@azure/msal-browser 4.27.0 → 5.0.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1624) hide show
  1. package/README.md +24 -32
  2. package/dist/app/IPublicClientApplication.d.ts +3 -10
  3. package/dist/app/IPublicClientApplication.d.ts.map +1 -1
  4. package/dist/app/IPublicClientApplication.mjs +1 -22
  5. package/dist/app/IPublicClientApplication.mjs.map +1 -1
  6. package/dist/app/PublicClientApplication.d.ts +6 -56
  7. package/dist/app/PublicClientApplication.d.ts.map +1 -1
  8. package/dist/app/PublicClientApplication.mjs +15 -80
  9. package/dist/app/PublicClientApplication.mjs.map +1 -1
  10. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +3 -2
  11. package/dist/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
  12. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  13. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +13 -15
  14. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  15. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts +1 -1
  16. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -1
  17. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +28 -30
  18. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs.map +1 -1
  19. package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts +12 -4
  20. package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
  21. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +43 -28
  22. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
  23. package/dist/cache/AccountManager.d.ts +0 -25
  24. package/dist/cache/AccountManager.d.ts.map +1 -1
  25. package/dist/cache/AccountManager.mjs +10 -84
  26. package/dist/cache/AccountManager.mjs.map +1 -1
  27. package/dist/cache/AsyncMemoryStorage.d.ts +14 -7
  28. package/dist/cache/AsyncMemoryStorage.d.ts.map +1 -1
  29. package/dist/cache/AsyncMemoryStorage.mjs +30 -23
  30. package/dist/cache/AsyncMemoryStorage.mjs.map +1 -1
  31. package/dist/cache/BrowserCacheManager.d.ts +24 -27
  32. package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
  33. package/dist/cache/BrowserCacheManager.mjs +134 -188
  34. package/dist/cache/BrowserCacheManager.mjs.map +1 -1
  35. package/dist/cache/CacheHelpers.mjs +1 -1
  36. package/dist/cache/CacheKeys.mjs +3 -2
  37. package/dist/cache/CacheKeys.mjs.map +1 -1
  38. package/dist/cache/CookieStorage.mjs +1 -1
  39. package/dist/cache/DatabaseStorage.mjs +1 -1
  40. package/dist/cache/EncryptedData.mjs +1 -1
  41. package/dist/cache/IAsyncStorage.d.ts +10 -5
  42. package/dist/cache/IAsyncStorage.d.ts.map +1 -1
  43. package/dist/cache/LocalStorage.d.ts.map +1 -1
  44. package/dist/cache/LocalStorage.mjs +23 -19
  45. package/dist/cache/LocalStorage.mjs.map +1 -1
  46. package/dist/cache/MemoryStorage.mjs +1 -1
  47. package/dist/cache/SessionStorage.mjs +1 -1
  48. package/dist/cache/TokenCache.d.ts +8 -68
  49. package/dist/cache/TokenCache.d.ts.map +1 -1
  50. package/dist/cache/TokenCache.mjs +179 -187
  51. package/dist/cache/TokenCache.mjs.map +1 -1
  52. package/dist/config/Configuration.d.ts +8 -69
  53. package/dist/config/Configuration.d.ts.map +1 -1
  54. package/dist/config/Configuration.mjs +22 -39
  55. package/dist/config/Configuration.mjs.map +1 -1
  56. package/dist/controllers/IController.d.ts +2 -58
  57. package/dist/controllers/IController.d.ts.map +1 -1
  58. package/dist/controllers/NestedAppAuthController.d.ts +5 -49
  59. package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
  60. package/dist/controllers/NestedAppAuthController.mjs +32 -100
  61. package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
  62. package/dist/controllers/StandardController.d.ts +10 -55
  63. package/dist/controllers/StandardController.d.ts.map +1 -1
  64. package/dist/controllers/StandardController.mjs +179 -335
  65. package/dist/controllers/StandardController.mjs.map +1 -1
  66. package/dist/controllers/UnknownOperatingContextController.d.ts +5 -18
  67. package/dist/controllers/UnknownOperatingContextController.d.ts.map +1 -1
  68. package/dist/crypto/BrowserCrypto.d.ts +1 -2
  69. package/dist/crypto/BrowserCrypto.d.ts.map +1 -1
  70. package/dist/crypto/BrowserCrypto.mjs +2 -4
  71. package/dist/crypto/BrowserCrypto.mjs.map +1 -1
  72. package/dist/crypto/CryptoOps.d.ts +4 -2
  73. package/dist/crypto/CryptoOps.d.ts.map +1 -1
  74. package/dist/crypto/CryptoOps.mjs +17 -14
  75. package/dist/crypto/CryptoOps.mjs.map +1 -1
  76. package/dist/crypto/PkceGenerator.d.ts.map +1 -1
  77. package/dist/crypto/PkceGenerator.mjs +7 -8
  78. package/dist/crypto/PkceGenerator.mjs.map +1 -1
  79. package/dist/crypto/SignedHttpRequest.d.ts +2 -1
  80. package/dist/crypto/SignedHttpRequest.d.ts.map +1 -1
  81. package/dist/crypto/SignedHttpRequest.mjs +6 -18
  82. package/dist/crypto/SignedHttpRequest.mjs.map +1 -1
  83. package/dist/custom-auth-path/app/IPublicClientApplication.d.ts +3 -10
  84. package/dist/custom-auth-path/app/IPublicClientApplication.d.ts.map +1 -1
  85. package/dist/custom-auth-path/app/PublicClientApplication.d.ts +6 -56
  86. package/dist/custom-auth-path/app/PublicClientApplication.d.ts.map +1 -1
  87. package/dist/custom-auth-path/app/PublicClientApplication.mjs +5 -76
  88. package/dist/custom-auth-path/app/PublicClientApplication.mjs.map +1 -1
  89. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +3 -2
  90. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
  91. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  92. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +13 -15
  93. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  94. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts +1 -1
  95. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -1
  96. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +28 -30
  97. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs.map +1 -1
  98. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.d.ts +12 -4
  99. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
  100. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +37 -23
  101. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
  102. package/dist/custom-auth-path/cache/AccountManager.d.ts +0 -25
  103. package/dist/custom-auth-path/cache/AccountManager.d.ts.map +1 -1
  104. package/dist/custom-auth-path/cache/AccountManager.mjs +10 -84
  105. package/dist/custom-auth-path/cache/AccountManager.mjs.map +1 -1
  106. package/dist/custom-auth-path/cache/AsyncMemoryStorage.d.ts +14 -7
  107. package/dist/custom-auth-path/cache/AsyncMemoryStorage.d.ts.map +1 -1
  108. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +30 -23
  109. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs.map +1 -1
  110. package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts +24 -27
  111. package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts.map +1 -1
  112. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +134 -188
  113. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs.map +1 -1
  114. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  115. package/dist/custom-auth-path/cache/CacheKeys.mjs +3 -2
  116. package/dist/custom-auth-path/cache/CacheKeys.mjs.map +1 -1
  117. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  118. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  119. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  120. package/dist/custom-auth-path/cache/IAsyncStorage.d.ts +10 -5
  121. package/dist/custom-auth-path/cache/IAsyncStorage.d.ts.map +1 -1
  122. package/dist/custom-auth-path/cache/LocalStorage.d.ts.map +1 -1
  123. package/dist/custom-auth-path/cache/LocalStorage.mjs +23 -19
  124. package/dist/custom-auth-path/cache/LocalStorage.mjs.map +1 -1
  125. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  126. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  127. package/dist/custom-auth-path/cache/TokenCache.d.ts +8 -68
  128. package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
  129. package/dist/custom-auth-path/config/Configuration.d.ts +8 -69
  130. package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
  131. package/dist/custom-auth-path/config/Configuration.mjs +22 -39
  132. package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
  133. package/dist/custom-auth-path/controllers/IController.d.ts +2 -58
  134. package/dist/custom-auth-path/controllers/IController.d.ts.map +1 -1
  135. package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts +5 -49
  136. package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
  137. package/dist/custom-auth-path/controllers/StandardController.d.ts +10 -55
  138. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  139. package/dist/custom-auth-path/controllers/StandardController.mjs +179 -335
  140. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  141. package/dist/custom-auth-path/controllers/UnknownOperatingContextController.d.ts +5 -18
  142. package/dist/custom-auth-path/controllers/UnknownOperatingContextController.d.ts.map +1 -1
  143. package/dist/custom-auth-path/crypto/BrowserCrypto.d.ts +1 -2
  144. package/dist/custom-auth-path/crypto/BrowserCrypto.d.ts.map +1 -1
  145. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +2 -4
  146. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs.map +1 -1
  147. package/dist/custom-auth-path/crypto/CryptoOps.d.ts +4 -2
  148. package/dist/custom-auth-path/crypto/CryptoOps.d.ts.map +1 -1
  149. package/dist/custom-auth-path/crypto/CryptoOps.mjs +17 -14
  150. package/dist/custom-auth-path/crypto/CryptoOps.mjs.map +1 -1
  151. package/dist/custom-auth-path/crypto/PkceGenerator.d.ts.map +1 -1
  152. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +7 -8
  153. package/dist/custom-auth-path/crypto/PkceGenerator.mjs.map +1 -1
  154. package/dist/custom-auth-path/crypto/SignedHttpRequest.d.ts +2 -1
  155. package/dist/custom-auth-path/crypto/SignedHttpRequest.d.ts.map +1 -1
  156. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +2 -2
  157. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts.map +1 -1
  158. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
  161. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +27 -31
  162. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs.map +1 -1
  163. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.d.ts +2 -2
  164. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.d.ts.map +1 -1
  165. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +6 -7
  166. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs.map +1 -1
  167. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  169. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +3 -3
  170. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs.map +1 -1
  171. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  172. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  173. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts +3 -0
  174. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts.map +1 -1
  175. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +4 -1
  176. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs.map +1 -1
  177. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts +2 -0
  178. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts.map +1 -1
  179. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +3 -1
  180. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs.map +1 -1
  181. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  182. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  183. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts +7 -0
  184. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts.map +1 -1
  185. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +17 -10
  186. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs.map +1 -1
  187. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  188. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts +2 -0
  189. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts.map +1 -1
  190. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +3 -1
  191. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs.map +1 -1
  192. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts +2 -0
  193. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts.map +1 -1
  194. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +3 -1
  195. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs.map +1 -1
  196. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  197. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  198. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts +6 -0
  199. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts.map +1 -1
  200. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +13 -7
  201. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs.map +1 -1
  202. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  203. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  204. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  205. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  206. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  207. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  208. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  209. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  210. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  211. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  212. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  213. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  214. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  215. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  216. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  217. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  218. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
  219. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +4 -4
  220. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs.map +1 -1
  221. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  222. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
  223. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +20 -15
  224. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs.map +1 -1
  225. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  226. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
  227. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +17 -14
  228. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs.map +1 -1
  229. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  230. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  231. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  232. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  233. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  234. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  235. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  236. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  237. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  238. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  239. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.d.ts.map +1 -1
  240. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +5 -5
  241. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs.map +1 -1
  242. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  243. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  244. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  245. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  246. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +10 -10
  247. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs.map +1 -1
  248. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  249. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  250. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  251. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  252. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  253. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  254. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  255. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
  256. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +17 -19
  257. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs.map +1 -1
  258. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  259. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  260. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  261. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  262. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  263. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  264. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  265. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +7 -7
  266. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs.map +1 -1
  267. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  268. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  269. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +4 -4
  270. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs.map +1 -1
  271. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  272. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.d.ts.map +1 -1
  273. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +30 -28
  274. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs.map +1 -1
  275. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  276. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  277. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  278. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts +2 -0
  279. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts.map +1 -1
  280. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +3 -1
  281. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs.map +1 -1
  282. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts +2 -0
  283. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts.map +1 -1
  284. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +3 -1
  285. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs.map +1 -1
  286. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts +2 -0
  287. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts.map +1 -1
  288. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +3 -1
  289. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs.map +1 -1
  290. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +6 -6
  291. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs.map +1 -1
  292. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  293. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +4 -4
  294. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs.map +1 -1
  295. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  296. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +4 -4
  297. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs.map +1 -1
  298. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +4 -4
  299. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs.map +1 -1
  300. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
  301. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +53 -47
  302. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs.map +1 -1
  303. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  304. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  305. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  306. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  307. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  308. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  309. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  310. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +6 -6
  311. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs.map +1 -1
  312. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +10 -10
  313. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs.map +1 -1
  314. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  315. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  316. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +6 -6
  317. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs.map +1 -1
  318. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  319. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.d.ts +4 -4
  320. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.d.ts.map +1 -1
  321. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +56 -50
  322. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs.map +1 -1
  323. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  324. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  325. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  326. package/dist/custom-auth-path/error/BrowserAuthError.d.ts +1 -246
  327. package/dist/custom-auth-path/error/BrowserAuthError.d.ts.map +1 -1
  328. package/dist/custom-auth-path/error/BrowserAuthError.mjs +6 -61
  329. package/dist/custom-auth-path/error/BrowserAuthError.mjs.map +1 -1
  330. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.d.ts +3 -2
  331. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.d.ts.map +1 -1
  332. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +6 -10
  333. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs.map +1 -1
  334. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.d.ts +0 -23
  335. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.d.ts.map +1 -1
  336. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +4 -9
  337. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs.map +1 -1
  338. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +2 -3
  339. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs.map +1 -1
  340. package/dist/custom-auth-path/error/NativeAuthError.d.ts +0 -3
  341. package/dist/custom-auth-path/error/NativeAuthError.d.ts.map +1 -1
  342. package/dist/custom-auth-path/error/NativeAuthError.mjs +10 -12
  343. package/dist/custom-auth-path/error/NativeAuthError.mjs.map +1 -1
  344. package/dist/custom-auth-path/error/NativeAuthErrorCodes.d.ts +1 -0
  345. package/dist/custom-auth-path/error/NativeAuthErrorCodes.d.ts.map +1 -1
  346. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  347. package/dist/custom-auth-path/error/NestedAppAuthError.d.ts +0 -9
  348. package/dist/custom-auth-path/error/NestedAppAuthError.d.ts.map +1 -1
  349. package/dist/custom-auth-path/event/EventHandler.d.ts.map +1 -1
  350. package/dist/custom-auth-path/event/EventHandler.mjs +9 -12
  351. package/dist/custom-auth-path/event/EventHandler.mjs.map +1 -1
  352. package/dist/custom-auth-path/event/EventMessage.d.ts.map +1 -1
  353. package/dist/custom-auth-path/event/EventType.d.ts +3 -10
  354. package/dist/custom-auth-path/event/EventType.d.ts.map +1 -1
  355. package/dist/custom-auth-path/event/EventType.mjs +4 -11
  356. package/dist/custom-auth-path/event/EventType.mjs.map +1 -1
  357. package/dist/custom-auth-path/index.d.ts +34 -6
  358. package/dist/custom-auth-path/index.d.ts.map +1 -1
  359. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.d.ts +50 -32
  360. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.d.ts.map +1 -1
  361. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +116 -97
  362. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs.map +1 -1
  363. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.d.ts +2 -2
  364. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.d.ts.map +1 -1
  365. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +3 -3
  366. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs.map +1 -1
  367. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts +5 -3
  368. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  369. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +72 -87
  370. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  371. package/dist/custom-auth-path/interaction_client/PopupClient.d.ts +1 -16
  372. package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
  373. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +66 -145
  374. package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
  375. package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts +8 -4
  376. package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts.map +1 -1
  377. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +78 -85
  378. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
  379. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.d.ts +1 -1
  380. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  381. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +17 -10
  382. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
  383. package/dist/custom-auth-path/interaction_client/SilentCacheClient.d.ts.map +1 -1
  384. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +11 -10
  385. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs.map +1 -1
  386. package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts +1 -1
  387. package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
  388. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +43 -50
  389. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
  390. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  391. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +9 -8
  392. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs.map +1 -1
  393. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts +17 -7
  394. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  395. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +63 -67
  396. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
  397. package/dist/custom-auth-path/interaction_handler/InteractionHandler.d.ts +2 -3
  398. package/dist/custom-auth-path/interaction_handler/InteractionHandler.d.ts.map +1 -1
  399. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +7 -13
  400. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs.map +1 -1
  401. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts +2 -8
  402. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
  403. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +8 -97
  404. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
  405. package/dist/custom-auth-path/log-strings-mapping.json +1703 -0
  406. package/dist/custom-auth-path/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  407. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  408. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  409. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.d.ts +2 -1
  410. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.d.ts.map +1 -1
  411. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  412. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs.map +1 -1
  413. package/dist/custom-auth-path/operatingcontext/NestedAppOperatingContext.d.ts +2 -1
  414. package/dist/custom-auth-path/operatingcontext/NestedAppOperatingContext.d.ts.map +1 -1
  415. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.d.ts +1 -1
  416. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.d.ts.map +1 -1
  417. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +3 -2
  418. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs.map +1 -1
  419. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  420. package/dist/custom-auth-path/packageMetadata.d.ts.map +1 -1
  421. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  422. package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
  423. package/dist/custom-auth-path/protocol/Authorize.mjs +37 -29
  424. package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
  425. package/dist/custom-auth-path/redirect_bridge/index.d.ts +16 -0
  426. package/dist/custom-auth-path/redirect_bridge/index.d.ts.map +1 -0
  427. package/dist/custom-auth-path/request/AuthorizationCodeRequest.d.ts +1 -1
  428. package/dist/custom-auth-path/request/AuthorizationCodeRequest.d.ts.map +1 -1
  429. package/dist/custom-auth-path/request/EndSessionPopupRequest.d.ts +1 -1
  430. package/dist/custom-auth-path/request/EndSessionPopupRequest.d.ts.map +1 -1
  431. package/dist/custom-auth-path/request/EndSessionRequest.d.ts +1 -3
  432. package/dist/custom-auth-path/request/EndSessionRequest.d.ts.map +1 -1
  433. package/dist/custom-auth-path/request/HandleRedirectPromiseOptions.d.ts +5 -0
  434. package/dist/custom-auth-path/request/HandleRedirectPromiseOptions.d.ts.map +1 -0
  435. package/dist/custom-auth-path/request/PopupRequest.d.ts +5 -4
  436. package/dist/custom-auth-path/request/PopupRequest.d.ts.map +1 -1
  437. package/dist/custom-auth-path/request/RedirectRequest.d.ts +3 -11
  438. package/dist/custom-auth-path/request/RedirectRequest.d.ts.map +1 -1
  439. package/dist/custom-auth-path/request/RequestHelpers.d.ts +7 -3
  440. package/dist/custom-auth-path/request/RequestHelpers.d.ts.map +1 -1
  441. package/dist/custom-auth-path/request/RequestHelpers.mjs +21 -28
  442. package/dist/custom-auth-path/request/RequestHelpers.mjs.map +1 -1
  443. package/dist/custom-auth-path/request/SilentRequest.d.ts +3 -4
  444. package/dist/custom-auth-path/request/SilentRequest.d.ts.map +1 -1
  445. package/dist/custom-auth-path/request/SsoSilentRequest.d.ts +3 -4
  446. package/dist/custom-auth-path/request/SsoSilentRequest.d.ts.map +1 -1
  447. package/dist/custom-auth-path/response/ResponseHandler.d.ts +1 -1
  448. package/dist/custom-auth-path/response/ResponseHandler.d.ts.map +1 -1
  449. package/dist/custom-auth-path/response/ResponseHandler.mjs +5 -5
  450. package/dist/custom-auth-path/response/ResponseHandler.mjs.map +1 -1
  451. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +2 -19
  452. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  453. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts +130 -0
  454. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts.map +1 -0
  455. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +124 -0
  456. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs.map +1 -0
  457. package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.d.ts +35 -0
  458. package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -0
  459. package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +45 -0
  460. package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs.map +1 -0
  461. package/dist/custom-auth-path/utils/BrowserConstants.d.ts +0 -12
  462. package/dist/custom-auth-path/utils/BrowserConstants.d.ts.map +1 -1
  463. package/dist/custom-auth-path/utils/BrowserConstants.mjs +3 -7
  464. package/dist/custom-auth-path/utils/BrowserConstants.mjs.map +1 -1
  465. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +2 -2
  466. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs.map +1 -1
  467. package/dist/custom-auth-path/utils/BrowserUtils.d.ts +36 -2
  468. package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
  469. package/dist/custom-auth-path/utils/BrowserUtils.mjs +155 -14
  470. package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
  471. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  472. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +1 -1
  473. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  474. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +3 -3
  475. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
  476. package/dist/custom_auth/CustomAuthConstants.d.ts +2 -2
  477. package/dist/custom_auth/CustomAuthConstants.d.ts.map +1 -1
  478. package/dist/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
  479. package/dist/custom_auth/core/CustomAuthAuthority.d.ts +2 -2
  480. package/dist/custom_auth/core/CustomAuthAuthority.d.ts.map +1 -1
  481. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts +3 -0
  482. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts.map +1 -1
  483. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts +2 -0
  484. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts.map +1 -1
  485. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts +7 -0
  486. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts.map +1 -1
  487. package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts +2 -0
  488. package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts.map +1 -1
  489. package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts +2 -0
  490. package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts.map +1 -1
  491. package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts +6 -0
  492. package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts.map +1 -1
  493. package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
  494. package/dist/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
  495. package/dist/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
  496. package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.d.ts.map +1 -1
  497. package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
  498. package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.d.ts.map +1 -1
  499. package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts +2 -0
  500. package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts.map +1 -1
  501. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts +2 -0
  502. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts.map +1 -1
  503. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts +2 -0
  504. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts.map +1 -1
  505. package/dist/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
  506. package/dist/custom_auth/sign_up/interaction_client/SignUpClient.d.ts +4 -4
  507. package/dist/custom_auth/sign_up/interaction_client/SignUpClient.d.ts.map +1 -1
  508. package/dist/encode/Base64Decode.mjs +1 -1
  509. package/dist/encode/Base64Encode.mjs +1 -1
  510. package/dist/error/BrowserAuthError.d.ts +1 -246
  511. package/dist/error/BrowserAuthError.d.ts.map +1 -1
  512. package/dist/error/BrowserAuthError.mjs +6 -253
  513. package/dist/error/BrowserAuthError.mjs.map +1 -1
  514. package/dist/error/BrowserAuthErrorCodes.d.ts +3 -2
  515. package/dist/error/BrowserAuthErrorCodes.d.ts.map +1 -1
  516. package/dist/error/BrowserAuthErrorCodes.mjs +6 -5
  517. package/dist/error/BrowserAuthErrorCodes.mjs.map +1 -1
  518. package/dist/error/BrowserConfigurationAuthError.d.ts +0 -23
  519. package/dist/error/BrowserConfigurationAuthError.d.ts.map +1 -1
  520. package/dist/error/BrowserConfigurationAuthError.mjs +4 -29
  521. package/dist/error/BrowserConfigurationAuthError.mjs.map +1 -1
  522. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  523. package/dist/error/NativeAuthError.d.ts +0 -3
  524. package/dist/error/NativeAuthError.d.ts.map +1 -1
  525. package/dist/error/NativeAuthError.mjs +10 -12
  526. package/dist/error/NativeAuthError.mjs.map +1 -1
  527. package/dist/error/NativeAuthErrorCodes.d.ts +1 -0
  528. package/dist/error/NativeAuthErrorCodes.d.ts.map +1 -1
  529. package/dist/error/NativeAuthErrorCodes.mjs +4 -3
  530. package/dist/error/NativeAuthErrorCodes.mjs.map +1 -1
  531. package/dist/error/NestedAppAuthError.d.ts +0 -9
  532. package/dist/error/NestedAppAuthError.d.ts.map +1 -1
  533. package/dist/error/NestedAppAuthError.mjs +4 -12
  534. package/dist/error/NestedAppAuthError.mjs.map +1 -1
  535. package/dist/event/EventHandler.d.ts.map +1 -1
  536. package/dist/event/EventHandler.mjs +9 -12
  537. package/dist/event/EventHandler.mjs.map +1 -1
  538. package/dist/event/EventMessage.d.ts.map +1 -1
  539. package/dist/event/EventMessage.mjs +2 -17
  540. package/dist/event/EventMessage.mjs.map +1 -1
  541. package/dist/event/EventType.d.ts +3 -10
  542. package/dist/event/EventType.d.ts.map +1 -1
  543. package/dist/event/EventType.mjs +4 -11
  544. package/dist/event/EventType.mjs.map +1 -1
  545. package/dist/index.d.ts +34 -6
  546. package/dist/index.d.ts.map +1 -1
  547. package/dist/index.mjs +25 -5
  548. package/dist/index.mjs.map +1 -1
  549. package/dist/interaction_client/BaseInteractionClient.d.ts +50 -32
  550. package/dist/interaction_client/BaseInteractionClient.d.ts.map +1 -1
  551. package/dist/interaction_client/BaseInteractionClient.mjs +116 -97
  552. package/dist/interaction_client/BaseInteractionClient.mjs.map +1 -1
  553. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.d.ts +2 -2
  554. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.d.ts.map +1 -1
  555. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +3 -3
  556. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs.map +1 -1
  557. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts +5 -3
  558. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  559. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +72 -87
  560. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  561. package/dist/interaction_client/PopupClient.d.ts +1 -16
  562. package/dist/interaction_client/PopupClient.d.ts.map +1 -1
  563. package/dist/interaction_client/PopupClient.mjs +66 -145
  564. package/dist/interaction_client/PopupClient.mjs.map +1 -1
  565. package/dist/interaction_client/RedirectClient.d.ts +8 -4
  566. package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
  567. package/dist/interaction_client/RedirectClient.mjs +78 -85
  568. package/dist/interaction_client/RedirectClient.mjs.map +1 -1
  569. package/dist/interaction_client/SilentAuthCodeClient.d.ts +1 -1
  570. package/dist/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  571. package/dist/interaction_client/SilentAuthCodeClient.mjs +17 -10
  572. package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
  573. package/dist/interaction_client/SilentCacheClient.d.ts.map +1 -1
  574. package/dist/interaction_client/SilentCacheClient.mjs +11 -10
  575. package/dist/interaction_client/SilentCacheClient.mjs.map +1 -1
  576. package/dist/interaction_client/SilentIframeClient.d.ts +1 -1
  577. package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
  578. package/dist/interaction_client/SilentIframeClient.mjs +43 -50
  579. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  580. package/dist/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  581. package/dist/interaction_client/SilentRefreshClient.mjs +9 -8
  582. package/dist/interaction_client/SilentRefreshClient.mjs.map +1 -1
  583. package/dist/interaction_client/StandardInteractionClient.d.ts +17 -7
  584. package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  585. package/dist/interaction_client/StandardInteractionClient.mjs +63 -67
  586. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  587. package/dist/interaction_handler/InteractionHandler.d.ts +2 -3
  588. package/dist/interaction_handler/InteractionHandler.d.ts.map +1 -1
  589. package/dist/interaction_handler/InteractionHandler.mjs +7 -13
  590. package/dist/interaction_handler/InteractionHandler.mjs.map +1 -1
  591. package/dist/interaction_handler/SilentHandler.d.ts +2 -8
  592. package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
  593. package/dist/interaction_handler/SilentHandler.mjs +8 -97
  594. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  595. package/dist/log-strings-mapping.json +1135 -0
  596. package/dist/naa/BridgeError.mjs +1 -1
  597. package/dist/naa/BridgeProxy.mjs +1 -1
  598. package/dist/naa/BridgeStatusCode.mjs +1 -1
  599. package/dist/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  600. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +9 -6
  601. package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
  602. package/dist/navigation/NavigationClient.mjs +1 -1
  603. package/dist/network/FetchClient.mjs +1 -1
  604. package/dist/operatingcontext/BaseOperatingContext.d.ts +2 -1
  605. package/dist/operatingcontext/BaseOperatingContext.d.ts.map +1 -1
  606. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  607. package/dist/operatingcontext/BaseOperatingContext.mjs.map +1 -1
  608. package/dist/operatingcontext/NestedAppOperatingContext.d.ts +2 -1
  609. package/dist/operatingcontext/NestedAppOperatingContext.d.ts.map +1 -1
  610. package/dist/operatingcontext/NestedAppOperatingContext.mjs +5 -4
  611. package/dist/operatingcontext/NestedAppOperatingContext.mjs.map +1 -1
  612. package/dist/operatingcontext/StandardOperatingContext.d.ts +1 -1
  613. package/dist/operatingcontext/StandardOperatingContext.d.ts.map +1 -1
  614. package/dist/operatingcontext/StandardOperatingContext.mjs +3 -2
  615. package/dist/operatingcontext/StandardOperatingContext.mjs.map +1 -1
  616. package/dist/packageMetadata.d.ts +1 -1
  617. package/dist/packageMetadata.d.ts.map +1 -1
  618. package/dist/packageMetadata.mjs +2 -2
  619. package/dist/protocol/Authorize.d.ts.map +1 -1
  620. package/dist/protocol/Authorize.mjs +37 -29
  621. package/dist/protocol/Authorize.mjs.map +1 -1
  622. package/dist/redirect-bridge/app/IPublicClientApplication.d.ts +48 -0
  623. package/dist/redirect-bridge/app/IPublicClientApplication.d.ts.map +1 -0
  624. package/dist/{app/PublicClientNext.d.ts → redirect-bridge/app/PublicClientApplication.d.ts} +35 -66
  625. package/dist/redirect-bridge/app/PublicClientApplication.d.ts.map +1 -0
  626. package/dist/redirect-bridge/broker/nativeBroker/IPlatformAuthHandler.d.ts +12 -0
  627. package/dist/redirect-bridge/broker/nativeBroker/IPlatformAuthHandler.d.ts.map +1 -0
  628. package/dist/redirect-bridge/broker/nativeBroker/NativeStatusCodes.d.ts +9 -0
  629. package/dist/redirect-bridge/broker/nativeBroker/NativeStatusCodes.d.ts.map +1 -0
  630. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthDOMHandler.d.ts +30 -0
  631. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -0
  632. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts +63 -0
  633. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -0
  634. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthProvider.d.ts +28 -0
  635. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -0
  636. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts +78 -0
  637. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -0
  638. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthResponse.d.ts +71 -0
  639. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthResponse.d.ts.map +1 -0
  640. package/dist/redirect-bridge/cache/AccountManager.d.ts +24 -0
  641. package/dist/redirect-bridge/cache/AccountManager.d.ts.map +1 -0
  642. package/dist/redirect-bridge/cache/AsyncMemoryStorage.d.ts +58 -0
  643. package/dist/redirect-bridge/cache/AsyncMemoryStorage.d.ts.map +1 -0
  644. package/dist/redirect-bridge/cache/BrowserCacheManager.d.ts +366 -0
  645. package/dist/redirect-bridge/cache/BrowserCacheManager.d.ts.map +1 -0
  646. package/dist/redirect-bridge/cache/CacheHelpers.d.ts +16 -0
  647. package/dist/redirect-bridge/cache/CacheHelpers.d.ts.map +1 -0
  648. package/dist/redirect-bridge/cache/CacheKeys.d.ts +14 -0
  649. package/dist/redirect-bridge/cache/CacheKeys.d.ts.map +1 -0
  650. package/dist/redirect-bridge/cache/CacheKeys.mjs +10 -0
  651. package/dist/redirect-bridge/cache/CacheKeys.mjs.map +1 -0
  652. package/dist/redirect-bridge/cache/CookieStorage.d.ts +23 -0
  653. package/dist/redirect-bridge/cache/CookieStorage.d.ts.map +1 -0
  654. package/dist/redirect-bridge/cache/DatabaseStorage.d.ts +57 -0
  655. package/dist/redirect-bridge/cache/DatabaseStorage.d.ts.map +1 -0
  656. package/dist/redirect-bridge/cache/EncryptedData.d.ts +8 -0
  657. package/dist/redirect-bridge/cache/EncryptedData.d.ts.map +1 -0
  658. package/dist/redirect-bridge/cache/IAsyncStorage.d.ts +33 -0
  659. package/dist/redirect-bridge/cache/IAsyncStorage.d.ts.map +1 -0
  660. package/dist/redirect-bridge/cache/IWindowStorage.d.ts +42 -0
  661. package/dist/redirect-bridge/cache/IWindowStorage.d.ts.map +1 -0
  662. package/dist/redirect-bridge/cache/LocalStorage.d.ts +51 -0
  663. package/dist/redirect-bridge/cache/LocalStorage.d.ts.map +1 -0
  664. package/dist/redirect-bridge/cache/MemoryStorage.d.ts +16 -0
  665. package/dist/redirect-bridge/cache/MemoryStorage.d.ts.map +1 -0
  666. package/dist/redirect-bridge/cache/SessionStorage.d.ts +14 -0
  667. package/dist/redirect-bridge/cache/SessionStorage.d.ts.map +1 -0
  668. package/dist/redirect-bridge/cache/TokenCache.d.ts +18 -0
  669. package/dist/redirect-bridge/cache/TokenCache.d.ts.map +1 -0
  670. package/dist/redirect-bridge/config/Configuration.d.ts +175 -0
  671. package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -0
  672. package/dist/redirect-bridge/config/Configuration.mjs +10 -0
  673. package/dist/redirect-bridge/config/Configuration.mjs.map +1 -0
  674. package/dist/redirect-bridge/controllers/IController.d.ts +3 -0
  675. package/dist/redirect-bridge/controllers/IController.d.ts.map +1 -0
  676. package/dist/redirect-bridge/controllers/NestedAppAuthController.d.ts +159 -0
  677. package/dist/redirect-bridge/controllers/NestedAppAuthController.d.ts.map +1 -0
  678. package/{lib/custom-auth-path/types/app/PublicClientNext.d.ts → dist/redirect-bridge/controllers/StandardController.d.ts} +253 -151
  679. package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -0
  680. package/dist/redirect-bridge/controllers/UnknownOperatingContextController.d.ts +73 -0
  681. package/dist/redirect-bridge/controllers/UnknownOperatingContextController.d.ts.map +1 -0
  682. package/dist/redirect-bridge/crypto/BrowserCrypto.d.ts +96 -0
  683. package/dist/redirect-bridge/crypto/BrowserCrypto.d.ts.map +1 -0
  684. package/dist/redirect-bridge/crypto/CryptoOps.d.ts +77 -0
  685. package/dist/redirect-bridge/crypto/CryptoOps.d.ts.map +1 -0
  686. package/dist/redirect-bridge/crypto/PkceGenerator.d.ts +9 -0
  687. package/dist/redirect-bridge/crypto/PkceGenerator.d.ts.map +1 -0
  688. package/dist/redirect-bridge/crypto/SignedHttpRequest.d.ts +32 -0
  689. package/dist/redirect-bridge/crypto/SignedHttpRequest.d.ts.map +1 -0
  690. package/dist/redirect-bridge/custom_auth/CustomAuthActionInputs.d.ts +29 -0
  691. package/dist/redirect-bridge/custom_auth/CustomAuthActionInputs.d.ts.map +1 -0
  692. package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +35 -0
  693. package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts.map +1 -0
  694. package/dist/redirect-bridge/custom_auth/CustomAuthPublicClientApplication.d.ts +55 -0
  695. package/dist/redirect-bridge/custom_auth/CustomAuthPublicClientApplication.d.ts.map +1 -0
  696. package/dist/redirect-bridge/custom_auth/ICustomAuthPublicClientApplication.d.ts +33 -0
  697. package/dist/redirect-bridge/custom_auth/ICustomAuthPublicClientApplication.d.ts.map +1 -0
  698. package/dist/redirect-bridge/custom_auth/UserAccountAttributes.d.ts +12 -0
  699. package/dist/redirect-bridge/custom_auth/UserAccountAttributes.d.ts.map +1 -0
  700. package/dist/redirect-bridge/custom_auth/configuration/CustomAuthConfiguration.d.ts +14 -0
  701. package/dist/redirect-bridge/custom_auth/configuration/CustomAuthConfiguration.d.ts.map +1 -0
  702. package/dist/redirect-bridge/custom_auth/controller/CustomAuthStandardController.d.ts +27 -0
  703. package/dist/redirect-bridge/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -0
  704. package/dist/redirect-bridge/custom_auth/controller/ICustomAuthStandardController.d.ts +13 -0
  705. package/dist/redirect-bridge/custom_auth/controller/ICustomAuthStandardController.d.ts.map +1 -0
  706. package/dist/redirect-bridge/custom_auth/core/CustomAuthAuthority.d.ts +29 -0
  707. package/dist/redirect-bridge/custom_auth/core/CustomAuthAuthority.d.ts.map +1 -0
  708. package/dist/redirect-bridge/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts +40 -0
  709. package/dist/redirect-bridge/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts.map +1 -0
  710. package/dist/redirect-bridge/custom_auth/core/auth_flow/AuthFlowResultBase.d.ts +11 -0
  711. package/dist/redirect-bridge/custom_auth/core/auth_flow/AuthFlowResultBase.d.ts.map +1 -0
  712. package/dist/redirect-bridge/custom_auth/core/auth_flow/AuthFlowState.d.ts +31 -0
  713. package/dist/redirect-bridge/custom_auth/core/auth_flow/AuthFlowState.d.ts.map +1 -0
  714. package/dist/redirect-bridge/custom_auth/core/auth_flow/AuthFlowStateTypes.d.ts +29 -0
  715. package/dist/redirect-bridge/custom_auth/core/auth_flow/AuthFlowStateTypes.d.ts.map +1 -0
  716. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/AuthMethodDetails.d.ts +15 -0
  717. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/AuthMethodDetails.d.ts.map +1 -0
  718. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.d.ts +27 -0
  719. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.d.ts.map +1 -0
  720. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts +47 -0
  721. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts.map +1 -0
  722. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts +37 -0
  723. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts.map +1 -0
  724. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.d.ts +11 -0
  725. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.d.ts.map +1 -0
  726. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.d.ts +11 -0
  727. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.d.ts.map +1 -0
  728. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts +82 -0
  729. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts.map +1 -0
  730. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationStateParameters.d.ts +20 -0
  731. package/dist/redirect-bridge/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationStateParameters.d.ts.map +1 -0
  732. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts +27 -0
  733. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts.map +1 -0
  734. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts +40 -0
  735. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts.map +1 -0
  736. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts +34 -0
  737. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts.map +1 -0
  738. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.d.ts +11 -0
  739. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.d.ts.map +1 -0
  740. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/state/MfaFailedState.d.ts +11 -0
  741. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/state/MfaFailedState.d.ts.map +1 -0
  742. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts +67 -0
  743. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts.map +1 -0
  744. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/state/MfaStateParameters.d.ts +19 -0
  745. package/dist/redirect-bridge/custom_auth/core/auth_flow/mfa/state/MfaStateParameters.d.ts.map +1 -0
  746. package/dist/redirect-bridge/custom_auth/core/error/CustomAuthApiError.d.ts +20 -0
  747. package/dist/redirect-bridge/custom_auth/core/error/CustomAuthApiError.d.ts.map +1 -0
  748. package/dist/redirect-bridge/custom_auth/core/error/CustomAuthError.d.ts +9 -0
  749. package/dist/redirect-bridge/custom_auth/core/error/CustomAuthError.d.ts.map +1 -0
  750. package/dist/redirect-bridge/custom_auth/core/error/HttpError.d.ts +5 -0
  751. package/dist/redirect-bridge/custom_auth/core/error/HttpError.d.ts.map +1 -0
  752. package/dist/redirect-bridge/custom_auth/core/error/HttpErrorCodes.d.ts +3 -0
  753. package/dist/redirect-bridge/custom_auth/core/error/HttpErrorCodes.d.ts.map +1 -0
  754. package/dist/redirect-bridge/custom_auth/core/error/InvalidArgumentError.d.ts +5 -0
  755. package/dist/redirect-bridge/custom_auth/core/error/InvalidArgumentError.d.ts.map +1 -0
  756. package/dist/redirect-bridge/custom_auth/core/error/InvalidConfigurationError.d.ts +5 -0
  757. package/dist/redirect-bridge/custom_auth/core/error/InvalidConfigurationError.d.ts.map +1 -0
  758. package/dist/redirect-bridge/custom_auth/core/error/InvalidConfigurationErrorCodes.d.ts +4 -0
  759. package/dist/redirect-bridge/custom_auth/core/error/InvalidConfigurationErrorCodes.d.ts.map +1 -0
  760. package/dist/redirect-bridge/custom_auth/core/error/MethodNotImplementedError.d.ts +5 -0
  761. package/dist/redirect-bridge/custom_auth/core/error/MethodNotImplementedError.d.ts.map +1 -0
  762. package/dist/redirect-bridge/custom_auth/core/error/MsalCustomAuthError.d.ts +5 -0
  763. package/dist/redirect-bridge/custom_auth/core/error/MsalCustomAuthError.d.ts.map +1 -0
  764. package/dist/redirect-bridge/custom_auth/core/error/NoCachedAccountFoundError.d.ts +5 -0
