@azure/msal-browser 4.26.1 → 4.27.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts +2 -8
- package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +11 -25
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +2 -3
- package/dist/cache/CacheKeys.mjs.map +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +4 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +2 -2
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.d.ts +2 -8
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +9 -23
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +2 -3
- package/dist/custom-auth-path/cache/CacheKeys.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +4 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +2 -2
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts +0 -3
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -4
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts +0 -2
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -3
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts +0 -7
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +3 -10
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts +0 -2
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -3
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts +0 -2
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -3
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts +0 -6
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -7
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts +0 -2
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -3
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts +0 -2
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -3
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts +0 -2
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -3
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +20 -4
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +4 -2
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +19 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts +3 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +8 -7
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +3 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts +0 -3
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts.map +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts +0 -2
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts.map +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts +0 -7
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts +0 -2
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts +0 -2
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts +0 -6
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts +0 -2
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts +0 -2
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts +0 -2
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts.map +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/interaction_client/PopupClient.d.ts +1 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +20 -4
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +4 -2
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +19 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts +3 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +8 -7
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +3 -1
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +129 -128
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthProvider.d.ts +2 -8
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +4 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts +0 -3
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts +0 -2
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts +0 -7
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts +0 -2
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts +0 -2
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts +0 -6
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts +0 -2
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts +0 -2
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts +0 -2
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts +3 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/msal-browser.cjs +141 -102
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +141 -102
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +66 -66
- package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts +2 -8
- package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +4 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts +0 -3
- package/lib/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts.map +1 -1
- package/lib/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts +0 -2
- package/lib/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts.map +1 -1
- package/lib/types/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts +0 -7
- package/lib/types/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts.map +1 -1
- package/lib/types/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts +0 -2
- package/lib/types/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts.map +1 -1
- package/lib/types/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts +0 -2
- package/lib/types/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts.map +1 -1
- package/lib/types/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts +0 -6
- package/lib/types/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts +0 -2
- package/lib/types/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts +0 -2
- package/lib/types/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts +0 -2
- package/lib/types/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts +3 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthProvider.ts +21 -23
- package/src/config/Configuration.ts +5 -0
- package/src/controllers/StandardController.ts +2 -1
- package/src/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.ts +0 -3
- package/src/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.ts +0 -2
- package/src/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.ts +4 -11
- package/src/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.ts +0 -2
- package/src/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.ts +0 -2
- package/src/custom_auth/core/auth_flow/mfa/state/MfaState.ts +0 -6
- package/src/custom_auth/sign_in/auth_flow/result/SignInResult.ts +0 -2
- package/src/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.ts +0 -2
- package/src/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.ts +0 -2
- package/src/interaction_client/PopupClient.ts +73 -21
- package/src/interaction_client/RedirectClient.ts +14 -1
- package/src/interaction_client/SilentIframeClient.ts +68 -19
- package/src/interaction_client/StandardInteractionClient.ts +17 -12
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +7 -0
|
@@ -9,6 +9,8 @@ import {
|
|
|
9
9
|
Logger,
|
|
10
10
|
AuthenticationScheme,
|
|
11
11
|
StubPerformanceClient,
|
|
12
|
+
createClientConfigurationError,
|
|
13
|
+
ClientConfigurationErrorCodes,
|
|
12
14
|
} from "@azure/msal-common/browser";
|
|
13
15
|
import { name, version } from "../../packageMetadata.js";
|
|
14
16
|
import {
|
|
@@ -19,8 +21,6 @@ import { PlatformAuthExtensionHandler } from "./PlatformAuthExtensionHandler.js"
|
|
|
19
21
|
import { IPlatformAuthHandler } from "./IPlatformAuthHandler.js";
|
|
20
22
|
import { PlatformAuthDOMHandler } from "./PlatformAuthDOMHandler.js";
|
|
21
23
|
import { createNewGuid } from "../../crypto/BrowserCrypto.js";
|
|
22
|
-
import { BrowserCacheLocation } from "../../utils/BrowserConstants.js";
|
|
23
|
-
import { PLATFORM_AUTH_DOM_SUPPORT } from "../../cache/CacheKeys.js";
|
|
24
24
|
|
|
25
25
|
/**
|
|
26
26
|
* Checks if the platform broker is available in the current environment.
