.d.ts +1 -246
- package/dist/error/BrowserAuthError.d.ts.map +1 -1
- package/dist/error/BrowserAuthError.mjs +6 -253
- package/dist/error/BrowserAuthError.mjs.map +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.d.ts +0 -23
- package/dist/error/BrowserConfigurationAuthError.d.ts.map +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +4 -29
- package/dist/error/BrowserConfigurationAuthError.mjs.map +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.d.ts +0 -3
- package/dist/error/NativeAuthError.d.ts.map +1 -1
- package/dist/error/NativeAuthError.mjs +10 -13
- package/dist/error/NativeAuthError.mjs.map +1 -1
- package/dist/error/NativeAuthErrorCodes.d.ts +1 -1
- package/dist/error/NativeAuthErrorCodes.d.ts.map +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +4 -4
- package/dist/error/NativeAuthErrorCodes.mjs.map +1 -1
- package/dist/error/NestedAppAuthError.d.ts +0 -9
- package/dist/error/NestedAppAuthError.d.ts.map +1 -1
- package/dist/error/NestedAppAuthError.mjs +4 -12
- package/dist/error/NestedAppAuthError.mjs.map +1 -1
- package/dist/event/EventHandler.d.ts.map +1 -1
- package/dist/event/EventHandler.mjs +9 -12
- package/dist/event/EventHandler.mjs.map +1 -1
- package/dist/event/EventMessage.d.ts.map +1 -1
- package/dist/event/EventMessage.mjs +2 -17
- package/dist/event/EventMessage.mjs.map +1 -1
- package/dist/event/EventType.d.ts +3 -10
- package/dist/event/EventType.d.ts.map +1 -1
- package/dist/event/EventType.mjs +4 -11
- package/dist/event/EventType.mjs.map +1 -1
- package/dist/index.d.ts +34 -6
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +25 -6
- package/dist/index.mjs.map +1 -1
- package/dist/interaction_client/BaseInteractionClient.d.ts +50 -32
- package/dist/interaction_client/BaseInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +116 -97
- package/dist/interaction_client/BaseInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.d.ts +2 -2
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.d.ts.map +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +3 -3
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts +5 -3
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +71 -85
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.d.ts +2 -14
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +64 -153
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.d.ts +8 -9
- package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +103 -112
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.d.ts +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +17 -10
- package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentCacheClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +11 -10
- package/dist/interaction_client/SilentCacheClient.mjs.map +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +38 -49
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +9 -8
- package/dist/interaction_client/SilentRefreshClient.mjs.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts +17 -7
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +55 -63
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.d.ts +2 -3
- package/dist/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +8 -10
- package/dist/interaction_handler/InteractionHandler.mjs.map +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts +3 -4
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +11 -48
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs.map +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +9 -6
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs.map +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/network/FetchClient.mjs.map +1 -1
- package/dist/operatingcontext/BaseOperatingContext.d.ts +2 -1
- package/dist/operatingcontext/BaseOperatingContext.d.ts.map +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs.map +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.d.ts +2 -1
- package/dist/operatingcontext/NestedAppOperatingContext.d.ts.map +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +5 -4
- package/dist/operatingcontext/NestedAppOperatingContext.mjs.map +1 -1
- package/dist/operatingcontext/StandardOperatingContext.d.ts +1 -1
- package/dist/operatingcontext/StandardOperatingContext.d.ts.map +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +3 -2
- package/dist/operatingcontext/StandardOperatingContext.mjs.map +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs.map +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.d.ts.map +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +0 -4
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +20 -36
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/AuthorizationCodeRequest.d.ts +1 -1
- package/dist/request/AuthorizationCodeRequest.d.ts.map +1 -1
- package/dist/request/PopupRequest.d.ts +1 -1
- package/dist/request/PopupRequest.d.ts.map +1 -1
- package/dist/request/RedirectRequest.d.ts +1 -8
- package/dist/request/RedirectRequest.d.ts.map +1 -1
- package/dist/request/RequestHelpers.d.ts +6 -12
- package/dist/request/RequestHelpers.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +16 -48
- package/dist/request/RequestHelpers.mjs.map +1 -1
- package/dist/request/SilentRequest.d.ts +1 -1
- package/dist/request/SilentRequest.d.ts.map +1 -1
- package/dist/request/SsoSilentRequest.d.ts +1 -1
- package/dist/request/SsoSilentRequest.d.ts.map +1 -1
- package/dist/response/ResponseHandler.d.ts +1 -1
- package/dist/response/ResponseHandler.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +5 -5
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts +2 -19
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +5 -60
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.d.ts +131 -0
- package/dist/telemetry/BrowserPerformanceEvents.d.ts.map +1 -0
- package/dist/telemetry/BrowserPerformanceEvents.mjs +126 -0
- package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -0
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs.map +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.d.ts +35 -0
- package/dist/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -0
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +45 -0
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs.map +1 -0
- package/dist/utils/BrowserConstants.d.ts +0 -8
- package/dist/utils/BrowserConstants.d.ts.map +1 -1
- package/dist/utils/BrowserConstants.mjs +3 -11
- package/dist/utils/BrowserConstants.mjs.map +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs.map +1 -1
- package/dist/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/utils/BrowserUtils.mjs +5 -6
- package/dist/utils/BrowserUtils.mjs.map +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/Helpers.mjs.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.d.ts +1 -1
- package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +3 -3
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/dist/utils/PopupUtils.d.ts +33 -0
- package/dist/utils/PopupUtils.d.ts.map +1 -0
- package/dist/utils/PopupUtils.mjs +90 -0
- package/dist/utils/PopupUtils.mjs.map +1 -0
- package/lib/custom-auth-path/msal-custom-auth.cjs +2541 -3596
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/app/IPublicClientApplication.d.ts +2 -9
- package/lib/custom-auth-path/types/app/IPublicClientApplication.d.ts.map +1 -1
- package/lib/custom-auth-path/types/app/PublicClientApplication.d.ts +3 -49
- package/lib/custom-auth-path/types/app/PublicClientApplication.d.ts.map +1 -1
- package/lib/custom-auth-path/types/app/PublicClientNext.d.ts +2 -49
- package/lib/custom-auth-path/types/app/PublicClientNext.d.ts.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthProvider.d.ts +4 -2
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/AccountManager.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/AsyncMemoryStorage.d.ts +14 -7
- package/lib/custom-auth-path/types/cache/AsyncMemoryStorage.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts +22 -25
- package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/IAsyncStorage.d.ts +10 -5
- package/lib/custom-auth-path/types/cache/IAsyncStorage.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/LocalStorage.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/TokenCache.d.ts +8 -68
- package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +6 -55
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/ControllerFactory.d.ts +1 -1
- package/lib/custom-auth-path/types/controllers/ControllerFactory.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/IController.d.ts +5 -6
- package/lib/custom-auth-path/types/controllers/IController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts +4 -9
- package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts +9 -30
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/UnknownOperatingContextController.d.ts +4 -8
- package/lib/custom-auth-path/types/controllers/UnknownOperatingContextController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/crypto/BrowserCrypto.d.ts +1 -2
- package/lib/custom-auth-path/types/crypto/BrowserCrypto.d.ts.map +1 -1
- package/lib/custom-auth-path/types/crypto/CryptoOps.d.ts +4 -2
- package/lib/custom-auth-path/types/crypto/CryptoOps.d.ts.map +1 -1
- package/lib/custom-auth-path/types/crypto/PkceGenerator.d.ts.map +1 -1
- package/lib/custom-auth-path/types/crypto/SignedHttpRequest.d.ts +2 -1
- package/lib/custom-auth-path/types/crypto/SignedHttpRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +2 -3
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/CustomAuthAuthority.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts +1 -2
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.d.ts +0 -5
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/jit/JitClient.d.ts +8 -2
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/jit/parameter/JitParams.d.ts +1 -0
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/jit/parameter/JitParams.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/jit/result/JitActionResult.d.ts +11 -2
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/jit/result/JitActionResult.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.d.ts +0 -1
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts +2 -7
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/types/ApiRequestTypes.d.ts +0 -5
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/types/ApiRequestTypes.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/types/ApiResponseTypes.d.ts +1 -5
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/types/ApiResponseTypes.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts +0 -1
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/network_client/http_client/FetchHttpClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/telemetry/PublicApiId.d.ts +3 -4
- package/lib/custom-auth-path/types/custom_auth/core/telemetry/PublicApiId.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/reset_password/interaction_client/ResetPasswordClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/interaction_client/SignInClient.d.ts +6 -8
- package/lib/custom-auth-path/types/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/interaction_client/result/SignInActionResult.d.ts +0 -6
- package/lib/custom-auth-path/types/custom_auth/sign_in/interaction_client/result/SignInActionResult.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_up/interaction_client/SignUpClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/error/BrowserAuthError.d.ts +1 -246
- package/lib/custom-auth-path/types/error/BrowserAuthError.d.ts.map +1 -1
- package/lib/custom-auth-path/types/error/BrowserConfigurationAuthError.d.ts +0 -23
- package/lib/custom-auth-path/types/error/BrowserConfigurationAuthError.d.ts.map +1 -1
- package/lib/custom-auth-path/types/error/NativeAuthError.d.ts +0 -3
- package/lib/custom-auth-path/types/error/NativeAuthError.d.ts.map +1 -1
- package/lib/custom-auth-path/types/error/NativeAuthErrorCodes.d.ts +1 -1
- package/lib/custom-auth-path/types/error/NativeAuthErrorCodes.d.ts.map +1 -1
- package/lib/custom-auth-path/types/error/NestedAppAuthError.d.ts +0 -9
- package/lib/custom-auth-path/types/error/NestedAppAuthError.d.ts.map +1 -1
- package/lib/custom-auth-path/types/event/EventHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/event/EventMessage.d.ts.map +1 -1
- package/lib/custom-auth-path/types/event/EventType.d.ts +3 -10
- package/lib/custom-auth-path/types/event/EventType.d.ts.map +1 -1
- package/lib/custom-auth-path/types/index.d.ts +34 -6
- package/lib/custom-auth-path/types/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/BaseInteractionClient.d.ts +50 -32
- package/lib/custom-auth-path/types/interaction_client/BaseInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/HybridSpaAuthorizationCodeClient.d.ts +2 -2
- package/lib/custom-auth-path/types/interaction_client/HybridSpaAuthorizationCodeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts +5 -3
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts +2 -14
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts +8 -9
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentAuthCodeClient.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentCacheClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentRefreshClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts +17 -7
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/InteractionHandler.d.ts +2 -3
- package/lib/custom-auth-path/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts +3 -4
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/custom-auth-path/types/operatingcontext/BaseOperatingContext.d.ts +2 -1
- package/lib/custom-auth-path/types/operatingcontext/BaseOperatingContext.d.ts.map +1 -1
- package/lib/custom-auth-path/types/operatingcontext/NestedAppOperatingContext.d.ts +2 -1
- package/lib/custom-auth-path/types/operatingcontext/NestedAppOperatingContext.d.ts.map +1 -1
- package/lib/custom-auth-path/types/operatingcontext/StandardOperatingContext.d.ts +1 -1
- package/lib/custom-auth-path/types/operatingcontext/StandardOperatingContext.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts.map +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts +0 -4
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/custom-auth-path/types/request/AuthorizationCodeRequest.d.ts +1 -1
- package/lib/custom-auth-path/types/request/AuthorizationCodeRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/request/PopupRequest.d.ts +1 -1
- package/lib/custom-auth-path/types/request/PopupRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/request/RedirectRequest.d.ts +1 -8
- package/lib/custom-auth-path/types/request/RedirectRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/request/RequestHelpers.d.ts +6 -12
- package/lib/custom-auth-path/types/request/RequestHelpers.d.ts.map +1 -1
- package/lib/custom-auth-path/types/request/SilentRequest.d.ts +1 -1
- package/lib/custom-auth-path/types/request/SilentRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/request/SsoSilentRequest.d.ts +1 -1
- package/lib/custom-auth-path/types/request/SsoSilentRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/response/ResponseHandler.d.ts +1 -1
- package/lib/custom-auth-path/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +2 -19
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts +131 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -0
- package/lib/custom-auth-path/types/telemetry/BrowserRootPerformanceEvents.d.ts +35 -0
- package/lib/custom-auth-path/types/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -0
- package/lib/custom-auth-path/types/utils/BrowserConstants.d.ts +0 -8
- package/lib/custom-auth-path/types/utils/BrowserConstants.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +1 -1
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/PopupUtils.d.ts +33 -0
- package/lib/custom-auth-path/types/utils/PopupUtils.d.ts.map +1 -0
- package/lib/msal-browser.cjs +2923 -4758
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +2923 -4758
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +74 -67
- package/lib/types/app/IPublicClientApplication.d.ts +2 -9
- package/lib/types/app/IPublicClientApplication.d.ts.map +1 -1
- package/lib/types/app/PublicClientApplication.d.ts +3 -49
- package/lib/types/app/PublicClientApplication.d.ts.map +1 -1
- package/lib/types/app/PublicClientNext.d.ts +2 -49
- package/lib/types/app/PublicClientNext.d.ts.map +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts +4 -2
- package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/lib/types/cache/AccountManager.d.ts.map +1 -1
- package/lib/types/cache/AsyncMemoryStorage.d.ts +14 -7
- package/lib/types/cache/AsyncMemoryStorage.d.ts.map +1 -1
- package/lib/types/cache/BrowserCacheManager.d.ts +22 -25
- package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/types/cache/IAsyncStorage.d.ts +10 -5
- package/lib/types/cache/IAsyncStorage.d.ts.map +1 -1
- package/lib/types/cache/LocalStorage.d.ts.map +1 -1
- package/lib/types/cache/TokenCache.d.ts +8 -68
- package/lib/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +6 -55
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/ControllerFactory.d.ts +1 -1
- package/lib/types/controllers/ControllerFactory.d.ts.map +1 -1
- package/lib/types/controllers/IController.d.ts +5 -6
- package/lib/types/controllers/IController.d.ts.map +1 -1
- package/lib/types/controllers/NestedAppAuthController.d.ts +4 -9
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +9 -30
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/controllers/UnknownOperatingContextController.d.ts +4 -8
- package/lib/types/controllers/UnknownOperatingContextController.d.ts.map +1 -1
- package/lib/types/crypto/BrowserCrypto.d.ts +1 -2
- package/lib/types/crypto/BrowserCrypto.d.ts.map +1 -1
- package/lib/types/crypto/CryptoOps.d.ts +4 -2
- package/lib/types/crypto/CryptoOps.d.ts.map +1 -1
- package/lib/types/crypto/PkceGenerator.d.ts.map +1 -1
- package/lib/types/crypto/SignedHttpRequest.d.ts +2 -1
- package/lib/types/crypto/SignedHttpRequest.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +2 -3
- package/lib/types/custom_auth/CustomAuthConstants.d.ts.map +1 -1
- package/lib/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/core/CustomAuthAuthority.d.ts.map +1 -1
- package/lib/types/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts +1 -2
- package/lib/types/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts.map +1 -1
- package/lib/types/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.d.ts +0 -5
- package/lib/types/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.d.ts.map +1 -1
- package/lib/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
- package/lib/types/custom_auth/core/interaction_client/jit/JitClient.d.ts +8 -2
- package/lib/types/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
- package/lib/types/custom_auth/core/interaction_client/jit/parameter/JitParams.d.ts +1 -0
- package/lib/types/custom_auth/core/interaction_client/jit/parameter/JitParams.d.ts.map +1 -1
- package/lib/types/custom_auth/core/interaction_client/jit/result/JitActionResult.d.ts +11 -2
- package/lib/types/custom_auth/core/interaction_client/jit/result/JitActionResult.d.ts.map +1 -1
- package/lib/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.d.ts +0 -1
- package/lib/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.d.ts.map +1 -1
- package/lib/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts +2 -7
- package/lib/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts.map +1 -1
- package/lib/types/custom_auth/core/network_client/custom_auth_api/types/ApiRequestTypes.d.ts +0 -5
- package/lib/types/custom_auth/core/network_client/custom_auth_api/types/ApiRequestTypes.d.ts.map +1 -1
- package/lib/types/custom_auth/core/network_client/custom_auth_api/types/ApiResponseTypes.d.ts +1 -5
- package/lib/types/custom_auth/core/network_client/custom_auth_api/types/ApiResponseTypes.d.ts.map +1 -1
- package/lib/types/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts +0 -1
- package/lib/types/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts.map +1 -1
- package/lib/types/custom_auth/core/network_client/http_client/FetchHttpClient.d.ts.map +1 -1
- package/lib/types/custom_auth/core/telemetry/PublicApiId.d.ts +3 -4
- package/lib/types/custom_auth/core/telemetry/PublicApiId.d.ts.map +1 -1
- package/lib/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
- package/lib/types/custom_auth/reset_password/interaction_client/ResetPasswordClient.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/interaction_client/SignInClient.d.ts +6 -8
- package/lib/types/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/interaction_client/result/SignInActionResult.d.ts +0 -6
- package/lib/types/custom_auth/sign_in/interaction_client/result/SignInActionResult.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_up/interaction_client/SignUpClient.d.ts.map +1 -1
- package/lib/types/error/BrowserAuthError.d.ts +1 -246
- package/lib/types/error/BrowserAuthError.d.ts.map +1 -1
- package/lib/types/error/BrowserConfigurationAuthError.d.ts +0 -23
- package/lib/types/error/BrowserConfigurationAuthError.d.ts.map +1 -1
- package/lib/types/error/NativeAuthError.d.ts +0 -3
- package/lib/types/error/NativeAuthError.d.ts.map +1 -1
- package/lib/types/error/NativeAuthErrorCodes.d.ts +1 -1
- package/lib/types/error/NativeAuthErrorCodes.d.ts.map +1 -1
- package/lib/types/error/NestedAppAuthError.d.ts +0 -9
- package/lib/types/error/NestedAppAuthError.d.ts.map +1 -1
- package/lib/types/event/EventHandler.d.ts.map +1 -1
- package/lib/types/event/EventMessage.d.ts.map +1 -1
- package/lib/types/event/EventType.d.ts +3 -10
- package/lib/types/event/EventType.d.ts.map +1 -1
- package/lib/types/index.d.ts +34 -6
- package/lib/types/index.d.ts.map +1 -1
- package/lib/types/interaction_client/BaseInteractionClient.d.ts +50 -32
- package/lib/types/interaction_client/BaseInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/HybridSpaAuthorizationCodeClient.d.ts +2 -2
- package/lib/types/interaction_client/HybridSpaAuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts +5 -3
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts +2 -14
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/RedirectClient.d.ts +8 -9
- package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentAuthCodeClient.d.ts +1 -1
- package/lib/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentCacheClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentRefreshClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts +17 -7
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/InteractionHandler.d.ts +2 -3
- package/lib/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts +3 -4
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/types/operatingcontext/BaseOperatingContext.d.ts +2 -1
- package/lib/types/operatingcontext/BaseOperatingContext.d.ts.map +1 -1
- package/lib/types/operatingcontext/NestedAppOperatingContext.d.ts +2 -1
- package/lib/types/operatingcontext/NestedAppOperatingContext.d.ts.map +1 -1
- package/lib/types/operatingcontext/StandardOperatingContext.d.ts +1 -1
- package/lib/types/operatingcontext/StandardOperatingContext.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/packageMetadata.d.ts.map +1 -1
- package/lib/types/protocol/Authorize.d.ts +0 -4
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/request/AuthorizationCodeRequest.d.ts +1 -1
- package/lib/types/request/AuthorizationCodeRequest.d.ts.map +1 -1
- package/lib/types/request/PopupRequest.d.ts +1 -1
- package/lib/types/request/PopupRequest.d.ts.map +1 -1
- package/lib/types/request/RedirectRequest.d.ts +1 -8
- package/lib/types/request/RedirectRequest.d.ts.map +1 -1
- package/lib/types/request/RequestHelpers.d.ts +6 -12
- package/lib/types/request/RequestHelpers.d.ts.map +1 -1
- package/lib/types/request/SilentRequest.d.ts +1 -1
- package/lib/types/request/SilentRequest.d.ts.map +1 -1
- package/lib/types/request/SsoSilentRequest.d.ts +1 -1
- package/lib/types/request/SsoSilentRequest.d.ts.map +1 -1
- package/lib/types/response/ResponseHandler.d.ts +1 -1
- package/lib/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts +2 -19
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts +131 -0
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -0
- package/lib/types/telemetry/BrowserRootPerformanceEvents.d.ts +35 -0
- package/lib/types/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -0
- package/lib/types/utils/BrowserConstants.d.ts +0 -8
- package/lib/types/utils/BrowserConstants.d.ts.map +1 -1
- package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/types/utils/MsalFrameStatsUtils.d.ts +1 -1
- package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/lib/types/utils/PopupUtils.d.ts +33 -0
- package/lib/types/utils/PopupUtils.d.ts.map +1 -0
- package/package.json +113 -115
- package/src/app/IPublicClientApplication.ts +4 -36
- package/src/app/PublicClientApplication.ts +11 -73
- package/src/app/PublicClientNext.ts +6 -71
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +30 -14
- package/src/broker/nativeBroker/PlatformAuthExtensionHandler.ts +57 -32
- package/src/broker/nativeBroker/PlatformAuthProvider.ts +26 -21
- package/src/cache/AccountManager.ts +47 -19
- package/src/cache/AsyncMemoryStorage.ts +39 -22
- package/src/cache/BrowserCacheManager.ts +234 -213
- package/src/cache/IAsyncStorage.ts +10 -5
- package/src/cache/LocalStorage.ts +31 -18
- package/src/cache/TokenCache.ts +367 -360
- package/src/config/Configuration.ts +23 -86
- package/src/controllers/ControllerFactory.ts +13 -6
- package/src/controllers/IController.ts +8 -10
- package/src/controllers/NestedAppAuthController.ts +75 -108
- package/src/controllers/StandardController.ts +335 -519
- package/src/controllers/UnknownOperatingContextController.ts +3 -20
- package/src/crypto/BrowserCrypto.ts +1 -13
- package/src/crypto/CryptoOps.ts +32 -18
- package/src/crypto/PkceGenerator.ts +6 -14
- package/src/crypto/SignedHttpRequest.ts +14 -21
- package/src/custom_auth/CustomAuthConstants.ts +0 -1
- package/src/custom_auth/controller/CustomAuthStandardController.ts +10 -9
- package/src/custom_auth/core/CustomAuthAuthority.ts +11 -5
- package/src/custom_auth/core/auth_flow/AuthFlowErrorBase.ts +2 -15
- package/src/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.ts +1 -9
- package/src/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.ts +4 -2
- package/src/custom_auth/core/interaction_client/jit/JitClient.ts +63 -3
- package/src/custom_auth/core/interaction_client/jit/parameter/JitParams.ts +2 -0
- package/src/custom_auth/core/interaction_client/jit/result/JitActionResult.ts +22 -2
- package/src/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.ts +0 -1
- package/src/custom_auth/core/network_client/custom_auth_api/SignInApiClient.ts +1 -27
- package/src/custom_auth/core/network_client/custom_auth_api/types/ApiRequestTypes.ts +0 -6
- package/src/custom_auth/core/network_client/custom_auth_api/types/ApiResponseTypes.ts +1 -6
- package/src/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.ts +0 -1
- package/src/custom_auth/core/network_client/http_client/FetchHttpClient.ts +8 -5
- package/src/custom_auth/core/telemetry/PublicApiId.ts +3 -6
- package/src/custom_auth/get_account/auth_flow/CustomAuthAccountData.ts +3 -3
- package/src/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.ts +19 -14
- package/src/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.ts +2 -2
- package/src/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.ts +1 -1
- package/src/custom_auth/reset_password/interaction_client/ResetPasswordClient.ts +30 -5
- package/src/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.ts +13 -23
- package/src/custom_auth/sign_in/auth_flow/state/SignInContinuationState.ts +1 -1
- package/src/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.ts +1 -1
- package/src/custom_auth/sign_in/interaction_client/SignInClient.ts +77 -128
- package/src/custom_auth/sign_in/interaction_client/result/SignInActionResult.ts +0 -15
- package/src/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.ts +1 -1
- package/src/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.ts +2 -2
- package/src/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.ts +1 -1
- package/src/custom_auth/sign_up/interaction_client/SignUpClient.ts +39 -8
- package/src/error/BrowserAuthError.ts +4 -339
- package/src/error/BrowserConfigurationAuthError.ts +2 -37
- package/src/error/NativeAuthError.ts +7 -14
- package/src/error/NativeAuthErrorCodes.ts +1 -1
- package/src/error/NestedAppAuthError.ts +2 -14
- package/src/event/EventHandler.ts +13 -11
- package/src/event/EventMessage.ts +1 -18
- package/src/event/EventType.ts +3 -10
- package/src/index.ts +19 -19
- package/src/interaction_client/BaseInteractionClient.ts +181 -158
- package/src/interaction_client/HybridSpaAuthorizationCodeClient.ts +6 -2
- package/src/interaction_client/PlatformAuthInteractionClient.ts +160 -109
- package/src/interaction_client/PopupClient.ts +217 -308
- package/src/interaction_client/RedirectClient.ts +245 -184
- package/src/interaction_client/SilentAuthCodeClient.ts +41 -16
- package/src/interaction_client/SilentCacheClient.ts +23 -15
- package/src/interaction_client/SilentIframeClient.ts +101 -101
- package/src/interaction_client/SilentRefreshClient.ts +26 -14
- package/src/interaction_client/StandardInteractionClient.ts +112 -107
- package/src/interaction_handler/InteractionHandler.ts +7 -16
- package/src/interaction_handler/SilentHandler.ts +12 -91
- package/src/naa/mapping/NestedAppAuthAdapter.ts +8 -6
- package/src/operatingcontext/BaseOperatingContext.ts +2 -1
- package/src/operatingcontext/NestedAppOperatingContext.ts +8 -3
- package/src/operatingcontext/StandardOperatingContext.ts +2 -1
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +30 -86
- package/src/request/AuthorizationCodeRequest.ts +1 -4
- package/src/request/PopupRequest.ts +0 -1
- package/src/request/RedirectRequest.ts +0 -8
- package/src/request/RequestHelpers.ts +18 -75
- package/src/request/SilentRequest.ts +1 -5
- package/src/request/SsoSilentRequest.ts +0 -1
- package/src/response/ResponseHandler.ts +8 -4
- package/src/telemetry/BrowserPerformanceClient.ts +4 -108
- package/src/telemetry/BrowserPerformanceEvents.ts +182 -0
- package/src/telemetry/BrowserRootPerformanceEvents.ts +41 -0
- package/src/utils/BrowserConstants.ts +2 -10
- package/src/utils/BrowserUtils.ts +4 -6
- package/src/utils/MsalFrameStatsUtils.ts +4 -2
- package/src/utils/PopupUtils.ts +117 -0
- package/dist/cache/ITokenCache.d.ts +0 -12
- package/dist/cache/ITokenCache.d.ts.map +0 -1
- package/dist/custom-auth-path/cache/ITokenCache.d.ts +0 -12
- package/dist/custom-auth-path/cache/ITokenCache.d.ts.map +0 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +0 -207
- package/dist/custom-auth-path/cache/TokenCache.mjs.map +0 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts +0 -22
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts.map +0 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts +0 -36
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts.map +0 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts +0 -30
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts.map +0 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.d.ts +0 -7
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.d.ts.map +0 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.d.ts +0 -7
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.d.ts.map +0 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts +0 -59
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts.map +0 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaStateParameters.d.ts +0 -19
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaStateParameters.d.ts.map +0 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.d.ts +0 -21
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +0 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/parameter/MfaClientParameters.d.ts +0 -14
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/parameter/MfaClientParameters.d.ts.map +0 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.d.ts +0 -23
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.d.ts.map +0 -1
- package/dist/custom-auth-path/request/AuthorizationUrlRequest.d.ts +0 -7
- package/dist/custom-auth-path/request/AuthorizationUrlRequest.d.ts.map +0 -1
- package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts +0 -22
- package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts.map +0 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts +0 -36
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts.map +0 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts +0 -30
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts.map +0 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.d.ts +0 -7
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.d.ts.map +0 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.d.ts +0 -7
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.d.ts.map +0 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts +0 -59
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts.map +0 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaStateParameters.d.ts +0 -19
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaStateParameters.d.ts.map +0 -1
- package/dist/custom_auth/core/interaction_client/mfa/MfaClient.d.ts +0 -21
- package/dist/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +0 -1
- package/dist/custom_auth/core/interaction_client/mfa/parameter/MfaClientParameters.d.ts +0 -14
- package/dist/custom_auth/core/interaction_client/mfa/parameter/MfaClientParameters.d.ts.map +0 -1
- package/dist/custom_auth/core/interaction_client/mfa/result/MfaActionResult.d.ts +0 -23
- package/dist/custom_auth/core/interaction_client/mfa/result/MfaActionResult.d.ts.map +0 -1
- package/dist/request/AuthorizationUrlRequest.d.ts +0 -7
- package/dist/request/AuthorizationUrlRequest.d.ts.map +0 -1
- package/lib/custom-auth-path/types/cache/ITokenCache.d.ts +0 -12
- package/lib/custom-auth-path/types/cache/ITokenCache.d.ts.map +0 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts +0 -22
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts.map +0 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts +0 -36
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts.map +0 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts +0 -30
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts.map +0 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.d.ts +0 -7
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.d.ts.map +0 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/state/MfaFailedState.d.ts +0 -7
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/state/MfaFailedState.d.ts.map +0 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts +0 -59
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts.map +0 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/state/MfaStateParameters.d.ts +0 -19
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/state/MfaStateParameters.d.ts.map +0 -1
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/mfa/MfaClient.d.ts +0 -21
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +0 -1
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/mfa/parameter/MfaClientParameters.d.ts +0 -14
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/mfa/parameter/MfaClientParameters.d.ts.map +0 -1
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/mfa/result/MfaActionResult.d.ts +0 -23
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/mfa/result/MfaActionResult.d.ts.map +0 -1
- package/lib/custom-auth-path/types/request/AuthorizationUrlRequest.d.ts +0 -7
- package/lib/custom-auth-path/types/request/AuthorizationUrlRequest.d.ts.map +0 -1
- package/lib/types/cache/ITokenCache.d.ts +0 -12
- package/lib/types/cache/ITokenCache.d.ts.map +0 -1
- package/lib/types/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts +0 -22
- package/lib/types/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts.map +0 -1
- package/lib/types/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts +0 -36
- package/lib/types/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts.map +0 -1
- package/lib/types/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts +0 -30
- package/lib/types/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts.map +0 -1
- package/lib/types/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.d.ts +0 -7
- package/lib/types/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.d.ts.map +0 -1
- package/lib/types/custom_auth/core/auth_flow/mfa/state/MfaFailedState.d.ts +0 -7
- package/lib/types/custom_auth/core/auth_flow/mfa/state/MfaFailedState.d.ts.map +0 -1
- package/lib/types/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts +0 -59
- package/lib/types/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts.map +0 -1
- package/lib/types/custom_auth/core/auth_flow/mfa/state/MfaStateParameters.d.ts +0 -19
- package/lib/types/custom_auth/core/auth_flow/mfa/state/MfaStateParameters.d.ts.map +0 -1
- package/lib/types/custom_auth/core/interaction_client/mfa/MfaClient.d.ts +0 -21
- package/lib/types/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +0 -1
- package/lib/types/custom_auth/core/interaction_client/mfa/parameter/MfaClientParameters.d.ts +0 -14
- package/lib/types/custom_auth/core/interaction_client/mfa/parameter/MfaClientParameters.d.ts.map +0 -1
- package/lib/types/custom_auth/core/interaction_client/mfa/result/MfaActionResult.d.ts +0 -23
- package/lib/types/custom_auth/core/interaction_client/mfa/result/MfaActionResult.d.ts.map +0 -1
- package/lib/types/request/AuthorizationUrlRequest.d.ts +0 -7
- package/lib/types/request/AuthorizationUrlRequest.d.ts.map +0 -1
- package/src/cache/ITokenCache.ts +0 -21
- package/src/custom_auth/core/auth_flow/mfa/error_type/MfaError.ts +0 -32
- package/src/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.ts +0 -59
- package/src/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.ts +0 -52
- package/src/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.ts +0 -11
- package/src/custom_auth/core/auth_flow/mfa/state/MfaFailedState.ts +0 -11
- package/src/custom_auth/core/auth_flow/mfa/state/MfaState.ts +0 -188
- package/src/custom_auth/core/auth_flow/mfa/state/MfaStateParameters.ts +0 -28
- package/src/custom_auth/core/interaction_client/mfa/MfaClient.ts +0 -148
- package/src/custom_auth/core/interaction_client/mfa/parameter/MfaClientParameters.ts +0 -20
- package/src/custom_auth/core/interaction_client/mfa/result/MfaActionResult.ts +0 -48
- package/src/request/AuthorizationUrlRequest.ts +0 -15
package/lib/msal-browser.min.js
CHANGED
|
@@ -1,68 +1,75 @@
|
|
|
1
|
-
/*! @azure/msal-browser
|
|
1
|
+
/*! @azure/msal-browser v5.0.0-alpha.0 2025-10-02 */
|
|
2
2
|
"use strict";!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).msal={})}(this,(function(e){
|
|
3
|
-
/*! @azure/msal-common
|
|
4
|
-
|
|
5
|
-
/*! @azure/msal-common
|
|
6
|
-
/*! @azure/msal-common
|
|
7
|
-
/*! @azure/msal-common
|
|
8
|
-
/*! @azure/msal-common
|
|
9
|
-
/*! @azure/msal-common
|
|
10
|
-
/*! @azure/msal-common
|
|
11
|
-
|
|
12
|
-
/*! @azure/msal-common
|
|
13
|
-
/*! @azure/msal-common
|
|
14
|
-
/*! @azure/msal-common
|
|
15
|
-
/*! @azure/msal-common
|
|
16
|
-
/*! @azure/msal-common
|
|
17
|
-
/*! @azure/msal-common
|
|
18
|
-
/*! @azure/msal-common
|
|
19
|
-
/*! @azure/msal-common
|
|
20
|
-
/*! @azure/msal-common v15.13.0 2025-09-30 */class Cr{constructor(e,t,r,n,o){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(Ct,vt),this.staticAuthorityOptions=o,this.performanceClient=n}getAllAccounts(e,t){return this.buildTenantProfiles(this.getAccountsFilteredBy(e,t),t,e)}getAccountInfoFilteredBy(e,t){if(0===Object.keys(e).length||Object.values(e).every((e=>!e)))return this.commonLogger.warning("getAccountInfoFilteredBy: Account filter is empty or invalid, returning null"),null;const r=this.getAllAccounts(e,t);if(r.length>1){return r.sort((e=>e.idTokenClaims?-1:1))[0]}return 1===r.length?r[0]:null}getBaseAccountInfo(e,t){const r=this.getAccountsFilteredBy(e,t);return r.length>0?r[0].getAccountInfo():null}buildTenantProfiles(e,t,r){return e.flatMap((e=>this.getTenantProfilesFromAccountEntity(e,t,r?.tenantId,r)))}getTenantedAccountInfoByFilter(e,t,r,n,o){let i,s=null;if(o&&!this.tenantProfileMatchesFilter(r,o))return null;const a=this.getIdToken(e,n,t,r.tenantId);return a&&(i=er(a.secret,this.cryptoImpl.base64Decode),!this.idTokenClaimsMatchTenantProfileFilter(i,o))?null:(s=Zt(e,r,i,a?.secret),s)}getTenantProfilesFromAccountEntity(e,t,r,n){const o=e.getAccountInfo();let i=o.tenantProfiles||new Map;const s=this.getTokenKeys();if(r){const e=i.get(r);if(!e)return[];i=new Map([[r,e]])}const a=[];return i.forEach((e=>{const r=this.getTenantedAccountInfoByFilter(o,s,e,t,n);r&&a.push(r)})),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId))&&((!t.name||e.name===t.name)&&(void 0===t.isHomeTenant||e.isHomeTenant===t.isHomeTenant))}idTokenClaimsMatchTenantProfileFilter(e,t){if(t){if(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId))return!1;if(t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint))return!1;if(t.username&&!this.matchUsername(e.preferred_username,t.username))return!1;if(t.name&&!this.matchName(e,t.name))return!1;if(t.sid&&!this.matchSid(e,t.sid))return!1}return!0}async saveCacheRecord(e,t,r){if(!e)throw pt($e);try{e.account&&await this.setAccount(e.account,t),e.idToken&&!1!==r?.idToken&&await this.setIdTokenCredential(e.idToken,t),e.accessToken&&!1!==r?.accessToken&&await this.saveAccessToken(e.accessToken,t),e.refreshToken&&!1!==r?.refreshToken&&await this.setRefreshTokenCredential(e.refreshToken,t),e.appMetadata&&this.setAppMetadata(e.appMetadata,t)}catch(e){throw this.commonLogger?.error("CacheManager.saveCacheRecord: failed"),e instanceof Ce?e:yr(e)}}async saveAccessToken(e,t){const r={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType,requestedClaimsHash:e.requestedClaimsHash},n=this.getTokenKeys(),o=Jt.fromString(e.target);n.accessToken.forEach((e=>{if(!this.accessTokenKeyMatchesFilter(e,r,!1))return;const n=this.getAccessTokenCredential(e,t);if(n&&this.credentialMatchesFilter(n,r)){Jt.fromString(n.target).intersectingScopeSets(o)&&this.removeAccessToken(e,t)}})),await this.setAccessTokenCredential(e,t)}getAccountsFilteredBy(e,t){const r=this.getAccountKeys(),n=[];return r.forEach((r=>{const o=this.getAccount(r,t);if(!o)return;if(e.homeAccountId&&!this.matchHomeAccountId(o,e.homeAccountId))return;if(e.username&&!this.matchUsername(o.username,e.username))return;if(e.environment&&!this.matchEnvironment(o,e.environment))return;if(e.realm&&!this.matchRealm(o,e.realm))return;if(e.nativeAccountId&&!this.matchNativeAccountId(o,e.nativeAccountId))return;if(e.authorityType&&!this.matchAuthorityType(o,e.authorityType))return;const i={localAccountId:e?.localAccountId,name:e?.name},s=o.tenantProfiles?.filter((e=>this.tenantProfileMatchesFilter(e,i)));s&&0===s.length||n.push(o)})),n}credentialMatchesFilter(e,t){if(t.clientId&&!this.matchClientId(e,t.clientId))return!1;if(t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash))return!1;if("string"==typeof t.homeAccountId&&!this.matchHomeAccountId(e,t.homeAccountId))return!1;if(t.environment&&!this.matchEnvironment(e,t.environment))return!1;if(t.realm&&!this.matchRealm(e,t.realm))return!1;if(t.credentialType&&!this.matchCredentialType(e,t.credentialType))return!1;if(t.familyId&&!this.matchFamilyId(e,t.familyId))return!1;if(t.target&&!this.matchTarget(e,t.target))return!1;if((t.requestedClaimsHash||e.requestedClaimsHash)&&e.requestedClaimsHash!==t.requestedClaimsHash)return!1;if(e.credentialType===x.ACCESS_TOKEN_WITH_AUTH_SCHEME){if(t.tokenType&&!this.matchTokenType(e,t.tokenType))return!1;if(t.tokenType===W.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId))return!1}return!0}getAppMetadataFilteredBy(e){const t=this.getKeys(),r={};return t.forEach((t=>{if(!this.isAppMetadata(t))return;const n=this.getAppMetadata(t);n&&(e.environment&&!this.matchEnvironment(n,e.environment)||e.clientId&&!this.matchClientId(n,e.clientId)||(r[t]=n))})),r}getAuthorityMetadataByAlias(e){const t=this.getAuthorityMetadataKeys();let r=null;return t.forEach((t=>{if(!this.isAuthorityMetadata(t)||-1===t.indexOf(this.clientId))return;const n=this.getAuthorityMetadata(t);n&&-1!==n.aliases.indexOf(e)&&(r=n)})),r}removeAllAccounts(e){this.getAllAccounts({},e).forEach((t=>{this.removeAccount(t,e)}))}removeAccount(e,t){this.removeAccountContext(e,t);this.getAccountKeys().filter((t=>t.includes(e.homeAccountId)&&t.includes(e.environment))).forEach((e=>{this.removeItem(e,t),this.performanceClient.incrementFields({accountsRemoved:1},t)}))}removeAccountContext(e,t){const r=this.getTokenKeys(),n=t=>t.includes(e.homeAccountId)&&t.includes(e.environment);r.idToken.filter(n).forEach((e=>{this.removeIdToken(e,t)})),r.accessToken.filter(n).forEach((e=>{this.removeAccessToken(e,t)})),r.refreshToken.filter(n).forEach((e=>{this.removeRefreshToken(e,t)}))}removeAccessToken(e,t){const r=this.getAccessTokenCredential(e,t);if(this.removeItem(e,t),this.performanceClient.incrementFields({accessTokensRemoved:1},t),!r||r.credentialType.toLowerCase()!==x.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()||r.tokenType!==W.POP)return;const n=r.keyId;n&&this.cryptoImpl.removeTokenBindingKey(n).catch((()=>{this.commonLogger.error(`Failed to remove token binding key ${n}`,t),this.performanceClient?.incrementFields({removeTokenBindingKeyFailure:1},t)}))}removeAppMetadata(e){return this.getKeys().forEach((t=>{this.isAppMetadata(t)&&this.removeItem(t,e)})),!0}getIdToken(e,t,r,n,o){this.commonLogger.trace("CacheManager - getIdToken called");const i={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:x.ID_TOKEN,clientId:this.clientId,realm:n},s=this.getIdTokensByFilter(i,t,r),a=s.size;if(a<1)return this.commonLogger.info("CacheManager:getIdToken - No token found"),null;if(a>1){let r=s;if(!n){const t=new Map;s.forEach(((r,n)=>{r.realm===e.tenantId&&t.set(n,r)}));const n=t.size;if(n<1)return this.commonLogger.info("CacheManager:getIdToken - Multiple ID tokens found for account but none match account entity tenant id, returning first result"),s.values().next().value;if(1===n)return this.commonLogger.info("CacheManager:getIdToken - Multiple ID tokens found for account, defaulting to home tenant profile"),t.values().next().value;r=t}return this.commonLogger.info("CacheManager:getIdToken - Multiple matching ID tokens found, clearing them"),r.forEach(((e,r)=>{this.removeIdToken(r,t)})),o&&t&&o.addFields({multiMatchedID:s.size},t),null}return this.commonLogger.info("CacheManager:getIdToken - Returning ID token"),s.values().next().value}getIdTokensByFilter(e,t,r){const n=r&&r.idToken||this.getTokenKeys().idToken,o=new Map;return n.forEach((r=>{if(!this.idTokenKeyMatchesFilter(r,{clientId:this.clientId,...e}))return;const n=this.getIdTokenCredential(r,t);n&&this.credentialMatchesFilter(n,e)&&o.set(r,n)})),o}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.clientId||-1!==r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase()))}removeIdToken(e,t){this.removeItem(e,t)}removeRefreshToken(e,t){this.removeItem(e,t)}getAccessToken(e,t,r,n){const o=t.correlationId;this.commonLogger.trace("CacheManager - getAccessToken called",o);const i=Jt.createSearchScopes(t.scopes),s=t.authenticationScheme||W.BEARER,a=s&&s.toLowerCase()!==W.BEARER.toLowerCase()?x.ACCESS_TOKEN_WITH_AUTH_SCHEME:x.ACCESS_TOKEN,c={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:a,clientId:this.clientId,realm:n||e.tenantId,target:i,tokenType:s,keyId:t.sshKid,requestedClaimsHash:t.requestedClaimsHash},l=r&&r.accessToken||this.getTokenKeys().accessToken,h=[];l.forEach((e=>{if(this.accessTokenKeyMatchesFilter(e,c,!0)){const t=this.getAccessTokenCredential(e,o);t&&this.credentialMatchesFilter(t,c)&&h.push(t)}}));const d=h.length;return d<1?(this.commonLogger.info("CacheManager:getAccessToken - No token found",o),null):d>1?(this.commonLogger.info("CacheManager:getAccessToken - Multiple access tokens found, clearing them",o),h.forEach((e=>{this.removeAccessToken(this.generateCredentialKey(e),o)})),this.performanceClient.addFields({multiMatchedAT:h.length},o),null):(this.commonLogger.info("CacheManager:getAccessToken - Returning access token",o),h[0])}accessTokenKeyMatchesFilter(e,t,r){const n=e.toLowerCase();if(t.clientId&&-1===n.indexOf(t.clientId.toLowerCase()))return!1;if(t.homeAccountId&&-1===n.indexOf(t.homeAccountId.toLowerCase()))return!1;if(t.realm&&-1===n.indexOf(t.realm.toLowerCase()))return!1;if(t.requestedClaimsHash&&-1===n.indexOf(t.requestedClaimsHash.toLowerCase()))return!1;if(t.target){const e=t.target.asArray();for(let t=0;t<e.length;t++){if(r&&!n.includes(e[t].toLowerCase()))return!1;if(!r&&n.includes(e[t].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e,t){const r=this.getTokenKeys(),n=[];return r.accessToken.forEach((r=>{if(!this.accessTokenKeyMatchesFilter(r,e,!0))return;const o=this.getAccessTokenCredential(r,t);o&&this.credentialMatchesFilter(o,e)&&n.push(o)})),n}getRefreshToken(e,t,r,n,o){this.commonLogger.trace("CacheManager - getRefreshToken called");const i=t?B:void 0,s={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:x.REFRESH_TOKEN,clientId:this.clientId,familyId:i},a=n&&n.refreshToken||this.getTokenKeys().refreshToken,c=[];a.forEach((e=>{if(this.refreshTokenKeyMatchesFilter(e,s)){const t=this.getRefreshTokenCredential(e,r);t&&this.credentialMatchesFilter(t,s)&&c.push(t)}}));const l=c.length;return l<1?(this.commonLogger.info("CacheManager:getRefreshToken - No refresh token found."),null):(l>1&&o&&r&&o.addFields({multiMatchedRT:l},r),this.commonLogger.info("CacheManager:getRefreshToken - returning refresh token"),c[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.familyId||-1!==r.indexOf(t.familyId.toLowerCase()))&&(!(!t.familyId&&t.clientId&&-1===r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase())))}readAppMetadataFromCache(e){const t={environment:e,clientId:this.clientId},r=this.getAppMetadataFilteredBy(t),n=Object.keys(r).map((e=>r[e])),o=n.length;if(o<1)return null;if(o>1)throw pt(Le);return n[0]}isAppMetadataFOCI(e){const t=this.readAppMetadataFromCache(e);return!(!t||t.familyId!==B)}matchHomeAccountId(e,t){return!("string"!=typeof e.homeAccountId||t!==e.homeAccountId)}matchLocalAccountIdFromTokenClaims(e,t){return t===(e.oid||e.sub)}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){return!(t.toLowerCase()!==e.name?.toLowerCase())}matchUsername(e,t){return!(!e||"string"!=typeof e||t?.toLowerCase()!==e.toLowerCase())}matchUserAssertionHash(e,t){return!(!e.userAssertionHash||t!==e.userAssertionHash)}matchEnvironment(e,t){if(this.staticAuthorityOptions){const r=function(e,t){let r;const n=e.canonicalAuthority;if(n){const o=new ar(n).getUrlComponents().HostNameAndPort;r=dr(o,e.cloudDiscoveryMetadata?.metadata,K,t)||dr(o,lr.metadata,Q,t)||e.knownAuthorities}return r||[]}(this.staticAuthorityOptions,this.commonLogger);if(r.includes(t)&&r.includes(e.environment))return!0}const r=this.getAuthorityMetadataByAlias(t);return!!(r&&r.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!(!e.clientId||t!==e.clientId)}matchFamilyId(e,t){return!(!e.familyId||t!==e.familyId)}matchRealm(e,t){return!(e.realm?.toLowerCase()!==t.toLowerCase())}matchNativeAccountId(e,t){return!(!e.nativeAccountId||t!==e.nativeAccountId)}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t||(e.preferred_username===t||e.upn===t)}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!(!e.authorityType||t.toLowerCase()!==e.authorityType.toLowerCase())}matchTarget(e,t){if(e.credentialType!==x.ACCESS_TOKEN&&e.credentialType!==x.ACCESS_TOKEN_WITH_AUTH_SCHEME||!e.target)return!1;return Jt.fromString(e.target).containsScopeSet(t)}matchTokenType(e,t){return!(!e.tokenType||e.tokenType!==t)}matchKeyId(e,t){return!(!e.keyId||e.keyId!==t)}isAppMetadata(e){return-1!==e.indexOf(D)}isAuthorityMetadata(e){return-1!==e.indexOf(F)}generateAuthorityMetadataCacheKey(e){return`${F}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class vr extends Cr{async setAccount(){throw pt(ct)}getAccount(){throw pt(ct)}async setIdTokenCredential(){throw pt(ct)}getIdTokenCredential(){throw pt(ct)}async setAccessTokenCredential(){throw pt(ct)}getAccessTokenCredential(){throw pt(ct)}async setRefreshTokenCredential(){throw pt(ct)}getRefreshTokenCredential(){throw pt(ct)}setAppMetadata(){throw pt(ct)}getAppMetadata(){throw pt(ct)}setServerTelemetry(){throw pt(ct)}getServerTelemetry(){throw pt(ct)}setAuthorityMetadata(){throw pt(ct)}getAuthorityMetadata(){throw pt(ct)}getAuthorityMetadataKeys(){throw pt(ct)}setThrottlingCache(){throw pt(ct)}getThrottlingCache(){throw pt(ct)}removeItem(){throw pt(ct)}getKeys(){throw pt(ct)}getAccountKeys(){throw pt(ct)}getTokenKeys(){throw pt(ct)}generateCredentialKey(){throw pt(ct)}generateAccountKey(){throw pt(ct)}}
|
|
21
|
-
/*! @azure/msal-common v15.13.0 2025-09-30 */const wr={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"},Ir={AcquireTokenByCode:"acquireTokenByCode",AcquireTokenByRefreshToken:"acquireTokenByRefreshToken",AcquireTokenSilent:"acquireTokenSilent",AcquireTokenSilentAsync:"acquireTokenSilentAsync",AcquireTokenPopup:"acquireTokenPopup",AcquireTokenPreRedirect:"acquireTokenPreRedirect",AcquireTokenRedirect:"acquireTokenRedirect",CryptoOptsGetPublicKeyThumbprint:"cryptoOptsGetPublicKeyThumbprint",CryptoOptsSignJwt:"cryptoOptsSignJwt",SilentCacheClientAcquireToken:"silentCacheClientAcquireToken",SilentIframeClientAcquireToken:"silentIframeClientAcquireToken",AwaitConcurrentIframe:"awaitConcurrentIframe",SilentRefreshClientAcquireToken:"silentRefreshClientAcquireToken",SsoSilent:"ssoSilent",StandardInteractionClientGetDiscoveredAuthority:"standardInteractionClientGetDiscoveredAuthority",FetchAccountIdWithNativeBroker:"fetchAccountIdWithNativeBroker",NativeInteractionClientAcquireToken:"nativeInteractionClientAcquireToken",BaseClientCreateTokenRequestHeaders:"baseClientCreateTokenRequestHeaders",NetworkClientSendPostRequestAsync:"networkClientSendPostRequestAsync",RefreshTokenClientExecutePostToTokenEndpoint:"refreshTokenClientExecutePostToTokenEndpoint",AuthorizationCodeClientExecutePostToTokenEndpoint:"authorizationCodeClientExecutePostToTokenEndpoint",BrokerHandhshake:"brokerHandshake",AcquireTokenByRefreshTokenInBroker:"acquireTokenByRefreshTokenInBroker",AcquireTokenByBroker:"acquireTokenByBroker",RefreshTokenClientExecuteTokenRequest:"refreshTokenClientExecuteTokenRequest",RefreshTokenClientAcquireToken:"refreshTokenClientAcquireToken",RefreshTokenClientAcquireTokenWithCachedRefreshToken:"refreshTokenClientAcquireTokenWithCachedRefreshToken",RefreshTokenClientAcquireTokenByRefreshToken:"refreshTokenClientAcquireTokenByRefreshToken",RefreshTokenClientCreateTokenRequestBody:"refreshTokenClientCreateTokenRequestBody",AcquireTokenFromCache:"acquireTokenFromCache",SilentFlowClientAcquireCachedToken:"silentFlowClientAcquireCachedToken",SilentFlowClientGenerateResultFromCacheRecord:"silentFlowClientGenerateResultFromCacheRecord",AcquireTokenBySilentIframe:"acquireTokenBySilentIframe",InitializeBaseRequest:"initializeBaseRequest",InitializeSilentRequest:"initializeSilentRequest",InitializeClientApplication:"initializeClientApplication",InitializeCache:"initializeCache",SilentIframeClientTokenHelper:"silentIframeClientTokenHelper",SilentHandlerInitiateAuthRequest:"silentHandlerInitiateAuthRequest",SilentHandlerMonitorIframeForHash:"silentHandlerMonitorIframeForHash",SilentHandlerLoadFrame:"silentHandlerLoadFrame",SilentHandlerLoadFrameSync:"silentHandlerLoadFrameSync",StandardInteractionClientCreateAuthCodeClient:"standardInteractionClientCreateAuthCodeClient",StandardInteractionClientGetClientConfiguration:"standardInteractionClientGetClientConfiguration",StandardInteractionClientInitializeAuthorizationRequest:"standardInteractionClientInitializeAuthorizationRequest",GetAuthCodeUrl:"getAuthCodeUrl",GetStandardParams:"getStandardParams",HandleCodeResponseFromServer:"handleCodeResponseFromServer",HandleCodeResponse:"handleCodeResponse",HandleResponseEar:"handleResponseEar",HandleResponsePlatformBroker:"handleResponsePlatformBroker",HandleResponseCode:"handleResponseCode",UpdateTokenEndpointAuthority:"updateTokenEndpointAuthority",AuthClientAcquireToken:"authClientAcquireToken",AuthClientExecuteTokenRequest:"authClientExecuteTokenRequest",AuthClientCreateTokenRequestBody:"authClientCreateTokenRequestBody",PopTokenGenerateCnf:"popTokenGenerateCnf",PopTokenGenerateKid:"popTokenGenerateKid",HandleServerTokenResponse:"handleServerTokenResponse",DeserializeResponse:"deserializeResponse",AuthorityFactoryCreateDiscoveredInstance:"authorityFactoryCreateDiscoveredInstance",AuthorityResolveEndpointsAsync:"authorityResolveEndpointsAsync",AuthorityResolveEndpointsFromLocalSources:"authorityResolveEndpointsFromLocalSources",AuthorityGetCloudDiscoveryMetadataFromNetwork:"authorityGetCloudDiscoveryMetadataFromNetwork",AuthorityUpdateCloudDiscoveryMetadata:"authorityUpdateCloudDiscoveryMetadata",AuthorityGetEndpointMetadataFromNetwork:"authorityGetEndpointMetadataFromNetwork",AuthorityUpdateEndpointMetadata:"authorityUpdateEndpointMetadata",AuthorityUpdateMetadataWithRegionalInformation:"authorityUpdateMetadataWithRegionalInformation",RegionDiscoveryDetectRegion:"regionDiscoveryDetectRegion",RegionDiscoveryGetRegionFromIMDS:"regionDiscoveryGetRegionFromIMDS",RegionDiscoveryGetCurrentVersion:"regionDiscoveryGetCurrentVersion",AcquireTokenByCodeAsync:"acquireTokenByCodeAsync",GetEndpointMetadataFromNetwork:"getEndpointMetadataFromNetwork",GetCloudDiscoveryMetadataFromNetworkMeasurement:"getCloudDiscoveryMetadataFromNetworkMeasurement",HandleRedirectPromiseMeasurement:"handleRedirectPromise",HandleNativeRedirectPromiseMeasurement:"handleNativeRedirectPromise",UpdateCloudDiscoveryMetadataMeasurement:"updateCloudDiscoveryMetadataMeasurement",UsernamePasswordClientAcquireToken:"usernamePasswordClientAcquireToken",NativeMessageHandlerHandshake:"nativeMessageHandlerHandshake",NativeGenerateAuthResult:"nativeGenerateAuthResult",RemoveHiddenIframe:"removeHiddenIframe",ClearTokensAndKeysWithClaims:"clearTokensAndKeysWithClaims",CacheManagerGetRefreshToken:"cacheManagerGetRefreshToken",ImportExistingCache:"importExistingCache",SetUserData:"setUserData",LocalStorageUpdated:"localStorageUpdated",GeneratePkceCodes:"generatePkceCodes",GenerateCodeVerifier:"generateCodeVerifier",GenerateCodeChallengeFromVerifier:"generateCodeChallengeFromVerifier",Sha256Digest:"sha256Digest",GetRandomValues:"getRandomValues",GenerateHKDF:"generateHKDF",GenerateBaseKey:"generateBaseKey",Base64Decode:"base64Decode",UrlEncodeArr:"urlEncodeArr",Encrypt:"encrypt",Decrypt:"decrypt",GenerateEarKey:"generateEarKey",DecryptEarResponse:"decryptEarResponse"},Tr=new Map([[Ir.AcquireTokenByCode,"ATByCode"],[Ir.AcquireTokenByRefreshToken,"ATByRT"],[Ir.AcquireTokenSilent,"ATS"],[Ir.AcquireTokenSilentAsync,"ATSAsync"],[Ir.AcquireTokenPopup,"ATPopup"],[Ir.AcquireTokenRedirect,"ATRedirect"],[Ir.CryptoOptsGetPublicKeyThumbprint,"CryptoGetPKThumb"],[Ir.CryptoOptsSignJwt,"CryptoSignJwt"],[Ir.SilentCacheClientAcquireToken,"SltCacheClientAT"],[Ir.SilentIframeClientAcquireToken,"SltIframeClientAT"],[Ir.SilentRefreshClientAcquireToken,"SltRClientAT"],[Ir.SsoSilent,"SsoSlt"],[Ir.StandardInteractionClientGetDiscoveredAuthority,"StdIntClientGetDiscAuth"],[Ir.FetchAccountIdWithNativeBroker,"FetchAccIdWithNtvBroker"],[Ir.NativeInteractionClientAcquireToken,"NtvIntClientAT"],[Ir.BaseClientCreateTokenRequestHeaders,"BaseClientCreateTReqHead"],[Ir.NetworkClientSendPostRequestAsync,"NetClientSendPost"],[Ir.RefreshTokenClientExecutePostToTokenEndpoint,"RTClientExecPost"],[Ir.AuthorizationCodeClientExecutePostToTokenEndpoint,"AuthCodeClientExecPost"],[Ir.BrokerHandhshake,"BrokerHandshake"],[Ir.AcquireTokenByRefreshTokenInBroker,"ATByRTInBroker"],[Ir.AcquireTokenByBroker,"ATByBroker"],[Ir.RefreshTokenClientExecuteTokenRequest,"RTClientExecTReq"],[Ir.RefreshTokenClientAcquireToken,"RTClientAT"],[Ir.RefreshTokenClientAcquireTokenWithCachedRefreshToken,"RTClientATWithCachedRT"],[Ir.RefreshTokenClientAcquireTokenByRefreshToken,"RTClientATByRT"],[Ir.RefreshTokenClientCreateTokenRequestBody,"RTClientCreateTReqBody"],[Ir.AcquireTokenFromCache,"ATFromCache"],[Ir.SilentFlowClientAcquireCachedToken,"SltFlowClientATCached"],[Ir.SilentFlowClientGenerateResultFromCacheRecord,"SltFlowClientGenResFromCache"],[Ir.AcquireTokenBySilentIframe,"ATBySltIframe"],[Ir.InitializeBaseRequest,"InitBaseReq"],[Ir.InitializeSilentRequest,"InitSltReq"],[Ir.InitializeClientApplication,"InitClientApplication"],[Ir.InitializeCache,"InitCache"],[Ir.ImportExistingCache,"importCache"],[Ir.SetUserData,"setUserData"],[Ir.LocalStorageUpdated,"localStorageUpdated"],[Ir.SilentIframeClientTokenHelper,"SIClientTHelper"],[Ir.SilentHandlerInitiateAuthRequest,"SHandlerInitAuthReq"],[Ir.SilentHandlerMonitorIframeForHash,"SltHandlerMonitorIframeForHash"],[Ir.SilentHandlerLoadFrame,"SHandlerLoadFrame"],[Ir.SilentHandlerLoadFrameSync,"SHandlerLoadFrameSync"],[Ir.StandardInteractionClientCreateAuthCodeClient,"StdIntClientCreateAuthCodeClient"],[Ir.StandardInteractionClientGetClientConfiguration,"StdIntClientGetClientConf"],[Ir.StandardInteractionClientInitializeAuthorizationRequest,"StdIntClientInitAuthReq"],[Ir.GetAuthCodeUrl,"GetAuthCodeUrl"],[Ir.HandleCodeResponseFromServer,"HandleCodeResFromServer"],[Ir.HandleCodeResponse,"HandleCodeResp"],[Ir.HandleResponseEar,"HandleRespEar"],[Ir.HandleResponseCode,"HandleRespCode"],[Ir.HandleResponsePlatformBroker,"HandleRespPlatBroker"],[Ir.UpdateTokenEndpointAuthority,"UpdTEndpointAuth"],[Ir.AuthClientAcquireToken,"AuthClientAT"],[Ir.AuthClientExecuteTokenRequest,"AuthClientExecTReq"],[Ir.AuthClientCreateTokenRequestBody,"AuthClientCreateTReqBody"],[Ir.PopTokenGenerateCnf,"PopTGenCnf"],[Ir.PopTokenGenerateKid,"PopTGenKid"],[Ir.HandleServerTokenResponse,"HandleServerTRes"],[Ir.DeserializeResponse,"DeserializeRes"],[Ir.AuthorityFactoryCreateDiscoveredInstance,"AuthFactCreateDiscInst"],[Ir.AuthorityResolveEndpointsAsync,"AuthResolveEndpointsAsync"],[Ir.AuthorityResolveEndpointsFromLocalSources,"AuthResolveEndpointsFromLocal"],[Ir.AuthorityGetCloudDiscoveryMetadataFromNetwork,"AuthGetCDMetaFromNet"],[Ir.AuthorityUpdateCloudDiscoveryMetadata,"AuthUpdCDMeta"],[Ir.AuthorityGetEndpointMetadataFromNetwork,"AuthUpdCDMetaFromNet"],[Ir.AuthorityUpdateEndpointMetadata,"AuthUpdEndpointMeta"],[Ir.AuthorityUpdateMetadataWithRegionalInformation,"AuthUpdMetaWithRegInfo"],[Ir.RegionDiscoveryDetectRegion,"RegDiscDetectReg"],[Ir.RegionDiscoveryGetRegionFromIMDS,"RegDiscGetRegFromIMDS"],[Ir.RegionDiscoveryGetCurrentVersion,"RegDiscGetCurrentVer"],[Ir.AcquireTokenByCodeAsync,"ATByCodeAsync"],[Ir.GetEndpointMetadataFromNetwork,"GetEndpointMetaFromNet"],[Ir.GetCloudDiscoveryMetadataFromNetworkMeasurement,"GetCDMetaFromNet"],[Ir.HandleRedirectPromiseMeasurement,"HandleRedirectPromise"],[Ir.HandleNativeRedirectPromiseMeasurement,"HandleNtvRedirectPromise"],[Ir.UpdateCloudDiscoveryMetadataMeasurement,"UpdateCDMeta"],[Ir.UsernamePasswordClientAcquireToken,"UserPassClientAT"],[Ir.NativeMessageHandlerHandshake,"NtvMsgHandlerHandshake"],[Ir.NativeGenerateAuthResult,"NtvGenAuthRes"],[Ir.RemoveHiddenIframe,"RemoveHiddenIframe"],[Ir.ClearTokensAndKeysWithClaims,"ClearTAndKeysWithClaims"],[Ir.CacheManagerGetRefreshToken,"CacheManagerGetRT"],[Ir.GeneratePkceCodes,"GenPkceCodes"],[Ir.GenerateCodeVerifier,"GenCodeVerifier"],[Ir.GenerateCodeChallengeFromVerifier,"GenCodeChallengeFromVerifier"],[Ir.Sha256Digest,"Sha256Digest"],[Ir.GetRandomValues,"GetRandomValues"],[Ir.GenerateHKDF,"genHKDF"],[Ir.GenerateBaseKey,"genBaseKey"],[Ir.Base64Decode,"b64Decode"],[Ir.UrlEncodeArr,"urlEncArr"],[Ir.Encrypt,"encrypt"],[Ir.Decrypt,"decrypt"],[Ir.GenerateEarKey,"genEarKey"],[Ir.DecryptEarResponse,"decryptEarResp"]]),Ar=1,kr=2,Sr=new Set(["accessTokenSize","durationMs","idTokenSize","matsSilentStatus","matsHttpStatus","refreshTokenSize","queuedTimeMs","startTimeMs","status","multiMatchedAT","multiMatchedID","multiMatchedRT","unencryptedCacheCount","encryptedCacheExpiredCount","oldAccountCount","oldAccessCount","oldIdCount","oldRefreshCount","currAccountCount","currAccessCount","currIdCount","currRefreshCount","expiredCacheRemovedCount","upgradedCacheCount"]);
