@azure/msal-browser 4.26.2 → 4.28.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (400) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientNext.mjs +1 -1
  4. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts +2 -8
  8. package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
  9. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +11 -25
  10. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
  11. package/dist/cache/AccountManager.mjs +1 -1
  12. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  13. package/dist/cache/BrowserCacheManager.d.ts +3 -3
  14. package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
  15. package/dist/cache/BrowserCacheManager.mjs +10 -6
  16. package/dist/cache/BrowserCacheManager.mjs.map +1 -1
  17. package/dist/cache/CacheHelpers.mjs +1 -1
  18. package/dist/cache/CacheKeys.mjs +2 -3
  19. package/dist/cache/CacheKeys.mjs.map +1 -1
  20. package/dist/cache/CookieStorage.mjs +1 -1
  21. package/dist/cache/DatabaseStorage.mjs +1 -1
  22. package/dist/cache/EncryptedData.mjs +1 -1
  23. package/dist/cache/LocalStorage.mjs +1 -1
  24. package/dist/cache/MemoryStorage.mjs +1 -1
  25. package/dist/cache/SessionStorage.mjs +1 -1
  26. package/dist/cache/TokenCache.d.ts +3 -2
  27. package/dist/cache/TokenCache.d.ts.map +1 -1
  28. package/dist/cache/TokenCache.mjs +39 -29
  29. package/dist/cache/TokenCache.mjs.map +1 -1
  30. package/dist/config/Configuration.d.ts +4 -0
  31. package/dist/config/Configuration.d.ts.map +1 -1
  32. package/dist/config/Configuration.mjs +2 -1
  33. package/dist/config/Configuration.mjs.map +1 -1
  34. package/dist/controllers/ControllerFactory.mjs +1 -1
  35. package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
  36. package/dist/controllers/NestedAppAuthController.mjs +3 -3
  37. package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
  38. package/dist/controllers/StandardController.d.ts.map +1 -1
  39. package/dist/controllers/StandardController.mjs +4 -4
  40. package/dist/controllers/StandardController.mjs.map +1 -1
  41. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  42. package/dist/crypto/BrowserCrypto.mjs +1 -1
  43. package/dist/crypto/CryptoOps.mjs +1 -1
  44. package/dist/crypto/PkceGenerator.mjs +1 -1
  45. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  46. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  47. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  48. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  49. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  50. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.d.ts +2 -8
  51. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
  52. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +9 -23
  53. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
  54. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  55. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  56. package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts +3 -3
  57. package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts.map +1 -1
  58. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +10 -6
  59. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs.map +1 -1
  60. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  61. package/dist/custom-auth-path/cache/CacheKeys.mjs +2 -3
  62. package/dist/custom-auth-path/cache/CacheKeys.mjs.map +1 -1
  63. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  64. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  65. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  66. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  67. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  68. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  69. package/dist/custom-auth-path/cache/TokenCache.d.ts +3 -2
  70. package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
  71. package/dist/custom-auth-path/cache/TokenCache.mjs +39 -29
  72. package/dist/custom-auth-path/cache/TokenCache.mjs.map +1 -1
  73. package/dist/custom-auth-path/config/Configuration.d.ts +4 -0
  74. package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
  75. package/dist/custom-auth-path/config/Configuration.mjs +2 -1
  76. package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
  77. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  78. package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
  79. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  80. package/dist/custom-auth-path/controllers/StandardController.mjs +4 -4
  81. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  82. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  83. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  84. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  86. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts +1 -1
  123. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
  124. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +3 -3
  125. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs.map +1 -1
  126. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
  128. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +2 -2
  129. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs.map +1 -1
  130. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
  132. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +2 -2
  133. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs.map +1 -1
  134. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
  158. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +2 -2
  159. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs.map +1 -1
  160. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  166. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  167. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  169. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  170. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  171. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  172. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  173. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  174. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  175. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  176. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  177. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  178. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  179. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  180. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  181. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  182. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  183. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  184. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  185. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
  186. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +6 -6
  187. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs.map +1 -1
  188. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  189. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  190. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  191. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  192. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  193. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  194. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  195. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  196. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  197. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  198. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  199. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  200. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  201. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  202. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  203. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  204. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  205. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  206. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  207. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  208. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  209. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  210. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  211. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  212. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  213. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  214. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  215. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  216. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +3 -3
  217. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  218. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  219. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  220. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  221. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +2 -2
  222. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
  223. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  224. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
  225. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  226. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +2 -2
  227. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs.map +1 -1
  228. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
  229. package/dist/custom-auth-path/interaction_handler/InteractionHandler.d.ts +3 -2
  230. package/dist/custom-auth-path/interaction_handler/InteractionHandler.d.ts.map +1 -1
  231. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +5 -5
  232. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs.map +1 -1
  233. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
  234. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  235. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  236. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  237. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  238. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  239. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  240. package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
  241. package/dist/custom-auth-path/protocol/Authorize.mjs +3 -3
  242. package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
  243. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  244. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  245. package/dist/custom-auth-path/utils/BrowserConstants.d.ts +20 -1
  246. package/dist/custom-auth-path/utils/BrowserConstants.d.ts.map +1 -1
  247. package/dist/custom-auth-path/utils/BrowserConstants.mjs +27 -3
  248. package/dist/custom-auth-path/utils/BrowserConstants.mjs.map +1 -1
  249. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  250. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  251. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  252. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
  253. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  254. package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts +1 -1
  255. package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
  256. package/dist/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
  257. package/dist/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
  258. package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
  259. package/dist/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
  260. package/dist/encode/Base64Decode.mjs +1 -1
  261. package/dist/encode/Base64Encode.mjs +1 -1
  262. package/dist/error/BrowserAuthError.mjs +1 -1
  263. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  264. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  265. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  266. package/dist/error/NativeAuthError.mjs +1 -1
  267. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  268. package/dist/error/NestedAppAuthError.mjs +1 -1
  269. package/dist/event/EventHandler.mjs +1 -1
  270. package/dist/event/EventMessage.mjs +1 -1
  271. package/dist/event/EventType.mjs +1 -1
  272. package/dist/index.mjs +1 -1
  273. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  274. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  275. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  276. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +3 -3
  277. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  278. package/dist/interaction_client/PopupClient.mjs +1 -1
  279. package/dist/interaction_client/RedirectClient.mjs +1 -1
  280. package/dist/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  281. package/dist/interaction_client/SilentAuthCodeClient.mjs +2 -2
  282. package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
  283. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  284. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  285. package/dist/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  286. package/dist/interaction_client/SilentRefreshClient.mjs +2 -2
  287. package/dist/interaction_client/SilentRefreshClient.mjs.map +1 -1
  288. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  289. package/dist/interaction_handler/InteractionHandler.d.ts +3 -2
  290. package/dist/interaction_handler/InteractionHandler.d.ts.map +1 -1
  291. package/dist/interaction_handler/InteractionHandler.mjs +5 -5
  292. package/dist/interaction_handler/InteractionHandler.mjs.map +1 -1
  293. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  294. package/dist/naa/BridgeError.mjs +1 -1
  295. package/dist/naa/BridgeProxy.mjs +1 -1
  296. package/dist/naa/BridgeStatusCode.mjs +1 -1
  297. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  298. package/dist/navigation/NavigationClient.mjs +1 -1
  299. package/dist/network/FetchClient.mjs +1 -1
  300. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  301. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  302. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  303. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  304. package/dist/packageMetadata.d.ts +1 -1
  305. package/dist/packageMetadata.mjs +2 -2
  306. package/dist/protocol/Authorize.d.ts.map +1 -1
  307. package/dist/protocol/Authorize.mjs +3 -3
  308. package/dist/protocol/Authorize.mjs.map +1 -1
  309. package/dist/request/RequestHelpers.mjs +1 -1
  310. package/dist/response/ResponseHandler.mjs +1 -1
  311. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  312. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  313. package/dist/utils/BrowserConstants.d.ts +20 -1
  314. package/dist/utils/BrowserConstants.d.ts.map +1 -1
  315. package/dist/utils/BrowserConstants.mjs +27 -3
  316. package/dist/utils/BrowserConstants.mjs.map +1 -1
  317. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  318. package/dist/utils/BrowserUtils.mjs +1 -1
  319. package/dist/utils/Helpers.mjs +1 -1
  320. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  321. package/lib/custom-auth-path/msal-custom-auth.cjs +201 -161
  322. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  323. package/lib/custom-auth-path/msal-custom-auth.js +22608 -0
  324. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -0
  325. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthProvider.d.ts +2 -8
  326. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
  327. package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts +3 -3
  328. package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts.map +1 -1
  329. package/lib/custom-auth-path/types/cache/TokenCache.d.ts +3 -2
  330. package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
  331. package/lib/custom-auth-path/types/config/Configuration.d.ts +4 -0
  332. package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
  333. package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  334. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  335. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  336. package/lib/custom-auth-path/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts +1 -1
  337. package/lib/custom-auth-path/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
  338. package/lib/custom-auth-path/types/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
  339. package/lib/custom-auth-path/types/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
  340. package/lib/custom-auth-path/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
  341. package/lib/custom-auth-path/types/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
  342. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  343. package/lib/custom-auth-path/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  344. package/lib/custom-auth-path/types/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  345. package/lib/custom-auth-path/types/interaction_handler/InteractionHandler.d.ts +3 -2
  346. package/lib/custom-auth-path/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
  347. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  348. package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
  349. package/lib/custom-auth-path/types/utils/BrowserConstants.d.ts +20 -1
  350. package/lib/custom-auth-path/types/utils/BrowserConstants.d.ts.map +1 -1
  351. package/lib/msal-browser.cjs +201 -156
  352. package/lib/msal-browser.cjs.map +1 -1
  353. package/lib/msal-browser.js +201 -156
  354. package/lib/msal-browser.js.map +1 -1
  355. package/lib/msal-browser.min.js +66 -66
  356. package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts +2 -8
  357. package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
  358. package/lib/types/cache/BrowserCacheManager.d.ts +3 -3
  359. package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
  360. package/lib/types/cache/TokenCache.d.ts +3 -2
  361. package/lib/types/cache/TokenCache.d.ts.map +1 -1
  362. package/lib/types/config/Configuration.d.ts +4 -0
  363. package/lib/types/config/Configuration.d.ts.map +1 -1
  364. package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  365. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  366. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  367. package/lib/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts +1 -1
  368. package/lib/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
  369. package/lib/types/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
  370. package/lib/types/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
  371. package/lib/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
  372. package/lib/types/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
  373. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  374. package/lib/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  375. package/lib/types/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  376. package/lib/types/interaction_handler/InteractionHandler.d.ts +3 -2
  377. package/lib/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
  378. package/lib/types/packageMetadata.d.ts +1 -1
  379. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  380. package/lib/types/utils/BrowserConstants.d.ts +20 -1
  381. package/lib/types/utils/BrowserConstants.d.ts.map +1 -1
  382. package/package.json +2 -2
  383. package/src/broker/nativeBroker/PlatformAuthProvider.ts +21 -23
  384. package/src/cache/BrowserCacheManager.ts +16 -2
  385. package/src/cache/TokenCache.ts +122 -72
  386. package/src/config/Configuration.ts +5 -0
  387. package/src/controllers/NestedAppAuthController.ts +2 -1
  388. package/src/controllers/StandardController.ts +6 -3
  389. package/src/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.ts +4 -2
  390. package/src/custom_auth/core/interaction_client/jit/JitClient.ts +2 -1
  391. package/src/custom_auth/core/interaction_client/mfa/MfaClient.ts +2 -1
  392. package/src/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.ts +2 -1
  393. package/src/custom_auth/sign_in/interaction_client/SignInClient.ts +10 -5
  394. package/src/interaction_client/PlatformAuthInteractionClient.ts +3 -1
  395. package/src/interaction_client/SilentAuthCodeClient.ts +1 -0
  396. package/src/interaction_client/SilentRefreshClient.ts +7 -5
  397. package/src/interaction_handler/InteractionHandler.ts +10 -3
  398. package/src/packageMetadata.ts +1 -1
  399. package/src/protocol/Authorize.ts +2 -1
  400. package/src/utils/BrowserConstants.ts +27 -1
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-browser v4.26.2 2025-11-19 */
1
+ /*! @azure/msal-browser v4.28.0 2026-01-13 */
2
2
  'use strict';
3
3
  (function (global, factory) {
4
4
  typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
@@ -6,7 +6,7 @@
6
6
  (global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
7
7
  })(this, (function (exports) { 'use strict';
8
8
 