|
|
@@ -31,7 +31,8 @@ import { PLATFORM_AUTH_DOM_SUPPORT } from "../../cache/CacheKeys.js";
|
|
|
31
31
|
export async function isPlatformBrokerAvailable(
|
|
32
32
|
loggerOptions?: LoggerOptions,
|
|
33
33
|
perfClient?: IPerformanceClient,
|
|
34
|
-
correlationId?: string
|
|
34
|
+
correlationId?: string,
|
|
35
|
+
domConfig?: boolean
|
|
35
36
|
): Promise<boolean> {
|
|
36
37
|
const logger = new Logger(loggerOptions || {}, name, version);
|
|
37
38
|
|
|
@@ -47,7 +48,9 @@ export async function isPlatformBrokerAvailable(
|
|
|
47
48
|
return !!(await getPlatformAuthProvider(
|
|
48
49
|
logger,
|
|
49
50
|
performanceClient,
|
|
50
|
-
correlationId || createNewGuid()
|
|
51
|
+
correlationId || createNewGuid(),
|
|
52
|
+
undefined,
|
|
53
|
+
domConfig
|
|
51
54
|
));
|
|
52
55
|
}
|
|
53
56
|
|
|
@@ -55,16 +58,16 @@ export async function getPlatformAuthProvider(
|
|
|
55
58
|
logger: Logger,
|
|
56
59
|
performanceClient: IPerformanceClient,
|
|
57
60
|
correlationId: string,
|
|
58
|
-
nativeBrokerHandshakeTimeout?: number
|
|
61
|
+
nativeBrokerHandshakeTimeout?: number,
|
|
62
|
+
enablePlatformBrokerDOMSupport?: boolean
|
|
59
63
|
): Promise<IPlatformAuthHandler | undefined> {
|
|
60
64
|
logger.trace("getPlatformAuthProvider called", correlationId);
|
|
61
65
|
|
|
62
|
-
const enablePlatformBrokerDOMSupport = isDomEnabledForPlatformAuth();
|
|
63
|
-
|
|
64
66
|
logger.trace(
|
|
65
67
|
"Has client allowed platform auth via DOM API: " +
|
|
66
68
|
enablePlatformBrokerDOMSupport
|
|
67
69
|
);
|
|
70
|
+
|
|
68
71
|
let platformAuthProvider: IPlatformAuthHandler | undefined;
|
|
69
72
|
try {
|
|
70
73
|
if (enablePlatformBrokerDOMSupport) {
|
|
@@ -97,22 +100,6 @@ export async function getPlatformAuthProvider(
|
|
|
97
100
|
return platformAuthProvider;
|
|
98
101
|
}
|
|
99
102
|
|
|
100
|
-
/**
|
|
101
|
-
* Returns true if the DOM API support for platform auth is enabled in session storage
|
|
102
|
-
* @returns boolean
|
|
103
|
-
* @deprecated
|
|
104
|
-
*/
|
|
105
|
-
export function isDomEnabledForPlatformAuth(): boolean {
|
|
106
|
-
let sessionStorage: Storage | undefined;
|
|
107
|
-
try {
|
|
108
|
-
sessionStorage = window[BrowserCacheLocation.SessionStorage];
|
|
109
|
-
// Mute errors if it's a non-browser environment or cookies are blocked.
|
|
110
|
-
return sessionStorage?.getItem(PLATFORM_AUTH_DOM_SUPPORT) === "true";
|
|
111
|
-
} catch (e) {
|
|
112
|
-
return false;
|
|
113
|
-
}
|
|
114
|
-
}
|
|
115
|
-
|
|
116
103
|
/**
|
|
117
104
|
* Returns boolean indicating whether or not the request should attempt to use native broker
|
|
118
105
|
* @param logger
|
|
@@ -127,6 +114,17 @@ export function isPlatformAuthAllowed(
|
|
|
127
114
|
authenticationScheme?: AuthenticationScheme
|
|
128
115
|
): boolean {
|
|
129
116
|
logger.trace("isPlatformAuthAllowed called");
|
|
117
|
+
|
|
118
|
+
// throw an error if allowPlatformBroker is not enabled and allowPlatformBrokerWithDOM is enabled
|
|
119
|
+
if (
|
|
120
|
+
!config.system.allowPlatformBroker &&
|
|
121
|
+
config.system.allowPlatformBrokerWithDOM
|
|
122
|
+
) {
|
|
123
|
+
throw createClientConfigurationError(
|
|
124
|
+
ClientConfigurationErrorCodes.invalidPlatformBrokerConfiguration
|
|
125
|
+
);
|
|
126
|
+
}
|
|
127
|
+
|
|
130
128
|
if (!config.system.allowPlatformBroker) {
|
|
131
129
|
logger.trace(
|
|
132
130
|
"isPlatformAuthAllowed: allowPlatformBroker is not enabled, returning false"
|
|
@@ -209,6 +209,10 @@ export type BrowserSystemOptions = SystemOptions & {
|
|
|
209
209
|
* Flag to enable native broker support (e.g. acquiring tokens from WAM on Windows, MacBroker on Mac)
|
|
210
210
|
*/
|
|
211
211
|
allowPlatformBroker?: boolean;
|
|
212
|
+
/**
|
|
213
|
+
* Flag to enable native broker support through DOM APIs in Edge