|
|
22
|
-
/*! @azure/msal-common
|
|
23
|
-
/*! @azure/msal-common
|
|
24
|
-
|
|
25
|
-
/*! @azure/msal-common
|
|
26
|
-
/*! @azure/msal-common
|
|
27
|
-
/*! @azure/msal-common v15.13.0 2025-09-30 */function Dr(e,t){if(!e)throw pt(Ie);try{const r=t(e);return JSON.parse(r)}catch(e){throw pt(we)}}function Br(e){if(!e)throw pt(we);const r=e.split(H,2);return{uid:r[0],utid:r.length<2?t.EMPTY_STRING:r[1]}}
|
|
28
|
-
/*! @azure/msal-common
|
|
29
|
-
/*! @azure/msal-common
|
|
30
|
-
|
|
31
|
-
/*! @azure/msal-common
|
|
32
|
-
const
|
|
33
|
-
/*! @azure/msal-common
|
|
34
|
-
/*! @azure/msal-common
|
|
35
|
-
|
|
36
|
-
/*! @azure/msal-common
|
|
37
|
-
|
|
38
|
-
/*! @azure/msal-common
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
/*! @azure/msal-common
|
|
42
|
-
|
|
43
|
-
/*! @azure/msal-common
|
|
44
|
-
|
|
45
|
-
/*! @azure/msal-common
|
|
46
|
-
/*! @azure/msal-common
|
|
47
|
-
/*! @azure/msal-common
|
|
48
|
-
/*! @azure/msal-common
|
|
49
|
-
/*! @azure/msal-common
|
|
50
|
-
/*! @azure/msal-common
|
|
51
|
-
/*! @azure/msal-common
|
|
52
|
-
/*! @azure/msal-common
|
|
53
|
-
/*! @azure/msal-common
|
|
54
|
-
/*! @azure/msal-common
|
|
55
|
-
/*! @azure/msal-common
|
|
56
|
-
/*! @azure/msal-common
|
|
57
|
-
/*! @azure/msal-common
|
|
58
|
-
/*! @azure/msal-common
|
|
59
|
-
/*! @azure/msal-common
|
|
60
|
-
/*! @azure/msal-common
|
|
61
|
-
/*! @azure/msal-common
|
|
62
|
-
/*! @azure/msal-common
|
|
63
|
-
/*! @azure/msal-common
|
|
64
|
-
/*! @azure/msal-common
|
|
65
|
-
/*! @azure/msal-common
|
|
66
|
-
/*! @azure/msal-common
|
|
67
|
-
/*! @azure/msal-common v15.13.0 2025-09-30 */function $o(e,t,r,n=5){if(e instanceof Error)return e instanceof Ce?(r.errorCode=e.errorCode,r.subErrorCode=e.subError,void((e instanceof Xn||e instanceof wo)&&(r.serverErrorNo=e.errorNo))):void(e instanceof fr?r.errorCode=e.errorCode:r.errorStack?.length?t.trace("PerformanceClient.addErrorStack: Stack already exist",r.correlationId):e.stack?.length?(e.stack&&(r.errorStack=function(e,t){if(t<0)return[];const r=e.split("\n")||[],n=[],o=r[0];o.startsWith("TypeError: Cannot read property")||o.startsWith("TypeError: Cannot read properties of")||o.startsWith("TypeError: Cannot set property")||o.startsWith("TypeError: Cannot set properties of")||o.endsWith("is not a function")?n.push(Qo(o)):(o.startsWith("SyntaxError")||o.startsWith("TypeError"))&&n.push(Qo(o.replace(/['].*[']|["].*["]/g,"<redacted>")));for(let e=1;e<r.length&&!(n.length>=t);e++){const t=r[e];n.push(Qo(t))}return n}(e.stack,n)),r.errorName=e.name):t.trace("PerformanceClient.addErrorStack: Input stack is empty",r.correlationId));t.trace("PerformanceClient.addErrorStack: Input error is not instance of Error",r.correlationId)}function Qo(e){const t=e.lastIndexOf(" ")+1;if(t<1)return e;const r=e.substring(t);let n=r.lastIndexOf("/");return n=n<0?r.lastIndexOf("\\"):n,n>=0?(e.substring(0,t)+"("+r.substring(n+1)+(")"===r.charAt(r.length-1)?"":")")).trimStart():e.trimStart()}class jo{constructor(e,t,r,n,o,i,s,a){this.authority=t,this.libraryName=n,this.libraryVersion=o,this.applicationTelemetry=i,this.clientId=e,this.logger=r,this.callbacks=new Map,this.eventsByCorrelationId=new Map,this.eventStack=new Map,this.queueMeasurements=new Map,this.preQueueTimeByCorrelationId=new Map,this.intFields=s||new Set;for(const e of Sr)this.intFields.add(e);this.abbreviations=a||new Map;for(const[e,t]of Tr)this.abbreviations.set(e,t)}startPerformanceMeasurement(e,t){return{}}getPreQueueTime(e,t){const r=this.preQueueTimeByCorrelationId.get(t);if(r){if(r.name===e)return r.time;this.logger.trace(`PerformanceClient.getPreQueueTime: no pre-queue time found for ${e}, unable to add queue measurement`)}else this.logger.trace(`PerformanceClient.getPreQueueTime: no pre-queue times found for correlationId: ${t}, unable to add queue measurement`)}calculateQueuedTime(e,t){return e<1?(this.logger.trace(`PerformanceClient: preQueueTime should be a positive integer and not ${e}`),0):t<1?(this.logger.trace(`PerformanceClient: currentTime should be a positive integer and not ${t}`),0):t<e?(this.logger.trace("PerformanceClient: currentTime is less than preQueueTime, check how time is being retrieved"),0):t-e}addQueueMeasurement(e,t,r,n){if(!t)return void this.logger.trace(`PerformanceClient.addQueueMeasurement: correlationId not provided for ${e}, cannot add queue measurement`);if(0===r)this.logger.trace(`PerformanceClient.addQueueMeasurement: queue time provided for ${e} is ${r}`);else if(!r)return void this.logger.trace(`PerformanceClient.addQueueMeasurement: no queue time provided for ${e}`);const o={eventName:e,queueTime:n?0:r,manuallyCompleted:n},i=this.queueMeasurements.get(t);if(i)i.push(o),this.queueMeasurements.set(t,i);else{this.logger.trace(`PerformanceClient.addQueueMeasurement: adding correlationId ${t} to queue measurements`);const e=[o];this.queueMeasurements.set(t,e)}this.preQueueTimeByCorrelationId.delete(t)}startMeasurement(e,t){const r=t||this.generateId();t||this.logger.info(`PerformanceClient: No correlation id provided for ${e}, generating`,r),this.logger.trace(`PerformanceClient: Performance measurement started for ${e}`,r);const n={eventId:this.generateId(),status:Ar,authority:this.authority,libraryName:this.libraryName,libraryVersion:this.libraryVersion,clientId:this.clientId,name:e,startTimeMs:Date.now(),correlationId:r,appName:this.applicationTelemetry?.appName,appVersion:this.applicationTelemetry?.appVersion};var o,i,s;return this.cacheEventByCorrelationId(n),o=n,i=this.abbreviations,(s=this.eventStack.get(r))&&s.push({name:i.get(o.name)||o.name}),{end:(e,t,r)=>this.endMeasurement({...n,...e},t,r),discard:()=>this.discardMeasurements(n.correlationId),add:e=>this.addFields(e,n.correlationId),increment:e=>this.incrementFields(e,n.correlationId),event:n,measurement:new br}}endMeasurement(e,t,r){const n=this.eventsByCorrelationId.get(e.correlationId);if(!n)return this.logger.trace(`PerformanceClient: Measurement not found for ${e.eventId}`,e.correlationId),null;const o=e.eventId===n.eventId;let i={totalQueueTime:0,totalQueueCount:0,manuallyCompletedCount:0};e.durationMs=Math.round(e.durationMs||this.getDurationMs(e.startTimeMs));const s=JSON.stringify(function(e,t,r,n){if(!r?.length)return;const o=e=>e.length?e[e.length-1]:void 0,i=t.get(e.name)||e.name,s=o(r);if(s?.name!==i)return;const a=r?.pop();if(!a)return;const c=n instanceof Ce?n.errorCode:n instanceof Error?n.name:void 0,l=n instanceof Ce?n.subError:void 0;c&&a.childErr!==c&&(a.err=c,l&&(a.subErr=l)),delete a.name,delete a.childErr;const h={...a,dur:e.durationMs};e.success||(h.fail=1);const d=o(r);if(!d)return{[i]:h};let u;if(c&&(d.childErr=c),d[i]){const e=Object.keys(d).filter((e=>e.startsWith(i))).length;u=`${i}_${e+1}`}else u=i;return d[u]=h,d}(e,this.abbreviations,this.eventStack.get(n.correlationId),t));if(o?(i=this.getQueueInfo(e.correlationId),this.discardMeasurements(n.correlationId)):n.incompleteSubMeasurements?.delete(e.eventId),this.logger.trace(`PerformanceClient: Performance measurement ended for ${e.name}: ${e.durationMs} ms`,e.correlationId),t&&$o(t,this.logger,n),!o)return n[e.name+"DurationMs"]=Math.floor(e.durationMs),{...n};o&&!t&&(n.errorCode||n.subErrorCode)&&(this.logger.trace(`PerformanceClient: Remove error and sub-error codes for root event ${e.name} as intermediate error was successfully handled`,e.correlationId),n.errorCode=void 0,n.subErrorCode=void 0);let a={...n,...e},c=0;return a.incompleteSubMeasurements?.forEach((t=>{this.logger.trace(`PerformanceClient: Incomplete submeasurement ${t.name} found for ${e.name}`,a.correlationId),c++})),a.incompleteSubMeasurements=void 0,a={...a,queuedTimeMs:i.totalQueueTime,queuedCount:i.totalQueueCount,queuedManuallyCompletedCount:i.manuallyCompletedCount,status:kr,incompleteSubsCount:c,context:s},r&&(a.accountType=function(e){const t=e?.idTokenClaims;return t?.tfp||t?.acr?"B2C":t?.tid?"9188040d-6c67-4c5b-b112-36a304b66dad"===t?.tid?"MSA":"AAD":void 0}(r),a.dataBoundary=r.dataBoundary),this.truncateIntegralFields(a),this.emitEvents([a],e.correlationId),a}addFields(e,t){this.logger.trace("PerformanceClient: Updating static fields");const r=this.eventsByCorrelationId.get(t);r?this.eventsByCorrelationId.set(t,{...r,...e}):this.logger.trace("PerformanceClient: Event not found for",t)}incrementFields(e,t){this.logger.trace("PerformanceClient: Updating counters");const r=this.eventsByCorrelationId.get(t);if(r)for(const t in e){if(r.hasOwnProperty(t)){if(isNaN(Number(r[t])))return}else r[t]=0;r[t]+=e[t]}else this.logger.trace("PerformanceClient: Event not found for",t)}cacheEventByCorrelationId(e){const t=this.eventsByCorrelationId.get(e.correlationId);t?(this.logger.trace(`PerformanceClient: Performance measurement for ${e.name} added/updated`,e.correlationId),t.incompleteSubMeasurements=t.incompleteSubMeasurements||new Map,t.incompleteSubMeasurements.set(e.eventId,{name:e.name,startTimeMs:e.startTimeMs})):(this.logger.trace(`PerformanceClient: Performance measurement for ${e.name} started`,e.correlationId),this.eventsByCorrelationId.set(e.correlationId,{...e}),this.eventStack.set(e.correlationId,[]))}getQueueInfo(e){const t=this.queueMeasurements.get(e);t||this.logger.trace(`PerformanceClient: no queue measurements found for for correlationId: ${e}`);let r=0,n=0,o=0;return t?.forEach((e=>{r+=e.queueTime,n++,o+=e.manuallyCompleted?1:0})),{totalQueueTime:r,totalQueueCount:n,manuallyCompletedCount:o}}discardMeasurements(e){this.logger.trace("PerformanceClient: Performance measurements discarded",e),this.eventsByCorrelationId.delete(e),this.logger.trace("PerformanceClient: QueueMeasurements discarded",e),this.queueMeasurements.delete(e),this.logger.trace("PerformanceClient: Pre-queue times discarded",e),this.preQueueTimeByCorrelationId.delete(e),this.logger.trace("PerformanceClient: Event stack discarded",e),this.eventStack.delete(e)}addPerformanceCallback(e){for(const[t,r]of this.callbacks)if(r.toString()===e.toString())return this.logger.warning(`PerformanceClient: Performance callback is already registered with id: ${t}`),t;const t=this.generateId();return this.callbacks.set(t,e),this.logger.verbose(`PerformanceClient: Performance callback registered with id: ${t}`),t}removePerformanceCallback(e){const t=this.callbacks.delete(e);return t?this.logger.verbose(`PerformanceClient: Performance callback ${e} removed.`):this.logger.verbose(`PerformanceClient: Performance callback ${e} not removed.`),t}emitEvents(e,t){this.logger.verbose("PerformanceClient: Emitting performance events",t),this.callbacks.forEach(((r,n)=>{this.logger.trace(`PerformanceClient: Emitting event to callback ${n}`,t),r.apply(null,[e])}))}truncateIntegralFields(e){this.intFields.forEach((t=>{t in e&&"number"==typeof e[t]&&(e[t]=Math.floor(e[t]))}))}getDurationMs(e){const t=Date.now()-e;return t<0?t:0}}const Wo="pkce_not_created",Vo="ear_jwk_empty",Jo="ear_jwe_empty",Yo="crypto_nonexistent",Xo="empty_navigate_uri",Zo="hash_empty_error",ei="no_state_in_hash",ti="hash_does_not_contain_known_properties",ri="unable_to_parse_state",ni="state_interaction_type_mismatch",oi="interaction_in_progress",ii="popup_window_error",si="empty_window_error",ai="user_cancelled",ci="monitor_popup_timeout",li="monitor_window_timeout",hi="redirect_in_iframe",di="block_iframe_reload",ui="block_nested_popups",gi="iframe_closed_prematurely",pi="silent_logout_unsupported",mi="no_account_error",fi="silent_prompt_value_error",yi="no_token_request_cache_error",Ci="unable_to_parse_token_request_cache_error",vi="auth_request_not_set_error",wi="invalid_cache_type",Ii="non_browser_environment",Ti="database_not_open",Ai="no_network_connectivity",ki="post_request_failed",Si="get_request_failed",bi="failed_to_parse_response",Ei="unable_to_load_token",Ri="crypto_key_not_found",_i="auth_code_required",Pi="auth_code_or_nativeAccountId_required",Mi="spa_code_and_nativeAccountId_present",Oi="database_unavailable",qi="unable_to_acquire_token_from_native_platform",Ni="native_handshake_timeout",Ui="native_extension_not_installed",Li="native_connection_not_established",Hi="uninitialized_public_client_application",xi="native_prompt_not_supported",Di="invalid_base64_string",Bi="invalid_pop_token_request",Fi="failed_to_build_headers",zi="failed_to_parse_headers",Ki="failed_to_decrypt_ear_response",Gi="timed_out";var $i=Object.freeze({__proto__:null,authCodeOrNativeAccountIdRequired:Pi,authCodeRequired:_i,authRequestNotSetError:vi,blockIframeReload:di,blockNestedPopups:ui,cryptoKeyNotFound:Ri,cryptoNonExistent:Yo,databaseNotOpen:Ti,databaseUnavailable:Oi,earJweEmpty:Jo,earJwkEmpty:Vo,emptyNavigateUri:Xo,emptyWindowError:si,failedToBuildHeaders:Fi,failedToDecryptEarResponse:Ki,failedToParseHeaders:zi,failedToParseResponse:bi,getRequestFailed:Si,hashDoesNotContainKnownProperties:ti,hashEmptyError:Zo,iframeClosedPrematurely:gi,interactionInProgress:oi,invalidBase64String:Di,invalidCacheType:wi,invalidPopTokenRequest:Bi,monitorPopupTimeout:ci,monitorWindowTimeout:li,nativeConnectionNotEstablished:Li,nativeExtensionNotInstalled:Ui,nativeHandshakeTimeout:Ni,nativePromptNotSupported:xi,noAccountError:mi,noNetworkConnectivity:Ai,noStateInHash:ei,noTokenRequestCacheError:yi,nonBrowserEnvironment:Ii,pkceNotCreated:Wo,popupWindowError:ii,postRequestFailed:ki,redirectInIframe:hi,silentLogoutUnsupported:pi,silentPromptValueError:fi,spaCodeAndNativeAccountIdPresent:Mi,stateInteractionTypeMismatch:ni,timedOut:Gi,unableToAcquireTokenFromNativePlatform:qi,unableToLoadToken:Ei,unableToParseState:ri,unableToParseTokenRequestCacheError:Ci,uninitializedPublicClientApplication:Hi,userCancelled:ai});const Qi="For more visit: aka.ms/msaljs/browser-errors",ji={[Wo]:"The PKCE code challenge and verifier could not be generated.",[Vo]:"No EAR encryption key provided. This is unexpected.",[Jo]:"Server response does not contain ear_jwe property. This is unexpected.",[Yo]:"The crypto object or function is not available.",[Xo]:"Navigation URI is empty. Please check stack trace for more info.",[Zo]:`Hash value cannot be processed because it is empty. Please verify that your redirectUri is not clearing the hash. ${Qi}`,[ei]:"Hash does not contain state. Please verify that the request originated from msal.",[ti]:`Hash does not contain known properites. Please verify that your redirectUri is not changing the hash. ${Qi}`,[ri]:"Unable to parse state. Please verify that the request originated from msal.",[ni]:"Hash contains state but the interaction type does not match the caller.",[oi]:`Interaction is currently in progress. Please ensure that this interaction has been completed before calling an interactive API. ${Qi}`,[ii]:"Error opening popup window. This can happen if you are using IE or if popups are blocked in the browser.",[si]:"window.open returned null or undefined window object.",[ai]:"User cancelled the flow.",[ci]:`Token acquisition in popup failed due to timeout. ${Qi}`,[li]:`Token acquisition in iframe failed due to timeout. ${Qi}`,[hi]:"Redirects are not supported for iframed or brokered applications. Please ensure you are using MSAL.js in a top frame of the window if using the redirect APIs, or use the popup APIs.",[di]:`Request was blocked inside an iframe because MSAL detected an authentication response. ${Qi}`,[ui]:"Request was blocked inside a popup because MSAL detected it was running in a popup.",[gi]:"The iframe being monitored was closed prematurely.",[pi]:"Silent logout not supported. Please call logoutRedirect or logoutPopup instead.",[mi]:"No account object provided to acquireTokenSilent and no active account has been set. Please call setActiveAccount or provide an account on the request.",[fi]:"The value given for the prompt value is not valid for silent requests - must be set to 'none' or 'no_session'.",[yi]:"No token request found in cache.",[Ci]:"The cached token request could not be parsed.",[vi]:"Auth Request not set. Please ensure initiateAuthRequest was called from the InteractionHandler",[wi]:"Invalid cache type",[Ii]:"Login and token requests are not supported in non-browser environments.",[Ti]:"Database is not open!",[Ai]:"No network connectivity. Check your internet connection.",[ki]:"Network request failed: If the browser threw a CORS error, check that the redirectUri is registered in the Azure App Portal as type 'SPA'",[Si]:"Network request failed. Please check the network trace to determine root cause.",[bi]:"Failed to parse network response. Check network trace.",[Ei]:"Error loading token to cache.",[Ri]:"Cryptographic Key or Keypair not found in browser storage.",[_i]:"An authorization code must be provided (as the `code` property on the request) to this flow.",[Pi]:"An authorization code or nativeAccountId must be provided to this flow.",[Mi]:"Request cannot contain both spa code and native account id.",[Oi]:"IndexedDB, which is required for persistent cryptographic key storage, is unavailable. This may be caused by browser privacy features which block persistent storage in third-party contexts.",[qi]:`Unable to acquire token from native platform. ${Qi}`,[Ni]:"Timed out while attempting to establish connection to browser extension",[Ui]:"Native extension is not installed. If you think this is a mistake call the initialize function.",[Li]:`Connection to native platform has not been established. Please install a compatible browser extension and run initialize(). ${Qi}`,[Hi]:`You must call and await the initialize function before attempting to call any other MSAL API. ${Qi}`,[xi]:"The provided prompt is not supported by the native platform. This request should be routed to the web based flow.",[Di]:"Invalid base64 encoded string.",[Bi]:"Invalid PoP token request. The request should not have both a popKid value and signPopToken set to true.",[Fi]:"Failed to build request headers object.",[zi]:"Failed to parse response headers",[Ki]:"Failed to decrypt ear response",[Gi]:"The request timed out."},Wi={pkceNotGenerated:{code:Wo,desc:ji[Wo]},cryptoDoesNotExist:{code:Yo,desc:ji[Yo]},emptyNavigateUriError:{code:Xo,desc:ji[Xo]},hashEmptyError:{code:Zo,desc:ji[Zo]},hashDoesNotContainStateError:{code:ei,desc:ji[ei]},hashDoesNotContainKnownPropertiesError:{code:ti,desc:ji[ti]},unableToParseStateError:{code:ri,desc:ji[ri]},stateInteractionTypeMismatchError:{code:ni,desc:ji[ni]},interactionInProgress:{code:oi,desc:ji[oi]},popupWindowError:{code:ii,desc:ji[ii]},emptyWindowError:{code:si,desc:ji[si]},userCancelledError:{code:ai,desc:ji[ai]},monitorPopupTimeoutError:{code:ci,desc:ji[ci]},monitorIframeTimeoutError:{code:li,desc:ji[li]},redirectInIframeError:{code:hi,desc:ji[hi]},blockTokenRequestsInHiddenIframeError:{code:di,desc:ji[di]},blockAcquireTokenInPopupsError:{code:ui,desc:ji[ui]},iframeClosedPrematurelyError:{code:gi,desc:ji[gi]},silentLogoutUnsupportedError:{code:pi,desc:ji[pi]},noAccountError:{code:mi,desc:ji[mi]},silentPromptValueError:{code:fi,desc:ji[fi]},noTokenRequestCacheError:{code:yi,desc:ji[yi]},unableToParseTokenRequestCacheError:{code:Ci,desc:ji[Ci]},authRequestNotSet:{code:vi,desc:ji[vi]},invalidCacheType:{code:wi,desc:ji[wi]},notInBrowserEnvironment:{code:Ii,desc:ji[Ii]},databaseNotOpen:{code:Ti,desc:ji[Ti]},noNetworkConnectivity:{code:Ai,desc:ji[Ai]},postRequestFailed:{code:ki,desc:ji[ki]},getRequestFailed:{code:Si,desc:ji[Si]},failedToParseNetworkResponse:{code:bi,desc:ji[bi]},unableToLoadTokenError:{code:Ei,desc:ji[Ei]},signingKeyNotFoundInStorage:{code:Ri,desc:ji[Ri]},authCodeRequired:{code:_i,desc:ji[_i]},authCodeOrNativeAccountRequired:{code:Pi,desc:ji[Pi]},spaCodeAndNativeAccountPresent:{code:Mi,desc:ji[Mi]},databaseUnavailable:{code:Oi,desc:ji[Oi]},unableToAcquireTokenFromNativePlatform:{code:qi,desc:ji[qi]},nativeHandshakeTimeout:{code:Ni,desc:ji[Ni]},nativeExtensionNotInstalled:{code:Ui,desc:ji[Ui]},nativeConnectionNotEstablished:{code:Li,desc:ji[Li]},uninitializedPublicClientApplication:{code:Hi,desc:ji[Hi]},nativePromptNotSupported:{code:xi,desc:ji[xi]},invalidBase64StringError:{code:Di,desc:ji[Di]},invalidPopTokenRequest:{code:Bi,desc:ji[Bi]}};class Vi extends Ce{constructor(e,t){super(e,ji[e],t),Object.setPrototypeOf(this,Vi.prototype),this.name="BrowserAuthError"}}function Ji(e,t){return new Vi(e,t)}const Yi="invalid_grant",Xi=483,Zi=600,es="msal",ts=30,rs="msal.js.browser",ns="53ee284d-920a-4b59-9d30-a60315b26836",os="ppnbnpeolgkicgegkbkbjmhlideopiji",is="MATS",ss="MicrosoftEntra",as="DOM API",cs="get-token-and-sign-out",ls="PlatformAuthDOMHandler",hs="PlatformAuthExtensionHandler",ds="Handshake",us="HandshakeResponse",gs="GetToken",ps="Response",ms={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},fs="GET",ys="POST",Cs="signin",vs="signout",ws="request.origin",Is="urlHash",Ts="request.params",As="code.verifier",ks="interaction.status",Ss="request.native",bs="wrapper.sku",Es="wrapper.version",Rs={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962};var _s;e.InteractionType=void 0,(_s=e.InteractionType||(e.InteractionType={})).Redirect="redirect",_s.Popup="popup",_s.Silent="silent",_s.None="none";const Ps={Startup:"startup",Login:"login",Logout:"logout",AcquireToken:"acquireToken",SsoSilent:"ssoSilent",HandleRedirect:"handleRedirect",None:"none"},Ms={scopes:h},Os="msal.db",qs=`${Os}.keys`,Ns={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},Us=[Ns.Default,Ns.Skip,Ns.RefreshTokenAndNetwork];function Ls(e){return encodeURIComponent(xs(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function Hs(e){return Ds(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function xs(e){return Ds((new TextEncoder).encode(e))}function Ds(e){const t=Array.from(e,(e=>String.fromCodePoint(e))).join("");return btoa(t)}function Bs(e){return(new TextDecoder).decode(Fs(e))}function Fs(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw Ji(Di)}const r=atob(t);return Uint8Array.from(r,(e=>e.codePointAt(0)||0))}const zs="AES-GCM",Ks="HKDF",Gs="SHA-256",$s=new Uint8Array([1,0,1]),Qs="0123456789abcdef",js=new Uint32Array(1),Ws="raw",Vs="encrypt",Js="decrypt",Ys={name:"RSASSA-PKCS1-v1_5",hash:Gs,modulusLength:2048,publicExponent:$s};async function Xs(e,t,r){t?.addQueueMeasurement(Ir.Sha256Digest,r);const n=(new TextEncoder).encode(e);return window.crypto.subtle.digest(Gs,n)}function Zs(e){return window.crypto.getRandomValues(e)}function ea(){return window.crypto.getRandomValues(js),js[0]}function ta(){const e=Date.now(),t=1024*ea()+(1023&ea()),r=new Uint8Array(16),n=Math.trunc(t/2**30),o=t&2**30-1,i=ea();r[0]=e/2**40,r[1]=e/2**32,r[2]=e/2**24,r[3]=e/65536,r[4]=e/256,r[5]=e,r[6]=112|n>>>8,r[7]=n,r[8]=128|o>>>24,r[9]=o>>>16,r[10]=o>>>8,r[11]=o,r[12]=i>>>24,r[13]=i>>>16,r[14]=i>>>8,r[15]=i;let s="";for(let e=0;e<r.length;e++)s+=Qs.charAt(r[e]>>>4),s+=Qs.charAt(15&r[e]),3!==e&&5!==e&&7!==e&&9!==e||(s+="-");return s}async function ra(e){return window.crypto.subtle.exportKey("jwk",e)}async function na(){const e=await ia(),t={alg:"dir",kty:"oct",k:Hs(new Uint8Array(e))};return xs(JSON.stringify(t))}async function oa(e,t){const r=t.split(".");if(5!==r.length)throw Ji(Ki,"jwe_length");const n=await async function(e){const t=Bs(e),r=Fs(JSON.parse(t).k);return window.crypto.subtle.importKey(Ws,r,zs,!1,[Js])}(e).catch((()=>{throw Ji(Ki,"import_key")}));try{const e=(new TextEncoder).encode(r[0]),t=Fs(r[2]),o=Fs(r[3]),i=Fs(r[4]),s=8*i.byteLength,a=new Uint8Array(o.length+i.length);a.set(o),a.set(i,o.length);const c=await window.crypto.subtle.decrypt({name:zs,iv:t,tagLength:s,additionalData:e},n,a);return(new TextDecoder).decode(c)}catch(e){throw Ji(Ki,"decrypt")}}async function ia(){const e=await window.crypto.subtle.generateKey({name:zs,length:256},!0,[Vs,Js]);return window.crypto.subtle.exportKey(Ws,e)}async function sa(e){return window.crypto.subtle.importKey(Ws,e,Ks,!1,["deriveKey"])}async function aa(e,t,r){return window.crypto.subtle.deriveKey({name:Ks,salt:t,hash:Gs,info:(new TextEncoder).encode(r)},e,{name:zs,length:256},!1,[Vs,Js])}async function ca(e,t,r){const n=(new TextEncoder).encode(t),o=window.crypto.getRandomValues(new Uint8Array(16)),i=await aa(e,o,r),s=await window.crypto.subtle.encrypt({name:zs,iv:new Uint8Array(12)},i,n);return{data:Hs(new Uint8Array(s)),nonce:Hs(o)}}async function la(e,t,r,n){const o=Fs(n),i=await aa(e,Fs(t),r),s=await window.crypto.subtle.decrypt({name:zs,iv:new Uint8Array(12)},i,o);return(new TextDecoder).decode(s)}async function ha(e){const t=await Xs(e);return Hs(new Uint8Array(t))}const da="storage_not_supported",ua="stubbed_public_client_application_called",ga="in_mem_redirect_unavailable";var pa=Object.freeze({__proto__:null,inMemRedirectUnavailable:ga,storageNotSupported:da,stubbedPublicClientApplicationCalled:ua});const ma={[da]:"Given storage configuration option was not supported.",[ua]:"Stub instance of Public Client Application was called. If using msal-react, please ensure context is not used without a provider. For more visit: aka.ms/msaljs/browser-errors",[ga]:"Redirect cannot be supported. In-memory storage was selected and storeAuthStateInCookie=false, which would cause the library to be unable to handle the incoming hash. If you would like to use the redirect API, please use session/localStorage or set storeAuthStateInCookie=true."},fa={storageNotSupportedError:{code:da,desc:ma[da]},stubPcaInstanceCalled:{code:ua,desc:ma[ua]},inMemRedirectUnavailable:{code:ga,desc:ma[ga]}};class ya extends Ce{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,ya.prototype)}}function Ca(e){return new ya(e,ma[e])}function va(e){e.location.hash="","function"==typeof e.history.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}${e.location.search}`)}function wa(e){const t=e.split("#");t.shift(),window.location.hash=t.length>0?t.join("#"):""}function Ia(){return window.parent!==window}function Ta(){return"undefined"!=typeof window&&!!window.opener&&window.opener!==window&&"string"==typeof window.name&&0===window.name.indexOf(`${es}.`)}function Aa(){return"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function ka(){const e=new ar(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function Sa(){if(ar.hashContainsKnownProperties(window.location.hash)&&Ia())throw Ji(di)}function ba(e){if(Ia()&&!e)throw Ji(hi)}function Ea(){if(Ta())throw Ji(ui)}function Ra(){if("undefined"==typeof window)throw Ji(Ii)}function _a(e){if(!e)throw Ji(Hi)}function Pa(e){Ra(),Sa(),Ea(),_a(e)}function Ma(e,t){if(Pa(e),ba(t.system.allowRedirectInIframe),t.cache.cacheLocation===ms.MemoryStorage&&!t.cache.storeAuthStateInCookie)throw Ca(ga)}function Oa(e){const t=document.createElement("link");t.rel="preconnect",t.href=new URL(e).origin,t.crossOrigin="anonymous",document.head.appendChild(t),window.setTimeout((()=>{try{document.head.removeChild(t)}catch{}}),1e4)}function qa(){return ta()}const Na=vn;var Ua=Object.freeze({__proto__:null,addClientCapabilitiesToClaims:Na,blockAPICallsBeforeInitialize:_a,blockAcquireTokenInPopups:Ea,blockNonBrowserEnvironment:Ra,blockRedirectInIframe:ba,blockReloadInHiddenIframes:Sa,clearHash:va,createGuid:qa,getCurrentUri:Aa,getHomepage:ka,invoke:_n,invokeAsync:Pn,isInIframe:Ia,isInPopup:Ta,preconnect:Oa,preflightCheck:Pa,redirectPreflightCheck:Ma,replaceHash:wa});class La{navigateInternal(e,t){return La.defaultNavigateWindow(e,t)}navigateExternal(e,t){return La.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(((e,r)=>{setTimeout((()=>{r(Ji(Gi,"failed_to_redirect"))}),t.timeout)}))}}class Ha{async sendGetRequestAsync(e,t){let r,n={},o=0;const i=xa(t);try{r=await fetch(e,{method:fs,headers:i})}catch(e){throw ro(Ji(window.navigator.onLine?Si:Ai),void 0,void 0,e)}n=Da(r.headers);try{return o=r.status,{headers:n,body:await r.json(),status:o}}catch(e){throw ro(Ji(bi),o,n,e)}}async sendPostRequestAsync(e,t){const r=t&&t.body||"",n=xa(t);let o,i=0,s={};try{o=await fetch(e,{method:ys,headers:n,body:r})}catch(e){throw ro(Ji(window.navigator.onLine?ki:Ai),void 0,void 0,e)}s=Da(o.headers);try{return i=o.status,{headers:s,body:await o.json(),status:i}}catch(e){throw ro(Ji(bi),i,s,e)}}}function xa(e){try{const t=new Headers;if(!e||!e.headers)return t;const r=e.headers;return Object.entries(r).forEach((([e,r])=>{t.append(e,r)})),t}catch(e){throw ro(Ji(Fi),void 0,void 0,e)}}function Da(e){try{const t={};return e.forEach(((e,r)=>{t[r]=e})),t}catch(e){throw Ji(zi)}}const Ba=1e4;const Fa="@azure/msal-browser",za="4.24.1",Ka="msal",Ga="browser",$a=`${Ka}.${Ga}.log.level`,Qa=`${Ka}.${Ga}.log.pii`,ja=`${Ka}.${Ga}.performance.enabled`,Wa=`${Ka}.${Ga}.platform.auth.dom`,Va=`${Ka}.version`,Ja="account.keys",Ya="token.keys";function Xa(e=1){return e<1?`${Ka}.${Ja}`:`${Ka}.${e}.${Ja}`}function Za(e,t=1){return t<1?`${Ka}.${Ya}.${e}`:`${Ka}.${t}.${Ya}.${e}`}class ec{static loggerCallback(t,r){switch(t){case e.LogLevel.Error:return void console.error(r);case e.LogLevel.Info:return void console.info(r);case e.LogLevel.Verbose:return void console.debug(r);case e.LogLevel.Warning:return void console.warn(r);default:return void console.log(r)}}constructor(r){let n;this.browserEnvironment="undefined"!=typeof window,this.config=function({auth:r,cache:n,system:o,telemetry:i},s){const a={clientId:t.EMPTY_STRING,authority:`${t.DEFAULT_AUTHORITY}`,knownAuthorities:[],cloudDiscoveryMetadata:t.EMPTY_STRING,authorityMetadata:t.EMPTY_STRING,redirectUri:"undefined"!=typeof window?Aa():"",postLogoutRedirectUri:t.EMPTY_STRING,navigateToLoginRequestUrl:!0,clientCapabilities:[],protocolMode:wr.AAD,OIDCOptions:{serverResponseType:_.FRAGMENT,defaultScopes:[t.OPENID_SCOPE,t.PROFILE_SCOPE,t.OFFLINE_ACCESS_SCOPE]},azureCloudOptions:{azureCloudInstance:wt.None,tenant:t.EMPTY_STRING},skipAuthorityMetadataCache:!1,supportsNestedAppAuth:!1,instanceAware:!1,encodeExtraQueryParams:!1},c={cacheLocation:ms.SessionStorage,cacheRetentionDays:5,temporaryCacheLocation:ms.SessionStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!(!n||n.cacheLocation!==ms.LocalStorage),claimsBasedCachingEnabled:!1},l={loggerCallback:()=>{},logLevel:e.LogLevel.Info,piiLoggingEnabled:!1},h={...{...Rr,loggerOptions:l,networkClient:s?new Ha:qo,navigationClient:new La,loadFrameTimeout:0,windowHashTimeout:o?.loadFrameTimeout||6e4,iframeHashTimeout:o?.loadFrameTimeout||Ba,navigateFrameWait:0,redirectNavigationTimeout:3e4,asyncPopups:!1,allowRedirectInIframe:!1,allowPlatformBroker:!1,nativeBrokerHandshakeTimeout:o?.nativeBrokerHandshakeTimeout||2e3,pollIntervalMilliseconds:ts},...o,loggerOptions:o?.loggerOptions||l},d={application:{appName:t.EMPTY_STRING,appVersion:t.EMPTY_STRING},client:new Er};r?.protocolMode!==wr.OIDC&&r?.OIDCOptions&&new yt(h.loggerOptions).warning(JSON.stringify(Wt(Dt)));if(r?.protocolMode&&r.protocolMode===wr.OIDC&&h?.allowPlatformBroker)throw Wt(Bt);return{auth:{...a,...r,OIDCOptions:{...a.OIDCOptions,...r?.OIDCOptions}},cache:{...c,...n},system:h,telemetry:{...d,...i}}}(r,this.browserEnvironment);try{n=window[ms.SessionStorage]}catch(e){}const o=n?.getItem($a),i=n?.getItem(Qa)?.toLowerCase(),s="true"===i||"false"!==i&&void 0,a={...this.config.system.loggerOptions},c=o&&Object.keys(e.LogLevel).includes(o)?e.LogLevel[o]:void 0;c&&(a.loggerCallback=ec.loggerCallback,a.logLevel=c),void 0!==s&&(a.piiLoggingEnabled=s),this.logger=new yt(a,Fa,za),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}const tc="USER_INTERACTION_REQUIRED",rc="USER_CANCEL",nc="NO_NETWORK",oc="TRANSIENT_ERROR",ic="PERSISTENT_ERROR",sc="DISABLED",ac="ACCOUNT_UNAVAILABLE",cc="NESTED_APP_AUTH_UNAVAILABLE";class lc{static async initializeNestedAppAuthBridge(){if(void 0===window)throw new Error("window is undefined");if(void 0===window.nestedAppAuthBridge)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",(e=>{const t="string"==typeof e?e:e.data,r=JSON.parse(t),n=lc.bridgeRequests.find((e=>e.requestId===r.requestId));void 0!==n&&(lc.bridgeRequests.splice(lc.bridgeRequests.indexOf(n),1),r.success?n.resolve(r):n.reject(r.error))}));const e=await new Promise(((e,t)=>{const r=lc.buildRequest("GetInitContext"),n={requestId:r.requestId,method:r.method,resolve:e,reject:t};lc.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}));return lc.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:lc.validateBridgeResultOrThrow(r.token),account:lc.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:ta(),sendTime:Date.now(),clientLibrary:rs,clientLibraryVersion:za,...t}}sendRequest(e,t){const r=lc.buildRequest(e,t);return new Promise(((e,t)=>{const n={requestId:r.requestId,method:r.method,resolve:e,reject:t};lc.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}))}static validateBridgeResultOrThrow(e){if(void 0===e){throw{status:cc}}return e}constructor(e,t,r,n){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=n}static async create(){const e=await lc.initializeNestedAppAuthBridge();return new lc(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}lc.bridgeRequests=[];class hc extends ec{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return hc.MODULE_NAME}getId(){return hc.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(){try{if("undefined"!=typeof window){"function"==typeof window.__initializeNestedAppAuth&&await window.__initializeNestedAppAuth();const e=await lc.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=void 0!==e}}catch(e){this.logger.infoPii(`Could not initialize Nested App Auth bridge (${e})`)}return this.logger.info(`Nested App Auth Bridge available: ${this.available}`),this.available}}hc.MODULE_NAME="",hc.ID="NestedAppOperatingContext";class dc extends ec{getModuleName(){return dc.MODULE_NAME}getId(){return dc.ID}async initialize(){return this.available="undefined"!=typeof window,this.available}}dc.MODULE_NAME="",dc.ID="StandardOperatingContext";class uc{constructor(){this.dbName=Os,this.version=1,this.tableName=qs,this.dbOpen=!1}async open(){return new Promise(((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",(e=>{e.target.result.createObjectStore(this.tableName)})),r.addEventListener("success",(t=>{const r=t;this.db=r.target.result,this.dbOpen=!0,e()})),r.addEventListener("error",(()=>t(Ji(Oi))))}))}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ji(Ti));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async setItem(e,t){return await this.validateDbIsOpen(),new Promise(((r,n)=>{if(!this.db)return n(Ji(Ti));const o=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);o.addEventListener("success",(()=>{this.closeConnection(),r()})),o.addEventListener("error",(e=>{this.closeConnection(),n(e)}))}))}async removeItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ji(Ti));const n=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);n.addEventListener("success",(()=>{this.closeConnection(),t()})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async getKeys(){return await this.validateDbIsOpen(),new Promise(((e,t)=>{if(!this.db)return t(Ji(Ti));const r=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();r.addEventListener("success",(t=>{const r=t;this.closeConnection(),e(r.target.result)})),r.addEventListener("error",(e=>{this.closeConnection(),t(e)}))}))}async containsKey(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ji(Ti));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(1===r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise(((e,t)=>{const r=window.indexedDB.deleteDatabase(Os),n=setTimeout((()=>t(!1)),200);r.addEventListener("success",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("blocked",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("error",(()=>(clearTimeout(n),t(!1))))}))}}class gc{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)||null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach(((t,r)=>{e.push(r)})),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}decryptData(){return Promise.resolve(null)}}class pc{constructor(e){this.inMemoryCache=new gc,this.indexedDBCache=new uc,this.logger=e}handleDatabaseAccessError(e){if(!(e instanceof Vi&&e.errorCode===Oi))throw e;this.logger.error("Could not access persistent storage. This may be caused by browser privacy features which block persistent storage in third-party contexts.")}async getItem(e){const t=this.inMemoryCache.getItem(e);if(!t)try{return this.logger.verbose("Queried item not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.getItem(e)}catch(e){this.handleDatabaseAccessError(e)}return t}async setItem(e,t){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(e){this.handleDatabaseAccessError(e)}}async removeItem(e){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(e){this.handleDatabaseAccessError(e)}}async getKeys(){const e=this.inMemoryCache.getKeys();if(0===e.length)try{return this.logger.verbose("In-memory cache is empty, now querying persistent storage."),await this.indexedDBCache.getKeys()}catch(e){this.handleDatabaseAccessError(e)}return e}async containsKey(e){const t=this.inMemoryCache.containsKey(e);if(!t)try{return this.logger.verbose("Key not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.containsKey(e)}catch(e){this.handleDatabaseAccessError(e)}return t}clearInMemory(){this.logger.verbose("Deleting in-memory keystore"),this.inMemoryCache.clear(),this.logger.verbose("In-memory keystore deleted")}async clearPersistent(){try{this.logger.verbose("Deleting persistent keystore");const e=await this.indexedDBCache.deleteDatabase();return e&&this.logger.verbose("Persistent keystore deleted"),e}catch(e){return this.handleDatabaseAccessError(e),!1}}}class mc{constructor(e,t,r){this.logger=e,function(e){if(!window)throw Ji(Ii);if(!window.crypto)throw Ji(Yo);if(!e&&!window.crypto.subtle)throw Ji(Yo,"crypto_subtle_undefined")}(r??!1),this.cache=new pc(this.logger),this.performanceClient=t}createNewGuid(){return ta()}base64Encode(e){return xs(e)}base64Decode(e){return Bs(e)}base64UrlEncode(e){return Ls(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){const t=this.performanceClient?.startMeasurement(Ir.CryptoOptsGetPublicKeyThumbprint,e.correlationId),r=await async function(e,t){return window.crypto.subtle.generateKey(Ys,e,t)}(mc.EXTRACTABLE,mc.POP_KEY_USAGES),n=await ra(r.publicKey),o=fc({e:n.e,kty:n.kty,n:n.n}),i=await this.hashString(o),s=await ra(r.privateKey),a=await async function(e,t,r){return window.crypto.subtle.importKey("jwk",e,Ys,t,r)}(s,!1,["sign"]);return await this.cache.setItem(i,{privateKey:a,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri}),t&&t.end({success:!0}),i}async removeTokenBindingKey(e){await this.cache.removeItem(e);if(await this.cache.containsKey(e))throw pt(rt)}async clearKeystore(){this.cache.clearInMemory();try{return await this.cache.clearPersistent(),!0}catch(e){return e instanceof Error?this.logger.error(`Clearing keystore failed with error: ${e.message}`):this.logger.error("Clearing keystore failed with unknown error"),!1}}async signJwt(e,t,r,n){const o=this.performanceClient?.startMeasurement(Ir.CryptoOptsSignJwt,n),i=await this.cache.getItem(t);if(!i)throw Ji(Ri);const s=await ra(i.publicKey),a=fc(s),c=Ls(JSON.stringify({kid:t})),l=Ls(Go.getShrHeaderString({...r?.header,alg:s.alg,kid:c}));e.cnf={jwk:JSON.parse(a)};const h=`${l}.${Ls(JSON.stringify(e))}`,d=(new TextEncoder).encode(h),u=await async function(e,t){return window.crypto.subtle.sign(Ys,e,t)}(i.privateKey,d),g=`${h}.${Hs(new Uint8Array(u))}`;return o&&o.end({success:!0}),g}async hashString(e){return ha(e)}}function fc(e){return JSON.stringify(e,Object.keys(e).sort())}mc.POP_KEY_USAGES=["sign","verify"],mc.EXTRACTABLE=!0;const yc=864e5,Cc="Lax",vc="None";class wc{initialize(){return Promise.resolve()}getItem(e){const t=`${encodeURIComponent(e)}`,r=document.cookie.split(";");for(let e=0;e<r.length;e++){const n=r[e],[o,...i]=decodeURIComponent(n).trim().split("="),s=i.join("=");if(o===t)return s}return""}getUserData(){throw pt(ct)}setItem(e,t,r,n=!0,o=Cc){let i=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${o};`;if(r){const e=function(e){const t=new Date,r=new Date(t.getTime()+e*yc);return r.toUTCString()}(r);i+=`expires=${e};`}(n||o===vc)&&(i+="Secure;"),document.cookie=i}async setUserData(){return Promise.reject(pt(ct))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach((e=>{const r=decodeURIComponent(e).trim().split("=");t.push(r[0])})),t}containsKey(e){return this.getKeys().includes(e)}decryptData(){return Promise.resolve(null)}}function Ic(e,t){const r=e.getItem(Xa(t));return r?JSON.parse(r):[]}function Tc(e,t,r){const n=t.getItem(Za(e,r));if(n){const e=JSON.parse(n);if(e&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("accessToken")&&e.hasOwnProperty("refreshToken"))return e}return{idToken:[],accessToken:[],refreshToken:[]}}function Ac(e){return e.hasOwnProperty("id")&&e.hasOwnProperty("nonce")&&e.hasOwnProperty("data")}const kc="msal.cache.encryption";class Sc{constructor(e,t,r){if(!window.localStorage)throw Ca(da);this.memoryStorage=new gc,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel("msal.broadcast.cache")}async initialize(e){const t=new wc,r=t.getItem(kc);let n={key:"",id:""};if(r)try{n=JSON.parse(r)}catch(e){}if(n.key&&n.id){const t=_n(Fs,Ir.Base64Decode,this.logger,this.performanceClient,e)(n.key);this.encryptionCookie={id:n.id,key:await Pn(sa,Ir.GenerateHKDF,this.logger,this.performanceClient,e)(t)}}else{const r=ta(),n=await Pn(ia,Ir.GenerateBaseKey,this.logger,this.performanceClient,e)(),o=_n(Hs,Ir.UrlEncodeArr,this.logger,this.performanceClient,e)(new Uint8Array(n));this.encryptionCookie={id:r,key:await Pn(sa,Ir.GenerateHKDF,this.logger,this.performanceClient,e)(n)};const i={id:r,key:o};t.setItem(kc,JSON.stringify(i),0,!0,vc)}await Pn(this.importExistingCache.bind(this),Ir.ImportExistingCache,this.logger,this.performanceClient,e)(e),this.broadcast.addEventListener("message",this.updateCache.bind(this)),this.initialized=!0}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw Ji(Hi);return this.memoryStorage.getItem(e)}async decryptData(e,t,r){if(!this.initialized||!this.encryptionCookie)throw Ji(Hi);if(t.id!==this.encryptionCookie.id)return this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},r),null;const n=await Pn(la,Ir.Decrypt,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t.nonce,this.getContext(e),t.data);if(!n)return null;try{return JSON.parse(n)}catch(e){return this.performanceClient.incrementFields({encryptedCacheCorruptionCount:1},r),null}}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r,n){if(!this.initialized||!this.encryptionCookie)throw Ji(Hi);const{data:o,nonce:i}=await Pn(ca,Ir.Encrypt,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:o,lastUpdatedAt:n};this.memoryStorage.setItem(e,t),this.setItem(e,JSON.stringify(s)),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear();Ic(this).forEach((e=>this.removeItem(e)));const e=Tc(this.clientId,this);e.idToken.forEach((e=>this.removeItem(e))),e.accessToken.forEach((e=>this.removeItem(e))),e.refreshToken.forEach((e=>this.removeItem(e))),this.getKeys().forEach((e=>{(e.startsWith(Ka)||-1!==e.indexOf(this.clientId))&&this.removeItem(e)}))}async importExistingCache(e){if(!this.encryptionCookie)return;let t=Ic(this);t=await this.importArray(t,e),t.length?this.setItem(Xa(),JSON.stringify(t)):this.removeItem(Xa());const r=Tc(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),r.idToken.length||r.accessToken.length||r.refreshToken.length?this.setItem(Za(this.clientId),JSON.stringify(r)):this.removeItem(Za(this.clientId))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let n;try{n=JSON.parse(r)}catch(e){return null}return Ac(n)?n.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):Pn(la,Ir.Decrypt,this.logger,this.performanceClient,t)(this.encryptionCookie.key,n.nonce,this.getContext(e),n.data):(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),n)}async importArray(e,t){const r=[],n=[];return e.forEach((e=>{const o=this.getItemFromEncryptedCache(e,t).then((t=>{t?(this.memoryStorage.setItem(e,t),r.push(e)):this.removeItem(e)}));n.push(o)})),await Promise.all(n),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e){this.logger.trace("Updating internal cache from broadcast event");const t=this.performanceClient.startMeasurement(Ir.LocalStorageUpdated);t.add({isBackground:!0});const{key:r,value:n,context:o}=e.data;return r?o&&o!==this.clientId?(this.logger.trace(`Ignoring broadcast event from clientId: ${o}`),void t.end({success:!1,errorCode:"contextMismatch"})):(n?(this.memoryStorage.setItem(r,n),this.logger.verbose("Updated item in internal cache")):(this.memoryStorage.removeItem(r),this.logger.verbose("Removed item from internal cache")),void t.end({success:!0})):(this.logger.error("Broadcast event missing key"),void t.end({success:!1,errorCode:"noKey"}))}}class bc{constructor(){if(!window.sessionStorage)throw Ca(da)}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}decryptData(){return Promise.resolve(null)}}const Ec={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACCOUNT_ADDED:"msal:accountAdded",ACCOUNT_REMOVED:"msal:accountRemoved",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_START:"msal:loginStart",LOGIN_SUCCESS:"msal:loginSuccess",LOGIN_FAILURE:"msal:loginFailure",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",SSO_SILENT_START:"msal:ssoSilentStart",SSO_SILENT_SUCCESS:"msal:ssoSilentSuccess",SSO_SILENT_FAILURE:"msal:ssoSilentFailure",ACQUIRE_TOKEN_BY_CODE_START:"msal:acquireTokenByCodeStart",ACQUIRE_TOKEN_BY_CODE_SUCCESS:"msal:acquireTokenByCodeSuccess",ACQUIRE_TOKEN_BY_CODE_FAILURE:"msal:acquireTokenByCodeFailure",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache",BROKER_CONNECTION_ESTABLISHED:"msal:brokerConnectionEstablished"};function Rc(e,t){const r=e.indexOf(t);r>-1&&e.splice(r,1)}class _c extends Cr{constructor(e,t,r,n,o,i,s){super(e,r,n,o,s),this.cacheConfig=t,this.logger=n,this.internalStorage=new gc,this.browserStorage=Pc(e,t.cacheLocation,n,o),this.temporaryCacheStorage=Pc(e,t.temporaryCacheLocation,n,o),this.cookieStorage=new wc,this.eventHandler=i}async initialize(e){this.performanceClient.addFields({cacheLocation:this.cacheConfig.cacheLocation,cacheRetentionDays:this.cacheConfig.cacheRetentionDays},e),await this.browserStorage.initialize(e),await this.migrateExistingCache(e),this.trackVersionChanges(e)}async migrateExistingCache(e){const t=Ic(this.browserStorage,0),r=Tc(this.clientId,this.browserStorage,0);this.performanceClient.addFields({oldAccountCount:t.length,oldAccessCount:r.accessToken.length,oldIdCount:r.idToken.length,oldRefreshCount:r.refreshToken.length},e);const n=Ic(this.browserStorage,1),o=Tc(this.clientId,this.browserStorage,1);this.performanceClient.addFields({currAccountCount:n.length,currAccessCount:o.accessToken.length,currIdCount:o.idToken.length,currRefreshCount:o.refreshToken.length},e),await Promise.all([this.updateV0ToCurrent(1,t,n,e),this.updateV0ToCurrent(1,r.idToken,o.idToken,e),this.updateV0ToCurrent(1,r.accessToken,o.accessToken,e),this.updateV0ToCurrent(1,r.refreshToken,o.refreshToken,e)]),t.length>0?this.browserStorage.setItem(Xa(0),JSON.stringify(t)):this.browserStorage.removeItem(Xa(0)),n.length>0?this.browserStorage.setItem(Xa(1),JSON.stringify(n)):this.browserStorage.removeItem(Xa(1)),this.setTokenKeys(r,e,0),this.setTokenKeys(o,e,1)}async updateV0ToCurrent(e,t,r,n){const o=[];for(const i of[...t]){const s=this.browserStorage.getItem(i),a=this.validateAndParseJson(s||"");if(!a){Rc(t,i);continue}a.lastUpdatedAt||(a.lastUpdatedAt=Date.now().toString(),this.setItem(i,JSON.stringify(a),n));const c=Ac(a)?await this.browserStorage.decryptData(i,a,n):a;let l;if(c&&(zn(c)||Kn(c))&&(l=c.expiresOn),!c||Ln(a.lastUpdatedAt,this.cacheConfig.cacheRetentionDays)||l&&Un(l,300))this.browserStorage.removeItem(i),Rc(t,i),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},n);else if(this.cacheConfig.cacheLocation!==ms.LocalStorage||Ac(a)){const t=`${Ka}.${e}-${i}`,s=this.browserStorage.getItem(t);if(!s){o.push(this.setUserData(t,JSON.stringify(c),n,a.lastUpdatedAt).then((()=>{r.push(t),this.performanceClient.incrementFields({upgradedCacheCount:1},n)})));continue}{const e=this.validateAndParseJson(s);if(Number(a.lastUpdatedAt)>Number(e.lastUpdatedAt)){o.push(this.setUserData(t,JSON.stringify(c),n,a.lastUpdatedAt).then((()=>{this.performanceClient.incrementFields({updatedCacheFromV0Count:1},n)})));continue}}}}return Promise.all(o)}trackVersionChanges(e){const t=this.browserStorage.getItem(Va);t&&(this.logger.info(`MSAL.js was last initialized by version: ${t}`),this.performanceClient.addFields({previousLibraryVersion:t},e)),t!==za&&this.setItem(Va,za,e)}validateAndParseJson(e){if(!e)return null;try{const t=JSON.parse(e);return t&&"object"==typeof t?t:null}catch(e){return null}}setItem(e,t,r){let n=0,o=[];for(let i=0;i<=20;i++)try{this.browserStorage.setItem(e,t),i>0&&(i<=n?this.removeAccessTokenKeys(o.slice(0,i),r,0):(this.removeAccessTokenKeys(o.slice(0,n),r,0),this.removeAccessTokenKeys(o.slice(n,i),r)));break}catch(s){const a=yr(s);if(!(a.errorCode===gr&&i<20))throw a;if(!o.length){const r=e===Za(this.clientId,0)?JSON.parse(t).accessToken:this.getTokenKeys(0).accessToken,i=e===Za(this.clientId)?JSON.parse(t).accessToken:this.getTokenKeys().accessToken;o=[...r,...i],n=r.length}if(o.length<=i)throw a;this.removeAccessToken(o[i],r,!1)}}async setUserData(e,t,r,n){let o=0,i=[];for(let s=0;s<=20;s++)try{await Pn(this.browserStorage.setUserData.bind(this.browserStorage),Ir.SetUserData,this.logger,this.performanceClient)(e,t,r,n),s>0&&(s<=o?this.removeAccessTokenKeys(i.slice(0,s),r,0):(this.removeAccessTokenKeys(i.slice(0,o),r,0),this.removeAccessTokenKeys(i.slice(o,s),r)));break}catch(e){const t=yr(e);if(!(t.errorCode===gr&&s<20))throw t;if(!i.length){const e=this.getTokenKeys(0).accessToken,t=this.getTokenKeys().accessToken;i=[...e,...t],o=e.length}if(i.length<=s)throw t;this.removeAccessToken(i[s],r,!1)}}getAccount(e,t){this.logger.trace("BrowserCacheManager.getAccount called");const r=this.browserStorage.getUserData(e);if(!r)return this.removeAccountKeyFromMap(e,t),null;const n=this.validateAndParseJson(r);return n&&io.isAccountEntity(n)?Cr.toObject(new io,n):null}async setAccount(e,t){this.logger.trace("BrowserCacheManager.setAccount called");const r=this.generateAccountKey(e.getAccountInfo()),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(r,JSON.stringify(e),t,n);const o=this.addAccountKeyToMap(r,t);this.cacheConfig.cacheLocation===ms.LocalStorage&&o&&this.eventHandler.emitEvent(Ec.ACCOUNT_ADDED,void 0,e.getAccountInfo())}getAccountKeys(){return Ic(this.browserStorage)}addAccountKeyToMap(e,t){this.logger.trace("BrowserCacheManager.addAccountKeyToMap called"),this.logger.tracePii(`BrowserCacheManager.addAccountKeyToMap called with key: ${e}`);const r=this.getAccountKeys();return-1===r.indexOf(e)?(r.push(e),this.setItem(Xa(),JSON.stringify(r),t),this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key added"),!0):(this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key already exists in map"),!1)}removeAccountKeyFromMap(e,t){this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap called"),this.logger.tracePii(`BrowserCacheManager.removeAccountKeyFromMap called with key: ${e}`);const r=this.getAccountKeys(),n=r.indexOf(e);if(n>-1){if(r.splice(n,1),0===r.length)return void this.removeItem(Xa());this.setItem(Xa(),JSON.stringify(r),t),this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap account key removed")}else this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap key not found in existing map")}removeAccount(e,t){const r=this.getActiveAccount(t);r?.homeAccountId===e.homeAccountId&&r?.environment===e.environment&&this.setActiveAccount(null,t),super.removeAccount(e,t),this.removeAccountKeyFromMap(this.generateAccountKey(e),t),this.browserStorage.getKeys().forEach((t=>{t.includes(e.homeAccountId)&&t.includes(e.environment)&&this.browserStorage.removeItem(t)})),this.cacheConfig.cacheLocation===ms.LocalStorage&&this.eventHandler.emitEvent(Ec.ACCOUNT_REMOVED,void 0,e)}removeIdToken(e,t){super.removeIdToken(e,t);const r=this.getTokenKeys(),n=r.idToken.indexOf(e);n>-1&&(this.logger.info("idToken removed from tokenKeys map"),r.idToken.splice(n,1),this.setTokenKeys(r,t))}removeAccessToken(e,t,r=!0){super.removeAccessToken(e,t),r&&this.removeAccessTokenKeys([e],t)}removeAccessTokenKeys(e,t,r=1){this.logger.trace("removeAccessTokenKey called");const n=this.getTokenKeys(r);let o=0;if(e.forEach((e=>{const t=n.accessToken.indexOf(e);t>-1&&(n.accessToken.splice(t,1),o++)})),o>0)return this.logger.info(`removed ${o} accessToken keys from tokenKeys map`),void this.setTokenKeys(n,t,r)}removeRefreshToken(e,t){super.removeRefreshToken(e,t);const r=this.getTokenKeys(),n=r.refreshToken.indexOf(e);n>-1&&(this.logger.info("refreshToken removed from tokenKeys map"),r.refreshToken.splice(n,1),this.setTokenKeys(r,t))}getTokenKeys(e=1){return Tc(this.clientId,this.browserStorage,e)}setTokenKeys(e,t,r=1){0!==e.idToken.length||0!==e.accessToken.length||0!==e.refreshToken.length?this.setItem(Za(this.clientId,r),JSON.stringify(e),t):this.removeItem(Za(this.clientId,r))}getIdTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeIdToken(e,t),null;const n=this.validateAndParseJson(r);return n&&((o=n)&&Fn(o)&&o.hasOwnProperty("realm")&&o.credentialType===x.ID_TOKEN)?(this.logger.trace("BrowserCacheManager.getIdTokenCredential: cache hit"),n):(this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),null);var o}async setIdTokenCredential(e,t){this.logger.trace("BrowserCacheManager.setIdTokenCredential called");const r=this.generateCredentialKey(e),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(r,JSON.stringify(e),t,n);const o=this.getTokenKeys();-1===o.idToken.indexOf(r)&&(this.logger.info("BrowserCacheManager: addTokenKey - idToken added to map"),o.idToken.push(r),this.setTokenKeys(o,t))}getAccessTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeAccessTokenKeys([e],t),null;const n=this.validateAndParseJson(r);return n&&zn(n)?(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: cache hit"),n):(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),null)}async setAccessTokenCredential(e,t){this.logger.trace("BrowserCacheManager.setAccessTokenCredential called");const r=this.generateCredentialKey(e),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(r,JSON.stringify(e),t,n);const o=this.getTokenKeys(),i=o.accessToken.indexOf(r);-1!==i&&o.accessToken.splice(i,1),this.logger.trace(`access token ${-1===i?"added to":"updated in"} map`),o.accessToken.push(r),this.setTokenKeys(o,t)}getRefreshTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeRefreshToken(e,t),null;const n=this.validateAndParseJson(r);return n&&Kn(n)?(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: cache hit"),n):(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),null)}async setRefreshTokenCredential(e,t){this.logger.trace("BrowserCacheManager.setRefreshTokenCredential called");const r=this.generateCredentialKey(e),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(r,JSON.stringify(e),t,n);const o=this.getTokenKeys();-1===o.refreshToken.indexOf(r)&&(this.logger.info("BrowserCacheManager: addTokenKey - refreshToken added to map"),o.refreshToken.push(r),this.setTokenKeys(o,t))}getAppMetadata(e){const t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null;const r=this.validateAndParseJson(t);return r&&(n=e,(o=r)&&0===n.indexOf(D)&&o.hasOwnProperty("clientId")&&o.hasOwnProperty("environment"))?