9
- /*! @azure/msal-common v15.13.2 2025-11-19 */
9
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
10
10
  /*
11
11
  * Copyright (c) Microsoft Corporation. All rights reserved.
12
12
  * Licensed under the MIT License.
@@ -283,7 +283,7 @@
283
283
  // Token renewal offset default in seconds
284
284
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
285
285
 
286
- /*! @azure/msal-common v15.13.2 2025-11-19 */
286
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
287
287
  /*
288
288
  * Copyright (c) Microsoft Corporation. All rights reserved.
289
289
  * Licensed under the MIT License.
@@ -300,7 +300,7 @@
300
300
  unexpectedError: unexpectedError
301
301
  });
302
302
 
303
- /*! @azure/msal-common v15.13.2 2025-11-19 */
303
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
304
304
 
305
305
  /*
306
306
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -349,7 +349,7 @@
349
349
  : AuthErrorMessages[code]);
350
350
  }
351
351
 
352
- /*! @azure/msal-common v15.13.2 2025-11-19 */
352
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
353
353
  /*
354
354
  * Copyright (c) Microsoft Corporation. All rights reserved.
355
355
  * Licensed under the MIT License.
@@ -449,7 +449,7 @@
449
449
  userTimeoutReached: userTimeoutReached
450
450
  });
451
451
 
452
- /*! @azure/msal-common v15.13.2 2025-11-19 */
452
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
453
453
 
454
454
  /*
455
455
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -706,7 +706,7 @@
706
706
  return new ClientAuthError(errorCode, additionalMessage);
707
707
  }
708
708
 
709
- /*! @azure/msal-common v15.13.2 2025-11-19 */
709
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
710
710
 
711
711
  /*
712
712
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -745,7 +745,7 @@
745
745
  },
746
746
  };
747
747
 
748
- /*! @azure/msal-common v15.13.2 2025-11-19 */
748
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
749
749
 
750
750
  /*
751
751
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -936,12 +936,12 @@
936
936
  }
937
937
  }
938
938
 
939
- /*! @azure/msal-common v15.13.2 2025-11-19 */
939
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
940
940
  /* eslint-disable header/header */
941
941
  const name$1 = "@azure/msal-common";
942
- const version$1 = "15.13.2";
942
+ const version$1 = "15.14.0";
943
943
 
944
- /*! @azure/msal-common v15.13.2 2025-11-19 */
944
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
945
945
  /*
946
946
  * Copyright (c) Microsoft Corporation. All rights reserved.
947
947
  * Licensed under the MIT License.
@@ -961,7 +961,7 @@
961
961
  AzureUsGovernment: "https://login.microsoftonline.us",
962
962
  };
963
963
 
964
- /*! @azure/msal-common v15.13.2 2025-11-19 */
964
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
965
965
  /*
966
966
  * Copyright (c) Microsoft Corporation. All rights reserved.
967
967
  * Licensed under the MIT License.
@@ -988,7 +988,8 @@
988
988
  const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
989
989
  const authorityMismatch = "authority_mismatch";
990
990
  const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
991
- const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
991
+ const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
992
+ const invalidPlatformBrokerConfiguration = "invalid_platform_broker_configuration";
992
993
 
993
994
  var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
994
995
  __proto__: null,
@@ -1004,6 +1005,7 @@
1004
1005
  invalidClaims: invalidClaims,
1005
1006
  invalidCloudDiscoveryMetadata: invalidCloudDiscoveryMetadata,
1006
1007
  invalidCodeChallengeMethod: invalidCodeChallengeMethod,
1008
+ invalidPlatformBrokerConfiguration: invalidPlatformBrokerConfiguration,
1007
1009
  invalidRequestMethodForEAR: invalidRequestMethodForEAR,
1008
1010
  logoutRequestEmpty: logoutRequestEmpty,
1009
1011
  missingNonceAuthenticationHeader: missingNonceAuthenticationHeader,
@@ -1017,7 +1019,7 @@
1017
1019
  urlParseError: urlParseError
1018
1020
  });
1019
1021
 
1020
- /*! @azure/msal-common v15.13.2 2025-11-19 */
1022
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1021
1023
 
1022
1024
  /*
1023
1025
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1047,6 +1049,7 @@
1047
1049
  [authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
1048
1050
  [invalidAuthorizePostBodyParameters]: "Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",
1049
1051
  [invalidRequestMethodForEAR]: "Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",
1052
+ [invalidPlatformBrokerConfiguration]: "Invalid platform broker configuration. `allowPlatformBrokerWithDOM` can only be enabled when `allowPlatformBroker` is enabled.",
1050
1053
  };
1051
1054
  /**
1052
1055
  * ClientConfigurationErrorMessage class containing string constants used by error codes and messages.
@@ -1145,6 +1148,10 @@
1145
1148
  code: invalidRequestMethodForEAR,
1146
1149
  desc: ClientConfigurationErrorMessages[invalidRequestMethodForEAR],
1147
1150
  },
1151
+ invalidPlatformBrokerConfiguration: {
1152
+ code: invalidPlatformBrokerConfiguration,
1153
+ desc: ClientConfigurationErrorMessages[invalidPlatformBrokerConfiguration],
1154
+ },
1148
1155
  };
1149
1156
  /**
1150
1157
  * Error thrown when there is an error in configuration of the MSAL.js library.
@@ -1160,7 +1167,7 @@
1160
1167
  return new ClientConfigurationError(errorCode);
1161
1168
  }
1162
1169
 