|
|
214
|
+
*/
|
|
215
|
+
allowPlatformBrokerWithDOM?: boolean;
|
|
212
216
|
/**
|
|
213
217
|
* Sets the timeout for waiting for the native broker handshake to resolve
|
|
214
218
|
*/
|
|
@@ -357,6 +361,7 @@ export function buildConfiguration(
|
|
|
357
361
|
asyncPopups: false,
|
|
358
362
|
allowRedirectInIframe: false,
|
|
359
363
|
allowPlatformBroker: false,
|
|
364
|
+
allowPlatformBrokerWithDOM: false,
|
|
360
365
|
nativeBrokerHandshakeTimeout:
|
|
361
366
|
userInputSystem?.nativeBrokerHandshakeTimeout ||
|
|
362
367
|
DEFAULT_NATIVE_BROKER_HANDSHAKE_TIMEOUT_MS,
|
|
@@ -356,7 +356,8 @@ export class StandardController implements IController {
|
|
|
356
356
|
this.logger,
|
|
357
357
|
this.performanceClient,
|
|
358
358
|
initCorrelationId,
|
|
359
|
-
this.config.system.nativeBrokerHandshakeTimeout
|
|
359
|
+
this.config.system.nativeBrokerHandshakeTimeout,
|
|
360
|
+
this.config.system.allowPlatformBrokerWithDOM
|
|
360
361
|
);
|
|
361
362
|
} catch (e) {
|
|
362
363
|
this.logger.verbose(e as string);
|
package/src/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.ts
CHANGED
|
@@ -44,7 +44,6 @@ export class AuthMethodRegistrationChallengeMethodResult extends AuthFlowResultB
|
|
|
44
44
|
/**
|
|
45
45
|
* Checks if the result indicates that verification is required.
|
|
46
46
|
* @returns true if verification is required, false otherwise.
|
|
47
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
48
47
|
*/
|
|
49
48
|
isVerificationRequired(): this is AuthMethodRegistrationChallengeMethodResult & {
|
|
50
49
|
state: AuthMethodVerificationRequiredState;
|
|
@@ -58,7 +57,6 @@ export class AuthMethodRegistrationChallengeMethodResult extends AuthFlowResultB
|
|
|
58
57
|
/**
|
|
59
58
|
* Checks if the result indicates that registration is completed (fast-pass scenario).
|
|
60
59
|
* @returns true if registration is completed, false otherwise.
|
|
61
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
62
60
|
*/
|
|
63
61
|
isCompleted(): this is AuthMethodRegistrationChallengeMethodResult & {
|
|
64
62
|
state: AuthMethodRegistrationCompletedState;
|
|
@@ -72,7 +70,6 @@ export class AuthMethodRegistrationChallengeMethodResult extends AuthFlowResultB
|
|
|
72
70
|
/**
|
|
73
71
|
* Checks if the result is in a failed state.
|
|
74
72
|
* @returns true if the result is failed, false otherwise.
|
|
75
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
76
73
|
*/
|
|
77
74
|
isFailed(): this is AuthMethodRegistrationChallengeMethodResult & {
|
|
78
75
|
state: AuthMethodRegistrationFailedState;
|
package/src/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.ts
CHANGED
|
@@ -41,7 +41,6 @@ export class AuthMethodRegistrationSubmitChallengeResult extends AuthFlowResultB
|
|
|
41
41
|
/**
|
|
42
42
|
* Checks if the result indicates that registration is completed.
|
|
43
43
|
* @returns true if registration is completed, false otherwise.
|
|
44
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
45
44
|
*/
|
|
46
45
|
isCompleted(): this is AuthMethodRegistrationSubmitChallengeResult & {
|
|
47
46
|
state: AuthMethodRegistrationCompletedState;
|
|
@@ -55,7 +54,6 @@ export class AuthMethodRegistrationSubmitChallengeResult extends AuthFlowResultB
|
|
|
55
54
|
/**
|
|
56
55
|
* Checks if the result is in a failed state.
|
|
57
56
|
* @returns true if the result is failed, false otherwise.
|
|
58
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
59
57
|
*/
|
|
60
58
|
isFailed(): this is AuthMethodRegistrationSubmitChallengeResult & {
|
|
61
59
|
state: AuthMethodRegistrationFailedState;
|
|
@@ -123,8 +123,8 @@ abstract class AuthMethodRegistrationState<
|
|
|
123
123
|
);
|
|
124
124
|
}
|
|
125
125
|
} catch (error) {
|
|
126
|
-
this.stateParameters.logger.
