@azure/msal-browser 4.26.2 → 4.28.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts +2 -8
- package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +11 -25
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.d.ts +3 -3
- package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +10 -6
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +2 -3
- package/dist/cache/CacheKeys.mjs.map +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.d.ts +3 -2
- package/dist/cache/TokenCache.d.ts.map +1 -1
- package/dist/cache/TokenCache.mjs +39 -29
- package/dist/cache/TokenCache.mjs.map +1 -1
- package/dist/config/Configuration.d.ts +4 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +3 -3
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +4 -4
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.d.ts +2 -8
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +9 -23
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts +3 -3
- package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +10 -6
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +2 -3
- package/dist/custom-auth-path/cache/CacheKeys.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.d.ts +3 -2
- package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +39 -29
- package/dist/custom-auth-path/cache/TokenCache.mjs.map +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +4 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +4 -4
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +3 -3
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +2 -2
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +2 -2
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +2 -2
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +6 -6
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +3 -3
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +2 -2
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +2 -2
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.d.ts +3 -2
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +5 -5
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +3 -3
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.d.ts +20 -1
- package/dist/custom-auth-path/utils/BrowserConstants.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +27 -3
- package/dist/custom-auth-path/utils/BrowserConstants.mjs.map +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
- package/dist/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
- package/dist/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
- package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +3 -3
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +2 -2
- package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/interaction_client/SilentRefreshClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +2 -2
- package/dist/interaction_client/SilentRefreshClient.mjs.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.d.ts +3 -2
- package/dist/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +5 -5
- package/dist/interaction_handler/InteractionHandler.mjs.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +3 -3
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.d.ts +20 -1
- package/dist/utils/BrowserConstants.d.ts.map +1 -1
- package/dist/utils/BrowserConstants.mjs +27 -3
- package/dist/utils/BrowserConstants.mjs.map +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +201 -161
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.js +22608 -0
- package/lib/custom-auth-path/msal-custom-auth.js.map +1 -0
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthProvider.d.ts +2 -8
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts +3 -3
- package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/TokenCache.d.ts +3 -2
- package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +4 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentRefreshClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/InteractionHandler.d.ts +3 -2
- package/lib/custom-auth-path/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/BrowserConstants.d.ts +20 -1
- package/lib/custom-auth-path/types/utils/BrowserConstants.d.ts.map +1 -1
- package/lib/msal-browser.cjs +201 -156
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +201 -156
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +66 -66
- package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts +2 -8
- package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/lib/types/cache/BrowserCacheManager.d.ts +3 -3
- package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/types/cache/TokenCache.d.ts +3 -2
- package/lib/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +4 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts +1 -1
- package/lib/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
- package/lib/types/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
- package/lib/types/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
- package/lib/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentRefreshClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/InteractionHandler.d.ts +3 -2
- package/lib/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/utils/BrowserConstants.d.ts +20 -1
- package/lib/types/utils/BrowserConstants.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthProvider.ts +21 -23
- package/src/cache/BrowserCacheManager.ts +16 -2
- package/src/cache/TokenCache.ts +122 -72
- package/src/config/Configuration.ts +5 -0
- package/src/controllers/NestedAppAuthController.ts +2 -1
- package/src/controllers/StandardController.ts +6 -3
- package/src/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.ts +4 -2
- package/src/custom_auth/core/interaction_client/jit/JitClient.ts +2 -1
- package/src/custom_auth/core/interaction_client/mfa/MfaClient.ts +2 -1
- package/src/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.ts +2 -1
- package/src/custom_auth/sign_in/interaction_client/SignInClient.ts +10 -5
- package/src/interaction_client/PlatformAuthInteractionClient.ts +3 -1
- package/src/interaction_client/SilentAuthCodeClient.ts +1 -0
- package/src/interaction_client/SilentRefreshClient.ts +7 -5
- package/src/interaction_handler/InteractionHandler.ts +10 -3
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +2 -1
- package/src/utils/BrowserConstants.ts +27 -1
package/lib/msal-browser.cjs
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.28.0 2026-01-13 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v15.
|
|
5
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -279,7 +279,7 @@ const JsonWebTokenTypes = {
|
|
|
279
279
|
// Token renewal offset default in seconds
|
|
280
280
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
281
281
|
|
|
282
|
-
/*! @azure/msal-common v15.
|
|
282
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
283
283
|
/*
|
|
284
284
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
285
285
|
* Licensed under the MIT License.
|
|
@@ -296,7 +296,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
296
296
|
unexpectedError: unexpectedError
|
|
297
297
|
});
|
|
298
298
|
|
|
299
|
-
/*! @azure/msal-common v15.
|
|
299
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
300
300
|
|
|
301
301
|
/*
|
|
302
302
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -345,7 +345,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
345
345
|
: AuthErrorMessages[code]);
|
|
346
346
|
}
|
|
347
347
|
|
|
348
|
-
/*! @azure/msal-common v15.
|
|
348
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
349
349
|
/*
|
|
350
350
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
351
351
|
* Licensed under the MIT License.
|
|
@@ -445,7 +445,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
445
445
|
userTimeoutReached: userTimeoutReached
|
|
446
446
|
});
|
|
447
447
|
|
|
448
|
-
/*! @azure/msal-common v15.
|
|
448
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
449
449
|
|
|
450
450
|
/*
|
|
451
451
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -702,7 +702,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
702
702
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
703
703
|
}
|
|
704
704
|
|
|
705
|
-
/*! @azure/msal-common v15.
|
|
705
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
706
706
|
|
|
707
707
|
/*
|
|
708
708
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -741,7 +741,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
741
741
|
},
|
|
742
742
|
};
|
|
743
743
|
|
|
744
|
-
/*! @azure/msal-common v15.
|
|
744
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
745
745
|
|
|
746
746
|
/*
|
|
747
747
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -932,12 +932,12 @@ class Logger {
|
|
|
932
932
|
}
|
|
933
933
|
}
|
|
934
934
|
|
|
935
|
-
/*! @azure/msal-common v15.
|
|
935
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
936
936
|
/* eslint-disable header/header */
|
|
937
937
|
const name$1 = "@azure/msal-common";
|
|
938
|
-
const version$1 = "15.
|
|
938
|
+
const version$1 = "15.14.0";
|
|
939
939
|
|
|
940
|
-
/*! @azure/msal-common v15.
|
|
940
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
941
941
|
/*
|
|
942
942
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
943
943
|
* Licensed under the MIT License.
|
|
@@ -957,7 +957,7 @@ const AzureCloudInstance = {
|
|
|
957
957
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
958
958
|
};
|
|
959
959
|
|
|
960
|
-
/*! @azure/msal-common v15.
|
|
960
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
961
961
|
/*
|
|
962
962
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
963
963
|
* Licensed under the MIT License.
|
|
@@ -984,7 +984,8 @@ const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
|
|
|
984
984
|
const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
985
985
|
const authorityMismatch = "authority_mismatch";
|
|
986
986
|
const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
987
|
-
const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
|
|
987
|
+
const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
|
|
988
|
+
const invalidPlatformBrokerConfiguration = "invalid_platform_broker_configuration";
|
|
988
989
|
|
|
989
990
|
var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
990
991
|
__proto__: null,
|
|
@@ -1000,6 +1001,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
1000
1001
|
invalidClaims: invalidClaims,
|
|
1001
1002
|
invalidCloudDiscoveryMetadata: invalidCloudDiscoveryMetadata,
|
|
1002
1003
|
invalidCodeChallengeMethod: invalidCodeChallengeMethod,
|
|
1004
|
+
invalidPlatformBrokerConfiguration: invalidPlatformBrokerConfiguration,
|
|
1003
1005
|
invalidRequestMethodForEAR: invalidRequestMethodForEAR,
|
|
1004
1006
|
logoutRequestEmpty: logoutRequestEmpty,
|
|
1005
1007
|
missingNonceAuthenticationHeader: missingNonceAuthenticationHeader,
|
|
@@ -1013,7 +1015,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
1013
1015
|
urlParseError: urlParseError
|
|
1014
1016
|
});
|
|
1015
1017
|
|
|
1016
|
-
/*! @azure/msal-common v15.
|
|
1018
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
1017
1019
|
|
|
1018
1020
|
/*
|
|
1019
1021
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1043,6 +1045,7 @@ const ClientConfigurationErrorMessages = {
|
|
|
1043
1045
|
[authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
|
|
1044
1046
|
[invalidAuthorizePostBodyParameters]: "Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",
|
|
1045
1047
|
[invalidRequestMethodForEAR]: "Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",
|
|
1048
|
+
[invalidPlatformBrokerConfiguration]: "Invalid platform broker configuration. `allowPlatformBrokerWithDOM` can only be enabled when `allowPlatformBroker` is enabled.",
|
|
1046
1049
|
};
|
|
1047
1050
|
/**
|
|
1048
1051
|
* ClientConfigurationErrorMessage class containing string constants used by error codes and messages.