1163
- /*! @azure/msal-common v15.13.2 2025-11-19 */
1170
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1164
1171
  /*
1165
1172
  * Copyright (c) Microsoft Corporation. All rights reserved.
1166
1173
  * Licensed under the MIT License.
@@ -1257,7 +1264,7 @@
1257
1264
  }
1258
1265
  }
1259
1266
 
1260
- /*! @azure/msal-common v15.13.2 2025-11-19 */
1267
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1261
1268
 
1262
1269
  /*
1263
1270
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1452,7 +1459,7 @@
1452
1459
  }
1453
1460
  }
1454
1461
 
1455
- /*! @azure/msal-common v15.13.2 2025-11-19 */
1462
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1456
1463
 
1457
1464
  /*
1458
1465
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1492,7 +1499,7 @@
1492
1499
  };
1493
1500
  }
1494
1501
 
1495
- /*! @azure/msal-common v15.13.2 2025-11-19 */
1502
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1496
1503
  /*
1497
1504
  * Copyright (c) Microsoft Corporation. All rights reserved.
1498
1505
  * Licensed under the MIT License.
@@ -1574,7 +1581,7 @@
1574
1581
  return updatedAccountInfo;
1575
1582
  }
1576
1583
 
1577
- /*! @azure/msal-common v15.13.2 2025-11-19 */
1584
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1578
1585
  /*
1579
1586
  * Copyright (c) Microsoft Corporation. All rights reserved.
1580
1587
  * Licensed under the MIT License.
@@ -1589,7 +1596,7 @@
1589
1596
  Ciam: 3,
1590
1597
  };
1591
1598
 
1592
- /*! @azure/msal-common v15.13.2 2025-11-19 */
1599
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1593
1600
  /*
1594
1601
  * Copyright (c) Microsoft Corporation. All rights reserved.
1595
1602
  * Licensed under the MIT License.
@@ -1611,7 +1618,7 @@
1611
1618
  return null;
1612
1619
  }
1613
1620
 
1614
- /*! @azure/msal-common v15.13.2 2025-11-19 */
1621
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1615
1622
  /*
1616
1623
  * Copyright (c) Microsoft Corporation. All rights reserved.
1617
1624
  * Licensed under the MIT License.
@@ -1635,7 +1642,7 @@
1635
1642
  EAR: "EAR",
1636
1643
  };
1637
1644
 
1638
- /*! @azure/msal-common v15.13.2 2025-11-19 */
1645
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1639
1646
 
1640
1647
  /*
1641
1648
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1856,7 +1863,7 @@
1856
1863
  }
1857
1864
  }
1858
1865
 
1859
- /*! @azure/msal-common v15.13.2 2025-11-19 */
1866
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1860
1867
 
1861
1868
  /*
1862
1869
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1937,7 +1944,7 @@
1937
1944
  }
1938
1945
  }
1939
1946
 
1940
- /*! @azure/msal-common v15.13.2 2025-11-19 */
1947
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1941
1948
 
1942
1949
  /*
1943
1950
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2053,7 +2060,7 @@
2053
2060
  }
2054
2061
  }
2055
2062
 
2056
- /*! @azure/msal-common v15.13.2 2025-11-19 */
2063
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
2057
2064
 
2058
2065
  /*
2059
2066
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2217,7 +2224,7 @@
2217
2224
  }
2218
2225
  }
2219
2226
 
2220
- /*! @azure/msal-common v15.13.2 2025-11-19 */
2227
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
2221
2228
 
2222
2229
  /*
2223
2230
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2356,7 +2363,7 @@
2356
2363
  return null;
2357
2364
  }
2358
2365
 
2359
- /*! @azure/msal-common v15.13.2 2025-11-19 */
2366
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
2360
2367
  /*
2361
2368
  * Copyright (c) Microsoft Corporation. All rights reserved.
2362
2369
  * Licensed under the MIT License.
@@ -2364,7 +2371,7 @@
2364
2371
  const cacheQuotaExceeded = "cache_quota_exceeded";
2365
2372
  const cacheErrorUnknown = "cache_error_unknown";
2366
2373
 
2367
- /*! @azure/msal-common v15.13.2 2025-11-19 */
2374
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
2368
2375
 
2369
2376
  /*
2370
2377
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2409,7 +2416,7 @@
2409
2416
  }
2410
2417
  }
2411
2418
 
2412
- /*! @azure/msal-common v15.13.2 2025-11-19 */
2419
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
2413
2420
 
2414
2421
  /*
2415
2422
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2579,15 +2586,16 @@
2579
2586
  * @param cacheRecord {CacheRecord}
2580
2587
  * @param correlationId {?string} correlation id
2581
2588
  * @param kmsi - Keep Me Signed In
2589
+ * @param apiId - API identifier for telemetry tracking
2582
2590
  * @param storeInCache {?StoreInCache}
2583
2591
  */
2584
- async saveCacheRecord(cacheRecord, correlationId, kmsi, storeInCache) {
2592
+ async saveCacheRecord(cacheRecord, correlationId, kmsi, apiId, storeInCache) {
2585
2593
  if (!cacheRecord) {
2586
2594
  throw createClientAuthError(invalidCacheRecord);
2587
2595
  }
2588
2596
  try {
2589
2597
  if (!!cacheRecord.account) {
2590
- await this.setAccount(cacheRecord.account, correlationId, kmsi);
2598
+ await this.setAccount(cacheRecord.account, correlationId, kmsi, apiId);
2591
2599
  }
2592
2600
  if (!!cacheRecord.idToken && storeInCache?.idToken !== false) {
2593
2601
  await this.setIdTokenCredential(cacheRecord.idToken, correlationId, kmsi);
@@ -3519,7 +3527,7 @@
3519
3527
  }
3520
3528
  }
3521
3529
 
3522
- /*! @azure/msal-common v15.13.2 2025-11-19 */
3530
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
3523
3531
  /*
3524
3532
  * Copyright (c) Microsoft Corporation. All rights reserved.
3525
3533
  * Licensed under the MIT License.
@@ -3776,6 +3784,11 @@
3776
3784
  Decrypt: "decrypt",
3777
3785
  GenerateEarKey: "generateEarKey",
3778
3786
  DecryptEarResponse: "decryptEarResponse",
3787
+ LoadExternalTokens: "LoadExternalTokens",
3788
+ LoadAccount: "loadAccount",
3789
+ LoadIdToken: "loadIdToken",
3790
+ LoadAccessToken: "loadAccessToken",
3791
+ LoadRefreshToken: "loadRefreshToken",
3779
3792
  };
3780
3793
  const PerformanceEventAbbreviations = new Map([
3781
3794
  [PerformanceEvents.AcquireTokenByCode, "ATByCode"],
@@ -4041,7 +4054,7 @@
4041
4054
  "upgradedCacheCount",
4042
4055
  ]);
4043
4056
 
4044
- /*! @azure/msal-common v15.13.2 2025-11-19 */
4057
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4045
4058
 
4046
4059
  /*
4047
4060
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4120,7 +4133,7 @@
4120
4133
  }
4121
4134
  }
4122
4135
 
4123
- /*! @azure/msal-common v15.13.2 2025-11-19 */
4136
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4124
4137
 
4125
4138
  /*
4126
4139
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4220,7 +4233,7 @@
4220
4233
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
4221
4234
  }
4222
4235
 
4223
- /*! @azure/msal-common v15.13.2 2025-11-19 */
4236
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4224
4237
  /*
4225
4238
  * Copyright (c) Microsoft Corporation. All rights reserved.
4226
4239
  * Licensed under the MIT License.
@@ -4230,7 +4243,7 @@
4230
4243
  UPN: "UPN",
4231
4244
  };
4232
4245
 
4233
- /*! @azure/msal-common v15.13.2 2025-11-19 */
4246
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4234
4247
  /*
4235
4248
  * Copyright (c) Microsoft Corporation. All rights reserved.
4236
4249
  * Licensed under the MIT License.
@@ -4280,7 +4293,7 @@
4280
4293
  const EAR_JWK = "ear_jwk";
4281
4294
  const EAR_JWE_CRYPTO = "ear_jwe_crypto";
4282
4295
 