(this.logger.trace("BrowserCacheManager.getAppMetadata: cache hit"),r):(this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null);var n,o}setAppMetadata(e,t){this.logger.trace("BrowserCacheManager.setAppMetadata called");const r=function({environment:e,clientId:t}){return[D,e,t].join(L).toLowerCase()}(e);this.setItem(r,JSON.stringify(e),t)}getServerTelemetry(e){const t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null;const r=this.validateAndParseJson(t);return r&&function(e,t){const r=0===e.indexOf(j.CACHE_KEY);let n=!0;return t&&(n=t.hasOwnProperty("failedRequests")&&t.hasOwnProperty("errors")&&t.hasOwnProperty("cacheHits")),r&&n}(e,r)?(this.logger.trace("BrowserCacheManager.getServerTelemetry: cache hit"),r):(this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null)}setServerTelemetry(e,t,r){this.logger.trace("BrowserCacheManager.setServerTelemetry called"),this.setItem(e,JSON.stringify(t),r)}getAuthorityMetadata(e){const t=this.internalStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAuthorityMetadata: called, no cache hit"),null;const r=this.validateAndParseJson(t);return r&&function(e,t){return!!t&&0===e.indexOf(F)&&t.hasOwnProperty("aliases")&&t.hasOwnProperty("preferred_cache")&&t.hasOwnProperty("preferred_network")&&t.hasOwnProperty("canonical_authority")&&t.hasOwnProperty("authorization_endpoint")&&t.hasOwnProperty("token_endpoint")&&t.hasOwnProperty("issuer")&&t.hasOwnProperty("aliasesFromNetwork")&&t.hasOwnProperty("endpointsFromNetwork")&&t.hasOwnProperty("expiresAt")&&t.hasOwnProperty("jwks_uri")}(e,r)?(this.logger.trace("BrowserCacheManager.getAuthorityMetadata: cache hit"),r):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter((e=>this.isAuthorityMetadata(e)))}setWrapperMetadata(e,t){this.internalStorage.setItem(bs,e),this.internalStorage.setItem(Es,t)}getWrapperMetadata(){return[this.internalStorage.getItem(bs)||t.EMPTY_STRING,this.internalStorage.getItem(Es)||t.EMPTY_STRING]}setAuthorityMetadata(e,t){this.logger.trace("BrowserCacheManager.setAuthorityMetadata called"),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(e){const t=this.generateCacheKey(w),r=this.browserStorage.getItem(t);if(!r)return this.logger.trace("BrowserCacheManager.getActiveAccount: No active account filters found"),null;const n=this.validateAndParseJson(r);return n?(this.logger.trace("BrowserCacheManager.getActiveAccount: Active account filters schema found"),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId},e)):(this.logger.trace("BrowserCacheManager.getActiveAccount: No active account found"),null)}setActiveAccount(e,t){const r=this.generateCacheKey(w);if(e){this.logger.verbose("setActiveAccount: Active account set");const n={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId,lastUpdatedAt:On().toString()};this.setItem(r,JSON.stringify(n),t)}else this.logger.verbose("setActiveAccount: No account passed, active account not set"),this.browserStorage.removeItem(r);this.eventHandler.emitEvent(Ec.ACTIVE_ACCOUNT_CHANGED)}getThrottlingCache(e){const t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null;const r=this.validateAndParseJson(t);return r&&function(e,t){let r=!1;e&&(r=0===e.indexOf(Y));let n=!0;return t&&(n=t.hasOwnProperty("throttleTime")),r&&n}(e,r)?(this.logger.trace("BrowserCacheManager.getThrottlingCache: cache hit"),r):(this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null)}setThrottlingCache(e,t,r){this.logger.trace("BrowserCacheManager.setThrottlingCache called"),this.setItem(e,JSON.stringify(t),r)}getTemporaryCache(e,t){const r=t?this.generateCacheKey(e):e;if(this.cacheConfig.storeAuthStateInCookie){const e=this.cookieStorage.getItem(r);if(e)return this.logger.trace("BrowserCacheManager.getTemporaryCache: storeAuthStateInCookies set to true, retrieving from cookies"),e}const n=this.temporaryCacheStorage.getItem(r);if(!n){if(this.cacheConfig.cacheLocation===ms.LocalStorage){const e=this.browserStorage.getItem(r);if(e)return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item found in local storage"),e}return this.logger.trace("BrowserCacheManager.getTemporaryCache: No cache item found in local storage"),null}return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item returned"),n}setTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(n,t),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.setTemporaryCache: storeAuthStateInCookie set to true, setting item cookie"),this.cookieStorage.setItem(n,t,void 0,this.cacheConfig.secureCookies))}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.removeItem: storeAuthStateInCookie is true, clearing item cookie"),this.cookieStorage.removeItem(e))}getKeys(){return this.browserStorage.getKeys()}clear(e){this.removeAllAccounts(e),this.removeAppMetadata(e),this.temporaryCacheStorage.getKeys().forEach((e=>{-1===e.indexOf(Ka)&&-1===e.indexOf(this.clientId)||this.removeTemporaryItem(e)})),this.browserStorage.getKeys().forEach((e=>{-1===e.indexOf(Ka)&&-1===e.indexOf(this.clientId)||this.browserStorage.removeItem(e)})),this.internalStorage.clear()}clearTokensAndKeysWithClaims(e){this.performanceClient.addQueueMeasurement(Ir.ClearTokensAndKeysWithClaims,e);const t=this.getTokenKeys();let r=0;t.accessToken.forEach((t=>{const n=this.getAccessTokenCredential(t,e);n?.requestedClaimsHash&&t.includes(n.requestedClaimsHash.toLowerCase())&&(this.removeAccessToken(t,e),r++)})),r>0&&this.logger.warning(`${r} access tokens with claims in the cache keys have been removed from the cache.`)}generateCacheKey(e){return Vt.startsWith(e,Ka)?e:`${Ka}.${this.clientId}.${e}`}generateCredentialKey(e){const t=e.credentialType===x.REFRESH_TOKEN&&e.familyId||e.clientId,r=e.tokenType&&e.tokenType.toLowerCase()!==W.BEARER.toLowerCase()?e.tokenType.toLowerCase():"";return[`${Ka}.1`,e.homeAccountId,e.environment,e.credentialType,t,e.realm||"",e.target||"",e.requestedClaimsHash||"",r].join("-").toLowerCase()}generateAccountKey(e){const t=e.homeAccountId.split(".")[1];return[`${Ka}.1`,e.homeAccountId,e.environment,t||e.tenantId||""].join("-").toLowerCase()}resetRequestCache(){this.logger.trace("BrowserCacheManager.resetRequestCache called"),this.removeTemporaryItem(this.generateCacheKey(Ts)),this.removeTemporaryItem(this.generateCacheKey(As)),this.removeTemporaryItem(this.generateCacheKey(ws)),this.removeTemporaryItem(this.generateCacheKey(Is)),this.removeTemporaryItem(this.generateCacheKey(Ss)),this.setInteractionInProgress(!1)}cacheAuthorizeRequest(e,t){this.logger.trace("BrowserCacheManager.cacheAuthorizeRequest called");const r=xs(JSON.stringify(e));if(this.setTemporaryCache(Ts,r,!0),t){const e=xs(t);this.setTemporaryCache(As,e,!0)}}getCachedRequest(){this.logger.trace("BrowserCacheManager.getCachedRequest called");const e=this.getTemporaryCache(Ts,!0);if(!e)throw Ji(yi);const t=this.getTemporaryCache(As,!0);let r,n="";try{r=JSON.parse(Bs(e)),t&&(n=Bs(t))}catch(t){throw this.logger.errorPii(`Attempted to parse: ${e}`),this.logger.error(`Parsing cached token request threw with error: ${t}`),Ji(Ci)}return[r,n]}getCachedNativeRequest(){this.logger.trace("BrowserCacheManager.getCachedNativeRequest called");const e=this.getTemporaryCache(Ss,!0);if(!e)return this.logger.trace("BrowserCacheManager.getCachedNativeRequest: No cached native request found"),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("BrowserCacheManager.getCachedNativeRequest: Unable to parse native request"),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress()?.clientId;return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${Ka}.${ks}`,t=this.getTemporaryCache(e,!1);try{return t?JSON.parse(t):null}catch(t){return this.logger.error("Cannot parse interaction status. Removing temporary cache items and clearing url hash. Retrying interaction should fix the error"),this.removeTemporaryItem(e),this.resetRequestCache(),va(window),null}}setInteractionInProgress(e,t=Cs){const r=`${Ka}.${ks}`;if(e){if(this.getInteractionInProgress())throw Ji(oi);this.setTemporaryCache(r,JSON.stringify({clientId:this.clientId,type:t}),!1)}else e||this.getInteractionInProgress()?.clientId!==this.clientId||this.removeTemporaryItem(r)}async hydrateCache(e,t){const r=xn(e.account?.homeAccountId,e.account?.environment,e.idToken,this.clientId,e.tenantId);let n;t.claims&&(n=await this.cryptoImpl.hashString(t.claims));const o={idToken:r,accessToken:Dn(e.account?.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?qn(e.expiresOn):0,e.extExpiresOn?qn(e.extExpiresOn):0,Bs,void 0,e.tokenType,void 0,t.sshKid,t.claims,n)};return this.saveCacheRecord(o,e.correlationId)}async saveCacheRecord(e,t,r){try{await super.saveCacheRecord(e,t,r)}catch(e){if(e instanceof fr&&this.performanceClient&&t)try{const e=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:e.refreshToken.length,cacheIdCount:e.idToken.length,cacheAtCount:e.accessToken.length},t)}catch(e){}throw e}}}function Pc(e,t,r,n){try{switch(t){case ms.LocalStorage:return new Sc(e,r,n);case ms.SessionStorage:return new bc}}catch(e){r.error(e)}return new gc}const Mc=(e,t,r,n)=>new _c(e,{cacheLocation:ms.MemoryStorage,cacheRetentionDays:5,temporaryCacheLocation:ms.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1},mt,t,r,n);function Oc(e,t,r,n,o){return e.verbose("getAllAccounts called"),r?t.getAllAccounts(o||{},n):[]}function qc(e,t,r,n){const o=r.getAccountInfoFilteredBy(e,n);return o?(t.verbose("getAccount: Account matching provided filter found, returning"),o):(t.verbose("getAccount: No matching account found, returning null"),null)}function Nc(e,t,r,n){if(t.trace("getAccountByUsername called"),!e)return t.warning("getAccountByUsername: No username provided"),null;const o=r.getAccountInfoFilteredBy({username:e},n);return o?(t.verbose("getAccountByUsername: Account matching username found, returning"),t.verbosePii(`getAccountByUsername: Returning signed-in accounts matching username: ${e}`),o):(t.verbose("getAccountByUsername: No matching account found, returning null"),null)}function Uc(e,t,r,n){if(t.trace("getAccountByHomeId called"),!e)return t.warning("getAccountByHomeId: No homeAccountId provided"),null;const o=r.getAccountInfoFilteredBy({homeAccountId:e},n);return o?(t.verbose("getAccountByHomeId: Account matching homeAccountId found, returning"),t.verbosePii(`getAccountByHomeId: Returning signed-in accounts matching homeAccountId: ${e}`),o):(t.verbose("getAccountByHomeId: No matching account found, returning null"),null)}function Lc(e,t,r,n){if(t.trace("getAccountByLocalId called"),!e)return t.warning("getAccountByLocalId: No localAccountId provided"),null;const o=r.getAccountInfoFilteredBy({localAccountId:e},n);return o?(t.verbose("getAccountByLocalId: Account matching localAccountId found, returning"),t.verbosePii(`getAccountByLocalId: Returning signed-in accounts matching localAccountId: ${e}`),o):(t.verbose("getAccountByLocalId: No matching account found, returning null"),null)}function Hc(e,t,r){t.setActiveAccount(e,r)}function xc(e,t){return e.getActiveAccount(t)}class Dc{constructor(e){this.eventCallbacks=new Map,this.logger=e||new yt({}),"undefined"!=typeof BroadcastChannel&&(this.broadcastChannel=new BroadcastChannel("msal.broadcast.event")),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if("undefined"!=typeof window){const n=r||qa();return this.eventCallbacks.has(n)?(this.logger.error(`Event callback with id: ${n} is already registered. Please provide a unique id or remove the existing callback and try again.`),null):(this.eventCallbacks.set(n,[e,t||[]]),this.logger.verbose(`Event callback registered with id: ${n}`),n)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose(`Event callback ${e} removed.`)}emitEvent(e,t,r,n){const o={eventType:e,interactionType:t||null,payload:r||null,error:n||null,timestamp:Date.now()};switch(e){case Ec.ACCOUNT_ADDED:case Ec.ACCOUNT_REMOVED:case Ec.ACTIVE_ACCOUNT_CHANGED:this.broadcastChannel?.postMessage(o);break;default:this.invokeCallbacks(o)}}invokeCallbacks(e){this.eventCallbacks.forEach((([t,r],n)=>{(0===r.length||r.includes(e.eventType))&&(this.logger.verbose(`Emitting event to callback ${n}: ${e.eventType}`),t.apply(null,[e]))}))}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){this.broadcastChannel?.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){this.broadcastChannel?.removeEventListener("message",this.invokeCrossTabCallbacks)}}class Bc{constructor(e,t,r,n,o,i,s,a,c){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=o,this.navigationClient=i,this.platformAuthProvider=a,this.correlationId=c||ta(),this.logger=n.clone(rs,za,this.correlationId),this.performanceClient=s}async clearCacheOnLogout(e,t){if(t)try{this.browserStorage.removeAccount(t,e),this.logger.verbose("Cleared cache items belonging to the account provided in the logout request.")}catch(e){this.logger.error("Account provided in logout request was not found. Local cache unchanged.")}else try{this.logger.verbose("No account provided in logout request, clearing all cache items.",this.correlationId),this.browserStorage.clear(e),await this.browserCrypto.clearKeystore()}catch(e){this.logger.error("Attempted to clear all MSAL cache items and failed. Local cache unchanged.")}}getRedirectUri(e){this.logger.verbose("getRedirectUri called");const t=e||this.config.auth.redirectUri;return ar.getAbsoluteUrl(t,Aa())}initializeServerTelemetryManager(e,t){this.logger.verbose("initializeServerTelemetryManager called");const r={clientId:this.config.auth.clientId,correlationId:this.correlationId,apiId:e,forceRefresh:t||!1,wrapperSKU:this.browserStorage.getWrapperMetadata()[0],wrapperVer:this.browserStorage.getWrapperMetadata()[1]};return new xo(r,this.browserStorage)}async getDiscoveredAuthority(e){const{account:t}=e,r=e.requestExtraQueryParameters&&e.requestExtraQueryParameters.hasOwnProperty("instance_aware")?e.requestExtraQueryParameters.instance_aware:void 0;this.performanceClient.addQueueMeasurement(Ir.StandardInteractionClientGetDiscoveredAuthority,this.correlationId);const n={protocolMode:this.config.auth.protocolMode,OIDCOptions:this.config.auth.OIDCOptions,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},o=e.requestAuthority||this.config.auth.authority,i=r?.length?"true"===r:this.config.auth.instanceAware,s=t&&i?this.config.auth.authority.replace(ar.getDomainFromUrl(o),t.environment):o,a=Wn.generateAuthority(s,e.requestAzureCloudOptions||this.config.auth.azureCloudOptions),c=await Pn(Yn,Ir.AuthorityFactoryCreateDiscoveredInstance,this.logger,this.performanceClient,this.correlationId)(a,this.config.system.networkClient,this.browserStorage,n,this.logger,this.correlationId,this.performanceClient);if(t&&!c.isAlias(t.environment))throw Wt(Ft);return c}}async function Fc(e,t,r,n){r.addQueueMeasurement(Ir.InitializeBaseRequest,e.correlationId);const o=e.authority||t.auth.authority,i=[...e&&e.scopes||[]],s={...e,correlationId:e.correlationId,authority:o,scopes:i};if(s.authenticationScheme){if(s.authenticationScheme===W.SSH){if(!e.sshJwk)throw Wt(Ut);if(!e.sshKid)throw Wt(Lt)}n.verbose(`Authentication Scheme set to "${s.authenticationScheme}" as configured in Auth request`)}else s.authenticationScheme=W.BEARER,n.verbose('Authentication Scheme wasn\'t explicitly set in request, defaulting to "Bearer" request');return t.cache.claimsBasedCachingEnabled&&e.claims&&!Vt.isEmptyObj(e.claims)&&(s.requestedClaimsHash=await ha(e.claims)),s}async function zc(e,t,r,n,o){n.addQueueMeasurement(Ir.InitializeSilentRequest,e.correlationId);const i=await Pn(Fc,Ir.InitializeBaseRequest,o,n,e.correlationId)(e,r,n,o);return{...e,...i,account:t,forceRefresh:e.forceRefresh||!1}}function Kc(e,t){let r;const n=e.httpMethod;if(t===wr.EAR){if(r=n||l,r!==l)throw Wt(zt)}else r=n||c;if(e.authorizePostBodyParameters&&r!==l)throw Wt(Kt);return r}class Gc extends Bc{initializeLogoutRequest(e){this.logger.verbose("initializeLogoutRequest called",e?.correlationId);const t={correlationId:this.correlationId||ta(),...e};if(e)if(e.logoutHint)this.logger.verbose("logoutHint has already been set in logoutRequest");else if(e.account){const r=this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("Setting logoutHint to login_hint ID Token Claim value for the account provided"),t.logoutHint=r)}else this.logger.verbose("logoutHint was not set and account was not passed into logout request, logoutHint will not be set");else this.logger.verbose("logoutHint will not be set since no logout request was configured");return e&&null===e.postLogoutRedirectUri?this.logger.verbose("postLogoutRedirectUri passed as null, not setting post logout redirect uri",t.correlationId):e&&e.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to uri set on logout request",t.correlationId),t.postLogoutRedirectUri=ar.getAbsoluteUrl(e.postLogoutRedirectUri,Aa())):null===this.config.auth.postLogoutRedirectUri?this.logger.verbose("postLogoutRedirectUri configured as null and no uri set on request, not passing post logout redirect",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to configured uri",t.correlationId),t.postLogoutRedirectUri=ar.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,Aa())):(this.logger.verbose("Setting postLogoutRedirectUri to current page",t.correlationId),t.postLogoutRedirectUri=ar.getAbsoluteUrl(Aa(),Aa())),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("The ID Token Claims tied to the provided account do not contain a login_hint claim, logoutHint will not be added to logout request")}else this.logger.verbose("The provided account does not contain ID Token Claims, logoutHint will not be added to logout request");return null}async createAuthCodeClient(e){this.performanceClient.addQueueMeasurement(Ir.StandardInteractionClientCreateAuthCodeClient,this.correlationId);const t=await Pn(this.getClientConfiguration.bind(this),Ir.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)(e);return new Po(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:r,requestAuthority:n,requestAzureCloudOptions:o,requestExtraQueryParameters:i,account:s}=e;this.performanceClient.addQueueMeasurement(Ir.StandardInteractionClientGetClientConfiguration,this.correlationId);const a=await Pn(this.getDiscoveredAuthority.bind(this),Ir.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,this.correlationId)({requestAuthority:n,requestAzureCloudOptions:o,requestExtraQueryParameters:i,account:s}),c=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:a,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:c.loggerCallback,piiLoggingEnabled:c.piiLoggingEnabled,logLevel:c.logLevel,correlationId:this.correlationId},cacheOptions:{claimsBasedCachingEnabled:this.config.cache.claimsBasedCachingEnabled},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:r,libraryInfo:{sku:rs,version:za,cpu:t.EMPTY_STRING,os:t.EMPTY_STRING},telemetry:this.config.telemetry}}async initializeAuthorizationRequest(e,r){this.performanceClient.addQueueMeasurement(Ir.StandardInteractionClientInitializeAuthorizationRequest,this.correlationId);const n=this.getRedirectUri(e.redirectUri),o={interactionType:r},i=Ao.setRequestState(this.browserCrypto,e&&e.state||t.EMPTY_STRING,o),s={...await Pn(Fc,Ir.InitializeBaseRequest,this.logger,this.performanceClient,this.correlationId)({...e,correlationId:this.correlationId},this.config,this.performanceClient,this.logger),redirectUri:n,state:i,nonce:e.nonce||ta(),responseMode:this.config.auth.OIDCOptions.serverResponseType},a={...s,httpMethod:Kc(s,this.config.auth.protocolMode)};if(e.loginHint||e.sid)return a;const c=e.account||this.browserStorage.getActiveAccount(this.correlationId);return c&&(this.logger.verbose("Setting validated request account",this.correlationId),this.logger.verbosePii(`Setting validated request account: ${c.homeAccountId}`,this.correlationId),a.account=c),a}}function $c(e,t,r){const n=or(e);if(!n)throw nr(e)?(r.error(`A ${t} is present in the iframe but it does not contain known properties. It's likely that the ${t} has been replaced by code running on the redirectUri page.`),r.errorPii(`The ${t} detected is: ${e}`),Ji(ti)):(r.error(`The request has returned to the redirectUri but a ${t} is not present. It's likely that the ${t} has been removed or the page has been redirected by code running on the redirectUri page.`),Ji(Zo));return n}function Qc(e,t,r){if(!e.state)throw Ji(ei);const n=function(e,t){if(!t)return null;try{return Ao.parseRequestState(e,t).libraryState.meta}catch(e){throw pt(Re)}}(t,e.state);if(!n)throw Ji(ri);if(n.interactionType!==r)throw Ji(ni)}class jc{constructor(e,t,r,n,o){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=n,this.performanceClient=o}async handleCodeResponse(e,t){let r;this.performanceClient.addQueueMeasurement(Ir.HandleCodeResponse,t.correlationId);try{r=function(e,t){if(Lo(e,t),!e.code)throw pt(tt);return e}(e,t.state)}catch(e){throw e instanceof Xn&&e.subError===ai?Ji(ai):e}return Pn(this.handleCodeResponseFromServer.bind(this),Ir.HandleCodeResponseFromServer,this.logger,this.performanceClient,t.correlationId)(r,t)}async handleCodeResponseFromServer(e,t,r=!0){if(this.performanceClient.addQueueMeasurement(Ir.HandleCodeResponseFromServer,t.correlationId),this.logger.trace("InteractionHandler.handleCodeResponseFromServer called"),this.authCodeRequest.code=e.code,e.cloud_instance_host_name&&await Pn(this.authModule.updateAuthority.bind(this.authModule),Ir.UpdateTokenEndpointAuthority,this.logger,this.performanceClient,t.correlationId)(e.cloud_instance_host_name,t.correlationId),r&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const e=this.createCcsCredentials(t);e&&(this.authCodeRequest.ccsCredential=e)}return await Pn(this.authModule.acquireToken.bind(this.authModule),Ir.AuthClientAcquireToken,this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:Hr}:e.loginHint?{credential:e.loginHint,type:xr}:null}}const Wc="user_switch",Vc={[Wc]:"User attempted to switch accounts in the native broker, which is not allowed. All new accounts must sign-in through the standard web flow first, please try again."};class Jc extends Ce{constructor(e,t,r){super(e,t),Object.setPrototypeOf(this,Jc.prototype),this.name="NativeAuthError",this.ext=r}}function Yc(e){if(e.ext&&e.ext.status&&"DISABLED"===e.ext.status)return!0;if(e.ext&&e.ext.error&&-2147186943===e.ext.error)return!0;switch(e.errorCode){case"ContentError":case"PageException":return!0;default:return!1}}function Xc(e,t,r){if(r&&r.status)switch(r.status){case"ACCOUNT_UNAVAILABLE":return To(ao);case"USER_INTERACTION_REQUIRED":return new wo(e,t);case"USER_CANCEL":return Ji(ai);case"NO_NETWORK":return Ji(Ai);case"UX_NOT_ALLOWED":return To(lo)}return new Jc(e,Vc[e]||t,r)}class Zc extends Gc{async acquireToken(e){this.performanceClient.addQueueMeasurement(Ir.SilentCacheClientAcquireToken,e.correlationId);const t=this.initializeServerTelemetryManager(Rs.acquireTokenSilent_silentFlow),r=await Pn(this.getClientConfiguration.bind(this),Ir.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),n=new Oo(r,this.performanceClient);this.logger.verbose("Silent auth client created");try{const t=(await Pn(n.acquireCachedToken.bind(n),Ir.SilentFlowClientAcquireCachedToken,this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),t}catch(e){throw e instanceof Vi&&e.errorCode===Ri&&this.logger.verbose("Signing keypair for bound access token not found. Refreshing bound access token and generating a new crypto keypair."),e}}logout(e){this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e);return this.clearCacheOnLogout(t.correlationId,t?.account)}}class el extends Bc{constructor(e,t,r,n,o,i,s,a,c,l,h,d){super(e,t,r,n,o,i,a,c,d),this.apiId=s,this.accountId=l,this.platformAuthProvider=c,this.nativeStorageManager=h,this.silentCacheClient=new Zc(e,this.nativeStorageManager,r,n,o,i,a,c,d);const u=this.platformAuthProvider.getExtensionName();this.skus=xo.makeExtraSkuString({libraryName:rs,libraryVersion:za,extensionName:u,extensionVersion:this.platformAuthProvider.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[Qr]:this.skus}}async acquireToken(e,t){this.performanceClient.addQueueMeasurement(Ir.NativeInteractionClientAcquireToken,this.correlationId),this.logger.trace("NativeInteractionClient - acquireToken called.");const r=this.performanceClient.startMeasurement(Ir.NativeInteractionClientAcquireToken,this.correlationId),n=On(),o=this.initializeServerTelemetryManager(this.apiId);try{const i=await this.initializeNativeRequest(e);try{const e=await this.acquireTokensFromCache(this.accountId,i);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),e}catch(e){if(t===Ns.AccessToken)throw this.logger.info("MSAL internal Cache does not contain tokens, return error as per cache policy"),r.end({success:!1,brokerErrorCode:"cache_request_failed"}),e;this.logger.info("MSAL internal Cache does not contain tokens, proceed to make a native call")}const s=await this.platformAuthProvider.sendMessage(i);return await this.handleNativeResponse(s,i,n).then((e=>(r.end({success:!0,isNativeBroker:!0,requestId:e.requestId}),o.clearNativeBrokerErrorCode(),e))).catch((e=>{throw r.end({success:!1,errorCode:e.errorCode,subErrorCode:e.subError}),e}))}catch(e){throw e instanceof Jc&&o.setNativeBrokerErrorCode(e.errorCode),r.end({success:!1}),e}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:Jt.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("NativeInteractionClient:acquireTokensFromCache - No nativeAccountId provided"),pt(je);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e},this.correlationId);if(!r)throw pt(je);try{const e=this.createSilentCacheRequest(t,r),n=await this.silentCacheClient.acquireToken(e),o={...r,idTokenClaims:n?.idTokenClaims,idToken:n?.idToken};return{...n,account:o}}catch(e){throw e}}async acquireTokenRedirect(e,t){this.logger.trace("NativeInteractionClient - acquireTokenRedirect called.");const{...r}=e;delete r.onRedirectNavigate;const n=await this.initializeNativeRequest(r);try{await this.platformAuthProvider.sendMessage(n)}catch(e){if(e instanceof Jc){if(this.initializeServerTelemetryManager(this.apiId).setNativeBrokerErrorCode(e.errorCode),Yc(e))throw e}}this.browserStorage.setTemporaryCache(Ss,JSON.stringify(n),!0);const o={apiId:Rs.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=this.config.auth.navigateToLoginRequestUrl?window.location.href:this.getRedirectUri(e.redirectUri);t.end({success:!0}),await this.navigationClient.navigateExternal(i,o)}async handleRedirectPromise(e,t){if(this.logger.trace("NativeInteractionClient - handleRedirectPromise called."),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const r=this.browserStorage.getCachedNativeRequest();if(!r)return this.logger.verbose("NativeInteractionClient - handleRedirectPromise called but there is no cached request, returning null."),e&&t&&e?.addFields({errorCode:"no_cached_request"},t),null;const{prompt:n,...o}=r;n&&this.logger.verbose("NativeInteractionClient - handleRedirectPromise called and prompt was included in the original request, removing prompt from cached request to prevent second interaction with native broker window."),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Ss));const i=On();try{this.logger.verbose("NativeInteractionClient - handleRedirectPromise sending message to native broker.");const t=await this.platformAuthProvider.sendMessage(o),r=await this.handleNativeResponse(t,o,i);return this.initializeServerTelemetryManager(this.apiId).clearNativeBrokerErrorCode(),e&&this.correlationId&&this.performanceClient.addFields({isNativeBroker:!0},this.correlationId),r}catch(e){throw e}}logout(){return this.logger.trace("NativeInteractionClient - logout called."),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){this.logger.trace("NativeInteractionClient - handleNativeResponse called.");const n=er(e.id_token,Bs),o=this.createHomeAccountIdentifier(e,n),i=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId},this.correlationId)?.homeAccountId;if(t.extraParameters?.child_client_id&&e.account.id!==t.accountId)this.logger.info("handleNativeServerResponse: Double broker flow detected, ignoring accountId mismatch");else if(o!==i&&e.account.id!==t.accountId)throw Xc(Wc);const s=await this.getDiscoveredAuthority({requestAuthority:t.authority}),a=Ro(this.browserStorage,s,o,Bs,this.correlationId,n,e.client_info,void 0,n.tid,void 0,e.account.id,this.logger);e.expires_in=Number(e.expires_in);const c=await this.generateAuthenticationResult(e,t,n,a,s.canonicalAuthority,r);return await this.cacheAccount(a,this.correlationId),await this.cacheNativeTokens(e,t,o,n,e.access_token,c.tenantId,r),c}createHomeAccountIdentifier(e,r){return io.generateHomeAccountId(e.client_info||t.EMPTY_STRING,Sn,this.logger,this.browserCrypto,r)}generateScopes(e,t){return t?Jt.fromString(t):Jt.fromString(e)}async generatePopAccessToken(e,t){if(t.tokenType===W.POP&&t.signPopToken){if(e.shr)return this.logger.trace("handleNativeServerResponse: SHR is enabled in native layer"),e.shr;const r=new So(this.browserCrypto),n={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce};if(!t.keyId)throw pt(ot);return r.signPopToken(e.access_token,t.keyId,n)}return e.access_token}async generateAuthenticationResult(e,r,n,o,i,s){const a=this.addTelemetryFromNativeResponse(e.properties.MATS),c=this.generateScopes(r.scope,e.scope),l=e.account.properties||{},h=l.UID||n.oid||n.sub||t.EMPTY_STRING,d=l.TenantId||n.tid||t.EMPTY_STRING,u=Zt(o.getAccountInfo(),void 0,n,e.id_token);u.nativeAccountId!==e.account.id&&(u.nativeAccountId=e.account.id);const g=await this.generatePopAccessToken(e,r),p=r.tokenType===W.POP?W.POP:W.BEARER;return{authority:i,uniqueId:h,tenantId:d,scopes:c.asArray(),account:u,idToken:e.id_token,idTokenClaims:n,accessToken:g,fromCache:!!a&&this.isResponseFromCache(a),expiresOn:Nn(s+e.expires_in),tokenType:p,correlationId:this.correlationId,state:e.state,fromNativeBroker:!0}}async cacheAccount(e,t){await this.browserStorage.setAccount(e,this.correlationId),this.browserStorage.removeAccountContext(e.getAccountInfo(),t)}cacheNativeTokens(e,r,n,o,i,s,a){const c=xn(n,r.authority,e.id_token||"",r.clientId,o.tid||""),l=a+(r.tokenType===W.POP?t.SHR_NONCE_VALIDITY:("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0),h=this.generateScopes(e.scope,r.scope),d={idToken:c,accessToken:Dn(n,r.authority,i,r.clientId,o.tid||s,h.printScopes(),l,0,Bs,void 0,r.tokenType,void 0,r.keyId)};return this.nativeStorageManager.saveCacheRecord(d,this.correlationId,r.storeInCache)}getExpiresInValue(e,r){return e===W.POP?t.SHR_NONCE_VALIDITY:("string"==typeof r?parseInt(r,10):r)||0}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.platformAuthProvider.getExtensionId(),extensionVersion:this.platformAuthProvider.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}getMATSFromResponse(e){if(e)try{return JSON.parse(e)}catch(e){this.logger.error("NativeInteractionClient - Error parsing MATS telemetry, returning null instead")}return null}isResponseFromCache(e){return void 0===e.is_cached?(this.logger.verbose("NativeInteractionClient - MATS telemetry does not contain field indicating if response was served from cache. Returning false."),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("NativeInteractionClient - initializeNativeRequest called");const t=await this.getCanonicalAuthority(e),{scopes:r,...n}=e,o=new Jt(r||[]);o.appendScopes(h);const i={...n,accountId:this.accountId,clientId:this.config.auth.clientId,authority:t.urlString,scope:o.printScopes(),redirectUri:this.getRedirectUri(e.redirectUri),prompt:this.getPrompt(e.prompt),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraQueryParameters,...e.tokenQueryParameters},extendedExpiryToken:!1,keyId:e.popKid};if(i.signPopToken&&e.popKid)throw Ji(Bi);if(this.handleExtraBrokerParams(i),i.extraParameters=i.extraParameters||{},i.extraParameters.telemetry=is,e.authenticationScheme===W.POP){const t={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce},r=new So(this.browserCrypto);let n;if(i.keyId)n=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:i.keyId})),i.signPopToken=!1;else{const e=await Pn(r.generateCnf.bind(r),Ir.PopTokenGenerateCnf,this.logger,this.performanceClient,this.correlationId)(t,this.logger);n=e.reqCnfString,i.keyId=e.kid,i.signPopToken=!0}i.reqCnf=n}return this.addRequestSKUs(i),i}async getCanonicalAuthority(e){const t=e.authority||this.config.auth.authority;e.account&&await this.getDiscoveredAuthority({requestAuthority:t,requestAzureCloudOptions:e.azureCloudOptions,account:e.account});const r=new ar(t);return r.validateAsUri(),r}getPrompt(e){switch(this.apiId){case Rs.ssoSilent:case Rs.acquireTokenSilent_silentFlow:return this.logger.trace("initializeNativeRequest: silent request sets prompt to none"),b.NONE}if(e)switch(e){case b.NONE:case b.CONSENT:case b.LOGIN:case b.SELECT_ACCOUNT:return this.logger.trace("initializeNativeRequest: prompt is compatible with native flow"),e;default:throw this.logger.trace(`initializeNativeRequest: prompt = ${e} is not compatible with native flow`),Ji(xi)}else this.logger.trace("initializeNativeRequest: prompt was not provided")}handleExtraBrokerParams(e){const t=e.extraParameters&&e.extraParameters.hasOwnProperty(jr)&&e.extraParameters.hasOwnProperty(Wr)&&e.extraParameters.hasOwnProperty(Fr);if(!e.embeddedClientId&&!t)return;let r="";const n=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,r=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[Wr],r=e.extraParameters[Fr]),e.extraParameters={child_client_id:r,child_redirect_uri:n},this.performanceClient?.addFields({embeddedClientId:r,embeddedRedirectUri:n},this.correlationId)}}async function tl(e,t,r,n,o){const i=No({...e.auth,authority:t},r,n,o);if(cn(i,{sku:rs,version:za,os:"",cpu:""}),e.auth.protocolMode!==wr.OIDC&&ln(i,e.telemetry.application),r.platformBroker&&(function(e){e.set("nativebroker","1")}(i),o.addFields({isPlatformAuthorizeRequest:!0},r.correlationId),r.authenticationScheme===W.POP)){const e=new mc(n,o),t=new So(e);let s;if(r.popKid)s=e.encodeKid(r.popKid);else{s=(await Pn(t.generateCnf.bind(t),Ir.PopTokenGenerateCnf,n,o,r.correlationId)(r,n)).reqCnfString}wn(i,s)}return Jr(i,r.correlationId,o),i}async function rl(e,r,n,o,i){if(!n.codeChallenge)throw Wt(Mt);const s=await Pn(tl,Ir.GetStandardParams,o,i,n.correlationId)(e,r,n,o,i);return Yr(s,E),dn(s,n.codeChallenge,t.S256_CODE_CHALLENGE_METHOD),Cn(s,n.extraQueryParameters||{}),Uo(r,s,e.auth.encodeExtraQueryParams,n.extraQueryParameters)}async function nl(e,t,r,n,o,i){if(!n.earJwk)throw Ji(Vo);const s=await tl(t,r,n,o,i);Yr(s,R),function(e,t){e.set("ear_jwk",encodeURIComponent(t)),e.set("ear_jwe_crypto","eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}(s,n.earJwk);const a=new Map;Cn(a,n.extraQueryParameters||{});return il(e,Uo(r,a,t.auth.encodeExtraQueryParams,n.extraQueryParameters),s)}async function ol(e,r,n,o,i,s){const a=await tl(r,n,o,i,s);Yr(a,E),dn(a,o.codeChallenge,o.codeChallengeMethod||t.S256_CODE_CHALLENGE_METHOD),function(e,t){Object.entries(t).forEach((([t,r])=>{r&&e.set(t,r)}))}(a,o.authorizePostBodyParameters||{});const c=new Map;Cn(c,o.extraQueryParameters||{});return il(e,Uo(n,c,r.auth.encodeExtraQueryParams,o.extraQueryParameters),a)}function il(e,t,r){const n=e.createElement("form");return n.method="post",n.action=t,r.forEach(((t,r)=>{const o=e.createElement("input");o.hidden=!0,o.name=r,o.value=t,n.appendChild(o)})),e.body.appendChild(n),n}async function sl(e,t,r,n,o,i,s,a,c,l){if(a.verbose("Account id found, calling WAM for token"),!l)throw Ji(Li);const h=new mc(a,c),d=new el(n,o,h,a,s,n.system.navigationClient,r,c,l,t,i,e.correlationId),{userRequestState:u}=Ao.parseRequestState(h,e.state);return Pn(d.acquireToken.bind(d),Ir.NativeInteractionClientAcquireToken,a,c,e.correlationId)({...e,state:u,prompt:void 0})}async function al(e,t,r,n,o,i,s,a,c,l,h,d){if(eo.removeThrottle(s,o.auth.clientId,e),t.accountId)return Pn(sl,Ir.HandleResponsePlatformBroker,l,h,e.correlationId)(e,t.accountId,n,o,s,a,c,l,h,d);const u={...e,code:t.code||"",codeVerifier:r},g=new jc(i,s,u,l,h);return await Pn(g.handleCodeResponse.bind(g),Ir.HandleCodeResponse,l,h,e.correlationId)(t,e)}async function cl(e,t,r,n,o,i,s,a,c,l,h){if(eo.removeThrottle(i,n.auth.clientId,e),Lo(t,e.state),!t.ear_jwe)throw Ji(Jo);if(!e.earJwk)throw Ji(Vo);const d=JSON.parse(await Pn(oa,Ir.DecryptEarResponse,c,l,e.correlationId)(e.earJwk,t.ear_jwe));if(d.accountId)return Pn(sl,Ir.HandleResponsePlatformBroker,c,l,e.correlationId)(e,d.accountId,r,n,i,s,a,c,l,h);const u=new Eo(n.auth.clientId,i,new mc(c,l),c,null,null,l);u.validateTokenResponse(d);const g={code:"",state:e.state,nonce:e.nonce,client_info:d.client_info,cloud_graph_host_name:d.cloud_graph_host_name,cloud_instance_host_name:d.cloud_instance_host_name,cloud_instance_name:d.cloud_instance_name,msgraph_host:d.msgraph_host};return await Pn(u.handleServerTokenResponse.bind(u),Ir.HandleServerTokenResponse,c,l,e.correlationId)(d,o,On(),e,g,void 0,void 0,void 0,void 0)}async function ll(e,t,r){e.addQueueMeasurement(Ir.GeneratePkceCodes,r);const n=_n(hl,Ir.GenerateCodeVerifier,t,e,r)(e,t,r);return{verifier:n,challenge:await Pn(dl,Ir.GenerateCodeChallengeFromVerifier,t,e,r)(n,e,t,r)}}function hl(e,t,r){try{const n=new Uint8Array(32);_n(Zs,Ir.GetRandomValues,t,e,r)(n);return Hs(n)}catch(e){throw Ji(Wo)}}async function dl(e,t,r,n){t.addQueueMeasurement(Ir.GenerateCodeChallengeFromVerifier,n);try{const o=await Pn(Xs,Ir.Sha256Digest,r,t,n)(e,t,n);return Hs(new Uint8Array(o))}catch(e){throw Ji(Wo)}}class ul{constructor(e,t,r,n){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=n,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=r.startMeasurement(Ir.NativeMessageHandlerHandshake),this.platformAuthType=hs}async sendMessage(e){this.logger.trace(this.platformAuthType+" - sendMessage called.");const t={method:gs,request:e},r={channel:ns,extensionId:this.extensionId,responseId:ta(),body:t};this.logger.trace(this.platformAuthType+" - Sending request to browser extension"),this.logger.tracePii(this.platformAuthType+` - Sending request to browser extension: ${JSON.stringify(r)}`),this.messageChannel.port1.postMessage(r);const n=await new Promise(((e,t)=>{this.resolvers.set(r.responseId,{resolve:e,reject:t})}));return this.validatePlatformBrokerResponse(n)}static async createProvider(e,t,r){e.trace("PlatformAuthExtensionHandler - createProvider called.");try{const n=new ul(e,t,r,os);return await n.sendHandshakeRequest(),n}catch(n){const o=new ul(e,t,r);return await o.sendHandshakeRequest(),o}}async sendHandshakeRequest(){this.logger.trace(this.platformAuthType+" - sendHandshakeRequest called."),window.addEventListener("message",this.windowListener,!1);const e={channel:ns,extensionId:this.extensionId,responseId:ta(),body:{method:ds}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=e=>{this.onChannelMessage(e)},window.postMessage(e,window.origin,[this.messageChannel.port2]),new Promise(((t,r)=>{this.handshakeResolvers.set(e.responseId,{resolve:t,reject:r}),this.timeoutId=window.setTimeout((()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(Ji(Ni)),this.handshakeResolvers.delete(e.responseId)}),this.handshakeTimeoutMs)}))}onWindowMessage(e){if(this.logger.trace(this.platformAuthType+" - onWindowMessage called"),e.source!==window)return;const t=e.data;if(t.channel&&t.channel===ns&&(!t.extensionId||t.extensionId===this.extensionId)&&t.body.method===ds){const e=this.handshakeResolvers.get(t.responseId);if(!e)return void this.logger.trace(this.platformAuthType+`.onWindowMessage - resolver can't be found for request ${t.responseId}`);this.logger.verbose(t.extensionId?`Extension with id: ${t.extensionId} not installed`:"No extension installed"),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),e.reject(Ji(Ui))}}onChannelMessage(e){this.logger.trace(this.platformAuthType+" - onChannelMessage called.");const t=e.data,r=this.resolvers.get(t.responseId),n=this.handshakeResolvers.get(t.responseId);try{const e=t.body.method;if(e===ps){if(!r)return;const e=t.body.response;if(this.logger.trace(this.platformAuthType+" - Received response from browser extension"),this.logger.tracePii(this.platformAuthType+` - Received response from browser extension: ${JSON.stringify(e)}`),"Success"!==e.status)r.reject(Xc(e.code,e.description,e.ext));else{if(!e.result)throw ve(ge,"Event does not contain result.");e.result.code&&e.result.description?r.reject(Xc(e.result.code,e.result.description,e.result.ext)):r.resolve(e.result)}this.resolvers.delete(t.responseId)}else if(e===us){if(!n)return void this.logger.trace(this.platformAuthType+`.onChannelMessage - resolver can't be found for request ${t.responseId}`);clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=t.extensionId,this.extensionVersion=t.body.version,this.logger.verbose(this.platformAuthType+` - Received HandshakeResponse from extension: ${this.extensionId}`),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),n.resolve(),this.handshakeResolvers.delete(t.responseId)}}catch(t){this.logger.error("Error parsing response from WAM Extension"),this.logger.errorPii(`Error parsing response from WAM Extension: ${t}`),this.logger.errorPii(`Unable to parse ${e}`),r?r.reject(t):n&&n.reject(t)}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw ve(ge,"Response missing expected properties.")}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}getExtensionName(){return this.getExtensionId()===os?"chrome":this.getExtensionId()?.length?"unknown":void 0}}class gl{constructor(e,t,r){this.logger=e,this.performanceClient=t,this.correlationId=r,this.platformAuthType=ls}static async createProvider(e,t,r){if(e.trace("PlatformAuthDOMHandler: createProvider called"),window.navigator?.platformAuthentication){const n=await window.navigator.platformAuthentication.getSupportedContracts(ss);if(n?.includes(cs))return e.trace("Platform auth api available in DOM"),new gl(e,t,r)}}getExtensionId(){return ss}getExtensionVersion(){return""}getExtensionName(){return as}async sendMessage(e){this.logger.trace(this.platformAuthType+" - Sending request to browser DOM API");try{const t=this.initializePlatformDOMRequest(e),r=await window.navigator.platformAuthentication.executeGetToken(t);return this.validatePlatformBrokerResponse(r)}catch(e){throw this.logger.error(this.platformAuthType+" - executeGetToken DOM API error"),e}}initializePlatformDOMRequest(e){this.logger.trace(this.platformAuthType+" - initializeNativeDOMRequest called");const{accountId:t,clientId:r,authority:n,scope:o,redirectUri:i,correlationId:s,state:a,storeInCache:c,embeddedClientId:l,extraParameters:h,...d}=e,u=this.getDOMExtraParams(d);return{accountId:t,brokerId:this.getExtensionId(),authority:n,clientId:r,correlationId:s||this.correlationId,extraParameters:{...h,...u},isSecurityTokenService:!1,redirectUri:i,scope:o,state:a,storeInCache:c,embeddedClientId:l}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("isSuccess")){if(e.hasOwnProperty("accessToken")&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("clientInfo")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scopes")&&e.hasOwnProperty("expiresIn"))return this.logger.trace(this.platformAuthType+" - platform broker returned successful and valid response"),this.convertToPlatformBrokerResponse(e);if(e.hasOwnProperty("error")){const t=e;if(!1===t.isSuccess&&t.error&&t.error.code)throw this.logger.trace(this.platformAuthType+" - platform broker returned error response"),Xc(t.error.code,t.error.description,{error:parseInt(t.error.errorCode),protocol_error:t.error.protocolError,status:t.error.status,properties:t.error.properties})}}throw ve(ge,"Response missing expected properties.")}convertToPlatformBrokerResponse(e){this.logger.trace(this.platformAuthType+" - convertToNativeResponse called");return{access_token:e.accessToken,id_token:e.idToken,client_info:e.clientInfo,account:e.account,expires_in:e.expiresIn,scope:e.scopes,state:e.state||"",properties:e.properties||{},extendedLifetimeToken:e.extendedLifetimeToken??!1,shr:e.proofOfPossessionPayload}}getDOMExtraParams(e){return{...Object.entries(e).reduce(((e,[t,r])=>(e[t]=String(r),e)),{})}}}async function pl(e,t,r,n){e.trace("getPlatformAuthProvider called",r);const o=function(){let e;try{return e=window[ms.SessionStorage],"true"===e?.getItem(Wa)}catch(e){return!1}}();let i;e.trace("Has client allowed platform auth via DOM API: "+o);try{o&&(i=await gl.createProvider(e,t,r)),i||(e.trace("Platform auth via DOM API not available, checking for extension"),i=await ul.createProvider(e,n||2e3,t))}catch(t){e.trace("Platform auth not available",t)}return i}function ml(e,t,r,n){if(t.trace("isPlatformAuthAllowed called"),!e.system.allowPlatformBroker)return t.trace("isPlatformAuthAllowed: allowPlatformBroker is not enabled, returning false"),!1;if(!r)return t.trace("isPlatformAuthAllowed: Platform auth provider is not initialized, returning false"),!1;if(n)switch(n){case W.BEARER:case W.POP:return t.trace("isPlatformAuthAllowed: authenticationScheme is supported, returning true"),!0;default:return t.trace("isPlatformAuthAllowed: authenticationScheme is not supported, returning false"),!1}return!0}class fl extends Gc{constructor(e,t,r,n,o,i,s,a,c,l){super(e,t,r,n,o,i,s,c,l),this.unloadWindow=this.unloadWindow.bind(this),this.nativeStorage=a,this.eventHandler=o}acquireToken(e,t){let r;try{if(r={popupName:this.generatePopupName(e.scopes||h,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window},this.performanceClient.addFields({isAsyncPopup:this.config.system.asyncPopups},this.correlationId),this.config.system.asyncPopups)return this.logger.verbose("asyncPopups set to true, acquiring token"),this.acquireTokenPopupAsync(e,r,t);{const n={...e,httpMethod:Kc(e,this.config.auth.protocolMode)};return this.logger.verbose("asyncPopup set to false, opening popup before acquiring token"),r.popup=this.openSizedPopup("about:blank",r),this.acquireTokenPopupAsync(n,r,t)}}catch(e){return Promise.reject(e)}}logout(e){try{this.logger.verbose("logoutPopup called");const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:e?.popupWindowAttributes||{},popupWindowParent:e?.popupWindowParent??window},n=e&&e.authority,o=e&&e.mainWindowRedirectUri;return this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true"),this.logoutPopupAsync(t,r,n,o)):(this.logger.verbose("asyncPopup set to false, opening popup"),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,n,o))}catch(e){return Promise.reject(e)}}async acquireTokenPopupAsync(t,r,n){this.logger.verbose("acquireTokenPopupAsync called");const o=await Pn(this.initializeAuthorizationRequest.bind(this),Ir.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Popup);r.popup&&Oa(o.authority);const i=ml(this.config,this.logger,this.platformAuthProvider,t.authenticationScheme);return o.platformBroker=i,this.config.auth.protocolMode===wr.EAR?this.executeEarFlow(o,r):this.executeCodeFlow(o,r,n)}async executeCodeFlow(t,r,n){const o=t.correlationId,i=this.initializeServerTelemetryManager(Rs.acquireTokenPopup),s=n||await Pn(ll,Ir.GeneratePkceCodes,this.logger,this.performanceClient,o)(this.performanceClient,this.logger,o),a={...t,codeChallenge:s.challenge};try{const n=await Pn(this.createAuthCodeClient.bind(this),Ir.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,o)({serverTelemetryManager:i,requestAuthority:a.authority,requestAzureCloudOptions:a.azureCloudOptions,requestExtraQueryParameters:a.extraQueryParameters,account:a.account});if(a.httpMethod===l)return await this.executeCodeFlowWithPost(a,r,n,s.verifier);{const i=await Pn(rl,Ir.GetAuthCodeUrl,this.logger,this.performanceClient,o)(this.config,n.authority,a,this.logger,this.performanceClient),c=this.initiateAuthRequest(i,r);this.eventHandler.emitEvent(Ec.POPUP_OPENED,e.InteractionType.Popup,{popupWindow:c},null);const l=await this.monitorPopupForHash(c,r.popupWindowParent),h=_n($c,Ir.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(l,this.config.auth.OIDCOptions.serverResponseType,this.logger);return await Pn(al,Ir.HandleResponseCode,this.logger,this.performanceClient,o)(t,h,s.verifier,Rs.acquireTokenPopup,this.config,n,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}catch(e){throw r.popup?.close(),e instanceof Ce&&(e.setCorrelationId(this.correlationId),i.cacheFailedRequest(e)),e}}async executeEarFlow(e,t){const r=e.correlationId,n=await Pn(this.getDiscoveredAuthority.bind(this),Ir.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,r)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),o=await Pn(na,Ir.GenerateEarKey,this.logger,this.performanceClient,r)(),i={...e,earJwk:o},s=t.popup||this.openPopup("about:blank",t);(await nl(s.document,this.config,n,i,this.logger,this.performanceClient)).submit();const a=await Pn(this.monitorPopupForHash.bind(this),Ir.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,r)(s,t.popupWindowParent),c=_n($c,Ir.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(a,this.config.auth.OIDCOptions.serverResponseType,this.logger);return Pn(cl,Ir.HandleResponseEar,this.logger,this.performanceClient,r)(i,c,Rs.acquireTokenPopup,this.config,n,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async executeCodeFlowWithPost(e,t,r,n){const o=e.correlationId,i=await Pn(this.getDiscoveredAuthority.bind(this),Ir.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,o)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),s=t.popup||this.openPopup("about:blank",t);(await ol(s.document,this.config,i,e,this.logger,this.performanceClient)).submit();const a=await Pn(this.monitorPopupForHash.bind(this),Ir.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,o)(s,t.popupWindowParent),c=_n($c,Ir.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(a,this.config.auth.OIDCOptions.serverResponseType,this.logger);return Pn(al,Ir.HandleResponseCode,this.logger,this.performanceClient,o)(e,c,n,Rs.acquireTokenPopup,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async logoutPopupAsync(t,r,n,o){this.logger.verbose("logoutPopupAsync called"),this.eventHandler.emitEvent(Ec.LOGOUT_START,e.InteractionType.Popup,t);const i=this.initializeServerTelemetryManager(Rs.logoutPopup);try{await this.clearCacheOnLogout(this.correlationId,t.account);const s=await Pn(this.createAuthCodeClient.bind(this),Ir.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:i,requestAuthority:n,account:t.account||void 0});try{s.authority.endSessionEndpoint}catch{if(t.account?.homeAccountId&&t.postLogoutRedirectUri&&s.authority.protocolMode===wr.OIDC){if(this.eventHandler.emitEvent(Ec.LOGOUT_SUCCESS,e.InteractionType.Popup,t),o){const e={apiId:Rs.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=ar.getAbsoluteUrl(o,Aa());await this.navigationClient.navigateInternal(t,e)}return void r.popup?.close()}}const a=s.getLogoutUri(t);this.eventHandler.emitEvent(Ec.LOGOUT_SUCCESS,e.InteractionType.Popup,t);const c=this.openPopup(a,r);if(this.eventHandler.emitEvent(Ec.POPUP_OPENED,e.InteractionType.Popup,{popupWindow:c},null),await this.monitorPopupForHash(c,r.popupWindowParent).catch((()=>{})),o){const e={apiId:Rs.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=ar.getAbsoluteUrl(o,Aa());this.logger.verbose("Redirecting main window to url specified in the request"),this.logger.verbosePii(`Redirecting main window to: ${t}`),await this.navigationClient.navigateInternal(t,e)}else this.logger.verbose("No main window navigation requested")}catch(t){throw r.popup?.close(),t instanceof Ce&&(t.setCorrelationId(this.correlationId),i.cacheFailedRequest(t)),this.eventHandler.emitEvent(Ec.LOGOUT_FAILURE,e.InteractionType.Popup,null,t),this.eventHandler.emitEvent(Ec.LOGOUT_END,e.InteractionType.Popup),t}this.eventHandler.emitEvent(Ec.LOGOUT_END,e.InteractionType.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii(`Navigate to: ${e}`),this.openPopup(e,t);throw this.logger.error("Navigate url is empty"),Ji(Xo)}monitorPopupForHash(e,t){return new Promise(((t,r)=>{this.logger.verbose("PopupHandler.monitorPopupForHash - polling started");const n=setInterval((()=>{if(e.closed)return this.logger.error("PopupHandler.monitorPopupForHash - window closed"),clearInterval(n),void r(Ji(ai));let o="";try{o=e.location.href}catch(e){}if(!o||"about:blank"===o)return;clearInterval(n);let i="";const s=this.config.auth.OIDCOptions.serverResponseType;e&&(i=s===_.QUERY?e.location.search:e.location.hash),this.logger.verbose("PopupHandler.monitorPopupForHash - popup window is on same origin as caller"),t(i)}),this.config.system.pollIntervalMilliseconds)})).finally((()=>{this.cleanPopup(e,t)}))}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii(`Navigating popup window to: ${e}`),r.location.assign(e)):void 0===t.popup&&(this.logger.verbosePii(`Opening popup window to: ${e}`),r=this.openSizedPopup(e,t)),!r)throw Ji(si);return r.focus&&r.focus(),this.currentWindow=r,t.popupWindowParent.addEventListener("beforeunload",this.unloadWindow),r}catch(e){throw this.logger.error("error opening popup "+e.message),Ji(ii)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:n}){const o=n.screenLeft?n.screenLeft:n.screenX,i=n.screenTop?n.screenTop:n.screenY,s=n.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,a=n.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let c=r.popupSize?.width,l=r.popupSize?.height,h=r.popupPosition?.top,d=r.popupPosition?.left;return(!c||c<0||c>s)&&(this.logger.verbose("Default popup window width used. Window width not configured or invalid."),c=Xi),(!l||l<0||l>a)&&(this.logger.verbose("Default popup window height used. Window height not configured or invalid."),l=Zi),(!h||h<0||h>a)&&(this.logger.verbose("Default popup window top position used. Window top not configured or invalid."),h=Math.max(0,a/2-Zi/2+i)),(!d||d<0||d>s)&&(this.logger.verbose("Default popup window left position used. Window left not configured or invalid."),d=Math.max(0,s/2-Xi/2+o)),n.open(e,t,`width=${c}, height=${l}, top=${h}, left=${d}, scrollbars=yes`)}unloadWindow(e){this.currentWindow&&this.currentWindow.close(),e.preventDefault()}cleanPopup(e,t){e.close(),t.removeEventListener("beforeunload",this.unloadWindow)}generatePopupName(e,t){return`${es}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${es}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}class yl extends Gc{constructor(e,t,r,n,o,i,s,a,c,l){super(e,t,r,n,o,i,s,c,l),this.nativeStorage=a}async acquireToken(t){const r=await Pn(this.initializeAuthorizationRequest.bind(this),Ir.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Redirect);r.platformBroker=ml(this.config,this.logger,this.platformAuthProvider,t.authenticationScheme);const n=t=>{t.persisted&&(this.logger.verbose("Page was restored from back/forward cache. Clearing temporary cache."),this.browserStorage.resetRequestCache(),this.eventHandler.emitEvent(Ec.RESTORE_FROM_BFCACHE,e.InteractionType.Redirect))},o=this.getRedirectStartPage(t.redirectStartPage);this.logger.verbosePii(`Redirect start page: ${o}`),this.browserStorage.setTemporaryCache(ws,o,!0),window.addEventListener("pageshow",n);try{this.config.auth.protocolMode===wr.EAR?await this.executeEarFlow(r):await this.executeCodeFlow(r,t.onRedirectNavigate)}catch(e){throw e instanceof Ce&&e.setCorrelationId(this.correlationId),window.removeEventListener("pageshow",n),e}}async executeCodeFlow(e,t){const r=e.correlationId,n=this.initializeServerTelemetryManager(Rs.acquireTokenRedirect),o=await Pn(ll,Ir.GeneratePkceCodes,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),i={...e,codeChallenge:o.challenge};this.browserStorage.cacheAuthorizeRequest(i,o.verifier);try{if(i.httpMethod===l)return await this.executeCodeFlowWithPost(i);{const r=await Pn(this.createAuthCodeClient.bind(this),Ir.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:i.authority,requestAzureCloudOptions:i.azureCloudOptions,requestExtraQueryParameters:i.extraQueryParameters,account:i.account}),o=await Pn(rl,Ir.GetAuthCodeUrl,this.logger,this.performanceClient,e.correlationId)(this.config,r.authority,i,this.logger,this.performanceClient);return await this.initiateAuthRequest(o,t)}}catch(e){throw e instanceof Ce&&(e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e)),e}}async executeEarFlow(e){const t=e.correlationId,r=await Pn(this.getDiscoveredAuthority.bind(this),Ir.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),n=await Pn(na,Ir.GenerateEarKey,this.logger,this.performanceClient,t)(),o={...e,earJwk:n};this.browserStorage.cacheAuthorizeRequest(o);return(await nl(document,this.config,r,o,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Ji(Gi,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async executeCodeFlowWithPost(e){const t=e.correlationId,r=await Pn(this.getDiscoveredAuthority.bind(this),Ir.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});this.browserStorage.cacheAuthorizeRequest(e);return(await ol(document,this.config,r,e,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Ji(Gi,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async handleRedirectPromise(e="",r,n,o){const i=this.initializeServerTelemetryManager(Rs.handleRedirectPromise);try{const[s,a]=this.getRedirectResponse(e||"");if(!s)return this.logger.info("handleRedirectPromise did not detect a response as a result of a redirect. Cleaning temporary cache."),this.browserStorage.resetRequestCache(),"back_forward"!==function(){if("undefined"==typeof window||void 0===window.performance||"function"!=typeof window.performance.getEntriesByType)return;const e=window.performance.getEntriesByType("navigation"),t=e.length?e[0]:void 0;return t?.type}()?o.event.errorCode="no_server_response":this.logger.verbose("Back navigation event detected. Muting no_server_response error"),null;const c=this.browserStorage.getTemporaryCache(ws,!0)||t.EMPTY_STRING,l=sr(c);if(l===sr(window.location.href)&&this.config.auth.navigateToLoginRequestUrl){this.logger.verbose("Current page is loginRequestUrl, handling response"),c.indexOf("#")>-1&&wa(c);return await this.handleResponse(s,r,n,i)}if(!this.config.auth.navigateToLoginRequestUrl)return this.logger.verbose("NavigateToLoginRequestUrl set to false, handling response"),await this.handleResponse(s,r,n,i);if(!Ia()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(Is,a,!0);const e={apiId:Rs.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let t=!0;if(c&&"null"!==c)this.logger.verbose(`Navigating to loginRequestUrl: ${c}`),t=await this.navigationClient.navigateInternal(c,e);else{const r=ka();this.browserStorage.setTemporaryCache(ws,r,!0),this.logger.warning("Unable to get valid login request url from cache, redirecting to home page"),t=await this.navigationClient.navigateInternal(r,e)}if(!t)return await this.handleResponse(s,r,n,i)}return null}catch(e){throw e instanceof Ce&&(e.setCorrelationId(this.correlationId),i.cacheFailedRequest(e)),e}}getRedirectResponse(t){this.logger.verbose("getRedirectResponseHash called");let r=t;r||(r=this.config.auth.OIDCOptions.serverResponseType===_.QUERY?window.location.search:window.location.hash);let n=or(r);if(n){try{Qc(n,this.browserCrypto,e.InteractionType.Redirect)}catch(e){return e instanceof Ce&&this.logger.error(`Interaction type validation failed due to ${e.errorCode}: ${e.errorMessage}`),[null,""]}return va(window),this.logger.verbose("Hash contains known properties, returning response hash"),[n,r]}const o=this.browserStorage.getTemporaryCache(Is,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Is)),o&&(n=or(o),n)?(this.logger.verbose("Hash does not contain known properties, returning cached hash"),[n,o]):[null,""]}async handleResponse(e,t,r,n){if(!e.state)throw Ji(ei);if(e.ear_jwe){const r=await Pn(this.getDiscoveredAuthority.bind(this),Ir.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t.correlationId)({requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account});return Pn(cl,Ir.HandleResponseEar,this.logger,this.performanceClient,t.correlationId)(t,e,Rs.acquireTokenRedirect,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}const o=await Pn(this.createAuthCodeClient.bind(this),Ir.