|
|
@@ -1141,6 +1144,10 @@ const ClientConfigurationErrorMessage = {
|
|
|
1141
1144
|
code: invalidRequestMethodForEAR,
|
|
1142
1145
|
desc: ClientConfigurationErrorMessages[invalidRequestMethodForEAR],
|
|
1143
1146
|
},
|
|
1147
|
+
invalidPlatformBrokerConfiguration: {
|
|
1148
|
+
code: invalidPlatformBrokerConfiguration,
|
|
1149
|
+
desc: ClientConfigurationErrorMessages[invalidPlatformBrokerConfiguration],
|
|
1150
|
+
},
|
|
1144
1151
|
};
|
|
1145
1152
|
/**
|
|
1146
1153
|
* Error thrown when there is an error in configuration of the MSAL.js library.
|
|
@@ -1156,7 +1163,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
1156
1163
|
return new ClientConfigurationError(errorCode);
|
|
1157
1164
|
}
|
|
1158
1165
|
|
|
1159
|
-
/*! @azure/msal-common v15.
|
|
1166
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
1160
1167
|
/*
|
|
1161
1168
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1162
1169
|
* Licensed under the MIT License.
|
|
@@ -1253,7 +1260,7 @@ class StringUtils {
|
|
|
1253
1260
|
}
|
|
1254
1261
|
}
|
|
1255
1262
|
|
|
1256
|
-
/*! @azure/msal-common v15.
|
|
1263
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
1257
1264
|
|
|
1258
1265
|
/*
|
|
1259
1266
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1448,7 +1455,7 @@ class ScopeSet {
|
|
|
1448
1455
|
}
|
|
1449
1456
|
}
|
|
1450
1457
|
|
|
1451
|
-
/*! @azure/msal-common v15.
|
|
1458
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
1452
1459
|
|
|
1453
1460
|
/*
|
|
1454
1461
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1488,7 +1495,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
1488
1495
|
};
|
|
1489
1496
|
}
|
|
1490
1497
|
|
|
1491
|
-
/*! @azure/msal-common v15.
|
|
1498
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
1492
1499
|
/*
|
|
1493
1500
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1494
1501
|
* Licensed under the MIT License.
|
|
@@ -1570,7 +1577,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1570
1577
|
return updatedAccountInfo;
|
|
1571
1578
|
}
|
|
1572
1579
|
|
|
1573
|
-
/*! @azure/msal-common v15.
|
|
1580
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
1574
1581
|
/*
|
|
1575
1582
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1576
1583
|
* Licensed under the MIT License.
|
|
@@ -1585,7 +1592,7 @@ const AuthorityType = {
|
|
|
1585
1592
|
Ciam: 3,
|
|
1586
1593
|
};
|
|
1587
1594
|
|
|
1588
|
-
/*! @azure/msal-common v15.
|
|
1595
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
1589
1596
|
/*
|
|
1590
1597
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1591
1598
|
* Licensed under the MIT License.
|
|
@@ -1607,7 +1614,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
1607
1614
|
return null;
|
|
1608
1615
|
}
|
|
1609
1616
|
|
|
1610
|
-
/*! @azure/msal-common v15.
|
|
1617
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
1611
1618
|
/*
|
|
1612
1619
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1613
1620
|
* Licensed under the MIT License.
|
|
@@ -1631,7 +1638,7 @@ const ProtocolMode = {
|
|
|
1631
1638
|
EAR: "EAR",
|
|
1632
1639
|
};
|
|
1633
1640
|
|
|
1634
|
-
/*! @azure/msal-common v15.
|
|
1641
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
1635
1642
|
|
|
1636
1643
|
/*
|
|
1637
1644
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1852,7 +1859,7 @@ class AccountEntity {
|
|
|
1852
1859
|
}
|
|
1853
1860
|
}
|
|
1854
1861
|
|
|
1855
|
-
/*! @azure/msal-common v15.
|
|
1862
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
1856
1863
|
|
|
1857
1864
|
/*
|
|
1858
1865
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1933,7 +1940,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1933
1940
|
}
|
|
1934
1941
|
}
|
|
1935
1942
|
|
|
1936
|
-
/*! @azure/msal-common v15.
|
|
1943
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
1937
1944
|
|
|
1938
1945
|
/*
|
|
1939
1946
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2049,7 +2056,7 @@ function normalizeUrlForComparison(url) {
|
|
|
2049
2056
|
}
|
|
2050
2057
|
}
|
|
2051
2058
|
|
|
2052
|
-
/*! @azure/msal-common v15.
|
|
2059
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
2053
2060
|
|
|
2054
2061
|
/*
|
|
2055
2062
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2213,7 +2220,7 @@ class UrlString {
|
|
|
2213
2220
|
}
|
|
2214
2221
|
}
|
|
2215
2222
|
|
|
2216
|
-
/*! @azure/msal-common v15.
|
|
2223
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
2217
2224
|
|
|
2218
2225
|
/*
|
|
2219
2226
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2352,7 +2359,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2352
2359
|
return null;
|
|
2353
2360
|
}
|
|
2354
2361
|
|
|
2355
|
-
/*! @azure/msal-common v15.
|
|
2362
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
2356
2363
|
/*
|
|
2357
2364
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2358
2365
|
* Licensed under the MIT License.
|
|
@@ -2360,7 +2367,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2360
2367
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2361
2368
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2362
2369
|
|
|
2363
|
-
/*! @azure/msal-common v15.
|
|
2370
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
2364
2371
|
|
|
2365
2372
|
/*
|
|
2366
2373
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2405,7 +2412,7 @@ function createCacheError(e) {
|
|
|
2405
2412
|
}
|
|
2406
2413
|
}
|
|
2407
2414
|
|
|
2408
|
-
/*! @azure/msal-common v15.
|
|
2415
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
2409
2416
|
|
|
2410
2417
|
/*
|
|
2411
2418
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2575,15 +2582,16 @@ class CacheManager {
|
|
|
2575
2582
|
* @param cacheRecord {CacheRecord}
|
|
2576
2583
|
* @param correlationId {?string} correlation id
|
|
2577
2584
|
* @param kmsi - Keep Me Signed In
|
|
2585
|
+
* @param apiId - API identifier for telemetry tracking
|
|
2578
2586
|
* @param storeInCache {?StoreInCache}
|
|
2579
2587
|
*/
|
|
2580
|
-
async saveCacheRecord(cacheRecord, correlationId, kmsi, storeInCache) {
|
|
2588
|
+
async saveCacheRecord(cacheRecord, correlationId, kmsi, apiId, storeInCache) {
|
|
2581
2589
|
if (!cacheRecord) {
|
|
2582
2590
|
throw createClientAuthError(invalidCacheRecord);
|
|
2583
2591
|
}
|
|
2584
2592
|
try {
|
|
2585
2593
|
if (!!cacheRecord.account) {
|
|
2586
|
-
await this.setAccount(cacheRecord.account, correlationId, kmsi);
|
|
2594
|
+
await this.setAccount(cacheRecord.account, correlationId, kmsi, apiId);
|
|
2587
2595
|
}
|
|
2588
2596
|
if (!!cacheRecord.idToken && storeInCache?.idToken !== false) {
|
|
2589
2597
|
await this.setIdTokenCredential(cacheRecord.idToken, correlationId, kmsi);
|
|
@@ -3515,7 +3523,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3515
3523
|
}
|
|
3516
3524
|
}
|
|
3517
3525
|
|
|
3518
|
-
/*! @azure/msal-common v15.
|
|
3526
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
3519
3527
|
/*
|
|
3520
3528
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3521
3529
|
* Licensed under the MIT License.
|
|
@@ -3772,6 +3780,11 @@ const PerformanceEvents = {
|
|
|
3772
3780
|
Decrypt: "decrypt",
|
|
3773
3781
|
GenerateEarKey: "generateEarKey",
|
|
3774
3782
|
DecryptEarResponse: "decryptEarResponse",
|
|
3783
|
+
LoadExternalTokens: "LoadExternalTokens",
|
|
3784
|
+
LoadAccount: "loadAccount",
|
|
3785
|
+
LoadIdToken: "loadIdToken",
|
|
3786
|
+
LoadAccessToken: "loadAccessToken",
|
|
3787
|
+
LoadRefreshToken: "loadRefreshToken",
|
|
3775
3788
|
};
|
|
3776
3789
|
const PerformanceEventAbbreviations = new Map([
|
|
3777
3790
|
[PerformanceEvents.AcquireTokenByCode, "ATByCode"],
|
|
@@ -4037,7 +4050,7 @@ const IntFields = new Set([
|
|
|
4037
4050
|
"upgradedCacheCount",
|
|
4038
4051
|
]);
|
|
4039
4052
|
|
|
4040
|
-
/*! @azure/msal-common v15.