|
|
127
|
-
|
|
126
|
+
this.stateParameters.logger.errorPii(
|
|
127
|
+
`Failed to challenge authentication method for auth method registration. Error: ${error}.`,
|
|
128
128
|
this.stateParameters.correlationId
|
|
129
129
|
);
|
|
130
130
|
return AuthMethodRegistrationChallengeMethodResult.createWithError(
|
|
@@ -146,7 +146,6 @@ export class AuthMethodRegistrationRequiredState extends AuthMethodRegistrationS
|
|
|
146
146
|
/**
|
|
147
147
|
* Gets the available authentication methods for registration.
|
|
148
148
|
* @returns Array of available authentication methods.
|
|
149
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
150
149
|
*/
|
|
151
150
|
getAuthMethods(): AuthenticationMethod[] {
|
|
152
151
|
return this.stateParameters.authMethods;
|
|
@@ -156,7 +155,6 @@ export class AuthMethodRegistrationRequiredState extends AuthMethodRegistrationS
|
|
|
156
155
|
* Challenges an authentication method for registration.
|
|
157
156
|
* @param authMethodDetails The authentication method details to challenge.
|
|
158
157
|
* @returns Promise that resolves to AuthMethodRegistrationChallengeMethodResult.
|
|
159
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
160
158
|
*/
|
|
161
159
|
async challengeAuthMethod(
|
|
162
160
|
authMethodDetails: AuthMethodDetails
|
|
@@ -177,7 +175,6 @@ export class AuthMethodVerificationRequiredState extends AuthMethodRegistrationS
|
|
|
177
175
|
/**
|
|
178
176
|
* Gets the length of the expected verification code.
|
|
179
177
|
* @returns The code length.
|
|
180
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
181
178
|
*/
|
|
182
179
|
getCodeLength(): number {
|
|
183
180
|
return this.stateParameters.codeLength;
|
|
@@ -186,7 +183,6 @@ export class AuthMethodVerificationRequiredState extends AuthMethodRegistrationS
|
|
|
186
183
|
/**
|
|
187
184
|
* Gets the channel through which the challenge was sent.
|
|
188
185
|
* @returns The challenge channel (e.g., "email").
|
|
189
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
190
186
|
*/
|
|
191
187
|
getChannel(): string {
|
|
192
188
|
return this.stateParameters.challengeChannel;
|
|
@@ -195,7 +191,6 @@ export class AuthMethodVerificationRequiredState extends AuthMethodRegistrationS
|
|
|
195
191
|
/**
|
|
196
192
|
* Gets the target label indicating where the challenge was sent.
|
|
197
193
|
* @returns The challenge target label (e.g., masked email address).
|
|
198
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
199
194
|
*/
|
|
200
195
|
getSentTo(): string {
|
|
201
196
|
return this.stateParameters.challengeTargetLabel;
|
|
@@ -205,7 +200,6 @@ export class AuthMethodVerificationRequiredState extends AuthMethodRegistrationS
|
|
|
205
200
|
* Submits the verification challenge to complete the authentication method registration.
|
|
206
201
|
* @param code The verification code entered by the user.
|
|
207
202
|
* @returns Promise that resolves to AuthMethodRegistrationSubmitChallengeResult.
|
|
208
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
209
203
|
*/
|
|
210
204
|
async submitChallenge(
|
|
211
205
|
code: string
|
|
@@ -250,8 +244,8 @@ export class AuthMethodVerificationRequiredState extends AuthMethodRegistrationS
|
|
|
250
244
|
accountInfo
|
|
251
245
|
);
|
|
252
246
|
} catch (error) {
|
|
253
|
-
this.stateParameters.logger.
|
|
254
|
-
|
|
247
|
+
this.stateParameters.logger.errorPii(
|
|
248
|
+
`Failed to submit auth method challenge. Error: ${error}.`,
|
|
255
249
|
this.stateParameters.correlationId
|
|
256
250
|
);
|
|
257
251
|
return AuthMethodRegistrationSubmitChallengeResult.createWithError(
|
|
@@ -264,7 +258,6 @@ export class AuthMethodVerificationRequiredState extends AuthMethodRegistrationS
|
|
|
264
258
|
* Challenges a different authentication method for registration.
|
|
265
259
|
* @param authMethodDetails The authentication method details to challenge.
|
|
266
260
|
* @returns Promise that resolves to AuthMethodRegistrationChallengeMethodResult.