4283
- /*! @azure/msal-common v15.13.2 2025-11-19 */
4296
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4284
4297
 
4285
4298
  /*
4286
4299
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4660,7 +4673,7 @@
4660
4673
  });
4661
4674
  }
4662
4675
 
4663
- /*! @azure/msal-common v15.13.2 2025-11-19 */
4676
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4664
4677
  /*
4665
4678
  * Copyright (c) Microsoft Corporation. All rights reserved.
4666
4679
  * Licensed under the MIT License.
@@ -4672,7 +4685,7 @@
4672
4685
  response.hasOwnProperty("jwks_uri"));
4673
4686
  }
4674
4687
 
4675
- /*! @azure/msal-common v15.13.2 2025-11-19 */
4688
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4676
4689
  /*
4677
4690
  * Copyright (c) Microsoft Corporation. All rights reserved.
4678
4691
  * Licensed under the MIT License.
@@ -4682,7 +4695,7 @@
4682
4695
  response.hasOwnProperty("metadata"));
4683
4696
  }
4684
4697
 
4685
- /*! @azure/msal-common v15.13.2 2025-11-19 */
4698
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4686
4699
  /*
4687
4700
  * Copyright (c) Microsoft Corporation. All rights reserved.
4688
4701
  * Licensed under the MIT License.
@@ -4692,7 +4705,7 @@
4692
4705
  response.hasOwnProperty("error_description"));
4693
4706
  }
4694
4707
 
4695
- /*! @azure/msal-common v15.13.2 2025-11-19 */
4708
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4696
4709
  /*
4697
4710
  * Copyright (c) Microsoft Corporation. All rights reserved.
4698
4711
  * Licensed under the MIT License.
@@ -4788,7 +4801,7 @@
4788
4801
  };
4789
4802
  };
4790
4803
 
4791
- /*! @azure/msal-common v15.13.2 2025-11-19 */
4804
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4792
4805
 
4793
4806
  /*
4794
4807
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4894,7 +4907,7 @@
4894
4907
  },
4895
4908
  };
4896
4909
 
4897
- /*! @azure/msal-common v15.13.2 2025-11-19 */
4910
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4898
4911
  /*
4899
4912
  * Copyright (c) Microsoft Corporation. All rights reserved.
4900
4913
  * Licensed under the MIT License.
@@ -4959,7 +4972,7 @@
4959
4972
  return cachedAtSec > nowSeconds();
4960
4973
  }
4961
4974
 
4962
- /*! @azure/msal-common v15.13.2 2025-11-19 */
4975
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4963
4976
 
4964
4977
  /*
4965
4978
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5221,7 +5234,7 @@
5221
5234
  return metadata.expiresAt <= nowSeconds();
5222
5235
  }
5223
5236
 
5224
- /*! @azure/msal-common v15.13.2 2025-11-19 */
5237
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
5225
5238
 
5226
5239
  /*
5227
5240
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6060,7 +6073,7 @@
6060
6073
  };
6061
6074
  }
6062
6075
 
6063
- /*! @azure/msal-common v15.13.2 2025-11-19 */
6076
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6064
6077
 
6065
6078
  /*
6066
6079
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6091,7 +6104,7 @@
6091
6104
  }
6092
6105
  }
6093
6106
 
6094
- /*! @azure/msal-common v15.13.2 2025-11-19 */
6107
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6095
6108
 
6096
6109
  /*
6097
6110
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6110,7 +6123,7 @@
6110
6123
  }
6111
6124
  }
6112
6125
 
6113
- /*! @azure/msal-common v15.13.2 2025-11-19 */
6126
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6114
6127
  /*
6115
6128
  * Copyright (c) Microsoft Corporation. All rights reserved.
6116
6129
  * Licensed under the MIT License.
@@ -6131,7 +6144,7 @@
6131
6144
  };
6132
6145
  }
6133
6146
 
6134
- /*! @azure/msal-common v15.13.2 2025-11-19 */
6147
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6135
6148
 
6136
6149
  /*
6137
6150
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6218,7 +6231,7 @@
6218
6231
  }
6219
6232
  }
6220
6233
 
6221
- /*! @azure/msal-common v15.13.2 2025-11-19 */
6234
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6222
6235
 
6223
6236
  /*
6224
6237
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6249,7 +6262,7 @@
6249
6262
  return new NetworkError(error, httpStatus, responseHeaders);
6250
6263
  }
6251
6264
 
6252
- /*! @azure/msal-common v15.13.2 2025-11-19 */
6265
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6253
6266
 
6254
6267
  /*
6255
6268
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6397,7 +6410,7 @@
6397
6410
  }
6398
6411
  }
6399
6412
 
6400
- /*! @azure/msal-common v15.13.2 2025-11-19 */
6413
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6401
6414
  /*
6402
6415
  * Copyright (c) Microsoft Corporation. All rights reserved.
6403
6416
  * Licensed under the MIT License.
@@ -6425,7 +6438,7 @@
6425
6438
  uxNotAllowed: uxNotAllowed
6426
6439
  });
6427
6440
 
6428
- /*! @azure/msal-common v15.13.2 2025-11-19 */
6441
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6429
6442
 
6430
6443
  /*
6431
6444
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6515,7 +6528,7 @@
6515
6528
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
6516
6529
  }
6517
6530
 
6518
- /*! @azure/msal-common v15.13.2 2025-11-19 */
6531
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6519
6532
 
6520
6533
  /*
6521
6534
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6587,7 +6600,7 @@
6587
6600
  }
6588
6601
  }
6589
6602
 
6590
- /*! @azure/msal-common v15.13.2 2025-11-19 */
6603
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6591
6604
 
6592
6605
  /*
6593
6606
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6669,7 +6682,7 @@
6669
6682
  }
6670
6683
  }
6671
6684
 
6672
- /*! @azure/msal-common v15.13.2 2025-11-19 */
6685
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6673
6686
  /*
6674
6687
  * Copyright (c) Microsoft Corporation. All rights reserved.
6675
6688
  * Licensed under the MIT License.
@@ -6696,7 +6709,7 @@
6696
6709
  }
6697
6710
  }
6698
6711
 
6699
- /*! @azure/msal-common v15.13.2 2025-11-19 */
6712
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6700
6713
 
6701
6714
  /*
6702
6715
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6760,7 +6773,7 @@
6760
6773
  * @param serverTokenResponse
6761
6774
  * @param authority
6762
6775
  */
6763
- async handleServerTokenResponse(serverTokenResponse, authority, reqTimestamp, request, authCodePayload, userAssertionHash, handlingRefreshTokenResponse, forceCacheRefreshTokenResponse, serverRequestId) {
6776
+ async handleServerTokenResponse(serverTokenResponse, authority, reqTimestamp, request, apiId, authCodePayload, userAssertionHash, handlingRefreshTokenResponse, forceCacheRefreshTokenResponse, serverRequestId) {
6764
6777
  this.performanceClient?.addQueueMeasurement(PerformanceEvents.HandleServerTokenResponse, serverTokenResponse.correlation_id);
6765
6778
  // create an idToken object (not entity)
6766
6779
  let idTokenClaims;
@@ -6815,7 +6828,7 @@
6815
6828
  return await ResponseHandler.generateAuthenticationResult(this.cryptoObj, authority, cacheRecord, false, request, idTokenClaims, requestStateObj, undefined, serverRequestId);
6816
6829
  }
6817
6830
  }
6818
- await this.cacheStorage.saveCacheRecord(cacheRecord, request.correlationId, isKmsi(idTokenClaims || {}), request.storeInCache);
6831
+ await this.cacheStorage.saveCacheRecord(cacheRecord, request.correlationId, isKmsi(idTokenClaims || {}), apiId, request.storeInCache);
6819
6832
  }
6820
6833
  finally {
6821
6834
  if (this.persistencePlugin &&
@@ -6885,6 +6898,9 @@
6885
6898
  ? parseInt(serverTokenResponse.refresh_token_expires_in, 10)
6886
6899
  : serverTokenResponse.refresh_token_expires_in;
6887
6900
  rtExpiresOn = reqTimestamp + rtExpiresIn;
6901
+ this.performanceClient?.addFields({
6902
+ ntwkRtExpiresOnSeconds: rtExpiresOn,
6903
+ }, request.correlationId);
6888
6904
  }
6889
6905
  cachedRefreshToken = createRefreshTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.refresh_token, this.clientId, serverTokenResponse.foci, userAssertionHash, rtExpiresOn);
6890
6906
  }
@@ -7027,7 +7043,7 @@
7027
7043
  return baseAccount;
7028
7044
  }
7029
7045
 
7030
- /*! @azure/msal-common v15.13.2 2025-11-19 */
7046
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
7031
7047
  /*
7032
7048
  * Copyright (c) Microsoft Corporation. All rights reserved.
7033
7049
  * Licensed under the MIT License.
@@ -7045,7 +7061,7 @@
7045
7061
  }
7046
7062
  }
7047
7063
 