|
|
4053
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
4041
4054
|
|
|
4042
4055
|
/*
|
|
4043
4056
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4116,7 +4129,7 @@ class StubPerformanceClient {
|
|
|
4116
4129
|
}
|
|
4117
4130
|
}
|
|
4118
4131
|
|
|
4119
|
-
/*! @azure/msal-common v15.
|
|
4132
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
4120
4133
|
|
|
4121
4134
|
/*
|
|
4122
4135
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4216,7 +4229,7 @@ function isOidcProtocolMode(config) {
|
|
|
4216
4229
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
4217
4230
|
}
|
|
4218
4231
|
|
|
4219
|
-
/*! @azure/msal-common v15.
|
|
4232
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
4220
4233
|
/*
|
|
4221
4234
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4222
4235
|
* Licensed under the MIT License.
|
|
@@ -4226,7 +4239,7 @@ const CcsCredentialType = {
|
|
|
4226
4239
|
UPN: "UPN",
|
|
4227
4240
|
};
|
|
4228
4241
|
|
|
4229
|
-
/*! @azure/msal-common v15.
|
|
4242
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
4230
4243
|
/*
|
|
4231
4244
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4232
4245
|
* Licensed under the MIT License.
|
|
@@ -4276,7 +4289,7 @@ const INSTANCE_AWARE = "instance_aware";
|
|
|
4276
4289
|
const EAR_JWK = "ear_jwk";
|
|
4277
4290
|
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
4278
4291
|
|
|
4279
|
-
/*! @azure/msal-common v15.
|
|
4292
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
4280
4293
|
|
|
4281
4294
|
/*
|
|
4282
4295
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4656,7 +4669,7 @@ function addPostBodyParameters(parameters, bodyParameters) {
|
|
|
4656
4669
|
});
|
|
4657
4670
|
}
|
|
4658
4671
|
|
|
4659
|
-
/*! @azure/msal-common v15.
|
|
4672
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
4660
4673
|
/*
|
|
4661
4674
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4662
4675
|
* Licensed under the MIT License.
|
|
@@ -4668,7 +4681,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
4668
4681
|
response.hasOwnProperty("jwks_uri"));
|
|
4669
4682
|
}
|
|
4670
4683
|
|
|
4671
|
-
/*! @azure/msal-common v15.
|
|
4684
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
4672
4685
|
/*
|
|
4673
4686
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4674
4687
|
* Licensed under the MIT License.
|
|
@@ -4678,7 +4691,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
4678
4691
|
response.hasOwnProperty("metadata"));
|
|
4679
4692
|
}
|
|
4680
4693
|
|
|
4681
|
-
/*! @azure/msal-common v15.
|
|
4694
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
4682
4695
|
/*
|
|
4683
4696
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4684
4697
|
* Licensed under the MIT License.
|
|
@@ -4688,7 +4701,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
4688
4701
|
response.hasOwnProperty("error_description"));
|
|
4689
4702
|
}
|
|
4690
4703
|
|
|
4691
|
-
/*! @azure/msal-common v15.
|
|
4704
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
4692
4705
|
/*
|
|
4693
4706
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4694
4707
|
* Licensed under the MIT License.
|
|
@@ -4784,7 +4797,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
4784
4797
|
};
|
|
4785
4798
|
};
|
|
4786
4799
|
|
|
4787
|
-
/*! @azure/msal-common v15.
|
|
4800
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
4788
4801
|
|
|
4789
4802
|
/*
|
|
4790
4803
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4890,7 +4903,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
4890
4903
|
},
|
|
4891
4904
|
};
|
|
4892
4905
|
|
|
4893
|
-
/*! @azure/msal-common v15.
|
|
4906
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
4894
4907
|
/*
|
|
4895
4908
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4896
4909
|
* Licensed under the MIT License.
|
|
@@ -4955,7 +4968,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
4955
4968
|
return cachedAtSec > nowSeconds();
|
|
4956
4969
|
}
|
|
4957
4970
|
|
|
4958
|
-
/*! @azure/msal-common v15.
|
|
4971
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
4959
4972
|
|
|
4960
4973
|
/*
|
|
4961
4974
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5217,7 +5230,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
5217
5230
|
return metadata.expiresAt <= nowSeconds();
|
|
5218
5231
|
}
|
|
5219
5232
|
|
|
5220
|
-
/*! @azure/msal-common v15.
|
|
5233
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
5221
5234
|
|
|
5222
5235
|
/*
|
|
5223
5236
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6056,7 +6069,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
6056
6069
|
};
|
|
6057
6070
|
}
|
|
6058
6071
|
|
|
6059
|
-
/*! @azure/msal-common v15.
|
|
6072
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
6060
6073
|
|
|
6061
6074
|
/*
|
|
6062
6075
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6087,7 +6100,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
6087
6100
|
}
|
|
6088
6101
|
}
|
|
6089
6102
|
|
|
6090
|
-
/*! @azure/msal-common v15.
|
|
6103
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
6091
6104
|
|
|
6092
6105
|
/*
|
|
6093
6106
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6106,7 +6119,7 @@ class ServerError extends AuthError {
|
|
|
6106
6119
|
}
|
|
6107
6120
|
}
|
|
6108
6121
|
|
|
6109
|
-
/*! @azure/msal-common v15.
|
|
6122
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
6110
6123
|
/*
|
|
6111
6124
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6112
6125
|
* Licensed under the MIT License.
|
|
@@ -6127,7 +6140,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
6127
6140
|
};
|
|
6128
6141
|
}
|
|
6129
6142
|
|
|
6130
|
-
/*! @azure/msal-common v15.
|
|
6143
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
6131
6144
|
|
|
6132
6145
|
/*
|
|
6133
6146
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6214,7 +6227,7 @@ class ThrottlingUtils {
|
|
|
6214
6227
|
}
|
|
6215
6228
|
}
|
|
6216
6229
|
|
|
6217
|
-
/*! @azure/msal-common v15.
|
|
6230
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
6218
6231
|
|
|
6219
6232
|
/*
|
|
6220
6233
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6245,7 +6258,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
6245
6258
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
6246
6259
|
}
|
|
6247
6260
|
|
|
6248
|
-
/*! @azure/msal-common v15.
|
|
6261
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
6249
6262
|
|
|
6250
6263
|
/*
|
|
6251
6264
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6393,7 +6406,7 @@ class BaseClient {
|
|
|
6393
6406
|
}
|
|
6394
6407
|
}
|
|
6395
6408
|
|
|
6396
|
-
/*! @azure/msal-common v15.
|
|
6409
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
6397
6410
|
/*
|
|
6398
6411
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6399
6412
|
* Licensed under the MIT License.
|
|
@@ -6421,7 +6434,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
6421
6434
|
uxNotAllowed: uxNotAllowed
|
|
6422
6435
|
});
|
|
6423
6436
|
|
|
6424
|
-
/*! @azure/msal-common v15.
|
|
6437
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
6425
6438
|
|
|
6426
6439
|
/*
|
|
6427
6440
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6511,7 +6524,7 @@ function createInteractionRequiredAuthError(errorCode) {
|
|
|
6511
6524
|
return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
|
|
6512
6525
|
}
|
|
6513
6526
|
|
|
6514
|
-
/*! @azure/msal-common v15.
|
|
6527
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
6515
6528
|
|
|
6516
6529
|
/*
|
|
6517
6530
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6583,7 +6596,7 @@ class ProtocolUtils {
|
|
|
6583
6596
|
}
|
|
6584
6597
|
}
|
|
6585
6598
|
|
|
6586
|
-
/*! @azure/msal-common v15.
|
|
6599
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
6587
6600
|
|
|
6588
6601
|
/*
|
|
6589
6602
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6665,7 +6678,7 @@ class PopTokenGenerator {
|
|
|
6665
6678
|
}
|
|
6666
6679
|
}
|
|
6667
6680
|
|
|
6668
|
-
/*! @azure/msal-common v15.
|
|
6681
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
6669
6682
|
/*
|
|
6670
6683
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6671
6684
|
* Licensed under the MIT License.
|
|
@@ -6692,7 +6705,7 @@ class PopTokenGenerator {
|
|
|
6692
6705
|
}
|
|
6693
6706
|
}
|
|
6694
6707
|
|
|
6695
|
-
/*! @azure/msal-common v15.