|
|
267
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
268
261
|
*/
|
|
269
262
|
async challengeAuthMethod(
|
|
270
263
|
authMethodDetails: AuthMethodDetails
|
|
@@ -36,7 +36,6 @@ export class MfaRequestChallengeResult extends AuthFlowResultBase<
|
|
|
36
36
|
/**
|
|
37
37
|
* Checks if the result indicates that verification is required.
|
|
38
38
|
* @returns true if verification is required, false otherwise.
|
|
39
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
40
39
|
*/
|
|
41
40
|
isVerificationRequired(): this is MfaRequestChallengeResult & {
|
|
42
41
|
state: MfaVerificationRequiredState;
|
|
@@ -47,7 +46,6 @@ export class MfaRequestChallengeResult extends AuthFlowResultBase<
|
|
|
47
46
|
/**
|
|
48
47
|
* Checks if the result is in a failed state.
|
|
49
48
|
* @returns true if the result is failed, false otherwise.
|
|
50
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
51
49
|
*/
|
|
52
50
|
isFailed(): this is MfaRequestChallengeResult & {
|
|
53
51
|
state: MfaFailedState;
|
|
@@ -37,7 +37,6 @@ export class MfaSubmitChallengeResult extends AuthFlowResultBase<
|
|
|
37
37
|
/**
|
|
38
38
|
* Checks if the MFA flow is completed successfully.
|
|
39
39
|
* @returns true if completed, false otherwise.
|
|
40
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
41
40
|
*/
|
|
42
41
|
isCompleted(): this is MfaSubmitChallengeResult & {
|
|
43
42
|
state: MfaCompletedState;
|
|
@@ -48,7 +47,6 @@ export class MfaSubmitChallengeResult extends AuthFlowResultBase<
|
|
|
48
47
|
/**
|
|
49
48
|
* Checks if the result is in a failed state.
|
|
50
49
|
* @returns true if the result is failed, false otherwise.
|
|
51
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
52
50
|
*/
|
|
53
51
|
isFailed(): this is MfaSubmitChallengeResult & {
|
|
54
52
|
state: MfaFailedState;
|
|
@@ -31,7 +31,6 @@ abstract class MfaState<
|
|
|
31
31
|
* Requests an MFA challenge for a specific authentication method.
|
|
32
32
|
* @param authMethodId The authentication method ID to use for the challenge.
|
|
33
33
|
* @returns Promise that resolves to MfaRequestChallengeResult.
|
|
34
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
35
34
|
*/
|
|
36
35
|
async requestChallenge(
|
|
37
36
|
authMethodId: string
|
|
@@ -101,7 +100,6 @@ export class MfaAwaitingState extends MfaState<MfaAwaitingStateParameters> {
|
|
|
101
100
|
/**
|
|
102
101
|
* Gets the available authentication methods for MFA.
|
|
103
102
|
* @returns Array of available authentication methods.
|
|
104
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
105
103
|
*/
|
|
106
104
|
getAuthMethods(): AuthenticationMethod[] {
|
|
107
105
|
return this.stateParameters.authMethods;
|
|
@@ -121,7 +119,6 @@ export class MfaVerificationRequiredState extends MfaState<MfaVerificationRequir
|
|
|
121
119
|
/**
|
|
122
120
|
* Gets the length of the code that the user needs to provide.
|
|
123
121
|
* @returns The expected code length.
|
|
124
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
125
122
|
*/
|
|
126
123
|
getCodeLength(): number {
|
|
127
124
|
return this.stateParameters.codeLength;
|
|
@@ -130,7 +127,6 @@ export class MfaVerificationRequiredState extends MfaState<MfaVerificationRequir
|
|
|
130
127
|
/**
|
|
131
128
|
* Gets the channel through which the challenge was sent.
|
|
132
129
|
* @returns The challenge channel (e.g., "email").
|
|
133
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
134
130
|
*/
|
|
135
131
|
getChannel(): string {
|
|
136
132
|
return this.stateParameters.challengeChannel;
|
|
@@ -139,7 +135,6 @@ export class MfaVerificationRequiredState extends MfaState<MfaVerificationRequir
|
|
|
139
135
|
/**
|
|
140
136
|
* Gets the target label indicating where the challenge was sent.
|
|
141
137
|
* @returns The challenge target label (e.g., masked email address).
|
|
142
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
143
138
|
*/
|
|
144
139
|
getSentTo(): string {
|
|
145
140
|
return this.stateParameters.challengeTargetLabel;
|
|
@@ -149,7 +144,6 @@ export class MfaVerificationRequiredState extends MfaState<MfaVerificationRequir
|
|
|
149
144
|
* Submits the MFA challenge (e.g., OTP code) to complete the authentication.
|
|
150
145
|
* @param challenge The challenge code (e.g., OTP code) entered by the user.