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority});return Pn(al,Ir.HandleResponseCode,this.logger,this.performanceClient,t.correlationId)(t,e,r,Rs.acquireTokenRedirect,this.config,o,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async initiateAuthRequest(e,t){if(this.logger.verbose("RedirectHandler.initiateAuthRequest called"),e){this.logger.infoPii(`RedirectHandler.initiateAuthRequest: Navigate to: ${e}`);const r={apiId:Rs.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},n=t||this.config.auth.onRedirectNavigate;if("function"==typeof n){this.logger.verbose("RedirectHandler.initiateAuthRequest: Invoking onRedirectNavigate callback");return!1!==n(e)?(this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate did not return false, navigating"),void await this.navigationClient.navigateExternal(e,r)):void this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate returned false, stopping navigation")}return this.logger.verbose("RedirectHandler.initiateAuthRequest: Navigating window to navigate url"),void await this.navigationClient.navigateExternal(e,r)}throw this.logger.info("RedirectHandler.initiateAuthRequest: Navigate url is empty"),Ji(Xo)}async logout(t){this.logger.verbose("logoutRedirect called");const r=this.initializeLogoutRequest(t),n=this.initializeServerTelemetryManager(Rs.logout);try{this.eventHandler.emitEvent(Ec.LOGOUT_START,e.InteractionType.Redirect,t),await this.clearCacheOnLogout(this.correlationId,r.account);const o={apiId:Rs.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=await Pn(this.createAuthCodeClient.bind(this),Ir.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t&&t.authority,requestExtraQueryParameters:t?.extraQueryParameters,account:t&&t.account||void 0});if(i.authority.protocolMode===wr.OIDC)try{i.authority.endSessionEndpoint}catch{if(r.account?.homeAccountId)return void this.eventHandler.emitEvent(Ec.LOGOUT_SUCCESS,e.InteractionType.Redirect,r)}const s=i.getLogoutUri(r);if(this.eventHandler.emitEvent(Ec.LOGOUT_SUCCESS,e.InteractionType.Redirect,r),!t||"function"!=typeof t.onRedirectNavigate)return this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,vs),void await this.navigationClient.navigateExternal(s,o);if(!1!==t.onRedirectNavigate(s))return this.logger.verbose("Logout onRedirectNavigate did not return false, navigating"),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,vs),void await this.navigationClient.navigateExternal(s,o);this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("Logout onRedirectNavigate returned false, stopping navigation")}catch(t){throw t instanceof Ce&&(t.setCorrelationId(this.correlationId),n.cacheFailedRequest(t)),this.eventHandler.emitEvent(Ec.LOGOUT_FAILURE,e.InteractionType.Redirect,null,t),this.eventHandler.emitEvent(Ec.LOGOUT_END,e.InteractionType.Redirect),t}this.eventHandler.emitEvent(Ec.LOGOUT_END,e.InteractionType.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return ar.getAbsoluteUrl(t,Aa())}}async function Cl(e,t,r,n,o){if(t.addQueueMeasurement(Ir.SilentHandlerInitiateAuthRequest,n),!e)throw r.info("Navigate url is empty"),Ji(Xo);return o?Pn(Tl,Ir.SilentHandlerLoadFrame,r,t,n)(e,o,t,n):_n(Al,Ir.SilentHandlerLoadFrameSync,r,t,n)(e)}async function vl(e,t,r,n,o){const i=kl();if(!i.contentDocument)throw"No document associated with iframe!";return(await ol(i.contentDocument,e,t,r,n,o)).submit(),i}async function wl(e,t,r,n,o){const i=kl();if(!i.contentDocument)throw"No document associated with iframe!";return(await nl(i.contentDocument,e,t,r,n,o)).submit(),i}async function Il(e,t,r,n,o,i,s){return n.addQueueMeasurement(Ir.SilentHandlerMonitorIframeForHash,i),new Promise(((n,i)=>{t<Ba&&o.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${t}ms) than the default (10000ms). This may result in timeouts.`);const a=window.setTimeout((()=>{window.clearInterval(c),i(Ji(li))}),t),c=window.setInterval((()=>{let t="";const r=e.contentWindow;try{t=r?r.location.href:""}catch(e){}if(!t||"about:blank"===t)return;let o="";r&&(o=s===_.QUERY?r.location.search:r.location.hash),window.clearTimeout(a),window.clearInterval(c),n(o)}),r)})).finally((()=>{_n(Sl,Ir.RemoveHiddenIframe,o,n,i)(e)}))}function Tl(e,t,r,n){return r.addQueueMeasurement(Ir.SilentHandlerLoadFrame,n),new Promise(((r,n)=>{const o=kl();window.setTimeout((()=>{o?(o.src=e,r(o)):n("Unable to load iframe")}),t)}))}function Al(e){const t=kl();return t.src=e,t}function kl(){const e=document.createElement("iframe");return e.className="msalSilentIframe",e.style.visibility="hidden",e.style.position="absolute",e.style.width=e.style.height="0",e.style.border="0",e.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),document.body.appendChild(e),e}function Sl(e){document.body===e.parentNode&&document.body.removeChild(e)}class bl extends Gc{constructor(e,t,r,n,o,i,s,a,c,l,h){super(e,t,r,n,o,i,a,l,h),this.apiId=s,this.nativeStorage=c}async acquireToken(t){this.performanceClient.addQueueMeasurement(Ir.SilentIframeClientAcquireToken,t.correlationId),t.loginHint||t.sid||t.account&&t.account.username||this.logger.warning("No user hint provided. The authorization server may need more information to complete this request.");const r={...t};r.prompt?r.prompt!==b.NONE&&r.prompt!==b.NO_SESSION&&(this.logger.warning(`SilentIframeClient. Replacing invalid prompt ${r.prompt} with ${b.NONE}`),r.prompt=b.NONE):r.prompt=b.NONE;const n=await Pn(this.initializeAuthorizationRequest.bind(this),Ir.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,t.correlationId)(r,e.InteractionType.Silent);return n.platformBroker=ml(this.config,this.logger,this.platformAuthProvider,n.authenticationScheme),Oa(n.authority),this.config.auth.protocolMode===wr.EAR?this.executeEarFlow(n):this.executeCodeFlow(n)}async executeCodeFlow(e){let t;const r=this.initializeServerTelemetryManager(this.apiId);try{return t=await Pn(this.createAuthCodeClient.bind(this),Ir.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await Pn(this.silentTokenHelper.bind(this),Ir.SilentIframeClientTokenHelper,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(n){if(n instanceof Ce&&(n.setCorrelationId(this.correlationId),r.cacheFailedRequest(n)),!(t&&n instanceof Ce&&n.errorCode===Yi))throw n;return this.performanceClient.addFields({retryError:n.errorCode},this.correlationId),await Pn(this.silentTokenHelper.bind(this),Ir.SilentIframeClientTokenHelper,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const t=e.correlationId,r=await Pn(this.getDiscoveredAuthority.bind(this),Ir.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),n=await Pn(na,Ir.GenerateEarKey,this.logger,this.performanceClient,t)(),o={...e,earJwk:n},i=await Pn(wl,Ir.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,t)(this.config,r,o,this.logger,this.performanceClient),s=this.config.auth.OIDCOptions.serverResponseType,a=await Pn(Il,Ir.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,t)(i,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,t,s),c=_n($c,Ir.DeserializeResponse,this.logger,this.performanceClient,t)(a,s,this.logger);return Pn(cl,Ir.HandleResponseEar,this.logger,this.performanceClient,t)(o,c,this.apiId,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}logout(){return Promise.reject(Ji(pi))}async silentTokenHelper(e,t){const r=t.correlationId;this.performanceClient.addQueueMeasurement(Ir.SilentIframeClientTokenHelper,r);const n=await Pn(ll,Ir.GeneratePkceCodes,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),o={...t,codeChallenge:n.challenge};let i;if(t.httpMethod===l)i=await Pn(vl,Ir.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);else{const t=await Pn(rl,Ir.GetAuthCodeUrl,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);i=await Pn(Cl,Ir.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,r)(t,this.performanceClient,this.logger,r,this.config.system.navigateFrameWait)}const s=this.config.auth.OIDCOptions.serverResponseType,a=await Pn(Il,Ir.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,r)(i,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,r,s),c=_n($c,Ir.DeserializeResponse,this.logger,this.performanceClient,r)(a,s,this.logger);return Pn(al,Ir.HandleResponseCode,this.logger,this.performanceClient,r)(t,c,n.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}class El extends Gc{async acquireToken(e){this.performanceClient.addQueueMeasurement(Ir.SilentRefreshClientAcquireToken,e.correlationId);const t=await Pn(Fc,Ir.InitializeBaseRequest,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger),r={...e,...t};e.redirectUri&&(r.redirectUri=this.getRedirectUri(e.redirectUri));const n=this.initializeServerTelemetryManager(Rs.acquireTokenSilent_silentFlow),o=await this.createRefreshTokenClient({serverTelemetryManager:n,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return Pn(o.acquireTokenByRefreshToken.bind(o),Ir.RefreshTokenClientAcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(r).catch((e=>{throw e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e),e}))}logout(){return Promise.reject(Ji(pi))}async createRefreshTokenClient(e){const t=await Pn(this.getClientConfiguration.bind(this),Ir.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new Mo(t,this.performanceClient)}}class Rl{constructor(e,t,r,n){this.isBrowserEnvironment="undefined"!=typeof window,this.config=e,this.storage=t,this.logger=r,this.cryptoObj=n}async loadExternalTokens(e,t,r){if(!this.isBrowserEnvironment)throw Ji(Ii);const n=e.correlationId||ta(),o=t.id_token?er(t.id_token,Bs):void 0,i={protocolMode:this.config.auth.protocolMode,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},s=e.authority?new Wn(Wn.generateAuthority(e.authority,e.azureCloudOptions),this.config.system.networkClient,this.storage,i,this.logger,e.correlationId||ta()):void 0,a=await this.loadAccount(e,r.clientInfo||t.client_info||"",n,o,s),c=await this.loadIdToken(t,a.homeAccountId,a.environment,a.realm,n),l=await this.loadAccessToken(e,t,a.homeAccountId,a.environment,a.realm,r,n),h=await this.loadRefreshToken(t,a.homeAccountId,a.environment,n);return this.generateAuthenticationResult(e,{account:a,idToken:c,accessToken:l,refreshToken:h},o,s)}async loadAccount(e,t,r,n,o){if(this.logger.verbose("TokenCache - loading account"),e.account){const t=io.createFromAccountInfo(e.account);return await this.storage.setAccount(t,r),t}if(!o||!t&&!n)throw this.logger.error("TokenCache - if an account is not provided on the request, authority and either clientInfo or idToken must be provided instead."),Ji(Ei);const i=io.generateHomeAccountId(t,o.authorityType,this.logger,this.cryptoObj,n),s=n?.tid,a=Ro(this.storage,o,i,Bs,r,n,t,o.hostnameAndPort,s,void 0,void 0,this.logger);return await this.storage.setAccount(a,r),a}async loadIdToken(e,t,r,n,o){if(!e.id_token)return this.logger.verbose("TokenCache - no id token found in response"),null;this.logger.verbose("TokenCache - loading id token");const i=xn(t,r,e.id_token,this.config.auth.clientId,n);return await this.storage.setIdTokenCredential(i,o),i}async loadAccessToken(e,t,r,n,o,i,s){if(!t.access_token)return this.logger.verbose("TokenCache - no access token found in response"),null;if(!t.expires_in)return this.logger.error("TokenCache - no expiration set on the access token. Cannot add it to the cache."),null;if(!(t.scope||e.scopes&&e.scopes.length))return this.logger.error("TokenCache - scopes not specified in the request or response. Cannot add token to the cache."),null;this.logger.verbose("TokenCache - loading access token");const a=t.scope?Jt.fromString(t.scope):new Jt(e.scopes),c=i.expiresOn||t.expires_in+On(),l=i.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+On(),h=Dn(r,n,t.access_token,this.config.auth.clientId,o,a.printScopes(),c,l,Bs);return await this.storage.setAccessTokenCredential(h,s),h}async loadRefreshToken(e,t,r,n){if(!e.refresh_token)return this.logger.verbose("TokenCache - no refresh token found in response"),null;this.logger.verbose("TokenCache - loading refresh token");const o=Bn(t,r,e.refresh_token,this.config.auth.clientId,e.foci,void 0,e.refresh_token_expires_in);return await this.storage.setRefreshTokenCredential(o,n),o}generateAuthenticationResult(e,t,r,n){let o,i="",s=[],a=null;t?.accessToken&&(i=t.accessToken.secret,s=Jt.fromString(t.accessToken.target).asArray(),a=Nn(t.accessToken.expiresOn),o=Nn(t.accessToken.extendedExpiresOn));const c=t.account;return{authority:n?n.canonicalAuthority:"",uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:c.getAccountInfo(),idToken:t.idToken?.secret||"",idTokenClaims:r||{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId||"",requestId:"",extExpiresOn:o,familyId:t.refreshToken?.familyId||"",tokenType:t?.accessToken?.tokenType||"",state:e.state||"",cloudGraphHostName:c.cloudGraphHostName||"",msGraphHost:c.msGraphHost||"",fromNativeBroker:!1}}}class _l extends Po{constructor(e){super(e),this.includeRedirectUri=!1}}class Pl extends Gc{constructor(e,t,r,n,o,i,s,a,c,l){super(e,t,r,n,o,i,a,c,l),this.apiId=s}async acquireToken(t){if(!t.code)throw Ji(_i);const r=await Pn(this.initializeAuthorizationRequest.bind(this),Ir.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,t.correlationId)(t,e.InteractionType.Silent),n=this.initializeServerTelemetryManager(this.apiId);try{const e={...r,code:t.code},o=await Pn(this.getClientConfiguration.bind(this),Ir.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,t.correlationId)({serverTelemetryManager:n,requestAuthority:r.authority,requestAzureCloudOptions:r.azureCloudOptions,requestExtraQueryParameters:r.extraQueryParameters,account:r.account}),i=new _l(o);this.logger.verbose("Auth code client created");const s=new jc(i,this.browserStorage,e,this.logger,this.performanceClient);return await Pn(s.handleCodeResponseFromServer.bind(s),Ir.HandleCodeResponseFromServer,this.logger,this.performanceClient,t.correlationId)({code:t.code,msgraph_host:t.msGraphHost,cloud_graph_host_name:t.cloudGraphHostName,cloud_instance_host_name:t.cloudInstanceHostName},r,!1)}catch(e){throw e instanceof Ce&&(e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e)),e}}logout(){return Promise.reject(Ji(pi))}}function Ml(e,t,r){try{Pa(e)}catch(e){throw t.end({success:!1},e,r),e}}class Ol{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new mc(this.logger,this.performanceClient):mt,this.eventHandler=new Dc(this.logger),this.browserStorage=this.isBrowserEnvironment?new _c(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,Jn(this.config.auth)):Mc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:ms.MemoryStorage,cacheRetentionDays:5,temporaryCacheLocation:ms.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};this.nativeInternalStorage=new _c(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.tokenCache=new Rl(this.config,this.browserStorage,this.logger,this.browserCrypto),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this)}static async createController(e,t){const r=new Ol(e);return await r.initialize(t),r}trackPageVisibility(e){e&&(this.logger.info("Perf: Visibility change detected"),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e,t){if(this.logger.trace("initialize called"),this.initialized)return void this.logger.info("initialize has already been called, exiting early.");if(!this.isBrowserEnvironment)return this.logger.info("in non-browser environment, exiting early."),this.initialized=!0,void this.eventHandler.emitEvent(Ec.INITIALIZE_END);const r=e?.correlationId||this.getRequestCorrelationId(),n=this.config.system.allowPlatformBroker,o=this.performanceClient.startMeasurement(Ir.InitializeClientApplication,r);if(this.eventHandler.emitEvent(Ec.INITIALIZE_START),!t)try{this.logMultipleInstances(o)}catch{}if(await Pn(this.browserStorage.initialize.bind(this.browserStorage),Ir.InitializeCache,this.logger,this.performanceClient,r)(r),n)try{this.platformAuthProvider=await pl(this.logger,this.performanceClient,r,this.config.system.nativeBrokerHandshakeTimeout)}catch(e){this.logger.verbose(e)}this.config.cache.claimsBasedCachingEnabled||(this.logger.verbose("Claims-based caching is disabled. Clearing the previous cache with claims"),_n(this.browserStorage.clearTokensAndKeysWithClaims.bind(this.browserStorage),Ir.ClearTokensAndKeysWithClaims,this.logger,this.performanceClient,r)(r)),this.config.system.asyncPopups&&await this.preGeneratePkceCodes(r),this.initialized=!0,this.eventHandler.emitEvent(Ec.INITIALIZE_END),o.end({allowPlatformBroker:n,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("handleRedirectPromise called"),_a(this.initialized),this.isBrowserEnvironment){const t=e||"";let r=this.redirectResponse.get(t);return void 0===r?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("handleRedirectPromise has been called for the first time, storing the promise")):this.logger.verbose("handleRedirectPromise has been called previously, returning the result from the first call"),r}return this.logger.verbose("handleRedirectPromise returns null, not browser environment"),null}async handleRedirectPromiseInternal(t){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const r=this.browserStorage.getInteractionInProgress()?.type;if(r===vs)return this.logger.verbose("handleRedirectPromise removing interaction_in_progress flag and returning null after sign-out"),this.browserStorage.setInteractionInProgress(!1),Promise.resolve(null);const n=this.getAllAccounts(),o=this.browserStorage.getCachedNativeRequest(),i=o&&this.platformAuthProvider&&!t;let s,a;this.eventHandler.emitEvent(Ec.HANDLE_REDIRECT_START,e.InteractionType.Redirect);try{if(i&&this.platformAuthProvider){s=this.performanceClient.startMeasurement(Ir.AcquireTokenRedirect,o?.correlationId||""),this.logger.trace("handleRedirectPromise - acquiring token from native platform"),s.add({isPlatformBrokerRequest:!0});const e=new el(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Rs.handleRedirectPromise,this.performanceClient,this.platformAuthProvider,o.accountId,this.nativeInternalStorage,o.correlationId);a=Pn(e.handleRedirectPromise.bind(e),Ir.HandleNativeRedirectPromiseMeasurement,this.logger,this.performanceClient,s.event.correlationId)(this.performanceClient,s.event.correlationId)}else{const[e,r]=this.browserStorage.getCachedRequest(),n=e.correlationId;s=this.performanceClient.startMeasurement(Ir.AcquireTokenRedirect,n),this.logger.trace("handleRedirectPromise - acquiring token from web flow");const o=this.createRedirectClient(n);a=Pn(o.handleRedirectPromise.bind(o),Ir.HandleRedirectPromiseMeasurement,this.logger,this.performanceClient,s.event.correlationId)(t,e,r,s)}}catch(e){throw this.browserStorage.resetRequestCache(),e}return a.then((t=>{if(t){this.browserStorage.resetRequestCache();n.length<this.getAllAccounts().length?(this.eventHandler.emitEvent(Ec.LOGIN_SUCCESS,e.InteractionType.Redirect,t),this.logger.verbose("handleRedirectResponse returned result, login success")):(this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Redirect,t),this.logger.verbose("handleRedirectResponse returned result, acquire token success")),s.end({success:!0},void 0,t.account)}else s.event.errorCode?s.end({success:!1},void 0):s.discard();return this.eventHandler.emitEvent(Ec.HANDLE_REDIRECT_END,e.InteractionType.Redirect),t})).catch((t=>{this.browserStorage.resetRequestCache();const r=t;throw n.length>0?this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Redirect,null,r):this.eventHandler.emitEvent(Ec.LOGIN_FAILURE,e.InteractionType.Redirect,null,r),this.eventHandler.emitEvent(Ec.HANDLE_REDIRECT_END,e.InteractionType.Redirect),s.end({success:!1},r),t}))}async acquireTokenRedirect(t){const r=this.getRequestCorrelationId(t);this.logger.verbose("acquireTokenRedirect called",r);const n=this.performanceClient.startMeasurement(Ir.AcquireTokenPreRedirect,r);n.add({scenarioId:t.scenarioId});const o=t.onRedirectNavigate;if(o)t.onRedirectNavigate=e=>{const r="function"==typeof o?o(e):void 0;return n.add({navigateCallbackResult:!1!==r}),n.event=n.end({success:!0},void 0,t.account)||n.event,r};else{const e=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=r=>{const o="function"==typeof e?e(r):void 0;return n.add({navigateCallbackResult:!1!==o}),n.event=n.end({success:!0},void 0,t.account)||n.event,o}}const i=this.getAllAccounts().length>0;try{let o;if(Ma(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Cs),i?this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_START,e.InteractionType.Redirect,t):this.eventHandler.emitEvent(Ec.LOGIN_START,e.InteractionType.Redirect,t),this.platformAuthProvider&&this.canUsePlatformBroker(t)){o=new el(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Rs.acquireTokenRedirect,this.performanceClient,this.platformAuthProvider,this.getNativeAccountId(t),this.nativeInternalStorage,r).acquireTokenRedirect(t,n).catch((e=>{if(n.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Jc&&Yc(e)){this.platformAuthProvider=void 0;return this.createRedirectClient(r).acquireToken(t)}if(e instanceof wo){this.logger.verbose("acquireTokenRedirect - Resolving interaction required error thrown by native broker by falling back to web flow");return this.createRedirectClient(r).acquireToken(t)}throw e}))}else{o=this.createRedirectClient(r).acquireToken(t)}return await o}catch(o){throw this.browserStorage.resetRequestCache(),2===n.event.status?this.performanceClient.startMeasurement(Ir.AcquireTokenRedirect,r).end({success:!1},o,t.account):n.end({success:!1},o,t.account),i?this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Redirect,null,o):this.eventHandler.emitEvent(Ec.LOGIN_FAILURE,e.InteractionType.Redirect,null,o),o}}acquireTokenPopup(t){const r=this.getRequestCorrelationId(t),n=this.performanceClient.startMeasurement(Ir.AcquireTokenPopup,r);n.add({scenarioId:t.scenarioId});try{this.logger.verbose("acquireTokenPopup called",r),Ml(this.initialized,n,t.account),this.browserStorage.setInteractionInProgress(!0,Cs)}catch(e){return Promise.reject(e)}const o=this.getAllAccounts();let i;o.length>0?this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_START,e.InteractionType.Popup,t):this.eventHandler.emitEvent(Ec.LOGIN_START,e.InteractionType.Popup,t);const s=this.getPreGeneratedPkceCodes(r);if(this.canUsePlatformBroker(t))n.add({isPlatformBrokerRequest:!0}),i=this.acquireTokenNative({...t,correlationId:r},Rs.acquireTokenPopup).then((e=>(n.end({success:!0},void 0,e.account),e))).catch((e=>{if(n.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Jc&&Yc(e)){this.platformAuthProvider=void 0;return this.createPopupClient(r).acquireToken(t,s)}if(e instanceof wo){this.logger.verbose("acquireTokenPopup - Resolving interaction required error thrown by native broker by falling back to web flow");return this.createPopupClient(r).acquireToken(t,s)}throw e}));else{i=this.createPopupClient(r).acquireToken(t,s)}return i.then((t=>(o.length<this.getAllAccounts().length?this.eventHandler.emitEvent(Ec.LOGIN_SUCCESS,e.InteractionType.Popup,t):this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Popup,t),n.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((r=>(o.length>0?this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Popup,null,r):this.eventHandler.emitEvent(Ec.LOGIN_FAILURE,e.InteractionType.Popup,null,r),n.end({success:!1},r,t.account),Promise.reject(r)))).finally((async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.asyncPopups&&await this.preGeneratePkceCodes(r)}))}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;e&&(this.logger.info("Perf: Visibility change detected in ",e.event.name),e.increment({visibilityChangeCount:1}))}async ssoSilent(t){const r=this.getRequestCorrelationId(t),n={...t,prompt:t.prompt,correlationId:r};let o;if(this.ssoSilentMeasurement=this.performanceClient.startMeasurement(Ir.SsoSilent,r),this.ssoSilentMeasurement?.add({scenarioId:t.scenarioId}),Ml(this.initialized,this.ssoSilentMeasurement,t.account),this.ssoSilentMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),this.logger.verbose("ssoSilent called",r),this.eventHandler.emitEvent(Ec.SSO_SILENT_START,e.InteractionType.Silent,n),this.canUsePlatformBroker(n))this.ssoSilentMeasurement?.add({isPlatformBrokerRequest:!0}),o=this.acquireTokenNative(n,Rs.ssoSilent).catch((e=>{if(this.ssoSilentMeasurement?.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Jc&&Yc(e)){this.platformAuthProvider=void 0;return this.createSilentIframeClient(n.correlationId).acquireToken(n)}throw e}));else{o=this.createSilentIframeClient(n.correlationId).acquireToken(n)}return o.then((t=>(this.eventHandler.emitEvent(Ec.SSO_SILENT_SUCCESS,e.InteractionType.Silent,t),this.ssoSilentMeasurement?.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((r=>{throw this.eventHandler.emitEvent(Ec.SSO_SILENT_FAILURE,e.InteractionType.Silent,null,r),this.ssoSilentMeasurement?.end({success:!1},r,t.account),r})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenByCode(t){const r=this.getRequestCorrelationId(t);this.logger.trace("acquireTokenByCode called",r);const n=this.performanceClient.startMeasurement(Ir.AcquireTokenByCode,r);Ml(this.initialized,n),this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_BY_CODE_START,e.InteractionType.Silent,t),n.add({scenarioId:t.scenarioId});try{if(t.code&&t.nativeAccountId)throw Ji(Mi);if(t.code){const o=t.code;let i=this.hybridAuthCodeResponses.get(o);return i?(this.logger.verbose("Existing acquireTokenByCode request found",r),n.discard()):(this.logger.verbose("Initiating new acquireTokenByCode request",r),i=this.acquireTokenByCodeAsync({...t,correlationId:r}).then((t=>(this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_BY_CODE_SUCCESS,e.InteractionType.Silent,t),this.hybridAuthCodeResponses.delete(o),n.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((t=>{throw this.hybridAuthCodeResponses.delete(o),this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_BY_CODE_FAILURE,e.InteractionType.Silent,null,t),n.end({success:!1},t),t})),this.hybridAuthCodeResponses.set(o,i)),await i}if(t.nativeAccountId){if(this.canUsePlatformBroker(t,t.nativeAccountId)){n.add({isPlatformBrokerRequest:!0});const e=await this.acquireTokenNative({...t,correlationId:r},Rs.acquireTokenByCode,t.nativeAccountId).catch((e=>{throw e instanceof Jc&&Yc(e)&&(this.platformAuthProvider=void 0),n.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e}));return n.end({success:!0},void 0,e.account),e}throw Ji(qi)}throw Ji(Pi)}catch(t){throw this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_BY_CODE_FAILURE,e.InteractionType.Silent,null,t),n.end({success:!1},t),t}}async acquireTokenByCodeAsync(e){this.logger.trace("acquireTokenByCodeAsync called",e.correlationId),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement(Ir.AcquireTokenByCodeAsync,e.correlationId),this.acquireTokenByCodeAsyncMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const t=this.createSilentAuthCodeClient(e.correlationId);return await t.acquireToken(e).then((e=>(this.acquireTokenByCodeAsyncMeasurement?.end({success:!0,fromCache:e.fromCache}),e))).catch((e=>{throw this.acquireTokenByCodeAsyncMeasurement?.end({success:!1},e),e})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenFromCache(e,t){switch(this.performanceClient.addQueueMeasurement(Ir.AcquireTokenFromCache,e.correlationId),t){case Ns.Default:case Ns.AccessToken:case Ns.AccessTokenAndRefreshToken:const t=this.createSilentCacheClient(e.correlationId);return Pn(t.acquireToken.bind(t),Ir.SilentCacheClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw pt(Xe)}}async acquireTokenByRefreshToken(e,t){switch(this.performanceClient.addQueueMeasurement(Ir.AcquireTokenByRefreshToken,e.correlationId),t){case Ns.Default:case Ns.AccessTokenAndRefreshToken:case Ns.RefreshToken:case Ns.RefreshTokenAndNetwork:const t=this.createSilentRefreshClient(e.correlationId);return Pn(t.acquireToken.bind(t),Ir.SilentRefreshClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw pt(Xe)}}async acquireTokenBySilentIframe(e){this.performanceClient.addQueueMeasurement(Ir.AcquireTokenBySilentIframe,e.correlationId);const t=this.createSilentIframeClient(e.correlationId);return Pn(t.acquireToken.bind(t),Ir.SilentIframeClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e)}async logout(e){const t=this.getRequestCorrelationId(e);return this.logger.warning("logout API is deprecated and will be removed in msal-browser v3.0.0. Use logoutRedirect instead.",t),this.logoutRedirect({correlationId:t,...e})}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);Ma(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,vs);return this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);Pa(this.initialized),this.browserStorage.setInteractionInProgress(!0,vs);return this.createPopupClient(t).logout(e).finally((()=>{this.browserStorage.setInteractionInProgress(!1)}))}catch(e){return Promise.reject(e)}}async clearCache(e){if(!this.isBrowserEnvironment)return void this.logger.info("in non-browser environment, returning early.");const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){const t=this.getRequestCorrelationId();return Oc(this.logger,this.browserStorage,this.isBrowserEnvironment,t,e)}getAccount(e){const t=this.getRequestCorrelationId();return qc(e,this.logger,this.browserStorage,t)}getAccountByUsername(e){const t=this.getRequestCorrelationId();return Nc(e,this.logger,this.browserStorage,t)}getAccountByHomeId(e){const t=this.getRequestCorrelationId();return Uc(e,this.logger,this.browserStorage,t)}getAccountByLocalId(e){const t=this.getRequestCorrelationId();return Lc(e,this.logger,this.browserStorage,t)}setActiveAccount(e){const t=this.getRequestCorrelationId();Hc(e,this.browserStorage,t)}getActiveAccount(){const e=this.getRequestCorrelationId();return xc(this.browserStorage,e)}async hydrateCache(e,t){this.logger.verbose("hydrateCache called");const r=io.createFromAccountInfo(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId),e.fromNativeBroker?(this.logger.verbose("Response was from native broker, storing in-memory"),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,r,n){if(this.logger.trace("acquireTokenNative called"),!this.platformAuthProvider)throw Ji(Li);return new el(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.platformAuthProvider,r||this.getNativeAccountId(e),this.nativeInternalStorage,e.correlationId).acquireToken(e,n)}canUsePlatformBroker(e,t){if(this.logger.trace("canUsePlatformBroker called"),!this.platformAuthProvider)return this.logger.trace("canUsePlatformBroker: platform broker unavilable, returning false"),!1;if(!ml(this.config,this.logger,this.platformAuthProvider,e.authenticationScheme))return this.logger.trace("canUsePlatformBroker: isBrokerAvailable returned false, returning false"),!1;if(e.prompt)switch(e.prompt){case b.NONE:case b.CONSENT:case b.LOGIN:case b.SELECT_ACCOUNT:this.logger.trace("canUsePlatformBroker: prompt is compatible with platform broker flow");break;default:return this.logger.trace(`canUsePlatformBroker: prompt = ${e.prompt} is not compatible with platform broker flow, returning false`),!1}return!(!t&&!this.getNativeAccountId(e))||(this.logger.trace("canUsePlatformBroker: nativeAccountId is not available, returning false"),!1)}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||this.getActiveAccount();return t&&t.nativeAccountId||""}createPopupClient(e){return new fl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.platformAuthProvider,e)}createRedirectClient(e){return new yl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.platformAuthProvider,e)}createSilentIframeClient(e){return new bl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Rs.ssoSilent,this.performanceClient,this.nativeInternalStorage,this.platformAuthProvider,e)}createSilentCacheClient(e){return new Zc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.platformAuthProvider,e)}createSilentRefreshClient(e){return new El(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.platformAuthProvider,e)}createSilentAuthCodeClient(e){return new Pl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Rs.acquireTokenByCode,this.performanceClient,this.platformAuthProvider,e)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return Ra(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}enableAccountStorageEvents(){this.config.cache.cacheLocation===ms.LocalStorage?this.eventHandler.subscribeCrossTab():this.logger.info("Account storage events are only available when cacheLocation is set to localStorage")}disableAccountStorageEvents(){this.config.cache.cacheLocation===ms.LocalStorage?this.eventHandler.unsubscribeCrossTab():this.logger.info("Account storage events are only available when cacheLocation is set to localStorage")}getTokenCache(){return this.tokenCache}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e?.correlationId?e.correlationId:this.isBrowserEnvironment?ta():t.EMPTY_STRING}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginRedirect called",t),this.acquireTokenRedirect({correlationId:t,...e||Ms})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginPopup called",t),this.acquireTokenPopup({correlationId:t,...e||Ms})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(Ir.AcquireTokenSilent,t);r.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),Ml(this.initialized,r,e.account),this.logger.verbose("acquireTokenSilent called",t);const n=e.account||this.getActiveAccount();if(!n)throw Ji(mi);return this.acquireTokenSilentDeduped(e,n,t).then((n=>(r.end({success:!0,fromCache:n.fromCache,accessTokenSize:n.accessToken.length,idTokenSize:n.idToken.length},void 0,n.account),{...n,state:e.state,correlationId:t}))).catch((e=>{throw e instanceof Ce&&e.setCorrelationId(t),r.end({success:!1},e,n),e}))}async acquireTokenSilentDeduped(e,t,r){const n=Zn(this.config.auth.clientId,{...e,authority:e.authority||this.config.auth.authority},t.homeAccountId),o=JSON.stringify(n),i=this.activeSilentTokenRequests.get(o);if(void 0===i){this.logger.verbose("acquireTokenSilent called for the first time, storing active request",r),this.performanceClient.addFields({deduped:!1},r);const n=Pn(this.acquireTokenSilentAsync.bind(this),Ir.AcquireTokenSilentAsync,this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(o,n),n.finally((()=>{this.activeSilentTokenRequests.delete(o)}))}return this.logger.verbose("acquireTokenSilent has been called previously, returning the result from the first call",r),this.performanceClient.addFields({deduped:!0},r),i}async acquireTokenSilentAsync(t,r){const n=()=>this.trackPageVisibility(t.correlationId);this.performanceClient.addQueueMeasurement(Ir.AcquireTokenSilentAsync,t.correlationId),this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_START,e.InteractionType.Silent,t),t.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},t.correlationId),document.addEventListener("visibilitychange",n);const o=await Pn(zc,Ir.InitializeSilentRequest,this.logger,this.performanceClient,t.correlationId)(t,r,this.config,this.performanceClient,this.logger),i=t.cacheLookupPolicy||Ns.Default;return this.acquireTokenSilentNoIframe(o,i).catch((async e=>{const t=function(e,t){const r=!(e instanceof wo&&e.subError!==po),n=e.errorCode===Yi||e.errorCode===Xe,o=r&&n||e.errorCode===so||e.errorCode===co,i=Us.includes(t);return o&&i}(e,i);if(t){if(this.activeIframeRequest){if(i!==Ns.Skip){const[t,r]=this.activeIframeRequest;this.logger.verbose(`Iframe request is already in progress, awaiting resolution for request with correlationId: ${r}`,o.correlationId);const n=this.performanceClient.startMeasurement(Ir.AwaitConcurrentIframe,o.correlationId);n.add({awaitIframeCorrelationId:r});const s=await t;if(n.end({success:s}),s)return this.logger.verbose(`Parallel iframe request with correlationId: ${r} succeeded. Retrying cache and/or RT redemption`,o.correlationId),this.acquireTokenSilentNoIframe(o,i);throw this.logger.info(`Iframe request with correlationId: ${r} failed. Interaction is required.`),e}return this.logger.warning("Another iframe request is currently in progress and CacheLookupPolicy is set to Skip. This may result in degraded performance and/or reliability for both calls. Please consider changing the CacheLookupPolicy to take advantage of request queuing and token cache.",o.correlationId),Pn(this.acquireTokenBySilentIframe.bind(this),Ir.AcquireTokenBySilentIframe,this.logger,this.performanceClient,o.correlationId)(o)}{let e;return this.activeIframeRequest=[new Promise((t=>{e=t})),o.correlationId],this.logger.verbose("Refresh token expired/invalid or CacheLookupPolicy is set to Skip, attempting acquire token by iframe.",o.correlationId),Pn(this.acquireTokenBySilentIframe.bind(this),Ir.AcquireTokenBySilentIframe,this.logger,this.performanceClient,o.correlationId)(o).then((t=>(e(!0),t))).catch((t=>{throw e(!1),t})).finally((()=>{this.activeIframeRequest=void 0}))}}throw e})).then((r=>(this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,r),this.performanceClient.addFields({fromCache:r.fromCache},t.correlationId),r))).catch((t=>{throw this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),t})).finally((()=>{document.removeEventListener("visibilitychange",n)}))}async acquireTokenSilentNoIframe(t,r){return ml(this.config,this.logger,this.platformAuthProvider,t.authenticationScheme)&&t.account.nativeAccountId?(this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform"),this.performanceClient.addFields({isPlatformBrokerRequest:!0},t.correlationId),this.acquireTokenNative(t,Rs.acquireTokenSilent_silentFlow,t.account.nativeAccountId,r).catch((async e=>{if(this.performanceClient.addFields({brokerErrorName:e.name,brokerErrorCode:e.errorCode},t.correlationId),e instanceof Jc&&Yc(e))throw this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow"),this.platformAuthProvider=void 0,pt(Xe);throw e}))):(this.logger.verbose("acquireTokenSilent - attempting to acquire token from web flow"),r===Ns.AccessToken&&this.logger.verbose("acquireTokenSilent - cache lookup policy set to AccessToken, attempting to acquire token from local cache"),Pn(this.acquireTokenFromCache.bind(this),Ir.AcquireTokenFromCache,this.logger,this.performanceClient,t.correlationId)(t,r).catch((n=>{if(r===Ns.AccessToken)throw n;return this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_NETWORK_START,e.InteractionType.Silent,t),Pn(this.acquireTokenByRefreshToken.bind(this),Ir.AcquireTokenByRefreshToken,this.logger,this.performanceClient,t.correlationId)(t,r)})))}async preGeneratePkceCodes(e){return this.logger.verbose("Generating new PKCE codes"),this.pkceCode=await Pn(ll,Ir.GeneratePkceCodes,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){this.logger.verbose("Attempting to pick up pre-generated PKCE codes");const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,this.logger.verbose((t?"Found":"Did not find")+" pre-generated PKCE codes"),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}logMultipleInstances(e){const t=this.config.auth.clientId;if(!window)return;window.msal=window.msal||{},window.msal.clientIds=window.msal.clientIds||[];window.msal.clientIds.length>0&&this.logger.verbose("There is already an instance of MSAL.js in the window."),window.msal.clientIds.push(t),function(e,t,r){const n=window.msal?.clientIds||[],o=n.length,i=n.filter((t=>t===e)).length;i>1&&r.warning("There is already an instance of MSAL.js in the window with the same client id."),t.add({msalInstanceCount:o,sameClientIdInstanceCount:i})}(t,e,this.logger)}}class ql{constructor(e,t,r,n){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=n}toNaaTokenRequest(e){let t;t=void 0===e.extraQueryParameters?new Map:new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId||this.crypto.createNewGuid(),n=vn(e.claims,this.clientCapabilities),o=e.scopes||h;return{platformBrokerId:e.account?.homeAccountId,clientId:this.clientId,authority:e.authority,scope:o.join(" "),correlationId:r,claims:Vt.isEmptyObj(n)?void 0:n,state:e.state,authenticationScheme:e.authenticationScheme||W.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token||!t.token.access_token)throw pt(Ae);const n=Nn(r+(t.token.expires_in||0)),o=er(t.token.id_token,this.crypto.base64Decode),i=this.fromNaaAccountInfo(t.account,t.token.id_token,o),s=t.token.scope||e.scope;return{authority:t.token.authority||i.environment,uniqueId:i.localAccountId,tenantId:i.tenantId,scopes:s.split(" "),account:i,idToken:t.token.id_token,idTokenClaims:o,accessToken:t.token.access_token,fromCache:!1,expiresOn:n,tokenType:e.authenticationScheme||W.BEARER,correlationId:e.correlationId,extExpiresOn:n,state:e.state}}fromNaaAccountInfo(e,t,r){const n=r||e.idTokenClaims,o=e.localAccountId||n?.oid||n?.sub||"",i=e.tenantId||n?.tid||"",s=e.homeAccountId||`${o}.${i}`,a=e.username||n?.preferred_username||"",c=e.name||n?.name,l=e.loginHint||n?.login_hint,h=new Map,d=Xt(s,o,i,n);h.set(i,d);return{homeAccountId:s,environment:e.environment,tenantId:i,username:a,localAccountId:o,name:c,loginHint:l,idToken:t,idTokenClaims:n,tenantProfiles:h}}fromBridgeError(e){if(!function(e){return void 0!==e.status}(e))return new Ce("unknown_error","An unknown error occurred");switch(e.status){case rc:return new gt(st);case nc:return new gt(it);case ac:return new gt(je);case sc:return new gt(lt);case cc:return new gt(e.code||lt,e.description);case oc:case ic:return new Xn(e.code,e.description);case tc:return new wo(e.code,e.description);default:return new Ce(e.code,e.description)}}toAuthenticationResultFromCache(e,t,r,n,o){if(!t||!r)throw pt(Ae);const i=er(t.secret,this.crypto.base64Decode),s=r.target||n.scopes.join(" ");return{authority:r.environment||e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:s.split(" "),account:e,idToken:t.secret,idTokenClaims:i||{},accessToken:r.secret,fromCache:!0,expiresOn:Nn(r.expiresOn),extExpiresOn:Nn(r.extendedExpiresOn),tokenType:n.authenticationScheme||W.BEARER,correlationId:o,state:n.state}}}const Nl={code:"unsupported_method",desc:"This method is not supported in nested app environment."};class Ul extends Ce{constructor(e,t){super(e,t),Object.setPrototypeOf(this,Ul.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(){return new Ul(Nl.code,Nl.desc)}}class Ll{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(void 0===t)throw new Error("unexpected: bridgeProxy is undefined");this.bridgeProxy=t,this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new mc(this.logger,this.performanceClient,!0):mt,this.eventHandler=new Dc(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new _c(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,Jn(this.config.auth)):Mc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new ql(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r||null}static async createController(e){const t=new Ll(e);return Promise.resolve(t)}async initialize(e,t){const r=e?.correlationId||ta();return await this.browserStorage.initialize(r),Promise.resolve()}ensureValidRequest(e){return e?.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(t){const r=this.ensureValidRequest(t);this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_START,e.InteractionType.Popup,r);const n=this.performanceClient.startMeasurement(Ir.AcquireTokenPopup,r.correlationId);n.add({nestedAppAuthRequest:!0});try{const o=this.nestedAppAuthAdapter.toNaaTokenRequest(r),i=On(),s=await this.bridgeProxy.getTokenInteractive(o),a={...this.nestedAppAuthAdapter.fromNaaTokenResponse(o,s,i)};try{await this.hydrateCache(a,t)}catch(e){this.logger.warningPii(`Failed to hydrate cache. Error: ${e}`,r.correlationId)}return this.currentAccountContext={homeAccountId:a.account.homeAccountId,environment:a.account.environment,tenantId:a.account.tenantId},this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Popup,a),n.add({accessTokenSize:a.accessToken.length,idTokenSize:a.idToken.length}),n.end({success:!0,requestId:a.requestId},void 0,a.account),a}catch(r){const o=r instanceof Ce?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Popup,null,r),n.end({success:!1},r,t.account),o}}async acquireTokenSilentInternal(t){const r=this.ensureValidRequest(t);this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_START,e.InteractionType.Silent,r);const n=await this.acquireTokenFromCache(r);if(n)return this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,n),n;const o=this.performanceClient.startMeasurement(Ir.SsoSilent,r.correlationId);o.increment({visibilityChangeCount:0}),o.add({nestedAppAuthRequest:!0});try{const n=this.nestedAppAuthAdapter.toNaaTokenRequest(r);n.forceRefresh=r.forceRefresh;const i=On(),s=await this.bridgeProxy.getTokenSilent(n),a=this.nestedAppAuthAdapter.fromNaaTokenResponse(n,s,i);try{await this.hydrateCache(a,t)}catch(e){this.logger.warningPii(`Failed to hydrate cache. Error: ${e}`,r.correlationId)}return this.currentAccountContext={homeAccountId:a.account.homeAccountId,environment:a.account.environment,tenantId:a.account.tenantId},this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,a),o?.add({accessTokenSize:a.accessToken.length,idTokenSize:a.idToken.length}),o?.end({success:!0,requestId:a.requestId},void 0,a.account),a}catch(r){const n=r instanceof Ce?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,r),o?.end({success:!1},r,t.account),n}}async acquireTokenFromCache(t){const r=this.performanceClient.startMeasurement(Ir.AcquireTokenSilent,t.correlationId);if(r?.add({nestedAppAuthRequest:!0}),t.claims)return this.logger.verbose("Claims are present in the request, skipping cache lookup"),null;if(t.forceRefresh)return this.logger.verbose("forceRefresh is set to true, skipping cache lookup"),null;let n=null;switch(t.cacheLookupPolicy||(t.cacheLookupPolicy=Ns.Default),t.cacheLookupPolicy){case Ns.Default:case Ns.AccessToken:case Ns.AccessTokenAndRefreshToken:n=await this.acquireTokenFromCacheInternal(t);break;default:return null}return n?(this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,n),r.add({accessTokenSize:n.accessToken.length,idTokenSize:n.idToken.length}),r.end({success:!0},void 0,n.account),n):(this.logger.warning("Cached tokens are not found for the account, proceeding with silent token request."),this.eventHandler.emitEvent(Ec.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null),r.end({success:!1},void 0,t.account),null)}async acquireTokenFromCacheInternal(e){const t=this.bridgeProxy.getAccountContext()||this.currentAccountContext;let r=null;const n=e.correlationId||this.browserCrypto.createNewGuid();if(t&&(r=qc(t,this.logger,this.browserStorage,n)),!r)return this.logger.verbose("No active account found, falling back to the host"),Promise.resolve(null);this.logger.verbose("active account found, attempting to acquire token silently");const o={...e,correlationId:e.correlationId||this.browserCrypto.createNewGuid(),authority:e.authority||r.environment,scopes:e.scopes?.length?e.scopes:[...h]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(r,o,i,r.tenantId);if(!s)return this.logger.verbose("No cached access token found"),Promise.resolve(null);if(Hn(s.cachedAt)||Un(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("Cached access token has expired"),Promise.resolve(null);const a=this.browserStorage.getIdToken(r,o.correlationId,i,r.tenantId,this.performanceClient);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(r,a,s,o,o.correlationId):(this.logger.verbose("No cached id token found"),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw Ul.createUnsupportedError()}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw Ul.createUnsupportedError()}acquireTokenNative(e,t,r){throw Ul.createUnsupportedError()}acquireTokenByRefreshToken(e,t){throw Ul.createUnsupportedError()}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw Ul.createUnsupportedError()}removePerformanceCallback(e){throw Ul.createUnsupportedError()}enableAccountStorageEvents(){throw Ul.createUnsupportedError()}disableAccountStorageEvents(){throw Ul.createUnsupportedError()}getAllAccounts(e){const t=this.browserCrypto.createNewGuid();return Oc(this.logger,this.browserStorage,this.isBrowserEnv(),t,e)}getAccount(e){const t=this.browserCrypto.createNewGuid();return qc(e,this.logger,this.browserStorage,t)}getAccountByUsername(e){const t=this.browserCrypto.createNewGuid();return Nc(e,this.logger,this.browserStorage,t)}getAccountByHomeId(e){const t=this.browserCrypto.createNewGuid();return Uc(e,this.logger,this.browserStorage,t)}getAccountByLocalId(e){const t=this.browserCrypto.createNewGuid();return Lc(e,this.logger,this.browserStorage,t)}setActiveAccount(e){const t=this.browserCrypto.createNewGuid();return Hc(e,this.browserStorage,t)}getActiveAccount(){const e=this.browserCrypto.createNewGuid();return xc(this.browserStorage,e)}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e||Ms)}loginRedirect(e){throw Ul.createUnsupportedError()}logout(e){throw Ul.createUnsupportedError()}logoutRedirect(e){throw Ul.createUnsupportedError()}logoutPopup(e){throw Ul.createUnsupportedError()}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getTokenCache(){throw Ul.createUnsupportedError()}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("setNavigationClient is not supported in nested app auth")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw Ul.createUnsupportedError()}getRedirectResponse(){throw Ul.createUnsupportedError()}async clearCache(e){throw Ul.createUnsupportedError()}async hydrateCache(e,t){this.logger.verbose("hydrateCache called");const r=io.createFromAccountInfo(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId),this.browserStorage.hydrateCache(e,t)}}async function Hl(e){const t=new dc(e),r=new hc(e),n=[t.initialize(),r.initialize()];return await Promise.all(n),r.isAvailable()&&e.auth.supportsNestedAppAuth?Ll.createController(r):t.isAvailable()?Ol.createController(t):null}class xl{static async createPublicClientApplication(e){const t=await async function(e,t){const r=new dc(e);return await r.initialize(),Ol.createController(r,t)}(e);return new xl(e,t)}constructor(e,t){this.isBroker=!1,this.controller=t||new Ol(new dc(e))}async initialize(e){return this.controller.initialize(e,this.isBroker)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}enableAccountStorageEvents(){this.controller.enableAccountStorageEvents()}disableAccountStorageEvents(){this.controller.disableAccountStorageEvents()}getAccount(e){return this.controller.getAccount(e)}getAccountByHomeId(e){return this.controller.getAccountByHomeId(e)}getAccountByLocalId(e){return this.controller.getAccountByLocalId(e)}getAccountByUsername(e){return this.controller.getAccountByUsername(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logout(e){return this.controller.logout(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getTokenCache(){return this.controller.getTokenCache()}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function Dl(e){const t=new xl(e);return await t.initialize(),t}class Bl{constructor(e){this.initialized=!1,this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.logger=e.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new mc(this.logger,this.performanceClient):mt,this.eventHandler=new Dc(this.logger),this.browserStorage=this.isBrowserEnvironment?new _c(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,void 0):Mc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler)}getBrowserStorage(){return this.browserStorage}getAccount(e){return null}getAccountByHomeId(e){return null}getAccountByLocalId(e){return null}getAccountByUsername(e){return null}getAllAccounts(){return[]}initialize(){return this.initialized=!0,Promise.resolve()}acquireTokenPopup(e){return _a(this.initialized),Ra(),{}}acquireTokenRedirect(e){return _a(this.initialized),Ra(),Promise.resolve()}acquireTokenSilent(e){return _a(this.initialized),Ra(),{}}acquireTokenByCode(e){return _a(this.initialized),Ra(),{}}acquireTokenNative(e,t,r){return _a(this.initialized),Ra(),{}}acquireTokenByRefreshToken(e,t){return _a(this.initialized),Ra(),{}}addEventCallback(e,t){return null}removeEventCallback(e){}addPerformanceCallback(e){return _a(this.initialized),Ra(),""}removePerformanceCallback(e){return _a(this.initialized),Ra(),!0}enableAccountStorageEvents(){_a(this.initialized),Ra()}disableAccountStorageEvents(){_a(this.initialized),Ra()}handleRedirectPromise(e){return _a(this.initialized),Promise.resolve(null)}loginPopup(e){return _a(this.initialized),Ra(),{}}loginRedirect(e){return _a(this.initialized),Ra(),{}}logout(e){return _a(this.initialized),Ra(),{}}logoutRedirect(e){return _a(this.initialized),Ra(),{}}logoutPopup(e){return _a(this.initialized),Ra(),{}}ssoSilent(e){return _a(this.initialized),Ra(),{}}getTokenCache(){return _a(this.initialized),Ra(),{}}getLogger(){return this.logger}setLogger(e){_a(this.initialized),Ra()}setActiveAccount(e){_a(this.initialized),Ra()}getActiveAccount(){return _a(this.initialized),Ra(),null}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){_a(this.initialized),Ra()}getConfiguration(){return this.config}isBrowserEnv(){return _a(this.initialized),Ra(),!0}getBrowserCrypto(){return _a(this.initialized),Ra(),{}}getPerformanceClient(){return _a(this.initialized),Ra(),{}}getRedirectResponse(){return _a(this.initialized),Ra(),{}}async clearCache(e){_a(this.initialized),Ra()}async hydrateCache(e,t){_a(this.initialized),Ra()}}class Fl extends ec{getId(){return Fl.ID}getModuleName(){return Fl.MODULE_NAME}async initialize(){return!0}}Fl.MODULE_NAME="",Fl.ID="UnknownOperatingContext";class zl{static async createPublicClientApplication(e){const t=await Hl(e);let r;return r=null!==t?new zl(e,t):new zl(e),r}constructor(e,t){if(this.configuration=e,t)this.controller=t;else{const t=new Fl(e);this.controller=new Bl(t)}}async initialize(){if(this.controller instanceof Bl){const e=await Hl(this.configuration);return null!==e&&(this.controller=e),this.controller.initialize()}return Promise.resolve()}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}enableAccountStorageEvents(){this.controller.enableAccountStorageEvents()}disableAccountStorageEvents(){this.controller.disableAccountStorageEvents()}getAccount(e){return this.controller.getAccount(e)}getAccountByHomeId(e){return this.controller.getAccountByHomeId(e)}getAccountByLocalId(e){return this.controller.getAccountByLocalId(e)}getAccountByUsername(e){return this.controller.getAccountByUsername(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logout(e){return this.controller.logout(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getTokenCache(){return this.controller.getTokenCache()}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}const Kl={initialize:()=>Promise.reject(Ca(ua)),acquireTokenPopup:()=>Promise.reject(Ca(ua)),acquireTokenRedirect:()=>Promise.reject(Ca(ua)),acquireTokenSilent:()=>Promise.reject(Ca(ua)),acquireTokenByCode:()=>Promise.reject(Ca(ua)),getAllAccounts:()=>[],getAccount:()=>null,getAccountByHomeId:()=>null,getAccountByUsername:()=>null,getAccountByLocalId:()=>null,handleRedirectPromise:()=>Promise.reject(Ca(ua)),loginPopup:()=>Promise.reject(Ca(ua)),loginRedirect:()=>Promise.reject(Ca(ua)),logout:()=>Promise.reject(Ca(ua)),logoutRedirect:()=>Promise.reject(Ca(ua)),logoutPopup:()=>Promise.reject(Ca(ua)),ssoSilent:()=>Promise.reject(Ca(ua)),addEventCallback:()=>null,removeEventCallback:()=>{},addPerformanceCallback:()=>"",removePerformanceCallback:()=>!1,enableAccountStorageEvents:()=>{},disableAccountStorageEvents:()=>{},getTokenCache:()=>{throw Ca(ua)},getLogger:()=>{throw Ca(ua)},setLogger:()=>{},setActiveAccount:()=>{},getActiveAccount:()=>null,initializeWrapperLibrary:()=>{},setNavigationClient:()=>{},getConfiguration:()=>{throw Ca(ua)},hydrateCache:()=>Promise.reject(Ca(ua)),clearCache:()=>Promise.reject(Ca(ua))};function Gl(){let e;try{e=window[ms.SessionStorage];const t=e?.getItem(ja);if(1===Number(t))return Promise.resolve().then((function(){return Wl}))}catch(e){}}function $l(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.now}function Ql(e){if(e&&$l())return Math.round(window.performance.now()-e)}class jl{constructor(e,t){this.correlationId=t,this.measureName=jl.makeMeasureName(e,t),this.startMark=jl.makeStartMark(e,t),this.endMark=jl.makeEndMark(e,t)}static makeMeasureName(e,t){return`msal.measure.${e}.${t}`}static makeStartMark(e,t){return`msal.start.${e}.${t}`}static makeEndMark(e,t){return`msal.end.${e}.${t}`}static supportsBrowserPerformance(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.mark&&"function"==typeof window.performance.measure&&"function"==typeof window.performance.clearMarks&&"function"==typeof window.performance.clearMeasures&&"function"==typeof window.performance.getEntriesByName}static flushMeasurements(e,t){if(jl.supportsBrowserPerformance())try{t.forEach((t=>{const r=jl.makeMeasureName(t.name,e);window.performance.getEntriesByName(r,"measure").length>0&&(window.performance.clearMeasures(r),window.performance.clearMarks(jl.makeStartMark(r,e)),window.performance.clearMarks(jl.makeEndMark(r,e)))}))}catch(e){}}startMeasurement(){if(jl.supportsBrowserPerformance())try{window.performance.mark(this.startMark)}catch(e){}}endMeasurement(){if(jl.supportsBrowserPerformance())try{window.performance.mark(this.endMark),window.performance.measure(this.measureName,this.startMark,this.endMark)}catch(e){}}flushMeasurement(){if(jl.supportsBrowserPerformance())try{const e=window.performance.getEntriesByName(this.measureName,"measure");if(e.length>0){const t=e[0].duration;return window.performance.clearMeasures(this.measureName),window.performance.clearMarks(this.startMark),window.performance.clearMarks(this.endMark),t}}catch(e){}return null}}var Wl=Object.freeze({__proto__:null,BrowserPerformanceMeasurement:jl});e.AccountEntity=io,e.ApiId=Rs,e.AuthError=Ce,e.AuthErrorCodes=me,e.AuthErrorMessage=ye,e.AuthenticationHeaderParser=class{constructor(e){this.headers=e}getShrNonce(){const e=this.headers[y];if(e){const t=this.parseChallenges(e);if(t.nextnonce)return t.nextnonce;throw Wt(xt)}const t=this.headers[f];if(t){const e=this.parseChallenges(t);if(e.nonce)return e.nonce;throw Wt(xt)}throw Wt(Ht)}parseChallenges(e){const r=e.indexOf(" "),n=e.substr(r+1).split(","),o={};return n.forEach((e=>{const[r,n]=e.split("=");o[r]=unescape(n.replace(/['"]+/g,t.EMPTY_STRING))})),o}}
|
|
68
|
-
/*! @azure/msal-common
|
|
3
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
4
|
+
function t(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class r extends Error{constructor(e,n,o){const i=n||(e?t(e):"");super(i?`${e}: ${i}`:e),Object.setPrototypeOf(this,r.prototype),this.errorCode=e||"",this.errorMessage=i||"",this.subError=o||"",this.name="AuthError"}setCorrelationId(e){this.correlationId=e}}function n(e,n){return new r(e,n||t(e))}
|
|
5
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class o extends r{constructor(e,t){super(e,t),this.name="ClientAuthError",Object.setPrototypeOf(this,o.prototype)}}function i(e,t){return new o(e,t)}
|
|
6
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const s="client_info_decoding_error",a="client_info_empty_error",c="token_parsing_error",l="null_or_empty_token",h="endpoints_resolution_error",d="network_error",u="openid_config_error",g="hash_not_deserialized",p="invalid_state",m="state_mismatch",f="state_not_found",y="nonce_mismatch",w="auth_time_not_found",C="max_age_transpired",I="multiple_matching_appMetadata",v="request_cannot_be_made",k="cannot_remove_empty_scope",T="cannot_append_scopeset",A="empty_input_scopeset",b="no_account_in_silent_request",S="invalid_cache_record",_="invalid_cache_environment",E="no_account_found",P="no_crypto_object",R="token_refresh_required",O="token_claims_cnf_required_for_signedjwt",M="authorization_code_missing_from_server_response",q="binding_key_not_removed",N="end_session_endpoint_not_supported",x="key_id_missing",U="no_network_connectivity",L="user_canceled",H="method_not_implemented",B="nested_app_auth_bridge_disabled";var D=Object.freeze({__proto__:null,authTimeNotFound:w,authorizationCodeMissingFromServerResponse:M,bindingKeyNotRemoved:q,cannotAppendScopeSet:T,cannotRemoveEmptyScope:k,clientInfoDecodingError:s,clientInfoEmptyError:a,emptyInputScopeSet:A,endSessionEndpointNotSupported:N,endpointResolutionError:h,hashNotDeserialized:g,invalidCacheEnvironment:_,invalidCacheRecord:S,invalidState:p,keyIdMissing:x,maxAgeTranspired:C,methodNotImplemented:H,multipleMatchingAppMetadata:I,multipleMatchingTokens:"multiple_matching_tokens",nestedAppAuthBridgeDisabled:B,networkError:d,noAccountFound:E,noAccountInSilentRequest:b,noCryptoObject:P,noNetworkConnectivity:U,nonceMismatch:y,nullOrEmptyToken:l,openIdConfigError:u,requestCannotBeMade:v,stateMismatch:m,stateNotFound:f,tokenClaimsCnfRequiredForSignedJwt:O,tokenParsingError:c,tokenRefreshRequired:R,unexpectedCredentialType:"unexpected_credential_type",userCanceled:L});