  765. package/dist/redirect-bridge/custom_auth/core/error/NoCachedAccountFoundError.d.ts.map +1 -0
  766. package/dist/redirect-bridge/custom_auth/core/error/ParsedUrlError.d.ts +5 -0
  767. package/dist/redirect-bridge/custom_auth/core/error/ParsedUrlError.d.ts.map +1 -0
  768. package/dist/redirect-bridge/custom_auth/core/error/ParsedUrlErrorCodes.d.ts +2 -0
  769. package/dist/redirect-bridge/custom_auth/core/error/ParsedUrlErrorCodes.d.ts.map +1 -0
  770. package/dist/redirect-bridge/custom_auth/core/error/UnexpectedError.d.ts +5 -0
  771. package/dist/redirect-bridge/custom_auth/core/error/UnexpectedError.d.ts.map +1 -0
  772. package/dist/redirect-bridge/custom_auth/core/error/UnsupportedEnvironmentError.d.ts +5 -0
  773. package/dist/redirect-bridge/custom_auth/core/error/UnsupportedEnvironmentError.d.ts.map +1 -0
  774. package/dist/redirect-bridge/custom_auth/core/error/UserAccountAttributeError.d.ts +5 -0
  775. package/dist/redirect-bridge/custom_auth/core/error/UserAccountAttributeError.d.ts.map +1 -0
  776. package/dist/redirect-bridge/custom_auth/core/error/UserAccountAttributeErrorCodes.d.ts +2 -0
  777. package/dist/redirect-bridge/custom_auth/core/error/UserAccountAttributeErrorCodes.d.ts.map +1 -0
  778. package/dist/redirect-bridge/custom_auth/core/error/UserAlreadySignedInError.d.ts +5 -0
  779. package/dist/redirect-bridge/custom_auth/core/error/UserAlreadySignedInError.d.ts.map +1 -0
  780. package/dist/redirect-bridge/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts +34 -0
  781. package/dist/redirect-bridge/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -0
  782. package/dist/redirect-bridge/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.d.ts +22 -0
  783. package/dist/redirect-bridge/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.d.ts.map +1 -0
  784. package/dist/redirect-bridge/custom_auth/core/interaction_client/jit/JitClient.d.ts +21 -0
  785. package/dist/redirect-bridge/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -0
  786. package/dist/redirect-bridge/custom_auth/core/interaction_client/jit/parameter/JitParams.d.ts +20 -0
  787. package/dist/redirect-bridge/custom_auth/core/interaction_client/jit/parameter/JitParams.d.ts.map +1 -0
  788. package/dist/redirect-bridge/custom_auth/core/interaction_client/jit/result/JitActionResult.d.ts +22 -0
  789. package/dist/redirect-bridge/custom_auth/core/interaction_client/jit/result/JitActionResult.d.ts.map +1 -0
  790. package/dist/redirect-bridge/custom_auth/core/interaction_client/mfa/MfaClient.d.ts +21 -0
  791. package/dist/redirect-bridge/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -0
  792. package/dist/redirect-bridge/custom_auth/core/interaction_client/mfa/parameter/MfaClientParameters.d.ts +14 -0
  793. package/dist/redirect-bridge/custom_auth/core/interaction_client/mfa/parameter/MfaClientParameters.d.ts.map +1 -0
  794. package/dist/redirect-bridge/custom_auth/core/interaction_client/mfa/result/MfaActionResult.d.ts +23 -0
  795. package/dist/redirect-bridge/custom_auth/core/interaction_client/mfa/result/MfaActionResult.d.ts.map +1 -0
  796. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts +15 -0
  797. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts.map +1 -0
  798. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts +14 -0
  799. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts.map +1 -0
  800. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.d.ts +16 -0
  801. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.d.ts.map +1 -0
  802. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/ICustomAuthApiClient.d.ts +11 -0
  803. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/ICustomAuthApiClient.d.ts.map +1 -0
  804. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.d.ts +18 -0
  805. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.d.ts.map +1 -0
  806. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts +34 -0
  807. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts.map +1 -0
  808. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts +37 -0
  809. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts.map +1 -0
  810. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts +23 -0
  811. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts.map +1 -0
  812. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.d.ts +23 -0
  813. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.d.ts.map +1 -0
  814. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/types/ApiErrorResponseTypes.d.ts +29 -0
  815. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/types/ApiErrorResponseTypes.d.ts.map +1 -0
  816. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/types/ApiRequestTypes.d.ts +86 -0
  817. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/types/ApiRequestTypes.d.ts.map +1 -0
  818. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/types/ApiResponseTypes.d.ts +71 -0
  819. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/types/ApiResponseTypes.d.ts.map +1 -0
  820. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts +13 -0
  821. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts.map +1 -0
  822. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/types/ApiTypesBase.d.ts +9 -0
  823. package/dist/redirect-bridge/custom_auth/core/network_client/custom_auth_api/types/ApiTypesBase.d.ts.map +1 -0
  824. package/dist/redirect-bridge/custom_auth/core/network_client/http_client/FetchHttpClient.d.ts +13 -0
  825. package/dist/redirect-bridge/custom_auth/core/network_client/http_client/FetchHttpClient.d.ts.map +1 -0
  826. package/dist/redirect-bridge/custom_auth/core/network_client/http_client/IHttpClient.d.ts +35 -0
  827. package/dist/redirect-bridge/custom_auth/core/network_client/http_client/IHttpClient.d.ts.map +1 -0
  828. package/dist/redirect-bridge/custom_auth/core/telemetry/PublicApiId.d.ts +25 -0
  829. package/dist/redirect-bridge/custom_auth/core/telemetry/PublicApiId.d.ts.map +1 -0
  830. package/dist/redirect-bridge/custom_auth/core/utils/ArgumentValidator.d.ts +4 -0
  831. package/dist/redirect-bridge/custom_auth/core/utils/ArgumentValidator.d.ts.map +1 -0
  832. package/dist/redirect-bridge/custom_auth/core/utils/UrlUtils.d.ts +3 -0
  833. package/dist/redirect-bridge/custom_auth/core/utils/UrlUtils.d.ts.map +1 -0
  834. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/CustomAuthAccountData.d.ts +47 -0
  835. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/CustomAuthAccountData.d.ts.map +1 -0
  836. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/error_type/GetAccountError.d.ts +32 -0
  837. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/error_type/GetAccountError.d.ts.map +1 -0
  838. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.d.ts +37 -0
  839. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.d.ts.map +1 -0
  840. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/result/GetAccountResult.d.ts +36 -0
  841. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/result/GetAccountResult.d.ts.map +1 -0
  842. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/result/SignOutResult.d.ts +35 -0
  843. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/result/SignOutResult.d.ts.map +1 -0
  844. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/state/GetAccessTokenState.d.ts +20 -0
  845. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/state/GetAccessTokenState.d.ts.map +1 -0
  846. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/state/GetAccountState.d.ts +20 -0
  847. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/state/GetAccountState.d.ts.map +1 -0
  848. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/state/SignOutState.d.ts +20 -0
  849. package/dist/redirect-bridge/custom_auth/get_account/auth_flow/state/SignOutState.d.ts.map +1 -0
  850. package/dist/redirect-bridge/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts +21 -0
  851. package/dist/redirect-bridge/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -0
  852. package/dist/redirect-bridge/custom_auth/index.d.ts +84 -0
  853. package/dist/redirect-bridge/custom_auth/index.d.ts.map +1 -0
  854. package/dist/redirect-bridge/custom_auth/operating_context/CustomAuthOperatingContext.d.ts +13 -0
  855. package/dist/redirect-bridge/custom_auth/operating_context/CustomAuthOperatingContext.d.ts.map +1 -0
  856. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.d.ts +40 -0
  857. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.d.ts.map +1 -0
  858. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.d.ts +37 -0
  859. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.d.ts.map +1 -0
  860. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.d.ts +37 -0
  861. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.d.ts.map +1 -0
  862. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.d.ts +37 -0
  863. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.d.ts.map +1 -0
  864. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.d.ts +32 -0
  865. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.d.ts.map +1 -0
  866. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.d.ts +27 -0
  867. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.d.ts.map +1 -0
  868. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.d.ts +11 -0
  869. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.d.ts.map +1 -0
  870. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.d.ts +11 -0
  871. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.d.ts.map +1 -0
  872. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.d.ts +16 -0
  873. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.d.ts.map +1 -0
  874. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/state/ResetPasswordState.d.ts +6 -0
  875. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/state/ResetPasswordState.d.ts.map +1 -0
  876. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/state/ResetPasswordStateParameters.d.ts +19 -0
  877. package/dist/redirect-bridge/custom_auth/reset_password/auth_flow/state/ResetPasswordStateParameters.d.ts.map +1 -0
  878. package/dist/redirect-bridge/custom_auth/reset_password/interaction_client/ResetPasswordClient.d.ts +33 -0
  879. package/dist/redirect-bridge/custom_auth/reset_password/interaction_client/ResetPasswordClient.d.ts.map +1 -0
  880. package/dist/redirect-bridge/custom_auth/reset_password/interaction_client/parameter/ResetPasswordParams.d.ts +19 -0
  881. package/dist/redirect-bridge/custom_auth/reset_password/interaction_client/parameter/ResetPasswordParams.d.ts.map +1 -0
  882. package/dist/redirect-bridge/custom_auth/reset_password/interaction_client/result/ResetPasswordActionResult.d.ts +14 -0
  883. package/dist/redirect-bridge/custom_auth/reset_password/interaction_client/result/ResetPasswordActionResult.d.ts.map +1 -0
  884. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/SignInScenario.d.ts +6 -0
  885. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/SignInScenario.d.ts.map +1 -0
  886. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/error_type/SignInError.d.ts +45 -0
  887. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/error_type/SignInError.d.ts.map +1 -0
  888. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.d.ts +37 -0
  889. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.d.ts.map +1 -0
  890. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts +72 -0
  891. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts.map +1 -0
  892. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts +51 -0
  893. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts.map +1 -0
  894. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts +46 -0
  895. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts.map +1 -0
  896. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.d.ts +33 -0
  897. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.d.ts.map +1 -0
  898. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInCompletedState.d.ts +12 -0
  899. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInCompletedState.d.ts.map +1 -0
  900. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInContinuationState.d.ts +17 -0
  901. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInContinuationState.d.ts.map +1 -0
  902. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInFailedState.d.ts +11 -0
  903. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInFailedState.d.ts.map +1 -0
  904. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.d.ts +21 -0
  905. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.d.ts.map +1 -0
  906. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInState.d.ts +22 -0
  907. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInState.d.ts.map +1 -0
  908. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInStateParameters.d.ts +25 -0
  909. package/dist/redirect-bridge/custom_auth/sign_in/auth_flow/state/SignInStateParameters.d.ts.map +1 -0
  910. package/dist/redirect-bridge/custom_auth/sign_in/interaction_client/SignInClient.d.ts +49 -0
  911. package/dist/redirect-bridge/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -0
  912. package/dist/redirect-bridge/custom_auth/sign_in/interaction_client/parameter/SignInParams.d.ts +32 -0
  913. package/dist/redirect-bridge/custom_auth/sign_in/interaction_client/parameter/SignInParams.d.ts.map +1 -0
  914. package/dist/redirect-bridge/custom_auth/sign_in/interaction_client/result/SignInActionResult.d.ts +43 -0
  915. package/dist/redirect-bridge/custom_auth/sign_in/interaction_client/result/SignInActionResult.d.ts.map +1 -0
  916. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/error_type/SignUpError.d.ts +62 -0
  917. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/error_type/SignUpError.d.ts.map +1 -0
  918. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.d.ts +37 -0
  919. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.d.ts.map +1 -0
  920. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/result/SignUpResult.d.ts +53 -0
  921. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/result/SignUpResult.d.ts.map +1 -0
  922. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.d.ts +37 -0
  923. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.d.ts.map +1 -0
  924. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.d.ts +53 -0
  925. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.d.ts.map +1 -0
  926. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.d.ts +45 -0
  927. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.d.ts.map +1 -0
  928. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.d.ts +25 -0
  929. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.d.ts.map +1 -0
  930. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.d.ts +32 -0
  931. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.d.ts.map +1 -0
  932. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.d.ts +11 -0
  933. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.d.ts.map +1 -0
  934. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpFailedState.d.ts +11 -0
  935. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpFailedState.d.ts.map +1 -0
  936. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.d.ts +16 -0
  937. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.d.ts.map +1 -0
  938. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpState.d.ts +6 -0
  939. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpState.d.ts.map +1 -0
  940. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpStateParameters.d.ts +24 -0
  941. package/dist/redirect-bridge/custom_auth/sign_up/auth_flow/state/SignUpStateParameters.d.ts.map +1 -0
  942. package/dist/redirect-bridge/custom_auth/sign_up/interaction_client/SignUpClient.d.ts +41 -0
  943. package/dist/redirect-bridge/custom_auth/sign_up/interaction_client/SignUpClient.d.ts.map +1 -0
  944. package/dist/redirect-bridge/custom_auth/sign_up/interaction_client/parameter/SignUpParams.d.ts +26 -0
  945. package/dist/redirect-bridge/custom_auth/sign_up/interaction_client/parameter/SignUpParams.d.ts.map +1 -0
  946. package/dist/redirect-bridge/custom_auth/sign_up/interaction_client/result/SignUpActionResult.d.ts +34 -0
  947. package/dist/redirect-bridge/custom_auth/sign_up/interaction_client/result/SignUpActionResult.d.ts.map +1 -0
  948. package/dist/redirect-bridge/encode/Base64Decode.d.ts +15 -0
  949. package/dist/redirect-bridge/encode/Base64Decode.d.ts.map +1 -0
  950. package/dist/redirect-bridge/encode/Base64Decode.mjs +44 -0
  951. package/dist/redirect-bridge/encode/Base64Decode.mjs.map +1 -0
  952. package/dist/redirect-bridge/encode/Base64Encode.d.ts +20 -0
  953. package/dist/redirect-bridge/encode/Base64Encode.d.ts.map +1 -0
  954. package/dist/redirect-bridge/error/BrowserAuthError.d.ts +12 -0
  955. package/dist/redirect-bridge/error/BrowserAuthError.d.ts.map +1 -0
  956. package/dist/redirect-bridge/error/BrowserAuthError.mjs +27 -0
  957. package/dist/redirect-bridge/error/BrowserAuthError.mjs.map +1 -0
  958. package/dist/redirect-bridge/error/BrowserAuthErrorCodes.d.ts +53 -0
  959. package/dist/redirect-bridge/error/BrowserAuthErrorCodes.d.ts.map +1 -0
  960. package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +14 -0
  961. package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs.map +1 -0
  962. package/dist/redirect-bridge/error/BrowserConfigurationAuthError.d.ts +11 -0
  963. package/dist/redirect-bridge/error/BrowserConfigurationAuthError.d.ts.map +1 -0
  964. package/dist/redirect-bridge/error/BrowserConfigurationAuthErrorCodes.d.ts +4 -0
  965. package/dist/redirect-bridge/error/BrowserConfigurationAuthErrorCodes.d.ts.map +1 -0
  966. package/dist/redirect-bridge/error/NativeAuthError.d.ts +27 -0
  967. package/dist/redirect-bridge/error/NativeAuthError.d.ts.map +1 -0
  968. package/dist/redirect-bridge/error/NativeAuthErrorCodes.d.ts +5 -0
  969. package/dist/redirect-bridge/error/NativeAuthErrorCodes.d.ts.map +1 -0
  970. package/dist/redirect-bridge/error/NestedAppAuthError.d.ts +6 -0
  971. package/dist/redirect-bridge/error/NestedAppAuthError.d.ts.map +1 -0
  972. package/dist/redirect-bridge/event/EventHandler.d.ts +49 -0
  973. package/dist/redirect-bridge/event/EventHandler.d.ts.map +1 -0
  974. package/dist/redirect-bridge/event/EventMessage.d.ts +40 -0
  975. package/dist/redirect-bridge/event/EventMessage.d.ts.map +1 -0
  976. package/dist/redirect-bridge/event/EventType.d.ts +24 -0
  977. package/dist/redirect-bridge/event/EventType.d.ts.map +1 -0
  978. package/dist/redirect-bridge/index.d.ts +73 -0
  979. package/dist/redirect-bridge/index.d.ts.map +1 -0
  980. package/dist/redirect-bridge/interaction_client/BaseInteractionClient.d.ts +77 -0
  981. package/dist/redirect-bridge/interaction_client/BaseInteractionClient.d.ts.map +1 -0
  982. package/dist/redirect-bridge/interaction_client/HybridSpaAuthorizationCodeClient.d.ts +5 -0
  983. package/dist/redirect-bridge/interaction_client/HybridSpaAuthorizationCodeClient.d.ts.map +1 -0
  984. package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts +151 -0
  985. package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -0
  986. package/dist/redirect-bridge/interaction_client/PopupClient.d.ts +106 -0
  987. package/dist/redirect-bridge/interaction_client/PopupClient.d.ts.map +1 -0
  988. package/dist/redirect-bridge/interaction_client/RedirectClient.d.ts +77 -0
  989. package/dist/redirect-bridge/interaction_client/RedirectClient.d.ts.map +1 -0
  990. package/dist/redirect-bridge/interaction_client/SilentAuthCodeClient.d.ts +24 -0
  991. package/dist/redirect-bridge/interaction_client/SilentAuthCodeClient.d.ts.map +1 -0
  992. package/dist/redirect-bridge/interaction_client/SilentCacheClient.d.ts +17 -0
  993. package/dist/redirect-bridge/interaction_client/SilentCacheClient.d.ts.map +1 -0
  994. package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts +43 -0
  995. package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -0
  996. package/dist/redirect-bridge/interaction_client/SilentRefreshClient.d.ts +32 -0
  997. package/dist/redirect-bridge/interaction_client/SilentRefreshClient.d.ts.map +1 -0
  998. package/dist/redirect-bridge/interaction_client/StandardInteractionClient.d.ts +76 -0
  999. package/dist/redirect-bridge/interaction_client/StandardInteractionClient.d.ts.map +1 -0
  1000. package/dist/redirect-bridge/interaction_handler/InteractionHandler.d.ts +32 -0
  1001. package/dist/redirect-bridge/interaction_handler/InteractionHandler.d.ts.map +1 -0
  1002. package/dist/redirect-bridge/interaction_handler/SilentHandler.d.ts +11 -0
  1003. package/dist/redirect-bridge/interaction_handler/SilentHandler.d.ts.map +1 -0
  1004. package/dist/redirect-bridge/naa/AccountInfo.d.ts +13 -0
  1005. package/dist/redirect-bridge/naa/AccountInfo.d.ts.map +1 -0
  1006. package/dist/redirect-bridge/naa/AuthBridge.d.ts +9 -0
  1007. package/dist/redirect-bridge/naa/AuthBridge.d.ts.map +1 -0
  1008. package/dist/redirect-bridge/naa/AuthResult.d.ts +7 -0
  1009. package/dist/redirect-bridge/naa/AuthResult.d.ts.map +1 -0
  1010. package/dist/redirect-bridge/naa/BridgeAccountContext.d.ts +13 -0
  1011. package/dist/redirect-bridge/naa/BridgeAccountContext.d.ts.map +1 -0
  1012. package/dist/redirect-bridge/naa/BridgeCapabilities.d.ts +4 -0
  1013. package/dist/redirect-bridge/naa/BridgeCapabilities.d.ts.map +1 -0
  1014. package/dist/redirect-bridge/naa/BridgeError.d.ts +10 -0
  1015. package/dist/redirect-bridge/naa/BridgeError.d.ts.map +1 -0
  1016. package/dist/redirect-bridge/naa/BridgeProxy.d.ts +69 -0
  1017. package/dist/redirect-bridge/naa/BridgeProxy.d.ts.map +1 -0
  1018. package/dist/redirect-bridge/naa/BridgeRequest.d.ts +8 -0
  1019. package/dist/redirect-bridge/naa/BridgeRequest.d.ts.map +1 -0
  1020. package/dist/redirect-bridge/naa/BridgeRequestEnvelope.d.ts +13 -0
  1021. package/dist/redirect-bridge/naa/BridgeRequestEnvelope.d.ts.map +1 -0
  1022. package/dist/redirect-bridge/naa/BridgeResponseEnvelope.d.ts +14 -0
  1023. package/dist/redirect-bridge/naa/BridgeResponseEnvelope.d.ts.map +1 -0
  1024. package/dist/redirect-bridge/naa/BridgeStatusCode.d.ts +12 -0
  1025. package/dist/redirect-bridge/naa/BridgeStatusCode.d.ts.map +1 -0
  1026. package/dist/redirect-bridge/naa/IBridgeProxy.d.ts +11 -0
  1027. package/dist/redirect-bridge/naa/IBridgeProxy.d.ts.map +1 -0
  1028. package/dist/redirect-bridge/naa/InitContext.d.ts +9 -0
  1029. package/dist/redirect-bridge/naa/InitContext.d.ts.map +1 -0
  1030. package/dist/redirect-bridge/naa/TokenRequest.d.ts +20 -0
  1031. package/dist/redirect-bridge/naa/TokenRequest.d.ts.map +1 -0
  1032. package/dist/redirect-bridge/naa/TokenResponse.d.ts +14 -0
  1033. package/dist/redirect-bridge/naa/TokenResponse.d.ts.map +1 -0
  1034. package/dist/redirect-bridge/naa/mapping/NestedAppAuthAdapter.d.ts +36 -0
  1035. package/dist/redirect-bridge/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -0
  1036. package/dist/redirect-bridge/navigation/INavigationClient.d.ts +17 -0
  1037. package/dist/redirect-bridge/navigation/INavigationClient.d.ts.map +1 -0
  1038. package/dist/redirect-bridge/navigation/NavigationClient.d.ts +23 -0
  1039. package/dist/redirect-bridge/navigation/NavigationClient.d.ts.map +1 -0
  1040. package/dist/redirect-bridge/navigation/NavigationClient.mjs +48 -0
  1041. package/dist/redirect-bridge/navigation/NavigationClient.mjs.map +1 -0
  1042. package/dist/redirect-bridge/navigation/NavigationOptions.d.ts +13 -0
  1043. package/dist/redirect-bridge/navigation/NavigationOptions.d.ts.map +1 -0
  1044. package/dist/redirect-bridge/network/FetchClient.d.ts +21 -0
  1045. package/dist/redirect-bridge/network/FetchClient.d.ts.map +1 -0
  1046. package/dist/redirect-bridge/operatingcontext/BaseOperatingContext.d.ts +43 -0
  1047. package/dist/redirect-bridge/operatingcontext/BaseOperatingContext.d.ts.map +1 -0
  1048. package/dist/redirect-bridge/operatingcontext/NestedAppOperatingContext.d.ts +41 -0
  1049. package/dist/redirect-bridge/operatingcontext/NestedAppOperatingContext.d.ts.map +1 -0
  1050. package/dist/redirect-bridge/operatingcontext/StandardOperatingContext.d.ts +26 -0
  1051. package/dist/redirect-bridge/operatingcontext/StandardOperatingContext.d.ts.map +1 -0
  1052. package/dist/redirect-bridge/operatingcontext/UnknownOperatingContext.d.ts +26 -0
  1053. package/dist/redirect-bridge/operatingcontext/UnknownOperatingContext.d.ts.map +1 -0
  1054. package/dist/redirect-bridge/packageMetadata.d.ts +3 -0
  1055. package/dist/redirect-bridge/packageMetadata.d.ts.map +1 -0
  1056. package/dist/redirect-bridge/protocol/Authorize.d.ts +69 -0
  1057. package/dist/redirect-bridge/protocol/Authorize.d.ts.map +1 -0
  1058. package/dist/redirect-bridge/redirect_bridge/index.d.ts +16 -0
  1059. package/dist/redirect-bridge/redirect_bridge/index.d.ts.map +1 -0
  1060. package/dist/redirect-bridge/redirect_bridge/index.mjs +108 -0
  1061. package/dist/redirect-bridge/redirect_bridge/index.mjs.map +1 -0
  1062. package/dist/redirect-bridge/request/AuthorizationCodeRequest.d.ts +9 -0
  1063. package/dist/redirect-bridge/request/AuthorizationCodeRequest.d.ts.map +1 -0
  1064. package/dist/redirect-bridge/request/ClearCacheRequest.d.ts +11 -0
  1065. package/dist/redirect-bridge/request/ClearCacheRequest.d.ts.map +1 -0
  1066. package/dist/redirect-bridge/request/EndSessionPopupRequest.d.ts +21 -0
  1067. package/dist/redirect-bridge/request/EndSessionPopupRequest.d.ts.map +1 -0
  1068. package/dist/redirect-bridge/request/EndSessionRequest.d.ts +14 -0
  1069. package/dist/redirect-bridge/request/EndSessionRequest.d.ts.map +1 -0
  1070. package/dist/redirect-bridge/request/HandleRedirectPromiseOptions.d.ts +5 -0
  1071. package/dist/redirect-bridge/request/HandleRedirectPromiseOptions.d.ts.map +1 -0
  1072. package/dist/redirect-bridge/request/InitializeApplicationRequest.d.ts +9 -0
  1073. package/dist/redirect-bridge/request/InitializeApplicationRequest.d.ts.map +1 -0
  1074. package/dist/redirect-bridge/request/PopupRequest.d.ts +37 -0
  1075. package/dist/redirect-bridge/request/PopupRequest.d.ts.map +1 -0
  1076. package/dist/redirect-bridge/request/PopupWindowAttributes.d.ts +16 -0
  1077. package/dist/redirect-bridge/request/PopupWindowAttributes.d.ts.map +1 -0
  1078. package/dist/redirect-bridge/request/RedirectRequest.d.ts +32 -0
  1079. package/dist/redirect-bridge/request/RedirectRequest.d.ts.map +1 -0
  1080. package/dist/redirect-bridge/request/RequestHelpers.d.ts +28 -0
  1081. package/dist/redirect-bridge/request/RequestHelpers.d.ts.map +1 -0
  1082. package/dist/redirect-bridge/request/SilentRequest.d.ts +32 -0
  1083. package/dist/redirect-bridge/request/SilentRequest.d.ts.map +1 -0
  1084. package/dist/redirect-bridge/request/SsoSilentRequest.d.ts +27 -0
  1085. package/dist/redirect-bridge/request/SsoSilentRequest.d.ts.map +1 -0
  1086. package/dist/redirect-bridge/response/AuthenticationResult.d.ts +5 -0
  1087. package/dist/redirect-bridge/response/AuthenticationResult.d.ts.map +1 -0
  1088. package/dist/redirect-bridge/response/ResponseHandler.d.ts +8 -0
  1089. package/dist/redirect-bridge/response/ResponseHandler.d.ts.map +1 -0
  1090. package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts +18 -0
  1091. package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -0
  1092. package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts +130 -0
  1093. package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts.map +1 -0
  1094. package/dist/redirect-bridge/telemetry/BrowserPerformanceMeasurement.d.ts +22 -0
  1095. package/dist/redirect-bridge/telemetry/BrowserPerformanceMeasurement.d.ts.map +1 -0
  1096. package/dist/redirect-bridge/telemetry/BrowserRootPerformanceEvents.d.ts +35 -0
  1097. package/dist/redirect-bridge/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -0
  1098. package/dist/redirect-bridge/utils/BrowserConstants.d.ts +162 -0
  1099. package/dist/redirect-bridge/utils/BrowserConstants.d.ts.map +1 -0
  1100. package/dist/redirect-bridge/utils/BrowserConstants.mjs +38 -0
  1101. package/dist/redirect-bridge/utils/BrowserConstants.mjs.map +1 -0
  1102. package/dist/redirect-bridge/utils/BrowserProtocolUtils.d.ts +12 -0
  1103. package/dist/redirect-bridge/utils/BrowserProtocolUtils.d.ts.map +1 -0
  1104. package/dist/redirect-bridge/utils/BrowserUtils.d.ts +111 -0
  1105. package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -0
  1106. package/dist/redirect-bridge/utils/BrowserUtils.mjs +97 -0
  1107. package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -0
  1108. package/dist/redirect-bridge/utils/Helpers.d.ts +7 -0
  1109. package/dist/redirect-bridge/utils/Helpers.d.ts.map +1 -0
  1110. package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts +3 -0
  1111. package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts.map +1 -0
  1112. package/dist/redirect_bridge/index.d.ts +16 -0
  1113. package/dist/redirect_bridge/index.d.ts.map +1 -0
  1114. package/dist/request/AuthorizationCodeRequest.d.ts +1 -1
  1115. package/dist/request/AuthorizationCodeRequest.d.ts.map +1 -1
  1116. package/dist/request/EndSessionPopupRequest.d.ts +1 -1
  1117. package/dist/request/EndSessionPopupRequest.d.ts.map +1 -1
  1118. package/dist/request/EndSessionRequest.d.ts +1 -3
  1119. package/dist/request/EndSessionRequest.d.ts.map +1 -1
  1120. package/dist/request/HandleRedirectPromiseOptions.d.ts +5 -0
  1121. package/dist/request/HandleRedirectPromiseOptions.d.ts.map +1 -0
  1122. package/dist/request/PopupRequest.d.ts +5 -4
  1123. package/dist/request/PopupRequest.d.ts.map +1 -1
  1124. package/dist/request/RedirectRequest.d.ts +3 -11
  1125. package/dist/request/RedirectRequest.d.ts.map +1 -1
  1126. package/dist/request/RequestHelpers.d.ts +7 -3
  1127. package/dist/request/RequestHelpers.d.ts.map +1 -1
  1128. package/dist/request/RequestHelpers.mjs +21 -28
  1129. package/dist/request/RequestHelpers.mjs.map +1 -1
  1130. package/dist/request/SilentRequest.d.ts +3 -4
  1131. package/dist/request/SilentRequest.d.ts.map +1 -1
  1132. package/dist/request/SsoSilentRequest.d.ts +3 -4
  1133. package/dist/request/SsoSilentRequest.d.ts.map +1 -1
  1134. package/dist/response/ResponseHandler.d.ts +1 -1
  1135. package/dist/response/ResponseHandler.d.ts.map +1 -1
  1136. package/dist/response/ResponseHandler.mjs +5 -5
  1137. package/dist/response/ResponseHandler.mjs.map +1 -1
  1138. package/dist/telemetry/BrowserPerformanceClient.d.ts +2 -19
  1139. package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  1140. package/dist/telemetry/BrowserPerformanceClient.mjs +3 -58
  1141. package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
  1142. package/dist/telemetry/BrowserPerformanceEvents.d.ts +130 -0
  1143. package/dist/telemetry/BrowserPerformanceEvents.d.ts.map +1 -0
  1144. package/dist/telemetry/BrowserPerformanceEvents.mjs +124 -0
  1145. package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -0
  1146. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  1147. package/dist/telemetry/BrowserRootPerformanceEvents.d.ts +35 -0
  1148. package/dist/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -0
  1149. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +45 -0
  1150. package/dist/telemetry/BrowserRootPerformanceEvents.mjs.map +1 -0
  1151. package/dist/utils/BrowserConstants.d.ts +0 -12
  1152. package/dist/utils/BrowserConstants.d.ts.map +1 -1
  1153. package/dist/utils/BrowserConstants.mjs +3 -15
  1154. package/dist/utils/BrowserConstants.mjs.map +1 -1
  1155. package/dist/utils/BrowserProtocolUtils.mjs +2 -2
  1156. package/dist/utils/BrowserProtocolUtils.mjs.map +1 -1
  1157. package/dist/utils/BrowserUtils.d.ts +36 -2
  1158. package/dist/utils/BrowserUtils.d.ts.map +1 -1
  1159. package/dist/utils/BrowserUtils.mjs +155 -14
  1160. package/dist/utils/BrowserUtils.mjs.map +1 -1
  1161. package/dist/utils/Helpers.mjs +1 -1
  1162. package/dist/utils/MsalFrameStatsUtils.d.ts +1 -1
  1163. package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  1164. package/dist/utils/MsalFrameStatsUtils.mjs +3 -3
  1165. package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
  1166. package/lib/custom-auth-path/log-strings-mapping.json +1703 -0
  1167. package/lib/custom-auth-path/msal-custom-auth.cjs +6205 -7144
  1168. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  1169. package/lib/custom-auth-path/types/app/IPublicClientApplication.d.ts +3 -10
  1170. package/lib/custom-auth-path/types/app/IPublicClientApplication.d.ts.map +1 -1
  1171. package/lib/custom-auth-path/types/app/PublicClientApplication.d.ts +6 -56
  1172. package/lib/custom-auth-path/types/app/PublicClientApplication.d.ts.map +1 -1
  1173. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  1174. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts +1 -1
  1175. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -1
  1176. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthProvider.d.ts +12 -4
  1177. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
  1178. package/lib/custom-auth-path/types/cache/AccountManager.d.ts +0 -25
  1179. package/lib/custom-auth-path/types/cache/AccountManager.d.ts.map +1 -1
  1180. package/lib/custom-auth-path/types/cache/AsyncMemoryStorage.d.ts +14 -7
  1181. package/lib/custom-auth-path/types/cache/AsyncMemoryStorage.d.ts.map +1 -1
  1182. package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts +24 -27
  1183. package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts.map +1 -1
  1184. package/lib/custom-auth-path/types/cache/IAsyncStorage.d.ts +10 -5
  1185. package/lib/custom-auth-path/types/cache/IAsyncStorage.d.ts.map +1 -1
  1186. package/lib/custom-auth-path/types/cache/LocalStorage.d.ts.map +1 -1
  1187. package/lib/custom-auth-path/types/cache/TokenCache.d.ts +8 -68
  1188. package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
  1189. package/lib/custom-auth-path/types/config/Configuration.d.ts +8 -69
  1190. package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
  1191. package/lib/custom-auth-path/types/controllers/IController.d.ts +2 -58
  1192. package/lib/custom-auth-path/types/controllers/IController.d.ts.map +1 -1
  1193. package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts +5 -49
  1194. package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  1195. package/lib/custom-auth-path/types/controllers/StandardController.d.ts +10 -55
  1196. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  1197. package/lib/custom-auth-path/types/controllers/UnknownOperatingContextController.d.ts +5 -18
  1198. package/lib/custom-auth-path/types/controllers/UnknownOperatingContextController.d.ts.map +1 -1
  1199. package/lib/custom-auth-path/types/crypto/BrowserCrypto.d.ts +1 -2
  1200. package/lib/custom-auth-path/types/crypto/BrowserCrypto.d.ts.map +1 -1
  1201. package/lib/custom-auth-path/types/crypto/CryptoOps.d.ts +4 -2
  1202. package/lib/custom-auth-path/types/crypto/CryptoOps.d.ts.map +1 -1
  1203. package/lib/custom-auth-path/types/crypto/PkceGenerator.d.ts.map +1 -1
  1204. package/lib/custom-auth-path/types/crypto/SignedHttpRequest.d.ts +2 -1
  1205. package/lib/custom-auth-path/types/crypto/SignedHttpRequest.d.ts.map +1 -1
  1206. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +2 -2
  1207. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts.map +1 -1
  1208. package/lib/custom-auth-path/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
  1209. package/lib/custom-auth-path/types/custom_auth/core/CustomAuthAuthority.d.ts +2 -2
  1210. package/lib/custom-auth-path/types/custom_auth/core/CustomAuthAuthority.d.ts.map +1 -1
  1211. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts +3 -0
  1212. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts.map +1 -1
  1213. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts +2 -0
  1214. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts.map +1 -1
  1215. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts +7 -0
  1216. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts.map +1 -1
  1217. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts +2 -0
  1218. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts.map +1 -1
  1219. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts +2 -0
  1220. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts.map +1 -1
  1221. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts +6 -0
  1222. package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts.map +1 -1
  1223. package/lib/custom-auth-path/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
  1224. package/lib/custom-auth-path/types/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
  1225. package/lib/custom-auth-path/types/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
  1226. package/lib/custom-auth-path/types/custom_auth/core/network_client/http_client/FetchHttpClient.d.ts.map +1 -1
  1227. package/lib/custom-auth-path/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
  1228. package/lib/custom-auth-path/types/custom_auth/reset_password/interaction_client/ResetPasswordClient.d.ts.map +1 -1
  1229. package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts +2 -0
  1230. package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts.map +1 -1
  1231. package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts +2 -0
  1232. package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts.map +1 -1
  1233. package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts +2 -0
  1234. package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts.map +1 -1
  1235. package/lib/custom-auth-path/types/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
  1236. package/lib/custom-auth-path/types/custom_auth/sign_up/interaction_client/SignUpClient.d.ts +4 -4
  1237. package/lib/custom-auth-path/types/custom_auth/sign_up/interaction_client/SignUpClient.d.ts.map +1 -1
  1238. package/lib/custom-auth-path/types/error/BrowserAuthError.d.ts +1 -246
  1239. package/lib/custom-auth-path/types/error/BrowserAuthError.d.ts.map +1 -1
  1240. package/lib/custom-auth-path/types/error/BrowserAuthErrorCodes.d.ts +3 -2
  1241. package/lib/custom-auth-path/types/error/BrowserAuthErrorCodes.d.ts.map +1 -1
  1242. package/lib/custom-auth-path/types/error/BrowserConfigurationAuthError.d.ts +0 -23
  1243. package/lib/custom-auth-path/types/error/BrowserConfigurationAuthError.d.ts.map +1 -1
  1244. package/lib/custom-auth-path/types/error/NativeAuthError.d.ts +0 -3
  1245. package/lib/custom-auth-path/types/error/NativeAuthError.d.ts.map +1 -1
  1246. package/lib/custom-auth-path/types/error/NativeAuthErrorCodes.d.ts +1 -0
  1247. package/lib/custom-auth-path/types/error/NativeAuthErrorCodes.d.ts.map +1 -1
  1248. package/lib/custom-auth-path/types/error/NestedAppAuthError.d.ts +0 -9
  1249. package/lib/custom-auth-path/types/error/NestedAppAuthError.d.ts.map +1 -1
  1250. package/lib/custom-auth-path/types/event/EventHandler.d.ts.map +1 -1
  1251. package/lib/custom-auth-path/types/event/EventMessage.d.ts.map +1 -1
  1252. package/lib/custom-auth-path/types/event/EventType.d.ts +3 -10
  1253. package/lib/custom-auth-path/types/event/EventType.d.ts.map +1 -1
  1254. package/lib/custom-auth-path/types/index.d.ts +34 -6
  1255. package/lib/custom-auth-path/types/index.d.ts.map +1 -1
  1256. package/lib/custom-auth-path/types/interaction_client/BaseInteractionClient.d.ts +50 -32
  1257. package/lib/custom-auth-path/types/interaction_client/BaseInteractionClient.d.ts.map +1 -1
  1258. package/lib/custom-auth-path/types/interaction_client/HybridSpaAuthorizationCodeClient.d.ts +2 -2
  1259. package/lib/custom-auth-path/types/interaction_client/HybridSpaAuthorizationCodeClient.d.ts.map +1 -1
  1260. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts +5 -3
  1261. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  1262. package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts +1 -16
  1263. package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
  1264. package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts +8 -4
  1265. package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts.map +1 -1
  1266. package/lib/custom-auth-path/types/interaction_client/SilentAuthCodeClient.d.ts +1 -1
  1267. package/lib/custom-auth-path/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  1268. package/lib/custom-auth-path/types/interaction_client/SilentCacheClient.d.ts.map +1 -1
  1269. package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts +1 -1
  1270. package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  1271. package/lib/custom-auth-path/types/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  1272. package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts +17 -7
  1273. package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  1274. package/lib/custom-auth-path/types/interaction_handler/InteractionHandler.d.ts +2 -3
  1275. package/lib/custom-auth-path/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
  1276. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts +2 -8
  1277. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  1278. package/lib/custom-auth-path/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  1279. package/lib/custom-auth-path/types/operatingcontext/BaseOperatingContext.d.ts +2 -1
  1280. package/lib/custom-auth-path/types/operatingcontext/BaseOperatingContext.d.ts.map +1 -1
  1281. package/lib/custom-auth-path/types/operatingcontext/NestedAppOperatingContext.d.ts +2 -1
  1282. package/lib/custom-auth-path/types/operatingcontext/NestedAppOperatingContext.d.ts.map +1 -1
  1283. package/lib/custom-auth-path/types/operatingcontext/StandardOperatingContext.d.ts +1 -1
  1284. package/lib/custom-auth-path/types/operatingcontext/StandardOperatingContext.d.ts.map +1 -1
  1285. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  1286. package/lib/custom-auth-path/types/packageMetadata.d.ts.map +1 -1
  1287. package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
  1288. package/lib/custom-auth-path/types/redirect_bridge/index.d.ts +16 -0
  1289. package/lib/custom-auth-path/types/redirect_bridge/index.d.ts.map +1 -0
  1290. package/lib/custom-auth-path/types/request/AuthorizationCodeRequest.d.ts +1 -1
  1291. package/lib/custom-auth-path/types/request/AuthorizationCodeRequest.d.ts.map +1 -1
  1292. package/lib/custom-auth-path/types/request/EndSessionPopupRequest.d.ts +1 -1
  1293. package/lib/custom-auth-path/types/request/EndSessionPopupRequest.d.ts.map +1 -1
  1294. package/lib/custom-auth-path/types/request/EndSessionRequest.d.ts +1 -3
  1295. package/lib/custom-auth-path/types/request/EndSessionRequest.d.ts.map +1 -1
  1296. package/lib/custom-auth-path/types/request/HandleRedirectPromiseOptions.d.ts +5 -0
  1297. package/lib/custom-auth-path/types/request/HandleRedirectPromiseOptions.d.ts.map +1 -0
  1298. package/lib/custom-auth-path/types/request/PopupRequest.d.ts +5 -4
  1299. package/lib/custom-auth-path/types/request/PopupRequest.d.ts.map +1 -1
  1300. package/lib/custom-auth-path/types/request/RedirectRequest.d.ts +3 -11
  1301. package/lib/custom-auth-path/types/request/RedirectRequest.d.ts.map +1 -1
  1302. package/lib/custom-auth-path/types/request/RequestHelpers.d.ts +7 -3
  1303. package/lib/custom-auth-path/types/request/RequestHelpers.d.ts.map +1 -1
  1304. package/lib/custom-auth-path/types/request/SilentRequest.d.ts +3 -4
  1305. package/lib/custom-auth-path/types/request/SilentRequest.d.ts.map +1 -1
  1306. package/lib/custom-auth-path/types/request/SsoSilentRequest.d.ts +3 -4
  1307. package/lib/custom-auth-path/types/request/SsoSilentRequest.d.ts.map +1 -1
  1308. package/lib/custom-auth-path/types/response/ResponseHandler.d.ts +1 -1
  1309. package/lib/custom-auth-path/types/response/ResponseHandler.d.ts.map +1 -1
  1310. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +2 -19
  1311. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  1312. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts +130 -0
  1313. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -0
  1314. package/lib/custom-auth-path/types/telemetry/BrowserRootPerformanceEvents.d.ts +35 -0
  1315. package/lib/custom-auth-path/types/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -0
  1316. package/lib/custom-auth-path/types/utils/BrowserConstants.d.ts +0 -12
  1317. package/lib/custom-auth-path/types/utils/BrowserConstants.d.ts.map +1 -1
  1318. package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +36 -2
  1319. package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
  1320. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +1 -1
  1321. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  1322. package/lib/log-strings-mapping.json +1135 -0
  1323. package/lib/msal-browser.cjs +15223 -17702
  1324. package/lib/msal-browser.cjs.map +1 -1
  1325. package/lib/msal-browser.js +15223 -17702
  1326. package/lib/msal-browser.js.map +1 -1
  1327. package/lib/msal-browser.min.js +2 -68
  1328. package/lib/redirect-bridge/msal-redirect-bridge.js +729 -0
  1329. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -0
  1330. package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -0
  1331. package/lib/types/app/IPublicClientApplication.d.ts +3 -10
  1332. package/lib/types/app/IPublicClientApplication.d.ts.map +1 -1
  1333. package/lib/types/app/PublicClientApplication.d.ts +6 -56
  1334. package/lib/types/app/PublicClientApplication.d.ts.map +1 -1
  1335. package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  1336. package/lib/types/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts +1 -1
  1337. package/lib/types/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -1
  1338. package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts +12 -4
  1339. package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
  1340. package/lib/types/cache/AccountManager.d.ts +0 -25
  1341. package/lib/types/cache/AccountManager.d.ts.map +1 -1
  1342. package/lib/types/cache/AsyncMemoryStorage.d.ts +14 -7
  1343. package/lib/types/cache/AsyncMemoryStorage.d.ts.map +1 -1
  1344. package/lib/types/cache/BrowserCacheManager.d.ts +24 -27
  1345. package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
  1346. package/lib/types/cache/IAsyncStorage.d.ts +10 -5
  1347. package/lib/types/cache/IAsyncStorage.d.ts.map +1 -1
  1348. package/lib/types/cache/LocalStorage.d.ts.map +1 -1
  1349. package/lib/types/cache/TokenCache.d.ts +8 -68
  1350. package/lib/types/cache/TokenCache.d.ts.map +1 -1
  1351. package/lib/types/config/Configuration.d.ts +8 -69
  1352. package/lib/types/config/Configuration.d.ts.map +1 -1
  1353. package/lib/types/controllers/IController.d.ts +2 -58
  1354. package/lib/types/controllers/IController.d.ts.map +1 -1
  1355. package/lib/types/controllers/NestedAppAuthController.d.ts +5 -49
  1356. package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  1357. package/lib/types/controllers/StandardController.d.ts +10 -55
  1358. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  1359. package/lib/types/controllers/UnknownOperatingContextController.d.ts +5 -18
  1360. package/lib/types/controllers/UnknownOperatingContextController.d.ts.map +1 -1
  1361. package/lib/types/crypto/BrowserCrypto.d.ts +1 -2
  1362. package/lib/types/crypto/BrowserCrypto.d.ts.map +1 -1
  1363. package/lib/types/crypto/CryptoOps.d.ts +4 -2
  1364. package/lib/types/crypto/CryptoOps.d.ts.map +1 -1
  1365. package/lib/types/crypto/PkceGenerator.d.ts.map +1 -1
  1366. package/lib/types/crypto/SignedHttpRequest.d.ts +2 -1
  1367. package/lib/types/crypto/SignedHttpRequest.d.ts.map +1 -1
  1368. package/lib/types/custom_auth/CustomAuthConstants.d.ts +2 -2
  1369. package/lib/types/custom_auth/CustomAuthConstants.d.ts.map +1 -1
  1370. package/lib/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
  1371. package/lib/types/custom_auth/core/CustomAuthAuthority.d.ts +2 -2
  1372. package/lib/types/custom_auth/core/CustomAuthAuthority.d.ts.map +1 -1
  1373. package/lib/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts +3 -0
  1374. package/lib/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.d.ts.map +1 -1
  1375. package/lib/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts +2 -0
  1376. package/lib/types/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.d.ts.map +1 -1
  1377. package/lib/types/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts +7 -0
  1378. package/lib/types/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.d.ts.map +1 -1
  1379. package/lib/types/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts +2 -0
  1380. package/lib/types/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.d.ts.map +1 -1
  1381. package/lib/types/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts +2 -0
  1382. package/lib/types/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.d.ts.map +1 -1
  1383. package/lib/types/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts +6 -0
  1384. package/lib/types/custom_auth/core/auth_flow/mfa/state/MfaState.d.ts.map +1 -1
  1385. package/lib/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
  1386. package/lib/types/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
  1387. package/lib/types/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
  1388. package/lib/types/custom_auth/core/network_client/http_client/FetchHttpClient.d.ts.map +1 -1
  1389. package/lib/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
  1390. package/lib/types/custom_auth/reset_password/interaction_client/ResetPasswordClient.d.ts.map +1 -1
  1391. package/lib/types/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts +2 -0
  1392. package/lib/types/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts.map +1 -1
  1393. package/lib/types/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts +2 -0
  1394. package/lib/types/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts.map +1 -1
  1395. package/lib/types/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts +2 -0
  1396. package/lib/types/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts.map +1 -1
  1397. package/lib/types/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
  1398. package/lib/types/custom_auth/sign_up/interaction_client/SignUpClient.d.ts +4 -4
  1399. package/lib/types/custom_auth/sign_up/interaction_client/SignUpClient.d.ts.map +1 -1
  1400. package/lib/types/error/BrowserAuthError.d.ts +1 -246
  1401. package/lib/types/error/BrowserAuthError.d.ts.map +1 -1
  1402. package/lib/types/error/BrowserAuthErrorCodes.d.ts +3 -2
  1403. package/lib/types/error/BrowserAuthErrorCodes.d.ts.map +1 -1
  1404. package/lib/types/error/BrowserConfigurationAuthError.d.ts +0 -23
  1405. package/lib/types/error/BrowserConfigurationAuthError.d.ts.map +1 -1
  1406. package/lib/types/error/NativeAuthError.d.ts +0 -3
  1407. package/lib/types/error/NativeAuthError.d.ts.map +1 -1
  1408. package/lib/types/error/NativeAuthErrorCodes.d.ts +1 -0
  1409. package/lib/types/error/NativeAuthErrorCodes.d.ts.map +1 -1
  1410. package/lib/types/error/NestedAppAuthError.d.ts +0 -9
  1411. package/lib/types/error/NestedAppAuthError.d.ts.map +1 -1
  1412. package/lib/types/event/EventHandler.d.ts.map +1 -1
  1413. package/lib/types/event/EventMessage.d.ts.map +1 -1
  1414. package/lib/types/event/EventType.d.ts +3 -10
  1415. package/lib/types/event/EventType.d.ts.map +1 -1
  1416. package/lib/types/index.d.ts +34 -6
  1417. package/lib/types/index.d.ts.map +1 -1
  1418. package/lib/types/interaction_client/BaseInteractionClient.d.ts +50 -32
  1419. package/lib/types/interaction_client/BaseInteractionClient.d.ts.map +1 -1
  1420. package/lib/types/interaction_client/HybridSpaAuthorizationCodeClient.d.ts +2 -2
  1421. package/lib/types/interaction_client/HybridSpaAuthorizationCodeClient.d.ts.map +1 -1
  1422. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts +5 -3
  1423. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  1424. package/lib/types/interaction_client/PopupClient.d.ts +1 -16