7048
- /*! @azure/msal-common v15.13.2 2025-11-19 */
7064
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
7049
7065
 
7050
7066
  /*
7051
7067
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7067,8 +7083,9 @@
7067
7083
  * API to acquire a token in exchange of 'authorization_code` acquired by the user in the first leg of the
7068
7084
  * authorization_code_grant
7069
7085
  * @param request
7086
+ * @param apiId - API identifier for telemetry tracking
7070
7087
  */
7071
- async acquireToken(request, authCodePayload) {
7088
+ async acquireToken(request, apiId, authCodePayload) {
7072
7089
  this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthClientAcquireToken, request.correlationId);
7073
7090
  if (!request.code) {
7074
7091
  throw createClientAuthError(requestCannotBeMade);
@@ -7080,7 +7097,7 @@
7080
7097
  const responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.config.serializableCache, this.config.persistencePlugin, this.performanceClient);
7081
7098
  // Validate response. This function throws a server error if an error is returned by the server.
7082
7099
  responseHandler.validateTokenResponse(response.body);
7083
- return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, authCodePayload, undefined, undefined, undefined, requestId);
7100
+ return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, apiId, authCodePayload, undefined, undefined, undefined, requestId);
7084
7101
  }
7085
7102
  /**
7086
7103
  * Used to log out the current user, and redirect the user to the postLogoutRedirectUri.
@@ -7280,7 +7297,7 @@
7280
7297
  }
7281
7298
  }
7282
7299
 
7283
- /*! @azure/msal-common v15.13.2 2025-11-19 */
7300
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
7284
7301
 
7285
7302
  /*
7286
7303
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7295,7 +7312,7 @@
7295
7312
  constructor(configuration, performanceClient) {
7296
7313
  super(configuration, performanceClient);
7297
7314
  }
7298
- async acquireToken(request) {
7315
+ async acquireToken(request, apiId) {
7299
7316
  this.performanceClient?.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireToken, request.correlationId);
7300
7317
  const reqTimestamp = nowSeconds();
7301
7318
  const response = await invokeAsync(this.executeTokenRequest.bind(this), PerformanceEvents.RefreshTokenClientExecuteTokenRequest, this.logger, this.performanceClient, request.correlationId)(request, this.authority);
@@ -7303,13 +7320,13 @@
7303
7320
  const requestId = response.headers?.[HeaderNames.X_MS_REQUEST_ID];
7304
7321
  const responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.config.serializableCache, this.config.persistencePlugin);
7305
7322
  responseHandler.validateTokenResponse(response.body);
7306
- return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, undefined, undefined, true, request.forceCache, requestId);
7323
+ return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, apiId, undefined, undefined, true, request.forceCache, requestId);
7307
7324
  }
7308
7325
  /**
7309
7326
  * Gets cached refresh token and attaches to request, then calls acquireToken API
7310
7327
  * @param request
7311
7328
  */
7312
- async acquireTokenByRefreshToken(request) {
7329
+ async acquireTokenByRefreshToken(request, apiId) {
7313
7330
  // Cannot renew token if no request object is given.
7314
7331
  if (!request) {
7315
7332
  throw createClientConfigurationError(tokenRequestEmpty);
@@ -7324,7 +7341,7 @@
7324
7341
  // if the app is part of the family, retrive a Family refresh token if present and make a refreshTokenRequest
7325
7342
  if (isFOCI) {
7326
7343
  try {
7327
- return await invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, true);
7344
+ return await invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, true, apiId);
7328
7345
  }
7329
7346
  catch (e) {
7330
7347
  const noFamilyRTInCache = e instanceof InteractionRequiredAuthError &&
@@ -7335,7 +7352,7 @@
7335
7352
  e.subError === Errors.CLIENT_MISMATCH_ERROR;
7336
7353
  // if family Refresh Token (FRT) cache acquisition fails or if client_mismatch error is seen with FRT, reattempt with application Refresh Token (ART)
7337
7354
  if (noFamilyRTInCache || clientMismatchErrorWithFamilyRT) {
7338
- return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false);
7355
+ return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false, apiId);
7339
7356
  // throw in all other cases
7340
7357
  }
7341
7358
  else {
@@ -7344,26 +7361,30 @@
7344
7361
  }
7345
7362
  }
7346
7363
  // fall back to application refresh token acquisition
7347
- return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false);
7364
+ return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false, apiId);
7348
7365
  }
7349
7366
  /**
7350
7367
  * makes a network call to acquire tokens by exchanging RefreshToken available in userCache; throws if refresh token is not cached
7351
7368
  * @param request
7352
7369
  */
7353
- async acquireTokenWithCachedRefreshToken(request, foci) {
7370
+ async acquireTokenWithCachedRefreshToken(request, foci, apiId) {
7354
7371
  this.performanceClient?.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, request.correlationId);
7355
7372
  // fetches family RT or application RT based on FOCI value
7356
7373
  const refreshToken = invoke(this.cacheManager.getRefreshToken.bind(this.cacheManager), PerformanceEvents.CacheManagerGetRefreshToken, this.logger, this.performanceClient, request.correlationId)(request.account, foci, request.correlationId, undefined, this.performanceClient);
7357
7374
  if (!refreshToken) {
7358
7375
  throw createInteractionRequiredAuthError(noTokensFound);
7359
7376
  }
7360
- if (refreshToken.expiresOn &&
7361
- isTokenExpired(refreshToken.expiresOn, request.refreshTokenExpirationOffsetSeconds ||
7362
- DEFAULT_REFRESH_TOKEN_EXPIRATION_OFFSET_SECONDS)) {
7363
- this.performanceClient?.addFields({ rtExpiresOnMs: Number(refreshToken.expiresOn) }, request.correlationId);
7364
- throw createInteractionRequiredAuthError(refreshTokenExpired);
7377
+ if (refreshToken.expiresOn) {
7378
+ const offset = request.refreshTokenExpirationOffsetSeconds ||
7379
+ DEFAULT_REFRESH_TOKEN_EXPIRATION_OFFSET_SECONDS;
7380
+ this.performanceClient?.addFields({
7381
+ cacheRtExpiresOnSeconds: Number(refreshToken.expiresOn),
7382
+ rtOffsetSeconds: offset,
7383
+ }, request.correlationId);
7384
+ if (isTokenExpired(refreshToken.expiresOn, offset)) {
7385
+ throw createInteractionRequiredAuthError(refreshTokenExpired);
7386
+ }
7365
7387
  }
7366
- // attach cached RT size to the current measurement
7367
7388
  const refreshTokenRequest = {
7368
7389
  ...request,
7369
7390
  refreshToken: refreshToken.secret,
@@ -7374,11 +7395,10 @@
7374
7395
  },
7375
7396
  };
7376
7397
  try {
7377
- return await invokeAsync(this.acquireToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(refreshTokenRequest);
7398
+ return await invokeAsync(this.acquireToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(refreshTokenRequest, apiId);
7378
7399
  }
7379
7400
  catch (e) {
7380
7401
  if (e instanceof InteractionRequiredAuthError) {
7381
- this.performanceClient?.addFields({ rtExpiresOnMs: Number(refreshToken.expiresOn) }, request.correlationId);
7382
7402
  if (e.subError === badToken) {
7383
7403
  // Remove bad refresh token from cache
7384
7404
  this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");
@@ -7489,7 +7509,7 @@
7489
7509
  }
7490
7510
  }
7491
7511
 
7492
- /*! @azure/msal-common v15.13.2 2025-11-19 */
7512
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
7493
7513
 
7494
7514
  /*
7495
7515
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7587,7 +7607,7 @@
7587
7607
  }
7588
7608
  }
7589
7609
 
7590
- /*! @azure/msal-common v15.13.2 2025-11-19 */
7610
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
7591
7611
 
7592
7612
  /*
7593
7613
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7602,7 +7622,7 @@
7602
7622
  },
7603
7623
  };
7604
7624
 
7605
- /*! @azure/msal-common v15.13.2 2025-11-19 */
7625
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
7606
7626
 
7607
7627
  /*
7608
7628
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7826,7 +7846,7 @@
7826
7846
  return account.loginHint || account.idTokenClaims?.login_hint || null;
7827
7847
  }
7828
7848
 
7829
- /*! @azure/msal-common v15.13.2 2025-11-19 */
7849
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
7830
7850
 
7831
7851
  /*
7832
7852
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7884,7 +7904,7 @@
7884
7904
  }
7885
7905
  }
7886
7906
 
7887
- /*! @azure/msal-common v15.13.2 2025-11-19 */
7907
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
7888
7908
 