|
|
151
146
|
* @returns Promise that resolves to MfaSubmitChallengeResult.
|
|
152
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
153
147
|
*/
|
|
154
148
|
async submitChallenge(
|
|
155
149
|
challenge: string
|
|
@@ -83,7 +83,6 @@ export class SignInResult extends AuthFlowResultBase<
|
|
|
83
83
|
|
|
84
84
|
/**
|
|
85
85
|
* Checks if the result requires authentication method registration.
|
|
86
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
87
86
|
*/
|
|
88
87
|
isAuthMethodRegistrationRequired(): this is SignInResult & {
|
|
89
88
|
state: AuthMethodRegistrationRequiredState;
|
|
@@ -96,7 +95,6 @@ export class SignInResult extends AuthFlowResultBase<
|
|
|
96
95
|
|
|
97
96
|
/**
|
|
98
97
|
* Checks if the result requires MFA.
|
|
99
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
100
98
|
*/
|
|
101
99
|
isMfaRequired(): this is SignInResult & { state: MfaAwaitingState } {
|
|
102
100
|
return this.state.stateType === MFA_AWAITING_STATE_TYPE;
|
|
@@ -57,7 +57,6 @@ export class SignInSubmitCodeResult extends AuthFlowResultBase<
|
|
|
57
57
|
|
|
58
58
|
/**
|
|
59
59
|
* Checks if the result requires authentication method registration.
|
|
60
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
61
60
|
*/
|
|
62
61
|
isAuthMethodRegistrationRequired(): this is SignInSubmitCodeResult & {
|
|
63
62
|
state: AuthMethodRegistrationRequiredState;
|
|
@@ -70,7 +69,6 @@ export class SignInSubmitCodeResult extends AuthFlowResultBase<
|
|
|
70
69
|
|
|
71
70
|
/**
|
|
72
71
|
* Checks if the result requires MFA.
|
|
73
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
74
72
|
*/
|
|
75
73
|
isMfaRequired(): this is SignInSubmitCodeResult & {
|
|
76
74
|
state: MfaAwaitingState;
|
|
@@ -54,7 +54,6 @@ export class SignInSubmitPasswordResult extends AuthFlowResultBase<
|
|
|
54
54
|
|
|
55
55
|
/**
|
|
56
56
|
* Checks if the result requires authentication method registration.
|
|
57
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
58
57
|
*/
|
|
59
58
|
isAuthMethodRegistrationRequired(): this is SignInSubmitPasswordResult & {
|
|
60
59
|
state: AuthMethodRegistrationRequiredState;
|
|
@@ -67,7 +66,6 @@ export class SignInSubmitPasswordResult extends AuthFlowResultBase<
|
|
|
67
66
|
|
|
68
67
|
/**
|
|
69
68
|
* Checks if the result requires MFA.
|
|
70
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
71
69
|
*/
|
|
72
70
|
isMfaRequired(): this is SignInSubmitPasswordResult & {
|
|
73
71
|
state: MfaAwaitingState;
|
|
@@ -243,7 +243,7 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
243
243
|
validRequest.platformBroker = isPlatformBroker;
|
|
244
244
|
|
|
245
245
|
if (this.config.auth.protocolMode === ProtocolMode.EAR) {
|
|
246
|
-
return this.executeEarFlow(validRequest, popupParams);
|
|
246
|
+
return this.executeEarFlow(validRequest, popupParams, pkceCodes);
|
|
247
247
|
} else {
|
|
248
248
|
return this.executeCodeFlow(validRequest, popupParams, pkceCodes);
|
|
249
249
|
}
|
|
@@ -389,7 +389,8 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
389
389
|
*/
|
|
390
390
|
async executeEarFlow(
|
|
391
391
|
request: CommonAuthorizationUrlRequest,
|
|
392
|
-
popupParams: PopupParams
|
|
392
|
+
popupParams: PopupParams,
|
|
393
|
+
pkceCodes?: PkceCodes
|
|
393
394
|
): Promise<AuthenticationResult> {
|
|
394
395
|
const correlationId = request.correlationId;
|
|
395
396
|
// Get the frame handle for the silent request
|
|
@@ -413,9 +414,20 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