  1425. package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
  1426. package/lib/types/interaction_client/RedirectClient.d.ts +8 -4
  1427. package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
  1428. package/lib/types/interaction_client/SilentAuthCodeClient.d.ts +1 -1
  1429. package/lib/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  1430. package/lib/types/interaction_client/SilentCacheClient.d.ts.map +1 -1
  1431. package/lib/types/interaction_client/SilentIframeClient.d.ts +1 -1
  1432. package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  1433. package/lib/types/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  1434. package/lib/types/interaction_client/StandardInteractionClient.d.ts +17 -7
  1435. package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  1436. package/lib/types/interaction_handler/InteractionHandler.d.ts +2 -3
  1437. package/lib/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
  1438. package/lib/types/interaction_handler/SilentHandler.d.ts +2 -8
  1439. package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  1440. package/lib/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  1441. package/lib/types/operatingcontext/BaseOperatingContext.d.ts +2 -1
  1442. package/lib/types/operatingcontext/BaseOperatingContext.d.ts.map +1 -1
  1443. package/lib/types/operatingcontext/NestedAppOperatingContext.d.ts +2 -1
  1444. package/lib/types/operatingcontext/NestedAppOperatingContext.d.ts.map +1 -1
  1445. package/lib/types/operatingcontext/StandardOperatingContext.d.ts +1 -1
  1446. package/lib/types/operatingcontext/StandardOperatingContext.d.ts.map +1 -1
  1447. package/lib/types/packageMetadata.d.ts +1 -1
  1448. package/lib/types/packageMetadata.d.ts.map +1 -1
  1449. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  1450. package/lib/types/redirect_bridge/index.d.ts +16 -0
  1451. package/lib/types/redirect_bridge/index.d.ts.map +1 -0
  1452. package/lib/types/request/AuthorizationCodeRequest.d.ts +1 -1
  1453. package/lib/types/request/AuthorizationCodeRequest.d.ts.map +1 -1
  1454. package/lib/types/request/EndSessionPopupRequest.d.ts +1 -1
  1455. package/lib/types/request/EndSessionPopupRequest.d.ts.map +1 -1
  1456. package/lib/types/request/EndSessionRequest.d.ts +1 -3
  1457. package/lib/types/request/EndSessionRequest.d.ts.map +1 -1
  1458. package/lib/types/request/HandleRedirectPromiseOptions.d.ts +5 -0
  1459. package/lib/types/request/HandleRedirectPromiseOptions.d.ts.map +1 -0
  1460. package/lib/types/request/PopupRequest.d.ts +5 -4
  1461. package/lib/types/request/PopupRequest.d.ts.map +1 -1
  1462. package/lib/types/request/RedirectRequest.d.ts +3 -11
  1463. package/lib/types/request/RedirectRequest.d.ts.map +1 -1
  1464. package/lib/types/request/RequestHelpers.d.ts +7 -3
  1465. package/lib/types/request/RequestHelpers.d.ts.map +1 -1
  1466. package/lib/types/request/SilentRequest.d.ts +3 -4
  1467. package/lib/types/request/SilentRequest.d.ts.map +1 -1
  1468. package/lib/types/request/SsoSilentRequest.d.ts +3 -4
  1469. package/lib/types/request/SsoSilentRequest.d.ts.map +1 -1
  1470. package/lib/types/response/ResponseHandler.d.ts +1 -1
  1471. package/lib/types/response/ResponseHandler.d.ts.map +1 -1
  1472. package/lib/types/telemetry/BrowserPerformanceClient.d.ts +2 -19
  1473. package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  1474. package/lib/types/telemetry/BrowserPerformanceEvents.d.ts +130 -0
  1475. package/lib/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -0
  1476. package/lib/types/telemetry/BrowserRootPerformanceEvents.d.ts +35 -0
  1477. package/lib/types/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -0
  1478. package/lib/types/utils/BrowserConstants.d.ts +0 -12
  1479. package/lib/types/utils/BrowserConstants.d.ts.map +1 -1
  1480. package/lib/types/utils/BrowserUtils.d.ts +36 -2
  1481. package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
  1482. package/lib/types/utils/MsalFrameStatsUtils.d.ts +1 -1
  1483. package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  1484. package/package.json +16 -5
  1485. package/src/app/IPublicClientApplication.ts +5 -37
  1486. package/src/app/PublicClientApplication.ts +20 -96
  1487. package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +30 -14
  1488. package/src/broker/nativeBroker/PlatformAuthExtensionHandler.ts +57 -32
  1489. package/src/broker/nativeBroker/PlatformAuthProvider.ts +48 -41
  1490. package/src/cache/AccountManager.ts +11 -125
  1491. package/src/cache/AsyncMemoryStorage.ts +39 -22
  1492. package/src/cache/BrowserCacheManager.ts +272 -238
  1493. package/src/cache/IAsyncStorage.ts +10 -5
  1494. package/src/cache/LocalStorage.ts +31 -18
  1495. package/src/cache/TokenCache.ts +390 -381
  1496. package/src/config/Configuration.ts +33 -114
  1497. package/src/controllers/IController.ts +2 -121
  1498. package/src/controllers/NestedAppAuthController.ts +49 -152
  1499. package/src/controllers/StandardController.ts +280 -496
  1500. package/src/controllers/UnknownOperatingContextController.ts +4 -90
  1501. package/src/crypto/BrowserCrypto.ts +1 -13
  1502. package/src/crypto/CryptoOps.ts +32 -18
  1503. package/src/crypto/PkceGenerator.ts +6 -14
  1504. package/src/crypto/SignedHttpRequest.ts +14 -21
  1505. package/src/custom_auth/controller/CustomAuthStandardController.ts +11 -9
  1506. package/src/custom_auth/core/CustomAuthAuthority.ts +12 -5
  1507. package/src/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.ts +3 -0
  1508. package/src/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.ts +2 -0
  1509. package/src/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.ts +9 -2
  1510. package/src/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.ts +2 -0
  1511. package/src/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.ts +2 -0
  1512. package/src/custom_auth/core/auth_flow/mfa/state/MfaState.ts +8 -2
  1513. package/src/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.ts +3 -1
  1514. package/src/custom_auth/core/interaction_client/jit/JitClient.ts +31 -13
  1515. package/src/custom_auth/core/interaction_client/mfa/MfaClient.ts +30 -13
  1516. package/src/custom_auth/core/network_client/http_client/FetchHttpClient.ts +8 -5
  1517. package/src/custom_auth/get_account/auth_flow/CustomAuthAccountData.ts +3 -3
  1518. package/src/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.ts +16 -8
  1519. package/src/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.ts +2 -2
  1520. package/src/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.ts +1 -1
  1521. package/src/custom_auth/reset_password/interaction_client/ResetPasswordClient.ts +44 -18
  1522. package/src/custom_auth/sign_in/auth_flow/result/SignInResult.ts +2 -0
  1523. package/src/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.ts +2 -0
  1524. package/src/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.ts +2 -0
  1525. package/src/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.ts +1 -1
  1526. package/src/custom_auth/sign_in/auth_flow/state/SignInContinuationState.ts +1 -1
  1527. package/src/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.ts +1 -1
  1528. package/src/custom_auth/sign_in/interaction_client/SignInClient.ts +77 -39
  1529. package/src/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.ts +1 -1
  1530. package/src/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.ts +2 -2
  1531. package/src/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.ts +1 -1
  1532. package/src/custom_auth/sign_up/interaction_client/SignUpClient.ts +96 -49
  1533. package/src/error/BrowserAuthError.ts +4 -339
  1534. package/src/error/BrowserAuthErrorCodes.ts +4 -2
  1535. package/src/error/BrowserConfigurationAuthError.ts +2 -37
  1536. package/src/error/NativeAuthError.ts +7 -13
  1537. package/src/error/NativeAuthErrorCodes.ts +1 -0
  1538. package/src/error/NestedAppAuthError.ts +2 -14
  1539. package/src/event/EventHandler.ts +13 -11
  1540. package/src/event/EventMessage.ts +1 -18
  1541. package/src/event/EventType.ts +3 -10
  1542. package/src/index.ts +14 -19
  1543. package/src/interaction_client/BaseInteractionClient.ts +181 -158
  1544. package/src/interaction_client/HybridSpaAuthorizationCodeClient.ts +6 -2
  1545. package/src/interaction_client/PlatformAuthInteractionClient.ts +160 -112
  1546. package/src/interaction_client/PopupClient.ts +189 -198
  1547. package/src/interaction_client/RedirectClient.ts +191 -114
  1548. package/src/interaction_client/SilentAuthCodeClient.ts +41 -16
  1549. package/src/interaction_client/SilentCacheClient.ts +23 -15
  1550. package/src/interaction_client/SilentIframeClient.ts +105 -90
  1551. package/src/interaction_client/SilentRefreshClient.ts +26 -14
  1552. package/src/interaction_client/StandardInteractionClient.ts +118 -102
  1553. package/src/interaction_handler/InteractionHandler.ts +6 -26
  1554. package/src/interaction_handler/SilentHandler.ts +6 -151
  1555. package/src/naa/mapping/NestedAppAuthAdapter.ts +8 -6
  1556. package/src/operatingcontext/BaseOperatingContext.ts +2 -1
  1557. package/src/operatingcontext/NestedAppOperatingContext.ts +8 -3
  1558. package/src/operatingcontext/StandardOperatingContext.ts +2 -1
  1559. package/src/packageMetadata.ts +1 -1
  1560. package/src/protocol/Authorize.ts +52 -56
  1561. package/src/redirect_bridge/index.ts +131 -0
  1562. package/src/request/AuthorizationCodeRequest.ts +1 -4
  1563. package/src/request/EndSessionPopupRequest.ts +1 -3
  1564. package/src/request/EndSessionRequest.ts +1 -5
  1565. package/src/request/HandleRedirectPromiseOptions.ts +9 -0
  1566. package/src/request/PopupRequest.ts +4 -4
  1567. package/src/request/RedirectRequest.ts +2 -11
  1568. package/src/request/RequestHelpers.ts +25 -48
  1569. package/src/request/SilentRequest.ts +3 -8
  1570. package/src/request/SsoSilentRequest.ts +2 -4
  1571. package/src/response/ResponseHandler.ts +8 -4
  1572. package/src/telemetry/BrowserPerformanceClient.ts +2 -103
  1573. package/src/telemetry/BrowserPerformanceEvents.ts +181 -0
  1574. package/src/telemetry/BrowserRootPerformanceEvents.ts +41 -0
  1575. package/src/utils/BrowserConstants.ts +2 -14
  1576. package/src/utils/BrowserProtocolUtils.ts +1 -1
  1577. package/src/utils/BrowserUtils.ts +232 -15
  1578. package/src/utils/MsalFrameStatsUtils.ts +4 -2
  1579. package/dist/app/PublicClientNext.d.ts.map +0 -1
  1580. package/dist/app/PublicClientNext.mjs +0 -363
  1581. package/dist/app/PublicClientNext.mjs.map +0 -1
  1582. package/dist/cache/ITokenCache.d.ts +0 -12
  1583. package/dist/cache/ITokenCache.d.ts.map +0 -1
  1584. package/dist/controllers/ControllerFactory.d.ts +0 -6
  1585. package/dist/controllers/ControllerFactory.d.ts.map +0 -1
  1586. package/dist/controllers/ControllerFactory.mjs +0 -35
  1587. package/dist/controllers/ControllerFactory.mjs.map +0 -1
  1588. package/dist/controllers/UnknownOperatingContextController.mjs +0 -268
  1589. package/dist/controllers/UnknownOperatingContextController.mjs.map +0 -1
  1590. package/dist/custom-auth-path/app/PublicClientNext.d.ts +0 -278
  1591. package/dist/custom-auth-path/app/PublicClientNext.d.ts.map +0 -1
  1592. package/dist/custom-auth-path/cache/ITokenCache.d.ts +0 -12
  1593. package/dist/custom-auth-path/cache/ITokenCache.d.ts.map +0 -1
  1594. package/dist/custom-auth-path/cache/TokenCache.mjs +0 -208
  1595. package/dist/custom-auth-path/cache/TokenCache.mjs.map +0 -1
  1596. package/dist/custom-auth-path/controllers/ControllerFactory.d.ts +0 -6
  1597. package/dist/custom-auth-path/controllers/ControllerFactory.d.ts.map +0 -1
  1598. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +0 -17
  1599. package/dist/custom-auth-path/controllers/ControllerFactory.mjs.map +0 -1
  1600. package/dist/custom-auth-path/request/AuthorizationUrlRequest.d.ts +0 -7
  1601. package/dist/custom-auth-path/request/AuthorizationUrlRequest.d.ts.map +0 -1
  1602. package/dist/operatingcontext/UnknownOperatingContext.mjs +0 -49
  1603. package/dist/operatingcontext/UnknownOperatingContext.mjs.map +0 -1
  1604. package/dist/request/AuthorizationUrlRequest.d.ts +0 -7
  1605. package/dist/request/AuthorizationUrlRequest.d.ts.map +0 -1
  1606. package/lib/custom-auth-path/types/app/PublicClientNext.d.ts.map +0 -1
  1607. package/lib/custom-auth-path/types/cache/ITokenCache.d.ts +0 -12
  1608. package/lib/custom-auth-path/types/cache/ITokenCache.d.ts.map +0 -1
  1609. package/lib/custom-auth-path/types/controllers/ControllerFactory.d.ts +0 -6
  1610. package/lib/custom-auth-path/types/controllers/ControllerFactory.d.ts.map +0 -1
  1611. package/lib/custom-auth-path/types/request/AuthorizationUrlRequest.d.ts +0 -7
  1612. package/lib/custom-auth-path/types/request/AuthorizationUrlRequest.d.ts.map +0 -1
  1613. package/lib/types/app/PublicClientNext.d.ts +0 -278
  1614. package/lib/types/app/PublicClientNext.d.ts.map +0 -1
  1615. package/lib/types/cache/ITokenCache.d.ts +0 -12
  1616. package/lib/types/cache/ITokenCache.d.ts.map +0 -1
  1617. package/lib/types/controllers/ControllerFactory.d.ts +0 -6
  1618. package/lib/types/controllers/ControllerFactory.d.ts.map +0 -1
  1619. package/lib/types/request/AuthorizationUrlRequest.d.ts +0 -7
  1620. package/lib/types/request/AuthorizationUrlRequest.d.ts.map +0 -1
  1621. package/src/app/PublicClientNext.ts +0 -454
  1622. package/src/cache/ITokenCache.ts +0 -21
  1623. package/src/controllers/ControllerFactory.ts +0 -42
  1624. package/src/request/AuthorizationUrlRequest.ts +0 -15
@@ -1,68 +1,2 @@
1
- /*! @azure/msal-browser v4.27.0 2025-12-04 */
2
- "use strict";!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).msal={})}(this,(function(e){
3
- /*! @azure/msal-common v15.13.3 2025-12-04 */
4
- const t={LIBRARY_NAME:"MSAL.JS",SKU:"msal.js.common",DEFAULT_AUTHORITY:"https://login.microsoftonline.com/common/",DEFAULT_AUTHORITY_HOST:"login.microsoftonline.com",DEFAULT_COMMON_TENANT:"common",ADFS:"adfs",DSTS:"dstsv2",AAD_INSTANCE_DISCOVERY_ENDPT:"https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=",CIAM_AUTH_URL:".ciamlogin.com",AAD_TENANT_DOMAIN_SUFFIX:".onmicrosoft.com",RESOURCE_DELIM:"|",NO_ACCOUNT:"NO_ACCOUNT",CLAIMS:"claims",CONSUMER_UTID:"9188040d-6c67-4c5b-b112-36a304b66dad",OPENID_SCOPE:"openid",PROFILE_SCOPE:"profile",OFFLINE_ACCESS_SCOPE:"offline_access",EMAIL_SCOPE:"email",CODE_GRANT_TYPE:"authorization_code",RT_GRANT_TYPE:"refresh_token",S256_CODE_CHALLENGE_METHOD:"S256",URL_FORM_CONTENT_TYPE:"application/x-www-form-urlencoded;charset=utf-8",AUTHORIZATION_PENDING:"authorization_pending",NOT_DEFINED:"not_defined",EMPTY_STRING:"",NOT_APPLICABLE:"N/A",NOT_AVAILABLE:"Not Available",FORWARD_SLASH:"/",IMDS_ENDPOINT:"http://169.254.169.254/metadata/instance/compute/location",IMDS_VERSION:"2020-06-01",IMDS_TIMEOUT:2e3,AZURE_REGION_AUTO_DISCOVER_FLAG:"TryAutoDetect",REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX:"login.microsoft.com",KNOWN_PUBLIC_CLOUDS:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"],SHR_NONCE_VALIDITY:240,INVALID_INSTANCE:"invalid_instance"},r=200,n=400,o=400,i=499,s=500,a=599,c="GET",l="POST",h=[t.OPENID_SCOPE,t.PROFILE_SCOPE,t.OFFLINE_ACCESS_SCOPE],d=[...h,t.EMAIL_SCOPE],u="Content-Type",g="Content-Length",p="Retry-After",m="X-AnchorMailbox",f="WWW-Authenticate",y="Authentication-Info",C="x-ms-request-id",w="x-ms-httpver",v="active-account-filters",I="common",T="organizations",A="consumers",k="access_token",S="xms_cc",b={LOGIN:"login",SELECT_ACCOUNT:"select_account",CONSENT:"consent",NONE:"none",CREATE:"create",NO_SESSION:"no_session"},E="code",R="id_token token refresh_token",_={QUERY:"query",FRAGMENT:"fragment"},P="query",M="authorization_code",O="refresh_token",q="MSSTS",N="ADFS",U="Generic",L="-",D=".",H={ID_TOKEN:"IdToken",ACCESS_TOKEN:"AccessToken",ACCESS_TOKEN_WITH_AUTH_SCHEME:"AccessToken_With_AuthScheme",REFRESH_TOKEN:"RefreshToken"},x="appmetadata",B="1",F="authority-metadata",z=86400,K="config",G="cache",$="network",Q="hardcoded_values",j={SCHEMA_VERSION:5,MAX_LAST_HEADER_BYTES:330,MAX_CACHED_ERRORS:50,CACHE_KEY:"server-telemetry",CATEGORY_SEPARATOR:"|",VALUE_SEPARATOR:",",OVERFLOW_TRUE:"1",OVERFLOW_FALSE:"0",UNKNOWN_ERROR:"unknown_error"},W={BEARER:"Bearer",POP:"pop",SSH:"ssh-cert"},V=60,J=3600,Y="throttling",X="retry-after, h429",Z="invalid_grant",ee="client_mismatch",te="1",re="3",ne="4",oe="2",ie="4",se="5",ae="0",ce="1",le="2",he="3",de="4",ue={Jwt:"JWT",Jwk:"JWK",Pop:"pop"},ge="unexpected_error",pe="post_request_failed";var me=Object.freeze({__proto__:null,postRequestFailed:pe,unexpectedError:ge});
5
- /*! @azure/msal-common v15.13.3 2025-12-04 */const fe={[ge]:"Unexpected error in authentication.",[pe]:"Post request failed from the network, could be a 4xx/5xx or a network unavailability. Please check the exact error code for details."},ye={unexpectedError:{code:ge,desc:fe[ge]},postRequestFailed:{code:pe,desc:fe[pe]}};class Ce extends Error{constructor(e,r,n){super(r?`${e}: ${r}`:e),Object.setPrototypeOf(this,Ce.prototype),this.errorCode=e||t.EMPTY_STRING,this.errorMessage=r||t.EMPTY_STRING,this.subError=n||t.EMPTY_STRING,this.name="AuthError"}setCorrelationId(e){this.correlationId=e}}function we(e,t){return new Ce(e,t?`${fe[e]} ${t}`:fe[e])}
6
- /*! @azure/msal-common v15.13.3 2025-12-04 */const ve="client_info_decoding_error",Ie="client_info_empty_error",Te="token_parsing_error",Ae="null_or_empty_token",ke="endpoints_resolution_error",Se="network_error",be="openid_config_error",Ee="hash_not_deserialized",Re="invalid_state",_e="state_mismatch",Pe="state_not_found",Me="nonce_mismatch",Oe="auth_time_not_found",qe="max_age_transpired",Ne="multiple_matching_tokens",Ue="multiple_matching_accounts",Le="multiple_matching_appMetadata",De="request_cannot_be_made",He="cannot_remove_empty_scope",xe="cannot_append_scopeset",Be="empty_input_scopeset",Fe="device_code_polling_cancelled",ze="device_code_expired",Ke="device_code_unknown_error",Ge="no_account_in_silent_request",$e="invalid_cache_record",Qe="invalid_cache_environment",je="no_account_found",We="no_crypto_object",Ve="unexpected_credential_type",Je="invalid_assertion",Ye="invalid_client_credential",Xe="token_refresh_required",Ze="user_timeout_reached",et="token_claims_cnf_required_for_signedjwt",tt="authorization_code_missing_from_server_response",rt="binding_key_not_removed",nt="end_session_endpoint_not_supported",ot="key_id_missing",it="no_network_connectivity",st="user_canceled",at="missing_tenant_id_error",ct="method_not_implemented",lt="nested_app_auth_bridge_disabled",ht="platform_broker_error";var dt=Object.freeze({__proto__:null,authTimeNotFound:Oe,authorizationCodeMissingFromServerResponse:tt,bindingKeyNotRemoved:rt,cannotAppendScopeSet:xe,cannotRemoveEmptyScope:He,clientInfoDecodingError:ve,clientInfoEmptyError:Ie,deviceCodeExpired:ze,deviceCodePollingCancelled:Fe,deviceCodeUnknownError:Ke,emptyInputScopeSet:Be,endSessionEndpointNotSupported:nt,endpointResolutionError:ke,hashNotDeserialized:Ee,invalidAssertion:Je,invalidCacheEnvironment:Qe,invalidCacheRecord:$e,invalidClientCredential:Ye,invalidState:Re,keyIdMissing:ot,maxAgeTranspired:qe,methodNotImplemented:ct,missingTenantIdError:at,multipleMatchingAccounts:Ue,multipleMatchingAppMetadata:Le,multipleMatchingTokens:Ne,nestedAppAuthBridgeDisabled:lt,networkError:Se,noAccountFound:je,noAccountInSilentRequest:Ge,noCryptoObject:We,noNetworkConnectivity:it,nonceMismatch:Me,nullOrEmptyToken:Ae,openIdConfigError:be,platformBrokerError:ht,requestCannotBeMade:De,stateMismatch:_e,stateNotFound:Pe,tokenClaimsCnfRequiredForSignedJwt:et,tokenParsingError:Te,tokenRefreshRequired:Xe,unexpectedCredentialType:Ve,userCanceled:st,userTimeoutReached:Ze});
7
- /*! @azure/msal-common v15.13.3 2025-12-04 */const ut={[ve]:"The client info could not be parsed/decoded correctly",[Ie]:"The client info was empty",[Te]:"Token cannot be parsed",[Ae]:"The token is null or empty",[ke]:"Endpoints cannot be resolved",[Se]:"Network request failed",[be]:"Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints.",[Ee]:"The hash parameters could not be deserialized",[Re]:"State was not the expected format",[_e]:"State mismatch error",[Pe]:"State not found",[Me]:"Nonce mismatch error",[Oe]:"Max Age was requested and the ID token is missing the auth_time variable. auth_time is an optional claim and is not enabled by default - it must be enabled. See https://aka.ms/msaljs/optional-claims for more information.",[qe]:"Max Age is set to 0, or too much time has elapsed since the last end-user authentication.",[Ne]:"The cache contains multiple tokens satisfying the requirements. Call AcquireToken again providing more requirements such as authority or account.",[Ue]:"The cache contains multiple accounts satisfying the given parameters. Please pass more info to obtain the correct account",[Le]:"The cache contains multiple appMetadata satisfying the given parameters. Please pass more info to obtain the correct appMetadata",[De]:"Token request cannot be made without authorization code or refresh token.",[He]:"Cannot remove null or empty scope from ScopeSet",[xe]:"Cannot append ScopeSet",[Be]:"Empty input ScopeSet cannot be processed",[Fe]:"Caller has cancelled token endpoint polling during device code flow by setting DeviceCodeRequest.cancel = true.",[ze]:"Device code is expired.",[Ke]:"Device code stopped polling for unknown reasons.",[Ge]:"Please pass an account object, silent flow is not supported without account information",[$e]:"Cache record object was null or undefined.",[Qe]:"Invalid environment when attempting to create cache entry",[je]:"No account found in cache for given key.",[We]:"No crypto object detected.",[Ve]:"Unexpected credential type.",[Je]:"Client assertion must meet requirements described in https://tools.ietf.org/html/rfc7515",[Ye]:"Client credential (secret, certificate, or assertion) must not be empty when creating a confidential client. An application should at most have one credential",[Xe]:"Cannot return token from cache because it must be refreshed. This may be due to one of the following reasons: forceRefresh parameter is set to true, claims have been requested, there is no cached access token or it is expired.",[Ze]:"User defined timeout for device code polling reached",[et]:"Cannot generate a POP jwt if the token_claims are not populated",[tt]:"Server response does not contain an authorization code to proceed",[rt]:"Could not remove the credential's binding key from storage.",[nt]:"The provided authority does not support logout",[ot]:"A keyId value is missing from the requested bound token's cache record and is required to match the token to it's stored binding key.",[it]:"No network connectivity. Check your internet connection.",[st]:"User cancelled the flow.",[at]:"A tenant id - not common, organizations, or consumers - must be specified when using the client_credentials flow.",[ct]:"This method has not been implemented",[lt]:"The nested app auth bridge is disabled",[ht]:"An error occurred in the native broker. See the platformBrokerError property for details."},gt={clientInfoDecodingError:{code:ve,desc:ut[ve]},clientInfoEmptyError:{code:Ie,desc:ut[Ie]},tokenParsingError:{code:Te,desc:ut[Te]},nullOrEmptyToken:{code:Ae,desc:ut[Ae]},endpointResolutionError:{code:ke,desc:ut[ke]},networkError:{code:Se,desc:ut[Se]},unableToGetOpenidConfigError:{code:be,desc:ut[be]},hashNotDeserialized:{code:Ee,desc:ut[Ee]},invalidStateError:{code:Re,desc:ut[Re]},stateMismatchError:{code:_e,desc:ut[_e]},stateNotFoundError:{code:Pe,desc:ut[Pe]},nonceMismatchError:{code:Me,desc:ut[Me]},authTimeNotFoundError:{code:Oe,desc:ut[Oe]},maxAgeTranspired:{code:qe,desc:ut[qe]},multipleMatchingTokens:{code:Ne,desc:ut[Ne]},multipleMatchingAccounts:{code:Ue,desc:ut[Ue]},multipleMatchingAppMetadata:{code:Le,desc:ut[Le]},tokenRequestCannotBeMade:{code:De,desc:ut[De]},removeEmptyScopeError:{code:He,desc:ut[He]},appendScopeSetError:{code:xe,desc:ut[xe]},emptyInputScopeSetError:{code:Be,desc:ut[Be]},DeviceCodePollingCancelled:{code:Fe,desc:ut[Fe]},DeviceCodeExpired:{code:ze,desc:ut[ze]},DeviceCodeUnknownError:{code:Ke,desc:ut[Ke]},NoAccountInSilentRequest:{code:Ge,desc:ut[Ge]},invalidCacheRecord:{code:$e,desc:ut[$e]},invalidCacheEnvironment:{code:Qe,desc:ut[Qe]},noAccountFound:{code:je,desc:ut[je]},noCryptoObj:{code:We,desc:ut[We]},unexpectedCredentialType:{code:Ve,desc:ut[Ve]},invalidAssertion:{code:Je,desc:ut[Je]},invalidClientCredential:{code:Ye,desc:ut[Ye]},tokenRefreshRequired:{code:Xe,desc:ut[Xe]},userTimeoutReached:{code:Ze,desc:ut[Ze]},tokenClaimsRequired:{code:et,desc:ut[et]},noAuthorizationCodeFromServer:{code:tt,desc:ut[tt]},bindingKeyNotRemovedError:{code:rt,desc:ut[rt]},logoutNotSupported:{code:nt,desc:ut[nt]},keyIdMissing:{code:ot,desc:ut[ot]},noNetworkConnectivity:{code:it,desc:ut[it]},userCanceledError:{code:st,desc:ut[st]},missingTenantIdError:{code:at,desc:ut[at]},nestedAppAuthBridgeDisabled:{code:lt,desc:ut[lt]},platformBrokerError:{code:ht,desc:ut[ht]}};class pt extends Ce{constructor(e,t){super(e,t?`${ut[e]}: ${t}`:ut[e]),this.name="ClientAuthError",Object.setPrototypeOf(this,pt.prototype)}}function mt(e,t){return new pt(e,t)}
8
- /*! @azure/msal-common v15.13.3 2025-12-04 */const ft={createNewGuid:()=>{throw mt(ct)},base64Decode:()=>{throw mt(ct)},base64Encode:()=>{throw mt(ct)},base64UrlEncode:()=>{throw mt(ct)},encodeKid:()=>{throw mt(ct)},async getPublicKeyThumbprint(){throw mt(ct)},async removeTokenBindingKey(){throw mt(ct)},async clearKeystore(){throw mt(ct)},async signJwt(){throw mt(ct)},async hashString(){throw mt(ct)}};
9
- /*! @azure/msal-common v15.13.3 2025-12-04 */var yt;e.LogLevel=void 0,(yt=e.LogLevel||(e.LogLevel={}))[yt.Error=0]="Error",yt[yt.Warning=1]="Warning",yt[yt.Info=2]="Info",yt[yt.Verbose=3]="Verbose",yt[yt.Trace=4]="Trace";class Ct{constructor(r,n,o){this.level=e.LogLevel.Info;const i=r||Ct.createDefaultLoggerOptions();this.localCallback=i.loggerCallback||(()=>{}),this.piiLoggingEnabled=i.piiLoggingEnabled||!1,this.level="number"==typeof i.logLevel?i.logLevel:e.LogLevel.Info,this.correlationId=i.correlationId||t.EMPTY_STRING,this.packageName=n||t.EMPTY_STRING,this.packageVersion=o||t.EMPTY_STRING}static createDefaultLoggerOptions(){return{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info}}clone(e,t,r){return new Ct({loggerCallback:this.localCallback,piiLoggingEnabled:this.piiLoggingEnabled,logLevel:this.level,correlationId:r||this.correlationId},e,t)}logMessage(t,r){if(r.logLevel>this.level||!this.piiLoggingEnabled&&r.containsPii)return;const n=`${`[${(new Date).toUTCString()}] : [${r.correlationId||this.correlationId||""}]`} : ${this.packageName}@${this.packageVersion} : ${e.LogLevel[r.logLevel]} - ${t}`;this.executeCallback(r.logLevel,n,r.containsPii||!1)}executeCallback(e,t,r){this.localCallback&&this.localCallback(e,t,r)}error(r,n){this.logMessage(r,{logLevel:e.LogLevel.Error,containsPii:!1,correlationId:n||t.EMPTY_STRING})}errorPii(r,n){this.logMessage(r,{logLevel:e.LogLevel.Error,containsPii:!0,correlationId:n||t.EMPTY_STRING})}warning(r,n){this.logMessage(r,{logLevel:e.LogLevel.Warning,containsPii:!1,correlationId:n||t.EMPTY_STRING})}warningPii(r,n){this.logMessage(r,{logLevel:e.LogLevel.Warning,containsPii:!0,correlationId:n||t.EMPTY_STRING})}info(r,n){this.logMessage(r,{logLevel:e.LogLevel.Info,containsPii:!1,correlationId:n||t.EMPTY_STRING})}infoPii(r,n){this.logMessage(r,{logLevel:e.LogLevel.Info,containsPii:!0,correlationId:n||t.EMPTY_STRING})}verbose(r,n){this.logMessage(r,{logLevel:e.LogLevel.Verbose,containsPii:!1,correlationId:n||t.EMPTY_STRING})}verbosePii(r,n){this.logMessage(r,{logLevel:e.LogLevel.Verbose,containsPii:!0,correlationId:n||t.EMPTY_STRING})}trace(r,n){this.logMessage(r,{logLevel:e.LogLevel.Trace,containsPii:!1,correlationId:n||t.EMPTY_STRING})}tracePii(r,n){this.logMessage(r,{logLevel:e.LogLevel.Trace,containsPii:!0,correlationId:n||t.EMPTY_STRING})}isPiiLoggingEnabled(){return this.piiLoggingEnabled||!1}}
10
- /*! @azure/msal-common v15.13.3 2025-12-04 */const wt="@azure/msal-common",vt="15.13.3",It={None:"none",AzurePublic:"https://login.microsoftonline.com",AzurePpe:"https://login.windows-ppe.net",AzureChina:"https://login.chinacloudapi.cn",AzureGermany:"https://login.microsoftonline.de",AzureUsGovernment:"https://login.microsoftonline.us"},Tt="redirect_uri_empty",At="claims_request_parsing_error",kt="authority_uri_insecure",St="url_parse_error",bt="empty_url_error",Et="empty_input_scopes_error",Rt="invalid_claims",_t="token_request_empty",Pt="logout_request_empty",Mt="invalid_code_challenge_method",Ot="pkce_params_missing",qt="invalid_cloud_discovery_metadata",Nt="invalid_authority_metadata",Ut="untrusted_authority",Lt="missing_ssh_jwk",Dt="missing_ssh_kid",Ht="missing_nonce_authentication_header",xt="invalid_authentication_header",Bt="cannot_set_OIDCOptions",Ft="cannot_allow_platform_broker",zt="authority_mismatch",Kt="invalid_request_method_for_EAR",Gt="invalid_authorize_post_body_parameters",$t="invalid_platform_broker_configuration";var Qt=Object.freeze({__proto__:null,authorityMismatch:zt,authorityUriInsecure:kt,cannotAllowPlatformBroker:Ft,cannotSetOIDCOptions:Bt,claimsRequestParsingError:At,emptyInputScopesError:Et,invalidAuthenticationHeader:xt,invalidAuthorityMetadata:Nt,invalidAuthorizePostBodyParameters:Gt,invalidClaims:Rt,invalidCloudDiscoveryMetadata:qt,invalidCodeChallengeMethod:Mt,invalidPlatformBrokerConfiguration:$t,invalidRequestMethodForEAR:Kt,logoutRequestEmpty:Pt,missingNonceAuthenticationHeader:Ht,missingSshJwk:Lt,missingSshKid:Dt,pkceParamsMissing:Ot,redirectUriEmpty:Tt,tokenRequestEmpty:_t,untrustedAuthority:Ut,urlEmptyError:bt,urlParseError:St});
11
- /*! @azure/msal-common v15.13.3 2025-12-04 */const jt={[Tt]:"A redirect URI is required for all calls, and none has been set.",[At]:"Could not parse the given claims request object.",[kt]:"Authority URIs must use https. Please see here for valid authority configuration options: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-js-initializing-client-applications#configuration-options",[St]:"URL could not be parsed into appropriate segments.",[bt]:"URL was empty or null.",[Et]:"Scopes cannot be passed as null, undefined or empty array because they are required to obtain an access token.",[Rt]:"Given claims parameter must be a stringified JSON object.",[_t]:"Token request was empty and not found in cache.",[Pt]:"The logout request was null or undefined.",[Mt]:'code_challenge_method passed is invalid. Valid values are "plain" and "S256".',[Ot]:"Both params: code_challenge and code_challenge_method are to be passed if to be sent in the request",[qt]:"Invalid cloudDiscoveryMetadata provided. Must be a stringified JSON object containing tenant_discovery_endpoint and metadata fields",[Nt]:"Invalid authorityMetadata provided. Must by a stringified JSON object containing authorization_endpoint, token_endpoint, issuer fields.",[Ut]:"The provided authority is not a trusted authority. Please include this authority in the knownAuthorities config parameter.",[Lt]:"Missing sshJwk in SSH certificate request. A stringified JSON Web Key is required when using the SSH authentication scheme.",[Dt]:"Missing sshKid in SSH certificate request. A string that uniquely identifies the public SSH key is required when using the SSH authentication scheme.",[Ht]:"Unable to find an authentication header containing server nonce. Either the Authentication-Info or WWW-Authenticate headers must be present in order to obtain a server nonce.",[xt]:"Invalid authentication header provided",[Bt]:"Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",[Ft]:"Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",[zt]:"Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",[Gt]:"Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",[Kt]:"Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",[$t]:"Invalid platform broker configuration. `allowPlatformBrokerWithDOM` can only be enabled when `allowPlatformBroker` is enabled."},Wt={redirectUriNotSet:{code:Tt,desc:jt[Tt]},claimsRequestParsingError:{code:At,desc:jt[At]},authorityUriInsecure:{code:kt,desc:jt[kt]},urlParseError:{code:St,desc:jt[St]},urlEmptyError:{code:bt,desc:jt[bt]},emptyScopesError:{code:Et,desc:jt[Et]},invalidClaimsRequest:{code:Rt,desc:jt[Rt]},tokenRequestEmptyError:{code:_t,desc:jt[_t]},logoutRequestEmptyError:{code:Pt,desc:jt[Pt]},invalidCodeChallengeMethod:{code:Mt,desc:jt[Mt]},invalidCodeChallengeParams:{code:Ot,desc:jt[Ot]},invalidCloudDiscoveryMetadata:{code:qt,desc:jt[qt]},invalidAuthorityMetadata:{code:Nt,desc:jt[Nt]},untrustedAuthority:{code:Ut,desc:jt[Ut]},missingSshJwk:{code:Lt,desc:jt[Lt]},missingSshKid:{code:Dt,desc:jt[Dt]},missingNonceAuthenticationHeader:{code:Ht,desc:jt[Ht]},invalidAuthenticationHeader:{code:xt,desc:jt[xt]},cannotSetOIDCOptions:{code:Bt,desc:jt[Bt]},cannotAllowPlatformBroker:{code:Ft,desc:jt[Ft]},authorityMismatch:{code:zt,desc:jt[zt]},invalidAuthorizePostBodyParameters:{code:Gt,desc:jt[Gt]},invalidRequestMethodForEAR:{code:Kt,desc:jt[Kt]},invalidPlatformBrokerConfiguration:{code:$t,desc:jt[$t]}};class Vt extends Ce{constructor(e){super(e,jt[e]),this.name="ClientConfigurationError",Object.setPrototypeOf(this,Vt.prototype)}}function Jt(e){return new Vt(e)}
12
- /*! @azure/msal-common v15.13.3 2025-12-04 */class Yt{static isEmptyObj(e){if(e)try{const t=JSON.parse(e);return 0===Object.keys(t).length}catch(e){}return!0}static startsWith(e,t){return 0===e.indexOf(t)}static endsWith(e,t){return e.length>=t.length&&e.lastIndexOf(t)===e.length-t.length}static queryStringToObject(e){const t={},r=e.split("&"),n=e=>decodeURIComponent(e.replace(/\+/g," "));return r.forEach((e=>{if(e.trim()){const[r,o]=e.split(/=(.+)/g,2);r&&o&&(t[n(r)]=n(o))}})),t}static trimArrayEntries(e){return e.map((e=>e.trim()))}static removeEmptyStringsFromArray(e){return e.filter((e=>!!e))}static jsonParseHelper(e){try{return JSON.parse(e)}catch(e){return null}}static matchPattern(e,t){return new RegExp(e.replace(/\\/g,"\\\\").replace(/\*/g,"[^ ]*").replace(/\?/g,"\\?")).test(t)}}
13
- /*! @azure/msal-common v15.13.3 2025-12-04 */class Xt{constructor(e){const t=e?Yt.trimArrayEntries([...e]):[],r=t?Yt.removeEmptyStringsFromArray(t):[];if(!r||!r.length)throw Jt(Et);this.scopes=new Set,r.forEach((e=>this.scopes.add(e)))}static fromString(e){const r=(e||t.EMPTY_STRING).split(" ");return new Xt(r)}static createSearchScopes(e){const r=e&&e.length>0?e:[...h],n=new Xt(r);return n.containsOnlyOIDCScopes()?n.removeScope(t.OFFLINE_ACCESS_SCOPE):n.removeOIDCScopes(),n}containsScope(e){const t=this.printScopesLowerCase().split(" "),r=new Xt(t);return!!e&&r.scopes.has(e.toLowerCase())}containsScopeSet(e){return!(!e||e.scopes.size<=0)&&(this.scopes.size>=e.scopes.size&&e.asArray().every((e=>this.containsScope(e))))}containsOnlyOIDCScopes(){let e=0;return d.forEach((t=>{this.containsScope(t)&&(e+=1)})),this.scopes.size===e}appendScope(e){e&&this.scopes.add(e.trim())}appendScopes(e){try{e.forEach((e=>this.appendScope(e)))}catch(e){throw mt(xe)}}removeScope(e){if(!e)throw mt(He);this.scopes.delete(e.trim())}removeOIDCScopes(){d.forEach((e=>{this.scopes.delete(e)}))}unionScopeSets(e){if(!e)throw mt(Be);const t=new Set;return e.scopes.forEach((e=>t.add(e.toLowerCase()))),this.scopes.forEach((e=>t.add(e.toLowerCase()))),t}intersectingScopeSets(e){if(!e)throw mt(Be);e.containsOnlyOIDCScopes()||e.removeOIDCScopes();const t=this.unionScopeSets(e),r=e.getScopeCount(),n=this.getScopeCount();return t.size<n+r}getScopeCount(){return this.scopes.size}asArray(){const e=[];return this.scopes.forEach((t=>e.push(t))),e}printScopes(){if(this.scopes){return this.asArray().join(" ")}return t.EMPTY_STRING}printScopesLowerCase(){return this.printScopes().toLowerCase()}}
14
- /*! @azure/msal-common v15.13.3 2025-12-04 */function Zt(e,t){if(!e)throw mt(Ie);try{const r=t(e);return JSON.parse(r)}catch(e){throw mt(ve)}}function er(e){if(!e)throw mt(ve);const r=e.split(D,2);return{uid:r[0],utid:r.length<2?t.EMPTY_STRING:r[1]}}
15
- /*! @azure/msal-common v15.13.3 2025-12-04 */function tr(e,t){return!!e&&!!t&&e===t.split(".")[1]}function rr(e,t,r,n){if(n){const{oid:t,sub:r,tid:o,name:i,tfp:s,acr:a,preferred_username:c,upn:l,login_hint:h}=n,d=o||s||a||"";return{tenantId:d,localAccountId:t||r||"",name:i,username:c||l||"",loginHint:h,isHomeTenant:tr(d,e)}}return{tenantId:r,localAccountId:t,username:"",isHomeTenant:tr(r,e)}}function nr(e,t,r,n){let o=e;if(t){const{isHomeTenant:r,...n}=t;o={...e,...n}}if(r){const{isHomeTenant:t,...i}=rr(e.homeAccountId,e.localAccountId,e.tenantId,r);return o={...o,...i,idTokenClaims:r,idToken:n},o}return o}
16
- /*! @azure/msal-common v15.13.3 2025-12-04 */const or=0,ir=1,sr=2,ar=3;
17
- /*! @azure/msal-common v15.13.3 2025-12-04 */function cr(e){if(e){return e.tid||e.tfp||e.acr||null}return null}
18
- /*! @azure/msal-common v15.13.3 2025-12-04 */const lr={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"};
19
- /*! @azure/msal-common v15.13.3 2025-12-04 */class hr{static getAccountInfo(e){return{homeAccountId:e.homeAccountId,environment:e.environment,tenantId:e.realm,username:e.username,localAccountId:e.localAccountId,loginHint:e.loginHint,name:e.name,nativeAccountId:e.nativeAccountId,authorityType:e.authorityType,tenantProfiles:new Map((e.tenantProfiles||[]).map((e=>[e.tenantId,e]))),dataBoundary:e.dataBoundary}}isSingleTenant(){return!this.tenantProfiles}static createAccount(e,t,r){const n=new hr;let o;t.authorityType===ir?n.authorityType=N:t.protocolMode===lr.OIDC?n.authorityType=U:n.authorityType=q,e.clientInfo&&r&&(o=Zt(e.clientInfo,r),o.xms_tdbr&&(n.dataBoundary="EU"===o.xms_tdbr?"EU":"None")),n.clientInfo=e.clientInfo,n.homeAccountId=e.homeAccountId,n.nativeAccountId=e.nativeAccountId;const i=e.environment||t&&t.getPreferredCache();if(!i)throw mt(Qe);n.environment=i,n.realm=o?.utid||cr(e.idTokenClaims)||"",n.localAccountId=o?.uid||e.idTokenClaims?.oid||e.idTokenClaims?.sub||"";const s=e.idTokenClaims?.preferred_username||e.idTokenClaims?.upn,a=e.idTokenClaims?.emails?e.idTokenClaims.emails[0]:null;if(n.username=s||a||"",n.loginHint=e.idTokenClaims?.login_hint,n.name=e.idTokenClaims?.name||"",n.cloudGraphHostName=e.cloudGraphHostName,n.msGraphHost=e.msGraphHost,e.tenantProfiles)n.tenantProfiles=e.tenantProfiles;else{const t=rr(e.homeAccountId,n.localAccountId,n.realm,e.idTokenClaims);n.tenantProfiles=[t]}return n}static createFromAccountInfo(e,t,r){const n=new hr;return n.authorityType=e.authorityType||U,n.homeAccountId=e.homeAccountId,n.localAccountId=e.localAccountId,n.nativeAccountId=e.nativeAccountId,n.realm=e.tenantId,n.environment=e.environment,n.username=e.username,n.name=e.name,n.loginHint=e.loginHint,n.cloudGraphHostName=t,n.msGraphHost=r,n.tenantProfiles=Array.from(e.tenantProfiles?.values()||[]),n.dataBoundary=e.dataBoundary,n}static generateHomeAccountId(e,t,r,n,o){if(t!==ir&&t!==sr){if(e)try{const t=Zt(e,n.base64Decode);if(t.uid&&t.utid)return`${t.uid}.${t.utid}`}catch(e){}r.warning("No client info in response")}return o?.sub||""}static isAccountEntity(e){return!!e&&(e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("realm")&&e.hasOwnProperty("localAccountId")&&e.hasOwnProperty("username")&&e.hasOwnProperty("authorityType"))}static accountInfoIsEqual(e,t,r){if(!e||!t)return!1;let n=!0;if(r){const r=e.idTokenClaims||{},o=t.idTokenClaims||{};n=r.iat===o.iat&&r.nonce===o.nonce}return e.homeAccountId===t.homeAccountId&&e.localAccountId===t.localAccountId&&e.username===t.username&&e.tenantId===t.tenantId&&e.loginHint===t.loginHint&&e.environment===t.environment&&e.nativeAccountId===t.nativeAccountId&&n}}
20
- /*! @azure/msal-common v15.13.3 2025-12-04 */function dr(e,t){const r=function(e){if(!e)throw mt(Ae);const t=/^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/.exec(e);if(!t||t.length<4)throw mt(Te);return t[2]}(e);try{const e=t(r);return JSON.parse(e)}catch(e){throw mt(Te)}}function ur(e){if(!e.signin_state)return!1;const t=["kmsi","dvc_dmjd"];return e.signin_state.some((e=>t.includes(e.trim().toLowerCase())))}function gr(e,t){if(0===t||Date.now()-3e5>e+t)throw mt(qe)}
21
- /*! @azure/msal-common v15.13.3 2025-12-04 */function pr(e){if(!e)return e;let t=e.toLowerCase();return Yt.endsWith(t,"?")?t=t.slice(0,-1):Yt.endsWith(t,"?/")&&(t=t.slice(0,-2)),Yt.endsWith(t,"/")||(t+="/"),t}function mr(e){return e.startsWith("#/")?e.substring(2):e.startsWith("#")||e.startsWith("?")?e.substring(1):e}function fr(e){if(!e||e.indexOf("=")<0)return null;try{const t=mr(e),r=Object.fromEntries(new URLSearchParams(t));if(r.code||r.ear_jwe||r.error||r.error_description||r.state)return r}catch(e){throw mt(Ee)}return null}function yr(e,t=!0,r){const n=new Array;return e.forEach(((e,o)=>{!t&&r&&o in r?n.push(`${o}=${e}`):n.push(`${o}=${encodeURIComponent(e)}`)})),n.join("&")}function Cr(e){if(!e)return e;const t=e.split("#")[0];try{const e=new URL(t);return pr(e.origin+e.pathname+e.search)}catch(e){return pr(t)}}
22
- /*! @azure/msal-common v15.13.3 2025-12-04 */class wr{get urlString(){return this._urlString}constructor(e){if(this._urlString=e,!this._urlString)throw Jt(bt);e.includes("#")||(this._urlString=wr.canonicalizeUri(e))}static canonicalizeUri(e){if(e){let t=e.toLowerCase();return Yt.endsWith(t,"?")?t=t.slice(0,-1):Yt.endsWith(t,"?/")&&(t=t.slice(0,-2)),Yt.endsWith(t,"/")||(t+="/"),t}return e}validateAsUri(){let e;try{e=this.getUrlComponents()}catch(e){throw Jt(St)}if(!e.HostNameAndPort||!e.PathSegments)throw Jt(St);if(!e.Protocol||"https:"!==e.Protocol.toLowerCase())throw Jt(kt)}static appendQueryString(e,t){return t?e.indexOf("?")<0?`${e}?${t}`:`${e}&${t}`:e}static removeHashFromUrl(e){return wr.canonicalizeUri(e.split("#")[0])}replaceTenantPath(e){const t=this.getUrlComponents(),r=t.PathSegments;return!e||0===r.length||r[0]!==I&&r[0]!==T||(r[0]=e),wr.constructAuthorityUriFromObject(t)}getUrlComponents(){const e=RegExp("^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?"),t=this.urlString.match(e);if(!t)throw Jt(St);const r={Protocol:t[1],HostNameAndPort:t[4],AbsolutePath:t[5],QueryString:t[7]};let n=r.AbsolutePath.split("/");return n=n.filter((e=>e&&e.length>0)),r.PathSegments=n,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(e){const t=RegExp("^([^:/?#]+://)?([^/?#]*)"),r=e.match(t);if(!r)throw Jt(St);return r[2]}static getAbsoluteUrl(e,r){if(e[0]===t.FORWARD_SLASH){const t=new wr(r).getUrlComponents();return t.Protocol+"//"+t.HostNameAndPort+e}return e}static constructAuthorityUriFromObject(e){return new wr(e.Protocol+"//"+e.HostNameAndPort+"/"+e.PathSegments.join("/"))}static hashContainsKnownProperties(e){return!!fr(e)}}
23
- /*! @azure/msal-common v15.13.3 2025-12-04 */const vr={"login.microsoftonline.com":{token_endpoint:"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/token",jwks_uri:"https://login.microsoftonline.com/{tenantid}/discovery/v2.0/keys",issuer:"https://login.microsoftonline.com/{tenantid}/v2.0",authorization_endpoint:"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/authorize",end_session_endpoint:"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/logout"},"login.chinacloudapi.cn":{token_endpoint:"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/token",jwks_uri:"https://login.chinacloudapi.cn/{tenantid}/discovery/v2.0/keys",issuer:"https://login.partner.microsoftonline.cn/{tenantid}/v2.0",authorization_endpoint:"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/authorize",end_session_endpoint:"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/logout"},"login.microsoftonline.us":{token_endpoint:"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/token",jwks_uri:"https://login.microsoftonline.us/{tenantid}/discovery/v2.0/keys",issuer:"https://login.microsoftonline.us/{tenantid}/v2.0",authorization_endpoint:"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/authorize",end_session_endpoint:"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/logout"}},Ir={metadata:[{preferred_network:"login.microsoftonline.com",preferred_cache:"login.windows.net",aliases:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{preferred_network:"login.partner.microsoftonline.cn",preferred_cache:"login.partner.microsoftonline.cn",aliases:["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{preferred_network:"login.microsoftonline.de",preferred_cache:"login.microsoftonline.de",aliases:["login.microsoftonline.de"]},{preferred_network:"login.microsoftonline.us",preferred_cache:"login.microsoftonline.us",aliases:["login.microsoftonline.us","login.usgovcloudapi.net"]},{preferred_network:"login-us.microsoftonline.com",preferred_cache:"login-us.microsoftonline.com",aliases:["login-us.microsoftonline.com"]}]},Tr=new Set;function Ar(e,t,r,n){if(n?.trace(`getAliasesFromMetadata called with source: ${r}`),e&&t){const o=kr(t,e);if(o)return n?.trace(`getAliasesFromMetadata: found cloud discovery metadata in ${r}, returning aliases`),o.aliases;n?.trace(`getAliasesFromMetadata: did not find cloud discovery metadata in ${r}`)}return null}function kr(e,t){for(let r=0;r<e.length;r++){const n=e[r];if(n.aliases.includes(t))return n}return null}
24
- /*! @azure/msal-common v15.13.3 2025-12-04 */Ir.metadata.forEach((e=>{e.aliases.forEach((e=>{Tr.add(e)}))}));const Sr="cache_quota_exceeded",br="cache_error_unknown",Er={[Sr]:"Exceeded cache storage capacity.",[br]:"Unexpected error occurred when using cache storage."};class Rr extends Ce{constructor(e,t){const r=t||(Er[e]?Er[e]:Er[br]);super(`${e}: ${r}`),Object.setPrototypeOf(this,Rr.prototype),this.name="CacheError",this.errorCode=e,this.errorMessage=r}}function _r(e){return e instanceof Error?"QuotaExceededError"===e.name||"NS_ERROR_DOM_QUOTA_REACHED"===e.name||e.message.includes("exceeded the quota")?new Rr(Sr):new Rr(e.name,e.message):new Rr(br)}
25