|
|
7
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const F={createNewGuid:()=>{throw i(H)},base64Decode:()=>{throw i(H)},base64Encode:()=>{throw i(H)},base64UrlEncode:()=>{throw i(H)},encodeKid:()=>{throw i(H)},async getPublicKeyThumbprint(){throw i(H)},async removeTokenBindingKey(){throw i(H)},async clearKeystore(){throw i(H)},async signJwt(){throw i(H)},async hashString(){throw i(H)}};
|
|
8
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */var K;e.LogLevel=void 0,(K=e.LogLevel||(e.LogLevel={}))[K.Error=0]="Error",K[K.Warning=1]="Warning",K[K.Info=2]="Info",K[K.Verbose=3]="Verbose",K[K.Trace=4]="Trace";class ${constructor(t,r,n){this.level=e.LogLevel.Info;const o=t||$.createDefaultLoggerOptions();this.localCallback=o.loggerCallback||(()=>{}),this.piiLoggingEnabled=o.piiLoggingEnabled||!1,this.level="number"==typeof o.logLevel?o.logLevel:e.LogLevel.Info,this.packageName=r||"",this.packageVersion=n||""}static createDefaultLoggerOptions(){return{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info}}clone(e,t){return new $({loggerCallback:this.localCallback,piiLoggingEnabled:this.piiLoggingEnabled,logLevel:this.level},e,t)}logMessage(t,r){if(r.logLevel>this.level||!this.piiLoggingEnabled&&r.containsPii)return;const n=`${`[${(new Date).toUTCString()}] : [${r.correlationId}]`} : ${this.packageName}@${this.packageVersion} : ${e.LogLevel[r.logLevel]} - ${t}`;this.executeCallback(r.logLevel,n,r.containsPii||!1)}executeCallback(e,t,r){this.localCallback&&this.localCallback(e,t,r)}error(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!1,correlationId:r})}errorPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!0,correlationId:r})}warning(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!1,correlationId:r})}warningPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!0,correlationId:r})}info(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!1,correlationId:r})}infoPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!0,correlationId:r})}verbose(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!1,correlationId:r})}verbosePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!0,correlationId:r})}trace(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!1,correlationId:r})}tracePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!0,correlationId:r})}isPiiLoggingEnabled(){return this.piiLoggingEnabled||!1}}
|
|
9
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const z="https://login.microsoftonline.com/common/",j="common",W=`${z}discovery/instance?api-version=1.1&authorization_endpoint=`,J=".ciamlogin.com",Q="openid",G="profile",V="offline_access",Y="N/A",X="Not Available",Z="http://169.254.169.254/metadata/instance/compute/location",ee=["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"],te=[Q,G,V],re=[...te,"email"],ne="Content-Type",oe="Content-Length",ie="Retry-After",se="X-AnchorMailbox",ae="WWW-Authenticate",ce="Authentication-Info",le="x-ms-request-id",he="x-ms-httpver",de="active-account-filters",ue="common",ge="organizations",pe="consumers",me="access_token",fe="xms_cc",ye={LOGIN:"login",SELECT_ACCOUNT:"select_account",CONSENT:"consent",NONE:"none",CREATE:"create",NO_SESSION:"no_session"},we="code",Ce="id_token token refresh_token",Ie={QUERY:"query",FRAGMENT:"fragment",FORM_POST:"form_post"},ve="authorization_code",ke="refresh_token",Te="Generic",Ae={ID_TOKEN:"IdToken",ACCESS_TOKEN:"AccessToken",ACCESS_TOKEN_WITH_AUTH_SCHEME:"AccessToken_With_AuthScheme",REFRESH_TOKEN:"RefreshToken"},be="appmetadata",Se="1",_e="authority-metadata",Ee="config",Pe="cache",Re="network",Oe="hardcoded_values",Me=5,qe="server-telemetry",Ne=",",xe={BEARER:"Bearer",POP:"pop",SSH:"ssh-cert"},Ue="throttling",Le="1",He="3",Be="4",De="2",Fe="4",Ke="5",$e="0",ze="1",je="2",We="3",Je="4",Qe={Jwt:"JWT",Jwk:"JWK",Pop:"pop"},Ge="@azure/msal-common",Ve="16.0.0-alpha.0",Ye={None:"none",AzurePublic:"https://login.microsoftonline.com",AzurePpe:"https://login.windows-ppe.net",AzureChina:"https://login.chinacloudapi.cn",AzureGermany:"https://login.microsoftonline.de",AzureUsGovernment:"https://login.microsoftonline.us"};
|
|
10
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
11
|
+
class Xe extends r{constructor(e){super(e),this.name="ClientConfigurationError",Object.setPrototypeOf(this,Xe.prototype)}}function Ze(e){return new Xe(e)}
|
|
12
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class et{static isEmptyObj(e){if(e)try{const t=JSON.parse(e);return 0===Object.keys(t).length}catch(e){}return!0}static startsWith(e,t){return 0===e.indexOf(t)}static endsWith(e,t){return e.length>=t.length&&e.lastIndexOf(t)===e.length-t.length}static queryStringToObject(e){const t={},r=e.split("&"),n=e=>decodeURIComponent(e.replace(/\+/g," "));return r.forEach((e=>{if(e.trim()){const[r,o]=e.split(/=(.+)/g,2);r&&o&&(t[n(r)]=n(o))}})),t}static trimArrayEntries(e){return e.map((e=>e.trim()))}static removeEmptyStringsFromArray(e){return e.filter((e=>!!e))}static jsonParseHelper(e){try{return JSON.parse(e)}catch(e){return null}}static matchPattern(e,t){return new RegExp(e.replace(/\\/g,"\\\\").replace(/\*/g,"[^ ]*").replace(/\?/g,"\\?")).test(t)}}
|
|
13
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const tt="redirect_uri_empty",rt="authority_uri_insecure",nt="url_parse_error",ot="empty_url_error",it="empty_input_scopes_error",st="invalid_claims",at="token_request_empty",ct="logout_request_empty",lt="pkce_params_missing",ht="invalid_cloud_discovery_metadata",dt="invalid_authority_metadata",ut="untrusted_authority",gt="missing_ssh_jwk",pt="missing_ssh_kid",mt="missing_nonce_authentication_header",ft="invalid_authentication_header",yt="cannot_set_OIDCOptions",wt="cannot_allow_platform_broker",Ct="authority_mismatch";var It=Object.freeze({__proto__:null,authorityMismatch:Ct,authorityUriInsecure:rt,cannotAllowPlatformBroker:wt,cannotSetOIDCOptions:yt,claimsRequestParsingError:"claims_request_parsing_error",emptyInputScopesError:it,invalidAuthenticationHeader:ft,invalidAuthorityMetadata:dt,invalidClaims:st,invalidCloudDiscoveryMetadata:ht,invalidCodeChallengeMethod:"invalid_code_challenge_method",logoutRequestEmpty:ct,missingNonceAuthenticationHeader:mt,missingSshJwk:gt,missingSshKid:pt,pkceParamsMissing:lt,redirectUriEmpty:tt,tokenRequestEmpty:at,untrustedAuthority:ut,urlEmptyError:ot,urlParseError:nt});
|
|
14
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class vt{constructor(e){const t=e?et.trimArrayEntries([...e]):[],r=t?et.removeEmptyStringsFromArray(t):[];if(!r||!r.length)throw Ze(it);this.scopes=new Set,r.forEach((e=>this.scopes.add(e)))}static fromString(e){const t=(e||"").split(" ");return new vt(t)}static createSearchScopes(e){const t=e&&e.length>0?e:[...te],r=new vt(t);return r.containsOnlyOIDCScopes()?r.removeScope(V):r.removeOIDCScopes(),r}containsScope(e){const t=this.printScopesLowerCase().split(" "),r=new vt(t);return!!e&&r.scopes.has(e.toLowerCase())}containsScopeSet(e){return!(!e||e.scopes.size<=0)&&(this.scopes.size>=e.scopes.size&&e.asArray().every((e=>this.containsScope(e))))}containsOnlyOIDCScopes(){let e=0;return re.forEach((t=>{this.containsScope(t)&&(e+=1)})),this.scopes.size===e}appendScope(e){e&&this.scopes.add(e.trim())}appendScopes(e){try{e.forEach((e=>this.appendScope(e)))}catch(e){throw i(T)}}removeScope(e){if(!e)throw i(k);this.scopes.delete(e.trim())}removeOIDCScopes(){re.forEach((e=>{this.scopes.delete(e)}))}unionScopeSets(e){if(!e)throw i(A);const t=new Set;return e.scopes.forEach((e=>t.add(e.toLowerCase()))),this.scopes.forEach((e=>t.add(e.toLowerCase()))),t}intersectingScopeSets(e){if(!e)throw i(A);e.containsOnlyOIDCScopes()||e.removeOIDCScopes();const t=this.unionScopeSets(e),r=e.getScopeCount(),n=this.getScopeCount();return t.size<n+r}getScopeCount(){return this.scopes.size}asArray(){const e=[];return this.scopes.forEach((t=>e.push(t))),e}printScopes(){if(this.scopes){return this.asArray().join(" ")}return""}printScopesLowerCase(){return this.printScopes().toLowerCase()}}
|
|
15
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */function kt(e,t){return!!e&&!!t&&e===t.split(".")[1]}function Tt(e,t,r,n){if(n){const{oid:t,sub:r,tid:o,name:i,tfp:s,acr:a,preferred_username:c,upn:l,login_hint:h}=n,d=o||s||a||"";return{tenantId:d,localAccountId:t||r||"",name:i,username:c||l||"",loginHint:h,isHomeTenant:kt(d,e)}}return{tenantId:r,localAccountId:t,username:"",isHomeTenant:kt(r,e)}}function At(e,t,r,n){let o=e;if(t){const{isHomeTenant:r,...n}=t;o={...e,...n}}if(r){const{isHomeTenant:t,...i}=Tt(e.homeAccountId,e.localAccountId,e.tenantId,r);return o={...o,...i,idTokenClaims:r,idToken:n},o}return o}
|
|
16
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */function bt(e,t){const r=function(e){if(!e)throw i(l);const t=/^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/.exec(e);if(!t||t.length<4)throw i(c);return t[2]}(e);try{const e=t(r);return JSON.parse(e)}catch(e){throw i(c)}}function St(e,t){if(0===t||Date.now()-3e5>e+t)throw i(C)}
|
|
17
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class _t{get urlString(){return this._urlString}constructor(e){if(this._urlString=e,!this._urlString)throw Ze(ot);e.includes("#")||(this._urlString=_t.canonicalizeUri(e))}static canonicalizeUri(e){if(e){let t=e.toLowerCase();return et.endsWith(t,"?")?t=t.slice(0,-1):et.endsWith(t,"?/")&&(t=t.slice(0,-2)),et.endsWith(t,"/")||(t+="/"),t}return e}validateAsUri(){let e;try{e=this.getUrlComponents()}catch(e){throw Ze(nt)}if(!e.HostNameAndPort||!e.PathSegments)throw Ze(nt);if(!e.Protocol||"https:"!==e.Protocol.toLowerCase())throw Ze(rt)}static appendQueryString(e,t){return t?e.indexOf("?")<0?`${e}?${t}`:`${e}&${t}`:e}static removeHashFromUrl(e){return _t.canonicalizeUri(e.split("#")[0])}replaceTenantPath(e){const t=this.getUrlComponents(),r=t.PathSegments;return!e||0===r.length||r[0]!==ue&&r[0]!==ge||(r[0]=e),_t.constructAuthorityUriFromObject(t)}getUrlComponents(){const e=RegExp("^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?"),t=this.urlString.match(e);if(!t)throw Ze(nt);const r={Protocol:t[1],HostNameAndPort:t[4],AbsolutePath:t[5],QueryString:t[7]};let n=r.AbsolutePath.split("/");return n=n.filter((e=>e&&e.length>0)),r.PathSegments=n,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(e){const t=RegExp("^([^:/?#]+://)?([^/?#]*)"),r=e.match(t);if(!r)throw Ze(nt);return r[2]}static getAbsoluteUrl(e,t){if("/"===e[0]){const r=new _t(t).getUrlComponents();return r.Protocol+"//"+r.HostNameAndPort+e}return e}static constructAuthorityUriFromObject(e){return new _t(e.Protocol+"//"+e.HostNameAndPort+"/"+e.PathSegments.join("/"))}}
|
|
18
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const Et={"login.microsoftonline.com":{token_endpoint:"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/token",jwks_uri:"https://login.microsoftonline.com/{tenantid}/discovery/v2.0/keys",issuer:"https://login.microsoftonline.com/{tenantid}/v2.0",authorization_endpoint:"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/authorize",end_session_endpoint:"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/logout"},"login.chinacloudapi.cn":{token_endpoint:"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/token",jwks_uri:"https://login.chinacloudapi.cn/{tenantid}/discovery/v2.0/keys",issuer:"https://login.partner.microsoftonline.cn/{tenantid}/v2.0",authorization_endpoint:"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/authorize",end_session_endpoint:"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/logout"},"login.microsoftonline.us":{token_endpoint:"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/token",jwks_uri:"https://login.microsoftonline.us/{tenantid}/discovery/v2.0/keys",issuer:"https://login.microsoftonline.us/{tenantid}/v2.0",authorization_endpoint:"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/authorize",end_session_endpoint:"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/logout"}},Pt={metadata:[{preferred_network:"login.microsoftonline.com",preferred_cache:"login.windows.net",aliases:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{preferred_network:"login.partner.microsoftonline.cn",preferred_cache:"login.partner.microsoftonline.cn",aliases:["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{preferred_network:"login.microsoftonline.de",preferred_cache:"login.microsoftonline.de",aliases:["login.microsoftonline.de"]},{preferred_network:"login.microsoftonline.us",preferred_cache:"login.microsoftonline.us",aliases:["login.microsoftonline.us","login.usgovcloudapi.net"]},{preferred_network:"login-us.microsoftonline.com",preferred_cache:"login-us.microsoftonline.com",aliases:["login-us.microsoftonline.com"]}]},Rt=new Set;function Ot(e,t,r,n,o){if(e.trace(`getAliasesFromMetadata called with source: '${o}'`,t),r&&n){const i=Mt(n,r);if(i)return e.trace(`getAliasesFromMetadata: found cloud discovery metadata in '${o}', returning aliases`,t),i.aliases;e.trace(`getAliasesFromMetadata: did not find cloud discovery metadata in '${o}'`,t)}return null}function Mt(e,t){for(let r=0;r<e.length;r++){const n=e[r];if(n.aliases.includes(t))return n}return null}
|
|
19
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */Pt.metadata.forEach((e=>{e.aliases.forEach((e=>{Rt.add(e)}))}));const qt="cache_quota_exceeded";
|
|
20
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
21
|
+
class Nt extends Error{constructor(e,r){const n=r||t(e);super(n),Object.setPrototypeOf(this,Nt.prototype),this.name="CacheError",this.errorCode=e,this.errorMessage=n}}function xt(e){return e instanceof Error?"QuotaExceededError"===e.name||"NS_ERROR_DOM_QUOTA_REACHED"===e.name||e.message.includes("exceeded the quota")?new Nt(qt):new Nt(e.name,e.message):new Nt("cache_error_unknown")}
|
|
22
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */function Ut(e,t){if(!e)throw i(a);try{const r=t(e);return JSON.parse(r)}catch(e){throw i(s)}}function Lt(e){if(!e)throw i(s);const t=e.split(".",2);return{uid:t[0],utid:t.length<2?"":t[1]}}
|
|
23
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const Ht=0,Bt=1,Dt=2,Ft=3;
|
|
24
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */function Kt(e){if(e){return e.tid||e.tfp||e.acr||null}return null}
|
|
25
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const $t={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"};
|
|
26
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */function zt(e){return{homeAccountId:e.homeAccountId,environment:e.environment,tenantId:e.realm,username:e.username,localAccountId:e.localAccountId,loginHint:e.loginHint,name:e.name,nativeAccountId:e.nativeAccountId,authorityType:e.authorityType,tenantProfiles:new Map((e.tenantProfiles||[]).map((e=>[e.tenantId,e])))}}function jt(e,t,r){let n,o;n=t.authorityType===Bt?"ADFS":t.protocolMode===$t.OIDC?Te:"MSSTS",e.clientInfo&&r&&(o=Ut(e.clientInfo,r));const s=e.environment||t&&t.getPreferredCache();if(!s)throw i(_);const a=e.idTokenClaims?.preferred_username||e.idTokenClaims?.upn,c=e.idTokenClaims?.emails?e.idTokenClaims.emails[0]:null,l=a||c||"",h=e.idTokenClaims?.login_hint,d=o?.utid||Kt(e.idTokenClaims)||"",u=o?.uid||e.idTokenClaims?.oid||e.idTokenClaims?.sub||"";let g;if(e.tenantProfiles)g=e.tenantProfiles;else{g=[Tt(e.homeAccountId,u,d,e.idTokenClaims)]}return{homeAccountId:e.homeAccountId,environment:s,realm:d,localAccountId:u,username:l,authorityType:n,loginHint:h,clientInfo:e.clientInfo,name:e.idTokenClaims?.name||"",lastModificationTime:void 0,lastModificationApp:void 0,cloudGraphHostName:e.cloudGraphHostName,msGraphHost:e.msGraphHost,nativeAccountId:e.nativeAccountId,tenantProfiles:g}}function Wt(e,t,r){return{authorityType:e.authorityType||Te,homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,nativeAccountId:e.nativeAccountId,realm:e.tenantId,environment:e.environment,username:e.username,loginHint:e.loginHint,name:e.name,cloudGraphHostName:t,msGraphHost:r,tenantProfiles:Array.from(e.tenantProfiles?.values()||[])}}function Jt(e,t,r,n,o,i){if(t!==Bt&&t!==Dt){if(e)try{const t=Ut(e,n.base64Decode);if(t.uid&&t.utid)return`${t.uid}.${t.utid}`}catch(e){}r.warning("No client info in response",o)}return i?.sub||""}function Qt(e){return!!e&&(e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("realm")&&e.hasOwnProperty("localAccountId")&&e.hasOwnProperty("username")&&e.hasOwnProperty("authorityType"))}var Gt=Object.freeze({__proto__:null,accountInfoIsEqual:function(e,t,r){if(!e||!t)return!1;let n=!0;if(r){const r=e.idTokenClaims||{},o=t.idTokenClaims||{};n=r.iat===o.iat&&r.nonce===o.nonce}return e.homeAccountId===t.homeAccountId&&e.localAccountId===t.localAccountId&&e.username===t.username&&e.tenantId===t.tenantId&&e.environment===t.environment&&e.nativeAccountId===t.nativeAccountId&&n},createAccountEntity:jt,createAccountEntityFromAccountInfo:Wt,generateAccountId:function(e){return[e.homeAccountId,e.environment].join("-").toLowerCase()},generateHomeAccountId:Jt,getAccountInfo:zt,isAccountEntity:Qt,isSingleTenant:function(e){return!e.tenantProfiles}});
|
|
27
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class Vt{constructor(e,t,r,n,o){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(Ge,Ve),this.staticAuthorityOptions=o,this.performanceClient=n}getAllAccounts(e={},t){return this.buildTenantProfiles(this.getAccountsFilteredBy(e,t),t,e)}getAccountInfoFilteredBy(e,t){const r=this.getAllAccounts(e,t);if(r.length>1){return r.sort((e=>e.idTokenClaims?-1:1))[0]}return 1===r.length?r[0]:null}getBaseAccountInfo(e,t){const r=this.getAccountsFilteredBy(e,t);return r.length>0?zt(r[0]):null}buildTenantProfiles(e,t,r){return e.flatMap((e=>this.getTenantProfilesFromAccountEntity(e,t,r?.tenantId,r)))}getTenantedAccountInfoByFilter(e,t,r,n,o){let i,s=null;if(o&&!this.tenantProfileMatchesFilter(r,o))return null;const a=this.getIdToken(e,n,t,r.tenantId);return a&&(i=bt(a.secret,this.cryptoImpl.base64Decode),!this.idTokenClaimsMatchTenantProfileFilter(i,o))?null:(s=At(e,r,i,a?.secret),s)}getTenantProfilesFromAccountEntity(e,t,r,n){const o=zt(e);let i=o.tenantProfiles||new Map;const s=this.getTokenKeys();if(r){const e=i.get(r);if(!e)return[];i=new Map([[r,e]])}const a=[];return i.forEach((e=>{const r=this.getTenantedAccountInfoByFilter(o,s,e,t,n);r&&a.push(r)})),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId))&&((!t.name||e.name===t.name)&&(void 0===t.isHomeTenant||e.isHomeTenant===t.isHomeTenant))}idTokenClaimsMatchTenantProfileFilter(e,t){if(t){if(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId))return!1;if(t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint))return!1;if(t.username&&!this.matchUsername(e.preferred_username,t.username))return!1;if(t.name&&!this.matchName(e,t.name))return!1;if(t.sid&&!this.matchSid(e,t.sid))return!1}return!0}async saveCacheRecord(e,t,n){if(!e)throw i(S);try{e.account&&await this.setAccount(e.account,t),e.idToken&&!1!==n?.idToken&&await this.setIdTokenCredential(e.idToken,t),e.accessToken&&!1!==n?.accessToken&&await this.saveAccessToken(e.accessToken,t),e.refreshToken&&!1!==n?.refreshToken&&await this.setRefreshTokenCredential(e.refreshToken,t),e.appMetadata&&this.setAppMetadata(e.appMetadata,t)}catch(e){throw this.commonLogger?.error("CacheManager.saveCacheRecord: failed",t),e instanceof r?e:xt(e)}}async saveAccessToken(e,t){const r={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType},n=this.getTokenKeys(),o=vt.fromString(e.target);n.accessToken.forEach((e=>{if(!this.accessTokenKeyMatchesFilter(e,r,!1))return;const n=this.getAccessTokenCredential(e,t);if(n&&this.credentialMatchesFilter(n,r,t)){vt.fromString(n.target).intersectingScopeSets(o)&&this.removeAccessToken(e,t)}})),await this.setAccessTokenCredential(e,t)}getAccountsFilteredBy(e,t){const r=this.getAccountKeys(),n=[];return r.forEach((r=>{const o=this.getAccount(r,t);if(!o)return;if(e.homeAccountId&&!this.matchHomeAccountId(o,e.homeAccountId))return;if(e.username&&!this.matchUsername(o.username,e.username))return;if(e.environment&&!this.matchEnvironment(o,e.environment,t))return;if(e.realm&&!this.matchRealm(o,e.realm))return;if(e.nativeAccountId&&!this.matchNativeAccountId(o,e.nativeAccountId))return;if(e.authorityType&&!this.matchAuthorityType(o,e.authorityType))return;const i={localAccountId:e?.localAccountId,name:e?.name},s=o.tenantProfiles?.filter((e=>this.tenantProfileMatchesFilter(e,i)));s&&0===s.length||n.push(o)})),n}credentialMatchesFilter(e,t,r){if(t.clientId&&!this.matchClientId(e,t.clientId))return!1;if(t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash))return!1;if("string"==typeof t.homeAccountId&&!this.matchHomeAccountId(e,t.homeAccountId))return!1;if(t.environment&&!this.matchEnvironment(e,t.environment,r))return!1;if(t.realm&&!this.matchRealm(e,t.realm))return!1;if(t.credentialType&&!this.matchCredentialType(e,t.credentialType))return!1;if(t.familyId&&!this.matchFamilyId(e,t.familyId))return!1;if(t.target&&!this.matchTarget(e,t.target))return!1;if(e.credentialType===Ae.ACCESS_TOKEN_WITH_AUTH_SCHEME){if(t.tokenType&&!this.matchTokenType(e,t.tokenType))return!1;if(t.tokenType===xe.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId))return!1}return!0}getAppMetadataFilteredBy(e,t){const r=this.getKeys(),n={};return r.forEach((r=>{if(!this.isAppMetadata(r))return;const o=this.getAppMetadata(r,t);o&&(e.environment&&!this.matchEnvironment(o,e.environment,t)||e.clientId&&!this.matchClientId(o,e.clientId)||(n[r]=o))})),n}getAuthorityMetadataByAlias(e,t){const r=this.getAuthorityMetadataKeys();let n=null;return r.forEach((r=>{if(!this.isAuthorityMetadata(r)||-1===r.indexOf(this.clientId))return;const o=this.getAuthorityMetadata(r,t);o&&-1!==o.aliases.indexOf(e)&&(n=o)})),n}removeAllAccounts(e){this.getAllAccounts({},e).forEach((t=>{this.removeAccount(t,e)}))}removeAccount(e,t){this.removeAccountContext(e,t);this.getAccountKeys().filter((t=>t.includes(e.homeAccountId)&&t.includes(e.environment))).forEach((e=>{this.removeItem(e,t),this.performanceClient.incrementFields({accountsRemoved:1},t)}))}removeAccountContext(e,t){const r=this.getTokenKeys(),n=t=>t.includes(e.homeAccountId)&&t.includes(e.environment);r.idToken.filter(n).forEach((e=>{this.removeIdToken(e,t)})),r.accessToken.filter(n).forEach((e=>{this.removeAccessToken(e,t)})),r.refreshToken.filter(n).forEach((e=>{this.removeRefreshToken(e,t)}))}removeAccessToken(e,t){const r=this.getAccessTokenCredential(e,t);if(r&&(this.removeItem(e,t),this.performanceClient.incrementFields({accessTokensRemoved:1},t),r.credentialType.toLowerCase()===Ae.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()&&r.tokenType===xe.POP)){const e=r.keyId;e&&this.cryptoImpl.removeTokenBindingKey(e,t).catch((()=>{this.commonLogger.error(`Failed to remove token binding key '${e}'`,t),this.performanceClient?.incrementFields({removeTokenBindingKeyFailure:1},t)}))}}removeAppMetadata(e){return this.getKeys().forEach((t=>{this.isAppMetadata(t)&&this.removeItem(t,e)})),!0}getIdToken(e,t,r,n){this.commonLogger.trace("CacheManager - getIdToken called",t);const o={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:Ae.ID_TOKEN,clientId:this.clientId,realm:n},i=this.getIdTokensByFilter(o,t,r),s=i.size;if(s<1)return this.commonLogger.info("CacheManager:getIdToken - No token found",t),null;if(s>1){let r=i;if(!n){const n=new Map;i.forEach(((t,r)=>{t.realm===e.tenantId&&n.set(r,t)}));const o=n.size;if(o<1)return this.commonLogger.info("CacheManager:getIdToken - Multiple ID tokens found for account but none match account entity tenant id, returning first result",t),i.values().next().value;if(1===o)return this.commonLogger.info("CacheManager:getIdToken - Multiple ID tokens found for account, defaulting to home tenant profile",t),n.values().next().value;r=n}return this.commonLogger.info("CacheManager:getIdToken - Multiple matching ID tokens found, clearing them",t),r.forEach(((e,r)=>{this.removeIdToken(r,t)})),this.performanceClient.addFields({multiMatchedID:i.size},t),null}return this.commonLogger.info("CacheManager:getIdToken - Returning ID token",t),i.values().next().value}getIdTokensByFilter(e,t,r){const n=r&&r.idToken||this.getTokenKeys().idToken,o=new Map;return n.forEach((r=>{if(!this.idTokenKeyMatchesFilter(r,{clientId:this.clientId,...e}))return;const n=this.getIdTokenCredential(r,t);n&&this.credentialMatchesFilter(n,e,t)&&o.set(r,n)})),o}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.clientId||-1!==r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase()))}removeIdToken(e,t){this.removeItem(e,t)}removeRefreshToken(e,t){this.removeItem(e,t)}getAccessToken(e,t,r,n){const o=t.correlationId;this.commonLogger.trace("CacheManager - getAccessToken called",o);const i=vt.createSearchScopes(t.scopes),s=t.authenticationScheme||xe.BEARER,a=s&&s.toLowerCase()!==xe.BEARER.toLowerCase()?Ae.ACCESS_TOKEN_WITH_AUTH_SCHEME:Ae.ACCESS_TOKEN,c={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:a,clientId:this.clientId,realm:n||e.tenantId,target:i,tokenType:s,keyId:t.sshKid},l=r&&r.accessToken||this.getTokenKeys().accessToken,h=[];l.forEach((e=>{if(this.accessTokenKeyMatchesFilter(e,c,!0)){const t=this.getAccessTokenCredential(e,o);t&&this.credentialMatchesFilter(t,c,o)&&h.push(t)}}));const d=h.length;return d<1?(this.commonLogger.info("CacheManager:getAccessToken - No token found",o),null):d>1?(this.commonLogger.info("CacheManager:getAccessToken - Multiple access tokens found, clearing them",o),h.forEach((e=>{this.removeAccessToken(this.generateCredentialKey(e),o)})),this.performanceClient.addFields({multiMatchedAT:h.length},o),null):(this.commonLogger.info("CacheManager:getAccessToken - Returning access token",o),h[0])}accessTokenKeyMatchesFilter(e,t,r){const n=e.toLowerCase();if(t.clientId&&-1===n.indexOf(t.clientId.toLowerCase()))return!1;if(t.homeAccountId&&-1===n.indexOf(t.homeAccountId.toLowerCase()))return!1;if(t.realm&&-1===n.indexOf(t.realm.toLowerCase()))return!1;if(t.target){const e=t.target.asArray();for(let t=0;t<e.length;t++){if(r&&!n.includes(e[t].toLowerCase()))return!1;if(!r&&n.includes(e[t].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e,t){const r=this.getTokenKeys(),n=[];return r.accessToken.forEach((r=>{if(!this.accessTokenKeyMatchesFilter(r,e,!0))return;const o=this.getAccessTokenCredential(r,t);o&&this.credentialMatchesFilter(o,e,t)&&n.push(o)})),n}getRefreshToken(e,t,r,n){this.commonLogger.trace("CacheManager - getRefreshToken called",r);const o=t?Se:void 0,i={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:Ae.REFRESH_TOKEN,clientId:this.clientId,familyId:o},s=n&&n.refreshToken||this.getTokenKeys().refreshToken,a=[];s.forEach((e=>{if(this.refreshTokenKeyMatchesFilter(e,i)){const t=this.getRefreshTokenCredential(e,r);t&&this.credentialMatchesFilter(t,i,r)&&a.push(t)}}));const c=a.length;return c<1?(this.commonLogger.info("CacheManager:getRefreshToken - No refresh token found.",r),null):(c>1&&this.performanceClient.addFields({multiMatchedRT:c},r),this.commonLogger.info("CacheManager:getRefreshToken - returning refresh token",r),a[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.familyId||-1!==r.indexOf(t.familyId.toLowerCase()))&&(!(!t.familyId&&t.clientId&&-1===r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase())))}readAppMetadataFromCache(e,t){const r={environment:e,clientId:this.clientId},n=this.getAppMetadataFilteredBy(r,t),o=Object.keys(n).map((e=>n[e])),s=o.length;if(s<1)return null;if(s>1)throw i(I);return o[0]}isAppMetadataFOCI(e,t){const r=this.readAppMetadataFromCache(e,t);return!(!r||r.familyId!==Se)}matchHomeAccountId(e,t){return!("string"!=typeof e.homeAccountId||t!==e.homeAccountId)}matchLocalAccountIdFromTokenClaims(e,t){return t===(e.oid||e.sub)}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){return!(t.toLowerCase()!==e.name?.toLowerCase())}matchUsername(e,t){return!(!e||"string"!=typeof e||t?.toLowerCase()!==e.toLowerCase())}matchUserAssertionHash(e,t){return!(!e.userAssertionHash||t!==e.userAssertionHash)}matchEnvironment(e,t,r){if(this.staticAuthorityOptions){const n=function(e,t,r){let n;const o=e.canonicalAuthority;if(o){const i=new _t(o).getUrlComponents().HostNameAndPort;n=Ot(t,r,i,e.cloudDiscoveryMetadata?.metadata,Ee)||Ot(t,r,i,Pt.metadata,Oe)||e.knownAuthorities}return n||[]}(this.staticAuthorityOptions,this.commonLogger,r);if(n.includes(t)&&n.includes(e.environment))return!0}const n=this.getAuthorityMetadataByAlias(t,r);return!!(n&&n.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!(!e.clientId||t!==e.clientId)}matchFamilyId(e,t){return!(!e.familyId||t!==e.familyId)}matchRealm(e,t){return!(e.realm?.toLowerCase()!==t.toLowerCase())}matchNativeAccountId(e,t){return!(!e.nativeAccountId||t!==e.nativeAccountId)}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t||(e.preferred_username===t||e.upn===t)}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!(!e.authorityType||t.toLowerCase()!==e.authorityType.toLowerCase())}matchTarget(e,t){if(e.credentialType!==Ae.ACCESS_TOKEN&&e.credentialType!==Ae.ACCESS_TOKEN_WITH_AUTH_SCHEME||!e.target)return!1;return vt.fromString(e.target).containsScopeSet(t)}matchTokenType(e,t){return!(!e.tokenType||e.tokenType!==t)}matchKeyId(e,t){return!(!e.keyId||e.keyId!==t)}isAppMetadata(e){return-1!==e.indexOf(be)}isAuthorityMetadata(e){return-1!==e.indexOf(_e)}generateAuthorityMetadataCacheKey(e){return`${_e}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class Yt extends Vt{async setAccount(){throw i(H)}getAccount(){throw i(H)}async setIdTokenCredential(){throw i(H)}getIdTokenCredential(){throw i(H)}async setAccessTokenCredential(){throw i(H)}getAccessTokenCredential(){throw i(H)}async setRefreshTokenCredential(){throw i(H)}getRefreshTokenCredential(){throw i(H)}setAppMetadata(){throw i(H)}getAppMetadata(){throw i(H)}setServerTelemetry(){throw i(H)}getServerTelemetry(){throw i(H)}setAuthorityMetadata(){throw i(H)}getAuthorityMetadata(){throw i(H)}getAuthorityMetadataKeys(){throw i(H)}setThrottlingCache(){throw i(H)}getThrottlingCache(){throw i(H)}removeItem(){throw i(H)}getKeys(){throw i(H)}getAccountKeys(){throw i(H)}getTokenKeys(){throw i(H)}generateCredentialKey(){throw i(H)}generateAccountKey(){throw i(H)}}
|
|
28
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const Xt=1,Zt=2,er=new Set(["accessTokenSize","durationMs","idTokenSize","matsSilentStatus","matsHttpStatus","refreshTokenSize","startTimeMs","status","multiMatchedAT","multiMatchedID","multiMatchedRT","unencryptedCacheCount","encryptedCacheExpiredCount","oldAccountCount","oldAccessCount","oldIdCount","oldRefreshCount","currAccountCount","currAccessCount","currIdCount","currRefreshCount","expiredCacheRemovedCount","upgradedCacheCount"]);
|
|
29
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
30
|
+
class tr{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:Xt,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""}}}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}
|
|
31
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const rr={tokenRenewalOffsetSeconds:300,preventCorsPreflight:!1},nr={loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info,correlationId:""},or={async sendGetRequestAsync(){throw i(H)},async sendPostRequestAsync(){throw i(H)}},ir={sku:"msal.js.common",version:Ve,cpu:"",os:""},sr={clientSecret:"",clientAssertion:void 0},ar={azureCloudInstance:Ye.None,tenant:`${j}`},cr={application:{appName:"",appVersion:""}};function lr(e){return e.authOptions.authority.options.protocolMode===$t.OIDC}
|
|
32
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const hr="home_account_id",dr="UPN",ur="client_id",gr="redirect_uri",pr="token_type",mr="req_cnf",fr="return_spa_code",yr="x-client-xtra-sku",wr="brk_client_id",Cr="brk_redirect_uri",Ir="instance_aware";
|
|
33
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
34
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
35
|
+
function vr(e,t,r){if(!t)return;const n=e.get(ur);n&&e.has(wr)&&r?.addFields({embeddedClientId:n,embeddedRedirectUri:e.get(gr)},t)}function kr(e,t){e.set("response_type",t)}function Tr(e,t,r=!0,n=te){!r||n.includes("openid")||t.includes("openid")||n.push("openid");const o=r?[...t||[],...n]:t||[],i=new vt(o);e.set("scope",i.printScopes())}function Ar(e,t){e.set(ur,t)}function br(e,t){e.set(gr,t)}function Sr(e,t){e.set("login_hint",t)}function _r(e,t){e.set(se,`UPN:${t}`)}function Er(e,t){e.set(se,`Oid:${t.uid}@${t.utid}`)}function Pr(e,t){e.set("sid",t)}function Rr(e,t,r){const n=Kr(t,r);try{JSON.parse(n)}catch(e){throw Ze(st)}e.set("claims",n)}function Or(e,t){e.set("client-request-id",t)}function Mr(e,t){e.set("x-client-SKU",t.sku),e.set("x-client-VER",t.version),t.os&&e.set("x-client-OS",t.os),t.cpu&&e.set("x-client-CPU",t.cpu)}function qr(e,t){t?.appName&&e.set("x-app-name",t.appName),t?.appVersion&&e.set("x-app-ver",t.appVersion)}function Nr(e,t){t&&e.set("state",t)}function xr(e,t){e.set("client_secret",t)}function Ur(e,t){t&&e.set("client_assertion",t)}function Lr(e,t){t&&e.set("client_assertion_type",t)}function Hr(e,t){e.set("grant_type",t)}function Br(e){e.set("client_info","1")}function Dr(e){e.has(Ir)||e.set(Ir,"true")}function Fr(e,t){Object.entries(t).forEach((([t,r])=>{!e.has(t)&&r&&e.set(t,r)}))}function Kr(e,t){let r;if(e)try{r=JSON.parse(e)}catch(e){throw Ze(st)}else r={};return t&&t.length>0&&(r.hasOwnProperty(me)||(r[me]={}),r[me][fe]={values:t}),JSON.stringify(r)}function $r(e,t){t&&(e.set(pr,xe.POP),e.set(mr,t))}function zr(e,t){t&&(e.set(pr,xe.SSH),e.set(mr,t))}function jr(e,t){e.set("x-client-current-telemetry",t.generateCurrentRequestHeaderValue()),e.set("x-client-last-telemetry",t.generateLastRequestHeaderValue())}function Wr(e){e.set("x-ms-lib-capability","retry-after, h429")}function Jr(e,t,r){e.has(wr)||e.set(wr,t),e.has(Cr)||e.set(Cr,r)}
|
|
36
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
37
|
+
function Qr(e){if(!e)return e;let t=e.toLowerCase();return et.endsWith(t,"?")?t=t.slice(0,-1):et.endsWith(t,"?/")&&(t=t.slice(0,-2)),et.endsWith(t,"/")||(t+="/"),t}function Gr(e){return e.startsWith("#/")?e.substring(2):e.startsWith("#")||e.startsWith("?")?e.substring(1):e}function Vr(e){if(!e||e.indexOf("=")<0)return null;try{const t=Gr(e),r=Object.fromEntries(new URLSearchParams(t));if(r.code||r.ear_jwe||r.error||r.error_description||r.state)return r}catch(e){throw i(g)}return null}function Yr(e){const t=new Array;return e.forEach(((e,r)=>{t.push(`${r}=${encodeURIComponent(e)}`)})),t.join("&")}function Xr(e){if(!e)return e;const t=e.split("#")[0];try{const e=new URL(t);return Qr(e.origin+e.pathname+e.search)}catch(e){return Qr(t)}}
|
|
38
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
39
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
40
|
+
const Zr="refreshTokenClientAcquireTokenWithCachedRefreshToken",en="getAuthCodeUrl",tn="handleCodeResponseFromServer",rn="popTokenGenerateCnf",nn="handleServerTokenResponse",on="authorityUpdateMetadataWithRegionalInformation",sn="regionDiscoveryGetRegionFromIMDS",an=(e,t,r,n,o)=>(...i)=>{r.trace(`Executing function '${t}'`,o);const s=n.startMeasurement(t,o);if(o){const e=t+"CallCount";n.incrementFields({[e]:1},o)}try{const n=e(...i);return s.end({success:!0}),r.trace(`Returning result from '${t}'`,o),n}catch(e){r.trace(`Error occurred in '${t}'`,o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("Unable to print error message.",o)}throw s.end({success:!1},e),e}},cn=(e,t,r,n,o)=>(...i)=>{r.trace(`Executing function '${t}'`,o);const s=n.startMeasurement(t,o);if(o){const e=t+"CallCount";n.incrementFields({[e]:1},o)}return e(...i).then((e=>(r.trace(`Returning result from '${t}'`,o),s.end({success:!0}),e))).catch((e=>{r.trace(`Error occurred in '${t}'`,o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("Unable to print error message.",o)}throw s.end({success:!1},e),e}))};
|
|
41
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
42
|
+
class ln{constructor(e,t,r,n){this.networkInterface=e,this.logger=t,this.performanceClient=r,this.correlationId=n}async detectRegion(e,t){let r=e;if(r)t.region_source=He;else{const e=ln.IMDS_OPTIONS;try{const n=await cn(this.getRegionFromIMDS.bind(this),sn,this.logger,this.performanceClient,this.correlationId)("2020-06-01",e);if(200===n.status&&(r=n.body,t.region_source=Be),400===n.status){const n=await cn(this.getCurrentVersion.bind(this),"regionDiscoveryGetCurrentVersion",this.logger,this.performanceClient,this.correlationId)(e);if(!n)return t.region_source=Le,null;const o=await cn(this.getRegionFromIMDS.bind(this),sn,this.logger,this.performanceClient,this.correlationId)(n,e);200===o.status&&(r=o.body,t.region_source=Be)}}catch(e){return t.region_source=Le,null}}return r||(t.region_source=Le),r||null}async getRegionFromIMDS(e,t){return this.networkInterface.sendGetRequestAsync(`${Z}?api-version=${e}&format=text`,t,2e3)}async getCurrentVersion(e){try{const t=await this.networkInterface.sendGetRequestAsync(`${Z}?format=json`,e);return 400===t.status&&t.body&&t.body["newest-versions"]&&t.body["newest-versions"].length>0?t.body["newest-versions"][0]:null}catch(e){return null}}}
|
|
43
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
44
|
+
function hn(){return Math.round((new Date).getTime()/1e3)}function dn(e){return e.getTime()/1e3}function un(e){return e?new Date(1e3*Number(e)):new Date}function gn(e,t){const r=Number(e)||0;return hn()+t>r}function pn(e,t){const r=Number(e)+24*t*60*60*1e3;return Date.now()>r}function mn(e){return Number(e)>hn()}
|
|
45
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */function fn(e,t,r,n,o){return{credentialType:Ae.ID_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,realm:o,lastUpdatedAt:Date.now().toString()}}function yn(e,t,r,n,o,s,a,c,l,h,d,u,g){const p={homeAccountId:e,credentialType:Ae.ACCESS_TOKEN,secret:r,cachedAt:hn().toString(),expiresOn:a.toString(),extendedExpiresOn:c.toString(),environment:t,clientId:n,realm:o,target:s,tokenType:d||xe.BEARER,lastUpdatedAt:Date.now().toString()};if(u&&(p.userAssertionHash=u),h&&(p.refreshOn=h.toString()),p.tokenType?.toLowerCase()!==xe.BEARER.toLowerCase())switch(p.credentialType=Ae.ACCESS_TOKEN_WITH_AUTH_SCHEME,p.tokenType){case xe.POP:const e=bt(r,l);if(!e?.cnf?.kid)throw i(O);p.keyId=e.cnf.kid;break;case xe.SSH:p.keyId=g}return p}function wn(e,t,r,n,o,i,s){const a={credentialType:Ae.REFRESH_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,lastUpdatedAt:Date.now().toString()};return i&&(a.userAssertionHash=i),o&&(a.familyId=o),s&&(a.expiresOn=s.toString()),a}function Cn(e){return e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("credentialType")&&e.hasOwnProperty("clientId")&&e.hasOwnProperty("secret")}function In(e){return!!e&&(Cn(e)&&e.hasOwnProperty("realm")&&e.hasOwnProperty("target")&&(e.credentialType===Ae.ACCESS_TOKEN||e.credentialType===Ae.ACCESS_TOKEN_WITH_AUTH_SCHEME))}function vn(e){return!!e&&(Cn(e)&&e.credentialType===Ae.REFRESH_TOKEN)}function kn(){return hn()+86400}function Tn(e,t,r){e.authorization_endpoint=t.authorization_endpoint,e.token_endpoint=t.token_endpoint,e.end_session_endpoint=t.end_session_endpoint,e.issuer=t.issuer,e.endpointsFromNetwork=r,e.jwks_uri=t.jwks_uri}function An(e,t,r){e.aliases=t.aliases,e.preferred_cache=t.preferred_cache,e.preferred_network=t.preferred_network,e.aliasesFromNetwork=r}function bn(e){return e.expiresAt<=hn()}
|
|
46
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */ln.IMDS_OPTIONS={headers:{Metadata:"true"}};class Sn{constructor(e,t,r,n,o,i,s,a){this.canonicalAuthority=e,this._canonicalAuthority.validateAsUri(),this.networkInterface=t,this.cacheManager=r,this.authorityOptions=n,this.regionDiscoveryMetadata={region_used:void 0,region_source:void 0,region_outcome:void 0},this.logger=o,this.performanceClient=s,this.correlationId=i,this.managedIdentity=a||!1,this.regionDiscovery=new ln(t,this.logger,this.performanceClient,this.correlationId)}getAuthorityType(e){if(e.HostNameAndPort.endsWith(J))return Ft;const t=e.PathSegments;if(t.length)switch(t[0].toLowerCase()){case"adfs":return Bt;case"dstsv2":return Dt}return Ht}get authorityType(){return this.getAuthorityType(this.canonicalAuthorityUrlComponents)}get protocolMode(){return this.authorityOptions.protocolMode}get options(){return this.authorityOptions}get canonicalAuthority(){return this._canonicalAuthority.urlString}set canonicalAuthority(e){this._canonicalAuthority=new _t(e),this._canonicalAuthority.validateAsUri(),this._canonicalAuthorityUrlComponents=null}get canonicalAuthorityUrlComponents(){return this._canonicalAuthorityUrlComponents||(this._canonicalAuthorityUrlComponents=this._canonicalAuthority.getUrlComponents()),this._canonicalAuthorityUrlComponents}get hostnameAndPort(){return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()}get tenant(){return this.canonicalAuthorityUrlComponents.PathSegments[0]}get authorizationEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.authorization_endpoint);throw i(h)}get tokenEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint);throw i(h)}get deviceCodeEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint.replace("/token","/devicecode"));throw i(h)}get endSessionEndpoint(){if(this.discoveryComplete()){if(!this.metadata.end_session_endpoint)throw i(N);return this.replacePath(this.metadata.end_session_endpoint)}throw i(h)}get selfSignedJwtAudience(){if(this.discoveryComplete())return this.replacePath(this.metadata.issuer);throw i(h)}get jwksUri(){if(this.discoveryComplete())return this.replacePath(this.metadata.jwks_uri);throw i(h)}canReplaceTenant(e){return 1===e.PathSegments.length&&!Sn.reservedTenantDomains.has(e.PathSegments[0])&&this.getAuthorityType(e)===Ht&&this.protocolMode!==$t.OIDC}replaceTenant(e){return e.replace(/{tenant}|{tenantid}/g,this.tenant)}replacePath(e){let t=e;const r=new _t(this.metadata.canonical_authority).getUrlComponents(),n=r.PathSegments;return this.canonicalAuthorityUrlComponents.PathSegments.forEach(((e,o)=>{let i=n[o];if(0===o&&this.canReplaceTenant(r)){const e=new _t(this.metadata.authorization_endpoint).getUrlComponents().PathSegments[0];i!==e&&(this.logger.verbose(`Replacing tenant domain name '${i}' with id '${e}'`,this.correlationId),i=e)}e!==i&&(t=t.replace(`/${i}/`,`/${e}/`))})),this.replaceTenant(t)}get defaultOpenIdConfigurationEndpoint(){const e=this.hostnameAndPort;return this.canonicalAuthority.endsWith("v2.0/")||this.authorityType===Bt||this.protocolMode===$t.OIDC&&!this.isAliasOfKnownMicrosoftAuthority(e)?`${this.canonicalAuthority}.well-known/openid-configuration`:`${this.canonicalAuthority}v2.0/.well-known/openid-configuration`}discoveryComplete(){return!!this.metadata}async resolveEndpointsAsync(){const e=this.getCurrentMetadataEntity(),t=await cn(this.updateCloudDiscoveryMetadata.bind(this),"authorityUpdateCloudDiscoveryMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.canonicalAuthority=this.canonicalAuthority.replace(this.hostnameAndPort,e.preferred_network);const r=await cn(this.updateEndpointMetadata.bind(this),"authorityUpdateEndpointMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.updateCachedMetadata(e,t,{source:r}),this.performanceClient?.addFields({cloudDiscoverySource:t,authorityEndpointSource:r},this.correlationId)}getCurrentMetadataEntity(){let e=this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort,this.correlationId);return e||(e={aliases:[],preferred_cache:this.hostnameAndPort,preferred_network:this.hostnameAndPort,canonical_authority:this.canonicalAuthority,authorization_endpoint:"",token_endpoint:"",end_session_endpoint:"",issuer:"",aliasesFromNetwork:!1,endpointsFromNetwork:!1,expiresAt:kn(),jwks_uri:""}),e}updateCachedMetadata(e,t,r){t!==Pe&&r?.source!==Pe&&(e.expiresAt=kn(),e.canonical_authority=this.canonicalAuthority);const n=this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache,this.correlationId);this.cacheManager.setAuthorityMetadata(n,e,this.correlationId),this.metadata=e}async updateEndpointMetadata(e){const t=this.updateEndpointMetadataFromLocalSources(e);if(t){if(t.source===Oe&&this.authorityOptions.azureRegionConfiguration?.azureRegion&&t.metadata){Tn(e,await cn(this.updateMetadataWithRegionalInformation.bind(this),on,this.logger,this.performanceClient,this.correlationId)(t.metadata),!1),e.canonical_authority=this.canonicalAuthority}return t.source}let r=await cn(this.getEndpointMetadataFromNetwork.bind(this),"authorityGetEndpointMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return this.authorityOptions.azureRegionConfiguration?.azureRegion&&(r=await cn(this.updateMetadataWithRegionalInformation.bind(this),on,this.logger,this.performanceClient,this.correlationId)(r)),Tn(e,r,!0),Re;throw i(u,this.defaultOpenIdConfigurationEndpoint)}updateEndpointMetadataFromLocalSources(e){this.logger.verbose("Attempting to get endpoint metadata from authority configuration",this.correlationId);const t=this.getEndpointMetadataFromConfig();if(t)return this.logger.verbose("Found endpoint metadata in authority configuration",this.correlationId),Tn(e,t,!1),{source:Ee};this.logger.verbose("Did not find endpoint metadata in the config... Attempting to get endpoint metadata from the hardcoded values.",this.correlationId);const r=this.getEndpointMetadataFromHardcodedValues();if(r)return Tn(e,r,!1),{source:Oe,metadata:r};this.logger.verbose("Did not find endpoint metadata in hardcoded values... Attempting to get endpoint metadata from the network metadata cache.",this.correlationId);const n=bn(e);return this.isAuthoritySameType(e)&&e.endpointsFromNetwork&&!n?(this.logger.verbose("Found endpoint metadata in the cache.",""),{source:Pe}):(n&&this.logger.verbose("The metadata entity is expired.",""),null)}isAuthoritySameType(e){return new _t(e.canonical_authority).getUrlComponents().PathSegments.length===this.canonicalAuthorityUrlComponents.PathSegments.length}getEndpointMetadataFromConfig(){if(this.authorityOptions.authorityMetadata)try{return JSON.parse(this.authorityOptions.authorityMetadata)}catch(e){throw Ze(dt)}return null}async getEndpointMetadataFromNetwork(){const e={},t=this.defaultOpenIdConfigurationEndpoint;this.logger.verbose(`Authority.getEndpointMetadataFromNetwork: attempting to retrieve OAuth endpoints from '${t}'`,this.correlationId);try{const r=await this.networkInterface.sendGetRequestAsync(t,e),n=function(e){return e.hasOwnProperty("authorization_endpoint")&&e.hasOwnProperty("token_endpoint")&&e.hasOwnProperty("issuer")&&e.hasOwnProperty("jwks_uri")}
|
|
47
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */(r.body);return n?r.body:(this.logger.verbose("Authority.getEndpointMetadataFromNetwork: could not parse response as OpenID configuration",this.correlationId),null)}catch(e){return this.logger.verbose(`Authority.getEndpointMetadataFromNetwork: '${e}'`,this.correlationId),null}}getEndpointMetadataFromHardcodedValues(){return this.hostnameAndPort in Et?Et[this.hostnameAndPort]:null}async updateMetadataWithRegionalInformation(e){const t=this.authorityOptions.azureRegionConfiguration?.azureRegion;if(t){if("TryAutoDetect"!==t)return this.regionDiscoveryMetadata.region_outcome=De,this.regionDiscoveryMetadata.region_used=t,Sn.replaceWithRegionalInformation(e,t);const r=await cn(this.regionDiscovery.detectRegion.bind(this.regionDiscovery),"regionDiscoveryDetectRegion",this.logger,this.performanceClient,this.correlationId)(this.authorityOptions.azureRegionConfiguration?.environmentRegion,this.regionDiscoveryMetadata);if(r)return this.regionDiscoveryMetadata.region_outcome=Fe,this.regionDiscoveryMetadata.region_used=r,Sn.replaceWithRegionalInformation(e,r);this.regionDiscoveryMetadata.region_outcome=Ke}return e}async updateCloudDiscoveryMetadata(e){const t=this.updateCloudDiscoveryMetadataFromLocalSources(e);if(t)return t;const r=await cn(this.getCloudDiscoveryMetadataFromNetwork.bind(this),"authorityGetCloudDiscoveryMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return An(e,r,!0),Re;throw Ze(ut)}updateCloudDiscoveryMetadataFromLocalSources(e){this.logger.verbose("Attempting to get cloud discovery metadata from authority configuration",this.correlationId),this.logger.verbosePii(`Known Authorities: '${this.authorityOptions.knownAuthorities||Y}'`,this.correlationId),this.logger.verbosePii(`Authority Metadata: '${this.authorityOptions.authorityMetadata||Y}'`,this.correlationId),this.logger.verbosePii(`Canonical Authority: '${e.canonical_authority||Y}'`,this.correlationId);const t=this.getCloudDiscoveryMetadataFromConfig();if(t)return this.logger.verbose("Found cloud discovery metadata in authority configuration",this.correlationId),An(e,t,!1),Ee;this.logger.verbose("Did not find cloud discovery metadata in the config... Attempting to get cloud discovery metadata from the hardcoded values.",this.correlationId);const r=(n=this.hostnameAndPort,Mt(Pt.metadata,n));var n;if(r)return this.logger.verbose("Found cloud discovery metadata from hardcoded values.",this.correlationId),An(e,r,!1),Oe;this.logger.verbose("Did not find cloud discovery metadata in hardcoded values... Attempting to get cloud discovery metadata from the network metadata cache.",this.correlationId);const o=bn(e);return this.isAuthoritySameType(e)&&e.aliasesFromNetwork&&!o?(this.logger.verbose("Found cloud discovery metadata in the cache.",""),Pe):(o&&this.logger.verbose("The metadata entity is expired.",""),null)}getCloudDiscoveryMetadataFromConfig(){if(this.authorityType===Ft)return this.logger.verbose("CIAM authorities do not support cloud discovery metadata, generate the aliases from authority host.",this.correlationId),Sn.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);if(this.authorityOptions.cloudDiscoveryMetadata){this.logger.verbose("The cloud discovery metadata has been provided as a network response, in the config.",this.correlationId);try{this.logger.verbose("Attempting to parse the cloud discovery metadata.",this.correlationId);const e=Mt(JSON.parse(this.authorityOptions.cloudDiscoveryMetadata).metadata,this.hostnameAndPort);if(this.logger.verbose("Parsed the cloud discovery metadata.",""),e)return this.logger.verbose("There is returnable metadata attached to the parsed cloud discovery metadata.",this.correlationId),e;this.logger.verbose("There is no metadata attached to the parsed cloud discovery metadata.",this.correlationId)}catch(e){throw this.logger.verbose("Unable to parse the cloud discovery metadata. Throwing Invalid Cloud Discovery Metadata Error.",this.correlationId),Ze(ht)}}return this.isInKnownAuthorities()?(this.logger.verbose("The host is included in knownAuthorities. Creating new cloud discovery metadata from the host.",this.correlationId),Sn.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)):null}async getCloudDiscoveryMetadataFromNetwork(){const e=`${W}${this.canonicalAuthority}oauth2/v2.0/authorize`,t={};let n=null;try{const r=await this.networkInterface.sendGetRequestAsync(e,t);let o,i;if(function(e){return e.hasOwnProperty("tenant_discovery_endpoint")&&e.hasOwnProperty("metadata")}
|
|
48
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */(r.body))o=r.body,i=o.metadata,this.logger.verbosePii(`tenant_discovery_endpoint is: '${o.tenant_discovery_endpoint}'`,this.correlationId);else{if(!function(e){return e.hasOwnProperty("error")&&e.hasOwnProperty("error_description")}(r.body))return this.logger.error("AAD did not return a CloudInstanceDiscoveryResponse or CloudInstanceDiscoveryErrorResponse",this.correlationId),null;if(this.logger.warning(`A CloudInstanceDiscoveryErrorResponse was returned. The cloud instance discovery network request's status code is: '${r.status}'`,this.correlationId),o=r.body,"invalid_instance"===o.error)return this.logger.error("The CloudInstanceDiscoveryErrorResponse error is invalid_instance.",this.correlationId),null;this.logger.warning(`The CloudInstanceDiscoveryErrorResponse error is '${o.error}'`,this.correlationId),this.logger.warning(`The CloudInstanceDiscoveryErrorResponse error description is '${o.error_description}'`,this.correlationId),this.logger.warning("Setting the value of the CloudInstanceDiscoveryMetadata (returned from the network, correlationId) to []",this.correlationId),i=[]}this.logger.verbose("Attempting to find a match between the developer's authority and the CloudInstanceDiscoveryMetadata returned from the network request.",this.correlationId),n=Mt(i,this.hostnameAndPort)}catch(e){if(e instanceof r)this.logger.error(`There was a network error while attempting to get the cloud discovery instance metadata.\nError: '${e.errorCode}'\nError Description: '${e.errorMessage}'`,this.correlationId);else{const t=e;this.logger.error(`A non-MSALJS error was thrown while attempting to get the cloud instance discovery metadata.\nError: '${t.name}'\nError Description: '${t.message}'`,this.correlationId)}return null}return n||(this.logger.warning("The developer's authority was not found within the CloudInstanceDiscoveryMetadata returned from the network request.",this.correlationId),this.logger.verbose("Creating custom Authority for custom domain scenario.",this.correlationId),n=Sn.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),n}isInKnownAuthorities(){return this.authorityOptions.knownAuthorities.filter((e=>e&&_t.getDomainFromUrl(e).toLowerCase()===this.hostnameAndPort)).length>0}static generateAuthority(e,t){let r;if(t&&t.azureCloudInstance!==Ye.None){const e=t.tenant?t.tenant:j;r=`${t.azureCloudInstance}/${e}/`}return r||e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return"login.microsoftonline.com";if(this.discoveryComplete())return this.metadata.preferred_cache;throw i(h)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return Rt.has(e)}static isPublicCloudAuthority(e){return ee.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,r){const n=new _t(e);n.validateAsUri();const o=n.getUrlComponents();let i=`${t}.${o.HostNameAndPort}`;this.isPublicCloudAuthority(o.HostNameAndPort)&&(i=`${t}.login.microsoft.com`);const s=_t.constructAuthorityUriFromObject({...n.getUrlComponents(),HostNameAndPort:i}).urlString;return r?`${s}?${r}`:s}static replaceWithRegionalInformation(e,t){const r={...e};return r.authorization_endpoint=Sn.buildRegionalAuthorityString(r.authorization_endpoint,t),r.token_endpoint=Sn.buildRegionalAuthorityString(r.token_endpoint,t),r.end_session_endpoint&&(r.end_session_endpoint=Sn.buildRegionalAuthorityString(r.end_session_endpoint,t)),r}static transformCIAMAuthority(e){let t=e;const r=new _t(e).getUrlComponents();if(0===r.PathSegments.length&&r.HostNameAndPort.endsWith(J)){t=`${t}${r.HostNameAndPort.split(".")[0]}.onmicrosoft.com`}return t}}function _n(e){return e.endsWith("/")?e:`${e}/`}function En(e){const t=e.cloudDiscoveryMetadata;let r;if(t)try{r=JSON.parse(t)}catch(e){throw Ze(ht)}return{canonicalAuthority:e.authority?_n(e.authority):void 0,knownAuthorities:e.knownAuthorities,cloudDiscoveryMetadata:r}}
|
|
49
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */async function Pn(e,t,r,n,o,s,a){const c=Sn.transformCIAMAuthority(_n(e)),l=new Sn(c,t,r,n,o,s,a);try{return await cn(l.resolveEndpointsAsync.bind(l),"authorityResolveEndpointsAsync",o,a,s)(),l}catch(e){throw i(h)}}
|
|
50
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */Sn.reservedTenantDomains=new Set(["{tenant}","{tenantid}",ue,pe,ge]);class Rn extends r{constructor(e,t,r,n,o){super(e,t,r),this.name="ServerError",this.errorNo=n,this.status=o,Object.setPrototypeOf(this,Rn.prototype)}}
|
|
51
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */function On(e,t,r){return{clientId:e,authority:t.authority,scopes:t.scopes,homeAccountIdentifier:r,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid,embeddedClientId:t.embeddedClientId||t.tokenBodyParameters?.clientId}}
|
|
52
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class Mn{static generateThrottlingStorageKey(e){return`${Ue}.${JSON.stringify(e)}`}static preProcess(e,t,r){const n=Mn.generateThrottlingStorageKey(t),o=e.getThrottlingCache(n,r);if(o){if(o.throttleTime<Date.now())return void e.removeItem(n,r);throw new Rn(o.errorCodes?.join(" ")||"",o.errorMessage,o.subError)}}static postProcess(e,t,r,n){if(Mn.checkResponseStatus(r)||Mn.checkResponseForRetryAfter(r)){const o={throttleTime:Mn.calculateThrottleTime(parseInt(r.headers[ie])),error:r.body.error,errorCodes:r.body.error_codes,errorMessage:r.body.error_description,subError:r.body.suberror};e.setThrottlingCache(Mn.generateThrottlingStorageKey(t),o,n)}}static checkResponseStatus(e){return 429===e.status||e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return!!e.headers&&(e.headers.hasOwnProperty(ie)&&(e.status<200||e.status>=300))}static calculateThrottleTime(e){const t=e<=0?0:e,r=Date.now()/1e3;return Math.floor(1e3*Math.min(r+(t||60),r+3600))}static removeThrottle(e,t,r,n){const o=On(t,r,n),i=this.generateThrottlingStorageKey(o);e.removeItem(i,r.correlationId)}}
|
|
53
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class qn extends r{constructor(e,t,r){super(e.errorCode,e.errorMessage,e.subError),Object.setPrototypeOf(this,qn.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=r}}function Nn(e,t,r,n){return e.errorMessage=`${e.errorMessage}, additionalErrorInfo: error.name:${n?.name}, error.message:${n?.message}`,new qn(e,t,r)}
|
|
54
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class xn{constructor(e,t){this.config=function({authOptions:e,systemOptions:t,loggerOptions:r,storageInterface:n,networkInterface:o,cryptoInterface:i,clientCredentials:s,libraryInfo:a,telemetry:c,serverTelemetryManager:l,persistencePlugin:h,serializableCache:d}){const u={...nr,...r};return{authOptions:(g=e,{clientCapabilities:[],azureCloudOptions:ar,instanceAware:!1,...g}),systemOptions:{...rr,...t},loggerOptions:u,storageInterface:n||new Yt(e.clientId,F,new $(u),new tr),networkInterface:o||or,cryptoInterface:i||F,clientCredentials:s||sr,libraryInfo:{...ir,...a},telemetry:{...cr,...c},serverTelemetryManager:l||null,persistencePlugin:h||null,serializableCache:d||null};var g}(e),this.logger=new $(this.config.loggerOptions,Ge,Ve),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}createTokenRequestHeaders(e){const t={};if(t[ne]="application/x-www-form-urlencoded;charset=utf-8",!this.config.systemOptions.preventCorsPreflight&&e)switch(e.type){case hr:try{const r=Lt(e.credential);t[se]=`Oid:${r.uid}@${r.utid}`}catch(e){this.logger.verbose(`Could not parse home account ID for CCS Header: '${e}'`,"")}break;case dr:t[se]=`UPN: ${e.credential}`}return t}async executePostToTokenEndpoint(e,t,r,n,o){const i=await this.sendPostRequest(n,e,{body:t,headers:r},o);return this.config.serverTelemetryManager&&i.status<500&&429!==i.status&&this.config.serverTelemetryManager.clearTelemetryCache(),i}async sendPostRequest(e,t,n,o){let s;Mn.preProcess(this.cacheManager,e,o);try{s=await cn(this.networkClient.sendPostRequestAsync.bind(this.networkClient),"networkClientSendPostRequestAsync",this.logger,this.performanceClient,o)(t,n);const e=s.headers||{};this.performanceClient?.addFields({refreshTokenSize:s.body.refresh_token?.length||0,httpVerToken:e[he]||"",requestId:e[le]||""},o)}catch(e){if(e instanceof qn){const t=e.responseHeaders;throw t&&this.performanceClient?.addFields({httpVerToken:t[he]||"",requestId:t[le]||"",contentTypeHeader:t[ne]||void 0,contentLengthHeader:t[oe]||void 0,httpStatus:e.httpStatus},o),e.error}throw e instanceof r?e:i(d)}return Mn.postProcess(this.cacheManager,e,s,o),s}async updateAuthority(e,t){const r=`https://${e}/${this.authority.tenant}/`,n=await Pn(r,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=n}createTokenQueryParameters(e){const t=new Map;return e.embeddedClientId&&Jr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.tokenQueryParameters&&Fr(t,e.tokenQueryParameters),Or(t,e.correlationId),vr(t,e.correlationId,this.performanceClient),Yr(t)}}