|
|
6708
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
6696
6709
|
|
|
6697
6710
|
/*
|
|
6698
6711
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6756,7 +6769,7 @@ class ResponseHandler {
|
|
|
6756
6769
|
* @param serverTokenResponse
|
|
6757
6770
|
* @param authority
|
|
6758
6771
|
*/
|
|
6759
|
-
async handleServerTokenResponse(serverTokenResponse, authority, reqTimestamp, request, authCodePayload, userAssertionHash, handlingRefreshTokenResponse, forceCacheRefreshTokenResponse, serverRequestId) {
|
|
6772
|
+
async handleServerTokenResponse(serverTokenResponse, authority, reqTimestamp, request, apiId, authCodePayload, userAssertionHash, handlingRefreshTokenResponse, forceCacheRefreshTokenResponse, serverRequestId) {
|
|
6760
6773
|
this.performanceClient?.addQueueMeasurement(PerformanceEvents.HandleServerTokenResponse, serverTokenResponse.correlation_id);
|
|
6761
6774
|
// create an idToken object (not entity)
|
|
6762
6775
|
let idTokenClaims;
|
|
@@ -6811,7 +6824,7 @@ class ResponseHandler {
|
|
|
6811
6824
|
return await ResponseHandler.generateAuthenticationResult(this.cryptoObj, authority, cacheRecord, false, request, idTokenClaims, requestStateObj, undefined, serverRequestId);
|
|
6812
6825
|
}
|
|
6813
6826
|
}
|
|
6814
|
-
await this.cacheStorage.saveCacheRecord(cacheRecord, request.correlationId, isKmsi(idTokenClaims || {}), request.storeInCache);
|
|
6827
|
+
await this.cacheStorage.saveCacheRecord(cacheRecord, request.correlationId, isKmsi(idTokenClaims || {}), apiId, request.storeInCache);
|
|
6815
6828
|
}
|
|
6816
6829
|
finally {
|
|
6817
6830
|
if (this.persistencePlugin &&
|
|
@@ -6881,6 +6894,9 @@ class ResponseHandler {
|
|
|
6881
6894
|
? parseInt(serverTokenResponse.refresh_token_expires_in, 10)
|
|
6882
6895
|
: serverTokenResponse.refresh_token_expires_in;
|
|
6883
6896
|
rtExpiresOn = reqTimestamp + rtExpiresIn;
|
|
6897
|
+
this.performanceClient?.addFields({
|
|
6898
|
+
ntwkRtExpiresOnSeconds: rtExpiresOn,
|
|
6899
|
+
}, request.correlationId);
|
|
6884
6900
|
}
|
|
6885
6901
|
cachedRefreshToken = createRefreshTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.refresh_token, this.clientId, serverTokenResponse.foci, userAssertionHash, rtExpiresOn);
|
|
6886
6902
|
}
|
|
@@ -7023,7 +7039,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
7023
7039
|
return baseAccount;
|
|
7024
7040
|
}
|
|
7025
7041
|
|
|
7026
|
-
/*! @azure/msal-common v15.
|
|
7042
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
7027
7043
|
/*
|
|
7028
7044
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7029
7045
|
* Licensed under the MIT License.
|
|
@@ -7041,7 +7057,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
7041
7057
|
}
|
|
7042
7058
|
}
|
|
7043
7059
|
|
|
7044
|
-
/*! @azure/msal-common v15.
|
|
7060
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
7045
7061
|
|
|
7046
7062
|
/*
|
|
7047
7063
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7063,8 +7079,9 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7063
7079
|
* API to acquire a token in exchange of 'authorization_code` acquired by the user in the first leg of the
|
|
7064
7080
|
* authorization_code_grant
|
|
7065
7081
|
* @param request
|
|
7082
|
+
* @param apiId - API identifier for telemetry tracking
|
|
7066
7083
|
*/
|
|
7067
|
-
async acquireToken(request, authCodePayload) {
|
|
7084
|
+
async acquireToken(request, apiId, authCodePayload) {
|
|
7068
7085
|
this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthClientAcquireToken, request.correlationId);
|
|
7069
7086
|
if (!request.code) {
|
|
7070
7087
|
throw createClientAuthError(requestCannotBeMade);
|
|
@@ -7076,7 +7093,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7076
7093
|
const responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.config.serializableCache, this.config.persistencePlugin, this.performanceClient);
|
|
7077
7094
|
// Validate response. This function throws a server error if an error is returned by the server.
|
|
7078
7095
|
responseHandler.validateTokenResponse(response.body);
|
|
7079
|
-
return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, authCodePayload, undefined, undefined, undefined, requestId);
|
|
7096
|
+
return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, apiId, authCodePayload, undefined, undefined, undefined, requestId);
|
|
7080
7097
|
}
|
|
7081
7098
|
/**
|
|
7082
7099
|
* Used to log out the current user, and redirect the user to the postLogoutRedirectUri.
|
|
@@ -7276,7 +7293,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7276
7293
|
}
|
|
7277
7294
|
}
|
|
7278
7295
|
|
|
7279
|
-
/*! @azure/msal-common v15.
|
|
7296
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
7280
7297
|
|
|
7281
7298
|
/*
|
|
7282
7299
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7291,7 +7308,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7291
7308
|
constructor(configuration, performanceClient) {
|
|
7292
7309
|
super(configuration, performanceClient);
|
|
7293
7310
|
}
|
|
7294
|
-
async acquireToken(request) {
|
|
7311
|
+
async acquireToken(request, apiId) {
|
|
7295
7312
|
this.performanceClient?.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireToken, request.correlationId);
|
|
7296
7313
|
const reqTimestamp = nowSeconds();
|
|
7297
7314
|
const response = await invokeAsync(this.executeTokenRequest.bind(this), PerformanceEvents.RefreshTokenClientExecuteTokenRequest, this.logger, this.performanceClient, request.correlationId)(request, this.authority);
|
|
@@ -7299,13 +7316,13 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7299
7316
|
const requestId = response.headers?.[HeaderNames.X_MS_REQUEST_ID];
|
|
7300
7317
|
const responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.config.serializableCache, this.config.persistencePlugin);
|
|
7301
7318
|
responseHandler.validateTokenResponse(response.body);
|
|
7302
|
-
return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, undefined, undefined, true, request.forceCache, requestId);
|
|
7319
|
+
return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, apiId, undefined, undefined, true, request.forceCache, requestId);
|
|
7303
7320
|
}
|
|
7304
7321
|
/**
|
|
7305
7322
|
* Gets cached refresh token and attaches to request, then calls acquireToken API
|
|
7306
7323
|
* @param request
|
|
7307
7324
|
*/
|
|
7308
|
-
async acquireTokenByRefreshToken(request) {
|
|
7325
|
+
async acquireTokenByRefreshToken(request, apiId) {
|
|
7309
7326
|
// Cannot renew token if no request object is given.
|
|
7310
7327
|
if (!request) {
|
|
7311
7328
|
throw createClientConfigurationError(tokenRequestEmpty);
|
|
@@ -7320,7 +7337,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7320
7337
|
// if the app is part of the family, retrive a Family refresh token if present and make a refreshTokenRequest
|
|
7321
7338
|
if (isFOCI) {
|
|
7322
7339
|
try {
|
|
7323
|
-
return await invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, true);
|
|
7340
|
+
return await invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, true, apiId);
|
|
7324
7341
|
}
|
|
7325
7342
|
catch (e) {
|
|
7326
7343
|
const noFamilyRTInCache = e instanceof InteractionRequiredAuthError &&
|
|
@@ -7331,7 +7348,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7331
7348
|
e.subError === Errors.CLIENT_MISMATCH_ERROR;
|
|
7332
7349
|
// if family Refresh Token (FRT) cache acquisition fails or if client_mismatch error is seen with FRT, reattempt with application Refresh Token (ART)
|
|
7333
7350
|
if (noFamilyRTInCache || clientMismatchErrorWithFamilyRT) {
|
|
7334
|
-
return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false);
|
|
7351
|
+
return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false, apiId);
|
|
7335
7352
|
// throw in all other cases
|
|
7336
7353
|
}
|
|
7337
7354
|
else {
|
|
@@ -7340,26 +7357,30 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7340
7357
|
}
|
|
7341
7358
|
}
|
|
7342
7359
|
// fall back to application refresh token acquisition
|
|
7343
|
-
return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false);
|
|
7360
|
+
return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false, apiId);
|
|
7344
7361
|
}
|
|
7345
7362
|
/**
|
|
7346
7363
|
* makes a network call to acquire tokens by exchanging RefreshToken available in userCache; throws if refresh token is not cached
|
|
7347
7364
|
* @param request
|
|
7348
7365
|
*/
|
|
7349
|
-
async acquireTokenWithCachedRefreshToken(request, foci) {
|
|
7366
|
+
async acquireTokenWithCachedRefreshToken(request, foci, apiId) {
|
|
7350
7367
|
this.performanceClient?.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, request.correlationId);
|
|
7351
7368
|
// fetches family RT or application RT based on FOCI value
|
|
7352
7369
|
const refreshToken = invoke(this.cacheManager.getRefreshToken.bind(this.cacheManager), PerformanceEvents.CacheManagerGetRefreshToken, this.logger, this.performanceClient, request.correlationId)(request.account, foci, request.correlationId, undefined, this.performanceClient);
|
|
7353
7370
|
if (!refreshToken) {
|
|
7354
7371
|
throw createInteractionRequiredAuthError(noTokensFound);
|
|
7355
7372
|
}
|
|
7356
|
-
if (refreshToken.expiresOn
|
|
7357
|
-
|
|
7358
|
-
DEFAULT_REFRESH_TOKEN_EXPIRATION_OFFSET_SECONDS
|
|
7359
|
-
this.performanceClient?.addFields({
|
|
7360
|
-
|
|
7373
|
+
if (refreshToken.expiresOn) {
|
|
7374
|
+
const offset = request.refreshTokenExpirationOffsetSeconds ||
|
|
7375
|
+
DEFAULT_REFRESH_TOKEN_EXPIRATION_OFFSET_SECONDS;
|
|
7376
|
+
this.performanceClient?.addFields({
|
|
7377
|
+
cacheRtExpiresOnSeconds: Number(refreshToken.expiresOn),
|
|
7378
|
+
rtOffsetSeconds: offset,
|
|
7379
|
+
}, request.correlationId);
|
|
7380
|
+
if (isTokenExpired(refreshToken.expiresOn, offset)) {
|
|
7381
|
+
throw createInteractionRequiredAuthError(refreshTokenExpired);
|
|
7382
|
+
}
|
|
7361
7383
|
}
|
|
7362
|
-
// attach cached RT size to the current measurement
|
|
7363
7384
|
const refreshTokenRequest = {
|
|
7364
7385
|
...request,
|
|
7365
7386
|
refreshToken: refreshToken.secret,
|
|
@@ -7370,11 +7391,10 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7370
7391
|
},
|
|
7371
7392
|
};
|
|
7372
7393
|
try {
|
|
7373
|
-
return await invokeAsync(this.acquireToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(refreshTokenRequest);
|
|
7394
|
+
return await invokeAsync(this.acquireToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(refreshTokenRequest, apiId);
|
|
7374
7395
|
}
|
|
7375
7396
|
catch (e) {
|
|
7376
7397
|
if (e instanceof InteractionRequiredAuthError) {
|
|
7377
|
-
this.performanceClient?.addFields({ rtExpiresOnMs: Number(refreshToken.expiresOn) }, request.correlationId);
|
|
7378
7398
|
if (e.subError === badToken) {
|
|
7379
7399
|
// Remove bad refresh token from cache
|
|
7380
7400
|
this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");
|
|
@@ -7485,7 +7505,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7485
7505
|
}
|
|
7486
7506
|
}
|
|
7487
7507
|
|
|
7488
|
-
/*! @azure/msal-common v15.