- /*! @azure/msal-common v15.13.3 2025-12-04 */class Pr{constructor(e,t,r,n,o){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(wt,vt),this.staticAuthorityOptions=o,this.performanceClient=n}getAllAccounts(e,t){return this.buildTenantProfiles(this.getAccountsFilteredBy(e,t),t,e)}getAccountInfoFilteredBy(e,t){if(0===Object.keys(e).length||Object.values(e).every((e=>!e)))return this.commonLogger.warning("getAccountInfoFilteredBy: Account filter is empty or invalid, returning null"),null;const r=this.getAllAccounts(e,t);if(r.length>1){return r.sort((e=>e.idTokenClaims?-1:1))[0]}return 1===r.length?r[0]:null}getBaseAccountInfo(e,t){const r=this.getAccountsFilteredBy(e,t);return r.length>0?hr.getAccountInfo(r[0]):null}buildTenantProfiles(e,t,r){return e.flatMap((e=>this.getTenantProfilesFromAccountEntity(e,t,r?.tenantId,r)))}getTenantedAccountInfoByFilter(e,t,r,n,o){let i,s=null;if(o&&!this.tenantProfileMatchesFilter(r,o))return null;const a=this.getIdToken(e,n,t,r.tenantId);return a&&(i=dr(a.secret,this.cryptoImpl.base64Decode),!this.idTokenClaimsMatchTenantProfileFilter(i,o))?null:(s=nr(e,r,i,a?.secret),s)}getTenantProfilesFromAccountEntity(e,t,r,n){const o=hr.getAccountInfo(e);let i=o.tenantProfiles||new Map;const s=this.getTokenKeys();if(r){const e=i.get(r);if(!e)return[];i=new Map([[r,e]])}const a=[];return i.forEach((e=>{const r=this.getTenantedAccountInfoByFilter(o,s,e,t,n);r&&a.push(r)})),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId))&&((!t.name||e.name===t.name)&&(void 0===t.isHomeTenant||e.isHomeTenant===t.isHomeTenant))}idTokenClaimsMatchTenantProfileFilter(e,t){if(t){if(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId))return!1;if(t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint))return!1;if(t.username&&!this.matchUsername(e.preferred_username,t.username))return!1;if(t.name&&!this.matchName(e,t.name))return!1;if(t.sid&&!this.matchSid(e,t.sid))return!1}return!0}async saveCacheRecord(e,t,r,n){if(!e)throw mt($e);try{e.account&&await this.setAccount(e.account,t,r),e.idToken&&!1!==n?.idToken&&await this.setIdTokenCredential(e.idToken,t,r),e.accessToken&&!1!==n?.accessToken&&await this.saveAccessToken(e.accessToken,t,r),e.refreshToken&&!1!==n?.refreshToken&&await this.setRefreshTokenCredential(e.refreshToken,t,r),e.appMetadata&&this.setAppMetadata(e.appMetadata,t)}catch(e){throw this.commonLogger?.error("CacheManager.saveCacheRecord: failed"),e instanceof Ce?e:_r(e)}}async saveAccessToken(e,t,r){const n={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType,requestedClaimsHash:e.requestedClaimsHash},o=this.getTokenKeys(),i=Xt.fromString(e.target);o.accessToken.forEach((e=>{if(!this.accessTokenKeyMatchesFilter(e,n,!1))return;const r=this.getAccessTokenCredential(e,t);if(r&&this.credentialMatchesFilter(r,n)){Xt.fromString(r.target).intersectingScopeSets(i)&&this.removeAccessToken(e,t)}})),await this.setAccessTokenCredential(e,t,r)}getAccountsFilteredBy(e,t){const r=this.getAccountKeys(),n=[];return r.forEach((r=>{const o=this.getAccount(r,t);if(!o)return;if(e.homeAccountId&&!this.matchHomeAccountId(o,e.homeAccountId))return;if(e.username&&!this.matchUsername(o.username,e.username))return;if(e.environment&&!this.matchEnvironment(o,e.environment))return;if(e.realm&&!this.matchRealm(o,e.realm))return;if(e.nativeAccountId&&!this.matchNativeAccountId(o,e.nativeAccountId))return;if(e.authorityType&&!this.matchAuthorityType(o,e.authorityType))return;const i={localAccountId:e?.localAccountId,name:e?.name},s=o.tenantProfiles?.filter((e=>this.tenantProfileMatchesFilter(e,i)));s&&0===s.length||n.push(o)})),n}credentialMatchesFilter(e,t){if(t.clientId&&!this.matchClientId(e,t.clientId))return!1;if(t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash))return!1;if("string"==typeof t.homeAccountId&&!this.matchHomeAccountId(e,t.homeAccountId))return!1;if(t.environment&&!this.matchEnvironment(e,t.environment))return!1;if(t.realm&&!this.matchRealm(e,t.realm))return!1;if(t.credentialType&&!this.matchCredentialType(e,t.credentialType))return!1;if(t.familyId&&!this.matchFamilyId(e,t.familyId))return!1;if(t.target&&!this.matchTarget(e,t.target))return!1;if((t.requestedClaimsHash||e.requestedClaimsHash)&&e.requestedClaimsHash!==t.requestedClaimsHash)return!1;if(e.credentialType===H.ACCESS_TOKEN_WITH_AUTH_SCHEME){if(t.tokenType&&!this.matchTokenType(e,t.tokenType))return!1;if(t.tokenType===W.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId))return!1}return!0}getAppMetadataFilteredBy(e){const t=this.getKeys(),r={};return t.forEach((t=>{if(!this.isAppMetadata(t))return;const n=this.getAppMetadata(t);n&&(e.environment&&!this.matchEnvironment(n,e.environment)||e.clientId&&!this.matchClientId(n,e.clientId)||(r[t]=n))})),r}getAuthorityMetadataByAlias(e){const t=this.getAuthorityMetadataKeys();let r=null;return t.forEach((t=>{if(!this.isAuthorityMetadata(t)||-1===t.indexOf(this.clientId))return;const n=this.getAuthorityMetadata(t);n&&-1!==n.aliases.indexOf(e)&&(r=n)})),r}removeAllAccounts(e){this.getAllAccounts({},e).forEach((t=>{this.removeAccount(t,e)}))}removeAccount(e,t){this.removeAccountContext(e,t);this.getAccountKeys().filter((t=>t.includes(e.homeAccountId)&&t.includes(e.environment))).forEach((e=>{this.removeItem(e,t),this.performanceClient.incrementFields({accountsRemoved:1},t)}))}removeAccountContext(e,t){const r=this.getTokenKeys(),n=t=>t.includes(e.homeAccountId)&&t.includes(e.environment);r.idToken.filter(n).forEach((e=>{this.removeIdToken(e,t)})),r.accessToken.filter(n).forEach((e=>{this.removeAccessToken(e,t)})),r.refreshToken.filter(n).forEach((e=>{this.removeRefreshToken(e,t)}))}removeAccessToken(e,t){const r=this.getAccessTokenCredential(e,t);if(this.removeItem(e,t),this.performanceClient.incrementFields({accessTokensRemoved:1},t),!r||r.credentialType.toLowerCase()!==H.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()||r.tokenType!==W.POP)return;const n=r.keyId;n&&this.cryptoImpl.removeTokenBindingKey(n).catch((()=>{this.commonLogger.error(`Failed to remove token binding key ${n}`,t),this.performanceClient?.incrementFields({removeTokenBindingKeyFailure:1},t)}))}removeAppMetadata(e){return this.getKeys().forEach((t=>{this.isAppMetadata(t)&&this.removeItem(t,e)})),!0}getIdToken(e,t,r,n,o){this.commonLogger.trace("CacheManager - getIdToken called");const i={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:H.ID_TOKEN,clientId:this.clientId,realm:n},s=this.getIdTokensByFilter(i,t,r),a=s.size;if(a<1)return this.commonLogger.info("CacheManager:getIdToken - No token found"),null;if(a>1){let r=s;if(!n){const t=new Map;s.forEach(((r,n)=>{r.realm===e.tenantId&&t.set(n,r)}));const n=t.size;if(n<1)return this.commonLogger.info("CacheManager:getIdToken - Multiple ID tokens found for account but none match account entity tenant id, returning first result"),s.values().next().value;if(1===n)return this.commonLogger.info("CacheManager:getIdToken - Multiple ID tokens found for account, defaulting to home tenant profile"),t.values().next().value;r=t}return this.commonLogger.info("CacheManager:getIdToken - Multiple matching ID tokens found, clearing them"),r.forEach(((e,r)=>{this.removeIdToken(r,t)})),o&&t&&o.addFields({multiMatchedID:s.size},t),null}return this.commonLogger.info("CacheManager:getIdToken - Returning ID token"),s.values().next().value}getIdTokensByFilter(e,t,r){const n=r&&r.idToken||this.getTokenKeys().idToken,o=new Map;return n.forEach((r=>{if(!this.idTokenKeyMatchesFilter(r,{clientId:this.clientId,...e}))return;const n=this.getIdTokenCredential(r,t);n&&this.credentialMatchesFilter(n,e)&&o.set(r,n)})),o}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.clientId||-1!==r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase()))}removeIdToken(e,t){this.removeItem(e,t)}removeRefreshToken(e,t){this.removeItem(e,t)}getAccessToken(e,t,r,n){const o=t.correlationId;this.commonLogger.trace("CacheManager - getAccessToken called",o);const i=Xt.createSearchScopes(t.scopes),s=t.authenticationScheme||W.BEARER,a=s&&s.toLowerCase()!==W.BEARER.toLowerCase()?H.ACCESS_TOKEN_WITH_AUTH_SCHEME:H.ACCESS_TOKEN,c={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:a,clientId:this.clientId,realm:n||e.tenantId,target:i,tokenType:s,keyId:t.sshKid,requestedClaimsHash:t.requestedClaimsHash},l=r&&r.accessToken||this.getTokenKeys().accessToken,h=[];l.forEach((e=>{if(this.accessTokenKeyMatchesFilter(e,c,!0)){const t=this.getAccessTokenCredential(e,o);t&&this.credentialMatchesFilter(t,c)&&h.push(t)}}));const d=h.length;return d<1?(this.commonLogger.info("CacheManager:getAccessToken - No token found",o),null):d>1?(this.commonLogger.info("CacheManager:getAccessToken - Multiple access tokens found, clearing them",o),h.forEach((e=>{this.removeAccessToken(this.generateCredentialKey(e),o)})),this.performanceClient.addFields({multiMatchedAT:h.length},o),null):(this.commonLogger.info("CacheManager:getAccessToken - Returning access token",o),h[0])}accessTokenKeyMatchesFilter(e,t,r){const n=e.toLowerCase();if(t.clientId&&-1===n.indexOf(t.clientId.toLowerCase()))return!1;if(t.homeAccountId&&-1===n.indexOf(t.homeAccountId.toLowerCase()))return!1;if(t.realm&&-1===n.indexOf(t.realm.toLowerCase()))return!1;if(t.requestedClaimsHash&&-1===n.indexOf(t.requestedClaimsHash.toLowerCase()))return!1;if(t.target){const e=t.target.asArray();for(let t=0;t<e.length;t++){if(r&&!n.includes(e[t].toLowerCase()))return!1;if(!r&&n.includes(e[t].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e,t){const r=this.getTokenKeys(),n=[];return r.accessToken.forEach((r=>{if(!this.accessTokenKeyMatchesFilter(r,e,!0))return;const o=this.getAccessTokenCredential(r,t);o&&this.credentialMatchesFilter(o,e)&&n.push(o)})),n}getRefreshToken(e,t,r,n,o){this.commonLogger.trace("CacheManager - getRefreshToken called");const i=t?B:void 0,s={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:H.REFRESH_TOKEN,clientId:this.clientId,familyId:i},a=n&&n.refreshToken||this.getTokenKeys().refreshToken,c=[];a.forEach((e=>{if(this.refreshTokenKeyMatchesFilter(e,s)){const t=this.getRefreshTokenCredential(e,r);t&&this.credentialMatchesFilter(t,s)&&c.push(t)}}));const l=c.length;return l<1?(this.commonLogger.info("CacheManager:getRefreshToken - No refresh token found."),null):(l>1&&o&&r&&o.addFields({multiMatchedRT:l},r),this.commonLogger.info("CacheManager:getRefreshToken - returning refresh token"),c[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.familyId||-1!==r.indexOf(t.familyId.toLowerCase()))&&(!(!t.familyId&&t.clientId&&-1===r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase())))}readAppMetadataFromCache(e){const t={environment:e,clientId:this.clientId},r=this.getAppMetadataFilteredBy(t),n=Object.keys(r).map((e=>r[e])),o=n.length;if(o<1)return null;if(o>1)throw mt(Le);return n[0]}isAppMetadataFOCI(e){const t=this.readAppMetadataFromCache(e);return!(!t||t.familyId!==B)}matchHomeAccountId(e,t){return!("string"!=typeof e.homeAccountId||t!==e.homeAccountId)}matchLocalAccountIdFromTokenClaims(e,t){return t===(e.oid||e.sub)}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){return!(t.toLowerCase()!==e.name?.toLowerCase())}matchUsername(e,t){return!(!e||"string"!=typeof e||t?.toLowerCase()!==e.toLowerCase())}matchUserAssertionHash(e,t){return!(!e.userAssertionHash||t!==e.userAssertionHash)}matchEnvironment(e,t){if(this.staticAuthorityOptions){const r=function(e,t){let r;const n=e.canonicalAuthority;if(n){const o=new wr(n).getUrlComponents().HostNameAndPort;r=Ar(o,e.cloudDiscoveryMetadata?.metadata,K,t)||Ar(o,Ir.metadata,Q,t)||e.knownAuthorities}return r||[]}(this.staticAuthorityOptions,this.commonLogger);if(r.includes(t)&&r.includes(e.environment))return!0}const r=this.getAuthorityMetadataByAlias(t);return!!(r&&r.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!(!e.clientId||t!==e.clientId)}matchFamilyId(e,t){return!(!e.familyId||t!==e.familyId)}matchRealm(e,t){return!(e.realm?.toLowerCase()!==t.toLowerCase())}matchNativeAccountId(e,t){return!(!e.nativeAccountId||t!==e.nativeAccountId)}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t||(e.preferred_username===t||e.upn===t)}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!(!e.authorityType||t.toLowerCase()!==e.authorityType.toLowerCase())}matchTarget(e,t){if(e.credentialType!==H.ACCESS_TOKEN&&e.credentialType!==H.ACCESS_TOKEN_WITH_AUTH_SCHEME||!e.target)return!1;return Xt.fromString(e.target).containsScopeSet(t)}matchTokenType(e,t){return!(!e.tokenType||e.tokenType!==t)}matchKeyId(e,t){return!(!e.keyId||e.keyId!==t)}isAppMetadata(e){return-1!==e.indexOf(x)}isAuthorityMetadata(e){return-1!==e.indexOf(F)}generateAuthorityMetadataCacheKey(e){return`${F}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class Mr extends Pr{async setAccount(){throw mt(ct)}getAccount(){throw mt(ct)}async setIdTokenCredential(){throw mt(ct)}getIdTokenCredential(){throw mt(ct)}async setAccessTokenCredential(){throw mt(ct)}getAccessTokenCredential(){throw mt(ct)}async setRefreshTokenCredential(){throw mt(ct)}getRefreshTokenCredential(){throw mt(ct)}setAppMetadata(){throw mt(ct)}getAppMetadata(){throw mt(ct)}setServerTelemetry(){throw mt(ct)}getServerTelemetry(){throw mt(ct)}setAuthorityMetadata(){throw mt(ct)}getAuthorityMetadata(){throw mt(ct)}getAuthorityMetadataKeys(){throw mt(ct)}setThrottlingCache(){throw mt(ct)}getThrottlingCache(){throw mt(ct)}removeItem(){throw mt(ct)}getKeys(){throw mt(ct)}getAccountKeys(){throw mt(ct)}getTokenKeys(){throw mt(ct)}generateCredentialKey(){throw mt(ct)}generateAccountKey(){throw mt(ct)}}
26
- /*! @azure/msal-common v15.13.3 2025-12-04 */const Or={AcquireTokenByCode:"acquireTokenByCode",AcquireTokenByRefreshToken:"acquireTokenByRefreshToken",AcquireTokenSilent:"acquireTokenSilent",AcquireTokenSilentAsync:"acquireTokenSilentAsync",AcquireTokenPopup:"acquireTokenPopup",AcquireTokenPreRedirect:"acquireTokenPreRedirect",AcquireTokenRedirect:"acquireTokenRedirect",CryptoOptsGetPublicKeyThumbprint:"cryptoOptsGetPublicKeyThumbprint",CryptoOptsSignJwt:"cryptoOptsSignJwt",SilentCacheClientAcquireToken:"silentCacheClientAcquireToken",SilentIframeClientAcquireToken:"silentIframeClientAcquireToken",AwaitConcurrentIframe:"awaitConcurrentIframe",SilentRefreshClientAcquireToken:"silentRefreshClientAcquireToken",SsoSilent:"ssoSilent",StandardInteractionClientGetDiscoveredAuthority:"standardInteractionClientGetDiscoveredAuthority",FetchAccountIdWithNativeBroker:"fetchAccountIdWithNativeBroker",NativeInteractionClientAcquireToken:"nativeInteractionClientAcquireToken",BaseClientCreateTokenRequestHeaders:"baseClientCreateTokenRequestHeaders",NetworkClientSendPostRequestAsync:"networkClientSendPostRequestAsync",RefreshTokenClientExecutePostToTokenEndpoint:"refreshTokenClientExecutePostToTokenEndpoint",AuthorizationCodeClientExecutePostToTokenEndpoint:"authorizationCodeClientExecutePostToTokenEndpoint",BrokerHandhshake:"brokerHandshake",AcquireTokenByRefreshTokenInBroker:"acquireTokenByRefreshTokenInBroker",AcquireTokenByBroker:"acquireTokenByBroker",RefreshTokenClientExecuteTokenRequest:"refreshTokenClientExecuteTokenRequest",RefreshTokenClientAcquireToken:"refreshTokenClientAcquireToken",RefreshTokenClientAcquireTokenWithCachedRefreshToken:"refreshTokenClientAcquireTokenWithCachedRefreshToken",RefreshTokenClientAcquireTokenByRefreshToken:"refreshTokenClientAcquireTokenByRefreshToken",RefreshTokenClientCreateTokenRequestBody:"refreshTokenClientCreateTokenRequestBody",AcquireTokenFromCache:"acquireTokenFromCache",SilentFlowClientAcquireCachedToken:"silentFlowClientAcquireCachedToken",SilentFlowClientGenerateResultFromCacheRecord:"silentFlowClientGenerateResultFromCacheRecord",AcquireTokenBySilentIframe:"acquireTokenBySilentIframe",InitializeBaseRequest:"initializeBaseRequest",InitializeSilentRequest:"initializeSilentRequest",InitializeClientApplication:"initializeClientApplication",InitializeCache:"initializeCache",SilentIframeClientTokenHelper:"silentIframeClientTokenHelper",SilentHandlerInitiateAuthRequest:"silentHandlerInitiateAuthRequest",SilentHandlerMonitorIframeForHash:"silentHandlerMonitorIframeForHash",SilentHandlerLoadFrame:"silentHandlerLoadFrame",SilentHandlerLoadFrameSync:"silentHandlerLoadFrameSync",StandardInteractionClientCreateAuthCodeClient:"standardInteractionClientCreateAuthCodeClient",StandardInteractionClientGetClientConfiguration:"standardInteractionClientGetClientConfiguration",StandardInteractionClientInitializeAuthorizationRequest:"standardInteractionClientInitializeAuthorizationRequest",GetAuthCodeUrl:"getAuthCodeUrl",GetStandardParams:"getStandardParams",HandleCodeResponseFromServer:"handleCodeResponseFromServer",HandleCodeResponse:"handleCodeResponse",HandleResponseEar:"handleResponseEar",HandleResponsePlatformBroker:"handleResponsePlatformBroker",HandleResponseCode:"handleResponseCode",UpdateTokenEndpointAuthority:"updateTokenEndpointAuthority",AuthClientAcquireToken:"authClientAcquireToken",AuthClientExecuteTokenRequest:"authClientExecuteTokenRequest",AuthClientCreateTokenRequestBody:"authClientCreateTokenRequestBody",PopTokenGenerateCnf:"popTokenGenerateCnf",PopTokenGenerateKid:"popTokenGenerateKid",HandleServerTokenResponse:"handleServerTokenResponse",DeserializeResponse:"deserializeResponse",AuthorityFactoryCreateDiscoveredInstance:"authorityFactoryCreateDiscoveredInstance",AuthorityResolveEndpointsAsync:"authorityResolveEndpointsAsync",AuthorityResolveEndpointsFromLocalSources:"authorityResolveEndpointsFromLocalSources",AuthorityGetCloudDiscoveryMetadataFromNetwork:"authorityGetCloudDiscoveryMetadataFromNetwork",AuthorityUpdateCloudDiscoveryMetadata:"authorityUpdateCloudDiscoveryMetadata",AuthorityGetEndpointMetadataFromNetwork:"authorityGetEndpointMetadataFromNetwork",AuthorityUpdateEndpointMetadata:"authorityUpdateEndpointMetadata",AuthorityUpdateMetadataWithRegionalInformation:"authorityUpdateMetadataWithRegionalInformation",RegionDiscoveryDetectRegion:"regionDiscoveryDetectRegion",RegionDiscoveryGetRegionFromIMDS:"regionDiscoveryGetRegionFromIMDS",RegionDiscoveryGetCurrentVersion:"regionDiscoveryGetCurrentVersion",AcquireTokenByCodeAsync:"acquireTokenByCodeAsync",GetEndpointMetadataFromNetwork:"getEndpointMetadataFromNetwork",GetCloudDiscoveryMetadataFromNetworkMeasurement:"getCloudDiscoveryMetadataFromNetworkMeasurement",HandleRedirectPromiseMeasurement:"handleRedirectPromise",HandleNativeRedirectPromiseMeasurement:"handleNativeRedirectPromise",UpdateCloudDiscoveryMetadataMeasurement:"updateCloudDiscoveryMetadataMeasurement",UsernamePasswordClientAcquireToken:"usernamePasswordClientAcquireToken",NativeMessageHandlerHandshake:"nativeMessageHandlerHandshake",NativeGenerateAuthResult:"nativeGenerateAuthResult",RemoveHiddenIframe:"removeHiddenIframe",ClearTokensAndKeysWithClaims:"clearTokensAndKeysWithClaims",CacheManagerGetRefreshToken:"cacheManagerGetRefreshToken",ImportExistingCache:"importExistingCache",SetUserData:"setUserData",LocalStorageUpdated:"localStorageUpdated",GeneratePkceCodes:"generatePkceCodes",GenerateCodeVerifier:"generateCodeVerifier",GenerateCodeChallengeFromVerifier:"generateCodeChallengeFromVerifier",Sha256Digest:"sha256Digest",GetRandomValues:"getRandomValues",GenerateHKDF:"generateHKDF",GenerateBaseKey:"generateBaseKey",Base64Decode:"base64Decode",UrlEncodeArr:"urlEncodeArr",Encrypt:"encrypt",Decrypt:"decrypt",GenerateEarKey:"generateEarKey",DecryptEarResponse:"decryptEarResponse"},qr=new Map([[Or.AcquireTokenByCode,"ATByCode"],[Or.AcquireTokenByRefreshToken,"ATByRT"],[Or.AcquireTokenSilent,"ATS"],[Or.AcquireTokenSilentAsync,"ATSAsync"],[Or.AcquireTokenPopup,"ATPopup"],[Or.AcquireTokenRedirect,"ATRedirect"],[Or.CryptoOptsGetPublicKeyThumbprint,"CryptoGetPKThumb"],[Or.CryptoOptsSignJwt,"CryptoSignJwt"],[Or.SilentCacheClientAcquireToken,"SltCacheClientAT"],[Or.SilentIframeClientAcquireToken,"SltIframeClientAT"],[Or.SilentRefreshClientAcquireToken,"SltRClientAT"],[Or.SsoSilent,"SsoSlt"],[Or.StandardInteractionClientGetDiscoveredAuthority,"StdIntClientGetDiscAuth"],[Or.FetchAccountIdWithNativeBroker,"FetchAccIdWithNtvBroker"],[Or.NativeInteractionClientAcquireToken,"NtvIntClientAT"],[Or.BaseClientCreateTokenRequestHeaders,"BaseClientCreateTReqHead"],[Or.NetworkClientSendPostRequestAsync,"NetClientSendPost"],[Or.RefreshTokenClientExecutePostToTokenEndpoint,"RTClientExecPost"],[Or.AuthorizationCodeClientExecutePostToTokenEndpoint,"AuthCodeClientExecPost"],[Or.BrokerHandhshake,"BrokerHandshake"],[Or.AcquireTokenByRefreshTokenInBroker,"ATByRTInBroker"],[Or.AcquireTokenByBroker,"ATByBroker"],[Or.RefreshTokenClientExecuteTokenRequest,"RTClientExecTReq"],[Or.RefreshTokenClientAcquireToken,"RTClientAT"],[Or.RefreshTokenClientAcquireTokenWithCachedRefreshToken,"RTClientATWithCachedRT"],[Or.RefreshTokenClientAcquireTokenByRefreshToken,"RTClientATByRT"],[Or.RefreshTokenClientCreateTokenRequestBody,"RTClientCreateTReqBody"],[Or.AcquireTokenFromCache,"ATFromCache"],[Or.SilentFlowClientAcquireCachedToken,"SltFlowClientATCached"],[Or.SilentFlowClientGenerateResultFromCacheRecord,"SltFlowClientGenResFromCache"],[Or.AcquireTokenBySilentIframe,"ATBySltIframe"],[Or.InitializeBaseRequest,"InitBaseReq"],[Or.InitializeSilentRequest,"InitSltReq"],[Or.InitializeClientApplication,"InitClientApplication"],[Or.InitializeCache,"InitCache"],[Or.ImportExistingCache,"importCache"],[Or.SetUserData,"setUserData"],[Or.LocalStorageUpdated,"localStorageUpdated"],[Or.SilentIframeClientTokenHelper,"SIClientTHelper"],[Or.SilentHandlerInitiateAuthRequest,"SHandlerInitAuthReq"],[Or.SilentHandlerMonitorIframeForHash,"SltHandlerMonitorIframeForHash"],[Or.SilentHandlerLoadFrame,"SHandlerLoadFrame"],[Or.SilentHandlerLoadFrameSync,"SHandlerLoadFrameSync"],[Or.StandardInteractionClientCreateAuthCodeClient,"StdIntClientCreateAuthCodeClient"],[Or.StandardInteractionClientGetClientConfiguration,"StdIntClientGetClientConf"],[Or.StandardInteractionClientInitializeAuthorizationRequest,"StdIntClientInitAuthReq"],[Or.GetAuthCodeUrl,"GetAuthCodeUrl"],[Or.HandleCodeResponseFromServer,"HandleCodeResFromServer"],[Or.HandleCodeResponse,"HandleCodeResp"],[Or.HandleResponseEar,"HandleRespEar"],[Or.HandleResponseCode,"HandleRespCode"],[Or.HandleResponsePlatformBroker,"HandleRespPlatBroker"],[Or.UpdateTokenEndpointAuthority,"UpdTEndpointAuth"],[Or.AuthClientAcquireToken,"AuthClientAT"],[Or.AuthClientExecuteTokenRequest,"AuthClientExecTReq"],[Or.AuthClientCreateTokenRequestBody,"AuthClientCreateTReqBody"],[Or.PopTokenGenerateCnf,"PopTGenCnf"],[Or.PopTokenGenerateKid,"PopTGenKid"],[Or.HandleServerTokenResponse,"HandleServerTRes"],[Or.DeserializeResponse,"DeserializeRes"],[Or.AuthorityFactoryCreateDiscoveredInstance,"AuthFactCreateDiscInst"],[Or.AuthorityResolveEndpointsAsync,"AuthResolveEndpointsAsync"],[Or.AuthorityResolveEndpointsFromLocalSources,"AuthResolveEndpointsFromLocal"],[Or.AuthorityGetCloudDiscoveryMetadataFromNetwork,"AuthGetCDMetaFromNet"],[Or.AuthorityUpdateCloudDiscoveryMetadata,"AuthUpdCDMeta"],[Or.AuthorityGetEndpointMetadataFromNetwork,"AuthUpdCDMetaFromNet"],[Or.AuthorityUpdateEndpointMetadata,"AuthUpdEndpointMeta"],[Or.AuthorityUpdateMetadataWithRegionalInformation,"AuthUpdMetaWithRegInfo"],[Or.RegionDiscoveryDetectRegion,"RegDiscDetectReg"],[Or.RegionDiscoveryGetRegionFromIMDS,"RegDiscGetRegFromIMDS"],[Or.RegionDiscoveryGetCurrentVersion,"RegDiscGetCurrentVer"],[Or.AcquireTokenByCodeAsync,"ATByCodeAsync"],[Or.GetEndpointMetadataFromNetwork,"GetEndpointMetaFromNet"],[Or.GetCloudDiscoveryMetadataFromNetworkMeasurement,"GetCDMetaFromNet"],[Or.HandleRedirectPromiseMeasurement,"HandleRedirectPromise"],[Or.HandleNativeRedirectPromiseMeasurement,"HandleNtvRedirectPromise"],[Or.UpdateCloudDiscoveryMetadataMeasurement,"UpdateCDMeta"],[Or.UsernamePasswordClientAcquireToken,"UserPassClientAT"],[Or.NativeMessageHandlerHandshake,"NtvMsgHandlerHandshake"],[Or.NativeGenerateAuthResult,"NtvGenAuthRes"],[Or.RemoveHiddenIframe,"RemoveHiddenIframe"],[Or.ClearTokensAndKeysWithClaims,"ClearTAndKeysWithClaims"],[Or.CacheManagerGetRefreshToken,"CacheManagerGetRT"],[Or.GeneratePkceCodes,"GenPkceCodes"],[Or.GenerateCodeVerifier,"GenCodeVerifier"],[Or.GenerateCodeChallengeFromVerifier,"GenCodeChallengeFromVerifier"],[Or.Sha256Digest,"Sha256Digest"],[Or.GetRandomValues,"GetRandomValues"],[Or.GenerateHKDF,"genHKDF"],[Or.GenerateBaseKey,"genBaseKey"],[Or.Base64Decode,"b64Decode"],[Or.UrlEncodeArr,"urlEncArr"],[Or.Encrypt,"encrypt"],[Or.Decrypt,"decrypt"],[Or.GenerateEarKey,"genEarKey"],[Or.DecryptEarResponse,"decryptEarResp"]]),Nr=1,Ur=2,Lr=new Set(["accessTokenSize","durationMs","idTokenSize","matsSilentStatus","matsHttpStatus","refreshTokenSize","queuedTimeMs","startTimeMs","status","multiMatchedAT","multiMatchedID","multiMatchedRT","unencryptedCacheCount","encryptedCacheExpiredCount","oldAccountCount","oldAccessCount","oldIdCount","oldRefreshCount","currAccountCount","currAccessCount","currIdCount","currRefreshCount","expiredCacheRemovedCount","upgradedCacheCount"]);
27
- /*! @azure/msal-common v15.13.3 2025-12-04 */
28
- class Dr{startMeasurement(){}endMeasurement(){}flushMeasurement(){return null}}class Hr{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:Nr,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""},measurement:new Dr}}startPerformanceMeasurement(){return new Dr}calculateQueuedTime(){return 0}addQueueMeasurement(){}setPreQueueTime(){}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}
29
- /*! @azure/msal-common v15.13.3 2025-12-04 */const xr={tokenRenewalOffsetSeconds:300,preventCorsPreflight:!1},Br={loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info,correlationId:t.EMPTY_STRING},Fr={claimsBasedCachingEnabled:!1},zr={async sendGetRequestAsync(){throw mt(ct)},async sendPostRequestAsync(){throw mt(ct)}},Kr={sku:t.SKU,version:vt,cpu:t.EMPTY_STRING,os:t.EMPTY_STRING},Gr={clientSecret:t.EMPTY_STRING,clientAssertion:void 0},$r={azureCloudInstance:It.None,tenant:`${t.DEFAULT_COMMON_TENANT}`},Qr={application:{appName:"",appVersion:""}};function jr(e){return e.authOptions.authority.options.protocolMode===lr.OIDC}
30
- /*! @azure/msal-common v15.13.3 2025-12-04 */const Wr="home_account_id",Vr="UPN",Jr="client_id",Yr="redirect_uri",Xr="token_type",Zr="req_cnf",en="return_spa_code",tn="x-client-xtra-sku",rn="brk_client_id",nn="brk_redirect_uri",on="instance_aware";
31
- /*! @azure/msal-common v15.13.3 2025-12-04 */
32
- /*! @azure/msal-common v15.13.3 2025-12-04 */
33
- function sn(e,t,r){if(!t)return;const n=e.get(Jr);n&&e.has(rn)&&r?.addFields({embeddedClientId:n,embeddedRedirectUri:e.get(Yr)},t)}function an(e,t){e.set("response_type",t)}function cn(e,t,r=!0,n=h){!r||n.includes("openid")||t.includes("openid")||n.push("openid");const o=r?[...t||[],...n]:t||[],i=new Xt(o);e.set("scope",i.printScopes())}function ln(e,t){e.set(Jr,t)}function hn(e,t){e.set(Yr,t)}function dn(e,t){e.set("login_hint",t)}function un(e,t){e.set(m,`UPN:${t}`)}function gn(e,t){e.set(m,`Oid:${t.uid}@${t.utid}`)}function pn(e,t){e.set("sid",t)}function mn(e,t,r){const n=Rn(t,r);try{JSON.parse(n)}catch(e){throw Jt(Rt)}e.set("claims",n)}function fn(e,t){e.set("client-request-id",t)}function yn(e,t){e.set("x-client-SKU",t.sku),e.set("x-client-VER",t.version),t.os&&e.set("x-client-OS",t.os),t.cpu&&e.set("x-client-CPU",t.cpu)}function Cn(e,t){t?.appName&&e.set("x-app-name",t.appName),t?.appVersion&&e.set("x-app-ver",t.appVersion)}function wn(e,t){t&&e.set("state",t)}function vn(e,t,r){if(!t||!r)throw Jt(Ot);e.set("code_challenge",t),e.set("code_challenge_method",r)}function In(e,t){e.set("client_secret",t)}function Tn(e,t){t&&e.set("client_assertion",t)}function An(e,t){t&&e.set("client_assertion_type",t)}function kn(e,t){e.set("grant_type",t)}function Sn(e){e.set("client_info","1")}function bn(e){e.has(on)||e.set(on,"true")}function En(e,t){Object.entries(t).forEach((([t,r])=>{!e.has(t)&&r&&e.set(t,r)}))}function Rn(e,t){let r;if(e)try{r=JSON.parse(e)}catch(e){throw Jt(Rt)}else r={};return t&&t.length>0&&(r.hasOwnProperty(k)||(r[k]={}),r[k][S]={values:t}),JSON.stringify(r)}function _n(e,t){t&&(e.set(Xr,W.POP),e.set(Zr,t))}function Pn(e,t){t&&(e.set(Xr,W.SSH),e.set(Zr,t))}function Mn(e,t){e.set("x-client-current-telemetry",t.generateCurrentRequestHeaderValue()),e.set("x-client-last-telemetry",t.generateLastRequestHeaderValue())}function On(e){e.set("x-ms-lib-capability",X)}function qn(e,t,r){e.has(rn)||e.set(rn,t),e.has(nn)||e.set(nn,r)}
34
- /*! @azure/msal-common v15.13.3 2025-12-04 */
35
- const Nn=(e,t,r,n,o)=>(...i)=>{r.trace(`Executing function ${t}`);const s=n?.startMeasurement(t,o);if(o){const e=t+"CallCount";n?.incrementFields({[e]:1},o)}try{const n=e(...i);return s?.end({success:!0}),r.trace(`Returning result from ${t}`),n}catch(e){r.trace(`Error occurred in ${t}`);try{r.trace(JSON.stringify(e))}catch(e){r.trace("Unable to print error message.")}throw s?.end({success:!1},e),e}},Un=(e,t,r,n,o)=>(...i)=>{r.trace(`Executing function ${t}`);const s=n?.startMeasurement(t,o);if(o){const e=t+"CallCount";n?.incrementFields({[e]:1},o)}return n?.setPreQueueTime(t,o),e(...i).then((e=>(r.trace(`Returning result from ${t}`),s?.end({success:!0}),e))).catch((e=>{r.trace(`Error occurred in ${t}`);try{r.trace(JSON.stringify(e))}catch(e){r.trace("Unable to print error message.")}throw s?.end({success:!1},e),e}))};
36
- /*! @azure/msal-common v15.13.3 2025-12-04 */
37
- class Ln{constructor(e,t,r,n){this.networkInterface=e,this.logger=t,this.performanceClient=r,this.correlationId=n}async detectRegion(e,n){this.performanceClient?.addQueueMeasurement(Or.RegionDiscoveryDetectRegion,this.correlationId);let i=e;if(i)n.region_source=re;else{const e=Ln.IMDS_OPTIONS;try{const s=await Un(this.getRegionFromIMDS.bind(this),Or.RegionDiscoveryGetRegionFromIMDS,this.logger,this.performanceClient,this.correlationId)(t.IMDS_VERSION,e);if(s.status===r&&(i=s.body,n.region_source=ne),s.status===o){const t=await Un(this.getCurrentVersion.bind(this),Or.RegionDiscoveryGetCurrentVersion,this.logger,this.performanceClient,this.correlationId)(e);if(!t)return n.region_source=te,null;const o=await Un(this.getRegionFromIMDS.bind(this),Or.RegionDiscoveryGetRegionFromIMDS,this.logger,this.performanceClient,this.correlationId)(t,e);o.status===r&&(i=o.body,n.region_source=ne)}}catch(e){return n.region_source=te,null}}return i||(n.region_source=te),i||null}async getRegionFromIMDS(e,r){return this.performanceClient?.addQueueMeasurement(Or.RegionDiscoveryGetRegionFromIMDS,this.correlationId),this.networkInterface.sendGetRequestAsync(`${t.IMDS_ENDPOINT}?api-version=${e}&format=text`,r,t.IMDS_TIMEOUT)}async getCurrentVersion(e){this.performanceClient?.addQueueMeasurement(Or.RegionDiscoveryGetCurrentVersion,this.correlationId);try{const r=await this.networkInterface.sendGetRequestAsync(`${t.IMDS_ENDPOINT}?format=json`,e);return r.status===o&&r.body&&r.body["newest-versions"]&&r.body["newest-versions"].length>0?r.body["newest-versions"][0]:null}catch(e){return null}}}
38
- /*! @azure/msal-common v15.13.3 2025-12-04 */
39
- function Dn(){return Math.round((new Date).getTime()/1e3)}function Hn(e){return e.getTime()/1e3}function xn(e){return e?new Date(1e3*Number(e)):new Date}function Bn(e,t){const r=Number(e)||0;return Dn()+t>r}function Fn(e,t){const r=Number(e)+24*t*60*60*1e3;return Date.now()>r}function zn(e){return Number(e)>Dn()}
40
- /*! @azure/msal-common v15.13.3 2025-12-04 */function Kn(e,t,r,n,o){return{credentialType:H.ID_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,realm:o,lastUpdatedAt:Date.now().toString()}}function Gn(e,t,r,n,o,i,s,a,c,l,h,d,u,g,p){const m={homeAccountId:e,credentialType:H.ACCESS_TOKEN,secret:r,cachedAt:Dn().toString(),expiresOn:s.toString(),extendedExpiresOn:a.toString(),environment:t,clientId:n,realm:o,target:i,tokenType:h||W.BEARER,lastUpdatedAt:Date.now().toString()};if(d&&(m.userAssertionHash=d),l&&(m.refreshOn=l.toString()),g&&(m.requestedClaims=g,m.requestedClaimsHash=p),m.tokenType?.toLowerCase()!==W.BEARER.toLowerCase())switch(m.credentialType=H.ACCESS_TOKEN_WITH_AUTH_SCHEME,m.tokenType){case W.POP:const e=dr(r,c);if(!e?.cnf?.kid)throw mt(et);m.keyId=e.cnf.kid;break;case W.SSH:m.keyId=u}return m}function $n(e,t,r,n,o,i,s){const a={credentialType:H.REFRESH_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,lastUpdatedAt:Date.now().toString()};return i&&(a.userAssertionHash=i),o&&(a.familyId=o),s&&(a.expiresOn=s.toString()),a}function Qn(e){return e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("credentialType")&&e.hasOwnProperty("clientId")&&e.hasOwnProperty("secret")}function jn(e){return!!e&&(Qn(e)&&e.hasOwnProperty("realm")&&e.hasOwnProperty("target")&&(e.credentialType===H.ACCESS_TOKEN||e.credentialType===H.ACCESS_TOKEN_WITH_AUTH_SCHEME))}function Wn(e){return!!e&&(Qn(e)&&e.credentialType===H.REFRESH_TOKEN)}function Vn(){return Dn()+z}function Jn(e,t,r){e.authorization_endpoint=t.authorization_endpoint,e.token_endpoint=t.token_endpoint,e.end_session_endpoint=t.end_session_endpoint,e.issuer=t.issuer,e.endpointsFromNetwork=r,e.jwks_uri=t.jwks_uri}function Yn(e,t,r){e.aliases=t.aliases,e.preferred_cache=t.preferred_cache,e.preferred_network=t.preferred_network,e.aliasesFromNetwork=r}function Xn(e){return e.expiresAt<=Dn()}
41
- /*! @azure/msal-common v15.13.3 2025-12-04 */Ln.IMDS_OPTIONS={headers:{Metadata:"true"}};class Zn{constructor(e,t,r,n,o,i,s,a){this.canonicalAuthority=e,this._canonicalAuthority.validateAsUri(),this.networkInterface=t,this.cacheManager=r,this.authorityOptions=n,this.regionDiscoveryMetadata={region_used:void 0,region_source:void 0,region_outcome:void 0},this.logger=o,this.performanceClient=s,this.correlationId=i,this.managedIdentity=a||!1,this.regionDiscovery=new Ln(t,this.logger,this.performanceClient,this.correlationId)}getAuthorityType(e){if(e.HostNameAndPort.endsWith(t.CIAM_AUTH_URL))return ar;const r=e.PathSegments;if(r.length)switch(r[0].toLowerCase()){case t.ADFS:return ir;case t.DSTS:return sr}return or}get authorityType(){return this.getAuthorityType(this.canonicalAuthorityUrlComponents)}get protocolMode(){return this.authorityOptions.protocolMode}get options(){return this.authorityOptions}get canonicalAuthority(){return this._canonicalAuthority.urlString}set canonicalAuthority(e){this._canonicalAuthority=new wr(e),this._canonicalAuthority.validateAsUri(),this._canonicalAuthorityUrlComponents=null}get canonicalAuthorityUrlComponents(){return this._canonicalAuthorityUrlComponents||(this._canonicalAuthorityUrlComponents=this._canonicalAuthority.getUrlComponents()),this._canonicalAuthorityUrlComponents}get hostnameAndPort(){return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()}get tenant(){return this.canonicalAuthorityUrlComponents.PathSegments[0]}get authorizationEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.authorization_endpoint);throw mt(ke)}get tokenEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint);throw mt(ke)}get deviceCodeEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint.replace("/token","/devicecode"));throw mt(ke)}get endSessionEndpoint(){if(this.discoveryComplete()){if(!this.metadata.end_session_endpoint)throw mt(nt);return this.replacePath(this.metadata.end_session_endpoint)}throw mt(ke)}get selfSignedJwtAudience(){if(this.discoveryComplete())return this.replacePath(this.metadata.issuer);throw mt(ke)}get jwksUri(){if(this.discoveryComplete())return this.replacePath(this.metadata.jwks_uri);throw mt(ke)}canReplaceTenant(e){return 1===e.PathSegments.length&&!Zn.reservedTenantDomains.has(e.PathSegments[0])&&this.getAuthorityType(e)===or&&this.protocolMode!==lr.OIDC}replaceTenant(e){return e.replace(/{tenant}|{tenantid}/g,this.tenant)}replacePath(e){let t=e;const r=new wr(this.metadata.canonical_authority).getUrlComponents(),n=r.PathSegments;return this.canonicalAuthorityUrlComponents.PathSegments.forEach(((e,o)=>{let i=n[o];if(0===o&&this.canReplaceTenant(r)){const e=new wr(this.metadata.authorization_endpoint).getUrlComponents().PathSegments[0];i!==e&&(this.logger.verbose(`Replacing tenant domain name ${i} with id ${e}`),i=e)}e!==i&&(t=t.replace(`/${i}/`,`/${e}/`))})),this.replaceTenant(t)}get defaultOpenIdConfigurationEndpoint(){const e=this.hostnameAndPort;return this.canonicalAuthority.endsWith("v2.0/")||this.authorityType===ir||this.protocolMode===lr.OIDC&&!this.isAliasOfKnownMicrosoftAuthority(e)?`${this.canonicalAuthority}.well-known/openid-configuration`:`${this.canonicalAuthority}v2.0/.well-known/openid-configuration`}discoveryComplete(){return!!this.metadata}async resolveEndpointsAsync(){this.performanceClient?.addQueueMeasurement(Or.AuthorityResolveEndpointsAsync,this.correlationId);const e=this.getCurrentMetadataEntity(),t=await Un(this.updateCloudDiscoveryMetadata.bind(this),Or.AuthorityUpdateCloudDiscoveryMetadata,this.logger,this.performanceClient,this.correlationId)(e);this.canonicalAuthority=this.canonicalAuthority.replace(this.hostnameAndPort,e.preferred_network);const r=await Un(this.updateEndpointMetadata.bind(this),Or.AuthorityUpdateEndpointMetadata,this.logger,this.performanceClient,this.correlationId)(e);this.updateCachedMetadata(e,t,{source:r}),this.performanceClient?.addFields({cloudDiscoverySource:t,authorityEndpointSource:r},this.correlationId)}getCurrentMetadataEntity(){let e=this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort);return e||(e={aliases:[],preferred_cache:this.hostnameAndPort,preferred_network:this.hostnameAndPort,canonical_authority:this.canonicalAuthority,authorization_endpoint:"",token_endpoint:"",end_session_endpoint:"",issuer:"",aliasesFromNetwork:!1,endpointsFromNetwork:!1,expiresAt:Vn(),jwks_uri:""}),e}updateCachedMetadata(e,t,r){t!==G&&r?.source!==G&&(e.expiresAt=Vn(),e.canonical_authority=this.canonicalAuthority);const n=this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache);this.cacheManager.setAuthorityMetadata(n,e),this.metadata=e}async updateEndpointMetadata(e){this.performanceClient?.addQueueMeasurement(Or.AuthorityUpdateEndpointMetadata,this.correlationId);const t=this.updateEndpointMetadataFromLocalSources(e);if(t){if(t.source===Q&&this.authorityOptions.azureRegionConfiguration?.azureRegion&&t.metadata){Jn(e,await Un(this.updateMetadataWithRegionalInformation.bind(this),Or.AuthorityUpdateMetadataWithRegionalInformation,this.logger,this.performanceClient,this.correlationId)(t.metadata),!1),e.canonical_authority=this.canonicalAuthority}return t.source}let r=await Un(this.getEndpointMetadataFromNetwork.bind(this),Or.AuthorityGetEndpointMetadataFromNetwork,this.logger,this.performanceClient,this.correlationId)();if(r)return this.authorityOptions.azureRegionConfiguration?.azureRegion&&(r=await Un(this.updateMetadataWithRegionalInformation.bind(this),Or.AuthorityUpdateMetadataWithRegionalInformation,this.logger,this.performanceClient,this.correlationId)(r)),Jn(e,r,!0),$;throw mt(be,this.defaultOpenIdConfigurationEndpoint)}updateEndpointMetadataFromLocalSources(e){this.logger.verbose("Attempting to get endpoint metadata from authority configuration");const t=this.getEndpointMetadataFromConfig();if(t)return this.logger.verbose("Found endpoint metadata in authority configuration"),Jn(e,t,!1),{source:K};if(this.logger.verbose("Did not find endpoint metadata in the config... Attempting to get endpoint metadata from the hardcoded values."),this.authorityOptions.skipAuthorityMetadataCache)this.logger.verbose("Skipping hardcoded metadata cache since skipAuthorityMetadataCache is set to true. Attempting to get endpoint metadata from the network metadata cache.");else{const t=this.getEndpointMetadataFromHardcodedValues();if(t)return Jn(e,t,!1),{source:Q,metadata:t};this.logger.verbose("Did not find endpoint metadata in hardcoded values... Attempting to get endpoint metadata from the network metadata cache.")}const r=Xn(e);return this.isAuthoritySameType(e)&&e.endpointsFromNetwork&&!r?(this.logger.verbose("Found endpoint metadata in the cache."),{source:G}):(r&&this.logger.verbose("The metadata entity is expired."),null)}isAuthoritySameType(e){return new wr(e.canonical_authority).getUrlComponents().PathSegments.length===this.canonicalAuthorityUrlComponents.PathSegments.length}getEndpointMetadataFromConfig(){if(this.authorityOptions.authorityMetadata)try{return JSON.parse(this.authorityOptions.authorityMetadata)}catch(e){throw Jt(Nt)}return null}async getEndpointMetadataFromNetwork(){this.performanceClient?.addQueueMeasurement(Or.AuthorityGetEndpointMetadataFromNetwork,this.correlationId);const e={},t=this.defaultOpenIdConfigurationEndpoint;this.logger.verbose(`Authority.getEndpointMetadataFromNetwork: attempting to retrieve OAuth endpoints from ${t}`);try{const r=await this.networkInterface.sendGetRequestAsync(t,e),n=
42
- /*! @azure/msal-common v15.13.3 2025-12-04 */
43
- function(e){return e.hasOwnProperty("authorization_endpoint")&&e.hasOwnProperty("token_endpoint")&&e.hasOwnProperty("issuer")&&e.hasOwnProperty("jwks_uri")}
44
- /*! @azure/msal-common v15.13.3 2025-12-04 */(r.body);return n?r.body:(this.logger.verbose("Authority.getEndpointMetadataFromNetwork: could not parse response as OpenID configuration"),null)}catch(e){return this.logger.verbose(`Authority.getEndpointMetadataFromNetwork: ${e}`),null}}getEndpointMetadataFromHardcodedValues(){return this.hostnameAndPort in vr?vr[this.hostnameAndPort]:null}async updateMetadataWithRegionalInformation(e){this.performanceClient?.addQueueMeasurement(Or.AuthorityUpdateMetadataWithRegionalInformation,this.correlationId);const r=this.authorityOptions.azureRegionConfiguration?.azureRegion;if(r){if(r!==t.AZURE_REGION_AUTO_DISCOVER_FLAG)return this.regionDiscoveryMetadata.region_outcome=oe,this.regionDiscoveryMetadata.region_used=r,Zn.replaceWithRegionalInformation(e,r);const n=await Un(this.regionDiscovery.detectRegion.bind(this.regionDiscovery),Or.RegionDiscoveryDetectRegion,this.logger,this.performanceClient,this.correlationId)(this.authorityOptions.azureRegionConfiguration?.environmentRegion,this.regionDiscoveryMetadata);if(n)return this.regionDiscoveryMetadata.region_outcome=ie,this.regionDiscoveryMetadata.region_used=n,Zn.replaceWithRegionalInformation(e,n);this.regionDiscoveryMetadata.region_outcome=se}return e}async updateCloudDiscoveryMetadata(e){this.performanceClient?.addQueueMeasurement(Or.AuthorityUpdateCloudDiscoveryMetadata,this.correlationId);const t=this.updateCloudDiscoveryMetadataFromLocalSources(e);if(t)return t;const r=await Un(this.getCloudDiscoveryMetadataFromNetwork.bind(this),Or.AuthorityGetCloudDiscoveryMetadataFromNetwork,this.logger,this.performanceClient,this.correlationId)();if(r)return Yn(e,r,!0),$;throw Jt(Ut)}updateCloudDiscoveryMetadataFromLocalSources(e){this.logger.verbose("Attempting to get cloud discovery metadata from authority configuration"),this.logger.verbosePii(`Known Authorities: ${this.authorityOptions.knownAuthorities||t.NOT_APPLICABLE}`),this.logger.verbosePii(`Authority Metadata: ${this.authorityOptions.authorityMetadata||t.NOT_APPLICABLE}`),this.logger.verbosePii(`Canonical Authority: ${e.canonical_authority||t.NOT_APPLICABLE}`);const r=this.getCloudDiscoveryMetadataFromConfig();if(r)return this.logger.verbose("Found cloud discovery metadata in authority configuration"),Yn(e,r,!1),K;if(this.logger.verbose("Did not find cloud discovery metadata in the config... Attempting to get cloud discovery metadata from the hardcoded values."),this.options.skipAuthorityMetadataCache)this.logger.verbose("Skipping hardcoded cloud discovery metadata cache since skipAuthorityMetadataCache is set to true. Attempting to get cloud discovery metadata from the network metadata cache.");else{const t=(n=this.hostnameAndPort,kr(Ir.metadata,n));if(t)return this.logger.verbose("Found cloud discovery metadata from hardcoded values."),Yn(e,t,!1),Q;this.logger.verbose("Did not find cloud discovery metadata in hardcoded values... Attempting to get cloud discovery metadata from the network metadata cache.")}var n;const o=Xn(e);return this.isAuthoritySameType(e)&&e.aliasesFromNetwork&&!o?(this.logger.verbose("Found cloud discovery metadata in the cache."),G):(o&&this.logger.verbose("The metadata entity is expired."),null)}getCloudDiscoveryMetadataFromConfig(){if(this.authorityType===ar)return this.logger.verbose("CIAM authorities do not support cloud discovery metadata, generate the aliases from authority host."),Zn.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);if(this.authorityOptions.cloudDiscoveryMetadata){this.logger.verbose("The cloud discovery metadata has been provided as a network response, in the config.");try{this.logger.verbose("Attempting to parse the cloud discovery metadata.");const e=kr(JSON.parse(this.authorityOptions.cloudDiscoveryMetadata).metadata,this.hostnameAndPort);if(this.logger.verbose("Parsed the cloud discovery metadata."),e)return this.logger.verbose("There is returnable metadata attached to the parsed cloud discovery metadata."),e;this.logger.verbose("There is no metadata attached to the parsed cloud discovery metadata.")}catch(e){throw this.logger.verbose("Unable to parse the cloud discovery metadata. Throwing Invalid Cloud Discovery Metadata Error."),Jt(qt)}}return this.isInKnownAuthorities()?(this.logger.verbose("The host is included in knownAuthorities. Creating new cloud discovery metadata from the host."),Zn.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)):null}async getCloudDiscoveryMetadataFromNetwork(){this.performanceClient?.addQueueMeasurement(Or.AuthorityGetCloudDiscoveryMetadataFromNetwork,this.correlationId);const e=`${t.AAD_INSTANCE_DISCOVERY_ENDPT}${this.canonicalAuthority}oauth2/v2.0/authorize`,r={};let n=null;try{const o=await this.networkInterface.sendGetRequestAsync(e,r);let i,s;if(function(e){return e.hasOwnProperty("tenant_discovery_endpoint")&&e.hasOwnProperty("metadata")}
45
- /*! @azure/msal-common v15.13.3 2025-12-04 */(o.body))i=o.body,s=i.metadata,this.logger.verbosePii(`tenant_discovery_endpoint is: ${i.tenant_discovery_endpoint}`);else{if(!function(e){return e.hasOwnProperty("error")&&e.hasOwnProperty("error_description")}(o.body))return this.logger.error("AAD did not return a CloudInstanceDiscoveryResponse or CloudInstanceDiscoveryErrorResponse"),null;if(this.logger.warning(`A CloudInstanceDiscoveryErrorResponse was returned. The cloud instance discovery network request's status code is: ${o.status}`),i=o.body,i.error===t.INVALID_INSTANCE)return this.logger.error("The CloudInstanceDiscoveryErrorResponse error is invalid_instance."),null;this.logger.warning(`The CloudInstanceDiscoveryErrorResponse error is ${i.error}`),this.logger.warning(`The CloudInstanceDiscoveryErrorResponse error description is ${i.error_description}`),this.logger.warning("Setting the value of the CloudInstanceDiscoveryMetadata (returned from the network) to []"),s=[]}this.logger.verbose("Attempting to find a match between the developer's authority and the CloudInstanceDiscoveryMetadata returned from the network request."),n=kr(s,this.hostnameAndPort)}catch(e){if(e instanceof Ce)this.logger.error(`There was a network error while attempting to get the cloud discovery instance metadata.\nError: ${e.errorCode}\nError Description: ${e.errorMessage}`);else{const t=e;this.logger.error(`A non-MSALJS error was thrown while attempting to get the cloud instance discovery metadata.\nError: ${t.name}\nError Description: ${t.message}`)}return null}return n||(this.logger.warning("The developer's authority was not found within the CloudInstanceDiscoveryMetadata returned from the network request."),this.logger.verbose("Creating custom Authority for custom domain scenario."),n=Zn.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),n}isInKnownAuthorities(){return this.authorityOptions.knownAuthorities.filter((e=>e&&wr.getDomainFromUrl(e).toLowerCase()===this.hostnameAndPort)).length>0}static generateAuthority(e,r){let n;if(r&&r.azureCloudInstance!==It.None){const e=r.tenant?r.tenant:t.DEFAULT_COMMON_TENANT;n=`${r.azureCloudInstance}/${e}/`}return n||e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return t.DEFAULT_AUTHORITY_HOST;if(this.discoveryComplete())return this.metadata.preferred_cache;throw mt(ke)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return Tr.has(e)}static isPublicCloudAuthority(e){return t.KNOWN_PUBLIC_CLOUDS.indexOf(e)>=0}static buildRegionalAuthorityString(e,r,n){const o=new wr(e);o.validateAsUri();const i=o.getUrlComponents();let s=`${r}.${i.HostNameAndPort}`;this.isPublicCloudAuthority(i.HostNameAndPort)&&(s=`${r}.${t.REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX}`);const a=wr.constructAuthorityUriFromObject({...o.getUrlComponents(),HostNameAndPort:s}).urlString;return n?`${a}?${n}`:a}static replaceWithRegionalInformation(e,t){const r={...e};return r.authorization_endpoint=Zn.buildRegionalAuthorityString(r.authorization_endpoint,t),r.token_endpoint=Zn.buildRegionalAuthorityString(r.token_endpoint,t),r.end_session_endpoint&&(r.end_session_endpoint=Zn.buildRegionalAuthorityString(r.end_session_endpoint,t)),r}static transformCIAMAuthority(e){let r=e;const n=new wr(e).getUrlComponents();if(0===n.PathSegments.length&&n.HostNameAndPort.endsWith(t.CIAM_AUTH_URL)){r=`${r}${n.HostNameAndPort.split(".")[0]}${t.AAD_TENANT_DOMAIN_SUFFIX}`}return r}}function eo(e){return e.endsWith(t.FORWARD_SLASH)?e:`${e}${t.FORWARD_SLASH}`}function to(e){const t=e.cloudDiscoveryMetadata;let r;if(t)try{r=JSON.parse(t)}catch(e){throw Jt(qt)}return{canonicalAuthority:e.authority?eo(e.authority):void 0,knownAuthorities:e.knownAuthorities,cloudDiscoveryMetadata:r}}
46
- /*! @azure/msal-common v15.13.3 2025-12-04 */async function ro(e,t,r,n,o,i,s){s?.addQueueMeasurement(Or.AuthorityFactoryCreateDiscoveredInstance,i);const a=Zn.transformCIAMAuthority(eo(e)),c=new Zn(a,t,r,n,o,i,s);try{return await Un(c.resolveEndpointsAsync.bind(c),Or.AuthorityResolveEndpointsAsync,o,s,i)(),c}catch(e){throw mt(ke)}}
47
- /*! @azure/msal-common v15.13.3 2025-12-04 */Zn.reservedTenantDomains=new Set(["{tenant}","{tenantid}",I,A,T]);class no extends Ce{constructor(e,t,r,n,o){super(e,t,r),this.name="ServerError",this.errorNo=n,this.status=o,Object.setPrototypeOf(this,no.prototype)}}
48
- /*! @azure/msal-common v15.13.3 2025-12-04 */function oo(e,t,r){return{clientId:e,authority:t.authority,scopes:t.scopes,homeAccountIdentifier:r,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid,embeddedClientId:t.embeddedClientId||t.tokenBodyParameters?.clientId}}
49
- /*! @azure/msal-common v15.13.3 2025-12-04 */class io{static generateThrottlingStorageKey(e){return`${Y}.${JSON.stringify(e)}`}static preProcess(e,r,n){const o=io.generateThrottlingStorageKey(r),i=e.getThrottlingCache(o);if(i){if(i.throttleTime<Date.now())return void e.removeItem(o,n);throw new no(i.errorCodes?.join(" ")||t.EMPTY_STRING,i.errorMessage,i.subError)}}static postProcess(e,t,r,n){if(io.checkResponseStatus(r)||io.checkResponseForRetryAfter(r)){const o={throttleTime:io.calculateThrottleTime(parseInt(r.headers[p])),error:r.body.error,errorCodes:r.body.error_codes,errorMessage:r.body.error_description,subError:r.body.suberror};e.setThrottlingCache(io.generateThrottlingStorageKey(t),o,n)}}static checkResponseStatus(e){return 429===e.status||e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return!!e.headers&&(e.headers.hasOwnProperty(p)&&(e.status<200||e.status>=300))}static calculateThrottleTime(e){const t=e<=0?0:e,r=Date.now()/1e3;return Math.floor(1e3*Math.min(r+(t||V),r+J))}static removeThrottle(e,t,r,n){const o=oo(t,r,n),i=this.generateThrottlingStorageKey(o);e.removeItem(i,r.correlationId)}}
50
- /*! @azure/msal-common v15.13.3 2025-12-04 */class so extends Ce{constructor(e,t,r){super(e.errorCode,e.errorMessage,e.subError),Object.setPrototypeOf(this,so.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=r}}function ao(e,t,r,n){return e.errorMessage=`${e.errorMessage}, additionalErrorInfo: error.name:${n?.name}, error.message:${n?.message}`,new so(e,t,r)}
51
- /*! @azure/msal-common v15.13.3 2025-12-04 */class co{constructor(e,t){this.config=function({authOptions:e,systemOptions:t,loggerOptions:r,cacheOptions:n,storageInterface:o,networkInterface:i,cryptoInterface:s,clientCredentials:a,libraryInfo:c,telemetry:l,serverTelemetryManager:h,persistencePlugin:d,serializableCache:u}){const g={...Br,...r};return{authOptions:(p=e,{clientCapabilities:[],azureCloudOptions:$r,skipAuthorityMetadataCache:!1,instanceAware:!1,encodeExtraQueryParams:!1,...p}),systemOptions:{...xr,...t},loggerOptions:g,cacheOptions:{...Fr,...n},storageInterface:o||new Mr(e.clientId,ft,new Ct(g),new Hr),networkInterface:i||zr,cryptoInterface:s||ft,clientCredentials:a||Gr,libraryInfo:{...Kr,...c},telemetry:{...Qr,...l},serverTelemetryManager:h||null,persistencePlugin:d||null,serializableCache:u||null};var p}(e),this.logger=new Ct(this.config.loggerOptions,wt,vt),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}createTokenRequestHeaders(e){const r={};if(r[u]=t.URL_FORM_CONTENT_TYPE,!this.config.systemOptions.preventCorsPreflight&&e)switch(e.type){case Wr:try{const t=er(e.credential);r[m]=`Oid:${t.uid}@${t.utid}`}catch(e){this.logger.verbose("Could not parse home account ID for CCS Header: "+e)}break;case Vr:r[m]=`UPN: ${e.credential}`}return r}async executePostToTokenEndpoint(e,t,r,n,o,i){i&&this.performanceClient?.addQueueMeasurement(i,o);const s=await this.sendPostRequest(n,e,{body:t,headers:r},o);return this.config.serverTelemetryManager&&s.status<500&&429!==s.status&&this.config.serverTelemetryManager.clearTelemetryCache(),s}async sendPostRequest(e,t,r,n){let o;io.preProcess(this.cacheManager,e,n);try{o=await Un(this.networkClient.sendPostRequestAsync.bind(this.networkClient),Or.NetworkClientSendPostRequestAsync,this.logger,this.performanceClient,n)(t,r);const e=o.headers||{};this.performanceClient?.addFields({refreshTokenSize:o.body.refresh_token?.length||0,httpVerToken:e[w]||"",requestId:e[C]||""},n)}catch(e){if(e instanceof so){const t=e.responseHeaders;throw t&&this.performanceClient?.addFields({httpVerToken:t[w]||"",requestId:t[C]||"",contentTypeHeader:t[u]||void 0,contentLengthHeader:t[g]||void 0,httpStatus:e.httpStatus},n),e.error}throw e instanceof Ce?e:mt(Se)}return io.postProcess(this.cacheManager,e,o,n),o}async updateAuthority(e,t){this.performanceClient?.addQueueMeasurement(Or.UpdateTokenEndpointAuthority,t);const r=`https://${e}/${this.authority.tenant}/`,n=await ro(r,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=n}createTokenQueryParameters(e){const t=new Map;return e.embeddedClientId&&qn(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.tokenQueryParameters&&En(t,e.tokenQueryParameters),fn(t,e.correlationId),sn(t,e.correlationId,this.performanceClient),yr(t)}}
52
- /*! @azure/msal-common v15.13.3 2025-12-04 */const lo="no_tokens_found",ho="native_account_unavailable",uo="refresh_token_expired",go="ux_not_allowed",po="interaction_required",mo="consent_required",fo="login_required",yo="bad_token";var Co=Object.freeze({__proto__:null,badToken:yo,consentRequired:mo,interactionRequired:po,loginRequired:fo,nativeAccountUnavailable:ho,noTokensFound:lo,refreshTokenExpired:uo,uxNotAllowed:go});
53
- /*! @azure/msal-common v15.13.3 2025-12-04 */const wo=[po,mo,fo,yo,go],vo=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token"],Io={[lo]:"No refresh token found in the cache. Please sign-in.",[ho]:"The requested account is not available in the native broker. It may have been deleted or logged out. Please sign-in again using an interactive API.",[uo]:"Refresh token has expired.",[yo]:"Identity provider returned bad_token due to an expired or invalid refresh token. Please invoke an interactive API to resolve.",[go]:"`canShowUI` flag in Edge was set to false. User interaction required on web page. Please invoke an interactive API to resolve."},To={noTokensFoundError:{code:lo,desc:Io[lo]},native_account_unavailable:{code:ho,desc:Io[ho]},bad_token:{code:yo,desc:Io[yo]}};class Ao extends Ce{constructor(e,r,n,o,i,s,a,c){super(e,r,n),Object.setPrototypeOf(this,Ao.prototype),this.timestamp=o||t.EMPTY_STRING,this.traceId=i||t.EMPTY_STRING,this.correlationId=s||t.EMPTY_STRING,this.claims=a||t.EMPTY_STRING,this.name="InteractionRequiredAuthError",this.errorNo=c}}function ko(e,t,r){const n=!!e&&wo.indexOf(e)>-1,o=!!r&&vo.indexOf(r)>-1,i=!!t&&wo.some((e=>t.indexOf(e)>-1));return n||i||o}function So(e){return new Ao(e,Io[e])}
54
- /*! @azure/msal-common v15.13.3 2025-12-04 */class bo{static setRequestState(e,r,n){const o=bo.generateLibraryState(e,n);return r?`${o}${t.RESOURCE_DELIM}${r}`:o}static generateLibraryState(e,t){if(!e)throw mt(We);const r={id:e.createNewGuid()};t&&(r.meta=t);const n=JSON.stringify(r);return e.base64Encode(n)}static parseRequestState(e,r){if(!e)throw mt(We);if(!r)throw mt(Re);try{const n=r.split(t.RESOURCE_DELIM),o=n[0],i=n.length>1?n.slice(1).join(t.RESOURCE_DELIM):t.EMPTY_STRING,s=e.base64Decode(o),a=JSON.parse(s);return{userRequestState:i||t.EMPTY_STRING,libraryState:a}}catch(e){throw mt(Re)}}}
55
- /*! @azure/msal-common v15.13.3 2025-12-04 */const Eo="sw";class Ro{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){this.performanceClient?.addQueueMeasurement(Or.PopTokenGenerateCnf,e.correlationId);const r=await Un(this.generateKid.bind(this),Or.PopTokenGenerateCnf,t,this.performanceClient,e.correlationId)(e),n=this.cryptoUtils.base64UrlEncode(JSON.stringify(r));return{kid:r.kid,reqCnfString:n}}async generateKid(e){this.performanceClient?.addQueueMeasurement(Or.PopTokenGenerateKid,e.correlationId);return{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:Eo}}async signPopToken(e,t,r){return this.signPayload(e,t,r)}async signPayload(e,t,r,n){const{resourceRequestMethod:o,resourceRequestUri:i,shrClaims:s,shrNonce:a,shrOptions:c}=r,l=i?new wr(i):void 0,h=l?.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:Dn(),m:o?.toUpperCase(),u:h?.HostNameAndPort,nonce:a||this.cryptoUtils.createNewGuid(),p:h?.AbsolutePath,q:h?.QueryString?[[],h.QueryString]:void 0,client_claims:s||void 0,...n},t,c,r.correlationId)}}
56
- /*! @azure/msal-common v15.13.3 2025-12-04 */class _o{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}
57