7889
7909
  /*
7890
7910
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8147,7 +8167,7 @@
8147
8167
  }
8148
8168
  }
8149
8169
 
8150
- /*! @azure/msal-common v15.13.2 2025-11-19 */
8170
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
8151
8171
  /*
8152
8172
  * Copyright (c) Microsoft Corporation. All rights reserved.
8153
8173
  * Licensed under the MIT License.
@@ -8155,7 +8175,7 @@
8155
8175
  const missingKidError = "missing_kid_error";
8156
8176
  const missingAlgError = "missing_alg_error";
8157
8177
 
8158
- /*! @azure/msal-common v15.13.2 2025-11-19 */
8178
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
8159
8179
 
8160
8180
  /*
8161
8181
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8180,7 +8200,7 @@
8180
8200
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
8181
8201
  }
8182
8202
 
8183
- /*! @azure/msal-common v15.13.2 2025-11-19 */
8203
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
8184
8204
 
8185
8205
  /*
8186
8206
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8220,7 +8240,7 @@
8220
8240
  }
8221
8241
  }
8222
8242
 
8223
- /*! @azure/msal-common v15.13.2 2025-11-19 */
8243
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
8224
8244
 
8225
8245
  /*
8226
8246
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -9308,9 +9328,9 @@
9308
9328
  };
9309
9329
  /**
9310
9330
  * API Codes for Telemetry purposes.
9311
- * Before adding a new code you must claim it in the MSAL Telemetry tracker as these number spaces are shared across all MSALs
9312
9331
  * 0-99 Silent Flow
9313
9332
  * 800-899 Auth Code Flow
9333
+ * 900-999 Miscellaneous
9314
9334
  */
9315
9335
  const ApiId = {
9316
9336
  acquireTokenRedirect: 861,
@@ -9322,6 +9342,30 @@
9322
9342
  acquireTokenSilent_silentFlow: 61,
9323
9343
  logout: 961,
9324
9344
  logoutPopup: 962,
9345
+ hydrateCache: 963,
9346
+ loadExternalTokens: 964,
9347
+ };
9348
+ /**
9349
+ * API Names for Telemetry purposes.
9350
+ */
9351
+ const ApiName = {
9352
+ 861: "acquireTokenRedirect",
9353
+ 862: "acquireTokenPopup",
9354
+ 863: "ssoSilent",
9355
+ 864: "acquireTokenSilent_authCode",
9356
+ 865: "handleRedirectPromise",
9357
+ 866: "acquireTokenByCode",
9358
+ 61: "acquireTokenSilent_silentFlow",
9359
+ 961: "logout",
9360
+ 962: "logoutPopup",
9361
+ 963: "hydrateCache",
9362
+ 964: "loadExternalTokens",
9363
+ };
9364
+ const apiIdToName = (id) => {
9365
+ if (typeof id === "number" && id in ApiName) {
9366
+ return ApiName[id];
9367
+ }
9368
+ return "unknown";
9325
9369
  };
9326
9370
  /*
9327
9371
  * Interaction type of the API - used for state and telemetry
@@ -10290,6 +10334,7 @@
10290
10334
  asyncPopups: false,
10291
10335
  allowRedirectInIframe: false,
10292
10336
  allowPlatformBroker: false,
10337
+ allowPlatformBrokerWithDOM: false,
10293
10338
  nativeBrokerHandshakeTimeout: userInputSystem?.nativeBrokerHandshakeTimeout ||
10294
10339
  DEFAULT_NATIVE_BROKER_HANDSHAKE_TIMEOUT_MS,
10295
10340
  pollIntervalMilliseconds: BrowserConstants.DEFAULT_POLL_INTERVAL_MS,
@@ -10336,7 +10381,7 @@
10336
10381
 
10337
10382
  /* eslint-disable header/header */
10338
10383
  const name = "@azure/msal-browser";
10339
- const version = "4.26.2";
10384
+ const version = "4.28.0";
10340
10385
 
10341
10386
  /*
10342
10387
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -10350,7 +10395,6 @@
10350
10395
  const LOG_LEVEL_CACHE_KEY = `${PREFIX}.${BROWSER_PREFIX}.log.level`;
10351
10396
  const LOG_PII_CACHE_KEY = `${PREFIX}.${BROWSER_PREFIX}.log.pii`;
10352
10397
  const BROWSER_PERF_ENABLED_KEY = `${PREFIX}.${BROWSER_PREFIX}.performance.enabled`;
10353
- const PLATFORM_AUTH_DOM_SUPPORT = `${PREFIX}.${BROWSER_PREFIX}.platform.auth.dom`;
10354
10398
  const VERSION_CACHE_KEY = `${PREFIX}.version`;
10355
10399
  const ACCOUNT_KEYS = "account.keys";
10356
10400
  const TOKEN_KEYS = "token.keys";
@@ -12357,17 +12401,21 @@
12357
12401
  if (!parsedAccount || !AccountEntity.isAccountEntity(parsedAccount)) {
12358
12402
  return null;
12359
12403
  }
12404
+ this.performanceClient.addFields({
12405
+ accountCachedBy: apiIdToName(parsedAccount.cachedByApiId),
12406
+ }, correlationId);
12360
12407
  return CacheManager.toObject(new AccountEntity(), parsedAccount);
12361
12408
  }
12362
12409
  /**
12363
12410
  * set account entity in the platform cache
12364
12411
  * @param account
12365
12412
  */
12366
- async setAccount(account, correlationId, kmsi) {
12413
+ async setAccount(account, correlationId, kmsi, apiId) {
12367
12414
  this.logger.trace("BrowserCacheManager.setAccount called");
12368
12415
  const key = this.generateAccountKey(AccountEntity.getAccountInfo(account));
12369
12416
  const timestamp = Date.now().toString();
12370
12417
  account.lastUpdatedAt = timestamp;
12418
+ account.cachedByApiId = apiId;
12371
12419
  await this.setUserData(key, JSON.stringify(account), correlationId, timestamp, kmsi);
12372
12420
  const wasAdded = this.addAccountKeyToMap(key, correlationId);
12373
12421
  this.performanceClient.addFields({ kmsi: kmsi }, correlationId);
@@ -13147,7 +13195,7 @@
13147
13195
  idToken: idTokenEntity,
13148
13196
  accessToken: accessTokenEntity,
13149
13197
  };
13150
- return this.saveCacheRecord(cacheRecord, result.correlationId, isKmsi(extractTokenClaims(result.idToken, base64Decode)));
13198
+ return this.saveCacheRecord(cacheRecord, result.correlationId, isKmsi(extractTokenClaims(result.idToken, base64Decode)), ApiId.hydrateCache);
13151
13199
  }
13152
13200
  /**
13153
13201
  * saves a cache record
@@ -13155,9 +13203,9 @@
13155
13203
  * @param storeInCache {?StoreInCache}
13156
13204
  * @param correlationId {?string} correlation id
13157
13205
  */
13158
- async saveCacheRecord(cacheRecord, correlationId, kmsi, storeInCache) {
13206
+ async saveCacheRecord(cacheRecord, correlationId, kmsi, apiId, storeInCache) {
13159
13207
  try {
13160
- await super.saveCacheRecord(cacheRecord, correlationId, kmsi, storeInCache);
13208
+ await super.saveCacheRecord(cacheRecord, correlationId, kmsi, apiId, storeInCache);
13161
13209
  }
13162
13210
  catch (e) {
13163
13211
  if (e instanceof CacheError &&
@@ -13916,7 +13964,7 @@
13916
13964
  * Function to handle response parameters from hash.
13917
13965
  * @param locationHash
13918
13966
  */
13919
- async handleCodeResponse(response, request) {
13967
+ async handleCodeResponse(response, request, apiId) {
13920
13968
  this.performanceClient.addQueueMeasurement(PerformanceEvents.HandleCodeResponse, request.correlationId);
13921
13969
  let authCodeResponse;
13922
13970
  try {
@@ -13932,7 +13980,7 @@
13932
13980
  throw e;
13933
13981
  }
13934
13982
  }
13935
- return invokeAsync(this.handleCodeResponseFromServer.bind(this), PerformanceEvents.HandleCodeResponseFromServer, this.logger, this.performanceClient, request.correlationId)(authCodeResponse, request);
13983
+ return invokeAsync(this.handleCodeResponseFromServer.bind(this), PerformanceEvents.HandleCodeResponseFromServer, this.logger, this.performanceClient, request.correlationId)(authCodeResponse, request, apiId);
13936
13984
  }
13937
13985
  /**
13938
13986
  * Process auth code response from AAD
@@ -13942,7 +13990,7 @@
13942
13990
  * @param networkModule
13943
13991
  * @returns
13944
13992
  */
13945
- async handleCodeResponseFromServer(authCodeResponse, request, validateNonce = true) {
13993
+ async handleCodeResponseFromServer(authCodeResponse, request, apiId, validateNonce = true) {
13946
13994
  this.performanceClient.addQueueMeasurement(PerformanceEvents.HandleCodeResponseFromServer, request.correlationId);
13947
13995
  this.logger.trace("InteractionHandler.handleCodeResponseFromServer called");
13948
13996
  // Assign code to request
@@ -13968,7 +14016,7 @@
13968
14016
  }
13969
14017
  }
13970
14018
  // Acquire token with retrieved code.
13971
- const tokenResponse = (await invokeAsync(this.authModule.acquireToken.bind(this.authModule), PerformanceEvents.AuthClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(this.authCodeRequest, authCodeResponse));
14019
+ const tokenResponse = (await invokeAsync(this.authModule.acquireToken.bind(this.authModule), PerformanceEvents.AuthClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(this.authCodeRequest, apiId, authCodeResponse));
13972
14020
  return tokenResponse;
13973
14021
  }
13974
14022
  /**
@@ -14516,7 +14564,7 @@
14516
14564
  */
14517
14565
  async cacheAccount(accountEntity, correlationId, kmsi) {
14518
14566
  // Store the account info and hence `nativeAccountId` in browser cache
14519
- await this.browserStorage.setAccount(accountEntity, this.correlationId, kmsi);
14567
+ await this.browserStorage.setAccount(accountEntity, this.correlationId, kmsi, this.apiId);
14520
14568
  // Remove any existing cached tokens for this account in browser storage
14521
14569
  this.browserStorage.removeAccountContext(AccountEntity.getAccountInfo(accountEntity), correlationId);
14522
14570
  }
@@ -14545,7 +14593,7 @@
14545
14593
  idToken: cachedIdToken,
14546
14594
  accessToken: cachedAccessToken,
14547
14595
  };
14548
- return this.nativeStorageManager.saveCacheRecord(nativeCacheRecord, this.correlationId, isKmsi(idTokenClaims), request.storeInCache);
14596
+ return this.nativeStorageManager.saveCacheRecord(nativeCacheRecord, this.correlationId, isKmsi(idTokenClaims), this.apiId, request.storeInCache);
14549
14597
  }
14550
14598
  getExpiresInValue(tokenType, expiresIn) {
14551
14599
  return tokenType === AuthenticationScheme.POP
@@ -14920,7 +14968,7 @@
14920
14968
  // Create popup interaction handler.
14921
14969
  const interactionHandler = new InteractionHandler(authClient, browserStorage, authCodeRequest, logger, performanceClient);
14922
14970
  // Handle response from hash string.
14923
- const result = await invokeAsync(interactionHandler.handleCodeResponse.bind(interactionHandler), PerformanceEvents.HandleCodeResponse, logger, performanceClient, request.correlationId)(response, request);
14971
+ const result = await invokeAsync(interactionHandler.handleCodeResponse.bind(interactionHandler), PerformanceEvents.HandleCodeResponse, logger, performanceClient, request.correlationId)(response, request, apiId);
14924
14972
  return result;
14925
14973
  }
14926
14974
  /**
@@ -14967,7 +15015,7 @@
14967
15015
  cloud_instance_name: decryptedData.cloud_instance_name,
14968
15016
  msgraph_host: decryptedData.msgraph_host,
14969
15017
  };
14970
- return (await invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, logger, performanceClient, request.correlationId)(decryptedData, authority, nowSeconds(), request, additionalData, undefined, undefined, undefined, undefined));
15018
+ return (await invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, logger, performanceClient, request.correlationId)(decryptedData, authority, nowSeconds(), request, apiId, additionalData, undefined, undefined, undefined, undefined));
14971
15019
  }
14972
15020
 