413
414
|
this.performanceClient,
|
|
414
415
|
correlationId
|
|
415
416
|
)();
|
|
417
|
+
const pkce =
|
|
418
|
+
pkceCodes ||
|
|
419
|
+
(await invokeAsync(
|
|
420
|
+
generatePkceCodes,
|
|
421
|
+
PerformanceEvents.GeneratePkceCodes,
|
|
422
|
+
this.logger,
|
|
423
|
+
this.performanceClient,
|
|
424
|
+
correlationId
|
|
425
|
+
)(this.performanceClient, this.logger, correlationId));
|
|
426
|
+
|
|
416
427
|
const popupRequest = {
|
|
417
428
|
...request,
|
|
418
429
|
earJwk: earJwk,
|
|
430
|
+
codeChallenge: pkce.challenge,
|
|
419
431
|
};
|
|
420
432
|
const popupWindow =
|
|
421
433
|
popupParams.popup || this.openPopup("about:blank", popupParams);
|
|
@@ -451,25 +463,65 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
451
463
|
this.logger
|
|
452
464
|
);
|
|
453
465
|
|
|
454
|
-
|
|
455
|
-
|
|
456
|
-
|
|
457
|
-
|
|
458
|
-
|
|
459
|
-
|
|
460
|
-
|
|
461
|
-
|
|
462
|
-
|
|
463
|
-
|
|
464
|
-
|
|
465
|
-
|
|
466
|
-
|
|
467
|
-
|
|
468
|
-
|
|
469
|
-
|
|
470
|
-
|
|
471
|
-
|
|
472
|
-
|
|
466
|
+
if (!serverParams.ear_jwe && serverParams.code) {
|
|
467
|
+
const authClient = await invokeAsync(
|
|
468
|
+
this.createAuthCodeClient.bind(this),
|
|
469
|
+
PerformanceEvents.StandardInteractionClientCreateAuthCodeClient,
|
|
470
|
+
this.logger,
|
|
471
|
+
this.performanceClient,
|
|
472
|
+
correlationId
|
|
473
|
+
)({
|
|
474
|
+
serverTelemetryManager: this.initializeServerTelemetryManager(
|
|
475
|
+
ApiId.acquireTokenPopup
|
|
476
|
+
),
|
|
477
|
+
requestAuthority: request.authority,
|
|
478
|
+
requestAzureCloudOptions: request.azureCloudOptions,
|
|
479
|
+
requestExtraQueryParameters: request.extraQueryParameters,
|
|
480
|
+
account: request.account,
|
|
481
|
+
authority: discoveredAuthority,
|
|
482
|
+
});
|
|
483
|
+
|
|
484
|
+
return invokeAsync(
|
|
485
|
+
Authorize.handleResponseCode,
|
|
486
|
+
PerformanceEvents.HandleResponseCode,
|
|
487
|
+
this.logger,
|
|
488
|
+
this.performanceClient,
|
|
489
|
+
correlationId
|
|
490
|
+
)(
|
|
491
|
+
popupRequest,
|
|
492
|
+
serverParams,
|
|
493
|
+
pkce.verifier,
|
|
494
|
+
ApiId.acquireTokenPopup,
|
|
495
|
+
this.config,
|
|
496
|
+
authClient,
|
|
497
|
+
this.browserStorage,
|
|
498
|
+
this.nativeStorage,
|
|
499
|
+
this.eventHandler,
|
|
500
|
+
this.logger,
|
|
501
|
+
this.performanceClient,
|
|
502
|
+
this.platformAuthProvider
|
|
503
|
+
);
|
|
504
|
+
} else {
|
|
505
|
+
return invokeAsync(
|
|
506
|
+
Authorize.handleResponseEAR,
|
|
507
|
+
PerformanceEvents.HandleResponseEar,
|
|
508
|
+
this.logger,
|
|
509
|
+
this.performanceClient,
|
|
510
|
+
correlationId
|
|
511
|
+
)(
|
|
512
|
+
popupRequest,
|
|
513
|
+
serverParams,
|
|
514
|
+
ApiId.acquireTokenPopup,
|
|
515
|
+
this.config,
|
|
516
|
+
discoveredAuthority,
|
|
517
|
+
this.browserStorage,
|
|
518
|
+
this.nativeStorage,
|
|
519
|
+
this.eventHandler,
|
|
520
|
+
this.logger,
|
|
521
|
+
this.performanceClient,
|
|
522
|
+
this.platformAuthProvider
|
|
523
|
+
);
|
|
524
|
+
}
|
|
473
525
|
}
|
|
474
526
|
|
|
475
527
|
async executeCodeFlowWithPost(
|
|
@@ -272,11 +272,24 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
272
272
|
this.performanceClient,
|
|
273
273
|
correlationId
|
|
274
274
|
)();
|
|
275
|
+
const pkceCodes = await invokeAsync(
|
|
276
|
+
generatePkceCodes,
|
|
277
|
+
PerformanceEvents.GeneratePkceCodes,
|
|
278
|
+
this.logger,
|
|
279
|
+
this.performanceClient,
|
|
280
|
+
correlationId