|
|
7508
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
7489
7509
|
|
|
7490
7510
|
/*
|
|
7491
7511
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7583,7 +7603,7 @@ class SilentFlowClient extends BaseClient {
|
|
|
7583
7603
|
}
|
|
7584
7604
|
}
|
|
7585
7605
|
|
|
7586
|
-
/*! @azure/msal-common v15.
|
|
7606
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
7587
7607
|
|
|
7588
7608
|
/*
|
|
7589
7609
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7598,7 +7618,7 @@ const StubbedNetworkModule = {
|
|
|
7598
7618
|
},
|
|
7599
7619
|
};
|
|
7600
7620
|
|
|
7601
|
-
/*! @azure/msal-common v15.
|
|
7621
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
7602
7622
|
|
|
7603
7623
|
/*
|
|
7604
7624
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7822,7 +7842,7 @@ function extractLoginHint(account) {
|
|
|
7822
7842
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
7823
7843
|
}
|
|
7824
7844
|
|
|
7825
|
-
/*! @azure/msal-common v15.
|
|
7845
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
7826
7846
|
|
|
7827
7847
|
/*
|
|
7828
7848
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7880,7 +7900,7 @@ class AuthenticationHeaderParser {
|
|
|
7880
7900
|
}
|
|
7881
7901
|
}
|
|
7882
7902
|
|
|
7883
|
-
/*! @azure/msal-common v15.
|
|
7903
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
7884
7904
|
|
|
7885
7905
|
/*
|
|
7886
7906
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8143,7 +8163,7 @@ class ServerTelemetryManager {
|
|
|
8143
8163
|
}
|
|
8144
8164
|
}
|
|
8145
8165
|
|
|
8146
|
-
/*! @azure/msal-common v15.
|
|
8166
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
8147
8167
|
/*
|
|
8148
8168
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8149
8169
|
* Licensed under the MIT License.
|
|
@@ -8151,7 +8171,7 @@ class ServerTelemetryManager {
|
|
|
8151
8171
|
const missingKidError = "missing_kid_error";
|
|
8152
8172
|
const missingAlgError = "missing_alg_error";
|
|
8153
8173
|
|
|
8154
|
-
/*! @azure/msal-common v15.
|
|
8174
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
8155
8175
|
|
|
8156
8176
|
/*
|
|
8157
8177
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8176,7 +8196,7 @@ function createJoseHeaderError(code) {
|
|
|
8176
8196
|
return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
|
|
8177
8197
|
}
|
|
8178
8198
|
|
|
8179
|
-
/*! @azure/msal-common v15.
|
|
8199
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
8180
8200
|
|
|
8181
8201
|
/*
|
|
8182
8202
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8216,7 +8236,7 @@ class JoseHeader {
|
|
|
8216
8236
|
}
|
|
8217
8237
|
}
|
|
8218
8238
|
|
|
8219
|
-
/*! @azure/msal-common v15.
|
|
8239
|
+
/*! @azure/msal-common v15.14.0 2026-01-13 */
|
|
8220
8240
|
|
|
8221
8241
|
/*
|
|
8222
8242
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -9304,9 +9324,9 @@ const InMemoryCacheKeys = {
|
|
|
9304
9324
|
};
|
|
9305
9325
|
/**
|
|
9306
9326
|
* API Codes for Telemetry purposes.
|
|
9307
|
-
* Before adding a new code you must claim it in the MSAL Telemetry tracker as these number spaces are shared across all MSALs
|
|
9308
9327
|
* 0-99 Silent Flow
|
|
9309
9328
|
* 800-899 Auth Code Flow
|
|
9329
|
+
* 900-999 Miscellaneous
|
|
9310
9330
|
*/
|
|
9311
9331
|
const ApiId = {
|
|
9312
9332
|
acquireTokenRedirect: 861,
|
|
@@ -9318,6 +9338,30 @@ const ApiId = {
|
|
|
9318
9338
|
acquireTokenSilent_silentFlow: 61,
|
|
9319
9339
|
logout: 961,
|
|
9320
9340
|
logoutPopup: 962,
|
|
9341
|
+
hydrateCache: 963,
|
|
9342
|
+
loadExternalTokens: 964,
|
|
9343
|
+
};
|
|
9344
|
+
/**
|
|
9345
|
+
* API Names for Telemetry purposes.
|
|
9346
|
+
*/
|
|
9347
|
+
const ApiName = {
|
|
9348
|
+
861: "acquireTokenRedirect",
|
|
9349
|
+
862: "acquireTokenPopup",
|
|
9350
|
+
863: "ssoSilent",
|
|
9351
|
+
864: "acquireTokenSilent_authCode",
|
|
9352
|
+
865: "handleRedirectPromise",
|
|
9353
|
+
866: "acquireTokenByCode",
|
|
9354
|
+
61: "acquireTokenSilent_silentFlow",
|
|
9355
|
+
961: "logout",
|
|
9356
|
+
962: "logoutPopup",
|
|
9357
|
+
963: "hydrateCache",
|
|
9358
|
+
964: "loadExternalTokens",
|
|
9359
|
+
};
|
|
9360
|
+
const apiIdToName = (id) => {
|
|
9361
|
+
if (typeof id === "number" && id in ApiName) {
|
|
9362
|
+
return ApiName[id];
|
|
9363
|
+
}
|
|
9364
|
+
return "unknown";
|
|
9321
9365
|
};
|
|
9322
9366
|
/*
|
|
9323
9367
|
* Interaction type of the API - used for state and telemetry
|
|
@@ -10286,6 +10330,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
10286
10330
|
asyncPopups: false,
|
|
10287
10331
|
allowRedirectInIframe: false,
|
|
10288
10332
|
allowPlatformBroker: false,
|
|
10333
|
+
allowPlatformBrokerWithDOM: false,
|
|
10289
10334
|
nativeBrokerHandshakeTimeout: userInputSystem?.nativeBrokerHandshakeTimeout ||
|
|
10290
10335
|
DEFAULT_NATIVE_BROKER_HANDSHAKE_TIMEOUT_MS,
|
|
10291
10336
|
pollIntervalMilliseconds: BrowserConstants.DEFAULT_POLL_INTERVAL_MS,
|
|
@@ -10332,7 +10377,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
10332
10377
|
|
|
10333
10378
|
/* eslint-disable header/header */
|
|
10334
10379
|
const name = "@azure/msal-browser";
|
|
10335
|
-
const version = "4.