|
|
55
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const Un="no_tokens_found",Ln="native_account_unavailable",Hn="refresh_token_expired",Bn="ux_not_allowed",Dn="interaction_required",Fn="consent_required",Kn="login_required",$n="bad_token";var zn=Object.freeze({__proto__:null,badToken:$n,consentRequired:Fn,interactionRequired:Dn,loginRequired:Kn,nativeAccountUnavailable:Ln,noTokensFound:Un,refreshTokenExpired:Hn,uxNotAllowed:Bn});
|
|
56
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const jn=[Dn,Fn,Kn,$n,Bn],Wn=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token","ux_not_allowed"];class Jn extends r{constructor(e,t,r,n,o,i,s,a){super(e,t,r),Object.setPrototypeOf(this,Jn.prototype),this.timestamp=n||"",this.traceId=o||"",this.correlationId=i||"",this.claims=s||"",this.name="InteractionRequiredAuthError",this.errorNo=a}}function Qn(e,t,r){const n=!!e&&jn.indexOf(e)>-1,o=!!r&&Wn.indexOf(r)>-1,i=!!t&&jn.some((e=>t.indexOf(e)>-1));return n||i||o}function Gn(e,t){return new Jn(e,t)}
|
|
57
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class Vn{static setRequestState(e,t,r){const n=Vn.generateLibraryState(e,r);return t?`${n}|${t}`:n}static generateLibraryState(e,t){if(!e)throw i(P);const r={id:e.createNewGuid()};t&&(r.meta=t);const n=JSON.stringify(r);return e.base64Encode(n)}static parseRequestState(e,t){if(!e)throw i(P);if(!t)throw i(p);try{const r=t.split("|"),n=r[0],o=r.length>1?r.slice(1).join("|"):"",i=e.base64Decode(n);return{userRequestState:o||"",libraryState:JSON.parse(i)}}catch(e){throw i(p)}}}
|
|
58
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const Yn="sw";class Xn{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){const r=await cn(this.generateKid.bind(this),rn,t,this.performanceClient,e.correlationId)(e),n=this.cryptoUtils.base64UrlEncode(JSON.stringify(r));return{kid:r.kid,reqCnfString:n}}async generateKid(e){return{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:Yn}}async signPopToken(e,t,r){return this.signPayload(e,t,r)}async signPayload(e,t,r,n){const{resourceRequestMethod:o,resourceRequestUri:i,shrClaims:s,shrNonce:a,shrOptions:c}=r,l=i?new _t(i):void 0,h=l?.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:hn(),m:o?.toUpperCase(),u:h?.HostNameAndPort,nonce:a||this.cryptoUtils.createNewGuid(),p:h?.AbsolutePath,q:h?.QueryString?[[],h.QueryString]:void 0,client_claims:s||void 0,...n},t,c,r.correlationId)}}
|
|
59
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class Zn{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}
|
|
60
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class eo{constructor(e,t,r,n,o,i,s){this.clientId=e,this.cacheStorage=t,this.cryptoObj=r,this.logger=n,this.performanceClient=o,this.serializableCache=i,this.persistencePlugin=s}validateTokenResponse(e,t,r){if(e.error||e.error_description||e.suberror){const n=`Error(s): ${e.error_codes||X} - Timestamp: ${e.timestamp||X} - Description: ${e.error_description||X} - Correlation ID: ${e.correlation_id||X} - Trace ID: ${e.trace_id||X}`,o=e.error_codes?.length?e.error_codes[0]:void 0,i=new Rn(e.error,n,e.suberror,o,e.status);if(r&&e.status&&e.status>=500&&e.status<=599)return void this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently unavailable and the access token is unable to be refreshed.\n${i}`,t);if(r&&e.status&&e.status>=400&&e.status<=499)return void this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently available but is unable to refresh the access token.\n${i}`,t);if(Qn(e.error,e.error_description,e.suberror))throw new Jn(e.error,e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",o);throw i}}async handleServerTokenResponse(e,t,r,n,o,s,a,c,l){let h,d;if(e.id_token){if(h=bt(e.id_token||"",this.cryptoObj.base64Decode),o&&o.nonce&&h.nonce!==o.nonce)throw i(y);if(n.maxAge||0===n.maxAge){const e=h.auth_time;if(!e)throw i(w);St(e,n.maxAge)}}this.homeAccountIdentifier=Jt(e.client_info||"",t.authorityType,this.logger,this.cryptoObj,n.correlationId,h),o&&o.state&&(d=Vn.parseRequestState(this.cryptoObj,o.state)),e.key_id=e.key_id||n.sshKid||void 0;const u=this.generateCacheRecord(e,t,r,n,h,s,o);let g;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("Persistence enabled, calling beforeCacheAccess",n.correlationId),g=new Zn(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(g)),a&&!c&&u.account){const e=this.cacheStorage.generateAccountKey(zt(u.account));if(!this.cacheStorage.getAccount(e,n.correlationId))return this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache",n.correlationId),await eo.generateAuthenticationResult(this.cryptoObj,t,u,!1,n,this.performanceClient,h,d,void 0,l)}await this.cacheStorage.saveCacheRecord(u,n.correlationId,n.storeInCache)}finally{this.persistencePlugin&&this.serializableCache&&g&&(this.logger.verbose("Persistence enabled, calling afterCacheAccess",n.correlationId),await this.persistencePlugin.afterCacheAccess(g))}return eo.generateAuthenticationResult(this.cryptoObj,t,u,!1,n,this.performanceClient,h,d,e,l)}generateCacheRecord(e,t,r,n,o,s,a){const c=t.getPreferredCache();if(!c)throw i(_);const l=Kt(o);let h,d;e.id_token&&o&&(h=fn(this.homeAccountIdentifier,c,e.id_token,this.clientId,l||""),d=to(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,n.correlationId,o,e.client_info,c,l,a,void 0,this.logger));let u=null;if(e.access_token){const o=e.scope?vt.fromString(e.scope):new vt(n.scopes||[]),i=("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0,a=("string"==typeof e.ext_expires_in?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,h=("string"==typeof e.refresh_in?parseInt(e.refresh_in,10):e.refresh_in)||void 0,d=r+i,g=d+a,p=h&&h>0?r+h:void 0;u=yn(this.homeAccountIdentifier,c,e.access_token,this.clientId,l||t.tenant||"",o.printScopes(),d,g,this.cryptoObj.base64Decode,p,e.token_type,s,e.key_id)}let g=null;if(e.refresh_token){let t;if(e.refresh_token_expires_in){t=r+("string"==typeof e.refresh_token_expires_in?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in)}g=wn(this.homeAccountIdentifier,c,e.refresh_token,this.clientId,e.foci,s,t)}let p=null;return e.foci&&(p={clientId:this.clientId,environment:c,familyId:e.foci}),{account:d,idToken:h,accessToken:u,refreshToken:g,appMetadata:p}}static async generateAuthenticationResult(e,t,r,n,o,s,a,c,l,h){let d,u,g="",p=[],m=null,f="";if(r.accessToken){if(r.accessToken.tokenType!==xe.POP||o.popKid)g=r.accessToken.secret;else{const t=new Xn(e,s),{secret:n,keyId:a}=r.accessToken;if(!a)throw i(x);g=await t.signPopToken(n,a,o)}p=vt.fromString(r.accessToken.target).asArray(),m=un(r.accessToken.expiresOn),d=un(r.accessToken.extendedExpiresOn),r.accessToken.refreshOn&&(u=un(r.accessToken.refreshOn))}r.appMetadata&&(f=r.appMetadata.familyId===Se?Se:"");const y=a?.oid||a?.sub||"",w=a?.tid||"";l?.spa_accountid&&r.account&&(r.account.nativeAccountId=l?.spa_accountid);const C=r.account?At(zt(r.account),void 0,a,r.idToken?.secret):null;return{authority:t.canonicalAuthority,uniqueId:y,tenantId:w,scopes:p,account:C,idToken:r?.idToken?.secret||"",idTokenClaims:a||{},accessToken:g,fromCache:n,expiresOn:m,extExpiresOn:d,refreshOn:u,correlationId:o.correlationId,requestId:h||"",familyId:f,tokenType:r.accessToken?.tokenType||"",state:c?c.userRequestState:"",cloudGraphHostName:r.account?.cloudGraphHostName||"",msGraphHost:r.account?.msGraphHost||"",code:l?.spa_code,fromPlatformBroker:!1}}}function to(e,t,r,n,o,i,s,a,c,l,h,d){d?.verbose("setCachedAccount called",o);const u=e.getAccountKeys().find((e=>e.startsWith(r)));let g=null;u&&(g=e.getAccount(u,o));const p=g||jt({homeAccountId:r,idTokenClaims:i,clientInfo:s,environment:a,cloudGraphHostName:l?.cloud_graph_host_name,msGraphHost:l?.msgraph_host,nativeAccountId:h},t,n),m=p.tenantProfiles||[],f=c||p.realm;if(f&&!m.find((e=>e.tenantId===f))){const e=Tt(r,p.localAccountId,f,i);m.push(e)}return p.tenantProfiles=m,p}
|
|
61
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */async function ro(e,t,r){if("string"==typeof e)return e;return e({clientId:t,tokenEndpoint:r})}
|
|
62
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class no extends xn{constructor(e,t){super(e,t),this.includeRedirectUri=!0,this.oidcDefaultScopes=this.config.authOptions.authority.options.OIDCOptions?.defaultScopes}async acquireToken(e,t){if(!e.code)throw i(v);const r=hn(),n=await cn(this.executeTokenRequest.bind(this),"authClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(this.authority,e),o=n.headers?.[le],s=new eo(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return s.validateTokenResponse(n.body,e.correlationId),cn(s.handleServerTokenResponse.bind(s),nn,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,r,e,t,void 0,void 0,void 0,o)}getLogoutUri(e){if(!e)throw Ze(ct);const t=this.createLogoutUrlQueryString(e);return _t.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t){const r=this.createTokenQueryParameters(t),n=_t.appendQueryString(e.tokenEndpoint,r),o=await cn(this.createTokenRequestBody.bind(this),"authClientCreateTokenRequestBody",this.logger,this.performanceClient,t.correlationId)(t);let i;if(t.clientInfo)try{const e=Ut(t.clientInfo,this.cryptoUtils.base64Decode);i={credential:`${e.uid}.${e.utid}`,type:hr}}catch(e){this.logger.verbose(`Could not parse client info for CCS Header: '${e}'`,t.correlationId)}const s=this.createTokenRequestHeaders(i||t.ccsCredential),a=On(this.config.authOptions.clientId,t);return cn(this.executePostToTokenEndpoint.bind(this),"authorizationCodeClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,t.correlationId)(n,o,s,a,t.correlationId)}async createTokenRequestBody(e){const t=new Map;if(Ar(t,e.embeddedClientId||e.tokenBodyParameters?.[ur]||this.config.authOptions.clientId),this.includeRedirectUri)br(t,e.redirectUri);else if(!e.redirectUri)throw Ze(tt);if(Tr(t,e.scopes,!0,this.oidcDefaultScopes),function(e,t){e.set("code",t)}(t,e.code),Mr(t,this.config.libraryInfo),qr(t,this.config.telemetry.application),Wr(t),this.serverTelemetryManager&&!lr(this.config)&&jr(t,this.serverTelemetryManager),e.codeVerifier&&function(e,t){e.set("code_verifier",t)}(t,e.codeVerifier),this.config.clientCredentials.clientSecret&&xr(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Ur(t,await ro(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),Lr(t,r.assertionType)}if(Hr(t,ve),Br(t),e.authenticationScheme===xe.POP){const r=new Xn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await cn(r.generateCnf.bind(r),rn,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}$r(t,n)}else if(e.authenticationScheme===xe.SSH){if(!e.sshJwk)throw Ze(gt);zr(t,e.sshJwk)}let r;if((!et.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Rr(t,e.claims,this.config.authOptions.clientCapabilities),e.clientInfo)try{const t=Ut(e.clientInfo,this.cryptoUtils.base64Decode);r={credential:`${t.uid}.${t.utid}`,type:hr}}catch(t){this.logger.verbose(`Could not parse client info for CCS Header: '${t}'`,e.correlationId)}else r=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&r)switch(r.type){case hr:try{Er(t,Lt(r.credential))}catch(t){this.logger.verbose(`Could not parse home account ID for CCS Header: '${t}'`,e.correlationId)}break;case dr:_r(t,r.credential)}return e.embeddedClientId&&Jr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.tokenBodyParameters&&Fr(t,e.tokenBodyParameters),!e.enableSpaAuthorizationCode||e.tokenBodyParameters&&e.tokenBodyParameters[fr]||Fr(t,{[fr]:"1"}),vr(t,e.correlationId,this.performanceClient),Yr(t)}createLogoutUrlQueryString(e){const t=new Map;return e.postLogoutRedirectUri&&function(e,t){e.set("post_logout_redirect_uri",t)}(t,e.postLogoutRedirectUri),e.correlationId&&Or(t,e.correlationId),e.idTokenHint&&function(e,t){e.set("id_token_hint",t)}(t,e.idTokenHint),e.state&&Nr(t,e.state),e.logoutHint&&function(e,t){e.set("logout_hint",t)}(t,e.logoutHint),e.extraQueryParameters&&Fr(t,e.extraQueryParameters),this.config.authOptions.instanceAware&&Dr(t),Yr(t)}}
|
|
63
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class oo extends xn{constructor(e,t){super(e,t)}async acquireToken(e){const t=hn(),r=await cn(this.executeTokenRequest.bind(this),"refreshTokenClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(e,this.authority),n=r.headers?.[le],o=new eo(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return o.validateTokenResponse(r.body,e.correlationId),cn(o.handleServerTokenResponse.bind(o),nn,this.logger,this.performanceClient,e.correlationId)(r.body,this.authority,t,e,void 0,void 0,!0,e.forceCache,n)}async acquireTokenByRefreshToken(e){if(!e)throw Ze(at);if(!e.account)throw i(b);if(this.cacheManager.isAppMetadataFOCI(e.account.environment,e.correlationId))try{return await cn(this.acquireTokenWithCachedRefreshToken.bind(this),Zr,this.logger,this.performanceClient,e.correlationId)(e,!0)}catch(t){const r=t instanceof Jn&&t.errorCode===Un,n=t instanceof Rn&&"invalid_grant"===t.errorCode&&"client_mismatch"===t.subError;if(r||n)return cn(this.acquireTokenWithCachedRefreshToken.bind(this),Zr,this.logger,this.performanceClient,e.correlationId)(e,!1);throw t}return cn(this.acquireTokenWithCachedRefreshToken.bind(this),Zr,this.logger,this.performanceClient,e.correlationId)(e,!1)}async acquireTokenWithCachedRefreshToken(e,t){const r=an(this.cacheManager.getRefreshToken.bind(this.cacheManager),"cacheManagerGetRefreshToken",this.logger,this.performanceClient,e.correlationId)(e.account,t,e.correlationId,void 0);if(!r)throw Gn(Un);if(r.expiresOn&&gn(r.expiresOn,e.refreshTokenExpirationOffsetSeconds||300))throw this.performanceClient?.addFields({rtExpiresOnMs:Number(r.expiresOn)},e.correlationId),Gn(Hn);const n={...e,refreshToken:r.secret,authenticationScheme:e.authenticationScheme||xe.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:hr}};try{return await cn(this.acquireToken.bind(this),"refreshTokenClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(n)}catch(t){if(t instanceof Jn&&(this.performanceClient?.addFields({rtExpiresOnMs:Number(r.expiresOn)},e.correlationId),t.subError===$n)){this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache",e.correlationId);const t=this.cacheManager.generateCredentialKey(r);this.cacheManager.removeRefreshToken(t,e.correlationId)}throw t}}async executeTokenRequest(e,t){const r=this.createTokenQueryParameters(e),n=_t.appendQueryString(t.tokenEndpoint,r),o=await cn(this.createTokenRequestBody.bind(this),"refreshTokenClientCreateTokenRequestBody",this.logger,this.performanceClient,e.correlationId)(e),i=this.createTokenRequestHeaders(e.ccsCredential),s=On(this.config.authOptions.clientId,e);return cn(this.executePostToTokenEndpoint.bind(this),"refreshTokenClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,e.correlationId)(n,o,i,s,e.correlationId)}async createTokenRequestBody(e){const t=new Map;if(Ar(t,e.embeddedClientId||e.tokenBodyParameters?.[ur]||this.config.authOptions.clientId),e.redirectUri&&br(t,e.redirectUri),Tr(t,e.scopes,!0,this.config.authOptions.authority.options.OIDCOptions?.defaultScopes),Hr(t,ke),Br(t),Mr(t,this.config.libraryInfo),qr(t,this.config.telemetry.application),Wr(t),this.serverTelemetryManager&&!lr(this.config)&&jr(t,this.serverTelemetryManager),function(e,t){e.set("refresh_token",t)}(t,e.refreshToken),this.config.clientCredentials.clientSecret&&xr(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Ur(t,await ro(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),Lr(t,r.assertionType)}if(e.authenticationScheme===xe.POP){const r=new Xn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await cn(r.generateCnf.bind(r),rn,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}$r(t,n)}else if(e.authenticationScheme===xe.SSH){if(!e.sshJwk)throw Ze(gt);zr(t,e.sshJwk)}if((!et.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Rr(t,e.claims,this.config.authOptions.clientCapabilities),this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case hr:try{Er(t,Lt(e.ccsCredential.credential))}catch(t){this.logger.verbose(`Could not parse home account ID for CCS Header: '${t}'`,e.correlationId)}break;case dr:_r(t,e.ccsCredential.credential)}return e.embeddedClientId&&Jr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.tokenBodyParameters&&Fr(t,e.tokenBodyParameters),vr(t,e.correlationId,this.performanceClient),Yr(t)}}
|
|
64
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class io extends xn{constructor(e,t){super(e,t)}async acquireCachedToken(e){let t=$e;if(e.forceRefresh||!et.isEmptyObj(e.claims))throw this.setCacheOutcome(ze,e.correlationId),i(R);if(!e.account)throw i(b);const r=e.account.tenantId||function(e){const t=new _t(e).getUrlComponents(),r=t.PathSegments.slice(-1)[0]?.toLowerCase();switch(r){case ue:case ge:case pe:return;default:return r}}(e.authority),n=this.cacheManager.getTokenKeys(),o=this.cacheManager.getAccessToken(e.account,e,n,r);if(!o)throw this.setCacheOutcome(je,e.correlationId),i(R);if(mn(o.cachedAt)||gn(o.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(We,e.correlationId),i(R);o.refreshOn&&gn(o.refreshOn,0)&&(t=Je);const s=e.authority||this.authority.getPreferredCache(),a={account:this.cacheManager.getAccount(this.cacheManager.generateAccountKey(e.account),e.correlationId),accessToken:o,idToken:this.cacheManager.getIdToken(e.account,e.correlationId,n,r),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(s,e.correlationId)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await cn(this.generateResultFromCacheRecord.bind(this),"silentFlowClientGenerateResultFromCacheRecord",this.logger,this.performanceClient,e.correlationId)(a,e),t]}setCacheOutcome(e,t){this.serverTelemetryManager?.setCacheOutcome(e),this.performanceClient?.addFields({cacheOutcome:e},t),e!==$e&&this.logger.info(`Token refresh is required due to cache outcome: '${e}'`,t)}async generateResultFromCacheRecord(e,t){let r;if(e.idToken&&(r=bt(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge||0===t.maxAge){const e=r?.auth_time;if(!e)throw i(w);St(e,t.maxAge)}return eo.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,this.performanceClient,r)}}
|
|
65
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */const so={sendGetRequestAsync:()=>Promise.reject(i(H)),sendPostRequestAsync:()=>Promise.reject(i(H))};
|
|
66
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */function ao(e,t,r,n){const o=t.correlationId,i=new Map;Ar(i,t.embeddedClientId||t.extraQueryParameters?.[ur]||e.clientId);if(Tr(i,[...t.scopes||[],...t.extraScopesToConsent||[]],!0,e.authority.options.OIDCOptions?.defaultScopes),br(i,t.redirectUri),Or(i,o),function(e,t){e.set("response_mode",t||Ie.QUERY)}(i,t.responseMode),Br(i),t.prompt&&(!function(e,t){e.set("prompt",t)}(i,t.prompt),n?.addFields({prompt:t.prompt},o)),t.domainHint&&(!function(e,t){e.set("domain_hint",t)}(i,t.domainHint),n?.addFields({domainHintFromRequest:!0},o)),t.prompt!==ye.SELECT_ACCOUNT)if(t.sid&&t.prompt===ye.NONE)r.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from request",t.correlationId),Pr(i,t.sid),n?.addFields({sidFromRequest:!0},o);else if(t.account){const e=(s=t.account,s.idTokenClaims?.sid||null);let a=function(e){return e.loginHint||e.idTokenClaims?.login_hint||null}
|
|
67
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */(t.account);if(a&&t.domainHint&&(r.warning('AuthorizationCodeClient.createAuthCodeUrlQueryString: "domainHint" param is set, skipping opaque "login_hint" claim. Please consider not passing domainHint',t.correlationId),a=null),a){r.verbose("createAuthCodeUrlQueryString: login_hint claim present on account",t.correlationId),Sr(i,a),n?.addFields({loginHintFromClaim:!0},o);try{Er(i,Lt(t.account.homeAccountId))}catch(e){r.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header",t.correlationId)}}else if(e&&t.prompt===ye.NONE){r.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from account",t.correlationId),Pr(i,e),n?.addFields({sidFromClaim:!0},o);try{Er(i,Lt(t.account.homeAccountId))}catch(e){r.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header",t.correlationId)}}else if(t.loginHint)r.verbose("createAuthCodeUrlQueryString: Adding login_hint from request",t.correlationId),Sr(i,t.loginHint),_r(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o);else if(t.account.username){r.verbose("createAuthCodeUrlQueryString: Adding login_hint from account",t.correlationId),Sr(i,t.account.username),n?.addFields({loginHintFromUpn:!0},o);try{Er(i,Lt(t.account.homeAccountId))}catch(e){r.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header",t.correlationId)}}}else t.loginHint&&(r.verbose("createAuthCodeUrlQueryString: No account, adding login_hint from request",t.correlationId),Sr(i,t.loginHint),_r(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o));else r.verbose("createAuthCodeUrlQueryString: Prompt is select_account, ignoring account hints",t.correlationId);var s;return t.nonce&&function(e,t){e.set("nonce",t)}(i,t.nonce),t.state&&Nr(i,t.state),(t.claims||e.clientCapabilities&&e.clientCapabilities.length>0)&&Rr(i,t.claims,e.clientCapabilities),t.embeddedClientId&&Jr(i,e.clientId,e.redirectUri),!e.instanceAware||t.extraQueryParameters&&Object.keys(t.extraQueryParameters).includes(Ir)||Dr(i),i}function co(e,t){const r=Yr(t);return _t.appendQueryString(e.authorizationEndpoint,r)}function lo(e,t){if(!e.state||!t)throw e.state?i(f,"Cached State"):i(f,"Server State");let r,n;try{r=decodeURIComponent(e.state)}catch(t){throw i(p,e.state)}try{n=decodeURIComponent(t)}catch(t){throw i(p,e.state)}if(r!==n)throw i(m);if(e.error||e.error_description||e.suberror){const t=function(e){const t="code=",r=e.error_uri?.lastIndexOf(t);return r&&r>=0?e.error_uri?.substring(r+t.length):void 0}(e);if(Qn(e.error,e.error_description,e.suberror))throw new Jn(e.error||"",e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",t);throw new Rn(e.error||"",e.error_description,e.suberror,t)}}
|
|
68
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
69
|
+
const ho="unexpected_error";var uo=Object.freeze({__proto__:null,postRequestFailed:"post_request_failed",unexpectedError:ho});
|
|
70
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */function go(e){const{skus:t,libraryName:r,libraryVersion:n,extensionName:o,extensionVersion:i}=e,s=new Map([[0,[r,n]],[2,[o,i]]]);let a=[];if(t?.length){if(a=t.split(","),a.length<4)return t}else a=Array.from({length:4},(()=>"|"));return s.forEach(((e,t)=>{2===e.length&&e[0]?.length&&e[1]?.length&&function(e){const{skuArr:t,index:r,skuName:n,skuVersion:o}=e;if(r>=t.length)return;t[r]=[n,o].join("|")}({skuArr:a,index:t,skuName:e[0],skuVersion:e[1]})})),a.join(",")}class po{constructor(e,t){this.cacheOutcome=$e,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||"",this.wrapperVer=e.wrapperVer||"",this.telemetryCacheKey=qe+"-"+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${Ne}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],r=this.getNativeBrokerErrorCode();r?.length&&t.push(`broker_error=${r}`);const n=t.join(Ne),o=[e,this.getRegionDiscoveryFields()].join(Ne);return[Me,o,n].join("|")}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=po.maxErrorsToSend(e),r=e.failedRequests.slice(0,2*t).join(Ne),n=e.errors.slice(0,t).join(Ne),o=e.errors.length,i=[o,t<o?"1":"0"].join(Ne);return[Me,e.cacheHits,r,n,i].join("|")}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=50&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof r?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push("unknown_error"),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId),e.cacheHits}getLastRequests(){return this.cacheManager.getServerTelemetry(this.telemetryCacheKey,this.correlationId)||{failedRequests:[],errors:[],cacheHits:0}}clearTelemetryCache(){const e=this.getLastRequests(),t=po.maxErrorsToSend(e);if(t===e.errors.length)this.cacheManager.removeItem(this.telemetryCacheKey,this.correlationId);else{const r={failedRequests:e.failedRequests.slice(2*t),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,r,this.correlationId)}}static maxErrorsToSend(e){let t,r=0,n=0;const o=e.errors.length;for(t=0;t<o;t++){const o=e.failedRequests[2*t]||"",i=e.failedRequests[2*t+1]||"",s=e.errors[t]||"";if(n+=o.toString().length+i.toString().length+s.length+3,!(n<330))break;r+=1}return r}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||""),e.push(this.regionSource||""),e.push(this.regionOutcome||""),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId)}static makeExtraSkuString(e){return go(e)}}
|
|
71
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */class mo extends r{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,mo.prototype)}}function fo(e){return new mo(e)}
|
|
72
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
73
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */
|
|
74
|
+
class yo{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw fo("missing_kid_error");if(!e.alg)throw fo("missing_alg_error");const t=new yo({typ:e.typ||Qe.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}
|
|
75
|
+
/*! @azure/msal-common v16.0.0-alpha.0 2025-10-02 */function wo(e,t,n,o=5){if(e instanceof Error)return e instanceof r?(n.errorCode=e.errorCode,n.subErrorCode=e.subError,void((e instanceof Rn||e instanceof Jn)&&(n.serverErrorNo=e.errorNo))):void(e instanceof Nt?n.errorCode=e.errorCode:n.errorStack?.length?t.trace("PerformanceClient.addErrorStack: Stack already exist",n.correlationId):e.stack?.length?(e.stack&&(n.errorStack=function(e,t){if(t<0)return[];const r=e.split("\n")||[],n=[],o=r[0];o.startsWith("TypeError: Cannot read property")||o.startsWith("TypeError: Cannot read properties of")||o.startsWith("TypeError: Cannot set property")||o.startsWith("TypeError: Cannot set properties of")||o.endsWith("is not a function")?n.push(Co(o)):(o.startsWith("SyntaxError")||o.startsWith("TypeError"))&&n.push(Co(o.replace(/['].*[']|["].*["]/g,"<redacted>")));for(let e=1;e<r.length&&!(n.length>=t);e++){const t=r[e];n.push(Co(t))}return n}(e.stack,o)),n.errorName=e.name):t.trace("PerformanceClient.addErrorStack: Input stack is empty",n.correlationId));t.trace("PerformanceClient.addErrorStack: Input error is not instance of Error",n.correlationId)}function Co(e){const t=e.lastIndexOf(" ")+1;if(t<1)return e;const r=e.substring(t);let n=r.lastIndexOf("/");return n=n<0?r.lastIndexOf("\\"):n,n>=0?(e.substring(0,t)+"("+r.substring(n+1)+(")"===r.charAt(r.length-1)?"":")")).trimStart():e.trimStart()}class Io{constructor(e,t,r,n,o,i,s){this.authority=t,this.libraryName=n,this.libraryVersion=o,this.applicationTelemetry=i,this.clientId=e,this.logger=r,this.callbacks=new Map,this.eventsByCorrelationId=new Map,this.eventStack=new Map,this.intFields=s||new Set;for(const e of er)this.intFields.add(e)}startMeasurement(e,t){const r=t||this.generateId();t||this.logger.info(`PerformanceClient: No correlation id provided for '${e}', generating`,r),this.logger.trace(`PerformanceClient: Performance measurement started for '${e}'`,r);const n={eventId:this.generateId(),status:Xt,authority:this.authority,libraryName:this.libraryName,libraryVersion:this.libraryVersion,clientId:this.clientId,name:e,startTimeMs:Date.now(),correlationId:r,appName:this.applicationTelemetry?.appName,appVersion:this.applicationTelemetry?.appVersion};var o,i;return this.cacheEventByCorrelationId(n),o=n,(i=this.eventStack.get(r))&&i.push({name:o.name}),{end:(e,t)=>this.endMeasurement({...n,...e},t),discard:()=>this.discardMeasurements(n.correlationId),add:e=>this.addFields(e,n.correlationId),increment:e=>this.incrementFields(e,n.correlationId),event:n}}endMeasurement(e,t){const n=this.eventsByCorrelationId.get(e.correlationId);if(!n)return this.logger.trace(`PerformanceClient: Measurement not found for '${e.eventId}'`,e.correlationId),null;const o=e.eventId===n.eventId;e.durationMs=Math.round(e.durationMs||this.getDurationMs(e.startTimeMs));const i=JSON.stringify(function(e,t,n){if(!t?.length)return;const o=e=>e.length?e[e.length-1]:void 0,i=e.name,s=o(t);if(s?.name!==i)return;const a=t?.pop();if(!a)return;const c=n instanceof r?n.errorCode:n instanceof Error?n.name:void 0,l=n instanceof r?n.subError:void 0;c&&a.childErr!==c&&(a.err=c,l&&(a.subErr=l)),delete a.name,delete a.childErr;const h={...a,dur:e.durationMs};e.success||(h.fail=1);const d=o(t);if(!d)return{[i]:h};let u;if(c&&(d.childErr=c),d[i]){const e=Object.keys(d).filter((e=>e.startsWith(i))).length;u=`${i}_${e+1}`}else u=i;return d[u]=h,d}(e,this.eventStack.get(n.correlationId),t));if(o?this.discardMeasurements(n.correlationId):n.incompleteSubMeasurements?.delete(e.eventId),this.logger.trace(`PerformanceClient: Performance measurement ended for '${e.name}': '${e.durationMs}' ms`,e.correlationId),t&&wo(t,this.logger,n),!o)return n[e.name+"DurationMs"]=Math.floor(e.durationMs),{...n};o&&!t&&(n.errorCode||n.subErrorCode)&&(this.logger.trace(`PerformanceClient: Remove error and sub-error codes for root event '${e.name}' as intermediate error was successfully handled`,e.correlationId),n.errorCode=void 0,n.subErrorCode=void 0);let s={...n,...e},a=0;return s.incompleteSubMeasurements?.forEach((t=>{this.logger.trace(`PerformanceClient: Incomplete submeasurement '${t.name}' found for '${e.name}'`,s.correlationId),a++})),s.incompleteSubMeasurements=void 0,s={...s,status:Zt,incompleteSubsCount:a,context:i},this.truncateIntegralFields(s),this.emitEvents([s],e.correlationId),s}addFields(e,t){this.logger.trace("PerformanceClient: Updating static fields",t);const r=this.eventsByCorrelationId.get(t);r?this.eventsByCorrelationId.set(t,{...r,...e}):this.logger.trace("PerformanceClient: Event not found for",t)}incrementFields(e,t){this.logger.trace("PerformanceClient: Updating counters",t);const r=this.eventsByCorrelationId.get(t);if(r)for(const t in e){if(r.hasOwnProperty(t)){if(isNaN(Number(r[t])))return}else r[t]=0;r[t]+=e[t]}else this.logger.trace("PerformanceClient: Event not found for",t)}cacheEventByCorrelationId(e){const t=this.eventsByCorrelationId.get(e.correlationId);t?(this.logger.trace(`PerformanceClient: Performance measurement for '${e.name}' added/updated`,e.correlationId),t.incompleteSubMeasurements=t.incompleteSubMeasurements||new Map,t.incompleteSubMeasurements.set(e.eventId,{name:e.name,startTimeMs:e.startTimeMs})):(this.logger.trace(`PerformanceClient: Performance measurement for '${e.name}' started`,e.correlationId),this.eventsByCorrelationId.set(e.correlationId,{...e}),this.eventStack.set(e.correlationId,[]))}discardMeasurements(e){this.logger.trace("PerformanceClient: Performance measurements discarded",e),this.eventsByCorrelationId.delete(e),this.logger.trace("PerformanceClient: Event stack discarded",e),this.eventStack.delete(e)}addPerformanceCallback(e){for(const[t,r]of this.callbacks)if(r.toString()===e.toString())return this.logger.warning(`PerformanceClient: Performance callback is already registered with id: ${t}`,""),t;const t=this.generateId();return this.callbacks.set(t,e),this.logger.verbose(`PerformanceClient: Performance callback registered with id: '${t}'`,""),t}removePerformanceCallback(e){const t=this.callbacks.delete(e);return t?this.logger.verbose(`PerformanceClient: Performance callback '${e}' removed.`,""):this.logger.verbose(`PerformanceClient: Performance callback '${e}' not removed.`,""),t}emitEvents(e,t){this.logger.verbose("PerformanceClient: Emitting performance events",t),this.callbacks.forEach(((r,n)=>{this.logger.trace(`PerformanceClient: Emitting event to callback '${n}'`,t),r.apply(null,[e])}))}truncateIntegralFields(e){this.intFields.forEach((t=>{t in e&&"number"==typeof e[t]&&(e[t]=Math.floor(e[t]))}))}getDurationMs(e){const t=Date.now()-e;return t<0?t:0}}const vo="pkce_not_created",ko="ear_jwk_empty",To="ear_jwe_empty",Ao="crypto_nonexistent",bo="empty_navigate_uri",So="hash_empty_error",_o="no_state_in_hash",Eo="hash_does_not_contain_known_properties",Po="unable_to_parse_state",Ro="state_interaction_type_mismatch",Oo="interaction_in_progress",Mo="popup_window_error",qo="empty_window_error",No="user_cancelled",xo="monitor_window_timeout",Uo="redirect_in_iframe",Lo="block_iframe_reload",Ho="block_nested_popups",Bo="silent_logout_unsupported",Do="no_account_error",Fo="no_token_request_cache_error",Ko="unable_to_parse_token_request_cache_error",$o="non_browser_environment",zo="database_not_open",jo="no_network_connectivity",Wo="post_request_failed",Jo="get_request_failed",Qo="failed_to_parse_response",Go="unable_to_load_token",Vo="crypto_key_not_found",Yo="auth_code_required",Xo="auth_code_or_nativeAccountId_required",Zo="spa_code_and_nativeAccountId_present",ei="database_unavailable",ti="unable_to_acquire_token_from_native_platform",ri="native_handshake_timeout",ni="native_extension_not_installed",oi="native_connection_not_established",ii="uninitialized_public_client_application",si="native_prompt_not_supported",ai="invalid_base64_string",ci="invalid_pop_token_request",li="failed_to_build_headers",hi="failed_to_parse_headers",di="failed_to_decrypt_ear_response",ui="timed_out";var gi=Object.freeze({__proto__:null,authCodeOrNativeAccountIdRequired:Xo,authCodeRequired:Yo,authRequestNotSetError:"auth_request_not_set_error",blockIframeReload:Lo,blockNestedPopups:Ho,cryptoKeyNotFound:Vo,cryptoNonExistent:Ao,databaseNotOpen:zo,databaseUnavailable:ei,earJweEmpty:To,earJwkEmpty:ko,emptyNavigateUri:bo,emptyWindowError:qo,failedToBuildHeaders:li,failedToDecryptEarResponse:di,failedToParseHeaders:hi,failedToParseResponse:Qo,getRequestFailed:Jo,hashDoesNotContainKnownProperties:Eo,hashEmptyError:So,iframeClosedPrematurely:"iframe_closed_prematurely",interactionInProgress:Oo,invalidBase64String:ai,invalidCacheType:"invalid_cache_type",invalidPopTokenRequest:ci,monitorPopupTimeout:"monitor_popup_timeout",monitorWindowTimeout:xo,nativeConnectionNotEstablished:oi,nativeExtensionNotInstalled:ni,nativeHandshakeTimeout:ri,nativePromptNotSupported:si,noAccountError:Do,noNetworkConnectivity:jo,noStateInHash:_o,noTokenRequestCacheError:Fo,nonBrowserEnvironment:$o,pkceNotCreated:vo,popupWindowError:Mo,postRequestFailed:Wo,redirectInIframe:Uo,silentLogoutUnsupported:Bo,silentPromptValueError:"silent_prompt_value_error",spaCodeAndNativeAccountIdPresent:Zo,stateInteractionTypeMismatch:Ro,timedOut:ui,unableToAcquireTokenFromNativePlatform:ti,unableToLoadToken:Go,unableToParseState:Po,unableToParseTokenRequestCacheError:Ko,uninitializedPublicClientApplication:ii,userCancelled:No});function pi(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class mi extends r{constructor(e,t){super(e,pi(e),t),Object.setPrototypeOf(this,mi.prototype),this.name="BrowserAuthError"}}function fi(e,t){return new mi(e,t)}const yi="invalid_grant",wi=483,Ci=600,Ii="msal",vi=30,ki="msal.js.browser",Ti="53ee284d-920a-4b59-9d30-a60315b26836",Ai="ppnbnpeolgkicgegkbkbjmhlideopiji",bi="MATS",Si="MicrosoftEntra",_i="DOM API",Ei="get-token-and-sign-out",Pi="PlatformAuthDOMHandler",Ri="PlatformAuthExtensionHandler",Oi="Handshake",Mi="HandshakeResponse",qi="GetToken",Ni="Response",xi={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},Ui="GET",Li="POST",Hi="signin",Bi="signout",Di="request.origin",Fi="urlHash",Ki="request.params",$i="code.verifier",zi="interaction.status",ji="request.native",Wi="wrapper.sku",Ji="wrapper.version",Qi={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962};var Gi;e.InteractionType=void 0,(Gi=e.InteractionType||(e.InteractionType={})).Redirect="redirect",Gi.Popup="popup",Gi.Silent="silent",Gi.None="none";const Vi={Startup:"startup",Logout:"logout",AcquireToken:"acquireToken",HandleRedirect:"handleRedirect",None:"none"},Yi={scopes:te},Xi="msal.db",Zi=`${Xi}.keys`,es={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},ts=[es.Default,es.Skip,es.RefreshTokenAndNetwork];function rs(e){return encodeURIComponent(os(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function ns(e){return is(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function os(e){return is((new TextEncoder).encode(e))}function is(e){const t=Array.from(e,(e=>String.fromCodePoint(e))).join("");return btoa(t)}function ss(e){return(new TextDecoder).decode(as(e))}function as(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw fi(ai)}const r=atob(t);return Uint8Array.from(r,(e=>e.codePointAt(0)||0))}const cs="AES-GCM",ls="HKDF",hs="SHA-256",ds=new Uint8Array([1,0,1]),us="0123456789abcdef",gs=new Uint32Array(1),ps="raw",ms="encrypt",fs="decrypt",ys={name:"RSASSA-PKCS1-v1_5",hash:hs,modulusLength:2048,publicExponent:ds};async function ws(e){const t=(new TextEncoder).encode(e);return window.crypto.subtle.digest(hs,t)}function Cs(e){return window.crypto.getRandomValues(e)}function Is(){return window.crypto.getRandomValues(gs),gs[0]}function vs(){const e=Date.now(),t=1024*Is()+(1023&Is()),r=new Uint8Array(16),n=Math.trunc(t/2**30),o=t&2**30-1,i=Is();r[0]=e/2**40,r[1]=e/2**32,r[2]=e/2**24,r[3]=e/65536,r[4]=e/256,r[5]=e,r[6]=112|n>>>8,r[7]=n,r[8]=128|o>>>24,r[9]=o>>>16,r[10]=o>>>8,r[11]=o,r[12]=i>>>24,r[13]=i>>>16,r[14]=i>>>8,r[15]=i;let s="";for(let e=0;e<r.length;e++)s+=us.charAt(r[e]>>>4),s+=us.charAt(15&r[e]),3!==e&&5!==e&&7!==e&&9!==e||(s+="-");return s}async function ks(e){return window.crypto.subtle.exportKey("jwk",e)}async function Ts(){const e=await bs(),t={alg:"dir",kty:"oct",k:ns(new Uint8Array(e))};return os(JSON.stringify(t))}async function As(e,t){const r=t.split(".");if(5!==r.length)throw fi(di,"jwe_length");const n=await async function(e){const t=ss(e),r=as(JSON.parse(t).k);return window.crypto.subtle.importKey(ps,r,cs,!1,[fs])}(e).catch((()=>{throw fi(di,"import_key")}));try{const e=(new TextEncoder).encode(r[0]),t=as(r[2]),o=as(r[3]),i=as(r[4]),s=8*i.byteLength,a=new Uint8Array(o.length+i.length);a.set(o),a.set(i,o.length);const c=await window.crypto.subtle.decrypt({name:cs,iv:t,tagLength:s,additionalData:e},n,a);return(new TextDecoder).decode(c)}catch(e){throw fi(di,"decrypt")}}async function bs(){const e=await window.crypto.subtle.generateKey({name:cs,length:256},!0,[ms,fs]);return window.crypto.subtle.exportKey(ps,e)}async function Ss(e){return window.crypto.subtle.importKey(ps,e,ls,!1,["deriveKey"])}async function _s(e,t,r){return window.crypto.subtle.deriveKey({name:ls,salt:t,hash:hs,info:(new TextEncoder).encode(r)},e,{name:cs,length:256},!1,[ms,fs])}async function Es(e,t,r){const n=(new TextEncoder).encode(t),o=window.crypto.getRandomValues(new Uint8Array(16)),i=await _s(e,o,r),s=await window.crypto.subtle.encrypt({name:cs,iv:new Uint8Array(12)},i,n);return{data:ns(new Uint8Array(s)),nonce:ns(o)}}async function Ps(e,t,r,n){const o=as(n),i=await _s(e,as(t),r),s=await window.crypto.subtle.decrypt({name:cs,iv:new Uint8Array(12)},i,o);return(new TextDecoder).decode(s)}const Rs="storage_not_supported",Os="stubbed_public_client_application_called";class Ms extends r{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,Ms.prototype)}}function qs(e){return new Ms(e,pi(e))}function Ns(e){e.location.hash="","function"==typeof e.history.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}${e.location.search}`)}function xs(e){const t=e.split("#");t.shift(),window.location.hash=t.length>0?t.join("#"):""}function Us(){return window.parent!==window}function Ls(){return"undefined"!=typeof window&&!!window.opener&&window.opener!==window&&"string"==typeof window.name&&0===window.name.indexOf(`${Ii}.`)}function Hs(){return"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function Bs(){const e=new _t(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function Ds(){if(Vr(window.location.hash)&&Us())throw fi(Lo)}function Fs(e){if(Us()&&!e)throw fi(Uo)}function Ks(){if(Ls())throw fi(Ho)}function $s(){if("undefined"==typeof window)throw fi($o)}function zs(e){if(!e)throw fi(ii)}function js(e){$s(),Ds(),Ks(),zs(e)}function Ws(e,t){if(js(e),Fs(t.system.allowRedirectInIframe),t.cache.cacheLocation===xi.MemoryStorage)throw qs("in_mem_redirect_unavailable")}function Js(e){const t=document.createElement("link");t.rel="preconnect",t.href=new URL(e).origin,t.crossOrigin="anonymous",document.head.appendChild(t),window.setTimeout((()=>{try{document.head.removeChild(t)}catch{}}),1e4)}function Qs(){return vs()}const Gs=Kr;var Vs=Object.freeze({__proto__:null,addClientCapabilitiesToClaims:Gs,blockAPICallsBeforeInitialize:zs,blockAcquireTokenInPopups:Ks,blockNonBrowserEnvironment:$s,blockRedirectInIframe:Fs,blockReloadInHiddenIframes:Ds,clearHash:Ns,createGuid:Qs,getCurrentUri:Hs,getHomepage:Bs,invoke:an,invokeAsync:cn,isInIframe:Us,isInPopup:Ls,preconnect:Js,preflightCheck:js,redirectPreflightCheck:Ws,replaceHash:xs});class Ys{navigateInternal(e,t){return Ys.defaultNavigateWindow(e,t)}navigateExternal(e,t){return Ys.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(((e,r)=>{setTimeout((()=>{r(fi(ui,"failed_to_redirect"))}),t.timeout)}))}}class Xs{async sendGetRequestAsync(e,t){let r,n={},o=0;const i=Zs(t);try{r=await fetch(e,{method:Ui,headers:i})}catch(e){throw Nn(fi(window.navigator.onLine?Jo:jo),void 0,void 0,e)}n=ea(r.headers);try{return o=r.status,{headers:n,body:await r.json(),status:o}}catch(e){throw Nn(fi(Qo),o,n,e)}}async sendPostRequestAsync(e,t){const r=t&&t.body||"",n=Zs(t);let o,i=0,s={};try{o=await fetch(e,{method:Li,headers:n,body:r})}catch(e){throw Nn(fi(window.navigator.onLine?Wo:jo),void 0,void 0,e)}s=ea(o.headers);try{return i=o.status,{headers:s,body:await o.json(),status:i}}catch(e){throw Nn(fi(Qo),i,s,e)}}}function Zs(e){try{const t=new Headers;if(!e||!e.headers)return t;const r=e.headers;return Object.entries(r).forEach((([e,r])=>{t.append(e,r)})),t}catch(e){throw Nn(fi(li),void 0,void 0,e)}}function ea(e){try{const t={};return e.forEach(((e,r)=>{t[r]=e})),t}catch(e){throw fi(hi)}}const ta=1e4;function ra({auth:t,cache:r,system:n,telemetry:o},i){const s={clientId:"",authority:`${z}`,knownAuthorities:[],cloudDiscoveryMetadata:"",authorityMetadata:"",redirectUri:"undefined"!=typeof window?Hs():"",postLogoutRedirectUri:"",clientCapabilities:[],OIDCOptions:{responseMode:Ie.FRAGMENT,defaultScopes:[Q,G,V]},azureCloudOptions:{azureCloudInstance:Ye.None,tenant:""},instanceAware:!1},a={cacheLocation:xi.SessionStorage,cacheRetentionDays:5},c={loggerCallback:()=>{},logLevel:e.LogLevel.Info,piiLoggingEnabled:!1},l={...{...rr,loggerOptions:c,networkClient:i?new Xs:so,navigationClient:new Ys,loadFrameTimeout:0,windowHashTimeout:n?.loadFrameTimeout||6e4,iframeHashTimeout:n?.loadFrameTimeout||ta,redirectNavigationTimeout:3e4,allowRedirectInIframe:!1,navigatePopups:!0,allowPlatformBroker:!1,nativeBrokerHandshakeTimeout:n?.nativeBrokerHandshakeTimeout||2e3,pollIntervalMilliseconds:vi,protocolMode:$t.AAD},...n,loggerOptions:n?.loggerOptions||c},h={application:{appName:"",appVersion:""},client:new tr};if(n?.protocolMode!==$t.OIDC&&t?.OIDCOptions){new $(l.loggerOptions).warning(JSON.stringify(Ze(yt)),"")}if(n?.protocolMode&&n.protocolMode===$t.OIDC&&l?.allowPlatformBroker)throw Ze(wt);return{auth:{...s,...t,OIDCOptions:{...s.OIDCOptions,...t?.OIDCOptions}},cache:{...a,...r},system:l,telemetry:{...h,...o}}}const na="@azure/msal-browser",oa="5.0.0-alpha.0",ia="msal",sa="browser",aa=`${ia}.${sa}.log.level`,ca=`${ia}.${sa}.log.pii`,la=`${ia}.${sa}.performance.enabled`,ha=`${ia}.${sa}.platform.auth.dom`,da=`${ia}.version`,ua="account.keys",ga="token.keys";function pa(e=1){return e<1?`${ia}.${ua}`:`${ia}.${e}.${ua}`}function ma(e,t=1){return t<1?`${ia}.${ga}.${e}`:`${ia}.${t}.${ga}.${e}`}class fa{static loggerCallback(t,r){switch(t){case e.LogLevel.Error:return void console.error(r);case e.LogLevel.Info:return void console.info(r);case e.LogLevel.Verbose:return void console.debug(r);case e.LogLevel.Warning:return void console.warn(r);default:return void console.log(r)}}constructor(t){let r;this.browserEnvironment="undefined"!=typeof window,this.config=ra(t,this.browserEnvironment);try{r=window[xi.SessionStorage]}catch(e){}const n=r?.getItem(aa),o=r?.getItem(ca)?.toLowerCase(),i="true"===o||"false"!==o&&void 0,s={...this.config.system.loggerOptions},a=n&&Object.keys(e.LogLevel).includes(n)?e.LogLevel[n]:void 0;a&&(s.loggerCallback=fa.loggerCallback,s.logLevel=a),void 0!==i&&(s.piiLoggingEnabled=i),this.logger=new $(s,na,oa),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}const ya="USER_INTERACTION_REQUIRED",wa="USER_CANCEL",Ca="NO_NETWORK",Ia="TRANSIENT_ERROR",va="PERSISTENT_ERROR",ka="DISABLED",Ta="ACCOUNT_UNAVAILABLE",Aa="NESTED_APP_AUTH_UNAVAILABLE";class ba{static async initializeNestedAppAuthBridge(){if(void 0===window)throw new Error("window is undefined");if(void 0===window.nestedAppAuthBridge)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",(e=>{const t="string"==typeof e?e:e.data,r=JSON.parse(t),n=ba.bridgeRequests.find((e=>e.requestId===r.requestId));void 0!==n&&(ba.bridgeRequests.splice(ba.bridgeRequests.indexOf(n),1),r.success?n.resolve(r):n.reject(r.error))}));const e=await new Promise(((e,t)=>{const r=ba.buildRequest("GetInitContext"),n={requestId:r.requestId,method:r.method,resolve:e,reject:t};ba.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}));return ba.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:ba.validateBridgeResultOrThrow(r.token),account:ba.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:vs(),sendTime:Date.now(),clientLibrary:ki,clientLibraryVersion:oa,...t}}sendRequest(e,t){const r=ba.buildRequest(e,t);return new Promise(((e,t)=>{const n={requestId:r.requestId,method:r.method,resolve:e,reject:t};ba.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}))}static validateBridgeResultOrThrow(e){if(void 0===e){throw{status:Aa}}return e}constructor(e,t,r,n){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=n}static async create(){const e=await ba.initializeNestedAppAuthBridge();return new ba(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}ba.bridgeRequests=[];class Sa extends fa{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return Sa.MODULE_NAME}getId(){return Sa.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(e){try{if("undefined"!=typeof window){"function"==typeof window.__initializeNestedAppAuth&&await window.__initializeNestedAppAuth();const e=await ba.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=void 0!==e}}catch(t){this.logger.infoPii(`Could not initialize Nested App Auth bridge ('${t}')`,e)}return this.logger.info(`Nested App Auth Bridge available: '${this.available}'`,e),this.available}}Sa.MODULE_NAME="",Sa.ID="NestedAppOperatingContext";class _a extends fa{getModuleName(){return _a.MODULE_NAME}getId(){return _a.ID}async initialize(e){return this.available="undefined"!=typeof window,this.available}}_a.MODULE_NAME="",_a.ID="StandardOperatingContext";const Ea="standardInteractionClientGetDiscoveredAuthority",Pa="nativeInteractionClientAcquireToken",Ra="acquireTokenBySilentIframe",Oa="initializeBaseRequest",Ma="silentIframeClientTokenHelper",qa="silentHandlerInitiateAuthRequest",Na="silentHandlerMonitorIframeForHash",xa="standardInteractionClientCreateAuthCodeClient",Ua="standardInteractionClientGetClientConfiguration",La="standardInteractionClientInitializeAuthorizationRequest",Ha="handleResponseEar",Ba="handleResponsePlatformBroker",Da="handleResponseCode",Fa="deserializeResponse",Ka="generatePkceCodes",$a="generateHKDF",za="decrypt",ja="generateEarKey";class Wa{constructor(){this.dbName=Xi,this.version=1,this.tableName=Zi,this.dbOpen=!1}async open(){return new Promise(((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",(e=>{e.target.result.createObjectStore(this.tableName)})),r.addEventListener("success",(t=>{const r=t;this.db=r.target.result,this.dbOpen=!0,e()})),r.addEventListener("error",(()=>t(fi(ei))))}))}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(fi(zo));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async setItem(e,t){return await this.validateDbIsOpen(),new Promise(((r,n)=>{if(!this.db)return n(fi(zo));const o=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);o.addEventListener("success",(()=>{this.closeConnection(),r()})),o.addEventListener("error",(e=>{this.closeConnection(),n(e)}))}))}async removeItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(fi(zo));const n=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);n.addEventListener("success",(()=>{this.closeConnection(),t()})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async getKeys(){return await this.validateDbIsOpen(),new Promise(((e,t)=>{if(!this.db)return t(fi(zo));const r=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();r.addEventListener("success",(t=>{const r=t;this.closeConnection(),e(r.target.result)})),r.addEventListener("error",(e=>{this.closeConnection(),t(e)}))}))}async containsKey(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(fi(zo));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(1===r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise(((e,t)=>{const r=window.indexedDB.deleteDatabase(Xi),n=setTimeout((()=>t(!1)),200);r.addEventListener("success",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("blocked",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("error",(()=>(clearTimeout(n),t(!1))))}))}}class Ja{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)||null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach(((t,r)=>{e.push(r)})),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}decryptData(){return Promise.resolve(null)}}class Qa{constructor(e){this.inMemoryCache=new Ja,this.indexedDBCache=new Wa,this.logger=e}handleDatabaseAccessError(e,t){if(!(e instanceof mi&&e.errorCode===ei))throw e;this.logger.error("Could not access persistent storage. This may be caused by browser privacy features which block persistent storage in third-party contexts.",t)}async getItem(e,t){const r=this.inMemoryCache.getItem(e);if(!r)try{return this.logger.verbose("Queried item not found in in-memory cache, now querying persistent storage.",t),await this.indexedDBCache.getItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}async setItem(e,t,r){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(e){this.handleDatabaseAccessError(e,r)}}async removeItem(e,t){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}}async getKeys(e){const t=this.inMemoryCache.getKeys();if(0===t.length)try{return this.logger.verbose("In-memory cache is empty, now querying persistent storage.",e),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t,e)}return t}async containsKey(e,t){const r=this.inMemoryCache.containsKey(e);if(!r)try{return this.logger.verbose("Key not found in in-memory cache, now querying persistent storage.",t),await this.indexedDBCache.containsKey(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}clearInMemory(e){this.logger.verbose("Deleting in-memory keystore",e),this.inMemoryCache.clear(),this.logger.verbose("In-memory keystore deleted",e)}async clearPersistent(e){try{this.logger.verbose("Deleting persistent keystore",e);const t=await this.indexedDBCache.deleteDatabase();return t&&this.logger.verbose("Persistent keystore deleted",e),t}catch(t){return this.handleDatabaseAccessError(t,e),!1}}}class Ga{constructor(e,t,r){this.logger=e,function(e){if(!window)throw fi($o);if(!window.crypto)throw fi(Ao);if(!e&&!window.crypto.subtle)throw fi(Ao,"crypto_subtle_undefined")}(r??!1),this.cache=new Qa(this.logger),this.performanceClient=t}createNewGuid(){return vs()}base64Encode(e){return os(e)}base64Decode(e){return ss(e)}base64UrlEncode(e){return rs(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){const t=this.performanceClient?.startMeasurement("cryptoOptsGetPublicKeyThumbprint",e.correlationId),r=await async function(e,t){return window.crypto.subtle.generateKey(ys,e,t)}(Ga.EXTRACTABLE,Ga.POP_KEY_USAGES),n=await ks(r.publicKey),o=Va({e:n.e,kty:n.kty,n:n.n}),i=await this.hashString(o),s=await ks(r.privateKey),a=await async function(e,t,r){return window.crypto.subtle.importKey("jwk",e,ys,t,r)}(s,!1,["sign"]);return await this.cache.setItem(i,{privateKey:a,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri},e.correlationId),t&&t.end({success:!0}),i}async removeTokenBindingKey(e,t){await this.cache.removeItem(e,t);if(await this.cache.containsKey(e,t))throw i(q)}async clearKeystore(e){this.cache.clearInMemory(e);try{return await this.cache.clearPersistent(e),!0}catch(t){return t instanceof Error?this.logger.error(`Clearing keystore failed with error: '${t.message}'`,e):this.logger.error("Clearing keystore failed with unknown error",e),!1}}async signJwt(e,t,r,n){const o=this.performanceClient?.startMeasurement("cryptoOptsSignJwt",n),i=await this.cache.getItem(t,n||"");if(!i)throw fi(Vo);const s=await ks(i.publicKey),a=Va(s),c=rs(JSON.stringify({kid:t})),l=rs(yo.getShrHeaderString({...r?.header,alg:s.alg,kid:c}));e.cnf={jwk:JSON.parse(a)};const h=`${l}.${rs(JSON.stringify(e))}`,d=(new TextEncoder).encode(h),u=await async function(e,t){return window.crypto.subtle.sign(ys,e,t)}(i.privateKey,d),g=`${h}.${ns(new Uint8Array(u))}`;return o&&o.end({success:!0}),g}async hashString(e){return async function(e){const t=await ws(e);return ns(new Uint8Array(t))}(e)}}function Va(e){return JSON.stringify(e,Object.keys(e).sort())}Ga.POP_KEY_USAGES=["sign","verify"],Ga.EXTRACTABLE=!0;const Ya="acquireTokenSilent",Xa="acquireTokenByCode",Za="acquireTokenPopup",ec="acquireTokenPreRedirect",tc="acquireTokenRedirect",rc="ssoSilent",nc="initializeClientApplication",oc="localStorageUpdated";var ic=Object.freeze({__proto__:null,AcquireTokenByCode:Xa,AcquireTokenPopup:Za,AcquireTokenPreRedirect:ec,AcquireTokenRedirect:tc,AcquireTokenSilent:Ya,InitializeClientApplication:nc,LocalStorageUpdated:oc,SsoSilent:rc});const sc=864e5,ac="Lax",cc="None";class lc{initialize(){return Promise.resolve()}getItem(e){const t=`${encodeURIComponent(e)}`,r=document.cookie.split(";");for(let e=0;e<r.length;e++){const n=r[e],[o,...i]=decodeURIComponent(n).trim().split("="),s=i.join("=");if(o===t)return s}return""}getUserData(){throw i(H)}setItem(e,t,r,n=!0,o=ac){let i=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${o};`;if(r){const e=function(e){const t=new Date,r=new Date(t.getTime()+e*sc);return r.toUTCString()}(r);i+=`expires=${e};`}(n||o===cc)&&(i+="Secure;"),document.cookie=i}async setUserData(){return Promise.reject(i(H))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach((e=>{const r=decodeURIComponent(e).trim().split("=");t.push(r[0])})),t}containsKey(e){return this.getKeys().includes(e)}decryptData(){return Promise.resolve(null)}}function hc(e,t){const r=e.getItem(pa(t));return r?JSON.parse(r):[]}function dc(e,t,r){const n=t.getItem(ma(e,r));if(n){const e=JSON.parse(n);if(e&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("accessToken")&&e.hasOwnProperty("refreshToken"))return e}return{idToken:[],accessToken:[],refreshToken:[]}}function uc(e){return e.hasOwnProperty("id")&&e.hasOwnProperty("nonce")&&e.hasOwnProperty("data")}const gc="msal.cache.encryption";class pc{constructor(e,t,r){if(!window.localStorage)throw qs(Rs);this.memoryStorage=new Ja,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel("msal.broadcast.cache")}async initialize(e){const t=new lc,r=t.getItem(gc);let n={key:"",id:""};if(r)try{n=JSON.parse(r)}catch(e){}if(n.key&&n.id){const t=an(as,"base64Decode",this.logger,this.performanceClient,e)(n.key);this.encryptionCookie={id:n.id,key:await cn(Ss,$a,this.logger,this.performanceClient,e)(t)}}else{const r=vs(),n=await cn(bs,"generateBaseKey",this.logger,this.performanceClient,e)(),o=an(ns,"urlEncodeArr",this.logger,this.performanceClient,e)(new Uint8Array(n));this.encryptionCookie={id:r,key:await cn(Ss,$a,this.logger,this.performanceClient,e)(n)};const i={id:r,key:o};t.setItem(gc,JSON.stringify(i),0,!0,cc)}await cn(this.importExistingCache.bind(this),"importExistingCache",this.logger,this.performanceClient,e)(e),this.broadcast.addEventListener("message",(t=>{this.updateCache(t,e)})),this.initialized=!0}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw fi(ii);return this.memoryStorage.getItem(e)}async decryptData(e,t,r){if(!this.initialized||!this.encryptionCookie)throw fi(ii);if(t.id!==this.encryptionCookie.id)return this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},r),null;const n=await cn(Ps,za,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t.nonce,this.getContext(e),t.data);if(!n)return null;try{return JSON.parse(n)}catch(e){return this.performanceClient.incrementFields({encryptedCacheCorruptionCount:1},r),null}}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r,n){if(!this.initialized||!this.encryptionCookie)throw fi(ii);const{data:o,nonce:i}=await cn(Es,"encrypt",this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:o,lastUpdatedAt:n};this.memoryStorage.setItem(e,t),this.setItem(e,JSON.stringify(s)),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear();hc(this).forEach((e=>this.removeItem(e)));const e=dc(this.clientId,this);e.idToken.forEach((e=>this.removeItem(e))),e.accessToken.forEach((e=>this.removeItem(e))),e.refreshToken.forEach((e=>this.removeItem(e))),this.getKeys().forEach((e=>{(e.startsWith(ia)||-1!==e.indexOf(this.clientId))&&this.removeItem(e)}))}async importExistingCache(e){if(!this.encryptionCookie)return;let t=hc(this);t=await this.importArray(t,e),t.length?this.setItem(pa(),JSON.stringify(t)):this.removeItem(pa());const r=dc(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),r.idToken.length||r.accessToken.length||r.refreshToken.length?this.setItem(ma(this.clientId),JSON.stringify(r)):this.removeItem(ma(this.clientId))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let n;try{n=JSON.parse(r)}catch(e){return null}return uc(n)?n.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):cn(Ps,za,this.logger,this.performanceClient,t)(this.encryptionCookie.key,n.nonce,this.getContext(e),n.data):(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),n)}async importArray(e,t){const r=[],n=[];return e.forEach((e=>{const o=this.getItemFromEncryptedCache(e,t).then((t=>{t?(this.memoryStorage.setItem(e,t),r.push(e)):this.removeItem(e)}));n.push(o)})),await Promise.all(n),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e,t){this.logger.trace("Updating internal cache from broadcast event",t);const r=this.performanceClient.startMeasurement(oc);r.add({isBackground:!0});const{key:n,value:o,context:i}=e.data;return n?i&&i!==this.clientId?(this.logger.trace(`Ignoring broadcast event from clientId: '${i}'`,t),void r.end({success:!1,errorCode:"contextMismatch"})):(o?