14973
15021
  /*
@@ -15433,7 +15481,7 @@
15433
15481
  * @param perfClient
15434
15482
  * @returns
15435
15483
  */
15436
- async function isPlatformBrokerAvailable(loggerOptions, perfClient, correlationId) {
15484
+ async function isPlatformBrokerAvailable(loggerOptions, perfClient, correlationId, domConfig) {
15437
15485
  const logger = new Logger(loggerOptions || {}, name, version);
15438
15486
  logger.trace("isPlatformBrokerAvailable called");
15439
15487
  const performanceClient = perfClient || new StubPerformanceClient();
@@ -15441,11 +15489,10 @@
15441
15489
  logger.trace("Non-browser environment detected, returning false");
15442
15490
  return false;
15443
15491
  }
15444
- return !!(await getPlatformAuthProvider(logger, performanceClient, correlationId || createNewGuid()));
15492
+ return !!(await getPlatformAuthProvider(logger, performanceClient, correlationId || createNewGuid(), undefined, domConfig));
15445
15493
  }
15446
- async function getPlatformAuthProvider(logger, performanceClient, correlationId, nativeBrokerHandshakeTimeout) {
15494
+ async function getPlatformAuthProvider(logger, performanceClient, correlationId, nativeBrokerHandshakeTimeout, enablePlatformBrokerDOMSupport) {
15447
15495
  logger.trace("getPlatformAuthProvider called", correlationId);
15448
- const enablePlatformBrokerDOMSupport = isDomEnabledForPlatformAuth();
15449
15496
  logger.trace("Has client allowed platform auth via DOM API: " +
15450
15497
  enablePlatformBrokerDOMSupport);
15451
15498
  let platformAuthProvider;
@@ -15470,22 +15517,6 @@
15470
15517
  }
15471
15518
  return platformAuthProvider;
15472
15519
  }
15473
- /**
15474
- * Returns true if the DOM API support for platform auth is enabled in session storage
15475
- * @returns boolean
15476
- * @deprecated
15477
- */
15478
- function isDomEnabledForPlatformAuth() {
15479
- let sessionStorage;
15480
- try {
15481
- sessionStorage = window[BrowserCacheLocation.SessionStorage];
15482
- // Mute errors if it's a non-browser environment or cookies are blocked.
15483
- return sessionStorage?.getItem(PLATFORM_AUTH_DOM_SUPPORT) === "true";
15484
- }
15485
- catch (e) {
15486
- return false;
15487
- }
15488
- }
15489
15520
  /**
15490
15521
  * Returns boolean indicating whether or not the request should attempt to use native broker
15491
15522
  * @param logger
@@ -15495,6 +15526,11 @@
15495
15526
  */
15496
15527
  function isPlatformAuthAllowed(config, logger, platformAuthProvider, authenticationScheme) {
15497
15528
  logger.trace("isPlatformAuthAllowed called");
15529
+ // throw an error if allowPlatformBroker is not enabled and allowPlatformBrokerWithDOM is enabled
15530
+ if (!config.system.allowPlatformBroker &&
15531
+ config.system.allowPlatformBrokerWithDOM) {
15532
+ throw createClientConfigurationError(invalidPlatformBrokerConfiguration);
15533
+ }
15498
15534
  if (!config.system.allowPlatformBroker) {
15499
15535
  logger.trace("isPlatformAuthAllowed: allowPlatformBroker is not enabled, returning false");
15500
15536
  // Developer disabled WAM
@@ -16793,7 +16829,7 @@
16793
16829
  account: silentRequest.account,
16794
16830
  });
16795
16831
  // Send request to renew token. Auth module will throw errors if token cannot be renewed.
16796
- return invokeAsync(refreshTokenClient.acquireTokenByRefreshToken.bind(refreshTokenClient), PerformanceEvents.RefreshTokenClientAcquireTokenByRefreshToken, this.logger, this.performanceClient, request.correlationId)(silentRequest).catch((e) => {
16832
+ return invokeAsync(refreshTokenClient.acquireTokenByRefreshToken.bind(refreshTokenClient), PerformanceEvents.RefreshTokenClientAcquireTokenByRefreshToken, this.logger, this.performanceClient, request.correlationId)(silentRequest, ApiId.acquireTokenSilent_silentFlow).catch((e) => {
16797
16833
  e.setCorrelationId(this.correlationId);
16798
16834
  serverTelemetryManager.cacheFailedRequest(e);
16799
16835
  throw e;
@@ -16837,12 +16873,13 @@
16837
16873
  * Token cache manager
16838
16874
  */
16839
16875
  class TokenCache {
16840
- constructor(configuration, storage, logger, cryptoObj) {
16876
+ constructor(configuration, storage, logger, cryptoObj, performanceClient) {
16841
16877
  this.isBrowserEnvironment = typeof window !== "undefined";
16842
16878
  this.config = configuration;
16843
16879
  this.storage = storage;
16844
16880
  this.logger = logger;
16845
16881
  this.cryptoObj = cryptoObj;
16882
+ this.performanceClient = performanceClient;
16846
16883
  }
16847
16884
  // Move getAllAccounts here and cache utility APIs
16848
16885
  /**
@@ -16857,30 +16894,38 @@
16857
16894
  throw createBrowserAuthError(nonBrowserEnvironment);
16858
16895
  }
16859
16896
  const correlationId = request.correlationId || createNewGuid();
16860
- const idTokenClaims = response.id_token
16861
- ? extractTokenClaims(response.id_token, base64Decode)
16862
- : undefined;
16863
- const kmsi = isKmsi(idTokenClaims || {});
16864
- const authorityOptions = {
16865
- protocolMode: this.config.auth.protocolMode,
16866
- knownAuthorities: this.config.auth.knownAuthorities,
16867
- cloudDiscoveryMetadata: this.config.auth.cloudDiscoveryMetadata,
16868
- authorityMetadata: this.config.auth.authorityMetadata,
16869
- skipAuthorityMetadataCache: this.config.auth.skipAuthorityMetadataCache,
16870
- };
16871
- const authority = request.authority
16872
- ? new Authority(Authority.generateAuthority(request.authority, request.azureCloudOptions), this.config.system.networkClient, this.storage, authorityOptions, this.logger, request.correlationId || createNewGuid())
16873
- : undefined;
16874
- const cacheRecordAccount = await this.loadAccount(request, options.clientInfo || response.client_info || "", correlationId, idTokenClaims, authority);
16875
- const idToken = await this.loadIdToken(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, correlationId, kmsi);
16876
- const accessToken = await this.loadAccessToken(request, response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, options, correlationId, kmsi);
16877
- const refreshToken = await this.loadRefreshToken(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, correlationId, kmsi);
16878
- return this.generateAuthenticationResult(request, {
16879
- account: cacheRecordAccount,
16880
- idToken,
16881
- accessToken,
16882
- refreshToken,
16883
- }, idTokenClaims, authority);
16897
+ const rootMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.LoadExternalTokens, correlationId);