|
|
10380
|
+
const version = "4.28.0";
|
|
10336
10381
|
|
|
10337
10382
|
/*
|
|
10338
10383
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -10346,7 +10391,6 @@ const ACCOUNT_SCHEMA_VERSION = 2;
|
|
|
10346
10391
|
const LOG_LEVEL_CACHE_KEY = `${PREFIX}.${BROWSER_PREFIX}.log.level`;
|
|
10347
10392
|
const LOG_PII_CACHE_KEY = `${PREFIX}.${BROWSER_PREFIX}.log.pii`;
|
|
10348
10393
|
const BROWSER_PERF_ENABLED_KEY = `${PREFIX}.${BROWSER_PREFIX}.performance.enabled`;
|
|
10349
|
-
const PLATFORM_AUTH_DOM_SUPPORT = `${PREFIX}.${BROWSER_PREFIX}.platform.auth.dom`;
|
|
10350
10394
|
const VERSION_CACHE_KEY = `${PREFIX}.version`;
|
|
10351
10395
|
const ACCOUNT_KEYS = "account.keys";
|
|
10352
10396
|
const TOKEN_KEYS = "token.keys";
|
|
@@ -12353,17 +12397,21 @@ class BrowserCacheManager extends CacheManager {
|
|
|
12353
12397
|
if (!parsedAccount || !AccountEntity.isAccountEntity(parsedAccount)) {
|
|
12354
12398
|
return null;
|
|
12355
12399
|
}
|
|
12400
|
+
this.performanceClient.addFields({
|
|
12401
|
+
accountCachedBy: apiIdToName(parsedAccount.cachedByApiId),
|
|
12402
|
+
}, correlationId);
|
|
12356
12403
|
return CacheManager.toObject(new AccountEntity(), parsedAccount);
|
|
12357
12404
|
}
|
|
12358
12405
|
/**
|
|
12359
12406
|
* set account entity in the platform cache
|
|
12360
12407
|
* @param account
|
|
12361
12408
|
*/
|
|
12362
|
-
async setAccount(account, correlationId, kmsi) {
|
|
12409
|
+
async setAccount(account, correlationId, kmsi, apiId) {
|
|
12363
12410
|
this.logger.trace("BrowserCacheManager.setAccount called");
|
|
12364
12411
|
const key = this.generateAccountKey(AccountEntity.getAccountInfo(account));
|
|
12365
12412
|
const timestamp = Date.now().toString();
|
|
12366
12413
|
account.lastUpdatedAt = timestamp;
|
|
12414
|
+
account.cachedByApiId = apiId;
|
|
12367
12415
|
await this.setUserData(key, JSON.stringify(account), correlationId, timestamp, kmsi);
|
|
12368
12416
|
const wasAdded = this.addAccountKeyToMap(key, correlationId);
|
|
12369
12417
|
this.performanceClient.addFields({ kmsi: kmsi }, correlationId);
|
|
@@ -13143,7 +13191,7 @@ class BrowserCacheManager extends CacheManager {
|
|
|
13143
13191
|
idToken: idTokenEntity,
|
|
13144
13192
|
accessToken: accessTokenEntity,
|
|
13145
13193
|
};
|
|
13146
|
-
return this.saveCacheRecord(cacheRecord, result.correlationId, isKmsi(extractTokenClaims(result.idToken, base64Decode)));
|
|
13194
|
+
return this.saveCacheRecord(cacheRecord, result.correlationId, isKmsi(extractTokenClaims(result.idToken, base64Decode)), ApiId.hydrateCache);
|
|
13147
13195
|
}
|
|
13148
13196
|
/**
|
|
13149
13197
|
* saves a cache record
|
|
@@ -13151,9 +13199,9 @@ class BrowserCacheManager extends CacheManager {
|
|
|
13151
13199
|
* @param storeInCache {?StoreInCache}
|
|
13152
13200
|
* @param correlationId {?string} correlation id
|
|
13153
13201
|
*/
|
|
13154
|
-
async saveCacheRecord(cacheRecord, correlationId, kmsi, storeInCache) {
|
|
13202
|
+
async saveCacheRecord(cacheRecord, correlationId, kmsi, apiId, storeInCache) {
|
|
13155
13203
|
try {
|
|
13156
|
-
await super.saveCacheRecord(cacheRecord, correlationId, kmsi, storeInCache);
|
|
13204
|
+
await super.saveCacheRecord(cacheRecord, correlationId, kmsi, apiId, storeInCache);
|
|
13157
13205
|
}
|
|
13158
13206
|
catch (e) {
|
|
13159
13207
|
if (e instanceof CacheError &&
|
|
@@ -13912,7 +13960,7 @@ class InteractionHandler {
|
|
|
13912
13960
|
* Function to handle response parameters from hash.
|
|
13913
13961
|
* @param locationHash
|
|
13914
13962
|
*/
|
|
13915
|
-
async handleCodeResponse(response, request) {
|
|
13963
|
+
async handleCodeResponse(response, request, apiId) {
|
|
13916
13964
|
this.performanceClient.addQueueMeasurement(PerformanceEvents.HandleCodeResponse, request.correlationId);
|
|
13917
13965
|
let authCodeResponse;
|
|
13918
13966
|
try {
|
|
@@ -13928,7 +13976,7 @@ class InteractionHandler {
|
|
|
13928
13976
|
throw e;
|
|
13929
13977
|
}
|
|
13930
13978
|
}
|
|
13931
|
-
return invokeAsync(this.handleCodeResponseFromServer.bind(this), PerformanceEvents.HandleCodeResponseFromServer, this.logger, this.performanceClient, request.correlationId)(authCodeResponse, request);
|
|
13979
|
+
return invokeAsync(this.handleCodeResponseFromServer.bind(this), PerformanceEvents.HandleCodeResponseFromServer, this.logger, this.performanceClient, request.correlationId)(authCodeResponse, request, apiId);
|
|
13932
13980
|
}
|
|
13933
13981
|
/**
|
|
13934
13982
|
* Process auth code response from AAD
|
|
@@ -13938,7 +13986,7 @@ class InteractionHandler {
|
|
|
13938
13986
|
* @param networkModule
|
|
13939
13987
|
* @returns
|
|
13940
13988
|
*/
|
|
13941
|
-
async handleCodeResponseFromServer(authCodeResponse, request, validateNonce = true) {
|
|
13989
|
+
async handleCodeResponseFromServer(authCodeResponse, request, apiId, validateNonce = true) {
|
|
13942
13990
|
this.performanceClient.addQueueMeasurement(PerformanceEvents.HandleCodeResponseFromServer, request.correlationId);
|
|
13943
13991
|
this.logger.trace("InteractionHandler.handleCodeResponseFromServer called");
|
|
13944
13992
|
// Assign code to request
|
|
@@ -13964,7 +14012,7 @@ class InteractionHandler {
|
|
|
13964
14012
|
}
|
|
13965
14013
|
}
|
|
13966
14014
|
// Acquire token with retrieved code.
|
|
13967
|
-
const tokenResponse = (await invokeAsync(this.authModule.acquireToken.bind(this.authModule), PerformanceEvents.AuthClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(this.authCodeRequest, authCodeResponse));
|
|
14015
|
+
const tokenResponse = (await invokeAsync(this.authModule.acquireToken.bind(this.authModule), PerformanceEvents.AuthClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(this.authCodeRequest, apiId, authCodeResponse));
|
|
13968
14016
|
return tokenResponse;
|
|
13969
14017
|
}
|
|
13970
14018
|
/**
|
|
@@ -14512,7 +14560,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
14512
14560
|
*/
|
|
14513
14561
|
async cacheAccount(accountEntity, correlationId, kmsi) {
|
|
14514
14562
|
// Store the account info and hence `nativeAccountId` in browser cache
|
|
14515
|
-
await this.browserStorage.setAccount(accountEntity, this.correlationId, kmsi);
|
|
14563
|
+
await this.browserStorage.setAccount(accountEntity, this.correlationId, kmsi, this.apiId);
|
|
14516
14564
|
// Remove any existing cached tokens for this account in browser storage
|
|
14517
14565
|
this.browserStorage.removeAccountContext(AccountEntity.getAccountInfo(accountEntity), correlationId);
|
|
14518
14566
|
}
|
|
@@ -14541,7 +14589,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
14541
14589
|
idToken: cachedIdToken,
|
|
14542
14590
|
accessToken: cachedAccessToken,
|
|
14543
14591
|
};
|
|
14544
|
-
return this.nativeStorageManager.saveCacheRecord(nativeCacheRecord, this.correlationId, isKmsi(idTokenClaims), request.storeInCache);
|
|
14592
|
+
return this.nativeStorageManager.saveCacheRecord(nativeCacheRecord, this.correlationId, isKmsi(idTokenClaims), this.apiId, request.storeInCache);
|
|
14545
14593
|
}
|
|
14546
14594
|
getExpiresInValue(tokenType, expiresIn) {
|
|
14547
14595
|
return tokenType === AuthenticationScheme.POP
|
|
@@ -14916,7 +14964,7 @@ async function handleResponseCode(request, response, codeVerifier, apiId, config
|
|
|
14916
14964
|
// Create popup interaction handler.