(this.memoryStorage.setItem(n,o),this.logger.verbose("Updated item in internal cache",t)):(this.memoryStorage.removeItem(n),this.logger.verbose("Removed item from internal cache",t)),void r.end({success:!0})):(this.logger.error("Broadcast event missing key",t),void r.end({success:!1,errorCode:"noKey"}))}}class mc{constructor(){if(!window.sessionStorage)throw qs(Rs)}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}decryptData(){return Promise.resolve(null)}}const fc={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_SUCCESS:"msal:loginSuccess",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",BROKERED_REQUEST_START:"msal:brokeredRequestStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",BROKERED_REQUEST_SUCCESS:"msal:brokeredRequestSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",BROKERED_REQUEST_FAILURE:"msal:brokeredRequestFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache",BROKER_CONNECTION_ESTABLISHED:"msal:brokerConnectionEstablished"};function yc(e,t){const r=e.indexOf(t);r>-1&&e.splice(r,1)}class wc extends Vt{constructor(e,t,r,n,o,i,s){super(e,r,n,o,s),this.cacheConfig=t,this.logger=n,this.internalStorage=new Ja,this.browserStorage=Cc(e,t.cacheLocation,n,o),this.temporaryCacheStorage=Cc(e,xi.SessionStorage,n,o),this.cookieStorage=new lc,this.eventHandler=i}async initialize(e){this.performanceClient.addFields({cacheLocation:this.cacheConfig.cacheLocation,cacheRetentionDays:this.cacheConfig.cacheRetentionDays},e),await this.browserStorage.initialize(e),await this.migrateExistingCache(e),this.trackVersionChanges(e)}async migrateExistingCache(e){const t=hc(this.browserStorage,0),r=dc(this.clientId,this.browserStorage,0);this.performanceClient.addFields({oldAccountCount:t.length,oldAccessCount:r.accessToken.length,oldIdCount:r.idToken.length,oldRefreshCount:r.refreshToken.length},e);const n=hc(this.browserStorage,1),o=dc(this.clientId,this.browserStorage,1);this.performanceClient.addFields({currAccountCount:n.length,currAccessCount:o.accessToken.length,currIdCount:o.idToken.length,currRefreshCount:o.refreshToken.length},e),await Promise.all([this.updateV0ToCurrent(1,t,n,e),this.updateV0ToCurrent(1,r.idToken,o.idToken,e),this.updateV0ToCurrent(1,r.accessToken,o.accessToken,e),this.updateV0ToCurrent(1,r.refreshToken,o.refreshToken,e)]),t.length>0?this.browserStorage.setItem(pa(0),JSON.stringify(t)):this.browserStorage.removeItem(pa(0)),n.length>0?this.browserStorage.setItem(pa(1),JSON.stringify(n)):this.browserStorage.removeItem(pa(1)),this.setTokenKeys(r,e,0),this.setTokenKeys(o,e,1)}async updateV0ToCurrent(e,t,r,n){const o=[];for(const i of[...t]){const s=this.browserStorage.getItem(i),a=this.validateAndParseJson(s||"");if(!a){yc(t,i);continue}a.lastUpdatedAt||(a.lastUpdatedAt=Date.now().toString(),this.setItem(i,JSON.stringify(a),n));const c=uc(a)?await this.browserStorage.decryptData(i,a,n):a;let l;if(c&&(In(c)||vn(c))&&(l=c.expiresOn),!c||pn(a.lastUpdatedAt,this.cacheConfig.cacheRetentionDays)||l&&gn(l,300))this.browserStorage.removeItem(i),yc(t,i),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},n);else if(this.cacheConfig.cacheLocation!==xi.LocalStorage||uc(a)){const t=`${ia}.${e}-${i}`,s=this.browserStorage.getItem(t);if(!s){o.push(this.setUserData(t,JSON.stringify(c),n,a.lastUpdatedAt).then((()=>{r.push(t),this.performanceClient.incrementFields({upgradedCacheCount:1},n)})));continue}{const e=this.validateAndParseJson(s);if(Number(a.lastUpdatedAt)>Number(e.lastUpdatedAt)){o.push(this.setUserData(t,JSON.stringify(c),n,a.lastUpdatedAt).then((()=>{this.performanceClient.incrementFields({updatedCacheFromV0Count:1},n)})));continue}}}}return Promise.all(o)}trackVersionChanges(e){const t=this.browserStorage.getItem(da);t&&(this.logger.info(`MSAL.js was last initialized by version: '${t}'`,e),this.performanceClient.addFields({previousLibraryVersion:t},e)),t!==oa&&this.setItem(da,oa,e)}validateAndParseJson(e){if(!e)return null;try{const t=JSON.parse(e);return t&&"object"==typeof t?t:null}catch(e){return null}}setItem(e,t,r){let n=0,o=[];for(let i=0;i<=20;i++)try{this.browserStorage.setItem(e,t),i>0&&(i<=n?this.removeAccessTokenKeys(o.slice(0,i),r,0):(this.removeAccessTokenKeys(o.slice(0,n),r,0),this.removeAccessTokenKeys(o.slice(n,i),r)));break}catch(s){const a=xt(s);if(!(a.errorCode===qt&&i<20))throw a;if(!o.length){const r=e===ma(this.clientId,0)?JSON.parse(t).accessToken:this.getTokenKeys(0).accessToken,i=e===ma(this.clientId)?JSON.parse(t).accessToken:this.getTokenKeys().accessToken;o=[...r,...i],n=r.length}if(o.length<=i)throw a;this.removeAccessToken(o[i],r,!1)}}async setUserData(e,t,r,n){let o=0,i=[];for(let s=0;s<=20;s++)try{await cn(this.browserStorage.setUserData.bind(this.browserStorage),"setUserData",this.logger,this.performanceClient,r)(e,t,r,n),s>0&&(s<=o?this.removeAccessTokenKeys(i.slice(0,s),r,0):(this.removeAccessTokenKeys(i.slice(0,o),r,0),this.removeAccessTokenKeys(i.slice(o,s),r)));break}catch(e){const t=xt(e);if(!(t.errorCode===qt&&s<20))throw t;if(!i.length){const e=this.getTokenKeys(0).accessToken,t=this.getTokenKeys().accessToken;i=[...e,...t],o=e.length}if(i.length<=s)throw t;this.removeAccessToken(i[s],r,!1)}}getAccount(e,t){this.logger.trace("BrowserCacheManager.getAccount called",t);const r=this.browserStorage.getUserData(e);if(!r)return this.removeAccountKeyFromMap(e,t),null;const n=this.validateAndParseJson(r);return n&&Qt(n)?Vt.toObject({},n):null}async setAccount(e,t){this.logger.trace("BrowserCacheManager.setAccount called",t);const r=this.generateAccountKey(zt(e)),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(r,JSON.stringify(e),t,n),this.addAccountKeyToMap(r,t)}getAccountKeys(){return hc(this.browserStorage)}addAccountKeyToMap(e,t){this.logger.trace("BrowserCacheManager.addAccountKeyToMap called",t),this.logger.tracePii(`BrowserCacheManager.addAccountKeyToMap called with key: '${e}'`,t);const r=this.getAccountKeys();return-1===r.indexOf(e)?(r.push(e),this.setItem(pa(),JSON.stringify(r),t),this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key added",t),!0):(this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key already exists in map",t),!1)}removeAccountKeyFromMap(e,t){this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap called",t),this.logger.tracePii(`BrowserCacheManager.removeAccountKeyFromMap called with key: '${e}'`,t);const r=this.getAccountKeys(),n=r.indexOf(e);if(n>-1){if(r.splice(n,1),0===r.length)return void this.removeItem(pa());this.setItem(pa(),JSON.stringify(r),t),this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap account key removed",t)}else this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap key not found in existing map",t)}removeAccount(e,t){const r=this.getActiveAccount(t);r?.homeAccountId===e.homeAccountId&&r?.environment===e.environment&&this.setActiveAccount(null,t),super.removeAccount(e,t),this.removeAccountKeyFromMap(this.generateAccountKey(e),t),this.browserStorage.getKeys().forEach((t=>{t.includes(e.homeAccountId)&&t.includes(e.environment)&&this.browserStorage.removeItem(t)}))}removeIdToken(e,t){super.removeIdToken(e,t);const r=this.getTokenKeys(),n=r.idToken.indexOf(e);n>-1&&(this.logger.info("idToken removed from tokenKeys map",t),r.idToken.splice(n,1),this.setTokenKeys(r,t))}removeAccessToken(e,t,r=!0){super.removeAccessToken(e,t),r&&this.removeAccessTokenKeys([e],t)}removeAccessTokenKeys(e,t,r=1){this.logger.trace("removeAccessTokenKey called",t);const n=this.getTokenKeys(r);let o=0;if(e.forEach((e=>{const t=n.accessToken.indexOf(e);t>-1&&(n.accessToken.splice(t,1),o++)})),o>0)return this.logger.info(`removed '${o}' accessToken keys from tokenKeys map`,t),void this.setTokenKeys(n,t,r)}removeRefreshToken(e,t){super.removeRefreshToken(e,t);const r=this.getTokenKeys(),n=r.refreshToken.indexOf(e);n>-1&&(this.logger.info("refreshToken removed from tokenKeys map",t),r.refreshToken.splice(n,1),this.setTokenKeys(r,t))}getTokenKeys(e=1){return dc(this.clientId,this.browserStorage,e)}setTokenKeys(e,t,r=1){0!==e.idToken.length||0!==e.accessToken.length||0!==e.refreshToken.length?this.setItem(ma(this.clientId,r),JSON.stringify(e),t):this.removeItem(ma(this.clientId,r))}getIdTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit",t),this.removeIdToken(e,t),null;const n=this.validateAndParseJson(r);return n&&((o=n)&&Cn(o)&&o.hasOwnProperty("realm")&&o.credentialType===Ae.ID_TOKEN)?(this.logger.trace("BrowserCacheManager.getIdTokenCredential: cache hit",t),n):(this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit",t),null);var o}async setIdTokenCredential(e,t){this.logger.trace("BrowserCacheManager.setIdTokenCredential called",t);const r=this.generateCredentialKey(e),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(r,JSON.stringify(e),t,n);const o=this.getTokenKeys();-1===o.idToken.indexOf(r)&&(this.logger.info("BrowserCacheManager: addTokenKey - idToken added to map",t),o.idToken.push(r),this.setTokenKeys(o,t))}getAccessTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit",t),this.removeAccessTokenKeys([e],t),null;const n=this.validateAndParseJson(r);return n&&In(n)?(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: cache hit",t),n):(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit",t),null)}async setAccessTokenCredential(e,t){this.logger.trace("BrowserCacheManager.setAccessTokenCredential called",t);const r=this.generateCredentialKey(e),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(r,JSON.stringify(e),t,n);const o=this.getTokenKeys(),i=o.accessToken.indexOf(r);-1!==i&&o.accessToken.splice(i,1),this.logger.trace(`access token '${-1===i?"added to":"updated in"}' map`,t),o.accessToken.push(r),this.setTokenKeys(o,t)}getRefreshTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit",t),this.removeRefreshToken(e,t),null;const n=this.validateAndParseJson(r);return n&&vn(n)?(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: cache hit",t),n):(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit",t),null)}async setRefreshTokenCredential(e,t){this.logger.trace("BrowserCacheManager.setRefreshTokenCredential called",t);const r=this.generateCredentialKey(e),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(r,JSON.stringify(e),t,n);const o=this.getTokenKeys();-1===o.refreshToken.indexOf(r)&&(this.logger.info("BrowserCacheManager: addTokenKey - refreshToken added to map",t),o.refreshToken.push(r),this.setTokenKeys(o,t))}getAppMetadata(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit",t),null;const n=this.validateAndParseJson(r);return n&&(o=e,(i=n)&&0===o.indexOf(be)&&i.hasOwnProperty("clientId")&&i.hasOwnProperty("environment"))?(this.logger.trace("BrowserCacheManager.getAppMetadata: cache hit",t),n):(this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit",t),null);var o,i}setAppMetadata(e,t){this.logger.trace("BrowserCacheManager.setAppMetadata called",t);const r=function({environment:e,clientId:t}){return[be,e,t].join("-").toLowerCase()}(e);this.setItem(r,JSON.stringify(e),t)}getServerTelemetry(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){const r=0===e.indexOf(qe);let n=!0;return t&&(n=t.hasOwnProperty("failedRequests")&&t.hasOwnProperty("errors")&&t.hasOwnProperty("cacheHits")),r&&n}(e,n)?(this.logger.trace("BrowserCacheManager.getServerTelemetry: cache hit",t),n):(this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit",t),null)}setServerTelemetry(e,t,r){this.logger.trace("BrowserCacheManager.setServerTelemetry called",r),this.setItem(e,JSON.stringify(t),r)}getAuthorityMetadata(e,t){const r=this.internalStorage.getItem(e);if(!r)return this.logger.trace("BrowserCacheManager.getAuthorityMetadata: called, no cache hit",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){return!!t&&0===e.indexOf(_e)&&t.hasOwnProperty("aliases")&&t.hasOwnProperty("preferred_cache")&&t.hasOwnProperty("preferred_network")&&t.hasOwnProperty("canonical_authority")&&t.hasOwnProperty("authorization_endpoint")&&t.hasOwnProperty("token_endpoint")&&t.hasOwnProperty("issuer")&&t.hasOwnProperty("aliasesFromNetwork")&&t.hasOwnProperty("endpointsFromNetwork")&&t.hasOwnProperty("expiresAt")&&t.hasOwnProperty("jwks_uri")}(e,n)?(this.logger.trace("BrowserCacheManager.getAuthorityMetadata: cache hit",t),n):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter((e=>this.isAuthorityMetadata(e)))}setWrapperMetadata(e,t){this.internalStorage.setItem(Wi,e),this.internalStorage.setItem(Ji,t)}getWrapperMetadata(){return[this.internalStorage.getItem(Wi)||"",this.internalStorage.getItem(Ji)||""]}setAuthorityMetadata(e,t,r){this.logger.trace("BrowserCacheManager.setAuthorityMetadata called",r),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(e){const t=this.generateCacheKey(de),r=this.browserStorage.getItem(t);if(!r)return this.logger.trace("BrowserCacheManager.getActiveAccount: No active account filters found",e),null;const n=this.validateAndParseJson(r);return n?(this.logger.trace("BrowserCacheManager.getActiveAccount: Active account filters schema found",e),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId},e)):(this.logger.trace("BrowserCacheManager.getActiveAccount: No active account found",e),null)}setActiveAccount(e,t){const r=this.generateCacheKey(de);if(e){this.logger.verbose("setActiveAccount: Active account set",t);const n={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.setItem(r,JSON.stringify(n),t)}else this.logger.verbose("setActiveAccount: No account passed, active account not set",t),this.browserStorage.removeItem(r);this.eventHandler.emitEvent(fc.ACTIVE_ACCOUNT_CHANGED)}getThrottlingCache(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){let r=!1;e&&(r=0===e.indexOf(Ue));let n=!0;return t&&(n=t.hasOwnProperty("throttleTime")),r&&n}(e,n)?(this.logger.trace("BrowserCacheManager.getThrottlingCache: cache hit",t),n):(this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit",t),null)}setThrottlingCache(e,t,r){this.logger.trace("BrowserCacheManager.setThrottlingCache called",r),this.setItem(e,JSON.stringify(t),r)}getTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e,o=this.temporaryCacheStorage.getItem(n);if(!o){if(this.cacheConfig.cacheLocation===xi.LocalStorage){const e=this.browserStorage.getItem(n);if(e)return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item found in local storage",t),e}return this.logger.trace("BrowserCacheManager.getTemporaryCache: No cache item found in local storage",t),null}return o}setTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(n,t)}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e)}getKeys(){return this.browserStorage.getKeys()}clear(e){this.removeAllAccounts(e),this.removeAppMetadata(e),this.temporaryCacheStorage.getKeys().forEach((e=>{-1===e.indexOf(ia)&&-1===e.indexOf(this.clientId)||this.removeTemporaryItem(e)})),this.browserStorage.getKeys().forEach((e=>{-1===e.indexOf(ia)&&-1===e.indexOf(this.clientId)||this.browserStorage.removeItem(e)})),this.internalStorage.clear()}generateCacheKey(e){return et.startsWith(e,ia)?e:`${ia}.${this.clientId}.${e}`}generateCredentialKey(e){const t=e.credentialType===Ae.REFRESH_TOKEN&&e.familyId||e.clientId,r=e.tokenType&&e.tokenType.toLowerCase()!==xe.BEARER.toLowerCase()?e.tokenType.toLowerCase():"";return[`${ia}.1`,e.homeAccountId,e.environment,e.credentialType,t,e.realm||"",e.target||"",r].join("-").toLowerCase()}generateAccountKey(e){const t=e.homeAccountId.split(".")[1];return[`${ia}.1`,e.homeAccountId,e.environment,t||e.tenantId||""].join("-").toLowerCase()}resetRequestCache(e){this.logger.trace("BrowserCacheManager.resetRequestCache called",e),this.removeTemporaryItem(this.generateCacheKey(Ki)),this.removeTemporaryItem(this.generateCacheKey($i)),this.removeTemporaryItem(this.generateCacheKey(Di)),this.removeTemporaryItem(this.generateCacheKey(Fi)),this.removeTemporaryItem(this.generateCacheKey(ji)),this.setInteractionInProgress(!1,void 0)}cacheAuthorizeRequest(e,t,r){this.logger.trace("BrowserCacheManager.cacheAuthorizeRequest called",t);const n=os(JSON.stringify(e));if(this.setTemporaryCache(Ki,n,!0),r){const e=os(r);this.setTemporaryCache($i,e,!0)}}getCachedRequest(e){this.logger.trace("BrowserCacheManager.getCachedRequest called",e);const t=this.getTemporaryCache(Ki,e,!0);if(!t)throw fi(Fo);const r=this.getTemporaryCache($i,e,!0);let n,o="";try{n=JSON.parse(ss(t)),r&&(o=ss(r))}catch(r){throw this.logger.errorPii(`Attempted to parse: '${t}'`,e),this.logger.error(`Parsing cached token request threw with error: '${r}'`,e),fi(Ko)}return[n,o]}getCachedNativeRequest(){this.logger.trace("BrowserCacheManager.getCachedNativeRequest called","");const e=this.getTemporaryCache(ji,"",!0);if(!e)return this.logger.trace("BrowserCacheManager.getCachedNativeRequest: No cached native request found",""),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("BrowserCacheManager.getCachedNativeRequest: Unable to parse native request",""),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress()?.clientId;return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${ia}.${zi}`,t=this.getTemporaryCache(e,"",!1);try{return t?JSON.parse(t):null}catch(t){return this.logger.error("Cannot parse interaction status. Removing temporary cache items and clearing url hash. Retrying interaction should fix the error",""),this.removeTemporaryItem(e),this.resetRequestCache(""),Ns(window),null}}setInteractionInProgress(e,t=Hi){const r=`${ia}.${zi}`;if(e){if(this.getInteractionInProgress())throw fi(Oo);this.setTemporaryCache(r,JSON.stringify({clientId:this.clientId,type:t}),!1)}else e||this.getInteractionInProgress()?.clientId!==this.clientId||this.removeTemporaryItem(r)}async hydrateCache(e,t){const r={idToken:fn(e.account?.homeAccountId,e.account?.environment,e.idToken,this.clientId,e.tenantId),accessToken:yn(e.account?.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?dn(e.expiresOn):0,e.extExpiresOn?dn(e.extExpiresOn):0,ss,void 0,e.tokenType,void 0,t.sshKid)};return this.saveCacheRecord(r,e.correlationId)}async saveCacheRecord(e,t,r){try{await super.saveCacheRecord(e,t,r)}catch(e){if(e instanceof Nt&&this.performanceClient&&t)try{const e=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:e.refreshToken.length,cacheIdCount:e.idToken.length,cacheAtCount:e.accessToken.length},t)}catch(e){}throw e}}}function Cc(e,t,r,n){try{switch(t){case xi.LocalStorage:return new pc(e,r,n);case xi.SessionStorage:return new mc}}catch(e){r.error(e,"")}return new Ja}const Ic=(e,t,r,n)=>new wc(e,{cacheLocation:xi.MemoryStorage,cacheRetentionDays:5},F,t,r,n);function vc(e,t,r,n,o){return e.verbose("getAllAccounts called",n),r?t.getAllAccounts(o,n):[]}function kc(e,t,r,n){if(t.trace("getAccount called",n),0===Object.keys(e).length)return t.warning("getAccount: No accountFilter provided",n),null;const o=r.getAccountInfoFilteredBy(e,n);return o?(t.verbose("getAccount: Account matching provided filter found, returning",n),o):(t.verbose("getAccount: No matching account found, returning null",n),null)}function Tc(e,t,r,n){if(t.trace("getAccountByUsername called",n),!e)return t.warning("getAccountByUsername: No username provided",n),null;const o=r.getAccountInfoFilteredBy({username:e},n);return o?(t.verbose("getAccountByUsername: Account matching username found, returning",n),t.verbosePii(`getAccountByUsername: Returning signed-in accounts matching username: '${e}'`,n),o):(t.verbose("getAccountByUsername: No matching account found, returning null",n),null)}function Ac(e,t,r,n){if(t.trace("getAccountByHomeId called",n),!e)return t.warning("getAccountByHomeId: No homeAccountId provided",n),null;const o=r.getAccountInfoFilteredBy({homeAccountId:e},n);return o?(t.verbose("getAccountByHomeId: Account matching homeAccountId found, returning",n),t.verbosePii(`getAccountByHomeId: Returning signed-in accounts matching homeAccountId: '${e}'`,n),o):(t.verbose("getAccountByHomeId: No matching account found, returning null",n),null)}function bc(e,t,r,n){if(t.trace("getAccountByLocalId called",n),!e)return t.warning("getAccountByLocalId: No localAccountId provided",n),null;const o=r.getAccountInfoFilteredBy({localAccountId:e},n);return o?(t.verbose("getAccountByLocalId: Account matching localAccountId found, returning",n),t.verbosePii(`getAccountByLocalId: Returning signed-in accounts matching localAccountId: '${e}'`,n),o):(t.verbose("getAccountByLocalId: No matching account found, returning null",n),null)}function Sc(e,t,r){t.setActiveAccount(e,r)}function _c(e,t){return e.getActiveAccount(t)}class Ec{constructor(e){this.eventCallbacks=new Map,this.logger=e||new $({}),"undefined"!=typeof BroadcastChannel&&(this.broadcastChannel=new BroadcastChannel("msal.broadcast.event")),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if("undefined"!=typeof window){const n=r||Qs();return this.eventCallbacks.has(n)?(this.logger.error(`Event callback with id: '${n}' is already registered. Please provide a unique id or remove the existing callback and try again.`,""),null):(this.eventCallbacks.set(n,[e,t||[]]),this.logger.verbose(`Event callback registered with id: '${n}'`,""),n)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose(`Event callback '${e}' removed.`,"")}emitEvent(e,t,r,n){const o={eventType:e,interactionType:t||null,payload:r||null,error:n||null,timestamp:Date.now()};switch(e){case fc.LOGIN_SUCCESS:case fc.LOGOUT_SUCCESS:case fc.ACTIVE_ACCOUNT_CHANGED:this.broadcastChannel?.postMessage(o)}this.invokeCallbacks(o)}invokeCallbacks(e){this.eventCallbacks.forEach((([t,r],n)=>{(0===r.length||r.includes(e.eventType))&&(this.logger.verbose(`Emitting event to callback '${n}': '${e.eventType}'`,""),t.apply(null,[e]))}))}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){this.broadcastChannel?.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){this.broadcastChannel?.removeEventListener("message",this.invokeCrossTabCallbacks)}}class Pc{constructor(e,t,r,n,o,i,s,a,c){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=o,this.navigationClient=i,this.platformAuthProvider=c,this.correlationId=a,this.logger=n.clone(ki,oa),this.performanceClient=s}}function Rc(e,t,r,n){r.verbose("getRedirectUri called",n);const o=e||t||"";return _t.getAbsoluteUrl(o,Hs())}function Oc(e,t,r,n,o,i){o.verbose("initializeServerTelemetryManager called",r);const s={clientId:t,correlationId:r,apiId:e,forceRefresh:!1,wrapperSKU:n.getWrapperMetadata()[0],wrapperVer:n.getWrapperMetadata()[1]};return new po(s,n)}async function Mc(e,t,r,n,o,i,s,a,c){const l=a&&a.hasOwnProperty("instance_aware")?a.instance_aware:void 0,h={protocolMode:e.system.protocolMode,OIDCOptions:e.auth.OIDCOptions,knownAuthorities:e.auth.knownAuthorities,cloudDiscoveryMetadata:e.auth.cloudDiscoveryMetadata,authorityMetadata:e.auth.authorityMetadata},d=i||e.auth.authority,u=l?.length?"true"===l:e.auth.instanceAware,g=c&&u?e.auth.authority.replace(_t.getDomainFromUrl(d),c.environment):d,p=Sn.generateAuthority(g,s||e.auth.azureCloudOptions),m=await cn(Pn,"authorityFactoryCreateDiscoveredInstance",o,r,t)(p,e.system.networkClient,n,h,o,t,r);if(c&&!m.isAlias(c.environment))throw Ze(Ct);return m}async function qc(e,t,r,n,o){if(o)try{e.removeAccount(o,n),r.verbose("Cleared cache items belonging to the account provided in the logout request.",n)}catch(e){r.error("Account provided in logout request was not found. Local cache unchanged.",n)}else try{r.verbose("No account provided in logout request, clearing all cache items.",n),e.clear(n),await t.clearKeystore(n)}catch(e){r.error("Attempted to clear all MSAL cache items and failed. Local cache unchanged.",n)}}async function Nc(e,t,r,n,o){const i=e.authority||t.auth.authority,s=[...e&&e.scopes||[]],a={...e,correlationId:e.correlationId,authority:i,scopes:s};if(a.authenticationScheme){if(a.authenticationScheme===xe.SSH){if(!e.sshJwk)throw Ze(gt);if(!e.sshKid)throw Ze(pt)}n.verbose(`Authentication Scheme set to "'${a.authenticationScheme}'" as configured in Auth request`,o)}else a.authenticationScheme=xe.BEARER,n.verbose('Authentication Scheme was not explicitly set in request, defaulting to "Bearer" request',o);return a}async function xc(e,t,r,n,o){const i=await cn(Nc,Oa,o,n,e.correlationId)(e,r,n,o,e.correlationId);return{...e,...i,account:t,forceRefresh:e.forceRefresh||!1}}class Uc extends Pc{initializeLogoutRequest(e){this.logger.verbose("initializeLogoutRequest called",this.correlationId);const t={correlationId:this.correlationId,...e};if(e)if(e.logoutHint)this.logger.verbose("logoutHint has already been set in logoutRequest",this.correlationId);else if(e.account){const r=this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("Setting logoutHint to login_hint ID Token Claim value for the account provided",this.correlationId),t.logoutHint=r)}else this.logger.verbose("logoutHint was not set and account was not passed into logout request, logoutHint will not be set",this.correlationId);else this.logger.verbose("logoutHint will not be set since no logout request was configured",this.correlationId);return e&&null===e.postLogoutRedirectUri?this.logger.verbose("postLogoutRedirectUri passed as null, not setting post logout redirect uri",t.correlationId):e&&e.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to uri set on logout request",t.correlationId),t.postLogoutRedirectUri=_t.getAbsoluteUrl(e.postLogoutRedirectUri,Hs())):null===this.config.auth.postLogoutRedirectUri?this.logger.verbose("postLogoutRedirectUri configured as null and no uri set on request, not passing post logout redirect",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to configured uri",t.correlationId),t.postLogoutRedirectUri=_t.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,Hs())):(this.logger.verbose("Setting postLogoutRedirectUri to current page",t.correlationId),t.postLogoutRedirectUri=_t.getAbsoluteUrl(Hs(),Hs())),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("The ID Token Claims tied to the provided account do not contain a login_hint claim, logoutHint will not be added to logout request",this.correlationId)}else this.logger.verbose("The provided account does not contain ID Token Claims, logoutHint will not be added to logout request",this.correlationId);return null}async createAuthCodeClient(e){const t=await cn(this.getClientConfiguration.bind(this),Ua,this.logger,this.performanceClient,this.correlationId)(e);return new no(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:r,requestAzureCloudOptions:n,requestExtraQueryParameters:o,account:i}=e,s=await cn(Mc,Ea,this.logger,this.performanceClient,this.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:s,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:a.loggerCallback,piiLoggingEnabled:a.piiLoggingEnabled,logLevel:a.logLevel,correlationId:this.correlationId},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:ki,version:oa,cpu:"",os:""},telemetry:this.config.telemetry}}}async function Lc(e,t,r,n,o,i,s,a){const c=Rc(e.redirectUri,r.auth.redirectUri,i,a),l={interactionType:t},h=Vn.setRequestState(n,e&&e.state||"",l),d={...await cn(Nc,Oa,i,s,a)({...e,correlationId:a},r,s,i,a),redirectUri:c,state:h,nonce:e.nonce||vs(),responseMode:r.auth.OIDCOptions.responseMode};if(e.loginHint||e.sid)return d;const u=e.account||o.getActiveAccount(a);return u&&(i.verbose("Setting validated request account",a),i.verbosePii(`Setting validated request account: '${u.homeAccountId}'`,a),d.account=u),d}function Hc(e,t,r,n){const o=Vr(e);if(!o)throw Gr(e)?(r.error(`A '${t}' is present in the iframe but it does not contain known properties. It's likely that the '${t}' has been replaced by code running on the redirectUri page.`,n),r.errorPii(`The '${t}' detected is: '${e}'`,n),fi(Eo)):(r.error(`The request has returned to the redirectUri but a '${t}' is not present. It's likely that the '${t}' has been removed or the page has been redirected by code running on the redirectUri page.`,n),fi(So));return o}function Bc(e,t,r){if(!e.state)throw fi(_o);const n=function(e,t){if(!t)return null;try{return Vn.parseRequestState(e,t).libraryState.meta}catch(e){throw i(p)}}(t,e.state);if(!n)throw fi(Po);if(n.interactionType!==r)throw fi(Ro)}class Dc{constructor(e,t,r,n,o){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=n,this.performanceClient=o}async handleCodeResponse(e,t){let r;try{r=function(e,t){if(lo(e,t),!e.code)throw i(M);return e}(e,t.state)}catch(e){throw e instanceof Rn&&e.subError===No?fi(No):e}return cn(this.handleCodeResponseFromServer.bind(this),tn,this.logger,this.performanceClient,t.correlationId)(r,t)}async handleCodeResponseFromServer(e,t,r=!0){if(this.logger.trace("InteractionHandler.handleCodeResponseFromServer called",t.correlationId),this.authCodeRequest.code=e.code,e.cloud_instance_host_name&&await cn(this.authModule.updateAuthority.bind(this.authModule),"updateTokenEndpointAuthority",this.logger,this.performanceClient,t.correlationId)(e.cloud_instance_host_name,t.correlationId),r&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const e=this.createCcsCredentials(t);e&&(this.authCodeRequest.ccsCredential=e)}return await cn(this.authModule.acquireToken.bind(this.authModule),"authClientAcquireToken",this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:hr}:e.loginHint?{credential:e.loginHint,type:dr}:null}}class Fc extends r{constructor(e,t,r){super(e,t||pi(e)),Object.setPrototypeOf(this,Fc.prototype),this.name="NativeAuthError",this.ext=r}}function Kc(e){return!(!e.ext||!e.ext.status||"PERSISTENT_ERROR"!==e.ext.status&&"DISABLED"!==e.ext.status)||(!(!e.ext||!e.ext.error||-2147186943!==e.ext.error)||"ContentError"===e.errorCode)}function $c(e,t,r){if(r&&r.status)switch(r.status){case"ACCOUNT_UNAVAILABLE":return Gn(Ln,pi(e));case"USER_INTERACTION_REQUIRED":return new Jn(e,t);case"USER_CANCEL":return fi(No);case"NO_NETWORK":return fi(jo);case"UX_NOT_ALLOWED":return Gn(Bn)}return new Fc(e,t,r)}class zc extends Uc{async acquireToken(e){const t=Oc(Qi.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),r=await cn(this.getClientConfiguration.bind(this),Ua,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),n=new io(r,this.performanceClient);this.logger.verbose("Silent auth client created",this.correlationId);try{const t=(await cn(n.acquireCachedToken.bind(n),"silentFlowClientAcquireCachedToken",this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),t}catch(e){throw e instanceof mi&&e.errorCode===Vo&&this.logger.verbose("Signing keypair for bound access token not found. Refreshing bound access token and generating a new crypto keypair.",this.correlationId),e}}logout(e){this.logger.verbose("logoutRedirect called",this.correlationId);const t=this.initializeLogoutRequest(e);return qc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account)}}class jc extends Pc{constructor(e,t,r,n,o,i,s,a,c,l,h,d){super(e,t,r,n,o,i,a,d,c),this.apiId=s,this.accountId=l,this.platformAuthProvider=c,this.nativeStorageManager=h,this.silentCacheClient=new zc(e,this.nativeStorageManager,r,n,o,i,a,d,c);const u=this.platformAuthProvider.getExtensionName();this.skus=po.makeExtraSkuString({libraryName:ki,libraryVersion:oa,extensionName:u,extensionVersion:this.platformAuthProvider.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[yr]:this.skus}}async acquireToken(e,t){this.logger.trace("NativeInteractionClient - acquireToken called.",this.correlationId);const r=this.performanceClient.startMeasurement(Pa,e.correlationId),n=hn(),o=Oc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const i=await this.initializeNativeRequest(e);try{const e=await this.acquireTokensFromCache(this.accountId,i);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),e}catch(e){if(t===es.AccessToken)throw this.logger.info("MSAL internal Cache does not contain tokens, return error as per cache policy",this.correlationId),e;this.logger.info("MSAL internal Cache does not contain tokens, proceed to make a native call",this.correlationId)}const s=await this.platformAuthProvider.sendMessage(i);return await this.handleNativeResponse(s,i,n).then((e=>(r.end({success:!0,isNativeBroker:!0,requestId:e.requestId}),o.clearNativeBrokerErrorCode(),e))).catch((e=>{throw r.end({success:!1,errorCode:e.errorCode,subErrorCode:e.subError,isNativeBroker:!0}),e}))}catch(e){throw e instanceof Fc&&o.setNativeBrokerErrorCode(e.errorCode),e}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:vt.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("NativeInteractionClient:acquireTokensFromCache - No nativeAccountId provided",this.correlationId),i(E);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e},t.correlationId);if(!r)throw i(E);try{const e=this.createSilentCacheRequest(t,r),n=await this.silentCacheClient.acquireToken(e),o={...r,idTokenClaims:n?.idTokenClaims,idToken:n?.idToken};return{...n,account:o}}catch(e){throw e}}async acquireTokenRedirect(e,t,r){this.logger.trace("NativeInteractionClient - acquireTokenRedirect called.",this.correlationId);const n=await this.initializeNativeRequest(e),o=r?.navigateToLoginRequestUrl??!0;try{await this.platformAuthProvider.sendMessage(n)}catch(e){if(e instanceof Fc){if(Oc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).setNativeBrokerErrorCode(e.errorCode),Kc(e))throw e}}this.browserStorage.setTemporaryCache(ji,JSON.stringify(n),!0);const i={apiId:Qi.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},s=o?window.location.href:Rc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId);t.end({success:!0}),await this.navigationClient.navigateExternal(s,i)}async handleRedirectPromise(e,t){if(this.logger.trace("NativeInteractionClient - handleRedirectPromise called.",this.correlationId),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null.",this.correlationId),null;const r=this.browserStorage.getCachedNativeRequest();if(!r)return this.logger.verbose("NativeInteractionClient - handleRedirectPromise called but there is no cached request, returning null.",this.correlationId),e&&t&&e?.addFields({errorCode:"no_cached_request"},t),null;const{prompt:n,...o}=r;n&&this.logger.verbose("NativeInteractionClient - handleRedirectPromise called and prompt was included in the original request, removing prompt from cached request to prevent second interaction with native broker window.",this.correlationId),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(ji));const i=hn();try{this.logger.verbose("NativeInteractionClient - handleRedirectPromise sending message to native broker.",this.correlationId);const e=await this.platformAuthProvider.sendMessage(o),t=await this.handleNativeResponse(e,o,i);return Oc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).clearNativeBrokerErrorCode(),t}catch(e){throw e}}logout(){return this.logger.trace("NativeInteractionClient - logout called.",this.correlationId),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){this.logger.trace("NativeInteractionClient - handleNativeResponse called.",this.correlationId);const n=bt(e.id_token,ss),o=this.createHomeAccountIdentifier(e,n),i=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId},this.correlationId)?.homeAccountId;if(t.extraParameters?.child_client_id&&e.account.id!==t.accountId)this.logger.info("handleNativeServerResponse: Double broker flow detected, ignoring accountId mismatch",this.correlationId);else if(o!==i&&e.account.id!==t.accountId)throw $c("user_switch");const s=await Mc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t.authority),a=to(this.browserStorage,s,o,ss,this.correlationId,n,e.client_info,void 0,n.tid,void 0,e.account.id);e.expires_in=Number(e.expires_in);const c=await this.generateAuthenticationResult(e,t,n,a,s.canonicalAuthority,r);return await this.cacheAccount(a),await this.cacheNativeTokens(e,t,o,n,e.access_token,c.tenantId,r),c}createHomeAccountIdentifier(e,t){return Jt(e.client_info||"",Ht,this.logger,this.browserCrypto,this.correlationId,t)}generateScopes(e,t){return t?vt.fromString(t):vt.fromString(e)}async generatePopAccessToken(e,t){if(t.tokenType===xe.POP&&t.signPopToken){if(e.shr)return this.logger.trace("handleNativeServerResponse: SHR is enabled in native layer",this.correlationId),e.shr;const r=new Xn(this.browserCrypto,this.performanceClient),n={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce,correlationId:this.correlationId};if(!t.keyId)throw i(x);return r.signPopToken(e.access_token,t.keyId,n)}return e.access_token}async generateAuthenticationResult(e,t,r,n,o,i){const s=this.addTelemetryFromNativeResponse(e.properties.MATS),a=this.generateScopes(t.scope,e.scope),c=e.account.properties||{},l=c.UID||r.oid||r.sub||"",h=c.TenantId||r.tid||"",d=At(zt(n),void 0,r,e.id_token);d.nativeAccountId!==e.account.id&&(d.nativeAccountId=e.account.id);const u=await this.generatePopAccessToken(e,t),g=t.tokenType===xe.POP?xe.POP:xe.BEARER;return{authority:o,uniqueId:l,tenantId:h,scopes:a.asArray(),account:d,idToken:e.id_token,idTokenClaims:r,accessToken:u,fromCache:!!s&&this.isResponseFromCache(s),expiresOn:un(i+e.expires_in),tokenType:g,correlationId:this.correlationId,state:e.state,fromPlatformBroker:!0}}async cacheAccount(e){await this.browserStorage.setAccount(e,this.correlationId),this.browserStorage.removeAccountContext(zt(e),this.correlationId)}cacheNativeTokens(e,t,r,n,o,i,s){const a=fn(r,t.authority,e.id_token||"",t.clientId,n.tid||""),c=s+(t.tokenType===xe.POP?240:("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0),l=this.generateScopes(e.scope,t.scope),h={idToken:a,accessToken:yn(r,t.authority,o,t.clientId,n.tid||i,l.printScopes(),c,0,ss,void 0,t.tokenType,void 0,t.keyId)};return this.nativeStorageManager.saveCacheRecord(h,this.correlationId,t.storeInCache)}getExpiresInValue(e,t){return e===xe.POP?240:("string"==typeof t?parseInt(t,10):t)||0}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.platformAuthProvider.getExtensionId(),extensionVersion:this.platformAuthProvider.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}getMATSFromResponse(e){if(e)try{return JSON.parse(e)}catch(e){this.logger.error("NativeInteractionClient - Error parsing MATS telemetry, returning null instead",this.correlationId)}return null}isResponseFromCache(e){return void 0===e.is_cached?(this.logger.verbose("NativeInteractionClient - MATS telemetry does not contain field indicating if response was served from cache. Returning false.",this.correlationId),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("NativeInteractionClient - initializeNativeRequest called",this.correlationId);const t=await this.getCanonicalAuthority(e),{scopes:r,...n}=e,o=new vt(r||[]);o.appendScopes(te);const i={...n,accountId:this.accountId,clientId:this.config.auth.clientId,authority:t.urlString,scope:o.printScopes(),redirectUri:Rc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId),prompt:this.getPrompt(e.prompt),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraQueryParameters,...e.tokenQueryParameters},extendedExpiryToken:!1,keyId:e.popKid};if(i.signPopToken&&e.popKid)throw fi(ci);if(this.handleExtraBrokerParams(i),i.extraParameters=i.extraParameters||{},i.extraParameters.telemetry=bi,e.authenticationScheme===xe.POP){const t={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce,correlationId:this.correlationId},r=new Xn(this.browserCrypto,this.performanceClient);let n;if(i.keyId)n=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:i.keyId})),i.signPopToken=!1;else{const e=await cn(r.generateCnf.bind(r),rn,this.logger,this.performanceClient,this.correlationId)(t,this.logger);n=e.reqCnfString,i.keyId=e.kid,i.signPopToken=!0}i.reqCnf=n}return this.addRequestSKUs(i),i}async getCanonicalAuthority(e){const t=e.authority||this.config.auth.authority,{azureCloudOptions:r,account:n}=e;n&&await Mc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t,r,void 0,n);const o=new _t(t);return o.validateAsUri(),o}getPrompt(e){switch(this.apiId){case Qi.ssoSilent:case Qi.acquireTokenSilent_silentFlow:return this.logger.trace("initializeNativeRequest: silent request sets prompt to none",this.correlationId),ye.NONE}if(e)switch(e){case ye.NONE:case ye.CONSENT:case ye.LOGIN:return this.logger.trace("initializeNativeRequest: prompt is compatible with native flow",this.correlationId),e;default:throw this.logger.trace(`initializeNativeRequest: prompt = '${e}' is not compatible with native flow`,this.correlationId),fi(si)}else this.logger.trace("initializeNativeRequest: prompt was not provided",this.correlationId)}handleExtraBrokerParams(e){const t=e.extraParameters&&e.extraParameters.hasOwnProperty(wr)&&e.extraParameters.hasOwnProperty(Cr)&&e.extraParameters.hasOwnProperty(ur);if(!e.embeddedClientId&&!t)return;let r="";const n=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,r=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[Cr],r=e.extraParameters[ur]),e.extraParameters={child_client_id:r,child_redirect_uri:n},this.performanceClient?.addFields({embeddedClientId:r,embeddedRedirectUri:n},e.correlationId)}}async function Wc(e,t,r,n,o){const i=ao({...e.auth,authority:t},r,n,o);if(Mr(i,{sku:ki,version:oa,os:"",cpu:""}),e.system.protocolMode!==$t.OIDC&&qr(i,e.telemetry.application),r.platformBroker&&(function(e){e.set("nativebroker","1")}(i),r.authenticationScheme===xe.POP)){const e=new Ga(n,o),t=new Xn(e,o);let s;if(r.popKid)s=e.encodeKid(r.popKid);else{s=(await cn(t.generateCnf.bind(t),rn,n,o,r.correlationId)(r,n)).reqCnfString}$r(i,s)}return vr(i,r.correlationId,o),i}async function Jc(e,t,r,n,o){if(!r.codeChallenge)throw Ze(lt);const i=await cn(Wc,"getStandardParams",n,o,r.correlationId)(e,t,r,n,o);return kr(i,we),function(e,t,r){if(!t||!r)throw Ze(lt);e.set("code_challenge",t),e.set("code_challenge_method",r)}(i,r.codeChallenge,"S256"),Fr(i,r.extraQueryParameters||{}),co(t,i)}async function Qc(e,t,r,n,o,i){if(!n.earJwk)throw fi(ko);const s=await Wc(t,r,n,o,i);kr(s,Ce),function(e,t){e.set("ear_jwk",encodeURIComponent(t)),e.set("ear_jwe_crypto","eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}(s,n.earJwk);const a=new Map;Fr(a,n.extraQueryParameters||{});return function(e,t,r){const n=e.createElement("form");return n.method="post",n.action=t,r.forEach(((t,r)=>{const o=e.createElement("input");o.hidden=!0,o.name=r,o.value=t,n.appendChild(o)})),e.body.appendChild(n),n}(e,co(r,a),s)}async function Gc(e,t,r,n,o,i,s,a,c,l){if(a.verbose("Account id found, calling WAM for token",e.correlationId),!l)throw fi(oi);const h=new Ga(a,c),d=new jc(n,o,h,a,s,n.system.navigationClient,r,c,l,t,i,e.correlationId),{userRequestState:u}=Vn.parseRequestState(h,e.state);return cn(d.acquireToken.bind(d),Pa,a,c,e.correlationId)({...e,state:u,prompt:void 0})}async function Vc(e,t,r,n,o,i,s,a,c,l,h,d){if(Mn.removeThrottle(s,o.auth.clientId,e),t.accountId)return cn(Gc,Ba,l,h,e.correlationId)(e,t.accountId,n,o,s,a,c,l,h,d);const u={...e,code:t.code||"",codeVerifier:r},g=new Dc(i,s,u,l,h);return await cn(g.handleCodeResponse.bind(g),"handleCodeResponse",l,h,e.correlationId)(t,e)}async function Yc(e,t,r,n,o,i,s,a,c,l,h){if(Mn.removeThrottle(i,n.auth.clientId,e),lo(t,e.state),!t.ear_jwe)throw fi(To);if(!e.earJwk)throw fi(ko);const d=JSON.parse(await cn(As,"decryptEarResponse",c,l,e.correlationId)(e.earJwk,t.ear_jwe));if(d.accountId)return cn(Gc,Ba,c,l,e.correlationId)(e,d.accountId,r,n,i,s,a,c,l,h);const u=new eo(n.auth.clientId,i,new Ga(c,l),c,l,null,null);u.validateTokenResponse(d,e.correlationId);const g={code:"",state:e.state,nonce:e.nonce,client_info:d.client_info,cloud_graph_host_name:d.cloud_graph_host_name,cloud_instance_host_name:d.cloud_instance_host_name,cloud_instance_name:d.cloud_instance_name,msgraph_host:d.msgraph_host};return await cn(u.handleServerTokenResponse.bind(u),nn,c,l,e.correlationId)(d,o,hn(),e,g,void 0,void 0,void 0,void 0)}async function Xc(e,t,r){const n=an(Zc,"generateCodeVerifier",t,e,r)(e,t,r);return{verifier:n,challenge:await cn(el,"generateCodeChallengeFromVerifier",t,e,r)(n,e,t,r)}}function Zc(e,t,r){try{const n=new Uint8Array(32);an(Cs,"getRandomValues",t,e,r)(n);return ns(n)}catch(e){throw fi(vo)}}async function el(e,t,r,n){try{const o=await cn(ws,"sha256Digest",r,t,n)(e);return ns(new Uint8Array(o))}catch(e){throw fi(vo)}}class tl{constructor(e,t,r,n){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=n,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=r.startMeasurement("nativeMessageHandlerHandshake"),this.platformAuthType=Ri}async sendMessage(e){this.logger.trace(`'${this.platformAuthType}' - sendMessage called.`,e.correlationId);const t={method:qi,request:e},r={channel:Ti,extensionId:this.extensionId,responseId:vs(),body:t};this.logger.trace(`'${this.platformAuthType}' - Sending request to browser extension`,e.correlationId),this.logger.tracePii(`'${this.platformAuthType}' - Sending request to browser extension: '${JSON.stringify(r)}'`,e.correlationId),this.messageChannel.port1.postMessage(r);const n=await new Promise(((e,t)=>{this.resolvers.set(r.responseId,{resolve:e,reject:t})}));return this.validatePlatformBrokerResponse(n)}static async createProvider(e,t,r,n){e.trace("PlatformAuthExtensionHandler - createProvider called.",n);try{const o=new tl(e,t,r,Ai);return await o.sendHandshakeRequest(n),o}catch(o){const i=new tl(e,t,r);return await i.sendHandshakeRequest(n),i}}async sendHandshakeRequest(e){this.logger.trace(`'${this.platformAuthType}' - sendHandshakeRequest called.`,e),window.addEventListener("message",this.windowListener,!1);const t={channel:Ti,extensionId:this.extensionId,responseId:vs(),body:{method:Oi}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=e=>{this.onChannelMessage(e)},window.postMessage(t,window.origin,[this.messageChannel.port2]),new Promise(((e,r)=>{this.handshakeResolvers.set(t.responseId,{resolve:e,reject:r}),this.timeoutId=window.setTimeout((()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(fi(ri)),this.handshakeResolvers.delete(t.responseId)}),this.handshakeTimeoutMs)}))}onWindowMessage(e){const t=Qs();if(this.logger.trace(`'${this.platformAuthType}' - onWindowMessage called`,t),e.source!==window)return;const r=e.data;if(r.channel&&r.channel===Ti&&(!r.extensionId||r.extensionId===this.extensionId)&&r.body.method===Oi){const e=this.handshakeResolvers.get(r.responseId);if(!e)return void this.logger.trace(`'${this.platformAuthType}'.onWindowMessage - resolver can't be found for request '${r.responseId}'`,t);this.logger.verbose(r.extensionId?`Extension with id: ${r.extensionId} not installed`:"No extension installed",t),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),e.reject(fi(ni))}}onChannelMessage(e){const t=Qs();this.logger.trace(`'${this.platformAuthType}' - onChannelMessage called.`,t);const r=e.data,o=this.resolvers.get(r.responseId),i=this.handshakeResolvers.get(r.responseId);try{const e=r.body.method;if(e===Ni){if(!o)return;const e=r.body.response;if(this.logger.trace(`'${this.platformAuthType}' - Received response from browser extension`,t),this.logger.tracePii(`'${this.platformAuthType}' - Received response from browser extension: '${JSON.stringify(e)}'`,t),"Success"!==e.status)o.reject($c(e.code,e.description,e.ext));else{if(!e.result)throw n(ho,"Event does not contain result.");e.result.code&&e.result.description?o.reject($c(e.result.code,e.result.description,e.result.ext)):o.resolve(e.result)}this.resolvers.delete(r.responseId)}else if(e===Mi){if(!i)return void this.logger.trace(`'${this.platformAuthType}'.onChannelMessage - resolver can't be found for request '${r.responseId}'`,t);clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=r.extensionId,this.extensionVersion=r.body.version,this.logger.verbose(`'${this.platformAuthType}' - Received HandshakeResponse from extension: '${this.extensionId}'`,t),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),i.resolve(),this.handshakeResolvers.delete(r.responseId)}}catch(r){this.logger.error("Error parsing response from WAM Extension",t),this.logger.errorPii(`Error parsing response from WAM Extension: '${r}'`,t),this.logger.errorPii(`Unable to parse '${e}'`,t),o?o.reject(r):i&&i.reject(r)}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw n(ho,"Response missing expected properties.")}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}getExtensionName(){return this.getExtensionId()===Ai?"chrome":this.getExtensionId()?.length?"unknown":void 0}}class rl{constructor(e,t,r){this.logger=e,this.performanceClient=t,this.correlationId=r,this.platformAuthType=Pi}static async createProvider(e,t,r){if(e.trace("PlatformAuthDOMHandler: createProvider called",r),window.navigator?.platformAuthentication){const n=await window.navigator.platformAuthentication.getSupportedContracts(Si);if(n?.includes(Ei))return e.trace("Platform auth api available in DOM",r),new rl(e,t,r)}}getExtensionId(){return Si}getExtensionVersion(){return""}getExtensionName(){return _i}async sendMessage(e){this.logger.trace(`'${this.platformAuthType}' - Sending request to browser DOM API`,e.correlationId);try{const t=this.initializePlatformDOMRequest(e),r=await window.navigator.platformAuthentication.executeGetToken(t);return this.validatePlatformBrokerResponse(r,e.correlationId)}catch(t){throw this.logger.error(`'${this.platformAuthType}' - executeGetToken DOM API error`,e.correlationId),t}}initializePlatformDOMRequest(e){this.logger.trace(`'${this.platformAuthType}' - initializeNativeDOMRequest called`,e.correlationId);const{accountId:t,clientId:r,authority:n,scope:o,redirectUri:i,correlationId:s,state:a,storeInCache:c,embeddedClientId:l,extraParameters:h,...d}=e,u=this.getDOMExtraParams(d);return{accountId:t,brokerId:this.getExtensionId(),authority:n,clientId:r,correlationId:s||this.correlationId,extraParameters:{...h,...u},isSecurityTokenService:!1,redirectUri:i,scope:o,state:a,storeInCache:c,embeddedClientId:l}}validatePlatformBrokerResponse(e,t){if(e.hasOwnProperty("isSuccess")){if(e.hasOwnProperty("accessToken")&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("clientInfo")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scopes")&&e.hasOwnProperty("expiresIn"))return this.logger.trace(`'${this.platformAuthType}' - platform broker returned successful and valid response`,t),this.convertToPlatformBrokerResponse(e,t);if(e.hasOwnProperty("error")){const r=e;if(!1===r.isSuccess&&r.error&&r.error.code)throw this.logger.trace(`'${this.platformAuthType}' - platform broker returned error response`,t),$c(r.error.code,r.error.description,{error:parseInt(r.error.errorCode),protocol_error:r.error.protocolError,status:r.error.status,properties:r.error.properties})}}throw n(ho,"Response missing expected properties.")}convertToPlatformBrokerResponse(e,t){this.logger.trace(`'${this.platformAuthType}' - convertToNativeResponse called`,t);return{access_token:e.accessToken,id_token:e.idToken,client_info:e.clientInfo,account:e.account,expires_in:e.expiresIn,scope:e.scopes,state:e.state||"",properties:e.properties||{},extendedLifetimeToken:e.extendedLifetimeToken??!1,shr:e.proofOfPossessionPayload}}getDOMExtraParams(e){return{...Object.entries(e).reduce(((e,[t,r])=>(e[t]=String(r),e)),{})}}}async function nl(e,t,r,n){e.trace("getPlatformAuthProvider called",r);const o=function(){let e;try{return e=window[xi.SessionStorage],"true"===e?.getItem(ha)}catch(e){return!1}}();let i;e.trace(`Has client allowed platform auth via DOM API: '${o}'`,r);try{o&&(i=await rl.createProvider(e,t,r)),i||(e.trace("Platform auth via DOM API not available, checking for extension",r),i=await tl.createProvider(e,n||2e3,t,r))}catch(t){e.trace("Platform auth not available",t)}return i}function ol(e,t,r,n,o){if(t.trace("isPlatformAuthAllowed called",r),!e.system.allowPlatformBroker)return t.trace("isPlatformAuthAllowed: allowPlatformBroker is not enabled, returning false",r),!1;if(!n)return t.trace("isPlatformAuthAllowed: Platform auth provider is not initialized, returning false",r),!1;if(o)switch(o){case xe.BEARER:case xe.POP:return t.trace("isPlatformAuthAllowed: authenticationScheme is supported, returning true",r),!0;default:return t.trace("isPlatformAuthAllowed: authenticationScheme is not supported, returning false",r),!1}return!0}async function il(e,t,r,n,o,i,s){return new Promise(((t,i)=>{o.verbose("PopupHandler.monitorPopupForHash - polling started",s);const a=setInterval((()=>{if(e.closed)return o.error("PopupHandler.monitorPopupForHash - window closed",s),clearInterval(a),void i(fi(No));let n="";try{n=e.location.href}catch(e){}if(!n||"about:blank"===n)return;clearInterval(a);let c="";e&&(c=r===Ie.QUERY?e.location.search:e.location.hash),o.verbose("PopupHandler.monitorPopupForHash - popup window is on same origin as caller",s),t(c)}),n)})).finally((()=>{!function(e,t,r){e.close(),t.removeEventListener("beforeunload",r)}(e,t,i)}))}class sl extends Uc{constructor(e,t,r,n,o,i,s,a,c,l){super(e,t,r,n,o,i,s,c,l),this.unloadWindow=this.unloadWindow.bind(this),this.nativeStorage=a,this.eventHandler=o}acquireToken(e,t){try{const r={popupName:this.generatePopupName(e.scopes||te,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window};return this.performanceClient.addFields({isAsyncPopup:!this.config.system.navigatePopups},this.correlationId),this.config.system.navigatePopups?(this.logger.verbose("navigatePopups set to true, opening popup before acquiring token",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.acquireTokenPopupAsync(e,r,t)):(this.logger.verbose("navigatePopups set to false, acquiring token",this.correlationId),this.acquireTokenPopupAsync(e,r,t))}catch(e){return Promise.reject(e)}}logout(e){try{this.logger.verbose("logoutPopup called",this.correlationId);const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:e?.popupWindowAttributes||{},popupWindowParent:e?.popupWindowParent??window},n=e&&e.authority,o=e&&e.mainWindowRedirectUri;return this.config.system.navigatePopups?(this.logger.verbose("navigatePopups set to true, opening popup",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,n,o)):(this.logger.verbose("navigatePopups set to false",this.correlationId),this.logoutPopupAsync(t,r,n,o))}catch(e){return Promise.reject(e)}}async acquireTokenPopupAsync(t,r,n){this.logger.verbose("acquireTokenPopupAsync called",this.correlationId);const o=await cn(Lc,La,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Popup,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.popup&&Js(o.authority);const i=ol(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);return o.platformBroker=i,this.config.system.protocolMode===$t.EAR?this.executeEarFlow(o,r):this.executeCodeFlow(o,r,n)}async executeCodeFlow(t,n,o){const i=t.correlationId,s=Oc(Qi.acquireTokenPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),a=o||await cn(Xc,Ka,this.logger,this.performanceClient,i)(this.performanceClient,this.logger,i),c={...t,codeChallenge:a.challenge};try{const r=await cn(this.createAuthCodeClient.bind(this),xa,this.logger,this.performanceClient,i)({serverTelemetryManager:s,requestAuthority:c.authority,requestAzureCloudOptions:c.azureCloudOptions,requestExtraQueryParameters:c.extraQueryParameters,account:c.account}),o=await cn(Jc,en,this.logger,this.performanceClient,i)(this.config,r.authority,c,this.logger,this.performanceClient),l=this.initiateAuthRequest(o,n);this.eventHandler.emitEvent(fc.POPUP_OPENED,e.InteractionType.Popup,{popupWindow:l},null);const h=await il(l,n.popupWindowParent,this.config.auth.OIDCOptions.responseMode,this.config.system.pollIntervalMilliseconds,this.logger,this.unloadWindow,this.correlationId),d=an(Hc,Fa,this.logger,this.performanceClient,this.correlationId)(h,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return await cn(Vc,Da,this.logger,this.performanceClient,i)(t,d,a.verifier,Qi.acquireTokenPopup,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}catch(e){throw n.popup?.close(),e instanceof r&&(e.setCorrelationId(this.correlationId),s.cacheFailedRequest(e)),e}}async executeEarFlow(e,t){const{correlationId:r,authority:n,azureCloudOptions:o,extraQueryParameters:i,account:s}=e,a=await cn(Mc,Ea,this.logger,this.performanceClient,r)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,n,o,i,s),c=await cn(Ts,ja,this.logger,this.performanceClient,r)(),l={...e,earJwk:c},h=t.popup||this.openPopup("about:blank",t);(await Qc(h.document,this.config,a,l,this.logger,this.performanceClient)).submit();const d=await cn(il,Na,this.logger,this.performanceClient,r)(h,t.popupWindowParent,this.config.auth.OIDCOptions.responseMode,this.config.system.pollIntervalMilliseconds,this.logger,this.unloadWindow,r),u=an(Hc,Fa,this.logger,this.performanceClient,this.correlationId)(d,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return cn(Yc,Ha,this.logger,this.performanceClient,r)(l,u,Qi.acquireTokenPopup,this.config,a,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async logoutPopupAsync(t,n,o,i){this.logger.verbose("logoutPopupAsync called",this.correlationId),this.eventHandler.emitEvent(fc.LOGOUT_START,e.InteractionType.Popup,t);const s=Oc(Qi.logoutPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{await qc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account);const r=await cn(this.createAuthCodeClient.bind(this),xa,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:s,requestAuthority:o,account:t.account||void 0});try{r.authority.endSessionEndpoint}catch{if(t.account?.homeAccountId&&t.postLogoutRedirectUri&&r.authority.protocolMode===$t.OIDC){if(this.eventHandler.emitEvent(fc.LOGOUT_SUCCESS,e.InteractionType.Popup,t),i){const e={apiId:Qi.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=_t.getAbsoluteUrl(i,Hs());await this.navigationClient.navigateInternal(t,e)}return void n.popup?.close()}}const a=r.getLogoutUri(t);this.eventHandler.emitEvent(fc.LOGOUT_SUCCESS,e.InteractionType.Popup,t);const c=this.openPopup(a,n);if(this.eventHandler.emitEvent(fc.POPUP_OPENED,e.InteractionType.Popup,{popupWindow:c},null),await il(c,n.popupWindowParent,this.config.auth.OIDCOptions.responseMode,this.config.system.pollIntervalMilliseconds,this.logger,this.unloadWindow,this.correlationId).catch((()=>{})),i){const e={apiId:Qi.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=_t.getAbsoluteUrl(i,Hs());this.logger.verbose("Redirecting main window to url specified in the request",this.correlationId),this.logger.verbosePii(`Redirecting main window to: '${t}'`,this.correlationId),await this.navigationClient.navigateInternal(t,e)}else this.logger.verbose("No main window navigation requested",this.correlationId)}catch(t){throw n.popup?.close(),t instanceof r&&(t.setCorrelationId(this.correlationId),s.cacheFailedRequest(t)),this.eventHandler.emitEvent(fc.LOGOUT_FAILURE,e.InteractionType.Popup,null,t),this.eventHandler.emitEvent(fc.LOGOUT_END,e.InteractionType.Popup),t}this.eventHandler.emitEvent(fc.LOGOUT_END,e.InteractionType.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii(`Navigate to: '${e}'`,this.correlationId),this.openPopup(e,t);throw this.logger.error("Navigate url is empty",this.correlationId),fi(bo)}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii(`Navigating popup window to: '${e}'`,this.correlationId),r.location.assign(e)):void 0===t.popup&&(this.logger.verbosePii(`Opening popup window to: '${e}'`,this.correlationId),r=this.openSizedPopup(e,t)),!r)throw fi(qo);return r.focus&&r.focus(),this.currentWindow=r,t.popupWindowParent.addEventListener("beforeunload",this.unloadWindow),r}catch(e){throw this.logger.error(`error opening popup '${e.message}'`,this.correlationId),fi(Mo)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:n}){const o=n.screenLeft?n.screenLeft:n.screenX,i=n.screenTop?n.screenTop:n.screenY,s=n.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,a=n.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let c=r.popupSize?.width,l=r.popupSize?.height,h=r.popupPosition?.top,d=r.popupPosition?.left;return(!c||c<0||c>s)&&(this.logger.verbose("Default popup window width used. Window width not configured or invalid.",this.correlationId),c=wi),(!l||l<0||l>a)&&(this.logger.verbose("Default popup window height used. Window height not configured or invalid.",this.correlationId),l=Ci),(!h||h<0||h>a)&&(this.logger.verbose("Default popup window top position used. Window top not configured or invalid.",this.correlationId),h=Math.max(0,a/2-Ci/2+i)),(!d||d<0||d>s)&&(this.logger.verbose("Default popup window left position used. Window left not configured or invalid.",this.correlationId),d=Math.max(0,s/2-wi/2+o)),n.open(e,t,`width=${c}, height=${l}, top=${h}, left=${d}, scrollbars=yes`)}unloadWindow(e){this.currentWindow&&this.currentWindow.close(),e.preventDefault()}generatePopupName(e,t){return`${Ii}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${Ii}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}class al extends Uc{constructor(e,t,r,n,o,i,s,a,c,l){super(e,t,r,n,o,i,s,c,l),this.nativeStorage=a}async acquireToken(t){const n=await cn(Lc,La,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Redirect,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);n.platformBroker=ol(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);const o=t=>{t.persisted&&(this.logger.verbose("Page was restored from back/forward cache. Clearing temporary cache.",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),this.eventHandler.emitEvent(fc.RESTORE_FROM_BFCACHE,e.InteractionType.Redirect))},i=this.getRedirectStartPage(t.redirectStartPage);this.logger.verbosePii(`Redirect start page: '${i}'`,this.correlationId),this.browserStorage.setTemporaryCache(Di,i,!0),window.addEventListener("pageshow",o);try{this.config.system.protocolMode===$t.EAR?await this.executeEarFlow(n):await this.executeCodeFlow(n)}catch(e){throw e instanceof r&&e.setCorrelationId(this.correlationId),window.removeEventListener("pageshow",o),e}}async executeCodeFlow(e){const t=e.correlationId,n=Oc(Qi.acquireTokenRedirect,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),o=await cn(Xc,Ka,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),i={...e,codeChallenge:o.challenge};this.browserStorage.cacheAuthorizeRequest(i,this.correlationId,o.verifier);try{const t=await cn(this.createAuthCodeClient.bind(this),xa,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:i.authority,requestAzureCloudOptions:i.azureCloudOptions,requestExtraQueryParameters:i.extraQueryParameters,account:i.account}),r=await cn(Jc,en,this.logger,this.performanceClient,e.correlationId)(this.config,t.authority,i,this.logger,this.performanceClient);return await this.initiateAuthRequest(r)}catch(e){throw e instanceof r&&(e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e)),e}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await cn(Mc,Ea,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await cn(Ts,ja,this.logger,this.performanceClient,t)(),c={...e,earJwk:a};this.browserStorage.cacheAuthorizeRequest(c,this.correlationId);return(await Qc(document,this.config,s,c,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(fi(ui,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async handleRedirectPromise(e,t,n,o){const i=Oc(Qi.handleRedirectPromise,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),s=o?.navigateToLoginRequestUrl??!0;try{const[r,a]=this.getRedirectResponse(o?.hash||"");if(!r)return this.logger.info("handleRedirectPromise did not detect a response as a result of a redirect. Cleaning temporary cache.",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),"back_forward"!