- /*! @azure/msal-common v15.13.3 2025-12-04 */class Po{constructor(e,t,r,n,o,i,s){this.clientId=e,this.cacheStorage=t,this.cryptoObj=r,this.logger=n,this.serializableCache=o,this.persistencePlugin=i,this.performanceClient=s}validateTokenResponse(e,r){if(e.error||e.error_description||e.suberror){const o=`Error(s): ${e.error_codes||t.NOT_AVAILABLE} - Timestamp: ${e.timestamp||t.NOT_AVAILABLE} - Description: ${e.error_description||t.NOT_AVAILABLE} - Correlation ID: ${e.correlation_id||t.NOT_AVAILABLE} - Trace ID: ${e.trace_id||t.NOT_AVAILABLE}`,c=e.error_codes?.length?e.error_codes[0]:void 0,l=new no(e.error,o,e.suberror,c,e.status);if(r&&e.status&&e.status>=s&&e.status<=a)return void this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently unavailable and the access token is unable to be refreshed.\n${l}`);if(r&&e.status&&e.status>=n&&e.status<=i)return void this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently available but is unable to refresh the access token.\n${l}`);if(ko(e.error,e.error_description,e.suberror))throw new Ao(e.error,e.error_description,e.suberror,e.timestamp||t.EMPTY_STRING,e.trace_id||t.EMPTY_STRING,e.correlation_id||t.EMPTY_STRING,e.claims||t.EMPTY_STRING,c);throw l}}async handleServerTokenResponse(e,r,n,o,i,s,a,c,l){let h,d;if(this.performanceClient?.addQueueMeasurement(Or.HandleServerTokenResponse,e.correlation_id),e.id_token){if(h=dr(e.id_token||t.EMPTY_STRING,this.cryptoObj.base64Decode),i&&i.nonce&&h.nonce!==i.nonce)throw mt(Me);if(o.maxAge||0===o.maxAge){const e=h.auth_time;if(!e)throw mt(Oe);gr(e,o.maxAge)}}this.homeAccountIdentifier=hr.generateHomeAccountId(e.client_info||t.EMPTY_STRING,r.authorityType,this.logger,this.cryptoObj,h),i&&i.state&&(d=bo.parseRequestState(this.cryptoObj,i.state)),e.key_id=e.key_id||o.sshKid||void 0;const u=this.generateCacheRecord(e,r,n,o,h,s,i);let g;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("Persistence enabled, calling beforeCacheAccess"),g=new _o(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(g)),a&&!c&&u.account){const e=this.cacheStorage.generateAccountKey(hr.getAccountInfo(u.account));if(!this.cacheStorage.getAccount(e,o.correlationId))return this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache"),await Po.generateAuthenticationResult(this.cryptoObj,r,u,!1,o,h,d,void 0,l)}await this.cacheStorage.saveCacheRecord(u,o.correlationId,ur(h||{}),o.storeInCache)}finally{this.persistencePlugin&&this.serializableCache&&g&&(this.logger.verbose("Persistence enabled, calling afterCacheAccess"),await this.persistencePlugin.afterCacheAccess(g))}return Po.generateAuthenticationResult(this.cryptoObj,r,u,!1,o,h,d,e,l)}generateCacheRecord(e,t,r,n,o,i,s){const a=t.getPreferredCache();if(!a)throw mt(Qe);const c=cr(o);let l,h;e.id_token&&o&&(l=Kn(this.homeAccountIdentifier,a,e.id_token,this.clientId,c||""),h=Mo(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,n.correlationId,o,e.client_info,a,c,s,void 0,this.logger));let d=null;if(e.access_token){const o=e.scope?Xt.fromString(e.scope):new Xt(n.scopes||[]),s=("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0,l=("string"==typeof e.ext_expires_in?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,h=("string"==typeof e.refresh_in?parseInt(e.refresh_in,10):e.refresh_in)||void 0,u=r+s,g=u+l,p=h&&h>0?r+h:void 0;d=Gn(this.homeAccountIdentifier,a,e.access_token,this.clientId,c||t.tenant||"",o.printScopes(),u,g,this.cryptoObj.base64Decode,p,e.token_type,i,e.key_id,n.claims,n.requestedClaimsHash)}let u=null;if(e.refresh_token){let t;if(e.refresh_token_expires_in){t=r+("string"==typeof e.refresh_token_expires_in?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in)}u=$n(this.homeAccountIdentifier,a,e.refresh_token,this.clientId,e.foci,i,t)}let g=null;return e.foci&&(g={clientId:this.clientId,environment:a,familyId:e.foci}),{account:h,idToken:l,accessToken:d,refreshToken:u,appMetadata:g}}static async generateAuthenticationResult(e,r,n,o,i,s,a,c,l){let h,d,u=t.EMPTY_STRING,g=[],p=null,m=t.EMPTY_STRING;if(n.accessToken){if(n.accessToken.tokenType!==W.POP||i.popKid)u=n.accessToken.secret;else{const t=new Ro(e),{secret:r,keyId:o}=n.accessToken;if(!o)throw mt(ot);u=await t.signPopToken(r,o,i)}g=Xt.fromString(n.accessToken.target).asArray(),p=xn(n.accessToken.expiresOn),h=xn(n.accessToken.extendedExpiresOn),n.accessToken.refreshOn&&(d=xn(n.accessToken.refreshOn))}n.appMetadata&&(m=n.appMetadata.familyId===B?B:"");const f=s?.oid||s?.sub||"",y=s?.tid||"";c?.spa_accountid&&n.account&&(n.account.nativeAccountId=c?.spa_accountid);const C=n.account?nr(hr.getAccountInfo(n.account),void 0,s,n.idToken?.secret):null;return{authority:r.canonicalAuthority,uniqueId:f,tenantId:y,scopes:g,account:C,idToken:n?.idToken?.secret||"",idTokenClaims:s||{},accessToken:u,fromCache:o,expiresOn:p,extExpiresOn:h,refreshOn:d,correlationId:i.correlationId,requestId:l||t.EMPTY_STRING,familyId:m,tokenType:n.accessToken?.tokenType||t.EMPTY_STRING,state:a?a.userRequestState:t.EMPTY_STRING,cloudGraphHostName:n.account?.cloudGraphHostName||t.EMPTY_STRING,msGraphHost:n.account?.msGraphHost||t.EMPTY_STRING,code:c?.spa_code,fromNativeBroker:!1}}}function Mo(e,t,r,n,o,i,s,a,c,l,h,d){d?.verbose("setCachedAccount called");const u=e.getAccountKeys().find((e=>e.startsWith(r)));let g=null;u&&(g=e.getAccount(u,o));const p=g||hr.createAccount({homeAccountId:r,idTokenClaims:i,clientInfo:s,environment:a,cloudGraphHostName:l?.cloud_graph_host_name,msGraphHost:l?.msgraph_host,nativeAccountId:h},t,n),m=p.tenantProfiles||[],f=c||p.realm;if(f&&!m.find((e=>e.tenantId===f))){const e=rr(r,p.localAccountId,f,i);m.push(e)}return p.tenantProfiles=m,p}
58
- /*! @azure/msal-common v15.13.3 2025-12-04 */async function Oo(e,t,r){if("string"==typeof e)return e;return e({clientId:t,tokenEndpoint:r})}
59
- /*! @azure/msal-common v15.13.3 2025-12-04 */class qo extends co{constructor(e,t){super(e,t),this.includeRedirectUri=!0,this.oidcDefaultScopes=this.config.authOptions.authority.options.OIDCOptions?.defaultScopes}async acquireToken(e,t){if(this.performanceClient?.addQueueMeasurement(Or.AuthClientAcquireToken,e.correlationId),!e.code)throw mt(De);const r=Dn(),n=await Un(this.executeTokenRequest.bind(this),Or.AuthClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(this.authority,e),o=n.headers?.[C],i=new Po(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin,this.performanceClient);return i.validateTokenResponse(n.body),Un(i.handleServerTokenResponse.bind(i),Or.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,r,e,t,void 0,void 0,void 0,o)}getLogoutUri(e){if(!e)throw Jt(Pt);const t=this.createLogoutUrlQueryString(e);return wr.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t){this.performanceClient?.addQueueMeasurement(Or.AuthClientExecuteTokenRequest,t.correlationId);const r=this.createTokenQueryParameters(t),n=wr.appendQueryString(e.tokenEndpoint,r),o=await Un(this.createTokenRequestBody.bind(this),Or.AuthClientCreateTokenRequestBody,this.logger,this.performanceClient,t.correlationId)(t);let i;if(t.clientInfo)try{const e=Zt(t.clientInfo,this.cryptoUtils.base64Decode);i={credential:`${e.uid}${D}${e.utid}`,type:Wr}}catch(e){this.logger.verbose("Could not parse client info for CCS Header: "+e)}const s=this.createTokenRequestHeaders(i||t.ccsCredential),a=oo(this.config.authOptions.clientId,t);return Un(this.executePostToTokenEndpoint.bind(this),Or.AuthorizationCodeClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,t.correlationId)(n,o,s,a,t.correlationId,Or.AuthorizationCodeClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){this.performanceClient?.addQueueMeasurement(Or.AuthClientCreateTokenRequestBody,e.correlationId);const t=new Map;if(ln(t,e.embeddedClientId||e.tokenBodyParameters?.[Jr]||this.config.authOptions.clientId),this.includeRedirectUri)hn(t,e.redirectUri);else if(!e.redirectUri)throw Jt(Tt);if(cn(t,e.scopes,!0,this.oidcDefaultScopes),function(e,t){e.set("code",t)}(t,e.code),yn(t,this.config.libraryInfo),Cn(t,this.config.telemetry.application),On(t),this.serverTelemetryManager&&!jr(this.config)&&Mn(t,this.serverTelemetryManager),e.codeVerifier&&function(e,t){e.set("code_verifier",t)}(t,e.codeVerifier),this.config.clientCredentials.clientSecret&&In(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Tn(t,await Oo(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),An(t,r.assertionType)}if(kn(t,M),Sn(t),e.authenticationScheme===W.POP){const r=new Ro(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Un(r.generateCnf.bind(r),Or.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}_n(t,n)}else if(e.authenticationScheme===W.SSH){if(!e.sshJwk)throw Jt(Lt);Pn(t,e.sshJwk)}let r;if((!Yt.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&mn(t,e.claims,this.config.authOptions.clientCapabilities),e.clientInfo)try{const t=Zt(e.clientInfo,this.cryptoUtils.base64Decode);r={credential:`${t.uid}${D}${t.utid}`,type:Wr}}catch(e){this.logger.verbose("Could not parse client info for CCS Header: "+e)}else r=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&r)switch(r.type){case Wr:try{gn(t,er(r.credential))}catch(e){this.logger.verbose("Could not parse home account ID for CCS Header: "+e)}break;case Vr:un(t,r.credential)}return e.embeddedClientId&&qn(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.tokenBodyParameters&&En(t,e.tokenBodyParameters),!e.enableSpaAuthorizationCode||e.tokenBodyParameters&&e.tokenBodyParameters[en]||En(t,{[en]:"1"}),sn(t,e.correlationId,this.performanceClient),yr(t)}createLogoutUrlQueryString(e){const t=new Map;return e.postLogoutRedirectUri&&function(e,t){e.set("post_logout_redirect_uri",t)}(t,e.postLogoutRedirectUri),e.correlationId&&fn(t,e.correlationId),e.idTokenHint&&function(e,t){e.set("id_token_hint",t)}(t,e.idTokenHint),e.state&&wn(t,e.state),e.logoutHint&&function(e,t){e.set("logout_hint",t)}(t,e.logoutHint),e.extraQueryParameters&&En(t,e.extraQueryParameters),this.config.authOptions.instanceAware&&bn(t),yr(t,this.config.authOptions.encodeExtraQueryParams,e.extraQueryParameters)}}
60
- /*! @azure/msal-common v15.13.3 2025-12-04 */class No extends co{constructor(e,t){super(e,t)}async acquireToken(e){this.performanceClient?.addQueueMeasurement(Or.RefreshTokenClientAcquireToken,e.correlationId);const t=Dn(),r=await Un(this.executeTokenRequest.bind(this),Or.RefreshTokenClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(e,this.authority),n=r.headers?.[C],o=new Po(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin);return o.validateTokenResponse(r.body),Un(o.handleServerTokenResponse.bind(o),Or.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(r.body,this.authority,t,e,void 0,void 0,!0,e.forceCache,n)}async acquireTokenByRefreshToken(e){if(!e)throw Jt(_t);if(this.performanceClient?.addQueueMeasurement(Or.RefreshTokenClientAcquireTokenByRefreshToken,e.correlationId),!e.account)throw mt(Ge);if(this.cacheManager.isAppMetadataFOCI(e.account.environment))try{return await Un(this.acquireTokenWithCachedRefreshToken.bind(this),Or.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!0)}catch(t){const r=t instanceof Ao&&t.errorCode===lo,n=t instanceof no&&t.errorCode===Z&&t.subError===ee;if(r||n)return Un(this.acquireTokenWithCachedRefreshToken.bind(this),Or.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1);throw t}return Un(this.acquireTokenWithCachedRefreshToken.bind(this),Or.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1)}async acquireTokenWithCachedRefreshToken(e,t){this.performanceClient?.addQueueMeasurement(Or.RefreshTokenClientAcquireTokenWithCachedRefreshToken,e.correlationId);const r=Nn(this.cacheManager.getRefreshToken.bind(this.cacheManager),Or.CacheManagerGetRefreshToken,this.logger,this.performanceClient,e.correlationId)(e.account,t,e.correlationId,void 0,this.performanceClient);if(!r)throw So(lo);if(r.expiresOn&&Bn(r.expiresOn,e.refreshTokenExpirationOffsetSeconds||300))throw this.performanceClient?.addFields({rtExpiresOnMs:Number(r.expiresOn)},e.correlationId),So(uo);const n={...e,refreshToken:r.secret,authenticationScheme:e.authenticationScheme||W.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:Wr}};try{return await Un(this.acquireToken.bind(this),Or.RefreshTokenClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(n)}catch(t){if(t instanceof Ao&&(this.performanceClient?.addFields({rtExpiresOnMs:Number(r.expiresOn)},e.correlationId),t.subError===yo)){this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");const t=this.cacheManager.generateCredentialKey(r);this.cacheManager.removeRefreshToken(t,e.correlationId)}throw t}}async executeTokenRequest(e,t){this.performanceClient?.addQueueMeasurement(Or.RefreshTokenClientExecuteTokenRequest,e.correlationId);const r=this.createTokenQueryParameters(e),n=wr.appendQueryString(t.tokenEndpoint,r),o=await Un(this.createTokenRequestBody.bind(this),Or.RefreshTokenClientCreateTokenRequestBody,this.logger,this.performanceClient,e.correlationId)(e),i=this.createTokenRequestHeaders(e.ccsCredential),s=oo(this.config.authOptions.clientId,e);return Un(this.executePostToTokenEndpoint.bind(this),Or.RefreshTokenClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,e.correlationId)(n,o,i,s,e.correlationId,Or.RefreshTokenClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){this.performanceClient?.addQueueMeasurement(Or.RefreshTokenClientCreateTokenRequestBody,e.correlationId);const t=new Map;if(ln(t,e.embeddedClientId||e.tokenBodyParameters?.[Jr]||this.config.authOptions.clientId),e.redirectUri&&hn(t,e.redirectUri),cn(t,e.scopes,!0,this.config.authOptions.authority.options.OIDCOptions?.defaultScopes),kn(t,O),Sn(t),yn(t,this.config.libraryInfo),Cn(t,this.config.telemetry.application),On(t),this.serverTelemetryManager&&!jr(this.config)&&Mn(t,this.serverTelemetryManager),function(e,t){e.set("refresh_token",t)}(t,e.refreshToken),this.config.clientCredentials.clientSecret&&In(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Tn(t,await Oo(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),An(t,r.assertionType)}if(e.authenticationScheme===W.POP){const r=new Ro(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Un(r.generateCnf.bind(r),Or.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}_n(t,n)}else if(e.authenticationScheme===W.SSH){if(!e.sshJwk)throw Jt(Lt);Pn(t,e.sshJwk)}if((!Yt.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&mn(t,e.claims,this.config.authOptions.clientCapabilities),this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case Wr:try{gn(t,er(e.ccsCredential.credential))}catch(e){this.logger.verbose("Could not parse home account ID for CCS Header: "+e)}break;case Vr:un(t,e.ccsCredential.credential)}return e.embeddedClientId&&qn(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.tokenBodyParameters&&En(t,e.tokenBodyParameters),sn(t,e.correlationId,this.performanceClient),yr(t)}}
61
- /*! @azure/msal-common v15.13.3 2025-12-04 */class Uo extends co{constructor(e,t){super(e,t)}async acquireCachedToken(e){this.performanceClient?.addQueueMeasurement(Or.SilentFlowClientAcquireCachedToken,e.correlationId);let t=ae;if(e.forceRefresh||!this.config.cacheOptions.claimsBasedCachingEnabled&&!Yt.isEmptyObj(e.claims))throw this.setCacheOutcome(ce,e.correlationId),mt(Xe);if(!e.account)throw mt(Ge);const r=e.account.tenantId||function(e){const t=new wr(e).getUrlComponents(),r=t.PathSegments.slice(-1)[0]?.toLowerCase();switch(r){case I:case T:case A:return;default:return r}}(e.authority),n=this.cacheManager.getTokenKeys(),o=this.cacheManager.getAccessToken(e.account,e,n,r);if(!o)throw this.setCacheOutcome(le,e.correlationId),mt(Xe);if(zn(o.cachedAt)||Bn(o.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(he,e.correlationId),mt(Xe);o.refreshOn&&Bn(o.refreshOn,0)&&(t=de);const i=e.authority||this.authority.getPreferredCache(),s={account:this.cacheManager.getAccount(this.cacheManager.generateAccountKey(e.account),e.correlationId),accessToken:o,idToken:this.cacheManager.getIdToken(e.account,e.correlationId,n,r,this.performanceClient),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(i)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await Un(this.generateResultFromCacheRecord.bind(this),Or.SilentFlowClientGenerateResultFromCacheRecord,this.logger,this.performanceClient,e.correlationId)(s,e),t]}setCacheOutcome(e,t){this.serverTelemetryManager?.setCacheOutcome(e),this.performanceClient?.addFields({cacheOutcome:e},t),e!==ae&&this.logger.info(`Token refresh is required due to cache outcome: ${e}`)}async generateResultFromCacheRecord(e,t){let r;if(this.performanceClient?.addQueueMeasurement(Or.SilentFlowClientGenerateResultFromCacheRecord,t.correlationId),e.idToken&&(r=dr(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge||0===t.maxAge){const e=r?.auth_time;if(!e)throw mt(Oe);gr(e,t.maxAge)}return Po.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,r)}}
62
- /*! @azure/msal-common v15.13.3 2025-12-04 */const Lo={sendGetRequestAsync:()=>Promise.reject(mt(ct)),sendPostRequestAsync:()=>Promise.reject(mt(ct))};
63
- /*! @azure/msal-common v15.13.3 2025-12-04 */function Do(e,t,r,n){const o=t.correlationId,i=new Map;ln(i,t.embeddedClientId||t.extraQueryParameters?.[Jr]||e.clientId);if(cn(i,[...t.scopes||[],...t.extraScopesToConsent||[]],!0,e.authority.options.OIDCOptions?.defaultScopes),hn(i,t.redirectUri),fn(i,o),function(e,t){e.set("response_mode",t||P)}(i,t.responseMode),Sn(i),t.prompt&&(!function(e,t){e.set("prompt",t)}(i,t.prompt),n?.addFields({prompt:t.prompt},o)),t.domainHint&&(!function(e,t){e.set("domain_hint",t)}(i,t.domainHint),n?.addFields({domainHintFromRequest:!0},o)),t.prompt!==b.SELECT_ACCOUNT)if(t.sid&&t.prompt===b.NONE)r.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from request"),pn(i,t.sid),n?.addFields({sidFromRequest:!0},o);else if(t.account){const e=(s=t.account,s.idTokenClaims?.sid||null);let a=function(e){return e.loginHint||e.idTokenClaims?.login_hint||null}
64
- /*! @azure/msal-common v15.13.3 2025-12-04 */(t.account);if(a&&t.domainHint&&(r.warning('AuthorizationCodeClient.createAuthCodeUrlQueryString: "domainHint" param is set, skipping opaque "login_hint" claim. Please consider not passing domainHint'),a=null),a){r.verbose("createAuthCodeUrlQueryString: login_hint claim present on account"),dn(i,a),n?.addFields({loginHintFromClaim:!0},o);try{gn(i,er(t.account.homeAccountId))}catch(e){r.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(e&&t.prompt===b.NONE){r.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from account"),pn(i,e),n?.addFields({sidFromClaim:!0},o);try{gn(i,er(t.account.homeAccountId))}catch(e){r.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(t.loginHint)r.verbose("createAuthCodeUrlQueryString: Adding login_hint from request"),dn(i,t.loginHint),un(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o);else if(t.account.username){r.verbose("createAuthCodeUrlQueryString: Adding login_hint from account"),dn(i,t.account.username),n?.addFields({loginHintFromUpn:!0},o);try{gn(i,er(t.account.homeAccountId))}catch(e){r.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}}else t.loginHint&&(r.verbose("createAuthCodeUrlQueryString: No account, adding login_hint from request"),dn(i,t.loginHint),un(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o));else r.verbose("createAuthCodeUrlQueryString: Prompt is select_account, ignoring account hints");var s;return t.nonce&&function(e,t){e.set("nonce",t)}(i,t.nonce),t.state&&wn(i,t.state),(t.claims||e.clientCapabilities&&e.clientCapabilities.length>0)&&mn(i,t.claims,e.clientCapabilities),t.embeddedClientId&&qn(i,e.clientId,e.redirectUri),!e.instanceAware||t.extraQueryParameters&&Object.keys(t.extraQueryParameters).includes(on)||bn(i),i}function Ho(e,t,r,n){const o=yr(t,r,n);return wr.appendQueryString(e.authorizationEndpoint,o)}function xo(e,t){if(!e.state||!t)throw e.state?mt(Pe,"Cached State"):mt(Pe,"Server State");let r,n;try{r=decodeURIComponent(e.state)}catch(t){throw mt(Re,e.state)}try{n=decodeURIComponent(t)}catch(t){throw mt(Re,e.state)}if(r!==n)throw mt(_e);if(e.error||e.error_description||e.suberror){const t=function(e){const t="code=",r=e.error_uri?.lastIndexOf(t);return r&&r>=0?e.error_uri?.substring(r+t.length):void 0}(e);if(ko(e.error,e.error_description,e.suberror))throw new Ao(e.error||"",e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",t);throw new no(e.error||"",e.error_description,e.suberror,t)}}function Bo(e){const{skus:t,libraryName:r,libraryVersion:n,extensionName:o,extensionVersion:i}=e,s=new Map([[0,[r,n]],[2,[o,i]]]);let a=[];if(t?.length){if(a=t.split(","),a.length<4)return t}else a=Array.from({length:4},(()=>"|"));return s.forEach(((e,t)=>{2===e.length&&e[0]?.length&&e[1]?.length&&function(e){const{skuArr:t,index:r,skuName:n,skuVersion:o}=e;if(r>=t.length)return;t[r]=[n,o].join("|")}({skuArr:a,index:t,skuName:e[0],skuVersion:e[1]})})),a.join(",")}class Fo{constructor(e,r){this.cacheOutcome=ae,this.cacheManager=r,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||t.EMPTY_STRING,this.wrapperVer=e.wrapperVer||t.EMPTY_STRING,this.telemetryCacheKey=j.CACHE_KEY+L+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${j.VALUE_SEPARATOR}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],r=this.getNativeBrokerErrorCode();r?.length&&t.push(`broker_error=${r}`);const n=t.join(j.VALUE_SEPARATOR),o=[e,this.getRegionDiscoveryFields()].join(j.VALUE_SEPARATOR);return[j.SCHEMA_VERSION,o,n].join(j.CATEGORY_SEPARATOR)}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=Fo.maxErrorsToSend(e),r=e.failedRequests.slice(0,2*t).join(j.VALUE_SEPARATOR),n=e.errors.slice(0,t).join(j.VALUE_SEPARATOR),o=e.errors.length,i=[o,t<o?j.OVERFLOW_TRUE:j.OVERFLOW_FALSE].join(j.VALUE_SEPARATOR);return[j.SCHEMA_VERSION,e.cacheHits,r,n,i].join(j.CATEGORY_SEPARATOR)}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=j.MAX_CACHED_ERRORS&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof Ce?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push(j.UNKNOWN_ERROR),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId),e.cacheHits}getLastRequests(){return this.cacheManager.getServerTelemetry(this.telemetryCacheKey)||{failedRequests:[],errors:[],cacheHits:0}}clearTelemetryCache(){const e=this.getLastRequests(),t=Fo.maxErrorsToSend(e);if(t===e.errors.length)this.cacheManager.removeItem(this.telemetryCacheKey,this.correlationId);else{const r={failedRequests:e.failedRequests.slice(2*t),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,r,this.correlationId)}}static maxErrorsToSend(e){let r,n=0,o=0;const i=e.errors.length;for(r=0;r<i;r++){const i=e.failedRequests[2*r]||t.EMPTY_STRING,s=e.failedRequests[2*r+1]||t.EMPTY_STRING,a=e.errors[r]||t.EMPTY_STRING;if(o+=i.toString().length+s.toString().length+a.length+3,!(o<j.MAX_LAST_HEADER_BYTES))break;n+=1}return n}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||t.EMPTY_STRING),e.push(this.regionSource||t.EMPTY_STRING),e.push(this.regionOutcome||t.EMPTY_STRING),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId)}static makeExtraSkuString(e){return Bo(e)}}
65
- /*! @azure/msal-common v15.13.3 2025-12-04 */const zo="missing_kid_error",Ko="missing_alg_error",Go={[zo]:"The JOSE Header for the requested JWT, JWS or JWK object requires a keyId to be configured as the 'kid' header claim. No 'kid' value was provided.",[Ko]:"The JOSE Header for the requested JWT, JWS or JWK object requires an algorithm to be specified as the 'alg' header claim. No 'alg' value was provided."};class $o extends Ce{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,$o.prototype)}}function Qo(e){return new $o(e,Go[e])}
66
- /*! @azure/msal-common v15.13.3 2025-12-04 */class jo{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw Qo(zo);if(!e.alg)throw Qo(Ko);const t=new jo({typ:e.typ||ue.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}
67
- /*! @azure/msal-common v15.13.3 2025-12-04 */function Wo(e,t,r,n=5){if(e instanceof Error)return e instanceof Ce?(r.errorCode=e.errorCode,r.subErrorCode=e.subError,void((e instanceof no||e instanceof Ao)&&(r.serverErrorNo=e.errorNo))):void(e instanceof Rr?r.errorCode=e.errorCode:r.errorStack?.length?t.trace("PerformanceClient.addErrorStack: Stack already exist",r.correlationId):e.stack?.length?(e.stack&&(r.errorStack=function(e,t){if(t<0)return[];const r=e.split("\n")||[],n=[],o=r[0];o.startsWith("TypeError: Cannot read property")||o.startsWith("TypeError: Cannot read properties of")||o.startsWith("TypeError: Cannot set property")||o.startsWith("TypeError: Cannot set properties of")||o.endsWith("is not a function")?n.push(Vo(o)):(o.startsWith("SyntaxError")||o.startsWith("TypeError"))&&n.push(Vo(o.replace(/['].*[']|["].*["]/g,"<redacted>")));for(let e=1;e<r.length&&!(n.length>=t);e++){const t=r[e];n.push(Vo(t))}return n}(e.stack,n)),r.errorName=e.name):t.trace("PerformanceClient.addErrorStack: Input stack is empty",r.correlationId));t.trace("PerformanceClient.addErrorStack: Input error is not instance of Error",r.correlationId)}function Vo(e){const t=e.lastIndexOf(" ")+1;if(t<1)return e;const r=e.substring(t);let n=r.lastIndexOf("/");return n=n<0?r.lastIndexOf("\\"):n,n>=0?(e.substring(0,t)+"("+r.substring(n+1)+(")"===r.charAt(r.length-1)?"":")")).trimStart():e.trimStart()}class Jo{constructor(e,t,r,n,o,i,s,a){this.authority=t,this.libraryName=n,this.libraryVersion=o,this.applicationTelemetry=i,this.clientId=e,this.logger=r,this.callbacks=new Map,this.eventsByCorrelationId=new Map,this.eventStack=new Map,this.queueMeasurements=new Map,this.preQueueTimeByCorrelationId=new Map,this.intFields=s||new Set;for(const e of Lr)this.intFields.add(e);this.abbreviations=a||new Map;for(const[e,t]of qr)this.abbreviations.set(e,t)}startPerformanceMeasurement(e,t){return{}}getPreQueueTime(e,t){const r=this.preQueueTimeByCorrelationId.get(t);if(r){if(r.name===e)return r.time;this.logger.trace(`PerformanceClient.getPreQueueTime: no pre-queue time found for ${e}, unable to add queue measurement`)}else this.logger.trace(`PerformanceClient.getPreQueueTime: no pre-queue times found for correlationId: ${t}, unable to add queue measurement`)}calculateQueuedTime(e,t){return e<1?(this.logger.trace(`PerformanceClient: preQueueTime should be a positive integer and not ${e}`),0):t<1?(this.logger.trace(`PerformanceClient: currentTime should be a positive integer and not ${t}`),0):t<e?(this.logger.trace("PerformanceClient: currentTime is less than preQueueTime, check how time is being retrieved"),0):t-e}addQueueMeasurement(e,t,r,n){if(!t)return void this.logger.trace(`PerformanceClient.addQueueMeasurement: correlationId not provided for ${e}, cannot add queue measurement`);if(0===r)this.logger.trace(`PerformanceClient.addQueueMeasurement: queue time provided for ${e} is ${r}`);else if(!r)return void this.logger.trace(`PerformanceClient.addQueueMeasurement: no queue time provided for ${e}`);const o={eventName:e,queueTime:n?0:r,manuallyCompleted:n},i=this.queueMeasurements.get(t);if(i)i.push(o),this.queueMeasurements.set(t,i);else{this.logger.trace(`PerformanceClient.addQueueMeasurement: adding correlationId ${t} to queue measurements`);const e=[o];this.queueMeasurements.set(t,e)}this.preQueueTimeByCorrelationId.delete(t)}startMeasurement(e,t){const r=t||this.generateId();t||this.logger.info(`PerformanceClient: No correlation id provided for ${e}, generating`,r),this.logger.trace(`PerformanceClient: Performance measurement started for ${e}`,r);const n={eventId:this.generateId(),status:Nr,authority:this.authority,libraryName:this.libraryName,libraryVersion:this.libraryVersion,clientId:this.clientId,name:e,startTimeMs:Date.now(),correlationId:r,appName:this.applicationTelemetry?.appName,appVersion:this.applicationTelemetry?.appVersion};var o,i,s;return this.cacheEventByCorrelationId(n),o=n,i=this.abbreviations,(s=this.eventStack.get(r))&&s.push({name:i.get(o.name)||o.name}),{end:(e,t,r)=>this.endMeasurement({...n,...e},t,r),discard:()=>this.discardMeasurements(n.correlationId),add:e=>this.addFields(e,n.correlationId),increment:e=>this.incrementFields(e,n.correlationId),event:n,measurement:new Dr}}endMeasurement(e,t,r){const n=this.eventsByCorrelationId.get(e.correlationId);if(!n)return this.logger.trace(`PerformanceClient: Measurement not found for ${e.eventId}`,e.correlationId),null;const o=e.eventId===n.eventId;let i={totalQueueTime:0,totalQueueCount:0,manuallyCompletedCount:0};e.durationMs=Math.round(e.durationMs||this.getDurationMs(e.startTimeMs));const s=JSON.stringify(function(e,t,r,n){if(!r?.length)return;const o=e=>e.length?e[e.length-1]:void 0,i=t.get(e.name)||e.name,s=o(r);if(s?.name!==i)return;const a=r?.pop();if(!a)return;const c=n instanceof Ce?n.errorCode:n instanceof Error?n.name:void 0,l=n instanceof Ce?n.subError:void 0;c&&a.childErr!==c&&(a.err=c,l&&(a.subErr=l)),delete a.name,delete a.childErr;const h={...a,dur:e.durationMs};e.success||(h.fail=1);const d=o(r);if(!d)return{[i]:h};let u;if(c&&(d.childErr=c),d[i]){const e=Object.keys(d).filter((e=>e.startsWith(i))).length;u=`${i}_${e+1}`}else u=i;return d[u]=h,d}(e,this.abbreviations,this.eventStack.get(n.correlationId),t));if(o?(i=this.getQueueInfo(e.correlationId),this.discardMeasurements(n.correlationId)):n.incompleteSubMeasurements?.delete(e.eventId),this.logger.trace(`PerformanceClient: Performance measurement ended for ${e.name}: ${e.durationMs} ms`,e.correlationId),t&&Wo(t,this.logger,n),!o)return n[e.name+"DurationMs"]=Math.floor(e.durationMs),{...n};o&&!t&&(n.errorCode||n.subErrorCode)&&(this.logger.trace(`PerformanceClient: Remove error and sub-error codes for root event ${e.name} as intermediate error was successfully handled`,e.correlationId),n.errorCode=void 0,n.subErrorCode=void 0);let a={...n,...e},c=0;return a.incompleteSubMeasurements?.forEach((t=>{this.logger.trace(`PerformanceClient: Incomplete submeasurement ${t.name} found for ${e.name}`,a.correlationId),c++})),a.incompleteSubMeasurements=void 0,a={...a,queuedTimeMs:i.totalQueueTime,queuedCount:i.totalQueueCount,queuedManuallyCompletedCount:i.manuallyCompletedCount,status:Ur,incompleteSubsCount:c,context:s},r&&(a.accountType=function(e){const t=e?.idTokenClaims;return t?.tfp||t?.acr?"B2C":t?.tid?"9188040d-6c67-4c5b-b112-36a304b66dad"===t?.tid?"MSA":"AAD":void 0}(r),a.dataBoundary=r.dataBoundary),this.truncateIntegralFields(a),this.emitEvents([a],e.correlationId),a}addFields(e,t){this.logger.trace("PerformanceClient: Updating static fields");const r=this.eventsByCorrelationId.get(t);r?this.eventsByCorrelationId.set(t,{...r,...e}):this.logger.trace("PerformanceClient: Event not found for",t)}incrementFields(e,t){this.logger.trace("PerformanceClient: Updating counters");const r=this.eventsByCorrelationId.get(t);if(r)for(const t in e){if(r.hasOwnProperty(t)){if(isNaN(Number(r[t])))return}else r[t]=0;r[t]+=e[t]}else this.logger.trace("PerformanceClient: Event not found for",t)}cacheEventByCorrelationId(e){const t=this.eventsByCorrelationId.get(e.correlationId);t?(this.logger.trace(`PerformanceClient: Performance measurement for ${e.name} added/updated`,e.correlationId),t.incompleteSubMeasurements=t.incompleteSubMeasurements||new Map,t.incompleteSubMeasurements.set(e.eventId,{name:e.name,startTimeMs:e.startTimeMs})):(this.logger.trace(`PerformanceClient: Performance measurement for ${e.name} started`,e.correlationId),this.eventsByCorrelationId.set(e.correlationId,{...e}),this.eventStack.set(e.correlationId,[]))}getQueueInfo(e){const t=this.queueMeasurements.get(e);t||this.logger.trace(`PerformanceClient: no queue measurements found for for correlationId: ${e}`);let r=0,n=0,o=0;return t?.forEach((e=>{r+=e.queueTime,n++,o+=e.manuallyCompleted?1:0})),{totalQueueTime:r,totalQueueCount:n,manuallyCompletedCount:o}}discardMeasurements(e){this.logger.trace("PerformanceClient: Performance measurements discarded",e),this.eventsByCorrelationId.delete(e),this.logger.trace("PerformanceClient: QueueMeasurements discarded",e),this.queueMeasurements.delete(e),this.logger.trace("PerformanceClient: Pre-queue times discarded",e),this.preQueueTimeByCorrelationId.delete(e),this.logger.trace("PerformanceClient: Event stack discarded",e),this.eventStack.delete(e)}addPerformanceCallback(e){for(const[t,r]of this.callbacks)if(r.toString()===e.toString())return this.logger.warning(`PerformanceClient: Performance callback is already registered with id: ${t}`),t;const t=this.generateId();return this.callbacks.set(t,e),this.logger.verbose(`PerformanceClient: Performance callback registered with id: ${t}`),t}removePerformanceCallback(e){const t=this.callbacks.delete(e);return t?this.logger.verbose(`PerformanceClient: Performance callback ${e} removed.`):this.logger.verbose(`PerformanceClient: Performance callback ${e} not removed.`),t}emitEvents(e,t){this.logger.verbose("PerformanceClient: Emitting performance events",t),this.callbacks.forEach(((r,n)=>{this.logger.trace(`PerformanceClient: Emitting event to callback ${n}`,t),r.apply(null,[e])}))}truncateIntegralFields(e){this.intFields.forEach((t=>{t in e&&"number"==typeof e[t]&&(e[t]=Math.floor(e[t]))}))}getDurationMs(e){const t=Date.now()-e;return t<0?t:0}}const Yo="pkce_not_created",Xo="ear_jwk_empty",Zo="ear_jwe_empty",ei="crypto_nonexistent",ti="empty_navigate_uri",ri="hash_empty_error",ni="no_state_in_hash",oi="hash_does_not_contain_known_properties",ii="unable_to_parse_state",si="state_interaction_type_mismatch",ai="interaction_in_progress",ci="popup_window_error",li="empty_window_error",hi="user_cancelled",di="monitor_popup_timeout",ui="monitor_window_timeout",gi="redirect_in_iframe",pi="block_iframe_reload",mi="block_nested_popups",fi="iframe_closed_prematurely",yi="silent_logout_unsupported",Ci="no_account_error",wi="silent_prompt_value_error",vi="no_token_request_cache_error",Ii="unable_to_parse_token_request_cache_error",Ti="auth_request_not_set_error",Ai="invalid_cache_type",ki="non_browser_environment",Si="database_not_open",bi="no_network_connectivity",Ei="post_request_failed",Ri="get_request_failed",_i="failed_to_parse_response",Pi="unable_to_load_token",Mi="crypto_key_not_found",Oi="auth_code_required",qi="auth_code_or_nativeAccountId_required",Ni="spa_code_and_nativeAccountId_present",Ui="database_unavailable",Li="unable_to_acquire_token_from_native_platform",Di="native_handshake_timeout",Hi="native_extension_not_installed",xi="native_connection_not_established",Bi="uninitialized_public_client_application",Fi="native_prompt_not_supported",zi="invalid_base64_string",Ki="invalid_pop_token_request",Gi="failed_to_build_headers",$i="failed_to_parse_headers",Qi="failed_to_decrypt_ear_response",ji="timed_out";var Wi=Object.freeze({__proto__:null,authCodeOrNativeAccountIdRequired:qi,authCodeRequired:Oi,authRequestNotSetError:Ti,blockIframeReload:pi,blockNestedPopups:mi,cryptoKeyNotFound:Mi,cryptoNonExistent:ei,databaseNotOpen:Si,databaseUnavailable:Ui,earJweEmpty:Zo,earJwkEmpty:Xo,emptyNavigateUri:ti,emptyWindowError:li,failedToBuildHeaders:Gi,failedToDecryptEarResponse:Qi,failedToParseHeaders:$i,failedToParseResponse:_i,getRequestFailed:Ri,hashDoesNotContainKnownProperties:oi,hashEmptyError:ri,iframeClosedPrematurely:fi,interactionInProgress:ai,invalidBase64String:zi,invalidCacheType:Ai,invalidPopTokenRequest:Ki,monitorPopupTimeout:di,monitorWindowTimeout:ui,nativeConnectionNotEstablished:xi,nativeExtensionNotInstalled:Hi,nativeHandshakeTimeout:Di,nativePromptNotSupported:Fi,noAccountError:Ci,noNetworkConnectivity:bi,noStateInHash:ni,noTokenRequestCacheError:vi,nonBrowserEnvironment:ki,pkceNotCreated:Yo,popupWindowError:ci,postRequestFailed:Ei,redirectInIframe:gi,silentLogoutUnsupported:yi,silentPromptValueError:wi,spaCodeAndNativeAccountIdPresent:Ni,stateInteractionTypeMismatch:si,timedOut:ji,unableToAcquireTokenFromNativePlatform:Li,unableToLoadToken:Pi,unableToParseState:ii,unableToParseTokenRequestCacheError:Ii,uninitializedPublicClientApplication:Bi,userCancelled:hi});const Vi="For more visit: aka.ms/msaljs/browser-errors",Ji={[Yo]:"The PKCE code challenge and verifier could not be generated.",[Xo]:"No EAR encryption key provided. This is unexpected.",[Zo]:"Server response does not contain ear_jwe property. This is unexpected.",[ei]:"The crypto object or function is not available.",[ti]:"Navigation URI is empty. Please check stack trace for more info.",[ri]:`Hash value cannot be processed because it is empty. Please verify that your redirectUri is not clearing the hash. ${Vi}`,[ni]:"Hash does not contain state. Please verify that the request originated from msal.",[oi]:`Hash does not contain known properites. Please verify that your redirectUri is not changing the hash. ${Vi}`,[ii]:"Unable to parse state. Please verify that the request originated from msal.",[si]:"Hash contains state but the interaction type does not match the caller.",[ai]:`Interaction is currently in progress. Please ensure that this interaction has been completed before calling an interactive API. ${Vi}`,[ci]:"Error opening popup window. This can happen if you are using IE or if popups are blocked in the browser.",[li]:"window.open returned null or undefined window object.",[hi]:"User cancelled the flow.",[di]:`Token acquisition in popup failed due to timeout. ${Vi}`,[ui]:`Token acquisition in iframe failed due to timeout. ${Vi}`,[gi]:"Redirects are not supported for iframed or brokered applications. Please ensure you are using MSAL.js in a top frame of the window if using the redirect APIs, or use the popup APIs.",[pi]:`Request was blocked inside an iframe because MSAL detected an authentication response. ${Vi}`,[mi]:"Request was blocked inside a popup because MSAL detected it was running in a popup.",[fi]:"The iframe being monitored was closed prematurely.",[yi]:"Silent logout not supported. Please call logoutRedirect or logoutPopup instead.",[Ci]:"No account object provided to acquireTokenSilent and no active account has been set. Please call setActiveAccount or provide an account on the request.",[wi]:"The value given for the prompt value is not valid for silent requests - must be set to 'none' or 'no_session'.",[vi]:"No token request found in cache.",[Ii]:"The cached token request could not be parsed.",[Ti]:"Auth Request not set. Please ensure initiateAuthRequest was called from the InteractionHandler",[Ai]:"Invalid cache type",[ki]:"Login and token requests are not supported in non-browser environments.",[Si]:"Database is not open!",[bi]:"No network connectivity. Check your internet connection.",[Ei]:"Network request failed: If the browser threw a CORS error, check that the redirectUri is registered in the Azure App Portal as type 'SPA'",[Ri]:"Network request failed. Please check the network trace to determine root cause.",[_i]:"Failed to parse network response. Check network trace.",[Pi]:"Error loading token to cache.",[Mi]:"Cryptographic Key or Keypair not found in browser storage.",[Oi]:"An authorization code must be provided (as the `code` property on the request) to this flow.",[qi]:"An authorization code or nativeAccountId must be provided to this flow.",[Ni]:"Request cannot contain both spa code and native account id.",[Ui]:"IndexedDB, which is required for persistent cryptographic key storage, is unavailable. This may be caused by browser privacy features which block persistent storage in third-party contexts.",[Li]:`Unable to acquire token from native platform. ${Vi}`,[Di]:"Timed out while attempting to establish connection to browser extension",[Hi]:"Native extension is not installed. If you think this is a mistake call the initialize function.",[xi]:`Connection to native platform has not been established. Please install a compatible browser extension and run initialize(). ${Vi}`,[Bi]:`You must call and await the initialize function before attempting to call any other MSAL API. ${Vi}`,[Fi]:"The provided prompt is not supported by the native platform. This request should be routed to the web based flow.",[zi]:"Invalid base64 encoded string.",[Ki]:"Invalid PoP token request. The request should not have both a popKid value and signPopToken set to true.",[Gi]:"Failed to build request headers object.",[$i]:"Failed to parse response headers",[Qi]:"Failed to decrypt ear response",[ji]:"The request timed out."},Yi={pkceNotGenerated:{code:Yo,desc:Ji[Yo]},cryptoDoesNotExist:{code:ei,desc:Ji[ei]},emptyNavigateUriError:{code:ti,desc:Ji[ti]},hashEmptyError:{code:ri,desc:Ji[ri]},hashDoesNotContainStateError:{code:ni,desc:Ji[ni]},hashDoesNotContainKnownPropertiesError:{code:oi,desc:Ji[oi]},unableToParseStateError:{code:ii,desc:Ji[ii]},stateInteractionTypeMismatchError:{code:si,desc:Ji[si]},interactionInProgress:{code:ai,desc:Ji[ai]},popupWindowError:{code:ci,desc:Ji[ci]},emptyWindowError:{code:li,desc:Ji[li]},userCancelledError:{code:hi,desc:Ji[hi]},monitorPopupTimeoutError:{code:di,desc:Ji[di]},monitorIframeTimeoutError:{code:ui,desc:Ji[ui]},redirectInIframeError:{code:gi,desc:Ji[gi]},blockTokenRequestsInHiddenIframeError:{code:pi,desc:Ji[pi]},blockAcquireTokenInPopupsError:{code:mi,desc:Ji[mi]},iframeClosedPrematurelyError:{code:fi,desc:Ji[fi]},silentLogoutUnsupportedError:{code:yi,desc:Ji[yi]},noAccountError:{code:Ci,desc:Ji[Ci]},silentPromptValueError:{code:wi,desc:Ji[wi]},noTokenRequestCacheError:{code:vi,desc:Ji[vi]},unableToParseTokenRequestCacheError:{code:Ii,desc:Ji[Ii]},authRequestNotSet:{code:Ti,desc:Ji[Ti]},invalidCacheType:{code:Ai,desc:Ji[Ai]},notInBrowserEnvironment:{code:ki,desc:Ji[ki]},databaseNotOpen:{code:Si,desc:Ji[Si]},noNetworkConnectivity:{code:bi,desc:Ji[bi]},postRequestFailed:{code:Ei,desc:Ji[Ei]},getRequestFailed:{code:Ri,desc:Ji[Ri]},failedToParseNetworkResponse:{code:_i,desc:Ji[_i]},unableToLoadTokenError:{code:Pi,desc:Ji[Pi]},signingKeyNotFoundInStorage:{code:Mi,desc:Ji[Mi]},authCodeRequired:{code:Oi,desc:Ji[Oi]},authCodeOrNativeAccountRequired:{code:qi,desc:Ji[qi]},spaCodeAndNativeAccountPresent:{code:Ni,desc:Ji[Ni]},databaseUnavailable:{code:Ui,desc:Ji[Ui]},unableToAcquireTokenFromNativePlatform:{code:Li,desc:Ji[Li]},nativeHandshakeTimeout:{code:Di,desc:Ji[Di]},nativeExtensionNotInstalled:{code:Hi,desc:Ji[Hi]},nativeConnectionNotEstablished:{code:xi,desc:Ji[xi]},uninitializedPublicClientApplication:{code:Bi,desc:Ji[Bi]},nativePromptNotSupported:{code:Fi,desc:Ji[Fi]},invalidBase64StringError:{code:zi,desc:Ji[zi]},invalidPopTokenRequest:{code:Ki,desc:Ji[Ki]}};class Xi extends Ce{constructor(e,t){super(e,Ji[e],t),Object.setPrototypeOf(this,Xi.prototype),this.name="BrowserAuthError"}}function Zi(e,t){return new Xi(e,t)}const es="invalid_grant",ts=483,rs=600,ns="msal",os=30,is="msal.js.browser",ss="53ee284d-920a-4b59-9d30-a60315b26836",as="ppnbnpeolgkicgegkbkbjmhlideopiji",cs="MATS",ls="MicrosoftEntra",hs="DOM API",ds="get-token-and-sign-out",us="PlatformAuthDOMHandler",gs="PlatformAuthExtensionHandler",ps="Handshake",ms="HandshakeResponse",fs="GetToken",ys="Response",Cs={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},ws="GET",vs="POST",Is="signin",Ts="signout",As="request.origin",ks="urlHash",Ss="request.params",bs="code.verifier",Es="interaction.status",Rs="request.native",_s="wrapper.sku",Ps="wrapper.version",Ms={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962};var Os;e.InteractionType=void 0,(Os=e.InteractionType||(e.InteractionType={})).Redirect="redirect",Os.Popup="popup",Os.Silent="silent",Os.None="none";const qs={Startup:"startup",Login:"login",Logout:"logout",AcquireToken:"acquireToken",SsoSilent:"ssoSilent",HandleRedirect:"handleRedirect",None:"none"},Ns={scopes:h},Us="msal.db",Ls=`${Us}.keys`,Ds={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},Hs=[Ds.Default,Ds.Skip,Ds.RefreshTokenAndNetwork];function xs(e){return encodeURIComponent(Fs(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function Bs(e){return zs(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function Fs(e){return zs((new TextEncoder).encode(e))}function zs(e){const t=Array.from(e,(e=>String.fromCodePoint(e))).join("");return btoa(t)}function Ks(e){return(new TextDecoder).decode(Gs(e))}function Gs(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw Zi(zi)}const r=atob(t);return Uint8Array.from(r,(e=>e.codePointAt(0)||0))}const $s="AES-GCM",Qs="HKDF",js="SHA-256",Ws=new Uint8Array([1,0,1]),Vs="0123456789abcdef",Js=new Uint32Array(1),Ys="raw",Xs="encrypt",Zs="decrypt",ea={name:"RSASSA-PKCS1-v1_5",hash:js,modulusLength:2048,publicExponent:Ws};async function ta(e,t,r){t?.addQueueMeasurement(Or.Sha256Digest,r);const n=(new TextEncoder).encode(e);return window.crypto.subtle.digest(js,n)}function ra(e){return window.crypto.getRandomValues(e)}function na(){return window.crypto.getRandomValues(Js),Js[0]}function oa(){const e=Date.now(),t=1024*na()+(1023&na()),r=new Uint8Array(16),n=Math.trunc(t/2**30),o=t&2**30-1,i=na();r[0]=e/2**40,r[1]=e/2**32,r[2]=e/2**24,r[3]=e/65536,r[4]=e/256,r[5]=e,r[6]=112|n>>>8,r[7]=n,r[8]=128|o>>>24,r[9]=o>>>16,r[10]=o>>>8,r[11]=o,r[12]=i>>>24,r[13]=i>>>16,r[14]=i>>>8,r[15]=i;let s="";for(let e=0;e<r.length;e++)s+=Vs.charAt(r[e]>>>4),s+=Vs.charAt(15&r[e]),3!==e&&5!==e&&7!==e&&9!==e||(s+="-");return s}async function ia(e){return window.crypto.subtle.exportKey("jwk",e)}async function sa(){const e=await ca(),t={alg:"dir",kty:"oct",k:Bs(new Uint8Array(e))};return Fs(JSON.stringify(t))}async function aa(e,t){const r=t.split(".");if(5!==r.length)throw Zi(Qi,"jwe_length");const n=await async function(e){const t=Ks(e),r=Gs(JSON.parse(t).k);return window.crypto.subtle.importKey(Ys,r,$s,!1,[Zs])}(e).catch((()=>{throw Zi(Qi,"import_key")}));try{const e=(new TextEncoder).encode(r[0]),t=Gs(r[2]),o=Gs(r[3]),i=Gs(r[4]),s=8*i.byteLength,a=new Uint8Array(o.length+i.length);a.set(o),a.set(i,o.length);const c=await window.crypto.subtle.decrypt({name:$s,iv:t,tagLength:s,additionalData:e},n,a);return(new TextDecoder).decode(c)}catch(e){throw Zi(Qi,"decrypt")}}async function ca(){const e=await window.crypto.subtle.generateKey({name:$s,length:256},!0,[Xs,Zs]);return window.crypto.subtle.exportKey(Ys,e)}async function la(e){return window.crypto.subtle.importKey(Ys,e,Qs,!1,["deriveKey"])}async function ha(e,t,r){return window.crypto.subtle.deriveKey({name:Qs,salt:t,hash:js,info:(new TextEncoder).encode(r)},e,{name:$s,length:256},!1,[Xs,Zs])}async function da(e,t,r){const n=(new TextEncoder).encode(t),o=window.crypto.getRandomValues(new Uint8Array(16)),i=await ha(e,o,r),s=await window.crypto.subtle.encrypt({name:$s,iv:new Uint8Array(12)},i,n);return{data:Bs(new Uint8Array(s)),nonce:Bs(o)}}async function ua(e,t,r,n){const o=Gs(n),i=await ha(e,Gs(t),r),s=await window.crypto.subtle.decrypt({name:$s,iv:new Uint8Array(12)},i,o);return(new TextDecoder).decode(s)}async function ga(e){const t=await ta(e);return Bs(new Uint8Array(t))}const pa="storage_not_supported",ma="stubbed_public_client_application_called",fa="in_mem_redirect_unavailable";var ya=Object.freeze({__proto__:null,inMemRedirectUnavailable:fa,storageNotSupported:pa,stubbedPublicClientApplicationCalled:ma});const Ca={[pa]:"Given storage configuration option was not supported.",[ma]:"Stub instance of Public Client Application was called. If using msal-react, please ensure context is not used without a provider. For more visit: aka.ms/msaljs/browser-errors",[fa]:"Redirect cannot be supported. In-memory storage was selected and storeAuthStateInCookie=false, which would cause the library to be unable to handle the incoming hash. If you would like to use the redirect API, please use session/localStorage or set storeAuthStateInCookie=true."},wa={storageNotSupportedError:{code:pa,desc:Ca[pa]},stubPcaInstanceCalled:{code:ma,desc:Ca[ma]},inMemRedirectUnavailable:{code:fa,desc:Ca[fa]}};class va extends Ce{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,va.prototype)}}function Ia(e){return new va(e,Ca[e])}function Ta(e){e.location.hash="","function"==typeof e.history.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}${e.location.search}`)}function Aa(e){const t=e.split("#");t.shift(),window.location.hash=t.length>0?t.join("#"):""}function ka(){return window.parent!==window}function Sa(){return"undefined"!=typeof window&&!!window.opener&&window.opener!==window&&"string"==typeof window.name&&0===window.name.indexOf(`${ns}.`)}function ba(){return"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function Ea(){const e=new wr(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function Ra(){if(wr.hashContainsKnownProperties(window.location.hash)&&ka())throw Zi(pi)}function _a(e){if(ka()&&!e)throw Zi(gi)}function Pa(){if(Sa())throw Zi(mi)}function Ma(){if("undefined"==typeof window)throw Zi(ki)}function Oa(e){if(!e)throw Zi(Bi)}function qa(e){Ma(),Ra(),Pa(),Oa(e)}function Na(e,t){if(qa(e),_a(t.system.allowRedirectInIframe),t.cache.cacheLocation===Cs.MemoryStorage&&!t.cache.storeAuthStateInCookie)throw Ia(fa)}function Ua(e){const t=document.createElement("link");t.rel="preconnect",t.href=new URL(e).origin,t.crossOrigin="anonymous",document.head.appendChild(t),window.setTimeout((()=>{try{document.head.removeChild(t)}catch{}}),1e4)}function La(){return oa()}const Da=Rn;var Ha=Object.freeze({__proto__:null,addClientCapabilitiesToClaims:Da,blockAPICallsBeforeInitialize:Oa,blockAcquireTokenInPopups:Pa,blockNonBrowserEnvironment:Ma,blockRedirectInIframe:_a,blockReloadInHiddenIframes:Ra,clearHash:Ta,createGuid:La,getCurrentUri:ba,getHomepage:Ea,invoke:Nn,invokeAsync:Un,isInIframe:ka,isInPopup:Sa,preconnect:Ua,preflightCheck:qa,redirectPreflightCheck:Na,replaceHash:Aa});class xa{navigateInternal(e,t){return xa.defaultNavigateWindow(e,t)}navigateExternal(e,t){return xa.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(((e,r)=>{setTimeout((()=>{r(Zi(ji,"failed_to_redirect"))}),t.timeout)}))}}class Ba{async sendGetRequestAsync(e,t){let r,n={},o=0;const i=Fa(t);try{r=await fetch(e,{method:ws,headers:i})}catch(e){throw ao(Zi(window.navigator.onLine?Ri:bi),void 0,void 0,e)}n=za(r.headers);try{return o=r.status,{headers:n,body:await r.json(),status:o}}catch(e){throw ao(Zi(_i),o,n,e)}}async sendPostRequestAsync(e,t){const r=t&&t.body||"",n=Fa(t);let o,i=0,s={};try{o=await fetch(e,{method:vs,headers:n,body:r})}catch(e){throw ao(Zi(window.navigator.onLine?Ei:bi),void 0,void 0,e)}s=za(o.headers);try{return i=o.status,{headers:s,body:await o.json(),status:i}}catch(e){throw ao(Zi(_i),i,s,e)}}}function Fa(e){try{const t=new Headers;if(!e||!e.headers)return t;const r=e.headers;return Object.entries(r).forEach((([e,r])=>{t.append(e,r)})),t}catch(e){throw ao(Zi(Gi),void 0,void 0,e)}}function za(e){try{const t={};return e.forEach(((e,r)=>{t[r]=e})),t}catch(e){throw Zi($i)}}const Ka=1e4;const Ga="@azure/msal-browser",$a="4.27.0",Qa="msal",ja="browser",Wa=`${Qa}.${ja}.log.level`,Va=`${Qa}.${ja}.log.pii`,Ja=`${Qa}.${ja}.performance.enabled`,Ya=`${Qa}.version`,Xa="account.keys",Za="token.keys";function ec(e=2){return e<1?`${Qa}.${Xa}`:`${Qa}.${e}.${Xa}`}function tc(e,t=2){return t<1?`${Qa}.${Za}.${e}`:`${Qa}.${t}.${Za}.${e}`}class rc{static loggerCallback(t,r){switch(t){case e.LogLevel.Error:return void console.error(r);case e.LogLevel.Info:return void console.info(r);case e.LogLevel.Verbose:return void console.debug(r);case e.LogLevel.Warning:return void console.warn(r);default:return void console.log(r)}}constructor(r){let n;this.browserEnvironment="undefined"!=typeof window,this.config=function({auth:r,cache:n,system:o,telemetry:i},s){const a={clientId:t.EMPTY_STRING,authority:`${t.DEFAULT_AUTHORITY}`,knownAuthorities:[],cloudDiscoveryMetadata:t.EMPTY_STRING,authorityMetadata:t.EMPTY_STRING,redirectUri:"undefined"!=typeof window?ba():"",postLogoutRedirectUri:t.EMPTY_STRING,navigateToLoginRequestUrl:!0,clientCapabilities:[],protocolMode:lr.AAD,OIDCOptions:{serverResponseType:_.FRAGMENT,defaultScopes:[t.OPENID_SCOPE,t.PROFILE_SCOPE,t.OFFLINE_ACCESS_SCOPE]},azureCloudOptions:{azureCloudInstance:It.None,tenant:t.EMPTY_STRING},skipAuthorityMetadataCache:!1,supportsNestedAppAuth:!1,instanceAware:!1,encodeExtraQueryParams:!1},c={cacheLocation:Cs.SessionStorage,cacheRetentionDays:5,temporaryCacheLocation:Cs.SessionStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!(!n||n.cacheLocation!==Cs.LocalStorage),claimsBasedCachingEnabled:!1},l={loggerCallback:()=>{},logLevel:e.LogLevel.Info,piiLoggingEnabled:!1},h={...{...xr,loggerOptions:l,networkClient:s?new Ba:Lo,navigationClient:new xa,loadFrameTimeout:0,windowHashTimeout:o?.loadFrameTimeout||6e4,iframeHashTimeout:o?.loadFrameTimeout||Ka,navigateFrameWait:0,redirectNavigationTimeout:3e4,asyncPopups:!1,allowRedirectInIframe:!1,allowPlatformBroker:!1,allowPlatformBrokerWithDOM:!1,nativeBrokerHandshakeTimeout:o?.nativeBrokerHandshakeTimeout||2e3,pollIntervalMilliseconds:os},...o,loggerOptions:o?.loggerOptions||l},d={application:{appName:t.EMPTY_STRING,appVersion:t.EMPTY_STRING},client:new Hr};r?.protocolMode!==lr.OIDC&&r?.OIDCOptions&&new Ct(h.loggerOptions).warning(JSON.stringify(Jt(Bt)));if(r?.protocolMode&&r.protocolMode===lr.OIDC&&h?.allowPlatformBroker)throw Jt(Ft);return{auth:{...a,...r,OIDCOptions:{...a.OIDCOptions,...r?.OIDCOptions}},cache:{...c,...n},system:h,telemetry:{...d,...i}}}(r,this.browserEnvironment);try{n=window[Cs.SessionStorage]}catch(e){}const o=n?.getItem(Wa),i=n?.getItem(Va)?.toLowerCase(),s="true"===i||"false"!