|
|
14917
14965
|
const interactionHandler = new InteractionHandler(authClient, browserStorage, authCodeRequest, logger, performanceClient);
|
|
14918
14966
|
// Handle response from hash string.
|
|
14919
|
-
const result = await invokeAsync(interactionHandler.handleCodeResponse.bind(interactionHandler), PerformanceEvents.HandleCodeResponse, logger, performanceClient, request.correlationId)(response, request);
|
|
14967
|
+
const result = await invokeAsync(interactionHandler.handleCodeResponse.bind(interactionHandler), PerformanceEvents.HandleCodeResponse, logger, performanceClient, request.correlationId)(response, request, apiId);
|
|
14920
14968
|
return result;
|
|
14921
14969
|
}
|
|
14922
14970
|
/**
|
|
@@ -14963,7 +15011,7 @@ async function handleResponseEAR(request, response, apiId, config, authority, br
|
|
|
14963
15011
|
cloud_instance_name: decryptedData.cloud_instance_name,
|
|
14964
15012
|
msgraph_host: decryptedData.msgraph_host,
|
|
14965
15013
|
};
|
|
14966
|
-
return (await invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, logger, performanceClient, request.correlationId)(decryptedData, authority, nowSeconds(), request, additionalData, undefined, undefined, undefined, undefined));
|
|
15014
|
+
return (await invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, logger, performanceClient, request.correlationId)(decryptedData, authority, nowSeconds(), request, apiId, additionalData, undefined, undefined, undefined, undefined));
|
|
14967
15015
|
}
|
|
14968
15016
|
|
|
14969
15017
|
/*
|
|
@@ -15429,7 +15477,7 @@ class PlatformAuthDOMHandler {
|
|
|
15429
15477
|
* @param perfClient
|
|
15430
15478
|
* @returns
|
|
15431
15479
|
*/
|
|
15432
|
-
async function isPlatformBrokerAvailable(loggerOptions, perfClient, correlationId) {
|
|
15480
|
+
async function isPlatformBrokerAvailable(loggerOptions, perfClient, correlationId, domConfig) {
|
|
15433
15481
|
const logger = new Logger(loggerOptions || {}, name, version);
|
|
15434
15482
|
logger.trace("isPlatformBrokerAvailable called");
|
|
15435
15483
|
const performanceClient = perfClient || new StubPerformanceClient();
|
|
@@ -15437,11 +15485,10 @@ async function isPlatformBrokerAvailable(loggerOptions, perfClient, correlationI
|
|
|
15437
15485
|
logger.trace("Non-browser environment detected, returning false");
|
|
15438
15486
|
return false;
|
|
15439
15487
|
}
|
|
15440
|
-
return !!(await getPlatformAuthProvider(logger, performanceClient, correlationId || createNewGuid()));
|
|
15488
|
+
return !!(await getPlatformAuthProvider(logger, performanceClient, correlationId || createNewGuid(), undefined, domConfig));
|
|
15441
15489
|
}
|
|
15442
|
-
async function getPlatformAuthProvider(logger, performanceClient, correlationId, nativeBrokerHandshakeTimeout) {
|
|
15490
|
+
async function getPlatformAuthProvider(logger, performanceClient, correlationId, nativeBrokerHandshakeTimeout, enablePlatformBrokerDOMSupport) {
|
|
15443
15491
|
logger.trace("getPlatformAuthProvider called", correlationId);
|
|
15444
|
-
const enablePlatformBrokerDOMSupport = isDomEnabledForPlatformAuth();
|
|
15445
15492
|
logger.trace("Has client allowed platform auth via DOM API: " +
|
|
15446
15493
|
enablePlatformBrokerDOMSupport);
|
|
15447
15494
|
let platformAuthProvider;
|
|
@@ -15466,22 +15513,6 @@ async function getPlatformAuthProvider(logger, performanceClient, correlationId,
|
|
|
15466
15513
|
}
|
|
15467
15514
|
return platformAuthProvider;
|
|
15468
15515
|
}
|
|
15469
|
-
/**
|
|
15470
|
-
* Returns true if the DOM API support for platform auth is enabled in session storage
|
|
15471
|
-
* @returns boolean
|
|
15472
|
-
* @deprecated
|
|
15473
|
-
*/
|
|
15474
|
-
function isDomEnabledForPlatformAuth() {
|
|
15475
|
-
let sessionStorage;
|
|
15476
|
-
try {
|
|
15477
|
-
sessionStorage = window[BrowserCacheLocation.SessionStorage];
|
|
15478
|
-
// Mute errors if it's a non-browser environment or cookies are blocked.
|
|
15479
|
-
return sessionStorage?.getItem(PLATFORM_AUTH_DOM_SUPPORT) === "true";
|
|
15480
|
-
}
|
|
15481
|
-
catch (e) {
|
|
15482
|
-
return false;
|
|
15483
|
-
}
|
|
15484
|
-
}
|
|
15485
15516
|
/**
|
|
15486
15517
|
* Returns boolean indicating whether or not the request should attempt to use native broker
|
|
15487
15518
|
* @param logger
|
|
@@ -15491,6 +15522,11 @@ function isDomEnabledForPlatformAuth() {
|
|
|
15491
15522
|
*/
|
|
15492
15523
|
function isPlatformAuthAllowed(config, logger, platformAuthProvider, authenticationScheme) {
|
|
15493
15524
|
logger.trace("isPlatformAuthAllowed called");
|
|
15525
|
+
// throw an error if allowPlatformBroker is not enabled and allowPlatformBrokerWithDOM is enabled
|
|
15526
|
+
if (!config.system.allowPlatformBroker &&
|
|
15527
|
+
config.system.allowPlatformBrokerWithDOM) {
|
|
15528
|
+
throw createClientConfigurationError(invalidPlatformBrokerConfiguration);
|
|
15529
|
+
}
|
|
15494
15530
|
if (!config.system.allowPlatformBroker) {
|
|
15495
15531
|
logger.trace("isPlatformAuthAllowed: allowPlatformBroker is not enabled, returning false");
|
|
15496
15532
|
// Developer disabled WAM
|
|
@@ -16789,7 +16825,7 @@ class SilentRefreshClient extends StandardInteractionClient {
|
|
|
16789
16825
|
account: silentRequest.account,
|
|
16790
16826
|
});
|
|
16791
16827
|
// Send request to renew token. Auth module will throw errors if token cannot be renewed.