16898
+ try {
16899
+ const idTokenClaims = response.id_token
16900
+ ? extractTokenClaims(response.id_token, base64Decode)
16901
+ : undefined;
16902
+ const kmsi = isKmsi(idTokenClaims || {});
16903
+ const authorityOptions = {
16904
+ protocolMode: this.config.auth.protocolMode,
16905
+ knownAuthorities: this.config.auth.knownAuthorities,
16906
+ cloudDiscoveryMetadata: this.config.auth.cloudDiscoveryMetadata,
16907
+ authorityMetadata: this.config.auth.authorityMetadata,
16908
+ skipAuthorityMetadataCache: this.config.auth.skipAuthorityMetadataCache,
16909
+ };
16910
+ const authority = request.authority
16911
+ ? new Authority(Authority.generateAuthority(request.authority, request.azureCloudOptions), this.config.system.networkClient, this.storage, authorityOptions, this.logger, request.correlationId || createNewGuid())
16912
+ : undefined;
16913
+ const cacheRecordAccount = await invokeAsync(this.loadAccount.bind(this), PerformanceEvents.LoadAccount, this.logger, this.performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, idTokenClaims, authority);
16914
+ const idToken = await invokeAsync(this.loadIdToken.bind(this), PerformanceEvents.LoadIdToken, this.logger, this.performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, correlationId, kmsi);
16915
+ const accessToken = await invokeAsync(this.loadAccessToken.bind(this), PerformanceEvents.LoadAccessToken, this.logger, this.performanceClient, correlationId)(request, response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, options, correlationId, kmsi);
16916
+ const refreshToken = await invokeAsync(this.loadRefreshToken.bind(this), PerformanceEvents.LoadRefreshToken, this.logger, this.performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, correlationId, kmsi);
16917
+ rootMeasurement.end({ success: true }, undefined, AccountEntity.getAccountInfo(cacheRecordAccount));
16918
+ return this.generateAuthenticationResult(request, {
16919
+ account: cacheRecordAccount,
16920
+ idToken,
16921
+ accessToken,
16922
+ refreshToken,
16923
+ }, idTokenClaims, authority);
16924
+ }
16925
+ catch (error) {
16926
+ rootMeasurement.end({ success: false }, error);
16927
+ throw error;
16928
+ }
16884
16929
  }
16885
16930
  /**
16886
16931
  * Helper function to load account to msal-browser cache
@@ -16895,7 +16940,7 @@
16895
16940
  this.logger.verbose("TokenCache - loading account");
16896
16941
  if (request.account) {
16897
16942
  const accountEntity = AccountEntity.createFromAccountInfo(request.account);
16898
- await this.storage.setAccount(accountEntity, correlationId, isKmsi(idTokenClaims || {}));
16943
+ await this.storage.setAccount(accountEntity, correlationId, isKmsi(idTokenClaims || {}), ApiId.loadExternalTokens);
16899
16944
  return accountEntity;
16900
16945
  }
16901
16946
  else if (!authority || (!clientInfo && !idTokenClaims)) {
@@ -16907,7 +16952,7 @@
16907
16952
  const cachedAccount = buildAccountToCache(this.storage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, authority.hostnameAndPort, claimsTenantId, undefined, // authCodePayload
16908
16953
  undefined, // nativeAccountId
16909
16954
  this.logger);
16910
- await this.storage.setAccount(cachedAccount, correlationId, isKmsi(idTokenClaims || {}));
16955
+ await this.storage.setAccount(cachedAccount, correlationId, isKmsi(idTokenClaims || {}), ApiId.loadExternalTokens);
16911
16956
  return cachedAccount;
16912
16957
  }
16913
16958
  /**
@@ -17083,7 +17128,7 @@
17083
17128
  msgraph_host: request.msGraphHost,
17084
17129
  cloud_graph_host_name: request.cloudGraphHostName,
17085
17130
  cloud_instance_host_name: request.cloudInstanceHostName,
17086
- }, silentRequest, false);
17131
+ }, silentRequest, this.apiId, false);
17087
17132
  }
17088
17133
  catch (e) {
17089
17134
  if (e instanceof AuthError) {
@@ -17196,7 +17241,7 @@
17196
17241
  };
17197
17242
  this.nativeInternalStorage = new BrowserCacheManager(this.config.auth.clientId, nativeCacheOptions, this.browserCrypto, this.logger, this.performanceClient, this.eventHandler);
17198
17243
  // Initialize the token cache
17199
- this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto);
17244
+ this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto, this.performanceClient);
17200
17245
  this.activeSilentTokenRequests = new Map();
17201
17246
  // Register listener functions
17202
17247
  this.trackPageVisibility = this.trackPageVisibility.bind(this);
@@ -17247,7 +17292,7 @@
17247
17292
  if (allowPlatformBroker) {
17248
17293
  try {
17249
17294
  // check if platform authentication is available via DOM or browser extension and create relevant handlers
17250
- this.platformAuthProvider = await getPlatformAuthProvider(this.logger, this.performanceClient, initCorrelationId, this.config.system.nativeBrokerHandshakeTimeout);
17295
+ this.platformAuthProvider = await getPlatformAuthProvider(this.logger, this.performanceClient, initCorrelationId, this.config.system.nativeBrokerHandshakeTimeout, this.config.system.allowPlatformBrokerWithDOM);
17251
17296
  }
17252
17297
  catch (e) {
17253
17298
  this.logger.verbose(e);
@@ -18026,7 +18071,7 @@
18026
18071
  this.logger.verbose("hydrateCache called");
18027
18072
  // Account gets saved to browser storage regardless of native or not
18028
18073
  const accountEntity = AccountEntity.createFromAccountInfo(result.account, result.cloudGraphHostName, result.msGraphHost);
18029
- await this.browserStorage.setAccount(accountEntity, result.correlationId, isKmsi(result.idTokenClaims));
18074
+ await this.browserStorage.setAccount(accountEntity, result.correlationId, isKmsi(result.idTokenClaims), ApiId.hydrateCache);
18030
18075
  if (result.fromNativeBroker) {
18031
18076
  this.logger.verbose("Response was from native broker, storing in-memory");
18032
18077
  // Tokens from native broker are stored in-memory
@@ -19304,7 +19349,7 @@
19304
19349
  async hydrateCache(result, request) {
19305
19350
  this.logger.verbose("hydrateCache called");
19306
19351
  const accountEntity = AccountEntity.createFromAccountInfo(result.account, result.cloudGraphHostName, result.msGraphHost);
19307
- await this.browserStorage.setAccount(accountEntity, result.correlationId, isKmsi(result.idTokenClaims));
19352
+ await this.browserStorage.setAccount(accountEntity, result.correlationId, isKmsi(result.idTokenClaims), ApiId.hydrateCache);
19308
19353
  return this.browserStorage.hydrateCache(result, request);
19309
19354
  }
19310
19355
  }