|
|
281
|
+
)(this.performanceClient, this.logger, correlationId);
|
|
282
|
+
|
|
275
283
|
const redirectRequest = {
|
|
276
284
|
...request,
|
|
277
285
|
earJwk: earJwk,
|
|
286
|
+
codeChallenge: pkceCodes.challenge,
|
|
278
287
|
};
|
|
279
|
-
|
|
288
|
+
|
|
289
|
+
this.browserStorage.cacheAuthorizeRequest(
|
|
290
|
+
redirectRequest,
|
|
291
|
+
pkceCodes.verifier
|
|
292
|
+
);
|
|
280
293
|
|
|
281
294
|
const form = await Authorize.getEARForm(
|
|
282
295
|
document,
|
|
@@ -235,9 +235,17 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
235
235
|
this.performanceClient,
|
|
236
236
|
correlationId
|
|
237
237
|
)();
|
|
238
|
+
const pkceCodes = await invokeAsync(
|
|
239
|
+
generatePkceCodes,
|
|
240
|
+
PerformanceEvents.GeneratePkceCodes,
|
|
241
|
+
this.logger,
|
|
242
|
+
this.performanceClient,
|
|
243
|
+
correlationId
|
|
244
|
+
)(this.performanceClient, this.logger, correlationId);
|
|
238
245
|
const silentRequest = {
|
|
239
246
|
...request,
|
|
240
247
|
earJwk: earJwk,
|
|
248
|
+
codeChallenge: pkceCodes.challenge,
|
|
241
249
|
};
|
|
242
250
|
const msalFrame = await invokeAsync(
|
|
243
251
|
initiateEarRequest,
|
|
@@ -279,25 +287,66 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
279
287
|
correlationId
|
|
280
288
|
)(responseString, responseType, this.logger);
|
|
281
289
|
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
|
|
290
|
+
if (!serverParams.ear_jwe && serverParams.code) {
|
|
291
|
+
// If server doesn't support EAR, they may fallback to auth code flow instead
|
|
292
|
+
const authClient = await invokeAsync(
|
|
293
|
+
this.createAuthCodeClient.bind(this),
|
|
294
|
+
PerformanceEvents.StandardInteractionClientCreateAuthCodeClient,
|
|
295
|
+
this.logger,
|
|
296
|
+
this.performanceClient,
|
|
297
|
+
correlationId
|
|
298
|
+
)({
|
|
299
|
+
serverTelemetryManager: this.initializeServerTelemetryManager(
|
|
300
|
+
this.apiId
|
|
301
|
+
),
|
|
302
|
+
requestAuthority: request.authority,
|
|
303
|
+
requestAzureCloudOptions: request.azureCloudOptions,
|
|
304
|
+
requestExtraQueryParameters: request.extraQueryParameters,
|
|
305
|
+
account: request.account,
|
|
306
|
+
authority: discoveredAuthority,
|
|
307
|
+
});
|
|
308
|
+
|
|
309
|
+
return invokeAsync(
|
|
310
|
+
Authorize.handleResponseCode,
|
|
311
|
+
PerformanceEvents.HandleResponseCode,
|
|
312
|
+
this.logger,
|
|
313
|
+
this.performanceClient,
|
|
314
|
+
correlationId
|
|
315
|
+
)(
|
|
316
|
+
silentRequest,
|
|
317
|
+
serverParams,
|
|
318
|
+
pkceCodes.verifier,
|
|
319
|
+
this.apiId,
|
|
320
|
+
this.config,
|
|
321
|
+
authClient,
|
|
322
|
+
this.browserStorage,
|
|
323
|
+
this.nativeStorage,
|
|
324
|
+
this.eventHandler,
|
|
325
|
+
this.logger,
|
|
326
|
+
this.performanceClient,
|
|
327
|
+
this.platformAuthProvider
|
|
328
|
+
);
|
|
329
|
+
} else {
|
|
330
|
+
return invokeAsync(
|
|
331
|
+
Authorize.handleResponseEAR,
|
|
332
|
+
PerformanceEvents.HandleResponseEar,
|
|
333
|
+
this.logger,
|
|
334
|
+
this.performanceClient,
|
|
335
|
+
correlationId
|
|
336
|
+
)(
|
|
337
|
+
silentRequest,
|
|
338
|
+
serverParams,
|
|
339
|
+
this.apiId,
|
|
340
|
+
this.config,
|
|
341
|
+
discoveredAuthority,
|
|
342
|
+
this.browserStorage,
|
|
343
|
+
this.nativeStorage,
|
|
344
|
+
this.eventHandler,
|
|
345
|
+
this.logger,
|
|
346
|
+
this.performanceClient,
|
|
347
|
+
this.platformAuthProvider
|
|
348
|
+
);
|
|
349
|
+
}
|
|
301
350
|
}
|
|
302
351
|
|
|
303
352
|
/**
|