==i&&void 0,a={...this.config.system.loggerOptions},c=o&&Object.keys(e.LogLevel).includes(o)?e.LogLevel[o]:void 0;c&&(a.loggerCallback=rc.loggerCallback,a.logLevel=c),void 0!==s&&(a.piiLoggingEnabled=s),this.logger=new Ct(a,Ga,$a),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}const nc="USER_INTERACTION_REQUIRED",oc="USER_CANCEL",ic="NO_NETWORK",sc="TRANSIENT_ERROR",ac="PERSISTENT_ERROR",cc="DISABLED",lc="ACCOUNT_UNAVAILABLE",hc="NESTED_APP_AUTH_UNAVAILABLE";class dc{static async initializeNestedAppAuthBridge(){if(void 0===window)throw new Error("window is undefined");if(void 0===window.nestedAppAuthBridge)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",(e=>{const t="string"==typeof e?e:e.data,r=JSON.parse(t),n=dc.bridgeRequests.find((e=>e.requestId===r.requestId));void 0!==n&&(dc.bridgeRequests.splice(dc.bridgeRequests.indexOf(n),1),r.success?n.resolve(r):n.reject(r.error))}));const e=await new Promise(((e,t)=>{const r=dc.buildRequest("GetInitContext"),n={requestId:r.requestId,method:r.method,resolve:e,reject:t};dc.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}));return dc.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:dc.validateBridgeResultOrThrow(r.token),account:dc.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:oa(),sendTime:Date.now(),clientLibrary:is,clientLibraryVersion:$a,...t}}sendRequest(e,t){const r=dc.buildRequest(e,t);return new Promise(((e,t)=>{const n={requestId:r.requestId,method:r.method,resolve:e,reject:t};dc.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}))}static validateBridgeResultOrThrow(e){if(void 0===e){throw{status:hc}}return e}constructor(e,t,r,n){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=n}static async create(){const e=await dc.initializeNestedAppAuthBridge();return new dc(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}dc.bridgeRequests=[];class uc extends rc{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return uc.MODULE_NAME}getId(){return uc.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(){try{if("undefined"!=typeof window){"function"==typeof window.__initializeNestedAppAuth&&await window.__initializeNestedAppAuth();const e=await dc.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=void 0!==e}}catch(e){this.logger.infoPii(`Could not initialize Nested App Auth bridge (${e})`)}return this.logger.info(`Nested App Auth Bridge available: ${this.available}`),this.available}}uc.MODULE_NAME="",uc.ID="NestedAppOperatingContext";class gc extends rc{getModuleName(){return gc.MODULE_NAME}getId(){return gc.ID}async initialize(){return this.available="undefined"!=typeof window,this.available}}gc.MODULE_NAME="",gc.ID="StandardOperatingContext";class pc{constructor(){this.dbName=Us,this.version=1,this.tableName=Ls,this.dbOpen=!1}async open(){return new Promise(((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",(e=>{e.target.result.createObjectStore(this.tableName)})),r.addEventListener("success",(t=>{const r=t;this.db=r.target.result,this.dbOpen=!0,e()})),r.addEventListener("error",(()=>t(Zi(Ui))))}))}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Zi(Si));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async setItem(e,t){return await this.validateDbIsOpen(),new Promise(((r,n)=>{if(!this.db)return n(Zi(Si));const o=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);o.addEventListener("success",(()=>{this.closeConnection(),r()})),o.addEventListener("error",(e=>{this.closeConnection(),n(e)}))}))}async removeItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Zi(Si));const n=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);n.addEventListener("success",(()=>{this.closeConnection(),t()})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async getKeys(){return await this.validateDbIsOpen(),new Promise(((e,t)=>{if(!this.db)return t(Zi(Si));const r=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();r.addEventListener("success",(t=>{const r=t;this.closeConnection(),e(r.target.result)})),r.addEventListener("error",(e=>{this.closeConnection(),t(e)}))}))}async containsKey(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Zi(Si));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(1===r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise(((e,t)=>{const r=window.indexedDB.deleteDatabase(Us),n=setTimeout((()=>t(!1)),200);r.addEventListener("success",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("blocked",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("error",(()=>(clearTimeout(n),t(!1))))}))}}class mc{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)||null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach(((t,r)=>{e.push(r)})),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}decryptData(){return Promise.resolve(null)}}class fc{constructor(e){this.inMemoryCache=new mc,this.indexedDBCache=new pc,this.logger=e}handleDatabaseAccessError(e){if(!(e instanceof Xi&&e.errorCode===Ui))throw e;this.logger.error("Could not access persistent storage. This may be caused by browser privacy features which block persistent storage in third-party contexts.")}async getItem(e){const t=this.inMemoryCache.getItem(e);if(!t)try{return this.logger.verbose("Queried item not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.getItem(e)}catch(e){this.handleDatabaseAccessError(e)}return t}async setItem(e,t){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(e){this.handleDatabaseAccessError(e)}}async removeItem(e){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(e){this.handleDatabaseAccessError(e)}}async getKeys(){const e=this.inMemoryCache.getKeys();if(0===e.length)try{return this.logger.verbose("In-memory cache is empty, now querying persistent storage."),await this.indexedDBCache.getKeys()}catch(e){this.handleDatabaseAccessError(e)}return e}async containsKey(e){const t=this.inMemoryCache.containsKey(e);if(!t)try{return this.logger.verbose("Key not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.containsKey(e)}catch(e){this.handleDatabaseAccessError(e)}return t}clearInMemory(){this.logger.verbose("Deleting in-memory keystore"),this.inMemoryCache.clear(),this.logger.verbose("In-memory keystore deleted")}async clearPersistent(){try{this.logger.verbose("Deleting persistent keystore");const e=await this.indexedDBCache.deleteDatabase();return e&&this.logger.verbose("Persistent keystore deleted"),e}catch(e){return this.handleDatabaseAccessError(e),!1}}}class yc{constructor(e,t,r){this.logger=e,function(e){if(!window)throw Zi(ki);if(!window.crypto)throw Zi(ei);if(!e&&!window.crypto.subtle)throw Zi(ei,"crypto_subtle_undefined")}(r??!1),this.cache=new fc(this.logger),this.performanceClient=t}createNewGuid(){return oa()}base64Encode(e){return Fs(e)}base64Decode(e){return Ks(e)}base64UrlEncode(e){return xs(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){const t=this.performanceClient?.startMeasurement(Or.CryptoOptsGetPublicKeyThumbprint,e.correlationId),r=await async function(e,t){return window.crypto.subtle.generateKey(ea,e,t)}(yc.EXTRACTABLE,yc.POP_KEY_USAGES),n=await ia(r.publicKey),o=Cc({e:n.e,kty:n.kty,n:n.n}),i=await this.hashString(o),s=await ia(r.privateKey),a=await async function(e,t,r){return window.crypto.subtle.importKey("jwk",e,ea,t,r)}(s,!1,["sign"]);return await this.cache.setItem(i,{privateKey:a,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri}),t&&t.end({success:!0}),i}async removeTokenBindingKey(e){await this.cache.removeItem(e);if(await this.cache.containsKey(e))throw mt(rt)}async clearKeystore(){this.cache.clearInMemory();try{return await this.cache.clearPersistent(),!0}catch(e){return e instanceof Error?this.logger.error(`Clearing keystore failed with error: ${e.message}`):this.logger.error("Clearing keystore failed with unknown error"),!1}}async signJwt(e,t,r,n){const o=this.performanceClient?.startMeasurement(Or.CryptoOptsSignJwt,n),i=await this.cache.getItem(t);if(!i)throw Zi(Mi);const s=await ia(i.publicKey),a=Cc(s),c=xs(JSON.stringify({kid:t})),l=xs(jo.getShrHeaderString({...r?.header,alg:s.alg,kid:c}));e.cnf={jwk:JSON.parse(a)};const h=`${l}.${xs(JSON.stringify(e))}`,d=(new TextEncoder).encode(h),u=await async function(e,t){return window.crypto.subtle.sign(ea,e,t)}(i.privateKey,d),g=`${h}.${Bs(new Uint8Array(u))}`;return o&&o.end({success:!0}),g}async hashString(e){return ga(e)}}function Cc(e){return JSON.stringify(e,Object.keys(e).sort())}yc.POP_KEY_USAGES=["sign","verify"],yc.EXTRACTABLE=!0;const wc=864e5,vc="Lax",Ic="None";class Tc{initialize(){return Promise.resolve()}getItem(e){const t=`${encodeURIComponent(e)}`,r=document.cookie.split(";");for(let e=0;e<r.length;e++){const n=r[e],[o,...i]=decodeURIComponent(n).trim().split("="),s=i.join("=");if(o===t)return s}return""}getUserData(){throw mt(ct)}setItem(e,t,r,n=!0,o=vc){let i=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${o};`;if(r){const e=function(e){const t=new Date,r=new Date(t.getTime()+e*wc);return r.toUTCString()}(r);i+=`expires=${e};`}(n||o===Ic)&&(i+="Secure;"),document.cookie=i}async setUserData(){return Promise.reject(mt(ct))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach((e=>{const r=decodeURIComponent(e).trim().split("=");t.push(r[0])})),t}containsKey(e){return this.getKeys().includes(e)}decryptData(){return Promise.resolve(null)}}function Ac(e,t){const r=e.getItem(ec(t));return r?JSON.parse(r):[]}function kc(e,t,r){const n=t.getItem(tc(e,r));if(n){const e=JSON.parse(n);if(e&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("accessToken")&&e.hasOwnProperty("refreshToken"))return e}return{idToken:[],accessToken:[],refreshToken:[]}}function Sc(e){return e.hasOwnProperty("id")&&e.hasOwnProperty("nonce")&&e.hasOwnProperty("data")}const bc="msal.cache.encryption";class Ec{constructor(e,t,r){if(!window.localStorage)throw Ia(pa);this.memoryStorage=new mc,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel("msal.broadcast.cache")}async initialize(e){const t=new Tc,r=t.getItem(bc);let n={key:"",id:""};if(r)try{n=JSON.parse(r)}catch(e){}if(n.key&&n.id){const t=Nn(Gs,Or.Base64Decode,this.logger,this.performanceClient,e)(n.key);this.encryptionCookie={id:n.id,key:await Un(la,Or.GenerateHKDF,this.logger,this.performanceClient,e)(t)}}else{const r=oa(),n=await Un(ca,Or.GenerateBaseKey,this.logger,this.performanceClient,e)(),o=Nn(Bs,Or.UrlEncodeArr,this.logger,this.performanceClient,e)(new Uint8Array(n));this.encryptionCookie={id:r,key:await Un(la,Or.GenerateHKDF,this.logger,this.performanceClient,e)(n)};const i={id:r,key:o};t.setItem(bc,JSON.stringify(i),0,!0,Ic)}await Un(this.importExistingCache.bind(this),Or.ImportExistingCache,this.logger,this.performanceClient,e)(e),this.broadcast.addEventListener("message",this.updateCache.bind(this)),this.initialized=!0}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw Zi(Bi);return this.memoryStorage.getItem(e)}async decryptData(e,t,r){if(!this.initialized||!this.encryptionCookie)throw Zi(Bi);if(t.id!==this.encryptionCookie.id)return this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},r),null;const n=await Un(ua,Or.Decrypt,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t.nonce,this.getContext(e),t.data);if(!n)return null;try{return{...JSON.parse(n),lastUpdatedAt:t.lastUpdatedAt}}catch(e){return this.performanceClient.incrementFields({encryptedCacheCorruptionCount:1},r),null}}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r,n,o){if(!this.initialized||!this.encryptionCookie)throw Zi(Bi);if(o)this.setItem(e,t);else{const{data:o,nonce:i}=await Un(da,Or.Encrypt,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:o,lastUpdatedAt:n};this.setItem(e,JSON.stringify(s))}this.memoryStorage.setItem(e,t),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear();Ac(this).forEach((e=>this.removeItem(e)));const e=kc(this.clientId,this);e.idToken.forEach((e=>this.removeItem(e))),e.accessToken.forEach((e=>this.removeItem(e))),e.refreshToken.forEach((e=>this.removeItem(e))),this.getKeys().forEach((e=>{(e.startsWith(Qa)||-1!==e.indexOf(this.clientId))&&this.removeItem(e)}))}async importExistingCache(e){if(!this.encryptionCookie)return;let t=Ac(this);t=await this.importArray(t,e),t.length?this.setItem(ec(),JSON.stringify(t)):this.removeItem(ec());const r=kc(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),r.idToken.length||r.accessToken.length||r.refreshToken.length?this.setItem(tc(this.clientId),JSON.stringify(r)):this.removeItem(tc(this.clientId))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let n;try{n=JSON.parse(r)}catch(e){return null}return Sc(n)?n.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):(this.performanceClient.incrementFields({encryptedCacheCount:1},t),Un(ua,Or.Decrypt,this.logger,this.performanceClient,t)(this.encryptionCookie.key,n.nonce,this.getContext(e),n.data)):(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),r)}async importArray(e,t){const r=[],n=[];return e.forEach((e=>{const o=this.getItemFromEncryptedCache(e,t).then((t=>{t?(this.memoryStorage.setItem(e,t),r.push(e)):this.removeItem(e)}));n.push(o)})),await Promise.all(n),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e){this.logger.trace("Updating internal cache from broadcast event");const t=this.performanceClient.startMeasurement(Or.LocalStorageUpdated);t.add({isBackground:!0});const{key:r,value:n,context:o}=e.data;return r?o&&o!==this.clientId?(this.logger.trace(`Ignoring broadcast event from clientId: ${o}`),void t.end({success:!1,errorCode:"contextMismatch"})):(n?(this.memoryStorage.setItem(r,n),this.logger.verbose("Updated item in internal cache")):(this.memoryStorage.removeItem(r),this.logger.verbose("Removed item from internal cache")),void t.end({success:!0})):(this.logger.error("Broadcast event missing key"),void t.end({success:!1,errorCode:"noKey"}))}}class Rc{constructor(){if(!window.sessionStorage)throw Ia(pa)}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}decryptData(){return Promise.resolve(null)}}const _c={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACCOUNT_ADDED:"msal:accountAdded",ACCOUNT_REMOVED:"msal:accountRemoved",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_START:"msal:loginStart",LOGIN_SUCCESS:"msal:loginSuccess",LOGIN_FAILURE:"msal:loginFailure",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",SSO_SILENT_START:"msal:ssoSilentStart",SSO_SILENT_SUCCESS:"msal:ssoSilentSuccess",SSO_SILENT_FAILURE:"msal:ssoSilentFailure",ACQUIRE_TOKEN_BY_CODE_START:"msal:acquireTokenByCodeStart",ACQUIRE_TOKEN_BY_CODE_SUCCESS:"msal:acquireTokenByCodeSuccess",ACQUIRE_TOKEN_BY_CODE_FAILURE:"msal:acquireTokenByCodeFailure",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache",BROKER_CONNECTION_ESTABLISHED:"msal:brokerConnectionEstablished"};function Pc(e,t){const r=e.indexOf(t);r>-1&&e.splice(r,1)}class Mc extends Pr{constructor(e,t,r,n,o,i,s){super(e,r,n,o,s),this.cacheConfig=t,this.logger=n,this.internalStorage=new mc,this.browserStorage=Oc(e,t.cacheLocation,n,o),this.temporaryCacheStorage=Oc(e,t.temporaryCacheLocation,n,o),this.cookieStorage=new Tc,this.eventHandler=i}async initialize(e){this.performanceClient.addFields({cacheLocation:this.cacheConfig.cacheLocation,cacheRetentionDays:this.cacheConfig.cacheRetentionDays},e),await this.browserStorage.initialize(e),await this.migrateExistingCache(e),this.trackVersionChanges(e)}async migrateExistingCache(e){let t=Ac(this.browserStorage),r=kc(this.clientId,this.browserStorage);this.performanceClient.addFields({preMigrateAcntCount:t.length,preMigrateATCount:r.accessToken.length,preMigrateITCount:r.idToken.length,preMigrateRTCount:r.refreshToken.length},e);for(let t=0;t<2;t++){const r=t;await this.removeStaleAccounts(t,r,e)}for(let t=0;t<2;t++){const r=t;await this.migrateIdTokens(t,r,e)}const n=this.getKMSIValues();for(let t=0;t<2;t++)await this.migrateAccessTokens(t,n,e),await this.migrateRefreshTokens(t,n,e);t=Ac(this.browserStorage),r=kc(this.clientId,this.browserStorage),this.performanceClient.addFields({postMigrateAcntCount:t.length,postMigrateATCount:r.accessToken.length,postMigrateITCount:r.idToken.length,postMigrateRTCount:r.refreshToken.length},e)}async updateOldEntry(e,t){const r=this.browserStorage.getItem(e),n=this.validateAndParseJson(r||"");if(!n)return this.browserStorage.removeItem(e),null;if(n.lastUpdatedAt){if(Fn(n.lastUpdatedAt,this.cacheConfig.cacheRetentionDays))return this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null}else n.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(n),t);const o=Sc(n)?await this.browserStorage.decryptData(e,n,t):n;return o&&Qn(o)?(jn(o)||Wn(o))&&o.expiresOn&&Bn(o.expiresOn,300)?(this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null):o:(this.performanceClient.incrementFields({invalidCacheCount:1},t),null)}async removeStaleAccounts(e,t,r){const n=Ac(this.browserStorage,e);if(0!==n.length){for(const e of[...n]){this.performanceClient.incrementFields({oldAcntCount:1},r);const o=this.browserStorage.getItem(e),i=this.validateAndParseJson(o||"");i?i.lastUpdatedAt?Fn(i.lastUpdatedAt,this.cacheConfig.cacheRetentionDays)&&(await this.removeAccountOldSchema(e,i,t,r),Pc(n,e)):(i.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(i),r)):Pc(n,e)}this.setAccountKeys(n,r,e)}}async removeAccountOldSchema(e,t,r,n){const o=Sc(t)?await this.browserStorage.decryptData(e,t,n):t,i=o?.homeAccountId;if(i){const e=this.getTokenKeys(r);[...e.idToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Pc(e.idToken,t)})),[...e.accessToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Pc(e.accessToken,t)})),[...e.refreshToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Pc(e.refreshToken,t)})),this.setTokenKeys(e,n,r)}this.performanceClient.incrementFields({expiredAcntRemovedCount:1},n),this.browserStorage.removeItem(e)}getKMSIValues(){const e={},t=this.getTokenKeys().idToken;for(const r of t){const t=this.browserStorage.getUserData(r);if(t){const r=JSON.parse(t),n=dr(r.secret,Ks);n&&(e[r.homeAccountId]=ur(n))}}return e}async migrateIdTokens(e,t,r){const n=kc(this.clientId,this.browserStorage,e);if(0===n.idToken.length)return;const o=kc(this.clientId,this.browserStorage,2),i=Ac(this.browserStorage),s=Ac(this.browserStorage,t);for(const e of[...n.idToken]){this.performanceClient.incrementFields({oldITCount:1},r);const t=await this.updateOldEntry(e,r);if(!t){Pc(n.idToken,e);continue}const a=i.find((e=>e.includes(t.homeAccountId))),c=s.find((e=>e.includes(t.homeAccountId)));let l=null;if(a)l=this.getAccount(a,r);else if(c){const e=this.browserStorage.getItem(c),t=this.validateAndParseJson(e||"");l=t&&Sc(t)?await this.browserStorage.decryptData(c,t,r):t}if(!l){this.performanceClient.incrementFields({skipITMigrateCount:1},r);continue}const h=dr(t.secret,Ks),d=this.generateCredentialKey(t),u=this.getIdTokenCredential(d,r),g=Object.keys(h).includes("signin_state"),p=u&&Object.keys(dr(u.secret,Ks)||{}).includes("signin_state");if(!u||t.lastUpdatedAt>u.lastUpdatedAt&&(g||!p)){const e=l.tenantProfiles||[],n=cr(h)||l.realm;if(n&&!e.find((e=>e.tenantId===n))){const t=rr(l.homeAccountId,l.localAccountId,n,h);e.push(t)}l.tenantProfiles=e;const s=this.generateAccountKey(hr.getAccountInfo(l)),a=ur(h);await this.setUserData(s,JSON.stringify(l),r,l.lastUpdatedAt,a),i.includes(s)||i.push(s),await this.setUserData(d,JSON.stringify(t),r,t.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedITCount:1},r),o.idToken.push(d)}}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r),this.setAccountKeys(i,r)}async migrateAccessTokens(e,t,r){const n=kc(this.clientId,this.browserStorage,e);if(0===n.accessToken.length)return;const o=kc(this.clientId,this.browserStorage,2);for(const e of[...n.accessToken]){this.performanceClient.incrementFields({oldATCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){Pc(n.accessToken,e);continue}if(!Object.keys(t).includes(i.homeAccountId)){this.performanceClient.incrementFields({skipATMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.accessToken.includes(s)){const e=this.getAccessTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r),o.accessToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}async migrateRefreshTokens(e,t,r){const n=kc(this.clientId,this.browserStorage,e);if(0===n.refreshToken.length)return;const o=kc(this.clientId,this.browserStorage,2);for(const e of[...n.refreshToken]){this.performanceClient.incrementFields({oldRTCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){Pc(n.refreshToken,e);continue}if(!Object.keys(t).includes(i.homeAccountId)){this.performanceClient.incrementFields({skipRTMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.refreshToken.includes(s)){const e=this.getRefreshTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r),o.refreshToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}trackVersionChanges(e){const t=this.browserStorage.getItem(Ya);t&&(this.logger.info(`MSAL.js was last initialized by version: ${t}`),this.performanceClient.addFields({previousLibraryVersion:t},e)),t!==$a&&this.setItem(Ya,$a,e)}validateAndParseJson(e){if(!e)return null;try{const t=JSON.parse(e);return t&&"object"==typeof t?t:null}catch(e){return null}}setItem(e,t,r){const n=new Array(3).fill(0),o=[];for(let i=0;i<=20;i++)try{if(this.browserStorage.setItem(e,t),i>0)for(let e=0;e<=2;e++){const t=n.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=i)break;const s=i>t+n[e]?t+n[e]:i;i>t&&n[e]>0&&this.removeAccessTokenKeys(o.slice(t,s),r,e)}break}catch(s){const a=_r(s);if(!(a.errorCode===Sr&&i<20))throw a;if(!o.length)for(let r=0;r<=2;r++)if(e===tc(this.clientId,r)){const e=JSON.parse(t).accessToken;o.push(...e),n[r]=e.length}else{const e=this.getTokenKeys(r).accessToken;o.push(...e),n[r]=e.length}if(o.length<=i)throw a;this.removeAccessToken(o[i],r,!1)}}async setUserData(e,t,r,n,o){const i=new Array(3).fill(0),s=[];for(let a=0;a<=20;a++)try{if(await Un(this.browserStorage.setUserData.bind(this.browserStorage),Or.SetUserData,this.logger,this.performanceClient)(e,t,r,n,o),a>0)for(let e=0;e<=2;e++){const t=i.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=a)break;const n=a>t+i[e]?t+i[e]:a;a>t&&i[e]>0&&this.removeAccessTokenKeys(s.slice(t,n),r,e)}break}catch(e){const t=_r(e);if(!(t.errorCode===Sr&&a<20))throw t;if(!s.length)for(let e=0;e<=2;e++){const t=this.getTokenKeys(e).accessToken;s.push(...t),i[e]=t.length}if(s.length<=a)throw t;this.removeAccessToken(s[a],r,!1)}}getAccount(e,t){this.logger.trace("BrowserCacheManager.getAccount called");const r=this.browserStorage.getUserData(e);if(!r)return this.removeAccountKeyFromMap(e,t),null;const n=this.validateAndParseJson(r);return n&&hr.isAccountEntity(n)?Pr.toObject(new hr,n):null}async setAccount(e,t,r){this.logger.trace("BrowserCacheManager.setAccount called");const n=this.generateAccountKey(hr.getAccountInfo(e)),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.addAccountKeyToMap(n,t);this.performanceClient.addFields({kmsi:r},t),this.cacheConfig.cacheLocation===Cs.LocalStorage&&i&&this.eventHandler.emitEvent(_c.ACCOUNT_ADDED,void 0,hr.getAccountInfo(e))}getAccountKeys(){return Ac(this.browserStorage)}setAccountKeys(e,t,r=2){0===e.length?this.removeItem(ec(r)):this.setItem(ec(r),JSON.stringify(e),t)}addAccountKeyToMap(e,t){this.logger.trace("BrowserCacheManager.addAccountKeyToMap called"),this.logger.tracePii(`BrowserCacheManager.addAccountKeyToMap called with key: ${e}`);const r=this.getAccountKeys();return-1===r.indexOf(e)?(r.push(e),this.setItem(ec(),JSON.stringify(r),t),this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key added"),!0):(this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key already exists in map"),!1)}removeAccountKeyFromMap(e,t){this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap called"),this.logger.tracePii(`BrowserCacheManager.removeAccountKeyFromMap called with key: ${e}`);const r=this.getAccountKeys(),n=r.indexOf(e);n>-1?(r.splice(n,1),this.setAccountKeys(r,t),this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap account key removed")):this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap key not found in existing map")}removeAccount(e,t){const r=this.getActiveAccount(t);r?.homeAccountId===e.homeAccountId&&r?.environment===e.environment&&this.setActiveAccount(null,t),super.removeAccount(e,t),this.removeAccountKeyFromMap(this.generateAccountKey(e),t),this.browserStorage.getKeys().forEach((t=>{t.includes(e.homeAccountId)&&t.includes(e.environment)&&this.browserStorage.removeItem(t)})),this.cacheConfig.cacheLocation===Cs.LocalStorage&&this.eventHandler.emitEvent(_c.ACCOUNT_REMOVED,void 0,e)}removeIdToken(e,t){super.removeIdToken(e,t);const r=this.getTokenKeys(),n=r.idToken.indexOf(e);n>-1&&(this.logger.info("idToken removed from tokenKeys map"),r.idToken.splice(n,1),this.setTokenKeys(r,t))}removeAccessToken(e,t,r=!0){super.removeAccessToken(e,t),r&&this.removeAccessTokenKeys([e],t)}removeAccessTokenKeys(e,t,r=2){this.logger.trace("removeAccessTokenKey called");const n=this.getTokenKeys(r);let o=0;if(e.forEach((e=>{const t=n.accessToken.indexOf(e);t>-1&&(n.accessToken.splice(t,1),o++)})),o>0)return this.logger.info(`removed ${o} accessToken keys from tokenKeys map`),void this.setTokenKeys(n,t,r)}removeRefreshToken(e,t){super.removeRefreshToken(e,t);const r=this.getTokenKeys(),n=r.refreshToken.indexOf(e);n>-1&&(this.logger.info("refreshToken removed from tokenKeys map"),r.refreshToken.splice(n,1),this.setTokenKeys(r,t))}getTokenKeys(e=2){return kc(this.clientId,this.browserStorage,e)}setTokenKeys(e,t,r=2){0!==e.idToken.length||0!==e.accessToken.length||0!==e.refreshToken.length?this.setItem(tc(this.clientId,r),JSON.stringify(e),t):this.removeItem(tc(this.clientId,r))}getIdTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeIdToken(e,t),null;const n=this.validateAndParseJson(r);return n&&((o=n)&&Qn(o)&&o.hasOwnProperty("realm")&&o.credentialType===H.ID_TOKEN)?(this.logger.trace("BrowserCacheManager.getIdTokenCredential: cache hit"),n):(this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),null);var o}async setIdTokenCredential(e,t,r){this.logger.trace("BrowserCacheManager.setIdTokenCredential called");const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.idToken.indexOf(n)&&(this.logger.info("BrowserCacheManager: addTokenKey - idToken added to map"),i.idToken.push(n),this.setTokenKeys(i,t))}getAccessTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeAccessTokenKeys([e],t),null;const n=this.validateAndParseJson(r);return n&&jn(n)?(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: cache hit"),n):(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),null)}async setAccessTokenCredential(e,t,r){this.logger.trace("BrowserCacheManager.setAccessTokenCredential called");const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys(),s=i.accessToken.indexOf(n);-1!==s&&i.accessToken.splice(s,1),this.logger.trace(`access token ${-1===s?"added to":"updated in"} map`),i.accessToken.push(n),this.setTokenKeys(i,t)}getRefreshTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeRefreshToken(e,t),null;const n=this.validateAndParseJson(r);return n&&Wn(n)?(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: cache hit"),n):(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),null)}async setRefreshTokenCredential(e,t,r){this.logger.trace("BrowserCacheManager.setRefreshTokenCredential called");const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.refreshToken.indexOf(n)&&(this.logger.info("BrowserCacheManager: addTokenKey - refreshToken added to map"),i.refreshToken.push(n),this.setTokenKeys(i,t))}getAppMetadata(e){const t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null;const r=this.validateAndParseJson(t);return r&&(n=e,(o=r)&&0===n.indexOf(x)&&o.hasOwnProperty("clientId")&&o.hasOwnProperty("environment"))?(this.logger.trace("BrowserCacheManager.getAppMetadata: cache hit"),r):(this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null);var n,o}setAppMetadata(e,t){this.logger.trace("BrowserCacheManager.setAppMetadata called");const r=function({environment:e,clientId:t}){return[x,e,t].join(L).toLowerCase()}(e);this.setItem(r,JSON.stringify(e),t)}getServerTelemetry(e){const t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null;const r=this.validateAndParseJson(t);return r&&function(e,t){const r=0===e.indexOf(j.CACHE_KEY);let n=!0;return t&&(n=t.hasOwnProperty("failedRequests")&&t.hasOwnProperty("errors")&&t.hasOwnProperty("cacheHits")),r&&n}(e,r)?(this.logger.trace("BrowserCacheManager.getServerTelemetry: cache hit"),r):(this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null)}setServerTelemetry(e,t,r){this.logger.trace("BrowserCacheManager.setServerTelemetry called"),this.setItem(e,JSON.stringify(t),r)}getAuthorityMetadata(e){const t=this.internalStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAuthorityMetadata: called, no cache hit"),null;const r=this.validateAndParseJson(t);return r&&function(e,t){return!!t&&0===e.indexOf(F)&&t.hasOwnProperty("aliases")&&t.hasOwnProperty("preferred_cache")&&t.hasOwnProperty("preferred_network")&&t.hasOwnProperty("canonical_authority")&&t.hasOwnProperty("authorization_endpoint")&&t.hasOwnProperty("token_endpoint")&&t.hasOwnProperty("issuer")&&t.hasOwnProperty("aliasesFromNetwork")&&t.hasOwnProperty("endpointsFromNetwork")&&t.hasOwnProperty("expiresAt")&&t.hasOwnProperty("jwks_uri")}(e,r)?(this.logger.trace("BrowserCacheManager.getAuthorityMetadata: cache hit"),r):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter((e=>this.isAuthorityMetadata(e)))}setWrapperMetadata(e,t){this.internalStorage.setItem(_s,e),this.internalStorage.setItem(Ps,t)}getWrapperMetadata(){return[this.internalStorage.getItem(_s)||t.EMPTY_STRING,this.internalStorage.getItem(Ps)||t.EMPTY_STRING]}setAuthorityMetadata(e,t){this.logger.trace("BrowserCacheManager.setAuthorityMetadata called"),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(e){const t=this.generateCacheKey(v),r=this.browserStorage.getItem(t);if(!r)return this.logger.trace("BrowserCacheManager.getActiveAccount: No active account filters found"),null;const n=this.validateAndParseJson(r);return n?(this.logger.trace("BrowserCacheManager.getActiveAccount: Active account filters schema found"),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId},e)):(this.logger.trace("BrowserCacheManager.getActiveAccount: No active account found"),null)}setActiveAccount(e,t){const r=this.generateCacheKey(v);if(e){this.logger.verbose("setActiveAccount: Active account set");const n={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId,lastUpdatedAt:Dn().toString()};this.setItem(r,JSON.stringify(n),t)}else this.logger.verbose("setActiveAccount: No account passed, active account not set"),this.browserStorage.removeItem(r);this.eventHandler.emitEvent(_c.ACTIVE_ACCOUNT_CHANGED)}getThrottlingCache(e){const t=this.browserStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null;const r=this.validateAndParseJson(t);return r&&function(e,t){let r=!1;e&&(r=0===e.indexOf(Y));let n=!0;return t&&(n=t.hasOwnProperty("throttleTime")),r&&n}(e,r)?(this.logger.trace("BrowserCacheManager.getThrottlingCache: cache hit"),r):(this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null)}setThrottlingCache(e,t,r){this.logger.trace("BrowserCacheManager.setThrottlingCache called"),this.setItem(e,JSON.stringify(t),r)}getTemporaryCache(e,t){const r=t?this.generateCacheKey(e):e;if(this.cacheConfig.storeAuthStateInCookie){const e=this.cookieStorage.getItem(r);if(e)return this.logger.trace("BrowserCacheManager.getTemporaryCache: storeAuthStateInCookies set to true, retrieving from cookies"),e}const n=this.temporaryCacheStorage.getItem(r);if(!n){if(this.cacheConfig.cacheLocation===Cs.LocalStorage){const e=this.browserStorage.getItem(r);if(e)return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item found in local storage"),e}return this.logger.trace("BrowserCacheManager.getTemporaryCache: No cache item found in local storage"),null}return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item returned"),n}setTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(n,t),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.setTemporaryCache: storeAuthStateInCookie set to true, setting item cookie"),this.cookieStorage.setItem(n,t,void 0,this.cacheConfig.secureCookies))}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.removeItem: storeAuthStateInCookie is true, clearing item cookie"),this.cookieStorage.removeItem(e))}getKeys(){return this.browserStorage.getKeys()}clear(e){this.removeAllAccounts(e),this.removeAppMetadata(e),this.temporaryCacheStorage.getKeys().forEach((e=>{-1===e.indexOf(Qa)&&-1===e.indexOf(this.clientId)||this.removeTemporaryItem(e)})),this.browserStorage.getKeys().forEach((e=>{-1===e.indexOf(Qa)&&-1===e.indexOf(this.clientId)||this.browserStorage.removeItem(e)})),this.internalStorage.clear()}clearTokensAndKeysWithClaims(e){this.performanceClient.addQueueMeasurement(Or.ClearTokensAndKeysWithClaims,e);const t=this.getTokenKeys();let r=0;t.accessToken.forEach((t=>{const n=this.getAccessTokenCredential(t,e);n?.requestedClaimsHash&&t.includes(n.requestedClaimsHash.toLowerCase())&&(this.removeAccessToken(t,e),r++)})),r>0&&this.logger.warning(`${r} access tokens with claims in the cache keys have been removed from the cache.`)}generateCacheKey(e){return Yt.startsWith(e,Qa)?e:`${Qa}.${this.clientId}.${e}`}generateCredentialKey(e){const t=e.credentialType===H.REFRESH_TOKEN&&e.familyId||e.clientId,r=e.tokenType&&e.tokenType.toLowerCase()!==W.BEARER.toLowerCase()?e.tokenType.toLowerCase():"";return[`${Qa}.2`,e.homeAccountId,e.environment,e.credentialType,t,e.realm||"",e.target||"",e.requestedClaimsHash||"",r].join("|").toLowerCase()}generateAccountKey(e){const t=e.homeAccountId.split(".")[1];return[`${Qa}.2`,e.homeAccountId,e.environment,t||e.tenantId||""].join("|").toLowerCase()}resetRequestCache(){this.logger.trace("BrowserCacheManager.resetRequestCache called"),this.removeTemporaryItem(this.generateCacheKey(Ss)),this.removeTemporaryItem(this.generateCacheKey(bs)),this.removeTemporaryItem(this.generateCacheKey(As)),this.removeTemporaryItem(this.generateCacheKey(ks)),this.removeTemporaryItem(this.generateCacheKey(Rs)),this.setInteractionInProgress(!1)}cacheAuthorizeRequest(e,t){this.logger.trace("BrowserCacheManager.cacheAuthorizeRequest called");const r=Fs(JSON.stringify(e));if(this.setTemporaryCache(Ss,r,!0),t){const e=Fs(t);this.setTemporaryCache(bs,e,!0)}}getCachedRequest(){this.logger.trace("BrowserCacheManager.getCachedRequest called");const e=this.getTemporaryCache(Ss,!0);if(!e)throw Zi(vi);const t=this.getTemporaryCache(bs,!0);let r,n="";try{r=JSON.parse(Ks(e)),t&&(n=Ks(t))}catch(t){throw this.logger.errorPii(`Attempted to parse: ${e}`),this.logger.error(`Parsing cached token request threw with error: ${t}`),Zi(Ii)}return[r,n]}getCachedNativeRequest(){this.logger.trace("BrowserCacheManager.getCachedNativeRequest called");const e=this.getTemporaryCache(Rs,!0);if(!e)return this.logger.trace("BrowserCacheManager.getCachedNativeRequest: No cached native request found"),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("BrowserCacheManager.getCachedNativeRequest: Unable to parse native request"),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress()?.clientId;return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${Qa}.${Es}`,t=this.getTemporaryCache(e,!1);try{return t?JSON.parse(t):null}catch(t){return this.logger.error("Cannot parse interaction status. Removing temporary cache items and clearing url hash. Retrying interaction should fix the error"),this.removeTemporaryItem(e),this.resetRequestCache(),Ta(window),null}}setInteractionInProgress(e,t=Is){const r=`${Qa}.${Es}`;if(e){if(this.getInteractionInProgress())throw Zi(ai);this.setTemporaryCache(r,JSON.stringify({clientId:this.clientId,type:t}),!1)}else e||this.getInteractionInProgress()?.clientId!==this.clientId||this.removeTemporaryItem(r)}async hydrateCache(e,t){const r=Kn(e.account?.homeAccountId,e.account?.environment,e.idToken,this.clientId,e.tenantId);let n;t.claims&&(n=await this.cryptoImpl.hashString(t.claims));const o={idToken:r,accessToken:Gn(e.account?.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?Hn(e.expiresOn):0,e.extExpiresOn?Hn(e.extExpiresOn):0,Ks,void 0,e.tokenType,void 0,t.sshKid,t.claims,n)};return this.saveCacheRecord(o,e.correlationId,ur(dr(e.idToken,Ks)))}async saveCacheRecord(e,t,r,n){try{await super.saveCacheRecord(e,t,r,n)}catch(e){if(e instanceof Rr&&this.performanceClient&&t)try{const e=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:e.refreshToken.length,cacheIdCount:e.idToken.length,cacheAtCount:e.accessToken.length},t)}catch(e){}throw e}}}function Oc(e,t,r,n){try{switch(t){case Cs.LocalStorage:return new Ec(e,r,n);case Cs.SessionStorage:return new Rc}}catch(e){r.error(e)}return new mc}const qc=(e,t,r,n)=>new Mc(e,{cacheLocation:Cs.MemoryStorage,cacheRetentionDays:5,temporaryCacheLocation:Cs.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1},ft,t,r,n);function Nc(e,t,r,n,o){return e.verbose("getAllAccounts called"),r?t.getAllAccounts(o||{},n):[]}function Uc(e,t,r,n){const o=r.getAccountInfoFilteredBy(e,n);return o?(t.verbose("getAccount: Account matching provided filter found, returning"),o):(t.verbose("getAccount: No matching account found, returning null"),null)}function Lc(e,t,r,n){if(t.trace("getAccountByUsername called"),!e)return t.warning("getAccountByUsername: No username provided"),null;const o=r.getAccountInfoFilteredBy({username:e},n);return o?(t.verbose("getAccountByUsername: Account matching username found, returning"),t.verbosePii(`getAccountByUsername: Returning signed-in accounts matching username: ${e}`),o):(t.verbose("getAccountByUsername: No matching account found, returning null"),null)}function Dc(e,t,r,n){if(t.trace("getAccountByHomeId called"),!e)return t.warning("getAccountByHomeId: No homeAccountId provided"),null;const o=r.getAccountInfoFilteredBy({homeAccountId:e},n);return o?(t.verbose("getAccountByHomeId: Account matching homeAccountId found, returning"),t.verbosePii(`getAccountByHomeId: Returning signed-in accounts matching homeAccountId: ${e}`),o):(t.verbose("getAccountByHomeId: No matching account found, returning null"),null)}function Hc(e,t,r,n){if(t.trace("getAccountByLocalId called"),!e)return t.warning("getAccountByLocalId: No localAccountId provided"),null;const o=r.getAccountInfoFilteredBy({localAccountId:e},n);return o?(t.verbose("getAccountByLocalId: Account matching localAccountId found, returning"),t.verbosePii(`getAccountByLocalId: Returning signed-in accounts matching localAccountId: ${e}`),o):(t.verbose("getAccountByLocalId: No matching account found, returning null"),null)}function xc(e,t,r){t.setActiveAccount(e,r)}function Bc(e,t){return e.getActiveAccount(t)}class Fc{constructor(e){this.eventCallbacks=new Map,this.logger=e||new Ct({}),"undefined"!=typeof BroadcastChannel&&(this.broadcastChannel=new BroadcastChannel("msal.broadcast.event")),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if("undefined"!=typeof window){const n=r||La();return this.eventCallbacks.has(n)?(this.logger.error(`Event callback with id: ${n} is already registered. Please provide a unique id or remove the existing callback and try again.`),null):(this.eventCallbacks.set(n,[e,t||[]]),this.logger.verbose(`Event callback registered with id: ${n}`),n)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose(`Event callback ${e} removed.`)}emitEvent(e,t,r,n){const o={eventType:e,interactionType:t||null,payload:r||null,error:n||null,timestamp:Date.now()};switch(e){case _c.ACCOUNT_ADDED:case _c.ACCOUNT_REMOVED:case _c.ACTIVE_ACCOUNT_CHANGED:this.broadcastChannel?.postMessage(o);break;default:this.invokeCallbacks(o)}}invokeCallbacks(e){this.eventCallbacks.forEach((([t,r],n)=>{(0===r.length||r.includes(e.eventType))&&(this.logger.verbose(`Emitting event to callback ${n}: ${e.eventType}`),t.apply(null,[e]))}))}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){this.broadcastChannel?.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){this.broadcastChannel?.removeEventListener("message",this.invokeCrossTabCallbacks)}}class zc{constructor(e,t,r,n,o,i,s,a,c){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=o,this.navigationClient=i,this.platformAuthProvider=a,this.correlationId=c||oa(),this.logger=n.clone(is,$a,this.correlationId),this.performanceClient=s}async clearCacheOnLogout(e,t){if(t)try{this.browserStorage.removeAccount(t,e),this.logger.verbose("Cleared cache items belonging to the account provided in the logout request.")}catch(e){this.logger.error("Account provided in logout request was not found. Local cache unchanged.")}else try{this.logger.verbose("No account provided in logout request, clearing all cache items.",this.correlationId),this.browserStorage.clear(e),await this.browserCrypto.clearKeystore()}catch(e){this.logger.error("Attempted to clear all MSAL cache items and failed. Local cache unchanged.")}}getRedirectUri(e){this.logger.verbose("getRedirectUri called");const t=e||this.config.auth.redirectUri;return wr.getAbsoluteUrl(t,ba())}initializeServerTelemetryManager(e,t){this.logger.verbose("initializeServerTelemetryManager called");const r={clientId:this.config.auth.clientId,correlationId:this.correlationId,apiId:e,forceRefresh:t||!1,wrapperSKU:this.browserStorage.getWrapperMetadata()[0],wrapperVer:this.browserStorage.getWrapperMetadata()[1]};return new Fo(r,this.browserStorage)}async getDiscoveredAuthority(e){const{account:t}=e,r=e.requestExtraQueryParameters&&e.requestExtraQueryParameters.hasOwnProperty("instance_aware")?e.requestExtraQueryParameters.instance_aware:void 0;this.performanceClient.addQueueMeasurement(Or.StandardInteractionClientGetDiscoveredAuthority,this.correlationId);const n={protocolMode:this.config.auth.protocolMode,OIDCOptions:this.config.auth.OIDCOptions,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},o=e.requestAuthority||this.config.auth.authority,i=r?.length?"true"===r:this.config.auth.instanceAware,s=t&&i?this.config.auth.authority.replace(wr.getDomainFromUrl(o),t.environment):o,a=Zn.generateAuthority(s,e.requestAzureCloudOptions||this.config.auth.azureCloudOptions),c=await Un(ro,Or.AuthorityFactoryCreateDiscoveredInstance,this.logger,this.performanceClient,this.correlationId)(a,this.config.system.networkClient,this.browserStorage,n,this.logger,this.correlationId,this.performanceClient);if(t&&!c.isAlias(t.environment))throw Jt(zt);return c}}async function Kc(e,t,r,n){r.addQueueMeasurement(Or.InitializeBaseRequest,e.correlationId);const o=e.authority||t.auth.authority,i=[...e&&e.scopes||[]],s={...e,correlationId:e.correlationId,authority:o,scopes:i};if(s.authenticationScheme){if(s.authenticationScheme===W.SSH){if(!e.sshJwk)throw Jt(Lt);if(!e.sshKid)throw Jt(Dt)}n.verbose(`Authentication Scheme set to "${s.authenticationScheme}" as configured in Auth request`)}else s.authenticationScheme=W.BEARER,n.verbose('Authentication Scheme wasn\'t explicitly set in request, defaulting to "Bearer" request');return t.cache.claimsBasedCachingEnabled&&e.claims&&!Yt.isEmptyObj(e.claims)&&(s.requestedClaimsHash=await ga(e.claims)),s}async function Gc(e,t,r,n,o){n.addQueueMeasurement(Or.InitializeSilentRequest,e.correlationId);const i=await Un(Kc,Or.InitializeBaseRequest,o,n,e.correlationId)(e,r,n,o);return{...e,...i,account:t,forceRefresh:e.forceRefresh||!1}}function $c(e,t){let r;const n=e.httpMethod;if(t===lr.EAR){if(r=n||l,r!==l)throw Jt(Kt)}else r=n||c;if(e.authorizePostBodyParameters&&r!==l)throw Jt(Gt);return r}class Qc extends zc{initializeLogoutRequest(e){this.logger.verbose("initializeLogoutRequest called",e?.correlationId);const t={correlationId:this.correlationId||oa(),...e};if(e)if(e.logoutHint)this.logger.verbose("logoutHint has already been set in logoutRequest");else if(e.account){const r=this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("Setting logoutHint to login_hint ID Token Claim value for the account provided"),t.logoutHint=r)}else this.logger.verbose("logoutHint was not set and account was not passed into logout request, logoutHint will not be set");else this.logger.verbose("logoutHint will not be set since no logout request was configured");return e&&null===e.postLogoutRedirectUri?this.logger.verbose("postLogoutRedirectUri passed as null, not setting post logout redirect uri",t.correlationId):e&&e.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to uri set on logout request",t.correlationId),t.postLogoutRedirectUri=wr.getAbsoluteUrl(e.postLogoutRedirectUri,ba())):null===this.config.auth.postLogoutRedirectUri?this.logger.verbose("postLogoutRedirectUri configured as null and no uri set on request, not passing post logout redirect",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to configured uri",t.correlationId),t.postLogoutRedirectUri=wr.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,ba())):(this.logger.verbose("Setting postLogoutRedirectUri to current page",t.correlationId),t.postLogoutRedirectUri=wr.getAbsoluteUrl(ba(),ba())),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("The ID Token Claims tied to the provided account do not contain a login_hint claim, logoutHint will not be added to logout request")}else this.logger.verbose("The provided account does not contain ID Token Claims, logoutHint will not be added to logout request");return null}async createAuthCodeClient(e){this.performanceClient.addQueueMeasurement(Or.StandardInteractionClientCreateAuthCodeClient,this.correlationId);const t=await Un(this.getClientConfiguration.bind(this),Or.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)(e);return new qo(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:r,requestAuthority:n,requestAzureCloudOptions:o,requestExtraQueryParameters:i,account:s}=e;this.performanceClient.addQueueMeasurement(Or.StandardInteractionClientGetClientConfiguration,this.correlationId);const a=e.authority||await Un(this.getDiscoveredAuthority.bind(this),Or.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,this.correlationId)({requestAuthority:n,requestAzureCloudOptions:o,requestExtraQueryParameters:i,account:s}),c=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:a,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:c.loggerCallback,piiLoggingEnabled:c.piiLoggingEnabled,logLevel:c.logLevel,correlationId:this.correlationId},cacheOptions:{claimsBasedCachingEnabled:this.config.cache.claimsBasedCachingEnabled},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:r,libraryInfo:{sku:is,version:$a,cpu:t.EMPTY_STRING,os:t.EMPTY_STRING},telemetry:this.config.telemetry}}async initializeAuthorizationRequest(e,r){this.performanceClient.addQueueMeasurement(Or.StandardInteractionClientInitializeAuthorizationRequest,this.correlationId);const n=this.getRedirectUri(e.redirectUri),o={interactionType:r},i=bo.setRequestState(this.browserCrypto,e&&e.state||t.EMPTY_STRING,o),s={...await Un(Kc,Or.InitializeBaseRequest,this.logger,this.performanceClient,this.correlationId)({...e,correlationId:this.correlationId},this.config,this.performanceClient,this.logger),redirectUri:n,state:i,nonce:e.nonce||oa(),responseMode:this.config.auth.OIDCOptions.serverResponseType},a={...s,httpMethod:$c(s,this.config.auth.protocolMode)};if(e.loginHint||e.sid)return a;const c=e.account||this.browserStorage.getActiveAccount(this.correlationId);return c&&(this.logger.verbose("Setting validated request account",this.correlationId),this.logger.verbosePii(`Setting validated request account: ${c.homeAccountId}`,this.correlationId),a.account=c),a}}function jc(e,t,r){const n=fr(e);if(!n)throw mr(e)?(r.error(`A ${t} is present in the iframe but it does not contain known properties. It's likely that the ${t} has been replaced by code running on the redirectUri page.`),r.errorPii(`The ${t} detected is: ${e}`),Zi(oi)):(r.error(`The request has returned to the redirectUri but a ${t} is not present. It's likely that the ${t} has been removed or the page has been redirected by code running on the redirectUri page.`),Zi(ri));return n}function Wc(e,t,r){if(!e.state)throw Zi(ni);const n=function(e,t){if(!t)return null;try{return bo.parseRequestState(e,t).libraryState.meta}catch(e){throw mt(Re)}}(t,e.state);if(!n)throw Zi(ii);if(n.interactionType!==r)throw Zi(si)}class Vc{constructor(e,t,r,n,o){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=n,this.performanceClient=o}async handleCodeResponse(e,t){let r;this.performanceClient.addQueueMeasurement(Or.HandleCodeResponse,t.correlationId);try{r=function(e,t){if(xo(e,t),!e.code)throw mt(tt);return e}(e,t.state)}catch(e){throw e instanceof no&&e.subError===hi?Zi(hi):e}return Un(this.handleCodeResponseFromServer.bind(this),Or.HandleCodeResponseFromServer,this.logger,this.performanceClient,t.correlationId)(r,t)}async handleCodeResponseFromServer(e,t,r=!0){if(this.performanceClient.addQueueMeasurement(Or.HandleCodeResponseFromServer,t.correlationId),this.logger.trace("InteractionHandler.handleCodeResponseFromServer called"),this.authCodeRequest.code=e.code,e.cloud_instance_host_name&&await Un(this.authModule.updateAuthority.bind(this.authModule),Or.UpdateTokenEndpointAuthority,this.logger,this.performanceClient,t.correlationId)(e.cloud_instance_host_name,t.correlationId),r&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const e=this.createCcsCredentials(t);e&&(this.authCodeRequest.ccsCredential=e)}return await Un(this.authModule.acquireToken.bind(this.authModule),Or.AuthClientAcquireToken,this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:Wr}:e.loginHint?{credential:e.loginHint,type:Vr}:null}}const Jc="user_switch",Yc={[Jc]:"User attempted to switch accounts in the native broker, which is not allowed. All new accounts must sign-in through the standard web flow first, please try again."};class Xc extends Ce{constructor(e,t,r){super(e,t),Object.setPrototypeOf(this,Xc.prototype),this.name="NativeAuthError",this.ext=r}}function Zc(e){if(e.ext&&e.ext.status&&"DISABLED"===e.ext.status)return!0;if(e.ext&&e.ext.error&&-2147186943===e.ext.error)return!0;switch(e.errorCode){case"ContentError":case"PageException":return!0;default:return!1}}function el(e,t,r){if(r&&r.status)switch(r.status){case"ACCOUNT_UNAVAILABLE":return So(ho);case"USER_INTERACTION_REQUIRED":return new Ao(e,t);case"USER_CANCEL":return Zi(hi);case"NO_NETWORK":return Zi(bi);case"UX_NOT_ALLOWED":return So(go)}return new Xc(e,Yc[e]||t,r)}class tl extends Qc{async acquireToken(e){this.performanceClient.addQueueMeasurement(Or.SilentCacheClientAcquireToken,e.correlationId);const t=this.initializeServerTelemetryManager(Ms.acquireTokenSilent_silentFlow),r=await Un(this.getClientConfiguration.bind(this),Or.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),n=new Uo(r,this.performanceClient);this.logger.verbose("Silent auth client created");try{const t=(await Un(n.acquireCachedToken.bind(n),Or.SilentFlowClientAcquireCachedToken,this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),t}catch(e){throw e instanceof Xi&&e.errorCode===Mi&&this.logger.verbose("Signing keypair for bound access token not found. Refreshing bound access token and generating a new crypto keypair."),e}}logout(e){this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e);return this.clearCacheOnLogout(t.correlationId,t?.account)}}class rl extends zc{constructor(e,t,r,n,o,i,s,a,c,l,h,d){super(e,t,r,n,o,i,a,c,d),this.apiId=s,this.accountId=l,this.platformAuthProvider=c,this.nativeStorageManager=h,this.silentCacheClient=new tl(e,this.nativeStorageManager,r,n,o,i,a,c,d);const u=this.platformAuthProvider.getExtensionName();this.skus=Fo.makeExtraSkuString({libraryName:is,libraryVersion:$a,extensionName:u,extensionVersion:this.platformAuthProvider.