==function(){if("undefined"==typeof window||void 0===window.performance||"function"!=typeof window.performance.getEntriesByType)return;const e=window.performance.getEntriesByType("navigation"),t=e.length?e[0]:void 0;return t?.type}()?n.event.errorCode="no_server_response":this.logger.verbose("Back navigation event detected. Muting no_server_response error",this.correlationId),null;const c=this.browserStorage.getTemporaryCache(Di,this.correlationId,!0)||"",l=Xr(c);if(l===Xr(window.location.href)&&s){this.logger.verbose("Current page is loginRequestUrl, handling response",this.correlationId),c.indexOf("#")>-1&&xs(c);return await this.handleResponse(r,e,t,i)}if(!s)return this.logger.verbose("NavigateToLoginRequestUrl set to false, handling response",this.correlationId),await this.handleResponse(r,e,t,i);if(!Us()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(Fi,a,!0);const n={apiId:Qi.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let o=!0;if(c&&"null"!==c)this.logger.verbose(`Navigating to loginRequestUrl: '${c}'`,this.correlationId),o=await this.navigationClient.navigateInternal(c,n);else{const e=Bs();this.browserStorage.setTemporaryCache(Di,e,!0),this.logger.warning("Unable to get valid login request url from cache, redirecting to home page",this.correlationId),o=await this.navigationClient.navigateInternal(e,n)}if(!o)return await this.handleResponse(r,e,t,i)}return null}catch(e){throw e instanceof r&&(e.setCorrelationId(this.correlationId),i.cacheFailedRequest(e)),e}}getRedirectResponse(t){this.logger.verbose("getRedirectResponseHash called",this.correlationId);let n=t;n||(n=this.config.auth.OIDCOptions.responseMode===Ie.QUERY?window.location.search:window.location.hash);let o=Vr(n);if(o){try{Bc(o,this.browserCrypto,e.InteractionType.Redirect)}catch(e){return e instanceof r&&this.logger.error(`Interaction type validation failed due to '${e.errorCode}': '${e.errorMessage}'`,this.correlationId),[null,""]}return Ns(window),this.logger.verbose("Hash contains known properties, returning response hash",this.correlationId),[o,n]}const i=this.browserStorage.getTemporaryCache(Fi,this.correlationId,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Fi)),i&&(o=Vr(i),o)?(this.logger.verbose("Hash does not contain known properties, returning cached hash",this.correlationId),[o,i]):[null,""]}async handleResponse(e,t,r,n){if(!e.state)throw fi(_o);const{authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=t;if(e.ear_jwe){const r=await cn(Mc,Ea,this.logger,this.performanceClient,t.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a);return cn(Yc,Ha,this.logger,this.performanceClient,t.correlationId)(t,e,Qi.acquireTokenRedirect,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}const c=await cn(this.createAuthCodeClient.bind(this),xa,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority});return cn(Vc,Da,this.logger,this.performanceClient,t.correlationId)(t,e,r,Qi.acquireTokenRedirect,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async initiateAuthRequest(e){if(this.logger.verbose("RedirectHandler.initiateAuthRequest called",this.correlationId),e){this.logger.infoPii(`RedirectHandler.initiateAuthRequest: Navigate to: '${e}'`,this.correlationId);const t={apiId:Qi.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},r=this.config.auth.onRedirectNavigate;if("function"==typeof r){this.logger.verbose("RedirectHandler.initiateAuthRequest: Invoking onRedirectNavigate callback",this.correlationId);return!1!==r(e)?(this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate did not return false, navigating",this.correlationId),void await this.navigationClient.navigateExternal(e,t)):void this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate returned false, stopping navigation",this.correlationId)}return this.logger.verbose("RedirectHandler.initiateAuthRequest: Navigating window to navigate url",this.correlationId),void await this.navigationClient.navigateExternal(e,t)}throw this.logger.info("RedirectHandler.initiateAuthRequest: Navigate url is empty",this.correlationId),fi(bo)}async logout(t){this.logger.verbose("logoutRedirect called",this.correlationId);const n=this.initializeLogoutRequest(t),o=Oc(Qi.logout,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{this.eventHandler.emitEvent(fc.LOGOUT_START,e.InteractionType.Redirect,t),await qc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,n.account);const r={apiId:Qi.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=await cn(this.createAuthCodeClient.bind(this),xa,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:o,requestAuthority:t&&t.authority,requestExtraQueryParameters:t?.extraQueryParameters,account:t&&t.account||void 0}),{onRedirectNavigate:s,...a}=n;if(i.authority.protocolMode===$t.OIDC)try{i.authority.endSessionEndpoint}catch{if(n.account?.homeAccountId)return void("function"==typeof n.onRedirectNavigate?this.eventHandler.emitEvent(fc.LOGOUT_SUCCESS,e.InteractionType.Redirect,a):this.eventHandler.emitEvent(fc.LOGOUT_SUCCESS,e.InteractionType.Redirect,n))}const c=i.getLogoutUri(n);if(n.account?.homeAccountId&&("function"==typeof n.onRedirectNavigate?this.eventHandler.emitEvent(fc.LOGOUT_SUCCESS,e.InteractionType.Redirect,a):this.eventHandler.emitEvent(fc.LOGOUT_SUCCESS,e.InteractionType.Redirect,n)),!t||"function"!=typeof t.onRedirectNavigate)return this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Bi),void await this.navigationClient.navigateExternal(c,r);if(!1!==t.onRedirectNavigate(c))return this.logger.verbose("Logout onRedirectNavigate did not return false, navigating",this.correlationId),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Bi),void await this.navigationClient.navigateExternal(c,r);this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("Logout onRedirectNavigate returned false, stopping navigation",this.correlationId)}catch(t){throw t instanceof r&&(t.setCorrelationId(this.correlationId),o.cacheFailedRequest(t)),this.eventHandler.emitEvent(fc.LOGOUT_FAILURE,e.InteractionType.Redirect,null,t),this.eventHandler.emitEvent(fc.LOGOUT_END,e.InteractionType.Redirect),t}this.eventHandler.emitEvent(fc.LOGOUT_END,e.InteractionType.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return _t.getAbsoluteUrl(t,Hs())}}async function cl(e,t,r,n){if(!e)throw r.info("Navigate url is empty",n),fi(bo);return an(dl,"silentHandlerLoadFrameSync",r,t,n)(e)}async function ll(e,t,r,n,o){const i=ul();if(!i.contentDocument)throw"No document associated with iframe!";return(await Qc(i.contentDocument,e,t,r,n,o)).submit(),i}async function hl(e,t,r,n,o,i,s){return new Promise(((n,a)=>{t<ta&&o.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${t}ms) than the default (10000ms). This may result in timeouts.`,i);const c=window.setTimeout((()=>{window.clearInterval(l),a(fi(xo))}),t),l=window.setInterval((()=>{let t="";const r=e.contentWindow;try{t=r?r.location.href:""}catch(e){}if(!t||"about:blank"===t)return;let o="";r&&(o=s===Ie.QUERY?r.location.search:r.location.hash),window.clearTimeout(c),window.clearInterval(l),n(o)}),r)})).finally((()=>{an(gl,"removeHiddenIframe",o,n,i)(e)}))}function dl(e){const t=ul();return t.src=e,t}function ul(){const e=document.createElement("iframe");return e.className="msalSilentIframe",e.style.visibility="hidden",e.style.position="absolute",e.style.width=e.style.height="0",e.style.border="0",e.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),document.body.appendChild(e),e}function gl(e){document.body===e.parentNode&&document.body.removeChild(e)}class pl extends Uc{constructor(e,t,r,n,o,i,s,a,c,l,h){super(e,t,r,n,o,i,a,l,h),this.apiId=s,this.nativeStorage=c}async acquireToken(t){t.loginHint||t.sid||t.account&&t.account.username||this.logger.warning("No user hint provided. The authorization server may need more information to complete this request.",this.correlationId);const r={...t};r.prompt?r.prompt!==ye.NONE&&r.prompt!==ye.NO_SESSION&&(this.logger.warning(`SilentIframeClient. Replacing invalid prompt '${r.prompt}' with '${ye.NONE}'`,this.correlationId),r.prompt=ye.NONE):r.prompt=ye.NONE;const n=await cn(Lc,La,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);return n.platformBroker=ol(this.config,this.logger,this.correlationId,this.platformAuthProvider,n.authenticationScheme),Js(n.authority),this.config.system.protocolMode===$t.EAR?this.executeEarFlow(n):this.executeCodeFlow(n)}async executeCodeFlow(e){let t;const n=Oc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{return t=await cn(this.createAuthCodeClient.bind(this),xa,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:n,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await cn(this.silentTokenHelper.bind(this),Ma,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(o){if(o instanceof r&&(o.setCorrelationId(this.correlationId),n.cacheFailedRequest(o)),!(t&&o instanceof r&&o.errorCode===yi))throw o;return this.performanceClient.addFields({retryError:o.errorCode},this.correlationId),await cn(this.silentTokenHelper.bind(this),Ma,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await cn(Mc,Ea,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await cn(Ts,ja,this.logger,this.performanceClient,t)(),c={...e,earJwk:a},l=await cn(ll,qa,this.logger,this.performanceClient,t)(this.config,s,c,this.logger,this.performanceClient),h=this.config.auth.OIDCOptions.responseMode,d=await cn(hl,Na,this.logger,this.performanceClient,t)(l,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,t,h),u=an(Hc,Fa,this.logger,this.performanceClient,t)(d,h,this.logger,this.correlationId);return cn(Yc,Ha,this.logger,this.performanceClient,t)(c,u,this.apiId,this.config,s,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}logout(){return Promise.reject(fi(Bo))}async silentTokenHelper(e,t){const r=t.correlationId,n=await cn(Xc,Ka,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),o={...t,codeChallenge:n.challenge},i=await cn(Jc,en,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient),s=await cn(cl,qa,this.logger,this.performanceClient,r)(i,this.performanceClient,this.logger,r),a=this.config.auth.OIDCOptions.responseMode,c=await cn(hl,Na,this.logger,this.performanceClient,r)(s,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,r,a),l=an(Hc,Fa,this.logger,this.performanceClient,r)(c,a,this.logger,this.correlationId);return cn(Vc,Da,this.logger,this.performanceClient,r)(t,l,n.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}class ml extends Uc{async acquireToken(e){const t=await cn(Nc,Oa,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger,this.correlationId),r={...e,...t};e.redirectUri&&(r.redirectUri=Rc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId));const n=Oc(Qi.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),o=await this.createRefreshTokenClient({serverTelemetryManager:n,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return cn(o.acquireTokenByRefreshToken.bind(o),"refreshTokenClientAcquireTokenByRefreshToken",this.logger,this.performanceClient,e.correlationId)(r).catch((e=>{throw e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e),e}))}logout(){return Promise.reject(fi(Bo))}async createRefreshTokenClient(e){const t=await cn(this.getClientConfiguration.bind(this),Ua,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new oo(t,this.performanceClient)}}class fl extends no{constructor(e,t){super(e,t),this.includeRedirectUri=!1}}class yl extends Uc{constructor(e,t,r,n,o,i,s,a,c,l){super(e,t,r,n,o,i,a,c,l),this.apiId=s}async acquireToken(t){if(!t.code)throw fi(Yo);const n=await cn(Lc,La,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),o=Oc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const e={...n,code:t.code},r=await cn(this.getClientConfiguration.bind(this),Ua,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:o,requestAuthority:n.authority,requestAzureCloudOptions:n.azureCloudOptions,requestExtraQueryParameters:n.extraQueryParameters,account:n.account}),i=new fl(r,this.performanceClient);this.logger.verbose("Auth code client created",this.correlationId);const s=new Dc(i,this.browserStorage,e,this.logger,this.performanceClient);return await cn(s.handleCodeResponseFromServer.bind(s),tn,this.logger,this.performanceClient,this.correlationId)({code:t.code,msgraph_host:t.msGraphHost,cloud_graph_host_name:t.cloudGraphHostName,cloud_instance_host_name:t.cloudInstanceHostName},n,!1)}catch(e){throw e instanceof r&&(e.setCorrelationId(this.correlationId),o.cacheFailedRequest(e)),e}}logout(){return Promise.reject(fi(Bo))}}function wl(e){const t=e?.idTokenClaims;return t?.tfp||t?.acr?"B2C":t?.tid?"9188040d-6c67-4c5b-b112-36a304b66dad"===t?.tid?"MSA":"AAD":void 0}function Cl(e,t){try{js(e)}catch(e){throw t.end({success:!1},e),e}}class Il{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new Ga(this.logger,this.performanceClient):F,this.eventHandler=new Ec(this.logger),this.browserStorage=this.isBrowserEnvironment?new wc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,En(this.config.auth)):Ic(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:xi.MemoryStorage,cacheRetentionDays:5};this.nativeInternalStorage=new wc(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this)}static async createController(e,t){const r=new Il(e);return await r.initialize(t),r}trackPageVisibility(e){e&&(this.logger.info("Perf: Visibility change detected",e),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e,t){const r=this.getRequestCorrelationId(e);if(this.logger.trace("initialize called",r),this.initialized)return void this.logger.info("initialize has already been called, exiting early.",r);if(!this.isBrowserEnvironment)return this.logger.info("in non-browser environment, exiting early.",r),this.initialized=!0,void this.eventHandler.emitEvent(fc.INITIALIZE_END);const n=e?.correlationId||this.getRequestCorrelationId(),o=this.config.system.allowPlatformBroker,i=this.performanceClient.startMeasurement(nc,n);if(this.eventHandler.emitEvent(fc.INITIALIZE_START),!t)try{this.logMultipleInstances(i,n)}catch{}if(await cn(this.browserStorage.initialize.bind(this.browserStorage),"initializeCache",this.logger,this.performanceClient,n)(n),o)try{this.platformAuthProvider=await nl(this.logger,this.performanceClient,n,this.config.system.nativeBrokerHandshakeTimeout)}catch(e){this.logger.verbose(e,n)}this.config.cache.cacheLocation===xi.LocalStorage&&this.eventHandler.subscribeCrossTab(),!this.config.system.navigatePopups&&await this.preGeneratePkceCodes(n),this.initialized=!0,this.eventHandler.emitEvent(fc.INITIALIZE_END),i.end({allowPlatformBroker:o,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("handleRedirectPromise called",""),zs(this.initialized),this.isBrowserEnvironment){const t=e?.hash||"";let r=this.redirectResponse.get(t);return void 0===r?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("handleRedirectPromise has been called for the first time, storing the promise","")):this.logger.verbose("handleRedirectPromise has been called previously, returning the result from the first call",""),r}return this.logger.verbose("handleRedirectPromise returns null, not browser environment",""),null}async handleRedirectPromiseInternal(t){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null.",""),null;const r=this.browserStorage.getInteractionInProgress()?.type;if(r===Bi)return this.logger.verbose("handleRedirectPromise removing interaction_in_progress flag and returning null after sign-out",""),this.browserStorage.setInteractionInProgress(!1),Promise.resolve(null);const n=this.getAllAccounts(),o=this.browserStorage.getCachedNativeRequest(),i=o&&this.platformAuthProvider&&!t?.hash;let s,a;this.eventHandler.emitEvent(fc.HANDLE_REDIRECT_START,e.InteractionType.Redirect);try{if(i&&this.platformAuthProvider){const e=o?.correlationId||"";s=this.performanceClient.startMeasurement(tc,e),this.logger.trace("handleRedirectPromise - acquiring token from native platform",e);const t=new jc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Qi.handleRedirectPromise,this.performanceClient,this.platformAuthProvider,o.accountId,this.nativeInternalStorage,o.correlationId);a=cn(t.handleRedirectPromise.bind(t),"handleNativeRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(this.performanceClient,s.event.correlationId)}else{const[e,r]=this.browserStorage.getCachedRequest(""),n=e.correlationId;s=this.performanceClient.startMeasurement(tc,n),this.logger.trace("handleRedirectPromise - acquiring token from web flow",n);const o=this.createRedirectClient(n);a=cn(o.handleRedirectPromise.bind(o),"handleRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(e,r,s,t)}}catch(e){throw this.browserStorage.resetRequestCache(""),e}return a.then((t=>{if(t){this.browserStorage.resetRequestCache(t.correlationId),this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Redirect,t),this.logger.verbose("handleRedirectResponse returned result, acquire token success",t.correlationId);n.length<this.getAllAccounts().length&&(this.eventHandler.emitEvent(fc.LOGIN_SUCCESS,e.InteractionType.Redirect,t.account),this.logger.verbose("handleRedirectResponse returned result, login success",t.correlationId)),s.end({success:!0,accountType:wl(t.account)})}else s.event.errorCode?s.end({success:!1}):s.discard();return this.eventHandler.emitEvent(fc.HANDLE_REDIRECT_END,e.InteractionType.Redirect),t})).catch((t=>{this.browserStorage.resetRequestCache(s.event.correlationId);const r=t;throw this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Redirect,null,r),this.eventHandler.emitEvent(fc.HANDLE_REDIRECT_END,e.InteractionType.Redirect),s.end({success:!1},r),t}))}async acquireTokenRedirect(t){const r=this.getRequestCorrelationId(t);this.logger.verbose("acquireTokenRedirect called",r);const n=this.performanceClient.startMeasurement(ec,r);n.add({accountType:wl(t.account),scenarioId:t.scenarioId});const o=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=e=>{const t="function"==typeof o?o(e):void 0;return n.add({navigateCallbackResult:!1!==t}),n.event=n.end({success:!0})||n.event,t};try{let o;if(Ws(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Hi),this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_START,e.InteractionType.Redirect,t),this.platformAuthProvider&&this.canUsePlatformBroker(t)){o=new jc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Qi.acquireTokenRedirect,this.performanceClient,this.platformAuthProvider,this.getNativeAccountId(t),this.nativeInternalStorage,r).acquireTokenRedirect(t,n).catch((e=>{if(e instanceof Fc&&Kc(e)){this.platformAuthProvider=void 0;return this.createRedirectClient(r).acquireToken(t)}if(e instanceof Jn){this.logger.verbose("acquireTokenRedirect - Resolving interaction required error thrown by native broker by falling back to web flow",r);return this.createRedirectClient(r).acquireToken(t)}throw e}))}else{o=this.createRedirectClient(r).acquireToken(t)}return await o}catch(t){throw this.browserStorage.resetRequestCache(r),2===n.event.status?this.performanceClient.startMeasurement(tc,r).end({success:!1},t):n.end({success:!1},t),this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Redirect,null,t),t}}acquireTokenPopup(t){const r=this.getRequestCorrelationId(t),n=this.performanceClient.startMeasurement(Za,r);n.add({scenarioId:t.scenarioId,accountType:wl(t.account)});try{this.logger.verbose("acquireTokenPopup called",r),Cl(this.initialized,n),this.browserStorage.setInteractionInProgress(!0,Hi)}catch(e){return Promise.reject(e)}const o=this.getAllAccounts();let i;this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_START,e.InteractionType.Popup,t);const s=this.getPreGeneratedPkceCodes(r);if(this.canUsePlatformBroker(t))i=this.acquireTokenNative({...t,correlationId:r},Qi.acquireTokenPopup).then((e=>(n.end({success:!0,isNativeBroker:!0,accountType:wl(e.account)}),e))).catch((e=>{if(e instanceof Fc&&Kc(e)){this.platformAuthProvider=void 0;return this.createPopupClient(r).acquireToken(t,s)}if(e instanceof Jn){this.logger.verbose("acquireTokenPopup - Resolving interaction required error thrown by native broker by falling back to web flow",r);return this.createPopupClient(r).acquireToken(t,s)}throw e}));else{i=this.createPopupClient(r).acquireToken(t,s)}return i.then((t=>{const r=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Popup,t),r&&this.eventHandler.emitEvent(fc.LOGIN_SUCCESS,e.InteractionType.Popup,t.account),n.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length,accountType:wl(t.account)}),t})).catch((t=>(this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Popup,null,t),n.end({success:!1},t),Promise.reject(t)))).finally((async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.navigatePopups||await this.preGeneratePkceCodes(r)}))}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;e&&e.increment({visibilityChangeCount:1})}async ssoSilent(t){const r=this.getRequestCorrelationId(t),n={...t,prompt:t.prompt,correlationId:r};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(rc,r),this.ssoSilentMeasurement?.add({scenarioId:t.scenarioId,accountType:wl(t.account)}),Cl(this.initialized,this.ssoSilentMeasurement),this.ssoSilentMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const o=this.getAllAccounts();let i;if(this.logger.verbose("ssoSilent called",r),this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,n),this.canUsePlatformBroker(n))i=this.acquireTokenNative(n,Qi.ssoSilent).catch((e=>{if(e instanceof Fc&&Kc(e)){this.platformAuthProvider=void 0;return this.createSilentIframeClient(n.correlationId).acquireToken(n)}throw e}));else{i=this.createSilentIframeClient(n.correlationId).acquireToken(n)}return i.then((t=>{const r=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,t),r&&this.eventHandler.emitEvent(fc.LOGIN_SUCCESS,e.InteractionType.Silent,t.account),this.ssoSilentMeasurement?.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length,accountType:wl(t.account)}),t})).catch((t=>{throw this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),this.ssoSilentMeasurement?.end({success:!1},t),t})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenByCode(t){const r=this.getRequestCorrelationId(t);this.logger.trace("acquireTokenByCode called",r);const n=this.performanceClient.startMeasurement(Xa,r);Cl(this.initialized,n),this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,t),n.add({scenarioId:t.scenarioId});try{if(t.code&&t.nativeAccountId)throw fi(Zo);if(t.code){const o=t.code;let i=this.hybridAuthCodeResponses.get(o);return i?(this.logger.verbose("Existing acquireTokenByCode request found",r),n.discard()):(this.logger.verbose("Initiating new acquireTokenByCode request",r),i=this.acquireTokenByCodeAsync({...t,correlationId:r}).then((t=>(this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,t),this.hybridAuthCodeResponses.delete(o),n.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length,accountType:wl(t.account)}),t))).catch((t=>{throw this.hybridAuthCodeResponses.delete(o),this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),n.end({success:!1},t),t})),this.hybridAuthCodeResponses.set(o,i)),await i}if(t.nativeAccountId){if(this.canUsePlatformBroker(t,t.nativeAccountId)){const e=await this.acquireTokenNative({...t,correlationId:r},Qi.acquireTokenByCode,t.nativeAccountId).catch((e=>{throw e instanceof Fc&&Kc(e)&&(this.platformAuthProvider=void 0),e}));return n.end({accountType:wl(e.account),success:!0}),e}throw fi(ti)}throw fi(Xo)}catch(t){throw this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),n.end({success:!1},t),t}}async acquireTokenByCodeAsync(e){const t=this.getRequestCorrelationId(e);this.logger.trace("acquireTokenByCodeAsync called",t),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement("acquireTokenByCodeAsync",t),this.acquireTokenByCodeAsyncMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const r=this.createSilentAuthCodeClient(t);return await r.acquireToken(e).then((e=>(this.acquireTokenByCodeAsyncMeasurement?.end({success:!0,fromCache:e.fromCache,isNativeBroker:e.fromPlatformBroker}),e))).catch((e=>{throw this.acquireTokenByCodeAsyncMeasurement?.end({success:!1},e),e})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenFromCache(e,t){switch(t){case es.Default:case es.AccessToken:case es.AccessTokenAndRefreshToken:const t=this.createSilentCacheClient(e.correlationId);return cn(t.acquireToken.bind(t),"silentCacheClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw i(R)}}async acquireTokenByRefreshToken(e,t){switch(t){case es.Default:case es.AccessTokenAndRefreshToken:case es.RefreshToken:case es.RefreshTokenAndNetwork:const t=this.createSilentRefreshClient(e.correlationId);return cn(t.acquireToken.bind(t),"silentRefreshClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw i(R)}}async acquireTokenBySilentIframe(e){const t=this.createSilentIframeClient(e.correlationId);return cn(t.acquireToken.bind(t),"silentIframeClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e)}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);Ws(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Bi);return this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);js(this.initialized),this.browserStorage.setInteractionInProgress(!0,Bi);return this.createPopupClient(t).logout(e).finally((()=>{this.browserStorage.setInteractionInProgress(!1)}))}catch(e){return Promise.reject(e)}}async clearCache(e){if(!this.isBrowserEnvironment)return;const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return vc(this.logger,this.browserStorage,this.isBrowserEnvironment,this.getRequestCorrelationId(),e)}getAccount(e){return kc(e,this.logger,this.browserStorage,this.getRequestCorrelationId())}getAccountByUsername(e){return Tc(e,this.logger,this.browserStorage,this.getRequestCorrelationId())}getAccountByHomeId(e){return Ac(e,this.logger,this.browserStorage,this.getRequestCorrelationId())}getAccountByLocalId(e){return bc(e,this.logger,this.browserStorage,this.getRequestCorrelationId())}setActiveAccount(e){Sc(e,this.browserStorage,this.getRequestCorrelationId())}getActiveAccount(){return _c(this.browserStorage,this.getRequestCorrelationId())}async hydrateCache(e,t){this.logger.verbose("hydrateCache called",e.correlationId);const r=Wt(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId),e.fromPlatformBroker?(this.logger.verbose("Response was from native broker, storing in-memory",e.correlationId),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,r,n){const o=this.getRequestCorrelationId(e);if(this.logger.trace("acquireTokenNative called",o),!this.platformAuthProvider)throw fi(oi);return new jc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.platformAuthProvider,r||this.getNativeAccountId(e),this.nativeInternalStorage,o).acquireToken(e,n)}canUsePlatformBroker(e,t){const r=this.getRequestCorrelationId(e);if(this.logger.trace("canUsePlatformBroker called",r),!this.platformAuthProvider)return this.logger.trace("canUsePlatformBroker: platform broker unavilable, returning false",r),!1;if(!ol(this.config,this.logger,r,this.platformAuthProvider,e.authenticationScheme))return this.logger.trace("canUsePlatformBroker: isBrokerAvailable returned false, returning false",r),!1;if(e.prompt)switch(e.prompt){case ye.NONE:case ye.CONSENT:case ye.LOGIN:this.logger.trace("canUsePlatformBroker: prompt is compatible with platform broker flow",r);break;default:return this.logger.trace(`canUsePlatformBroker: prompt = '${e.prompt}' is not compatible with platform broker flow, returning false`,r),!1}return!(!t&&!this.getNativeAccountId(e))||(this.logger.trace("canUsePlatformBroker: nativeAccountId is not available, returning false",r),!1)}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||this.getActiveAccount();return t&&t.nativeAccountId||""}createPopupClient(e){return new sl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createRedirectClient(e){return new al(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentIframeClient(e){return new pl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Qi.ssoSilent,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentCacheClient(e){return new zc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentRefreshClient(e){return new ml(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentAuthCodeClient(e){return new yl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Qi.acquireTokenByCode,this.performanceClient,e,this.platformAuthProvider)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return $s(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e?.correlationId?e.correlationId:this.isBrowserEnvironment?vs():""}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginRedirect called",t),this.acquireTokenRedirect({correlationId:t,...e||Yi})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginPopup called",t),this.acquireTokenPopup({correlationId:t,...e||Yi})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),n=this.performanceClient.startMeasurement(Ya,t);n.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),Cl(this.initialized,n),this.logger.verbose("acquireTokenSilent called",t);const o=e.account||this.getActiveAccount();if(!o)throw fi(Do);return n.add({accountType:wl(o)}),this.acquireTokenSilentDeduped(e,o,t).then((r=>(n.end({success:!0,fromCache:r.fromCache,isNativeBroker:r.fromPlatformBroker,accessTokenSize:r.accessToken.length,idTokenSize:r.idToken.length}),{...r,state:e.state,correlationId:t}))).catch((e=>{throw e instanceof r&&e.setCorrelationId(t),n.end({success:!1},e),e}))}async acquireTokenSilentDeduped(e,t,r){const n=On(this.config.auth.clientId,{...e,authority:e.authority||this.config.auth.authority},t.homeAccountId),o=JSON.stringify(n),i=this.activeSilentTokenRequests.get(o);if(void 0===i){this.logger.verbose("acquireTokenSilent called for the first time, storing active request",r),this.performanceClient.addFields({deduped:!1},r);const n=cn(this.acquireTokenSilentAsync.bind(this),"acquireTokenSilentAsync",this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(o,n),n.finally((()=>{this.activeSilentTokenRequests.delete(o)}))}return this.logger.verbose("acquireTokenSilent has been called previously, returning the result from the first call",r),this.performanceClient.addFields({deduped:!0},r),i}async acquireTokenSilentAsync(t,r){const n=()=>this.trackPageVisibility(t.correlationId);this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,t),t.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},t.correlationId),document.addEventListener("visibilitychange",n);const o=await cn(xc,"initializeSilentRequest",this.logger,this.performanceClient,t.correlationId)(t,r,this.config,this.performanceClient,this.logger),i=t.cacheLookupPolicy||es.Default;return this.acquireTokenSilentNoIframe(o,i).catch((async e=>{const t=function(e,t){const r=!(e instanceof Jn&&e.subError!==$n),n=e.errorCode===yi||e.errorCode===R,o=r&&n||e.errorCode===Un||e.errorCode===Hn,i=ts.includes(t);return o&&i}(e,i);if(t){if(this.activeIframeRequest){if(i!==es.Skip){const[t,r]=this.activeIframeRequest;this.logger.verbose(`Iframe request is already in progress, awaiting resolution for request with correlationId: '${r}'`,o.correlationId);const n=this.performanceClient.startMeasurement("awaitConcurrentIframe",o.correlationId);n.add({awaitIframeCorrelationId:r});const s=await t;if(n.end({success:s}),s)return this.logger.verbose(`Parallel iframe request with correlationId: '${r}' succeeded. Retrying cache and/or RT redemption`,o.correlationId),this.acquireTokenSilentNoIframe(o,i);throw this.logger.info(`Iframe request with correlationId: '${r}' failed. Interaction is required.`,o.correlationId),e}return this.logger.warning("Another iframe request is currently in progress and CacheLookupPolicy is set to Skip. This may result in degraded performance and/or reliability for both calls. Please consider changing the CacheLookupPolicy to take advantage of request queuing and token cache.",o.correlationId),cn(this.acquireTokenBySilentIframe.bind(this),Ra,this.logger,this.performanceClient,o.correlationId)(o)}{let e;return this.activeIframeRequest=[new Promise((t=>{e=t})),o.correlationId],this.logger.verbose("Refresh token expired/invalid or CacheLookupPolicy is set to Skip, attempting acquire token by iframe.",o.correlationId),cn(this.acquireTokenBySilentIframe.bind(this),Ra,this.logger,this.performanceClient,o.correlationId)(o).then((t=>(e(!0),t))).catch((t=>{throw e(!1),t})).finally((()=>{this.activeIframeRequest=void 0}))}}throw e})).then((r=>(this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,r),t.correlationId&&this.performanceClient.addFields({fromCache:r.fromCache,isNativeBroker:r.fromPlatformBroker},t.correlationId),r))).catch((t=>{throw this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),t})).finally((()=>{document.removeEventListener("visibilitychange",n)}))}async acquireTokenSilentNoIframe(t,r){return ol(this.config,this.logger,t.correlationId,this.platformAuthProvider,t.authenticationScheme)&&t.account.nativeAccountId?(this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform",t.correlationId),this.acquireTokenNative(t,Qi.acquireTokenSilent_silentFlow,t.account.nativeAccountId,r).catch((async e=>{if(e instanceof Fc&&Kc(e))throw this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow",t.correlationId),this.platformAuthProvider=void 0,i(R);throw e}))):(this.logger.verbose("acquireTokenSilent - attempting to acquire token from web flow",t.correlationId),r===es.AccessToken&&this.logger.verbose("acquireTokenSilent - cache lookup policy set to AccessToken, attempting to acquire token from local cache",t.correlationId),cn(this.acquireTokenFromCache.bind(this),"acquireTokenFromCache",this.logger,this.performanceClient,t.correlationId)(t,r).catch((n=>{if(r===es.AccessToken)throw n;return this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_NETWORK_START,e.InteractionType.Silent,t),cn(this.acquireTokenByRefreshToken.bind(this),"acquireTokenByRefreshToken",this.logger,this.performanceClient,t.correlationId)(t,r)})))}async preGeneratePkceCodes(e){return this.logger.verbose("Generating new PKCE codes",e),this.pkceCode=await cn(Xc,Ka,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){this.logger.verbose("Attempting to pick up pre-generated PKCE codes",e);const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,this.logger.verbose(`'${t?"Found":"Did not find"}' pre-generated PKCE codes`,e),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}logMultipleInstances(e,t){const r=this.config.auth.clientId;if(!window)return;window.msal=window.msal||{},window.msal.clientIds=window.msal.clientIds||[];window.msal.clientIds.length>0&&this.logger.verbose("There is already an instance of MSAL.js in the window.",t),window.msal.clientIds.push(r),function(e,t,r,n){const o=window.msal?.clientIds||[],i=o.length,s=o.filter((t=>t===e)).length;s>1&&r.warning("There is already an instance of MSAL.js in the window with the same client id.",n),t.add({msalInstanceCount:i,sameClientIdInstanceCount:s})}(r,e,this.logger,t)}}class vl{constructor(e,t,r,n){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=n}toNaaTokenRequest(e){let t;t=void 0===e.extraQueryParameters?new Map:new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId||this.crypto.createNewGuid(),n=Kr(e.claims,this.clientCapabilities),o=e.scopes||te;return{platformBrokerId:e.account?.homeAccountId,clientId:this.clientId,authority:e.authority,scope:o.join(" "),correlationId:r,claims:et.isEmptyObj(n)?void 0:n,state:e.state,authenticationScheme:e.authenticationScheme||xe.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token||!t.token.access_token)throw i(l);const n=un(r+(t.token.expires_in||0)),o=bt(t.token.id_token,this.crypto.base64Decode),s=this.fromNaaAccountInfo(t.account,t.token.id_token,o),a=t.token.scope||e.scope;return{authority:t.token.authority||s.environment,uniqueId:s.localAccountId,tenantId:s.tenantId,scopes:a.split(" "),account:s,idToken:t.token.id_token,idTokenClaims:o,accessToken:t.token.access_token,fromCache:!1,expiresOn:n,tokenType:e.authenticationScheme||xe.BEARER,correlationId:e.correlationId,extExpiresOn:n,state:e.state}}fromNaaAccountInfo(e,t,r){const n=r||e.idTokenClaims,o=e.localAccountId||n?.oid||n?.sub||"",i=e.tenantId||n?.tid||"",s=e.homeAccountId||`${o}.${i}`,a=e.username||n?.preferred_username||"",c=e.name||n?.name,l=e.loginHint||n?.login_hint,h=new Map,d=Tt(s,o,i,n);h.set(i,d);return{homeAccountId:s,environment:e.environment,tenantId:i,username:a,localAccountId:o,name:c,loginHint:l,idToken:t,idTokenClaims:n,tenantProfiles:h}}fromBridgeError(e){if(!function(e){return void 0!==e.status}(e))return new r("unknown_error","An unknown error occurred");switch(e.status){case wa:return new o(L);case Ca:return new o(U);case Ta:return new o(E);case ka:return new o(B);case Aa:return new o(e.code||B,e.description);case Ia:case va:return new Rn(e.code,e.description);case ya:return new Jn(e.code,e.description);default:return new r(e.code,e.description)}}toAuthenticationResultFromCache(e,t,r,n,o){if(!t||!r)throw i(l);const s=bt(t.secret,this.crypto.base64Decode),a=r.target||n.scopes.join(" ");return{authority:r.environment||e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:a.split(" "),account:e,idToken:t.secret,idTokenClaims:s||{},accessToken:r.secret,fromCache:!0,expiresOn:un(r.expiresOn),extExpiresOn:un(r.extendedExpiresOn),tokenType:n.authenticationScheme||xe.BEARER,correlationId:o,state:n.state}}}class kl extends r{constructor(e,t){super(e,t),Object.setPrototypeOf(this,kl.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(){return new kl("unsupported_method")}}class Tl{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(void 0===t)throw new Error("unexpected: bridgeProxy is undefined");this.bridgeProxy=t,this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new Ga(this.logger,this.performanceClient,!0):F,this.eventHandler=new Ec(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new wc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,En(this.config.auth)):Ic(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new vl(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r||null}static async createController(e){const t=new Tl(e);return Promise.resolve(t)}async initialize(e,t){const r=e?.correlationId||vs();return await this.browserStorage.initialize(r),Promise.resolve()}ensureValidRequest(e){return e?.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(t){const n=this.ensureValidRequest(t),o=n.correlationId||vs();this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_START,e.InteractionType.Popup,n);const i=this.performanceClient.startMeasurement(Za,o);i?.add({nestedAppAuthRequest:!0});try{const r=this.nestedAppAuthAdapter.toNaaTokenRequest(n),s=hn(),a=await this.bridgeProxy.getTokenInteractive(r),c={...this.nestedAppAuthAdapter.fromNaaTokenResponse(r,a,s)};try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii(`Failed to hydrate cache. Error: ${e}`,o)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Popup,c),i.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),i.end({success:!0,requestId:c.requestId}),c}catch(t){const n=t instanceof r?t:this.nestedAppAuthAdapter.fromBridgeError(t);throw this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Popup,null,t),i.end({success:!1},t),n}}async acquireTokenSilentInternal(t){const n=this.ensureValidRequest(t),o=n.correlationId||vs();this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,n);const i=await this.acquireTokenFromCache(n);if(i)return this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,i),i;const s=this.performanceClient.startMeasurement(rc,o);s?.increment({visibilityChangeCount:0}),s?.add({nestedAppAuthRequest:!0});try{const r=this.nestedAppAuthAdapter.toNaaTokenRequest(n);r.forceRefresh=n.forceRefresh;const i=hn(),a=await this.bridgeProxy.getTokenSilent(r),c=this.nestedAppAuthAdapter.fromNaaTokenResponse(r,a,i);try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii(`Failed to hydrate cache. Error: ${e}`,o)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,c),s?.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),s?.end({success:!0,requestId:c.requestId}),c}catch(t){const n=t instanceof r?t:this.nestedAppAuthAdapter.fromBridgeError(t);throw this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),s?.end({success:!1},t),n}}async acquireTokenFromCache(t){const r=t.correlationId||vs(),n=this.performanceClient.startMeasurement(Ya,r);if(n?.add({nestedAppAuthRequest:!0}),t.claims)return this.logger.verbose("Claims are present in the request, skipping cache lookup",r),null;if(t.forceRefresh)return this.logger.verbose("forceRefresh is set to true, skipping cache lookup",r),null;let o=null;switch(t.cacheLookupPolicy||(t.cacheLookupPolicy=es.Default),t.cacheLookupPolicy){case es.Default:case es.AccessToken:case es.AccessTokenAndRefreshToken:o=await this.acquireTokenFromCacheInternal(t);break;default:return null}return o?(this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,o),n?.add({accessTokenSize:o?.accessToken.length,idTokenSize:o?.idToken.length}),n?.end({success:!0}),o):(this.logger.warning("Cached tokens are not found for the account, proceeding with silent token request.",r),this.eventHandler.emitEvent(fc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null),n?.end({success:!1}),null)}async acquireTokenFromCacheInternal(e){const t=this.bridgeProxy.getAccountContext()||this.currentAccountContext,r=e.correlationId||vs();let n=null;if(t&&(n=kc(t,this.logger,this.browserStorage,r)),!n)return this.logger.verbose("No active account found, falling back to the host",r),Promise.resolve(null);this.logger.verbose("active account found, attempting to acquire token silently",r);const o={...e,correlationId:r,authority:e.authority||n.environment,scopes:e.scopes?.length?e.scopes:[...te]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(n,o,i,n.tenantId);if(!s)return this.logger.verbose("No cached access token found",r),Promise.resolve(null);if(mn(s.cachedAt)||gn(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("Cached access token has expired",r),Promise.resolve(null);const a=this.browserStorage.getIdToken(n,o.correlationId,i,n.tenantId);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(n,a,s,o,o.correlationId):(this.logger.verbose("No cached id token found",r),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw kl.createUnsupportedError()}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw kl.createUnsupportedError()}acquireTokenNative(e,t,r){throw kl.createUnsupportedError()}acquireTokenByRefreshToken(e,t){throw kl.createUnsupportedError()}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw kl.createUnsupportedError()}removePerformanceCallback(e){throw kl.createUnsupportedError()}getAllAccounts(e){return vc(this.logger,this.browserStorage,this.isBrowserEnv(),vs(),e)}getAccount(e){return kc(e,this.logger,this.browserStorage,vs())}getAccountByUsername(e){return Tc(e,this.logger,this.browserStorage,vs())}getAccountByHomeId(e){return Ac(e,this.logger,this.browserStorage,vs())}getAccountByLocalId(e){return bc(e,this.logger,this.browserStorage,vs())}setActiveAccount(e){return Sc(e,this.browserStorage,vs())}getActiveAccount(){return _c(this.browserStorage,vs())}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e||Yi)}loginRedirect(e){throw kl.createUnsupportedError()}logoutRedirect(e){throw kl.createUnsupportedError()}logoutPopup(e){throw kl.createUnsupportedError()}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("setNavigationClient is not supported in nested app auth","")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw kl.createUnsupportedError()}getRedirectResponse(){throw kl.createUnsupportedError()}async clearCache(e){throw kl.createUnsupportedError()}async hydrateCache(e,t){this.logger.verbose("hydrateCache called",e.correlationId);const r=Wt(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId),this.browserStorage.hydrateCache(e,t)}}async function Al(e,t){const r=vs(),n=new _a(e),o=new Sa(e),i=[n.initialize(r),o.initialize(r)];return await Promise.all(i),o.isAvailable()?Tl.createController(o):n.isAvailable()?Il.createController(n,{correlationId:r}):null}class bl{static async createPublicClientApplication(e){const t=await async function(e){const t=vs(),r=new _a(e);return await r.initialize(t),Il.createController(r,{correlationId:t})}(e);return new bl(e,t)}constructor(e,t){this.isBroker=!1,this.controller=t||new Il(new _a(e))}async initialize(e){return this.controller.initialize(e,this.isBroker)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}getAccount(e){return this.controller.getAccount(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function Sl(e){const t=new bl(e);return await t.initialize(),t}class _l{constructor(e){this.initialized=!1,this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.logger=e.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new Ga(this.logger,this.performanceClient):F,this.eventHandler=new Ec(this.logger),this.browserStorage=this.isBrowserEnvironment?new wc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler):Ic(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler)}getBrowserStorage(){return this.browserStorage}getAccount(e){return null}getAccountByHomeId(e){return null}getAccountByLocalId(e){return null}getAccountByUsername(e){return null}getAllAccounts(){return[]}initialize(){return this.initialized=!0,Promise.resolve()}acquireTokenPopup(e){return zs(this.initialized),$s(),{}}acquireTokenRedirect(e){return zs(this.initialized),$s(),Promise.resolve()}acquireTokenSilent(e){return zs(this.initialized),$s(),{}}acquireTokenByCode(e){return zs(this.initialized),$s(),{}}acquireTokenNative(e,t,r){return zs(this.initialized),$s(),{}}acquireTokenByRefreshToken(e,t){return zs(this.initialized),$s(),{}}addEventCallback(e,t){return null}removeEventCallback(e){}addPerformanceCallback(e){return zs(this.initialized),$s(),""}removePerformanceCallback(e){return zs(this.initialized),$s(),!0}handleRedirectPromise(e){return zs(this.initialized),Promise.resolve(null)}loginPopup(e){return zs(this.initialized),$s(),{}}loginRedirect(e){return zs(this.initialized),$s(),{}}logout(e){return zs(this.initialized),$s(),{}}logoutRedirect(e){return zs(this.initialized),$s(),{}}logoutPopup(e){return zs(this.initialized),$s(),{}}ssoSilent(e){return zs(this.initialized),$s(),{}}getLogger(){return this.logger}setLogger(e){zs(this.initialized),$s()}setActiveAccount(e){zs(this.initialized),$s()}getActiveAccount(){return zs(this.initialized),$s(),null}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){zs(this.initialized),$s()}getConfiguration(){return this.config}isBrowserEnv(){return zs(this.initialized),$s(),!0}getBrowserCrypto(){return zs(this.initialized),$s(),{}}getPerformanceClient(){return zs(this.initialized),$s(),{}}getRedirectResponse(){return zs(this.initialized),$s(),{}}async clearCache(e){zs(this.initialized),$s()}async hydrateCache(e,t){zs(this.initialized),$s()}}class El extends fa{getId(){return El.ID}getModuleName(){return El.MODULE_NAME}async initialize(){return!0}}El.MODULE_NAME="",El.ID="UnknownOperatingContext";class Pl{static async createPublicClientApplication(e){const t=await Al(e);let r;return r=null!==t?new Pl(e,t):new Pl(e),r}constructor(e,t){if(this.configuration=e,t)this.controller=t;else{const t=new El(e);this.controller=new _l(t)}}async initialize(){if(this.controller instanceof _l){const e=await Al(this.configuration);return null!==e&&(this.controller=e),this.controller.initialize()}return Promise.resolve()}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}getAccount(e){return this.controller.getAccount(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}const Rl={initialize:()=>Promise.reject(qs(Os)),acquireTokenPopup:()=>Promise.reject(qs(Os)),acquireTokenRedirect:()=>Promise.reject(qs(Os)),acquireTokenSilent:()=>Promise.reject(qs(Os)),acquireTokenByCode:()=>Promise.reject(qs(Os)),getAllAccounts:()=>[],getAccount:()=>null,handleRedirectPromise:()=>Promise.reject(qs(Os)),loginPopup:()=>Promise.reject(qs(Os)),loginRedirect:()=>Promise.reject(qs(Os)),logoutRedirect:()=>Promise.reject(qs(Os)),logoutPopup:()=>Promise.reject(qs(Os)),ssoSilent:()=>Promise.reject(qs(Os)),addEventCallback:()=>null,removeEventCallback:()=>{},addPerformanceCallback:()=>"",removePerformanceCallback:()=>!1,getLogger:()=>{throw qs(Os)},setLogger:()=>{},setActiveAccount:()=>{},getActiveAccount:()=>null,initializeWrapperLibrary:()=>{},setNavigationClient:()=>{},getConfiguration:()=>{throw qs(Os)},hydrateCache:()=>Promise.reject(qs(Os)),clearCache:()=>Promise.reject(qs(Os))};function Ol(){let e;try{e=window[xi.SessionStorage];const t=e?.getItem(la);if(1===Number(t))return Promise.resolve().then((function(){return xl}))}catch(e){}}function Ml(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.now}function ql(e){if(e&&Ml())return Math.round(window.performance.now()-e)}class Nl{constructor(e,t){this.correlationId=t,this.measureName=Nl.makeMeasureName(e,t),this.startMark=Nl.makeStartMark(e,t),this.endMark=Nl.makeEndMark(e,t)}static makeMeasureName(e,t){return`msal.measure.${e}.${t}`}static makeStartMark(e,t){return`msal.start.${e}.${t}`}static makeEndMark(e,t){return`msal.end.${e}.${t}`}static supportsBrowserPerformance(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.mark&&"function"==typeof window.performance.measure&&"function"==typeof window.performance.clearMarks&&"function"==typeof window.performance.clearMeasures&&"function"==typeof window.performance.getEntriesByName}static flushMeasurements(e,t){if(Nl.supportsBrowserPerformance())try{t.forEach((t=>{const r=Nl.makeMeasureName(t.name,e);window.performance.getEntriesByName(r,"measure").length>0&&(window.performance.clearMeasures(r),window.performance.clearMarks(Nl.makeStartMark(r,e)),window.performance.clearMarks(Nl.makeEndMark(r,e)))}))}catch(e){}}startMeasurement(){if(Nl.supportsBrowserPerformance())try{window.performance.mark(this.startMark)}catch(e){}}endMeasurement(){if(Nl.supportsBrowserPerformance())try{window.performance.mark(this.endMark),window.performance.measure(this.measureName,this.startMark,this.endMark)}catch(e){}}flushMeasurement(){if(Nl.supportsBrowserPerformance())try{const e=window.performance.getEntriesByName(this.measureName,"measure");if(e.length>0){const t=e[0].duration;return window.performance.clearMeasures(this.measureName),window.performance.clearMarks(this.startMark),window.performance.clearMarks(this.endMark),t}}catch(e){}return null}}var xl=Object.freeze({__proto__:null,BrowserPerformanceMeasurement:Nl});const Ul=xe,Ll=Ie,Hl=ye,Bl=Qe,Dl=te;e.AccountEntityUtils=Gt,e.ApiId=Qi,e.AuthError=r,e.AuthErrorCodes=uo,e.AuthenticationHeaderParser=class{constructor(e){this.headers=e}getShrNonce(){const e=this.headers[ce];if(e){const t=this.parseChallenges(e);if(t.nextnonce)return t.nextnonce;throw Ze(ft)}const t=this.headers[ae];if(t){const e=this.parseChallenges(t);if(e.nonce)return e.nonce;throw Ze(ft)}throw Ze(mt)}parseChallenges(e){const t=e.indexOf(" "),r=e.substr(t+1).split(","),n={};return r.forEach((e=>{const[t,r]=e.split("=");n[t]=unescape(r.replace(/['"]+/g,""))})),n}},e.AuthenticationScheme=Ul,e.AzureCloudInstance=Ye,e.BrowserAuthError=mi,e.BrowserAuthErrorCodes=gi,e.BrowserCacheLocation=xi,e.BrowserConfigurationAuthError=Ms,e.BrowserPerformanceClient=class extends Io{constructor(e,t){super(e.auth.clientId,e.auth.authority||`${z}`,new $(e.system?.loggerOptions||{},na,oa),na,oa,e.telemetry?.application||{appName:"",appVersion:""},t)}generateId(){return vs()}getPageVisibility(){return document.visibilityState?.toString()||null}deleteIncompleteSubMeasurements(e){Ol()?.then((t=>{const r=this.eventsByCorrelationId.get(e.event.correlationId),n=r&&r.eventId===e.event.eventId,o=[];n&&r?.incompleteSubMeasurements&&r.incompleteSubMeasurements.forEach((e=>{o.push({...e})})),t.BrowserPerformanceMeasurement.flushMeasurements(e.event.correlationId,o)}))}startMeasurement(e,t){const r=this.getPageVisibility(),n=super.startMeasurement(e,t),o=Ml()?window.performance.now():void 0,i=Ol()?.then((t=>new t.BrowserPerformanceMeasurement(e,n.event.correlationId)));return i?.then((e=>e.startMeasurement())),{...n,end:(e,t)=>{const s=n.end({...e,startPageVisibility:r,endPageVisibility:this.getPageVisibility(),durationMs:ql(o)},t);return i?.then((e=>e.endMeasurement())),this.deleteIncompleteSubMeasurements(n),s},discard:()=>{n.discard(),i?.then((e=>e.flushMeasurement())),this.deleteIncompleteSubMeasurements(n)}}}},e.BrowserPerformanceMeasurement=Nl,e.BrowserRootPerformanceEvents=ic,e.BrowserUtils=Vs,e.CacheLookupPolicy=es,e.ClientAuthError=o,e.ClientAuthErrorCodes=D,e.ClientConfigurationError=Xe,e.ClientConfigurationErrorCodes=It,e.DEFAULT_IFRAME_TIMEOUT_MS=ta,e.EventHandler=Ec,e.EventMessageUtils=class{static getInteractionStatusFromEvent(t,r){switch(t.eventType){case fc.ACQUIRE_TOKEN_START:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup)return Vi.AcquireToken;break;case fc.HANDLE_REDIRECT_START:return Vi.HandleRedirect;case fc.LOGOUT_START:return Vi.Logout;case fc.LOGOUT_END:if(r&&r!==Vi.Logout)break;return Vi.None;case fc.HANDLE_REDIRECT_END:if(r&&r!==Vi.HandleRedirect)break;return Vi.None;case fc.ACQUIRE_TOKEN_SUCCESS:case fc.ACQUIRE_TOKEN_FAILURE:case fc.RESTORE_FROM_BFCACHE:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup){if(r&&r!==Vi.AcquireToken)break;return Vi.None}}return null}},e.EventType=fc,e.InteractionRequiredAuthError=Jn,e.InteractionRequiredAuthErrorCodes=zn,e.InteractionStatus=Vi,e.JsonWebTokenTypes=Bl,e.LocalStorage=pc,e.Logger=$,e.MemoryStorage=Ja,e.NavigationClient=Ys,e.OIDC_DEFAULT_SCOPES=Dl,e.PromptValue=Hl,e.ProtocolMode=$t,e.PublicClientApplication=bl,e.PublicClientNext=Pl,e.ResponseMode=Ll,e.ServerError=Rn,e.SessionStorage=mc,e.SignedHttpRequest=class{constructor(e,t){const r=t&&t.loggerOptions||{};this.logger=new $(r,na,oa),this.cryptoOps=new Ga(this.logger),this.popTokenGenerator=new Xn(this.cryptoOps,new tr),this.shrParameters=e}async generatePublicKeyThumbprint(){const{kid:e}=await this.popTokenGenerator.generateKid(this.shrParameters);return e}async signRequest(e,t,r){return this.popTokenGenerator.signPayload(e,t,this.shrParameters,r)}async removeKeys(e,t){return this.cryptoOps.removeTokenBindingKey(e,t)}},e.StringUtils=et,e.StubPerformanceClient=tr,e.UrlString=_t,e.WrapperSKU={React:"@azure/msal-react",Angular:"@azure/msal-angular"},e.createNestablePublicClientApplication=async function(e){const t=vs(),r=new Sa(e);if(await r.initialize(t),r.isAvailable()){const n=new Tl(r),o=new bl(e,n);return await o.initialize({correlationId:t}),o}return Sl(e)},e.createStandardPublicClientApplication=Sl,e.isPlatformBrokerAvailable=async function(e,t,r){const n=new $(e||{},na,oa),o=r||"";n.trace("isPlatformBrokerAvailable called",o);const i=t||new tr;return"undefined"==typeof window?(n.trace("Non-browser environment detected, returning false",o),!1):!!await nl(n,i,o)},e.loadExternalTokens=async function(e,t,r,n){$s();const o=ra(e,!0),i=t.correlationId||vs(),s=r.id_token?bt(r.id_token,ss):void 0,a={protocolMode:o.system.protocolMode,knownAuthorities:o.auth.knownAuthorities,cloudDiscoveryMetadata:o.auth.cloudDiscoveryMetadata,authorityMetadata:o.auth.authorityMetadata},c=new $(o.system.loggerOptions||{}),l=new Ga(c,o.telemetry.client),h=new wc(o.auth.clientId,o.cache,l,c,o.telemetry.client,new Ec(c),En(o.auth)),d=t.authority?new Sn(Sn.generateAuthority(t.authority,t.azureCloudOptions),o.system.networkClient,h,a,c,t.correlationId||vs(),o.telemetry.client):void 0,u=await async function(e,t,r,n,o,i,s,a){if(o.verbose("TokenCache - loading account",r),e.account){const t=Wt(e.account);return await n.setAccount(t,r),t}if(!a||!t&&!s)throw o.error("TokenCache - if an account is not provided on the request, authority and either clientInfo or idToken must be provided instead.",r),fi(Go);const c=Jt(t,a.authorityType,o,i,r,s),l=s?.tid,h=to(n,a,c,ss,r,s,t,a.hostnameAndPort,l,void 0,void 0,o);return await n.setAccount(h,r),h}(t,n.clientInfo||r.client_info||"",i,h,c,l,s,d),g=await async function(e,t,r,n,o,i,s,a){if(!e.id_token)return s.verbose("TokenCache - no id token found in response",o),null;s.verbose("TokenCache - loading id token",o);const c=fn(t,r,e.id_token,a,n);return await i.setIdTokenCredential(c,o),c}(r,u.homeAccountId,u.environment,u.realm,i,h,c,e.auth.clientId),p=await async function(e,t,r,n,o,i,s,a,c,l){if(!t.access_token)return c.verbose("TokenCache - no access token found in response",s),null;if(!t.expires_in)return c.error("TokenCache - no expiration set on the access token. Cannot add it to the cache.",s),null;if(!(t.scope||e.scopes&&e.scopes.length))return c.error("TokenCache - scopes not specified in the request or response. Cannot add token to the cache.",s),null;c.verbose("TokenCache - loading access token",s);const h=t.scope?vt.fromString(t.scope):new vt(e.scopes),d=i.expiresOn||t.expires_in+hn(),u=i.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+hn(),g=yn(r,n,t.access_token,l,o,h.printScopes(),d,u,ss);return await a.setAccessTokenCredential(g,s),g}(t,r,u.homeAccountId,u.environment,u.realm,n,i,h,c,e.auth.clientId),m=await async function(e,t,r,n,o,i,s){if(!e.refresh_token)return i.verbose("TokenCache - no refresh token found in response",n),null;i.verbose("TokenCache - loading refresh token",n);const a=wn(t,r,e.refresh_token,s,e.foci,void 0,e.refresh_token_expires_in);return await o.setRefreshTokenCredential(a,n),a}(r,u.homeAccountId,u.environment,i,h,c,e.auth.clientId);return function(e,t,r,n){let o,i="",s=[],a=null;t?.accessToken&&(i=t.accessToken.secret,s=vt.fromString(t.accessToken.target).asArray(),a=un(t.accessToken.expiresOn),o=un(t.accessToken.extendedExpiresOn));const c=t.account;return{authority:n?n.canonicalAuthority:"",uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:zt(c),idToken:t.idToken?.secret||"",idTokenClaims:r||{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId||"",requestId:"",extExpiresOn:o,familyId:t.refreshToken?.familyId||"",tokenType:t?.accessToken?.tokenType||"",state:e.state||"",cloudGraphHostName:c.cloudGraphHostName||"",msGraphHost:c.msGraphHost||"",fromPlatformBroker:!1}}(t,{account:u,idToken:g,accessToken:p,refreshToken:m},s,d)},e.stubbedPublicClientApplication=Rl,e.version=oa}));
|