|
|
16792
|
-
return invokeAsync(refreshTokenClient.acquireTokenByRefreshToken.bind(refreshTokenClient), PerformanceEvents.RefreshTokenClientAcquireTokenByRefreshToken, this.logger, this.performanceClient, request.correlationId)(silentRequest).catch((e) => {
|
|
16828
|
+
return invokeAsync(refreshTokenClient.acquireTokenByRefreshToken.bind(refreshTokenClient), PerformanceEvents.RefreshTokenClientAcquireTokenByRefreshToken, this.logger, this.performanceClient, request.correlationId)(silentRequest, ApiId.acquireTokenSilent_silentFlow).catch((e) => {
|
|
16793
16829
|
e.setCorrelationId(this.correlationId);
|
|
16794
16830
|
serverTelemetryManager.cacheFailedRequest(e);
|
|
16795
16831
|
throw e;
|
|
@@ -16833,12 +16869,13 @@ class SilentRefreshClient extends StandardInteractionClient {
|
|
|
16833
16869
|
* Token cache manager
|
|
16834
16870
|
*/
|
|
16835
16871
|
class TokenCache {
|
|
16836
|
-
constructor(configuration, storage, logger, cryptoObj) {
|
|
16872
|
+
constructor(configuration, storage, logger, cryptoObj, performanceClient) {
|
|
16837
16873
|
this.isBrowserEnvironment = typeof window !== "undefined";
|
|
16838
16874
|
this.config = configuration;
|
|
16839
16875
|
this.storage = storage;
|
|
16840
16876
|
this.logger = logger;
|
|
16841
16877
|
this.cryptoObj = cryptoObj;
|
|
16878
|
+
this.performanceClient = performanceClient;
|
|
16842
16879
|
}
|
|
16843
16880
|
// Move getAllAccounts here and cache utility APIs
|
|
16844
16881
|
/**
|
|
@@ -16853,30 +16890,38 @@ class TokenCache {
|
|
|
16853
16890
|
throw createBrowserAuthError(nonBrowserEnvironment);
|
|
16854
16891
|
}
|
|
16855
16892
|
const correlationId = request.correlationId || createNewGuid();
|
|
16856
|
-
const
|
|
16857
|
-
|
|
16858
|
-
|
|
16859
|
-
|
|
16860
|
-
|
|
16861
|
-
|
|
16862
|
-
|
|
16863
|
-
|
|
16864
|
-
|
|
16865
|
-
|
|
16866
|
-
|
|
16867
|
-
|
|
16868
|
-
|
|
16869
|
-
|
|
16870
|
-
|
|
16871
|
-
|
|
16872
|
-
|
|
16873
|
-
|
|
16874
|
-
|
|
16875
|
-
|
|
16876
|
-
|
|
16877
|
-
|
|
16878
|
-
|
|
16879
|
-
|
|
16893
|
+
const rootMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.LoadExternalTokens, correlationId);
|
|
16894
|
+
try {
|
|
16895
|
+
const idTokenClaims = response.id_token
|
|
16896
|
+
? extractTokenClaims(response.id_token, base64Decode)
|
|
16897
|
+
: undefined;
|
|
16898
|
+
const kmsi = isKmsi(idTokenClaims || {});
|
|
16899
|
+
const authorityOptions = {
|
|
16900
|
+
protocolMode: this.config.auth.protocolMode,
|
|
16901
|
+
knownAuthorities: this.config.auth.knownAuthorities,
|
|
16902
|
+
cloudDiscoveryMetadata: this.config.auth.cloudDiscoveryMetadata,
|
|
16903
|
+
authorityMetadata: this.config.auth.authorityMetadata,
|
|
16904
|
+
skipAuthorityMetadataCache: this.config.auth.skipAuthorityMetadataCache,
|
|
16905
|
+
};
|
|
16906
|
+
const authority = request.authority
|
|
16907
|
+
? new Authority(Authority.generateAuthority(request.authority, request.azureCloudOptions), this.config.system.networkClient, this.storage, authorityOptions, this.logger, request.correlationId || createNewGuid())
|
|
16908
|
+
: undefined;
|
|
16909
|
+
const cacheRecordAccount = await invokeAsync(this.loadAccount.bind(this), PerformanceEvents.LoadAccount, this.logger, this.performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, idTokenClaims, authority);
|
|
16910
|
+
const idToken = await invokeAsync(this.loadIdToken.bind(this), PerformanceEvents.LoadIdToken, this.logger, this.performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, correlationId, kmsi);
|
|
16911
|
+
const accessToken = await invokeAsync(this.loadAccessToken.bind(this), PerformanceEvents.LoadAccessToken, this.logger, this.performanceClient, correlationId)(request, response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, options, correlationId, kmsi);
|
|
16912
|
+
const refreshToken = await invokeAsync(this.loadRefreshToken.bind(this), PerformanceEvents.LoadRefreshToken, this.logger, this.performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, correlationId, kmsi);
|
|
16913
|
+
rootMeasurement.end({ success: true }, undefined, AccountEntity.getAccountInfo(cacheRecordAccount));
|
|
16914
|
+
return this.generateAuthenticationResult(request, {
|
|
16915
|
+
account: cacheRecordAccount,
|
|
16916
|
+
idToken,
|
|
16917
|
+
accessToken,
|
|
16918
|
+
refreshToken,
|
|
16919
|
+
}, idTokenClaims, authority);
|
|
16920
|
+
}
|
|
16921
|
+
catch (error) {
|
|
16922
|
+
rootMeasurement.end({ success: false }, error);
|
|
16923
|
+
throw error;
|
|
16924
|
+
}
|
|
16880
16925
|
}
|
|
16881
16926
|
/**
|
|
16882
16927
|
* Helper function to load account to msal-browser cache
|
|
@@ -16891,7 +16936,7 @@ class TokenCache {
|
|
|
16891
16936
|
this.logger.verbose("TokenCache - loading account");
|
|
16892
16937
|
if (request.account) {
|
|
16893
16938
|
const accountEntity = AccountEntity.createFromAccountInfo(request.account);
|
|
16894
|
-
await this.storage.setAccount(accountEntity, correlationId, isKmsi(idTokenClaims || {}));
|
|
16939
|
+
await this.storage.setAccount(accountEntity, correlationId, isKmsi(idTokenClaims || {}), ApiId.loadExternalTokens);
|
|
16895
16940
|
return accountEntity;
|
|
16896
16941
|
}
|
|
16897
16942
|
else if (!authority || (!clientInfo && !idTokenClaims)) {
|
|
@@ -16903,7 +16948,7 @@ class TokenCache {
|
|
|
16903
16948
|
const cachedAccount = buildAccountToCache(this.storage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, authority.hostnameAndPort, claimsTenantId, undefined, // authCodePayload
|
|
16904
16949
|
undefined, // nativeAccountId
|
|
16905
16950
|
this.logger);
|
|
16906
|
-
await this.storage.setAccount(cachedAccount, correlationId, isKmsi(idTokenClaims || {}));
|
|
16951
|
+
await this.storage.setAccount(cachedAccount, correlationId, isKmsi(idTokenClaims || {}), ApiId.loadExternalTokens);
|
|
16907
16952
|
return cachedAccount;
|
|
16908
16953
|
}
|
|
16909
16954
|
/**
|
|
@@ -17079,7 +17124,7 @@ class SilentAuthCodeClient extends StandardInteractionClient {
|
|
|
17079
17124
|
msgraph_host: request.msGraphHost,
|
|
17080
17125
|
cloud_graph_host_name: request.cloudGraphHostName,
|
|
17081
17126
|
cloud_instance_host_name: request.cloudInstanceHostName,
|
|
17082
|
-
}, silentRequest, false);
|
|
17127
|
+
}, silentRequest, this.apiId, false);
|
|
17083
17128
|
}
|
|
17084
17129
|
catch (e) {
|
|
17085
17130
|
if (e instanceof AuthError) {
|
|
@@ -17192,7 +17237,7 @@ class StandardController {
|
|
|
17192
17237
|
};
|
|
17193
17238
|
this.nativeInternalStorage = new BrowserCacheManager(this.config.auth.clientId, nativeCacheOptions, this.browserCrypto, this.logger, this.performanceClient, this.eventHandler);
|
|
17194
17239
|
// Initialize the token cache
|
|
17195
|
-
this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto);
|
|
17240
|
+
this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto, this.performanceClient);
|
|
17196
17241
|
this.activeSilentTokenRequests = new Map();
|
|
17197
17242
|
// Register listener functions
|
|
17198
17243
|
this.trackPageVisibility = this.trackPageVisibility.bind(this);
|
|
@@ -17243,7 +17288,7 @@ class StandardController {
|
|
|
17243
17288
|
if (allowPlatformBroker) {
|
|
17244
17289
|
try {
|
|
17245
17290
|
// check if platform authentication is available via DOM or browser extension and create relevant handlers
|
|
17246
|
-
this.platformAuthProvider = await getPlatformAuthProvider(this.logger, this.performanceClient, initCorrelationId, this.config.system.nativeBrokerHandshakeTimeout);
|
|
17291
|
+
this.platformAuthProvider = await getPlatformAuthProvider(this.logger, this.performanceClient, initCorrelationId, this.config.system.nativeBrokerHandshakeTimeout, this.config.system.allowPlatformBrokerWithDOM);
|
|
17247
17292
|
}
|
|
17248
17293
|
catch (e) {
|
|
17249
17294
|
this.logger.verbose(e);
|
|
@@ -18022,7 +18067,7 @@ class StandardController {
|
|
|
18022
18067
|
this.logger.verbose("hydrateCache called");
|
|
18023
18068
|
// Account gets saved to browser storage regardless of native or not
|
|
18024
18069
|
const accountEntity = AccountEntity.createFromAccountInfo(result.account, result.cloudGraphHostName, result.msGraphHost);
|
|
18025
|
-
await this.browserStorage.setAccount(accountEntity, result.correlationId, isKmsi(result.idTokenClaims));
|
|
18070
|
+
await this.browserStorage.setAccount(accountEntity, result.correlationId, isKmsi(result.idTokenClaims), ApiId.hydrateCache);
|
|
18026
18071
|
if (result.fromNativeBroker) {
|
|
18027
18072
|
this.logger.verbose("Response was from native broker, storing in-memory");
|
|
18028
18073
|
// Tokens from native broker are stored in-memory
|
|
@@ -19300,7 +19345,7 @@ class NestedAppAuthController {
|
|
|
19300
19345
|
async hydrateCache(result, request) {
|
|
19301
19346
|
this.logger.verbose("hydrateCache called");
|
|
19302
19347
|
const accountEntity = AccountEntity.createFromAccountInfo(result.account, result.cloudGraphHostName, result.msGraphHost);
|
|
19303
|
-
await this.browserStorage.setAccount(accountEntity, result.correlationId, isKmsi(result.idTokenClaims));
|
|
19348
|
+
await this.browserStorage.setAccount(accountEntity, result.correlationId, isKmsi(result.idTokenClaims), ApiId.hydrateCache);
|
|
19304
19349
|
return this.browserStorage.hydrateCache(result, request);
|
|
19305
19350
|
}
|
|
19306
19351
|
}
|