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[tn]:this.skus}}async acquireToken(e,t){this.performanceClient.addQueueMeasurement(Or.NativeInteractionClientAcquireToken,this.correlationId),this.logger.trace("NativeInteractionClient - acquireToken called.");const r=this.performanceClient.startMeasurement(Or.NativeInteractionClientAcquireToken,this.correlationId),n=Dn(),o=this.initializeServerTelemetryManager(this.apiId);try{const i=await this.initializeNativeRequest(e);try{const e=await this.acquireTokensFromCache(this.accountId,i);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),e}catch(e){if(t===Ds.AccessToken)throw this.logger.info("MSAL internal Cache does not contain tokens, return error as per cache policy"),r.end({success:!1,brokerErrorCode:"cache_request_failed"}),e;this.logger.info("MSAL internal Cache does not contain tokens, proceed to make a native call")}const s=await this.platformAuthProvider.sendMessage(i);return await this.handleNativeResponse(s,i,n).then((e=>(r.end({success:!0,isNativeBroker:!0,requestId:e.requestId}),o.clearNativeBrokerErrorCode(),e))).catch((e=>{throw r.end({success:!1,errorCode:e.errorCode,subErrorCode:e.subError}),e}))}catch(e){throw e instanceof Xc&&o.setNativeBrokerErrorCode(e.errorCode),r.end({success:!1}),e}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:Xt.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("NativeInteractionClient:acquireTokensFromCache - No nativeAccountId provided"),mt(je);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e},this.correlationId);if(!r)throw mt(je);try{const e=this.createSilentCacheRequest(t,r),n=await this.silentCacheClient.acquireToken(e),o={...r,idTokenClaims:n?.idTokenClaims,idToken:n?.idToken};return{...n,account:o}}catch(e){throw e}}async acquireTokenRedirect(e,t){this.logger.trace("NativeInteractionClient - acquireTokenRedirect called.");const{...r}=e;delete r.onRedirectNavigate;const n=await this.initializeNativeRequest(r);try{await this.platformAuthProvider.sendMessage(n)}catch(e){if(e instanceof Xc){if(this.initializeServerTelemetryManager(this.apiId).setNativeBrokerErrorCode(e.errorCode),Zc(e))throw e}}this.browserStorage.setTemporaryCache(Rs,JSON.stringify(n),!0);const o={apiId:Ms.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=this.config.auth.navigateToLoginRequestUrl?window.location.href:this.getRedirectUri(e.redirectUri);t.end({success:!0}),await this.navigationClient.navigateExternal(i,o)}async handleRedirectPromise(e,t){if(this.logger.trace("NativeInteractionClient - handleRedirectPromise called."),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const r=this.browserStorage.getCachedNativeRequest();if(!r)return this.logger.verbose("NativeInteractionClient - handleRedirectPromise called but there is no cached request, returning null."),e&&t&&e?.addFields({errorCode:"no_cached_request"},t),null;const{prompt:n,...o}=r;n&&this.logger.verbose("NativeInteractionClient - handleRedirectPromise called and prompt was included in the original request, removing prompt from cached request to prevent second interaction with native broker window."),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Rs));const i=Dn();try{this.logger.verbose("NativeInteractionClient - handleRedirectPromise sending message to native broker.");const t=await this.platformAuthProvider.sendMessage(o),r=await this.handleNativeResponse(t,o,i);return this.initializeServerTelemetryManager(this.apiId).clearNativeBrokerErrorCode(),e&&this.correlationId&&this.performanceClient.addFields({isNativeBroker:!0},this.correlationId),r}catch(e){throw e}}logout(){return this.logger.trace("NativeInteractionClient - logout called."),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){this.logger.trace("NativeInteractionClient - handleNativeResponse called.");const n=dr(e.id_token,Ks),o=this.createHomeAccountIdentifier(e,n),i=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId},this.correlationId)?.homeAccountId;if(t.extraParameters?.child_client_id&&e.account.id!==t.accountId)this.logger.info("handleNativeServerResponse: Double broker flow detected, ignoring accountId mismatch");else if(o!==i&&e.account.id!==t.accountId)throw el(Jc);const s=await this.getDiscoveredAuthority({requestAuthority:t.authority}),a=Mo(this.browserStorage,s,o,Ks,this.correlationId,n,e.client_info,void 0,n.tid,void 0,e.account.id,this.logger);e.expires_in=Number(e.expires_in);const c=await this.generateAuthenticationResult(e,t,n,a,s.canonicalAuthority,r);return await this.cacheAccount(a,this.correlationId,ur(n)),await this.cacheNativeTokens(e,t,o,n,e.access_token,c.tenantId,r),c}createHomeAccountIdentifier(e,r){return hr.generateHomeAccountId(e.client_info||t.EMPTY_STRING,or,this.logger,this.browserCrypto,r)}generateScopes(e,t){return t?Xt.fromString(t):Xt.fromString(e)}async generatePopAccessToken(e,t){if(t.tokenType===W.POP&&t.signPopToken){if(e.shr)return this.logger.trace("handleNativeServerResponse: SHR is enabled in native layer"),e.shr;const r=new Ro(this.browserCrypto),n={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce};if(!t.keyId)throw mt(ot);return r.signPopToken(e.access_token,t.keyId,n)}return e.access_token}async generateAuthenticationResult(e,r,n,o,i,s){const a=this.addTelemetryFromNativeResponse(e.properties.MATS),c=this.generateScopes(r.scope,e.scope),l=e.account.properties||{},h=l.UID||n.oid||n.sub||t.EMPTY_STRING,d=l.TenantId||n.tid||t.EMPTY_STRING,u=nr(hr.getAccountInfo(o),void 0,n,e.id_token);u.nativeAccountId!==e.account.id&&(u.nativeAccountId=e.account.id);const g=await this.generatePopAccessToken(e,r),p=r.tokenType===W.POP?W.POP:W.BEARER;return{authority:i,uniqueId:h,tenantId:d,scopes:c.asArray(),account:u,idToken:e.id_token,idTokenClaims:n,accessToken:g,fromCache:!!a&&this.isResponseFromCache(a),expiresOn:xn(s+e.expires_in),tokenType:p,correlationId:this.correlationId,state:e.state,fromNativeBroker:!0}}async cacheAccount(e,t,r){await this.browserStorage.setAccount(e,this.correlationId,r),this.browserStorage.removeAccountContext(hr.getAccountInfo(e),t)}cacheNativeTokens(e,r,n,o,i,s,a){const c=Kn(n,r.authority,e.id_token||"",r.clientId,o.tid||""),l=a+(r.tokenType===W.POP?t.SHR_NONCE_VALIDITY:("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0),h=this.generateScopes(e.scope,r.scope),d={idToken:c,accessToken:Gn(n,r.authority,i,r.clientId,o.tid||s,h.printScopes(),l,0,Ks,void 0,r.tokenType,void 0,r.keyId)};return this.nativeStorageManager.saveCacheRecord(d,this.correlationId,ur(o),r.storeInCache)}getExpiresInValue(e,r){return e===W.POP?t.SHR_NONCE_VALIDITY:("string"==typeof r?parseInt(r,10):r)||0}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.platformAuthProvider.getExtensionId(),extensionVersion:this.platformAuthProvider.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}getMATSFromResponse(e){if(e)try{return JSON.parse(e)}catch(e){this.logger.error("NativeInteractionClient - Error parsing MATS telemetry, returning null instead")}return null}isResponseFromCache(e){return void 0===e.is_cached?(this.logger.verbose("NativeInteractionClient - MATS telemetry does not contain field indicating if response was served from cache. Returning false."),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("NativeInteractionClient - initializeNativeRequest called");const t=await this.getCanonicalAuthority(e),{scopes:r,...n}=e,o=new Xt(r||[]);o.appendScopes(h);const i={...n,accountId:this.accountId,clientId:this.config.auth.clientId,authority:t.urlString,scope:o.printScopes(),redirectUri:this.getRedirectUri(e.redirectUri),prompt:this.getPrompt(e.prompt),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraQueryParameters,...e.tokenQueryParameters},extendedExpiryToken:!1,keyId:e.popKid};if(i.signPopToken&&e.popKid)throw Zi(Ki);if(this.handleExtraBrokerParams(i),i.extraParameters=i.extraParameters||{},i.extraParameters.telemetry=cs,e.authenticationScheme===W.POP){const t={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce},r=new Ro(this.browserCrypto);let n;if(i.keyId)n=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:i.keyId})),i.signPopToken=!1;else{const e=await Un(r.generateCnf.bind(r),Or.PopTokenGenerateCnf,this.logger,this.performanceClient,this.correlationId)(t,this.logger);n=e.reqCnfString,i.keyId=e.kid,i.signPopToken=!0}i.reqCnf=n}return this.addRequestSKUs(i),i}async getCanonicalAuthority(e){const t=e.authority||this.config.auth.authority;e.account&&await this.getDiscoveredAuthority({requestAuthority:t,requestAzureCloudOptions:e.azureCloudOptions,account:e.account});const r=new wr(t);return r.validateAsUri(),r}getPrompt(e){switch(this.apiId){case Ms.ssoSilent:case Ms.acquireTokenSilent_silentFlow:return this.logger.trace("initializeNativeRequest: silent request sets prompt to none"),b.NONE}if(e)switch(e){case b.NONE:case b.CONSENT:case b.LOGIN:case b.SELECT_ACCOUNT:return this.logger.trace("initializeNativeRequest: prompt is compatible with native flow"),e;default:throw this.logger.trace(`initializeNativeRequest: prompt = ${e} is not compatible with native flow`),Zi(Fi)}else this.logger.trace("initializeNativeRequest: prompt was not provided")}handleExtraBrokerParams(e){const t=e.extraParameters&&e.extraParameters.hasOwnProperty(rn)&&e.extraParameters.hasOwnProperty(nn)&&e.extraParameters.hasOwnProperty(Jr);if(!e.embeddedClientId&&!t)return;let r="";const n=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,r=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[nn],r=e.extraParameters[Jr]),e.extraParameters={child_client_id:r,child_redirect_uri:n},this.performanceClient?.addFields({embeddedClientId:r,embeddedRedirectUri:n},this.correlationId)}}async function nl(e,t,r,n,o){const i=Do({...e.auth,authority:t},r,n,o);if(yn(i,{sku:is,version:$a,os:"",cpu:""}),e.auth.protocolMode!==lr.OIDC&&Cn(i,e.telemetry.application),r.platformBroker&&(function(e){e.set("nativebroker","1")}(i),o.addFields({isPlatformAuthorizeRequest:!0},r.correlationId),r.authenticationScheme===W.POP)){const e=new yc(n,o),t=new Ro(e);let s;if(r.popKid)s=e.encodeKid(r.popKid);else{s=(await Un(t.generateCnf.bind(t),Or.PopTokenGenerateCnf,n,o,r.correlationId)(r,n)).reqCnfString}_n(i,s)}return sn(i,r.correlationId,o),i}async function ol(e,r,n,o,i){if(!n.codeChallenge)throw Jt(Ot);const s=await Un(nl,Or.GetStandardParams,o,i,n.correlationId)(e,r,n,o,i);return an(s,E),vn(s,n.codeChallenge,t.S256_CODE_CHALLENGE_METHOD),En(s,n.extraQueryParameters||{}),Ho(r,s,e.auth.encodeExtraQueryParams,n.extraQueryParameters)}async function il(e,r,n,o,i,s){if(!o.earJwk)throw Zi(Xo);const a=await nl(r,n,o,i,s);an(a,R),function(e,t){e.set("ear_jwk",encodeURIComponent(t)),e.set("ear_jwe_crypto","eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}(a,o.earJwk),vn(a,o.codeChallenge,t.S256_CODE_CHALLENGE_METHOD);const c=new Map;En(c,o.extraQueryParameters||{});return al(e,Ho(n,c,r.auth.encodeExtraQueryParams,o.extraQueryParameters),a)}async function sl(e,r,n,o,i,s){const a=await nl(r,n,o,i,s);an(a,E),vn(a,o.codeChallenge,o.codeChallengeMethod||t.S256_CODE_CHALLENGE_METHOD),function(e,t){Object.entries(t).forEach((([t,r])=>{r&&e.set(t,r)}))}(a,o.authorizePostBodyParameters||{});const c=new Map;En(c,o.extraQueryParameters||{});return al(e,Ho(n,c,r.auth.encodeExtraQueryParams,o.extraQueryParameters),a)}function al(e,t,r){const n=e.createElement("form");return n.method="post",n.action=t,r.forEach(((t,r)=>{const o=e.createElement("input");o.hidden=!0,o.name=r,o.value=t,n.appendChild(o)})),e.body.appendChild(n),n}async function cl(e,t,r,n,o,i,s,a,c,l){if(a.verbose("Account id found, calling WAM for token"),!l)throw Zi(xi);const h=new yc(a,c),d=new rl(n,o,h,a,s,n.system.navigationClient,r,c,l,t,i,e.correlationId),{userRequestState:u}=bo.parseRequestState(h,e.state);return Un(d.acquireToken.bind(d),Or.NativeInteractionClientAcquireToken,a,c,e.correlationId)({...e,state:u,prompt:void 0})}async function ll(e,t,r,n,o,i,s,a,c,l,h,d){if(io.removeThrottle(s,o.auth.clientId,e),t.accountId)return Un(cl,Or.HandleResponsePlatformBroker,l,h,e.correlationId)(e,t.accountId,n,o,s,a,c,l,h,d);const u={...e,code:t.code||"",codeVerifier:r},g=new Vc(i,s,u,l,h);return await Un(g.handleCodeResponse.bind(g),Or.HandleCodeResponse,l,h,e.correlationId)(t,e)}async function hl(e,t,r,n,o,i,s,a,c,l,h){if(io.removeThrottle(i,n.auth.clientId,e),xo(t,e.state),!t.ear_jwe)throw Zi(Zo);if(!e.earJwk)throw Zi(Xo);const d=JSON.parse(await Un(aa,Or.DecryptEarResponse,c,l,e.correlationId)(e.earJwk,t.ear_jwe));if(d.accountId)return Un(cl,Or.HandleResponsePlatformBroker,c,l,e.correlationId)(e,d.accountId,r,n,i,s,a,c,l,h);const u=new Po(n.auth.clientId,i,new yc(c,l),c,null,null,l);u.validateTokenResponse(d);const g={code:"",state:e.state,nonce:e.nonce,client_info:d.client_info,cloud_graph_host_name:d.cloud_graph_host_name,cloud_instance_host_name:d.cloud_instance_host_name,cloud_instance_name:d.cloud_instance_name,msgraph_host:d.msgraph_host};return await Un(u.handleServerTokenResponse.bind(u),Or.HandleServerTokenResponse,c,l,e.correlationId)(d,o,Dn(),e,g,void 0,void 0,void 0,void 0)}async function dl(e,t,r){e.addQueueMeasurement(Or.GeneratePkceCodes,r);const n=Nn(ul,Or.GenerateCodeVerifier,t,e,r)(e,t,r);return{verifier:n,challenge:await Un(gl,Or.GenerateCodeChallengeFromVerifier,t,e,r)(n,e,t,r)}}function ul(e,t,r){try{const n=new Uint8Array(32);Nn(ra,Or.GetRandomValues,t,e,r)(n);return Bs(n)}catch(e){throw Zi(Yo)}}async function gl(e,t,r,n){t.addQueueMeasurement(Or.GenerateCodeChallengeFromVerifier,n);try{const o=await Un(ta,Or.Sha256Digest,r,t,n)(e,t,n);return Bs(new Uint8Array(o))}catch(e){throw Zi(Yo)}}class pl{constructor(e,t,r,n){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=n,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=r.startMeasurement(Or.NativeMessageHandlerHandshake),this.platformAuthType=gs}async sendMessage(e){this.logger.trace(this.platformAuthType+" - sendMessage called.");const t={method:fs,request:e},r={channel:ss,extensionId:this.extensionId,responseId:oa(),body:t};this.logger.trace(this.platformAuthType+" - Sending request to browser extension"),this.logger.tracePii(this.platformAuthType+` - Sending request to browser extension: ${JSON.stringify(r)}`),this.messageChannel.port1.postMessage(r);const n=await new Promise(((e,t)=>{this.resolvers.set(r.responseId,{resolve:e,reject:t})}));return this.validatePlatformBrokerResponse(n)}static async createProvider(e,t,r){e.trace("PlatformAuthExtensionHandler - createProvider called.");try{const n=new pl(e,t,r,as);return await n.sendHandshakeRequest(),n}catch(n){const o=new pl(e,t,r);return await o.sendHandshakeRequest(),o}}async sendHandshakeRequest(){this.logger.trace(this.platformAuthType+" - sendHandshakeRequest called."),window.addEventListener("message",this.windowListener,!1);const e={channel:ss,extensionId:this.extensionId,responseId:oa(),body:{method:ps}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=e=>{this.onChannelMessage(e)},window.postMessage(e,window.origin,[this.messageChannel.port2]),new Promise(((t,r)=>{this.handshakeResolvers.set(e.responseId,{resolve:t,reject:r}),this.timeoutId=window.setTimeout((()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(Zi(Di)),this.handshakeResolvers.delete(e.responseId)}),this.handshakeTimeoutMs)}))}onWindowMessage(e){if(this.logger.trace(this.platformAuthType+" - onWindowMessage called"),e.source!==window)return;const t=e.data;if(t.channel&&t.channel===ss&&(!t.extensionId||t.extensionId===this.extensionId)&&t.body.method===ps){const e=this.handshakeResolvers.get(t.responseId);if(!e)return void this.logger.trace(this.platformAuthType+`.onWindowMessage - resolver can't be found for request ${t.responseId}`);this.logger.verbose(t.extensionId?`Extension with id: ${t.extensionId} not installed`:"No extension installed"),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),e.reject(Zi(Hi))}}onChannelMessage(e){this.logger.trace(this.platformAuthType+" - onChannelMessage called.");const t=e.data,r=this.resolvers.get(t.responseId),n=this.handshakeResolvers.get(t.responseId);try{const e=t.body.method;if(e===ys){if(!r)return;const e=t.body.response;if(this.logger.trace(this.platformAuthType+" - Received response from browser extension"),this.logger.tracePii(this.platformAuthType+` - Received response from browser extension: ${JSON.stringify(e)}`),"Success"!==e.status)r.reject(el(e.code,e.description,e.ext));else{if(!e.result)throw we(ge,"Event does not contain result.");e.result.code&&e.result.description?r.reject(el(e.result.code,e.result.description,e.result.ext)):r.resolve(e.result)}this.resolvers.delete(t.responseId)}else if(e===ms){if(!n)return void this.logger.trace(this.platformAuthType+`.onChannelMessage - resolver can't be found for request ${t.responseId}`);clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=t.extensionId,this.extensionVersion=t.body.version,this.logger.verbose(this.platformAuthType+` - Received HandshakeResponse from extension: ${this.extensionId}`),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),n.resolve(),this.handshakeResolvers.delete(t.responseId)}}catch(t){this.logger.error("Error parsing response from WAM Extension"),this.logger.errorPii(`Error parsing response from WAM Extension: ${t}`),this.logger.errorPii(`Unable to parse ${e}`),r?r.reject(t):n&&n.reject(t)}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw we(ge,"Response missing expected properties.")}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}getExtensionName(){return this.getExtensionId()===as?"chrome":this.getExtensionId()?.length?"unknown":void 0}}class ml{constructor(e,t,r){this.logger=e,this.performanceClient=t,this.correlationId=r,this.platformAuthType=us}static async createProvider(e,t,r){if(e.trace("PlatformAuthDOMHandler: createProvider called"),window.navigator?.platformAuthentication){const n=await window.navigator.platformAuthentication.getSupportedContracts(ls);if(n?.includes(ds))return e.trace("Platform auth api available in DOM"),new ml(e,t,r)}}getExtensionId(){return ls}getExtensionVersion(){return""}getExtensionName(){return hs}async sendMessage(e){this.logger.trace(this.platformAuthType+" - Sending request to browser DOM API");try{const t=this.initializePlatformDOMRequest(e),r=await window.navigator.platformAuthentication.executeGetToken(t);return this.validatePlatformBrokerResponse(r)}catch(e){throw this.logger.error(this.platformAuthType+" - executeGetToken DOM API error"),e}}initializePlatformDOMRequest(e){this.logger.trace(this.platformAuthType+" - initializeNativeDOMRequest called");const{accountId:t,clientId:r,authority:n,scope:o,redirectUri:i,correlationId:s,state:a,storeInCache:c,embeddedClientId:l,extraParameters:h,...d}=e,u=this.getDOMExtraParams(d);return{accountId:t,brokerId:this.getExtensionId(),authority:n,clientId:r,correlationId:s||this.correlationId,extraParameters:{...h,...u},isSecurityTokenService:!1,redirectUri:i,scope:o,state:a,storeInCache:c,embeddedClientId:l}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("isSuccess")){if(e.hasOwnProperty("accessToken")&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("clientInfo")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scopes")&&e.hasOwnProperty("expiresIn"))return this.logger.trace(this.platformAuthType+" - platform broker returned successful and valid response"),this.convertToPlatformBrokerResponse(e);if(e.hasOwnProperty("error")){const t=e;if(!1===t.isSuccess&&t.error&&t.error.code)throw this.logger.trace(this.platformAuthType+" - platform broker returned error response"),el(t.error.code,t.error.description,{error:parseInt(t.error.errorCode),protocol_error:t.error.protocolError,status:t.error.status,properties:t.error.properties})}}throw we(ge,"Response missing expected properties.")}convertToPlatformBrokerResponse(e){this.logger.trace(this.platformAuthType+" - convertToNativeResponse called");return{access_token:e.accessToken,id_token:e.idToken,client_info:e.clientInfo,account:e.account,expires_in:e.expiresIn,scope:e.scopes,state:e.state||"",properties:e.properties||{},extendedLifetimeToken:e.extendedLifetimeToken??!1,shr:e.proofOfPossessionPayload}}getDOMExtraParams(e){return{...Object.entries(e).reduce(((e,[t,r])=>(e[t]=String(r),e)),{})}}}async function fl(e,t,r,n,o){let i;e.trace("getPlatformAuthProvider called",r),e.trace("Has client allowed platform auth via DOM API: "+o);try{o&&(i=await ml.createProvider(e,t,r)),i||(e.trace("Platform auth via DOM API not available, checking for extension"),i=await pl.createProvider(e,n||2e3,t))}catch(t){e.trace("Platform auth not available",t)}return i}function yl(e,t,r,n){if(t.trace("isPlatformAuthAllowed called"),!e.system.allowPlatformBroker&&e.system.allowPlatformBrokerWithDOM)throw Jt($t);if(!e.system.allowPlatformBroker)return t.trace("isPlatformAuthAllowed: allowPlatformBroker is not enabled, returning false"),!1;if(!r)return t.trace("isPlatformAuthAllowed: Platform auth provider is not initialized, returning false"),!1;if(n)switch(n){case W.BEARER:case W.POP:return t.trace("isPlatformAuthAllowed: authenticationScheme is supported, returning true"),!0;default:return t.trace("isPlatformAuthAllowed: authenticationScheme is not supported, returning false"),!1}return!0}class Cl extends Qc{constructor(e,t,r,n,o,i,s,a,c,l){super(e,t,r,n,o,i,s,c,l),this.unloadWindow=this.unloadWindow.bind(this),this.nativeStorage=a,this.eventHandler=o}acquireToken(e,t){let r;try{if(r={popupName:this.generatePopupName(e.scopes||h,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window},this.performanceClient.addFields({isAsyncPopup:this.config.system.asyncPopups},this.correlationId),this.config.system.asyncPopups)return this.logger.verbose("asyncPopups set to true, acquiring token"),this.acquireTokenPopupAsync(e,r,t);{const n={...e,httpMethod:$c(e,this.config.auth.protocolMode)};return this.logger.verbose("asyncPopup set to false, opening popup before acquiring token"),r.popup=this.openSizedPopup("about:blank",r),this.acquireTokenPopupAsync(n,r,t)}}catch(e){return Promise.reject(e)}}logout(e){try{this.logger.verbose("logoutPopup called");const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:e?.popupWindowAttributes||{},popupWindowParent:e?.popupWindowParent??window},n=e&&e.authority,o=e&&e.mainWindowRedirectUri;return this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true"),this.logoutPopupAsync(t,r,n,o)):(this.logger.verbose("asyncPopup set to false, opening popup"),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,n,o))}catch(e){return Promise.reject(e)}}async acquireTokenPopupAsync(t,r,n){this.logger.verbose("acquireTokenPopupAsync called");const o=await Un(this.initializeAuthorizationRequest.bind(this),Or.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Popup);r.popup&&Ua(o.authority);const i=yl(this.config,this.logger,this.platformAuthProvider,t.authenticationScheme);return o.platformBroker=i,this.config.auth.protocolMode===lr.EAR?this.executeEarFlow(o,r,n):this.executeCodeFlow(o,r,n)}async executeCodeFlow(t,r,n){const o=t.correlationId,i=this.initializeServerTelemetryManager(Ms.acquireTokenPopup),s=n||await Un(dl,Or.GeneratePkceCodes,this.logger,this.performanceClient,o)(this.performanceClient,this.logger,o),a={...t,codeChallenge:s.challenge};try{const n=await Un(this.createAuthCodeClient.bind(this),Or.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,o)({serverTelemetryManager:i,requestAuthority:a.authority,requestAzureCloudOptions:a.azureCloudOptions,requestExtraQueryParameters:a.extraQueryParameters,account:a.account});if(a.httpMethod===l)return await this.executeCodeFlowWithPost(a,r,n,s.verifier);{const i=await Un(ol,Or.GetAuthCodeUrl,this.logger,this.performanceClient,o)(this.config,n.authority,a,this.logger,this.performanceClient),c=this.initiateAuthRequest(i,r);this.eventHandler.emitEvent(_c.POPUP_OPENED,e.InteractionType.Popup,{popupWindow:c},null);const l=await this.monitorPopupForHash(c,r.popupWindowParent),h=Nn(jc,Or.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(l,this.config.auth.OIDCOptions.serverResponseType,this.logger);return await Un(ll,Or.HandleResponseCode,this.logger,this.performanceClient,o)(t,h,s.verifier,Ms.acquireTokenPopup,this.config,n,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}catch(e){throw r.popup?.close(),e instanceof Ce&&(e.setCorrelationId(this.correlationId),i.cacheFailedRequest(e)),e}}async executeEarFlow(e,t,r){const n=e.correlationId,o=await Un(this.getDiscoveredAuthority.bind(this),Or.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,n)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),i=await Un(sa,Or.GenerateEarKey,this.logger,this.performanceClient,n)(),s=r||await Un(dl,Or.GeneratePkceCodes,this.logger,this.performanceClient,n)(this.performanceClient,this.logger,n),a={...e,earJwk:i,codeChallenge:s.challenge},c=t.popup||this.openPopup("about:blank",t);(await il(c.document,this.config,o,a,this.logger,this.performanceClient)).submit();const l=await Un(this.monitorPopupForHash.bind(this),Or.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,n)(c,t.popupWindowParent),h=Nn(jc,Or.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(l,this.config.auth.OIDCOptions.serverResponseType,this.logger);if(!h.ear_jwe&&h.code){const t=await Un(this.createAuthCodeClient.bind(this),Or.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,n)({serverTelemetryManager:this.initializeServerTelemetryManager(Ms.acquireTokenPopup),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:o});return Un(ll,Or.HandleResponseCode,this.logger,this.performanceClient,n)(a,h,s.verifier,Ms.acquireTokenPopup,this.config,t,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Un(hl,Or.HandleResponseEar,this.logger,this.performanceClient,n)(a,h,Ms.acquireTokenPopup,this.config,o,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async executeCodeFlowWithPost(e,t,r,n){const o=e.correlationId,i=await Un(this.getDiscoveredAuthority.bind(this),Or.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,o)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),s=t.popup||this.openPopup("about:blank",t);(await sl(s.document,this.config,i,e,this.logger,this.performanceClient)).submit();const a=await Un(this.monitorPopupForHash.bind(this),Or.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,o)(s,t.popupWindowParent),c=Nn(jc,Or.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(a,this.config.auth.OIDCOptions.serverResponseType,this.logger);return Un(ll,Or.HandleResponseCode,this.logger,this.performanceClient,o)(e,c,n,Ms.acquireTokenPopup,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async logoutPopupAsync(t,r,n,o){this.logger.verbose("logoutPopupAsync called"),this.eventHandler.emitEvent(_c.LOGOUT_START,e.InteractionType.Popup,t);const i=this.initializeServerTelemetryManager(Ms.logoutPopup);try{await this.clearCacheOnLogout(this.correlationId,t.account);const s=await Un(this.createAuthCodeClient.bind(this),Or.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:i,requestAuthority:n,account:t.account||void 0});try{s.authority.endSessionEndpoint}catch{if(t.account?.homeAccountId&&t.postLogoutRedirectUri&&s.authority.protocolMode===lr.OIDC){if(this.eventHandler.emitEvent(_c.LOGOUT_SUCCESS,e.InteractionType.Popup,t),o){const e={apiId:Ms.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=wr.getAbsoluteUrl(o,ba());await this.navigationClient.navigateInternal(t,e)}return void r.popup?.close()}}const a=s.getLogoutUri(t);this.eventHandler.emitEvent(_c.LOGOUT_SUCCESS,e.InteractionType.Popup,t);const c=this.openPopup(a,r);if(this.eventHandler.emitEvent(_c.POPUP_OPENED,e.InteractionType.Popup,{popupWindow:c},null),await this.monitorPopupForHash(c,r.popupWindowParent).catch((()=>{})),o){const e={apiId:Ms.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=wr.getAbsoluteUrl(o,ba());this.logger.verbose("Redirecting main window to url specified in the request"),this.logger.verbosePii(`Redirecting main window to: ${t}`),await this.navigationClient.navigateInternal(t,e)}else this.logger.verbose("No main window navigation requested")}catch(t){throw r.popup?.close(),t instanceof Ce&&(t.setCorrelationId(this.correlationId),i.cacheFailedRequest(t)),this.eventHandler.emitEvent(_c.LOGOUT_FAILURE,e.InteractionType.Popup,null,t),this.eventHandler.emitEvent(_c.LOGOUT_END,e.InteractionType.Popup),t}this.eventHandler.emitEvent(_c.LOGOUT_END,e.InteractionType.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii(`Navigate to: ${e}`),this.openPopup(e,t);throw this.logger.error("Navigate url is empty"),Zi(ti)}monitorPopupForHash(e,t){return new Promise(((t,r)=>{this.logger.verbose("PopupHandler.monitorPopupForHash - polling started");const n=setInterval((()=>{if(e.closed)return this.logger.error("PopupHandler.monitorPopupForHash - window closed"),clearInterval(n),void r(Zi(hi));let o="";try{o=e.location.href}catch(e){}if(!o||"about:blank"===o)return;clearInterval(n);let i="";const s=this.config.auth.OIDCOptions.serverResponseType;e&&(i=s===_.QUERY?e.location.search:e.location.hash),this.logger.verbose("PopupHandler.monitorPopupForHash - popup window is on same origin as caller"),t(i)}),this.config.system.pollIntervalMilliseconds)})).finally((()=>{this.cleanPopup(e,t)}))}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii(`Navigating popup window to: ${e}`),r.location.assign(e)):void 0===t.popup&&(this.logger.verbosePii(`Opening popup window to: ${e}`),r=this.openSizedPopup(e,t)),!r)throw Zi(li);return r.focus&&r.focus(),this.currentWindow=r,t.popupWindowParent.addEventListener("beforeunload",this.unloadWindow),r}catch(e){throw this.logger.error("error opening popup "+e.message),Zi(ci)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:n}){const o=n.screenLeft?n.screenLeft:n.screenX,i=n.screenTop?n.screenTop:n.screenY,s=n.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,a=n.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let c=r.popupSize?.width,l=r.popupSize?.height,h=r.popupPosition?.top,d=r.popupPosition?.left;return(!c||c<0||c>s)&&(this.logger.verbose("Default popup window width used. Window width not configured or invalid."),c=ts),(!l||l<0||l>a)&&(this.logger.verbose("Default popup window height used. Window height not configured or invalid."),l=rs),(!h||h<0||h>a)&&(this.logger.verbose("Default popup window top position used. Window top not configured or invalid."),h=Math.max(0,a/2-rs/2+i)),(!d||d<0||d>s)&&(this.logger.verbose("Default popup window left position used. Window left not configured or invalid."),d=Math.max(0,s/2-ts/2+o)),n.open(e,t,`width=${c}, height=${l}, top=${h}, left=${d}, scrollbars=yes`)}unloadWindow(e){this.currentWindow&&this.currentWindow.close(),e.preventDefault()}cleanPopup(e,t){e.close(),t.removeEventListener("beforeunload",this.unloadWindow)}generatePopupName(e,t){return`${ns}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${ns}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}class wl extends Qc{constructor(e,t,r,n,o,i,s,a,c,l){super(e,t,r,n,o,i,s,c,l),this.nativeStorage=a}async acquireToken(t){const r=await Un(this.initializeAuthorizationRequest.bind(this),Or.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Redirect);r.platformBroker=yl(this.config,this.logger,this.platformAuthProvider,t.authenticationScheme);const n=t=>{t.persisted&&(this.logger.verbose("Page was restored from back/forward cache. Clearing temporary cache."),this.browserStorage.resetRequestCache(),this.eventHandler.emitEvent(_c.RESTORE_FROM_BFCACHE,e.InteractionType.Redirect))},o=this.getRedirectStartPage(t.redirectStartPage);this.logger.verbosePii(`Redirect start page: ${o}`),this.browserStorage.setTemporaryCache(As,o,!0),window.addEventListener("pageshow",n);try{this.config.auth.protocolMode===lr.EAR?await this.executeEarFlow(r):await this.executeCodeFlow(r,t.onRedirectNavigate)}catch(e){throw e instanceof Ce&&e.setCorrelationId(this.correlationId),window.removeEventListener("pageshow",n),e}}async executeCodeFlow(e,t){const r=e.correlationId,n=this.initializeServerTelemetryManager(Ms.acquireTokenRedirect),o=await Un(dl,Or.GeneratePkceCodes,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),i={...e,codeChallenge:o.challenge};this.browserStorage.cacheAuthorizeRequest(i,o.verifier);try{if(i.httpMethod===l)return await this.executeCodeFlowWithPost(i);{const r=await Un(this.createAuthCodeClient.bind(this),Or.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:i.authority,requestAzureCloudOptions:i.azureCloudOptions,requestExtraQueryParameters:i.extraQueryParameters,account:i.account}),o=await Un(ol,Or.GetAuthCodeUrl,this.logger,this.performanceClient,e.correlationId)(this.config,r.authority,i,this.logger,this.performanceClient);return await this.initiateAuthRequest(o,t)}}catch(e){throw e instanceof Ce&&(e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e)),e}}async executeEarFlow(e){const t=e.correlationId,r=await Un(this.getDiscoveredAuthority.bind(this),Or.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),n=await Un(sa,Or.GenerateEarKey,this.logger,this.performanceClient,t)(),o=await Un(dl,Or.GeneratePkceCodes,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),i={...e,earJwk:n,codeChallenge:o.challenge};this.browserStorage.cacheAuthorizeRequest(i,o.verifier);return(await il(document,this.config,r,i,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Zi(ji,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async executeCodeFlowWithPost(e){const t=e.correlationId,r=await Un(this.getDiscoveredAuthority.bind(this),Or.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});this.browserStorage.cacheAuthorizeRequest(e);return(await sl(document,this.config,r,e,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Zi(ji,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async handleRedirectPromise(e="",r,n,o){const i=this.initializeServerTelemetryManager(Ms.handleRedirectPromise);try{const[s,a]=this.getRedirectResponse(e||"");if(!s)return this.logger.info("handleRedirectPromise did not detect a response as a result of a redirect. Cleaning temporary cache."),this.browserStorage.resetRequestCache(),"back_forward"!==function(){if("undefined"==typeof window||void 0===window.performance||"function"!=typeof window.performance.getEntriesByType)return;const e=window.performance.getEntriesByType("navigation"),t=e.length?e[0]:void 0;return t?.type}()?o.event.errorCode="no_server_response":this.logger.verbose("Back navigation event detected. Muting no_server_response error"),null;const c=this.browserStorage.getTemporaryCache(As,!0)||t.EMPTY_STRING,l=Cr(c);if(l===Cr(window.location.href)&&this.config.auth.navigateToLoginRequestUrl){this.logger.verbose("Current page is loginRequestUrl, handling response"),c.indexOf("#")>-1&&Aa(c);return await this.handleResponse(s,r,n,i)}if(!this.config.auth.navigateToLoginRequestUrl)return this.logger.verbose("NavigateToLoginRequestUrl set to false, handling response"),await this.handleResponse(s,r,n,i);if(!ka()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(ks,a,!0);const e={apiId:Ms.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let t=!0;if(c&&"null"!==c)this.logger.verbose(`Navigating to loginRequestUrl: ${c}`),t=await this.navigationClient.navigateInternal(c,e);else{const r=Ea();this.browserStorage.setTemporaryCache(As,r,!0),this.logger.warning("Unable to get valid login request url from cache, redirecting to home page"),t=await this.navigationClient.navigateInternal(r,e)}if(!t)return await this.handleResponse(s,r,n,i)}return null}catch(e){throw e instanceof Ce&&(e.setCorrelationId(this.correlationId),i.cacheFailedRequest(e)),e}}getRedirectResponse(t){this.logger.verbose("getRedirectResponseHash called");let r=t;r||(r=this.config.auth.OIDCOptions.serverResponseType===_.QUERY?window.location.search:window.location.hash);let n=fr(r);if(n){try{Wc(n,this.browserCrypto,e.InteractionType.Redirect)}catch(e){return e instanceof Ce&&this.logger.error(`Interaction type validation failed due to ${e.errorCode}: ${e.errorMessage}`),[null,""]}return Ta(window),this.logger.verbose("Hash contains known properties, returning response hash"),[n,r]}const o=this.browserStorage.getTemporaryCache(ks,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(ks)),o&&(n=fr(o),n)?(this.logger.verbose("Hash does not contain known properties, returning cached hash"),[n,o]):[null,""]}async handleResponse(e,t,r,n){if(!e.state)throw Zi(ni);if(e.ear_jwe){const r=await Un(this.getDiscoveredAuthority.bind(this),Or.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t.correlationId)({requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account});return Un(hl,Or.HandleResponseEar,this.logger,this.performanceClient,t.correlationId)(t,e,Ms.acquireTokenRedirect,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}const o=await Un(this.createAuthCodeClient.bind(this),Or.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority});return Un(ll,Or.HandleResponseCode,this.logger,this.performanceClient,t.correlationId)(t,e,r,Ms.acquireTokenRedirect,this.config,o,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async initiateAuthRequest(e,t){if(this.logger.verbose("RedirectHandler.initiateAuthRequest called"),e){this.logger.infoPii(`RedirectHandler.initiateAuthRequest: Navigate to: ${e}`);const r={apiId:Ms.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},n=t||this.config.auth.onRedirectNavigate;if("function"==typeof n){this.logger.verbose("RedirectHandler.initiateAuthRequest: Invoking onRedirectNavigate callback");return!1!==n(e)?(this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate did not return false, navigating"),void await this.navigationClient.navigateExternal(e,r)):void this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate returned false, stopping navigation")}return this.logger.verbose("RedirectHandler.initiateAuthRequest: Navigating window to navigate url"),void await this.navigationClient.navigateExternal(e,r)}throw this.logger.info("RedirectHandler.initiateAuthRequest: Navigate url is empty"),Zi(ti)}async logout(t){this.logger.verbose("logoutRedirect called");const r=this.initializeLogoutRequest(t),n=this.initializeServerTelemetryManager(Ms.logout);try{this.eventHandler.emitEvent(_c.LOGOUT_START,e.InteractionType.Redirect,t),await this.clearCacheOnLogout(this.correlationId,r.account);const o={apiId:Ms.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=await Un(this.createAuthCodeClient.bind(this),Or.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t&&t.authority,requestExtraQueryParameters:t?.extraQueryParameters,account:t&&t.account||void 0});if(i.authority.protocolMode===lr.OIDC)try{i.authority.endSessionEndpoint}catch{if(r.account?.homeAccountId)return void this.eventHandler.emitEvent(_c.LOGOUT_SUCCESS,e.InteractionType.Redirect,r)}const s=i.getLogoutUri(r);if(this.eventHandler.emitEvent(_c.LOGOUT_SUCCESS,e.InteractionType.Redirect,r),!t||"function"!=typeof t.onRedirectNavigate)return this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Ts),void await this.navigationClient.navigateExternal(s,o);if(!1!==t.onRedirectNavigate(s))return this.logger.verbose("Logout onRedirectNavigate did not return false, navigating"),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Ts),void await this.navigationClient.navigateExternal(s,o);this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("Logout onRedirectNavigate returned false, stopping navigation")}catch(t){throw t instanceof Ce&&(t.setCorrelationId(this.correlationId),n.cacheFailedRequest(t)),this.eventHandler.emitEvent(_c.LOGOUT_FAILURE,e.InteractionType.Redirect,null,t),this.eventHandler.emitEvent(_c.LOGOUT_END,e.InteractionType.Redirect),t}this.eventHandler.emitEvent(_c.LOGOUT_END,e.InteractionType.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return wr.getAbsoluteUrl(t,ba())}}async function vl(e,t,r,n,o){if(t.addQueueMeasurement(Or.SilentHandlerInitiateAuthRequest,n),!e)throw r.info("Navigate url is empty"),Zi(ti);return o?Un(kl,Or.SilentHandlerLoadFrame,r,t,n)(e,o,t,n):Nn(Sl,Or.SilentHandlerLoadFrameSync,r,t,n)(e)}async function Il(e,t,r,n,o){const i=bl();if(!i.contentDocument)throw"No document associated with iframe!";return(await sl(i.contentDocument,e,t,r,n,o)).submit(),i}async function Tl(e,t,r,n,o){const i=bl();if(!i.contentDocument)throw"No document associated with iframe!";return(await il(i.contentDocument,e,t,r,n,o)).submit(),i}async function Al(e,t,r,n,o,i,s){return n.addQueueMeasurement(Or.SilentHandlerMonitorIframeForHash,i),new Promise(((n,i)=>{t<Ka&&o.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${t}ms) than the default (10000ms). This may result in timeouts.`);const a=window.setTimeout((()=>{window.clearInterval(c),i(Zi(ui))}),t),c=window.setInterval((()=>{let t="";const r=e.contentWindow;try{t=r?r.location.href:""}catch(e){}if(!t||"about:blank"===t)return;let o="";r&&(o=s===_.QUERY?r.location.search:r.location.hash),window.clearTimeout(a),window.clearInterval(c),n(o)}),r)})).finally((()=>{Nn(El,Or.RemoveHiddenIframe,o,n,i)(e)}))}function kl(e,t,r,n){return r.addQueueMeasurement(Or.SilentHandlerLoadFrame,n),new Promise(((r,n)=>{const o=bl();window.setTimeout((()=>{o?(o.src=e,r(o)):n("Unable to load iframe")}),t)}))}function Sl(e){const t=bl();return t.src=e,t}function bl(){const e=document.createElement("iframe");return e.className="msalSilentIframe",e.style.visibility="hidden",e.style.position="absolute",e.style.width=e.style.height="0",e.style.border="0",e.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),e.setAttribute("allow","local-network-access *"),document.body.appendChild(e),e}function El(e){document.body===e.parentNode&&document.body.removeChild(e)}class Rl extends Qc{constructor(e,t,r,n,o,i,s,a,c,l,h){super(e,t,r,n,o,i,a,l,h),this.apiId=s,this.nativeStorage=c}async acquireToken(t){this.performanceClient.addQueueMeasurement(Or.SilentIframeClientAcquireToken,t.correlationId),t.loginHint||t.sid||t.account&&t.account.username||this.logger.warning("No user hint provided. The authorization server may need more information to complete this request.");const r={...t};r.prompt?r.prompt!==b.NONE&&r.prompt!==b.NO_SESSION&&(this.logger.warning(`SilentIframeClient. Replacing invalid prompt ${r.prompt} with ${b.NONE}`),r.prompt=b.NONE):r.prompt=b.NONE;const n=await Un(this.initializeAuthorizationRequest.bind(this),Or.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,t.correlationId)(r,e.InteractionType.Silent);return n.platformBroker=yl(this.config,this.logger,this.platformAuthProvider,n.authenticationScheme),Ua(n.authority),this.config.auth.protocolMode===lr.EAR?this.executeEarFlow(n):this.executeCodeFlow(n)}async executeCodeFlow(e){let t;const r=this.initializeServerTelemetryManager(this.apiId);try{return t=await Un(this.createAuthCodeClient.bind(this),Or.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await Un(this.silentTokenHelper.bind(this),Or.SilentIframeClientTokenHelper,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(n){if(n instanceof Ce&&(n.setCorrelationId(this.correlationId),r.cacheFailedRequest(n)),!(t&&n instanceof Ce&&n.errorCode===es))throw n;return this.performanceClient.addFields({retryError:n.errorCode},this.correlationId),await Un(this.silentTokenHelper.bind(this),Or.SilentIframeClientTokenHelper,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const t=e.correlationId,r=await Un(this.getDiscoveredAuthority.bind(this),Or.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,t)({requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),n=await Un(sa,Or.GenerateEarKey,this.logger,this.performanceClient,t)(),o=await Un(dl,Or.GeneratePkceCodes,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),i={...e,earJwk:n,codeChallenge:o.challenge},s=await Un(Tl,Or.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,t)(this.config,r,i,this.logger,this.performanceClient),a=this.config.auth.OIDCOptions.serverResponseType,c=await Un(Al,Or.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,t)(s,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,t,a),l=Nn(jc,Or.DeserializeResponse,this.logger,this.performanceClient,t)(c,a,this.logger);if(!l.ear_jwe&&l.code){const n=await Un(this.createAuthCodeClient.bind(this),Or.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,t)({serverTelemetryManager:this.initializeServerTelemetryManager(this.apiId),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:r});return Un(ll,Or.HandleResponseCode,this.logger,this.performanceClient,t)(i,l,o.verifier,this.apiId,this.config,n,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Un(hl,Or.HandleResponseEar,this.logger,this.performanceClient,t)(i,l,this.apiId,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}logout(){return Promise.reject(Zi(yi))}async silentTokenHelper(e,t){const r=t.correlationId;this.performanceClient.addQueueMeasurement(Or.SilentIframeClientTokenHelper,r);const n=await Un(dl,Or.GeneratePkceCodes,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),o={...t,codeChallenge:n.challenge};let i;if(t.httpMethod===l)i=await Un(Il,Or.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);else{const t=await Un(ol,Or.GetAuthCodeUrl,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);i=await Un(vl,Or.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,r)(t,this.performanceClient,this.logger,r,this.config.system.navigateFrameWait)}const s=this.config.auth.OIDCOptions.serverResponseType,a=await Un(Al,Or.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,r)(i,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,r,s),c=Nn(jc,Or.DeserializeResponse,this.logger,this.performanceClient,r)(a,s,this.logger);return Un(ll,Or.HandleResponseCode,this.logger,this.performanceClient,r)(t,c,n.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}class _l extends Qc{async acquireToken(e){this.performanceClient.addQueueMeasurement(Or.SilentRefreshClientAcquireToken,e.correlationId);const t=await Un(Kc,Or.InitializeBaseRequest,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger),r={...e,...t};e.redirectUri&&(r.redirectUri=this.getRedirectUri(e.redirectUri));const n=this.initializeServerTelemetryManager(Ms.acquireTokenSilent_silentFlow),o=await this.createRefreshTokenClient({serverTelemetryManager:n,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return Un(o.acquireTokenByRefreshToken.bind(o),Or.RefreshTokenClientAcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(r).catch((e=>{throw e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e),e}))}logout(){return Promise.reject(Zi(yi))}async createRefreshTokenClient(e){const t=await Un(this.getClientConfiguration.bind(this),Or.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new No(t,this.performanceClient)}}class Pl{constructor(e,t,r,n){this.isBrowserEnvironment="undefined"!=typeof window,this.config=e,this.storage=t,this.logger=r,this.cryptoObj=n}async loadExternalTokens(e,t,r){if(!this.isBrowserEnvironment)throw Zi(ki);const n=e.correlationId||oa(),o=t.id_token?dr(t.id_token,Ks):void 0,i=ur(o||{}),s={protocolMode:this.config.auth.protocolMode,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},a=e.authority?new Zn(Zn.generateAuthority(e.authority,e.azureCloudOptions),this.config.system.networkClient,this.storage,s,this.logger,e.correlationId||oa()):void 0,c=await this.loadAccount(e,r.clientInfo||t.client_info||"",n,o,a),l=await this.loadIdToken(t,c.homeAccountId,c.environment,c.realm,n,i),h=await this.loadAccessToken(e,t,c.homeAccountId,c.environment,c.realm,r,n,i),d=await this.loadRefreshToken(t,c.homeAccountId,c.environment,n,i);return this.generateAuthenticationResult(e,{account:c,idToken:l,accessToken:h,refreshToken:d},o,a)}async loadAccount(e,t,r,n,o){if(this.logger.verbose("TokenCache - loading account"),e.account){const t=hr.createFromAccountInfo(e.account);return await this.storage.setAccount(t,r,ur(n||{})),t}if(!o||!t&&!n)throw this.logger.error("TokenCache - if an account is not provided on the request, authority and either clientInfo or idToken must be provided instead."),Zi(Pi);const i=hr.generateHomeAccountId(t,o.authorityType,this.logger,this.cryptoObj,n),s=n?.tid,a=Mo(this.storage,o,i,Ks,r,n,t,o.hostnameAndPort,s,void 0,void 0,this.logger);return await this.storage.setAccount(a,r,ur(n||{})),a}async loadIdToken(e,t,r,n,o,i){if(!e.id_token)return this.logger.verbose("TokenCache - no id token found in response"),null;this.logger.verbose("TokenCache - loading id token");const s=Kn(t,r,e.id_token,this.config.auth.clientId,n);return await this.storage.setIdTokenCredential(s,o,i),s}async loadAccessToken(e,t,r,n,o,i,s,a){if(!t.access_token)return this.logger.verbose("TokenCache - no access token found in response"),null;if(!t.expires_in)return this.logger.error("TokenCache - no expiration set on the access token. Cannot add it to the cache."),null;if(!(t.scope||e.scopes&&e.scopes.length))return this.logger.error("TokenCache - scopes not specified in the request or response. Cannot add token to the cache."),null;this.logger.verbose("TokenCache - loading access token");const c=t.scope?Xt.fromString(t.scope):new Xt(e.scopes),l=i.expiresOn||t.expires_in+Dn(),h=i.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+Dn(),d=Gn(r,n,t.access_token,this.config.auth.clientId,o,c.printScopes(),l,h,Ks);return await this.storage.setAccessTokenCredential(d,s,a),d}async loadRefreshToken(e,t,r,n,o){if(!e.refresh_token)return this.logger.verbose("TokenCache - no refresh token found in response"),null;this.logger.verbose("TokenCache - loading refresh token");const i=$n(t,r,e.refresh_token,this.config.auth.clientId,e.foci,void 0,e.refresh_token_expires_in);return await this.storage.setRefreshTokenCredential(i,n,o),i}generateAuthenticationResult(e,t,r,n){let o,i="",s=[],a=null;t?.accessToken&&(i=t.accessToken.secret,s=Xt.fromString(t.accessToken.target).asArray(),a=xn(t.accessToken.expiresOn),o=xn(t.accessToken.extendedExpiresOn));const c=t.account;return{authority:n?n.canonicalAuthority:"",uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:hr.getAccountInfo(c),idToken:t.idToken?.secret||"",idTokenClaims:r||{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId||"",requestId:"",extExpiresOn:o,familyId:t.refreshToken?.familyId||"",tokenType:t?.accessToken?.tokenType||"",state:e.state||"",cloudGraphHostName:c.cloudGraphHostName||"",msGraphHost:c.msGraphHost||"",fromNativeBroker:!1}}}class Ml extends qo{constructor(e){super(e),this.includeRedirectUri=!1}}class Ol extends Qc{constructor(e,t,r,n,o,i,s,a,c,l){super(e,t,r,n,o,i,a,c,l),this.apiId=s}async acquireToken(t){if(!t.code)throw Zi(Oi);const r=await Un(this.initializeAuthorizationRequest.bind(this),Or.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,t.correlationId)(t,e.InteractionType.Silent),n=this.initializeServerTelemetryManager(this.apiId);try{const e={...r,code:t.code},o=await Un(this.getClientConfiguration.bind(this),Or.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,t.correlationId)({serverTelemetryManager:n,requestAuthority:r.authority,requestAzureCloudOptions:r.azureCloudOptions,requestExtraQueryParameters:r.extraQueryParameters,account:r.account}),i=new Ml(o);this.logger.verbose("Auth code client created");const s=new Vc(i,this.browserStorage,e,this.logger,this.performanceClient);return await Un(s.handleCodeResponseFromServer.bind(s),Or.HandleCodeResponseFromServer,this.logger,this.performanceClient,t.correlationId)({code:t.code,msgraph_host:t.msGraphHost,cloud_graph_host_name:t.cloudGraphHostName,cloud_instance_host_name:t.cloudInstanceHostName},r,!1)}catch(e){throw e instanceof Ce&&(e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e)),e}}logout(){return Promise.reject(Zi(yi))}}function ql(e,t,r){try{qa(e)}catch(e){throw t.end({success:!1},e,r),e}}class Nl{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new yc(this.logger,this.performanceClient):ft,this.eventHandler=new Fc(this.logger),this.browserStorage=this.isBrowserEnvironment?new Mc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,to(this.config.auth)):qc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:Cs.MemoryStorage,cacheRetentionDays:5,temporaryCacheLocation:Cs.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};this.nativeInternalStorage=new Mc(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.tokenCache=new Pl(this.config,this.browserStorage,this.logger,this.browserCrypto),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this)}static async createController(e,t){const r=new Nl(e);return await r.initialize(t),r}trackPageVisibility(e){e&&(this.logger.info("Perf: Visibility change detected"),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e,t){if(this.logger.trace("initialize called"),this.initialized)return void this.logger.info("initialize has already been called, exiting early.");if(!this.isBrowserEnvironment)return this.logger.info("in non-browser environment, exiting early."),this.initialized=!0,void this.eventHandler.emitEvent(_c.INITIALIZE_END);const r=e?.correlationId||this.getRequestCorrelationId(),n=this.config.system.allowPlatformBroker,o=this.performanceClient.startMeasurement(Or.InitializeClientApplication,r);if(this.eventHandler.emitEvent(_c.INITIALIZE_START),!t)try{this.logMultipleInstances(o)}catch{}if(await Un(this.browserStorage.initialize.bind(this.browserStorage),Or.InitializeCache,this.logger,this.performanceClient,r)(r),n)try{this.platformAuthProvider=await fl(this.logger,this.performanceClient,r,this.config.system.nativeBrokerHandshakeTimeout,this.config.system.allowPlatformBrokerWithDOM)}catch(e){this.logger.verbose(e)}this.config.cache.claimsBasedCachingEnabled||(this.logger.verbose("Claims-based caching is disabled. Clearing the previous cache with claims"),Nn(this.browserStorage.clearTokensAndKeysWithClaims.bind(this.browserStorage),Or.ClearTokensAndKeysWithClaims,this.logger,this.performanceClient,r)(r)),this.config.system.asyncPopups&&await this.preGeneratePkceCodes(r),this.initialized=!0,this.eventHandler.emitEvent(_c.INITIALIZE_END),o.end({allowPlatformBroker:n,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("handleRedirectPromise called"),Oa(this.initialized),this.isBrowserEnvironment){const t=e||"";let r=this.redirectResponse.get(t);return void 0===r?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("handleRedirectPromise has been called for the first time, storing the promise")):this.logger.verbose("handleRedirectPromise has been called previously, returning the result from the first call"),r}return this.logger.verbose("handleRedirectPromise returns null, not browser environment"),null}async handleRedirectPromiseInternal(t){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const r=this.browserStorage.getInteractionInProgress()?.type;if(r===Ts)return this.logger.verbose("handleRedirectPromise removing interaction_in_progress flag and returning null after sign-out"),this.browserStorage.setInteractionInProgress(!1),Promise.resolve(null);const n=this.getAllAccounts(),o=this.browserStorage.getCachedNativeRequest(),i=o&&this.platformAuthProvider&&!t;let s,a;this.eventHandler.emitEvent(_c.HANDLE_REDIRECT_START,e.InteractionType.Redirect);try{if(i&&this.platformAuthProvider){s=this.performanceClient.startMeasurement(Or.AcquireTokenRedirect,o?.correlationId||""),this.logger.trace("handleRedirectPromise - acquiring token from native platform"),s.add({isPlatformBrokerRequest:!0});const e=new rl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Ms.handleRedirectPromise,this.performanceClient,this.platformAuthProvider,o.accountId,this.nativeInternalStorage,o.correlationId);a=Un(e.handleRedirectPromise.bind(e),Or.HandleNativeRedirectPromiseMeasurement,this.logger,this.performanceClient,s.event.correlationId)(this.performanceClient,s.event.correlationId)}else{const[e,r]=this.browserStorage.getCachedRequest(),n=e.correlationId;s=this.performanceClient.startMeasurement(Or.AcquireTokenRedirect,n),this.logger.trace("handleRedirectPromise - acquiring token from web flow");const o=this.createRedirectClient(n);a=Un(o.handleRedirectPromise.bind(o),Or.HandleRedirectPromiseMeasurement,this.logger,this.performanceClient,s.event.correlationId)(t,e,r,s)}}catch(e){throw this.browserStorage.resetRequestCache(),e}return a.then((t=>{if(t){this.browserStorage.resetRequestCache();n.length<this.getAllAccounts().length?(this.eventHandler.emitEvent(_c.LOGIN_SUCCESS,e.InteractionType.Redirect,t),this.logger.verbose("handleRedirectResponse returned result, login success")):(this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Redirect,t),this.logger.verbose("handleRedirectResponse returned result, acquire token success")),s.end({success:!0},void 0,t.account)}else s.event.errorCode?s.end({success:!1},void 0):s.discard();return this.eventHandler.emitEvent(_c.HANDLE_REDIRECT_END,e.InteractionType.Redirect),t})).catch((t=>{this.browserStorage.resetRequestCache();const r=t;throw n.length>0?this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Redirect,null,r):this.eventHandler.emitEvent(_c.LOGIN_FAILURE,e.InteractionType.Redirect,null,r),this.eventHandler.emitEvent(_c.HANDLE_REDIRECT_END,e.InteractionType.Redirect),s.end({success:!1},r),t}))}async acquireTokenRedirect(t){const r=this.getRequestCorrelationId(t);this.logger.verbose("acquireTokenRedirect called",r);const n=this.performanceClient.startMeasurement(Or.AcquireTokenPreRedirect,r);n.add({scenarioId:t.scenarioId});const o=t.onRedirectNavigate;if(o)t.onRedirectNavigate=e=>{const r="function"==typeof o?o(e):void 0;return n.add({navigateCallbackResult:!1!==r}),n.event=n.end({success:!0},void 0,t.account)||n.event,r};else{const e=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=r=>{const o="function"==typeof e?e(r):void 0;return n.add({navigateCallbackResult:!1!==o}),n.event=n.end({success:!0},void 0,t.account)||n.event,o}}const i=this.getAllAccounts().length>0;try{let o;if(Na(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Is),i?this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,e.InteractionType.Redirect,t):this.eventHandler.emitEvent(_c.LOGIN_START,e.InteractionType.Redirect,t),this.platformAuthProvider&&this.canUsePlatformBroker(t)){o=new rl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Ms.acquireTokenRedirect,this.performanceClient,this.platformAuthProvider,this.getNativeAccountId(t),this.nativeInternalStorage,r).acquireTokenRedirect(t,n).catch((e=>{if(n.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Xc&&Zc(e)){this.platformAuthProvider=void 0;return this.createRedirectClient(r).acquireToken(t)}if(e instanceof Ao){this.logger.verbose("acquireTokenRedirect - Resolving interaction required error thrown by native broker by falling back to web flow");return this.createRedirectClient(r).acquireToken(t)}throw e}))}else{o=this.createRedirectClient(r).acquireToken(t)}return await o}catch(o){throw this.browserStorage.resetRequestCache(),2===n.event.status?this.performanceClient.startMeasurement(Or.AcquireTokenRedirect,r).end({success:!1},o,t.account):n.end({success:!1},o,t.account),i?this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Redirect,null,o):this.eventHandler.emitEvent(_c.LOGIN_FAILURE,e.InteractionType.Redirect,null,o),o}}acquireTokenPopup(t){const r=this.getRequestCorrelationId(t),n=this.performanceClient.startMeasurement(Or.AcquireTokenPopup,r);n.add({scenarioId:t.scenarioId});try{this.logger.verbose("acquireTokenPopup called",r),ql(this.initialized,n,t.account),this.browserStorage.setInteractionInProgress(!0,Is)}catch(e){return Promise.reject(e)}const o=this.getAllAccounts();let i;o.length>0?this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,e.InteractionType.Popup,t):this.eventHandler.emitEvent(_c.LOGIN_START,e.InteractionType.Popup,t);const s=this.getPreGeneratedPkceCodes(r);if(this.canUsePlatformBroker(t))n.add({isPlatformBrokerRequest:!0}),i=this.acquireTokenNative({...t,correlationId:r},Ms.acquireTokenPopup).then((e=>(n.end({success:!0},void 0,e.account),e))).catch((e=>{if(n.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Xc&&Zc(e)){this.platformAuthProvider=void 0;return this.createPopupClient(r).acquireToken(t,s)}if(e instanceof Ao){this.logger.verbose("acquireTokenPopup - Resolving interaction required error thrown by native broker by falling back to web flow");return this.createPopupClient(r).acquireToken(t,s)}throw e}));else{i=this.createPopupClient(r).acquireToken(t,s)}return i.then((t=>(o.length<this.getAllAccounts().length?this.eventHandler.emitEvent(_c.LOGIN_SUCCESS,e.InteractionType.Popup,t):this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Popup,t),n.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((r=>(o.length>0?this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Popup,null,r):this.eventHandler.emitEvent(_c.LOGIN_FAILURE,e.InteractionType.Popup,null,r),n.end({success:!1},r,t.account),Promise.reject(r)))).finally((async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.asyncPopups&&await this.preGeneratePkceCodes(r)}))}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;e&&(this.logger.info("Perf: Visibility change detected in ",e.event.name),e.increment({visibilityChangeCount:1}))}async ssoSilent(t){const r=this.getRequestCorrelationId(t),n={...t,prompt:t.prompt,correlationId:r};let o;if(this.ssoSilentMeasurement=this.performanceClient.startMeasurement(Or.SsoSilent,r),this.ssoSilentMeasurement?.add({scenarioId:t.scenarioId}),ql(this.initialized,this.ssoSilentMeasurement,t.account),this.ssoSilentMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),this.logger.verbose("ssoSilent called",r),this.eventHandler.emitEvent(_c.SSO_SILENT_START,e.InteractionType.Silent,n),this.canUsePlatformBroker(n))this.ssoSilentMeasurement?.add({isPlatformBrokerRequest:!0}),o=this.acquireTokenNative(n,Ms.ssoSilent).catch((e=>{if(this.ssoSilentMeasurement?.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Xc&&Zc(e)){this.platformAuthProvider=void 0;return this.createSilentIframeClient(n.correlationId).acquireToken(n)}throw e}));else{o=this.createSilentIframeClient(n.correlationId).acquireToken(n)}return o.then((t=>(this.eventHandler.emitEvent(_c.SSO_SILENT_SUCCESS,e.InteractionType.Silent,t),this.ssoSilentMeasurement?.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((r=>{throw this.eventHandler.emitEvent(_c.SSO_SILENT_FAILURE,e.InteractionType.Silent,null,r),this.ssoSilentMeasurement?.end({success:!1},r,t.account),r})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenByCode(t){const r=this.getRequestCorrelationId(t);this.logger.trace("acquireTokenByCode called",r);const n=this.performanceClient.startMeasurement(Or.AcquireTokenByCode,r);ql(this.initialized,n),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_BY_CODE_START,e.InteractionType.Silent,t),n.add({scenarioId:t.scenarioId});try{if(t.code&&t.nativeAccountId)throw Zi(Ni);if(t.code){const o=t.code;let i=this.hybridAuthCodeResponses.get(o);return i?(this.logger.verbose("Existing acquireTokenByCode request found",r),n.discard()):(this.logger.verbose("Initiating new acquireTokenByCode request",r),i=this.acquireTokenByCodeAsync({...t,correlationId:r}).then((t=>(this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_BY_CODE_SUCCESS,e.InteractionType.Silent,t),this.hybridAuthCodeResponses.delete(o),n.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((t=>{throw this.hybridAuthCodeResponses.delete(o),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_BY_CODE_FAILURE,e.InteractionType.Silent,null,t),n.end({success:!1},t),t})),this.hybridAuthCodeResponses.set(o,i)),await i}if(t.nativeAccountId){if(this.canUsePlatformBroker(t,t.nativeAccountId)){n.add({isPlatformBrokerRequest:!0});const e=await this.acquireTokenNative({...t,correlationId:r},Ms.acquireTokenByCode,t.nativeAccountId).catch((e=>{throw e instanceof Xc&&Zc(e)&&(this.platformAuthProvider=void 0),n.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e}));return n.end({success:!0},void 0,e.account),e}throw Zi(Li)}throw Zi(qi)}catch(t){throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_BY_CODE_FAILURE,e.InteractionType.Silent,null,t),n.end({success:!1},t),t}}async acquireTokenByCodeAsync(e){this.logger.trace("acquireTokenByCodeAsync called",e.correlationId),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement(Or.AcquireTokenByCodeAsync,e.correlationId),this.acquireTokenByCodeAsyncMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const t=this.createSilentAuthCodeClient(e.correlationId);return await t.acquireToken(e).then((e=>(this.acquireTokenByCodeAsyncMeasurement?.end({success:!0,fromCache:e.fromCache}),e))).catch((e=>{throw this.acquireTokenByCodeAsyncMeasurement?.end({success:!1},e),e})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenFromCache(e,t){switch(this.performanceClient.addQueueMeasurement(Or.AcquireTokenFromCache,e.correlationId),t){case Ds.Default:case Ds.AccessToken:case Ds.AccessTokenAndRefreshToken:const t=this.createSilentCacheClient(e.correlationId);return Un(t.acquireToken.bind(t),Or.SilentCacheClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw mt(Xe)}}async acquireTokenByRefreshToken(e,t){switch(this.performanceClient.addQueueMeasurement(Or.AcquireTokenByRefreshToken,e.correlationId),t){case Ds.Default:case Ds.AccessTokenAndRefreshToken:case Ds.RefreshToken:case Ds.RefreshTokenAndNetwork:const t=this.createSilentRefreshClient(e.correlationId);return Un(t.acquireToken.bind(t),Or.SilentRefreshClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw mt(Xe)}}async acquireTokenBySilentIframe(e){this.performanceClient.addQueueMeasurement(Or.AcquireTokenBySilentIframe,e.correlationId);const t=this.createSilentIframeClient(e.correlationId);return Un(t.acquireToken.bind(t),Or.SilentIframeClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e)}async logout(e){const t=this.getRequestCorrelationId(e);return this.logger.warning("logout API is deprecated and will be removed in msal-browser v3.0.0. Use logoutRedirect instead.",t),this.logoutRedirect({correlationId:t,...e})}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);Na(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Ts);return this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);qa(this.initialized),this.browserStorage.setInteractionInProgress(!0,Ts);return this.createPopupClient(t).logout(e).finally((()=>{this.browserStorage.setInteractionInProgress(!1)}))}catch(e){return Promise.reject(e)}}async clearCache(e){if(!this.isBrowserEnvironment)return void this.logger.info("in non-browser environment, returning early.");const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){const t=this.getRequestCorrelationId();return Nc(this.logger,this.browserStorage,this.isBrowserEnvironment,t,e)}getAccount(e){const t=this.getRequestCorrelationId();return Uc(e,this.logger,this.browserStorage,t)}getAccountByUsername(e){const t=this.getRequestCorrelationId();return Lc(e,this.logger,this.browserStorage,t)}getAccountByHomeId(e){const t=this.getRequestCorrelationId();return Dc(e,this.logger,this.browserStorage,t)}getAccountByLocalId(e){const t=this.getRequestCorrelationId();return Hc(e,this.logger,this.browserStorage,t)}setActiveAccount(e){const t=this.getRequestCorrelationId();xc(e,this.browserStorage,t)}getActiveAccount(){const e=this.getRequestCorrelationId();return Bc(this.browserStorage,e)}async hydrateCache(e,t){this.logger.verbose("hydrateCache called");const r=hr.createFromAccountInfo(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,ur(e.idTokenClaims)),e.fromNativeBroker?(this.logger.verbose("Response was from native broker, storing in-memory"),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,r,n){if(this.logger.trace("acquireTokenNative called"),!this.platformAuthProvider)throw Zi(xi);return new rl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.platformAuthProvider,r||this.getNativeAccountId(e),this.nativeInternalStorage,e.correlationId).acquireToken(e,n)}canUsePlatformBroker(e,t){if(this.logger.trace("canUsePlatformBroker called"),!this.platformAuthProvider)return this.logger.trace("canUsePlatformBroker: platform broker unavilable, returning false"),!1;if(!yl(this.config,this.logger,this.platformAuthProvider,e.authenticationScheme))return this.logger.trace("canUsePlatformBroker: isBrokerAvailable returned false, returning false"),!1;if(e.prompt)switch(e.prompt){case b.NONE:case b.CONSENT:case b.LOGIN:case b.SELECT_ACCOUNT:this.logger.trace("canUsePlatformBroker: prompt is compatible with platform broker flow");break;default:return this.logger.trace(`canUsePlatformBroker: prompt = ${e.prompt} is not compatible with platform broker flow, returning false`),!1}return!(!t&&!this.getNativeAccountId(e))||(this.logger.trace("canUsePlatformBroker: nativeAccountId is not available, returning false"),!1)}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||this.getActiveAccount();return t&&t.nativeAccountId||""}createPopupClient(e){return new Cl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.platformAuthProvider,e)}createRedirectClient(e){return new wl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.platformAuthProvider,e)}createSilentIframeClient(e){return new Rl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Ms.ssoSilent,this.performanceClient,this.nativeInternalStorage,this.platformAuthProvider,e)}createSilentCacheClient(e){return new tl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.platformAuthProvider,e)}createSilentRefreshClient(e){return new _l(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.platformAuthProvider,e)}createSilentAuthCodeClient(e){return new Ol(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Ms.acquireTokenByCode,this.performanceClient,this.platformAuthProvider,e)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return Ma(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}enableAccountStorageEvents(){this.config.cache.cacheLocation===Cs.LocalStorage?this.eventHandler.subscribeCrossTab():this.logger.info("Account storage events are only available when cacheLocation is set to localStorage")}disableAccountStorageEvents(){this.config.cache.cacheLocation===Cs.LocalStorage?this.eventHandler.unsubscribeCrossTab():this.logger.info("Account storage events are only available when cacheLocation is set to localStorage")}getTokenCache(){return this.tokenCache}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e?.correlationId?e.correlationId:this.isBrowserEnvironment?oa():t.EMPTY_STRING}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginRedirect called",t),this.acquireTokenRedirect({correlationId:t,...e||Ns})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginPopup called",t),this.acquireTokenPopup({correlationId:t,...e||Ns})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(Or.AcquireTokenSilent,t);r.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),ql(this.initialized,r,e.account),this.logger.verbose("acquireTokenSilent called",t);const n=e.account||this.getActiveAccount();if(!n)throw Zi(Ci);return this.acquireTokenSilentDeduped(e,n,t).then((n=>(r.end({success:!0,fromCache:n.fromCache,accessTokenSize:n.accessToken.length,idTokenSize:n.idToken.length},void 0,n.account),{...n,state:e.state,correlationId:t}))).catch((e=>{throw e instanceof Ce&&e.setCorrelationId(t),r.end({success:!1},e,n),e}))}async acquireTokenSilentDeduped(e,t,r){const n=oo(this.config.auth.clientId,{...e,authority:e.authority||this.config.auth.authority},t.homeAccountId),o=JSON.stringify(n),i=this.activeSilentTokenRequests.get(o);if(void 0===i){this.logger.verbose("acquireTokenSilent called for the first time, storing active request",r),this.performanceClient.addFields({deduped:!1},r);const n=Un(this.acquireTokenSilentAsync.bind(this),Or.AcquireTokenSilentAsync,this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(o,n),n.finally((()=>{this.activeSilentTokenRequests.delete(o)}))}return this.logger.verbose("acquireTokenSilent has been called previously, returning the result from the first call",r),this.performanceClient.addFields({deduped:!0},r),i}async acquireTokenSilentAsync(t,r){const n=()=>this.trackPageVisibility(t.correlationId);this.performanceClient.addQueueMeasurement(Or.AcquireTokenSilentAsync,t.correlationId),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,e.InteractionType.Silent,t),t.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},t.correlationId),document.addEventListener("visibilitychange",n);const o=await Un(Gc,Or.InitializeSilentRequest,this.logger,this.performanceClient,t.correlationId)(t,r,this.config,this.performanceClient,this.logger),i=t.cacheLookupPolicy||Ds.Default;return this.acquireTokenSilentNoIframe(o,i).catch((async e=>{const t=function(e,t){const r=!(e instanceof Ao&&e.subError!==yo),n=e.errorCode===es||e.errorCode===Xe,o=r&&n||e.errorCode===lo||e.errorCode===uo,i=Hs.includes(t);return o&&i}(e,i);if(t){if(this.activeIframeRequest){if(i!==Ds.Skip){const[t,r]=this.activeIframeRequest;this.logger.verbose(`Iframe request is already in progress, awaiting resolution for request with correlationId: ${r}`,o.correlationId);const n=this.performanceClient.startMeasurement(Or.AwaitConcurrentIframe,o.correlationId);n.add({awaitIframeCorrelationId:r});const s=await t;if(n.end({success:s}),s)return this.logger.verbose(`Parallel iframe request with correlationId: ${r} succeeded. Retrying cache and/or RT redemption`,o.correlationId),this.acquireTokenSilentNoIframe(o,i);throw this.logger.info(`Iframe request with correlationId: ${r} failed. Interaction is required.`),e}return this.logger.warning("Another iframe request is currently in progress and CacheLookupPolicy is set to Skip. This may result in degraded performance and/or reliability for both calls. Please consider changing the CacheLookupPolicy to take advantage of request queuing and token cache.",o.correlationId),Un(this.acquireTokenBySilentIframe.bind(this),Or.AcquireTokenBySilentIframe,this.logger,this.performanceClient,o.correlationId)(o)}{let e;return this.activeIframeRequest=[new Promise((t=>{e=t})),o.correlationId],this.logger.verbose("Refresh token expired/invalid or CacheLookupPolicy is set to Skip, attempting acquire token by iframe.",o.correlationId),Un(this.acquireTokenBySilentIframe.bind(this),Or.AcquireTokenBySilentIframe,this.logger,this.performanceClient,o.correlationId)(o).then((t=>(e(!0),t))).catch((t=>{throw e(!1),t})).finally((()=>{this.activeIframeRequest=void 0}))}}throw e})).then((r=>(this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,r),this.performanceClient.addFields({fromCache:r.fromCache},t.correlationId),r))).catch((t=>{throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),t})).finally((()=>{document.removeEventListener("visibilitychange",n)}))}async acquireTokenSilentNoIframe(t,r){return yl(this.config,this.logger,this.platformAuthProvider,t.authenticationScheme)&&t.account.nativeAccountId?(this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform"),this.performanceClient.addFields({isPlatformBrokerRequest:!0},t.correlationId),this.acquireTokenNative(t,Ms.acquireTokenSilent_silentFlow,t.account.nativeAccountId,r).catch((async e=>{if(this.performanceClient.addFields({brokerErrorName:e.name,brokerErrorCode:e.errorCode},t.correlationId),e instanceof Xc&&Zc(e))throw this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow"),this.platformAuthProvider=void 0,mt(Xe);throw e}))):(this.logger.verbose("acquireTokenSilent - attempting to acquire token from web flow"),r===Ds.AccessToken&&this.logger.verbose("acquireTokenSilent - cache lookup policy set to AccessToken, attempting to acquire token from local cache"),Un(this.acquireTokenFromCache.bind(this),Or.AcquireTokenFromCache,this.logger,this.performanceClient,t.correlationId)(t,r).catch((n=>{if(r===Ds.AccessToken)throw n;return this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_NETWORK_START,e.InteractionType.Silent,t),Un(this.acquireTokenByRefreshToken.bind(this),Or.AcquireTokenByRefreshToken,this.logger,this.performanceClient,t.correlationId)(t,r)})))}async preGeneratePkceCodes(e){return this.logger.verbose("Generating new PKCE codes"),this.pkceCode=await Un(dl,Or.GeneratePkceCodes,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){this.logger.verbose("Attempting to pick up pre-generated PKCE codes");const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,this.logger.verbose((t?"Found":"Did not find")+" pre-generated PKCE codes"),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}logMultipleInstances(e){const t=this.config.auth.clientId;if(!window)return;window.msal=window.msal||{},window.msal.clientIds=window.msal.clientIds||[];window.msal.clientIds.length>0&&this.logger.verbose("There is already an instance of MSAL.js in the window."),window.msal.clientIds.push(t),function(e,t,r){const n=window.msal?.clientIds||[],o=n.length,i=n.filter((t=>t===e)).length;i>1&&r.warning("There is already an instance of MSAL.js in the window with the same client id."),t.add({msalInstanceCount:o,sameClientIdInstanceCount:i})}(t,e,this.logger)}}class Ul{constructor(e,t,r,n){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=n}toNaaTokenRequest(e){let t;t=void 0===e.extraQueryParameters?new Map:new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId||this.crypto.createNewGuid(),n=Rn(e.claims,this.clientCapabilities),o=e.scopes||h;return{platformBrokerId:e.account?.homeAccountId,clientId:this.clientId,authority:e.authority,scope:o.join(" "),correlationId:r,claims:Yt.isEmptyObj(n)?void 0:n,state:e.state,authenticationScheme:e.authenticationScheme||W.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token||!t.token.access_token)throw mt(Ae);const n=xn(r+(t.token.expires_in||0)),o=dr(t.token.id_token,this.crypto.base64Decode),i=this.fromNaaAccountInfo(t.account,t.token.id_token,o),s=t.token.scope||e.scope;return{authority:t.token.authority||i.environment,uniqueId:i.localAccountId,tenantId:i.tenantId,scopes:s.split(" "),account:i,idToken:t.token.id_token,idTokenClaims:o,accessToken:t.token.access_token,fromCache:!1,expiresOn:n,tokenType:e.authenticationScheme||W.BEARER,correlationId:e.correlationId,extExpiresOn:n,state:e.state}}fromNaaAccountInfo(e,t,r){const n=r||e.idTokenClaims,o=e.localAccountId||n?.oid||n?.sub||"",i=e.tenantId||n?.tid||"",s=e.homeAccountId||`${o}.${i}`,a=e.username||n?.preferred_username||"",c=e.name||n?.name,l=e.loginHint||n?.login_hint,h=new Map,d=rr(s,o,i,n);h.set(i,d);return{homeAccountId:s,environment:e.environment,tenantId:i,username:a,localAccountId:o,name:c,loginHint:l,idToken:t,idTokenClaims:n,tenantProfiles:h}}fromBridgeError(e){if(!function(e){return void 0!==e.status}(e))return new Ce("unknown_error","An unknown error occurred");switch(e.status){case oc:return new pt(st);case ic:return new pt(it);case lc:return new pt(je);case cc:return new pt(lt);case hc:return new pt(e.code||lt,e.description);case sc:case ac:return new no(e.code,e.description);case nc:return new Ao(e.code,e.description);default:return new Ce(e.code,e.description)}}toAuthenticationResultFromCache(e,t,r,n,o){if(!t||!r)throw mt(Ae);const i=dr(t.secret,this.crypto.base64Decode),s=r.target||n.scopes.join(" ");return{authority:r.environment||e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:s.split(" "),account:e,idToken:t.secret,idTokenClaims:i||{},accessToken:r.secret,fromCache:!0,expiresOn:xn(r.expiresOn),extExpiresOn:xn(r.extendedExpiresOn),tokenType:n.authenticationScheme||W.BEARER,correlationId:o,state:n.state}}}const Ll={code:"unsupported_method",desc:"This method is not supported in nested app environment."};class Dl extends Ce{constructor(e,t){super(e,t),Object.setPrototypeOf(this,Dl.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(){return new Dl(Ll.code,Ll.desc)}}class Hl{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(void 0===t)throw new Error("unexpected: bridgeProxy is undefined");this.bridgeProxy=t,this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new yc(this.logger,this.performanceClient,!0):ft,this.eventHandler=new Fc(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new Mc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,to(this.config.auth)):qc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new Ul(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r||null}static async createController(e){const t=new Hl(e);return Promise.resolve(t)}async initialize(e,t){const r=e?.correlationId||oa();return await this.browserStorage.initialize(r),Promise.resolve()}ensureValidRequest(e){return e?.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(t){const r=this.ensureValidRequest(t);this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,e.InteractionType.Popup,r);const n=this.performanceClient.startMeasurement(Or.AcquireTokenPopup,r.correlationId);n.add({nestedAppAuthRequest:!0});try{const o=this.nestedAppAuthAdapter.toNaaTokenRequest(r),i=Dn(),s=await this.bridgeProxy.getTokenInteractive(o),a={...this.nestedAppAuthAdapter.fromNaaTokenResponse(o,s,i)};try{await this.hydrateCache(a,t)}catch(e){this.logger.warningPii(`Failed to hydrate cache. Error: ${e}`,r.correlationId)}return this.currentAccountContext={homeAccountId:a.account.homeAccountId,environment:a.account.environment,tenantId:a.account.tenantId},this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Popup,a),n.add({accessTokenSize:a.accessToken.length,idTokenSize:a.idToken.length}),n.end({success:!0,requestId:a.requestId},void 0,a.account),a}catch(r){const o=r instanceof Ce?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Popup,null,r),n.end({success:!1},r,t.account),o}}async acquireTokenSilentInternal(t){const r=this.ensureValidRequest(t);this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,e.InteractionType.Silent,r);const n=await this.acquireTokenFromCache(r);if(n)return this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,n),n;const o=this.performanceClient.startMeasurement(Or.SsoSilent,r.correlationId);o.increment({visibilityChangeCount:0}),o.add({nestedAppAuthRequest:!0});try{const n=this.nestedAppAuthAdapter.toNaaTokenRequest(r);n.forceRefresh=r.forceRefresh;const i=Dn(),s=await this.bridgeProxy.getTokenSilent(n),a=this.nestedAppAuthAdapter.fromNaaTokenResponse(n,s,i);try{await this.hydrateCache(a,t)}catch(e){this.logger.warningPii(`Failed to hydrate cache. Error: ${e}`,r.correlationId)}return this.currentAccountContext={homeAccountId:a.account.homeAccountId,environment:a.account.environment,tenantId:a.account.tenantId},this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,a),o?.add({accessTokenSize:a.accessToken.length,idTokenSize:a.idToken.length}),o?.end({success:!0,requestId:a.requestId},void 0,a.account),a}catch(r){const n=r instanceof Ce?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,r),o?.end({success:!1},r,t.account),n}}async acquireTokenFromCache(t){const r=this.performanceClient.startMeasurement(Or.AcquireTokenSilent,t.correlationId);if(r?.add({nestedAppAuthRequest:!0}),t.claims)return this.logger.verbose("Claims are present in the request, skipping cache lookup"),null;if(t.forceRefresh)return this.logger.verbose("forceRefresh is set to true, skipping cache lookup"),null;let n=null;switch(t.cacheLookupPolicy||(t.cacheLookupPolicy=Ds.Default),t.cacheLookupPolicy){case Ds.Default:case Ds.AccessToken:case Ds.AccessTokenAndRefreshToken:n=await this.acquireTokenFromCacheInternal(t);break;default:return null}return n?(this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,n),r.add({accessTokenSize:n.accessToken.length,idTokenSize:n.idToken.length}),r.end({success:!0},void 0,n.account),n):(this.logger.warning("Cached tokens are not found for the account, proceeding with silent token request."),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null),r.end({success:!1},void 0,t.account),null)}async acquireTokenFromCacheInternal(e){const t=this.bridgeProxy.getAccountContext()||this.currentAccountContext;let r=null;const n=e.correlationId||this.browserCrypto.createNewGuid();if(t&&(r=Uc(t,this.logger,this.browserStorage,n)),!r)return this.logger.verbose("No active account found, falling back to the host"),Promise.resolve(null);this.logger.verbose("active account found, attempting to acquire token silently");const o={...e,correlationId:e.correlationId||this.browserCrypto.createNewGuid(),authority:e.authority||r.environment,scopes:e.scopes?.length?e.scopes:[...h]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(r,o,i,r.tenantId);if(!s)return this.logger.verbose("No cached access token found"),Promise.resolve(null);if(zn(s.cachedAt)||Bn(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("Cached access token has expired"),Promise.resolve(null);const a=this.browserStorage.getIdToken(r,o.correlationId,i,r.tenantId,this.performanceClient);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(r,a,s,o,o.correlationId):(this.logger.verbose("No cached id token found"),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw Dl.createUnsupportedError()}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw Dl.createUnsupportedError()}acquireTokenNative(e,t,r){throw Dl.createUnsupportedError()}acquireTokenByRefreshToken(e,t){throw Dl.createUnsupportedError()}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw Dl.createUnsupportedError()}removePerformanceCallback(e){throw Dl.createUnsupportedError()}enableAccountStorageEvents(){throw Dl.createUnsupportedError()}disableAccountStorageEvents(){throw Dl.createUnsupportedError()}getAllAccounts(e){const t=this.browserCrypto.createNewGuid();return Nc(this.logger,this.browserStorage,this.isBrowserEnv(),t,e)}getAccount(e){const t=this.browserCrypto.createNewGuid();return Uc(e,this.logger,this.browserStorage,t)}getAccountByUsername(e){const t=this.browserCrypto.createNewGuid();return Lc(e,this.logger,this.browserStorage,t)}getAccountByHomeId(e){const t=this.browserCrypto.createNewGuid();return Dc(e,this.logger,this.browserStorage,t)}getAccountByLocalId(e){const t=this.browserCrypto.createNewGuid();return Hc(e,this.logger,this.browserStorage,t)}setActiveAccount(e){const t=this.browserCrypto.createNewGuid();return xc(e,this.browserStorage,t)}getActiveAccount(){const e=this.browserCrypto.createNewGuid();return Bc(this.browserStorage,e)}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e||Ns)}loginRedirect(e){throw Dl.createUnsupportedError()}logout(e){throw Dl.createUnsupportedError()}logoutRedirect(e){throw Dl.createUnsupportedError()}logoutPopup(e){throw Dl.createUnsupportedError()}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getTokenCache(){throw Dl.createUnsupportedError()}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("setNavigationClient is not supported in nested app auth")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw Dl.createUnsupportedError()}getRedirectResponse(){throw Dl.createUnsupportedError()}async clearCache(e){throw Dl.createUnsupportedError()}async hydrateCache(e,t){this.logger.verbose("hydrateCache called");const r=hr.createFromAccountInfo(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,ur(e.idTokenClaims)),this.browserStorage.hydrateCache(e,t)}}async function xl(e){const t=new gc(e),r=new uc(e),n=[t.initialize(),r.initialize()];return await Promise.all(n),r.isAvailable()&&e.auth.supportsNestedAppAuth?Hl.createController(r):t.isAvailable()?Nl.createController(t):null}class Bl{static async createPublicClientApplication(e){const t=await async function(e,t){const r=new gc(e);return await r.initialize(),Nl.createController(r,t)}(e);return new Bl(e,t)}constructor(e,t){this.isBroker=!1,this.controller=t||new Nl(new gc(e))}async initialize(e){return this.controller.initialize(e,this.isBroker)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}enableAccountStorageEvents(){this.controller.enableAccountStorageEvents()}disableAccountStorageEvents(){this.controller.disableAccountStorageEvents()}getAccount(e){return this.controller.getAccount(e)}getAccountByHomeId(e){return this.controller.getAccountByHomeId(e)}getAccountByLocalId(e){return this.controller.getAccountByLocalId(e)}getAccountByUsername(e){return this.controller.getAccountByUsername(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logout(e){return this.controller.logout(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getTokenCache(){return this.controller.getTokenCache()}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function Fl(e){const t=new Bl(e);return await t.initialize(),t}class zl{constructor(e){this.initialized=!1,this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.logger=e.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new yc(this.logger,this.performanceClient):ft,this.eventHandler=new Fc(this.logger),this.browserStorage=this.isBrowserEnvironment?new Mc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,void 0):qc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler)}getBrowserStorage(){return this.browserStorage}getAccount(e){return null}getAccountByHomeId(e){return null}getAccountByLocalId(e){return null}getAccountByUsername(e){return null}getAllAccounts(){return[]}initialize(){return this.initialized=!0,Promise.resolve()}acquireTokenPopup(e){return Oa(this.initialized),Ma(),{}}acquireTokenRedirect(e){return Oa(this.initialized),Ma(),Promise.resolve()}acquireTokenSilent(e){return Oa(this.initialized),Ma(),{}}acquireTokenByCode(e){return Oa(this.initialized),Ma(),{}}acquireTokenNative(e,t,r){return Oa(this.initialized),Ma(),{}}acquireTokenByRefreshToken(e,t){return Oa(this.initialized),Ma(),{}}addEventCallback(e,t){return null}removeEventCallback(e){}addPerformanceCallback(e){return Oa(this.initialized),Ma(),""}removePerformanceCallback(e){return Oa(this.initialized),Ma(),!0}enableAccountStorageEvents(){Oa(this.initialized),Ma()}disableAccountStorageEvents(){Oa(this.initialized),Ma()}handleRedirectPromise(e){return Oa(this.initialized),Promise.resolve(null)}loginPopup(e){return Oa(this.initialized),Ma(),{}}loginRedirect(e){return Oa(this.initialized),Ma(),{}}logout(e){return Oa(this.initialized),Ma(),{}}logoutRedirect(e){return Oa(this.initialized),Ma(),{}}logoutPopup(e){return Oa(this.initialized),Ma(),{}}ssoSilent(e){return Oa(this.initialized),Ma(),{}}getTokenCache(){return Oa(this.initialized),Ma(),{}}getLogger(){return this.logger}setLogger(e){Oa(this.initialized),Ma()}setActiveAccount(e){Oa(this.initialized),Ma()}getActiveAccount(){return Oa(this.initialized),Ma(),null}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){Oa(this.initialized),Ma()}getConfiguration(){return this.config}isBrowserEnv(){return Oa(this.initialized),Ma(),!0}getBrowserCrypto(){return Oa(this.initialized),Ma(),{}}getPerformanceClient(){return Oa(this.initialized),Ma(),{}}getRedirectResponse(){return Oa(this.initialized),Ma(),{}}async clearCache(e){Oa(this.initialized),Ma()}async hydrateCache(e,t){Oa(this.initialized),Ma()}}class Kl extends rc{getId(){return Kl.ID}getModuleName(){return Kl.MODULE_NAME}async initialize(){return!0}}Kl.MODULE_NAME="",Kl.ID="UnknownOperatingContext";class Gl{static async createPublicClientApplication(e){const t=await xl(e);let r;return r=null!==t?new Gl(e,t):new Gl(e),r}constructor(e,t){if(this.configuration=e,t)this.controller=t;else{const t=new Kl(e);this.controller=new zl(t)}}async initialize(){if(this.controller instanceof zl){const e=await xl(this.configuration);return null!==e&&(this.controller=e),this.controller.initialize()}return Promise.resolve()}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}enableAccountStorageEvents(){this.controller.enableAccountStorageEvents()}disableAccountStorageEvents(){this.controller.disableAccountStorageEvents()}getAccount(e){return this.controller.getAccount(e)}getAccountByHomeId(e){return this.controller.getAccountByHomeId(e)}getAccountByLocalId(e){return this.controller.getAccountByLocalId(e)}getAccountByUsername(e){return this.controller.getAccountByUsername(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logout(e){return this.controller.logout(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getTokenCache(){return this.controller.getTokenCache()}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}const $l={initialize:()=>Promise.reject(Ia(ma)),acquireTokenPopup:()=>Promise.reject(Ia(ma)),acquireTokenRedirect:()=>Promise.reject(Ia(ma)),acquireTokenSilent:()=>Promise.reject(Ia(ma)),acquireTokenByCode:()=>Promise.reject(Ia(ma)),getAllAccounts:()=>[],getAccount:()=>null,getAccountByHomeId:()=>null,getAccountByUsername:()=>null,getAccountByLocalId:()=>null,handleRedirectPromise:()=>Promise.reject(Ia(ma)),loginPopup:()=>Promise.reject(Ia(ma)),loginRedirect:()=>Promise.reject(Ia(ma)),logout:()=>Promise.reject(Ia(ma)),logoutRedirect:()=>Promise.reject(Ia(ma)),logoutPopup:()=>Promise.reject(Ia(ma)),ssoSilent:()=>Promise.reject(Ia(ma)),addEventCallback:()=>null,removeEventCallback:()=>{},addPerformanceCallback:()=>"",removePerformanceCallback:()=>!1,enableAccountStorageEvents:()=>{},disableAccountStorageEvents:()=>{},getTokenCache:()=>{throw Ia(ma)},getLogger:()=>{throw Ia(ma)},setLogger:()=>{},setActiveAccount:()=>{},getActiveAccount:()=>null,initializeWrapperLibrary:()=>{},setNavigationClient:()=>{},getConfiguration:()=>{throw Ia(ma)},hydrateCache:()=>Promise.reject(Ia(ma)),clearCache:()=>Promise.reject(Ia(ma))};function Ql(){let e;try{e=window[Cs.SessionStorage];const t=e?.getItem(Ja);if(1===Number(t))return Promise.resolve().then((function(){return Jl}))}catch(e){}}function jl(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.now}function Wl(e){if(e&&jl())return Math.round(window.performance.now()-e)}class Vl{constructor(e,t){this.correlationId=t,this.measureName=Vl.makeMeasureName(e,t),this.startMark=Vl.makeStartMark(e,t),this.endMark=Vl.makeEndMark(e,t)}static makeMeasureName(e,t){return`msal.measure.${e}.${t}`}static makeStartMark(e,t){return`msal.start.${e}.${t}`}static makeEndMark(e,t){return`msal.end.${e}.${t}`}static supportsBrowserPerformance(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.mark&&"function"==typeof window.performance.measure&&"function"==typeof window.performance.clearMarks&&"function"==typeof window.performance.clearMeasures&&"function"==typeof window.performance.getEntriesByName}static flushMeasurements(e,t){if(Vl.supportsBrowserPerformance())try{t.forEach((t=>{const r=Vl.makeMeasureName(t.name,e);window.performance.getEntriesByName(r,"measure").length>0&&(window.performance.clearMeasures(r),window.performance.clearMarks(Vl.makeStartMark(r,e)),window.performance.clearMarks(Vl.makeEndMark(r,e)))}))}catch(e){}}startMeasurement(){if(Vl.supportsBrowserPerformance())try{window.performance.mark(this.startMark)}catch(e){}}endMeasurement(){if(Vl.supportsBrowserPerformance())try{window.performance.mark(this.endMark),window.performance.measure(this.measureName,this.startMark,this.endMark)}catch(e){}}flushMeasurement(){if(Vl.supportsBrowserPerformance())try{const e=window.performance.getEntriesByName(this.measureName,"measure");if(e.length>0){const t=e[0].duration;return window.performance.clearMeasures(this.measureName),window.performance.clearMarks(this.startMark),window.performance.clearMarks(this.endMark),t}}catch(e){}return null}}var Jl=Object.freeze({__proto__:null,BrowserPerformanceMeasurement:Vl});e.AccountEntity=hr,e.ApiId=Ms,e.AuthError=Ce,e.AuthErrorCodes=me,e.AuthErrorMessage=ye,e.AuthenticationHeaderParser=class{constructor(e){this.headers=e}getShrNonce(){const e=this.headers[y];if(e){const t=this.parseChallenges(e);if(t.nextnonce)return t.nextnonce;throw Jt(xt)}const t=this.headers[f];if(t){const e=this.parseChallenges(t);if(e.nonce)return e.nonce;throw Jt(xt)}throw Jt(Ht)}parseChallenges(e){const r=e.indexOf(" "),n=e.substr(r+1).split(","),o={};return n.forEach((e=>{const[r,n]=e.split("=");o[r]=unescape(n.replace(/['"]+/g,t.EMPTY_STRING))})),o}}
68
- /*! @azure/msal-common v15.13.3 2025-12-04 */,e.AuthenticationScheme=W,e.AzureCloudInstance=It,e.BrowserAuthError=Xi,e.BrowserAuthErrorCodes=Wi,e.BrowserAuthErrorMessage=Yi,e.BrowserCacheLocation=Cs,e.BrowserConfigurationAuthError=va,e.BrowserConfigurationAuthErrorCodes=ya,e.BrowserConfigurationAuthErrorMessage=wa,e.BrowserPerformanceClient=class extends Jo{constructor(e,r,n){super(e.auth.clientId,e.auth.authority||`${t.DEFAULT_AUTHORITY}`,new Ct(e.system?.loggerOptions||{},Ga,$a),Ga,$a,e.telemetry?.application||{appName:"",appVersion:""},r,n)}generateId(){return oa()}getPageVisibility(){return document.visibilityState?.toString()||null}deleteIncompleteSubMeasurements(e){Ql()?.then((t=>{const r=this.eventsByCorrelationId.get(e.event.correlationId),n=r&&r.eventId===e.event.eventId,o=[];n&&r?.incompleteSubMeasurements&&r.incompleteSubMeasurements.forEach((e=>{o.push({...e})})),t.BrowserPerformanceMeasurement.flushMeasurements(e.event.correlationId,o)}))}startMeasurement(e,t){const r=this.getPageVisibility(),n=super.startMeasurement(e,t),o=jl()?window.performance.now():void 0,i=Ql()?.then((t=>new t.BrowserPerformanceMeasurement(e,n.event.correlationId)));return i?.then((e=>e.startMeasurement())),{...n,end:(e,t,s)=>{const a=n.end({...e,startPageVisibility:r,endPageVisibility:this.getPageVisibility(),durationMs:Wl(o)},t,s);return i?.then((e=>e.endMeasurement())),this.deleteIncompleteSubMeasurements(n),a},discard:()=>{n.discard(),i?.then((e=>e.flushMeasurement())),this.deleteIncompleteSubMeasurements(n)}}}setPreQueueTime(e,t){if(!jl())return void this.logger.trace(`BrowserPerformanceClient: window performance API not available, unable to set telemetry queue time for ${e}`);if(!t)return void this.logger.trace(`BrowserPerformanceClient: correlationId for ${e} not provided, unable to set telemetry queue time`);const r=this.preQueueTimeByCorrelationId.get(t);r&&(this.logger.trace(`BrowserPerformanceClient: Incomplete pre-queue ${r.name} found`,t),this.addQueueMeasurement(r.name,t,void 0,!0)),this.preQueueTimeByCorrelationId.set(t,{name:e,time:window.performance.now()})}addQueueMeasurement(e,t,r,n){if(!jl())return void this.logger.trace(`BrowserPerformanceClient: window performance API not available, unable to add queue measurement for ${e}`);if(!t)return void this.logger.trace(`BrowserPerformanceClient: correlationId for ${e} not provided, unable to add queue measurement`);const o=super.getPreQueueTime(e,t);if(!o)return;const i=window.performance.now(),s=r||super.calculateQueuedTime(o,i);return super.addQueueMeasurement(e,t,s,n)}},e.BrowserPerformanceMeasurement=Vl,e.BrowserUtils=Ha,e.CacheLookupPolicy=Ds,e.ClientAuthError=pt,e.ClientAuthErrorCodes=dt,e.ClientAuthErrorMessage=gt,e.ClientConfigurationError=Vt,e.ClientConfigurationErrorCodes=Qt,e.ClientConfigurationErrorMessage=Wt,e.DEFAULT_IFRAME_TIMEOUT_MS=Ka,e.EventHandler=Fc,e.EventMessageUtils=class{static getInteractionStatusFromEvent(t,r){switch(t.eventType){case _c.LOGIN_START:return qs.Login;case _c.SSO_SILENT_START:return qs.SsoSilent;case _c.ACQUIRE_TOKEN_START:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup)return qs.AcquireToken;break;case _c.HANDLE_REDIRECT_START:return qs.HandleRedirect;case _c.LOGOUT_START:return qs.Logout;case _c.SSO_SILENT_SUCCESS:case _c.SSO_SILENT_FAILURE:if(r&&r!==qs.SsoSilent)break;return qs.None;case _c.LOGOUT_END:if(r&&r!==qs.Logout)break;return qs.None;case _c.HANDLE_REDIRECT_END:if(r&&r!==qs.HandleRedirect)break;return qs.None;case _c.LOGIN_SUCCESS:case _c.LOGIN_FAILURE:case _c.ACQUIRE_TOKEN_SUCCESS:case _c.ACQUIRE_TOKEN_FAILURE:case _c.RESTORE_FROM_BFCACHE:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup){if(r&&r!==qs.Login&&r!==qs.AcquireToken)break;return qs.None}}return null}},e.EventType=_c,e.InteractionRequiredAuthError=Ao,e.InteractionRequiredAuthErrorCodes=Co,e.InteractionRequiredAuthErrorMessage=To,e.InteractionStatus=qs,e.JsonWebTokenTypes=ue,e.LocalStorage=Ec,e.Logger=Ct,e.MemoryStorage=mc,e.NavigationClient=xa,e.OIDC_DEFAULT_SCOPES=h,e.PerformanceEvents=Or,e.PromptValue=b,e.ProtocolMode=lr,e.PublicClientApplication=Bl,e.PublicClientNext=Gl,e.ServerError=no,e.ServerResponseType=_,e.SessionStorage=Rc,e.SignedHttpRequest=class{constructor(e,t){const r=t&&t.loggerOptions||{};this.logger=new Ct(r,Ga,$a),this.cryptoOps=new yc(this.logger),this.popTokenGenerator=new Ro(this.cryptoOps),this.shrParameters=e}async generatePublicKeyThumbprint(){const{kid:e}=await this.popTokenGenerator.generateKid(this.shrParameters);return e}async signRequest(e,t,r){return this.popTokenGenerator.signPayload(e,t,this.shrParameters,r)}async removeKeys(e){return this.cryptoOps.removeTokenBindingKey(e).then((()=>!0)).catch((e=>{if(e instanceof pt&&e.errorCode===rt)return!1;throw e}))}},e.StringUtils=Yt,e.StubPerformanceClient=Hr,e.UrlString=wr,e.WrapperSKU={React:"@azure/msal-react",Angular:"@azure/msal-angular"},e.createNestablePublicClientApplication=async function(e){const t=new uc(e);if(await t.initialize(),t.isAvailable()){const r=new Hl(t),n=new Bl(e,r);return await n.initialize(),n}return Fl(e)},e.createStandardPublicClientApplication=Fl,e.isPlatformBrokerAvailable=async function(e,t,r,n){const o=new Ct(e||{},Ga,$a);o.trace("isPlatformBrokerAvailable called");const i=t||new Hr;return"undefined"==typeof window?(o.trace("Non-browser environment detected, returning false"),!1):!!await fl(o,i,r||oa(),void 0,n)},e.stubbedPublicClientApplication=$l,e.version=$a}));
1
+ /*! @azure/msal-browser v5.0.0-beta.0 2025-12-05 */
2
+ "use strict";!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).msal={})}(this,(function(e){const t="https://login.microsoftonline.com/common/",r="common",n=`${t}discovery/instance?api-version=1.1&authorization_endpoint=`,o=".ciamlogin.com",i="openid",s="profile",a="offline_access",c="S256",h="Not Available",l="http://169.254.169.254/metadata/instance/compute/location",d=["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"],u="GET",g="POST",p=[i,s,a],m=[...p,"email"],f="Content-Type",y="Content-Length",w="Retry-After",I="X-AnchorMailbox",C="WWW-Authenticate",v="Authentication-Info",k="x-ms-request-id",T="x-ms-httpver",b="active-account-filters",A="common",S="organizations",_="consumers",E="access_token",P="xms_cc",R={LOGIN:"login",SELECT_ACCOUNT:"select_account",CONSENT:"consent",NONE:"none",CREATE:"create",NO_SESSION:"no_session"},O="code",M="id_token token refresh_token",x={QUERY:"query",FRAGMENT:"fragment",FORM_POST:"form_post"},q="authorization_code",N="refresh_token",U="Generic",L={ID_TOKEN:"IdToken",ACCESS_TOKEN:"AccessToken",ACCESS_TOKEN_WITH_AUTH_SCHEME:"AccessToken_With_AuthScheme",REFRESH_TOKEN:"RefreshToken"},H="appmetadata",D="1",F="authority-metadata",K="config",B="cache",z="network",j="hardcoded_values",$=5,J="server-telemetry",W=",",G={BEARER:"Bearer",POP:"pop",SSH:"ssh-cert"},Q="throttling",V="1",X="3",Y="4",Z="2",ee="4",te="5",re="0",ne="1",oe="2",ie="3",se="4",ae={Jwt:"JWT",Jwk:"JWK",Pop:"pop"},ce="client_id",he="redirect_uri",le="token_type",de="req_cnf",ue="return_spa_code",ge="x-client-xtra-sku",pe="brk_client_id",me="brk_redirect_uri",fe="instance_aware";function ye(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class we extends Error{constructor(e,t,r){const n=t||(e?ye(e):"");super(n?`${e}: ${n}`:e),Object.setPrototypeOf(this,we.prototype),this.errorCode=e||"",this.errorMessage=n||"",this.subError=r||"",this.name="AuthError"}setCorrelationId(e){this.correlationId=e}}function Ie(e,t){return new we(e,t||ye(e))}class Ce extends we{constructor(e){super(e),this.name="ClientConfigurationError",Object.setPrototypeOf(this,Ce.prototype)}}function ve(e){return new Ce(e)}class ke{static isEmptyObj(e){if(e)try{const t=JSON.parse(e);return 0===Object.keys(t).length}catch(e){}return!0}static startsWith(e,t){return 0===e.indexOf(t)}static endsWith(e,t){return e.length>=t.length&&e.lastIndexOf(t)===e.length-t.length}static queryStringToObject(e){const t={},r=e.split("&"),n=e=>decodeURIComponent(e.replace(/\+/g," "));return r.forEach((e=>{if(e.trim()){const[r,o]=e.split(/=(.+)/g,2);r&&o&&(t[n(r)]=n(o))}})),t}static trimArrayEntries(e){return e.map((e=>e.trim()))}static removeEmptyStringsFromArray(e){return e.filter((e=>!!e))}static jsonParseHelper(e){try{return JSON.parse(e)}catch(e){return null}}static matchPattern(e,t){return new RegExp(e.replace(/\\/g,"\\\\").replace(/\*/g,"[^ ]*").replace(/\?/g,"\\?")).test(t)}}class Te extends we{constructor(e,t){super(e,t),this.name="ClientAuthError",Object.setPrototypeOf(this,Te.prototype)}}function be(e,t){return new Te(e,t)}const Ae="redirect_uri_empty",Se="authority_uri_insecure",_e="url_parse_error",Ee="empty_url_error",Pe="empty_input_scopes_error",Re="invalid_claims",Oe="token_request_empty",Me="logout_request_empty",xe="pkce_params_missing",qe="invalid_cloud_discovery_metadata",Ne="invalid_authority_metadata",Ue="untrusted_authority",Le="missing_ssh_jwk",He="missing_ssh_kid",De="missing_nonce_authentication_header",Fe="invalid_authentication_header",Ke="cannot_set_OIDCOptions",Be="cannot_allow_platform_broker",ze="authority_mismatch",je="invalid_request_method_for_EAR";var $e=Object.freeze({__proto__:null,authorityMismatch:ze,authorityUriInsecure:Se,cannotAllowPlatformBroker:Be,cannotSetOIDCOptions:Ke,claimsRequestParsingError:"claims_request_parsing_error",emptyInputScopesError:Pe,invalidAuthenticationHeader:Fe,invalidAuthorityMetadata:Ne,invalidClaims:Re,invalidCloudDiscoveryMetadata:qe,invalidCodeChallengeMethod:"invalid_code_challenge_method",invalidRequestMethodForEAR:je,logoutRequestEmpty:Me,missingNonceAuthenticationHeader:De,missingSshJwk:Le,missingSshKid:He,pkceParamsMissing:xe,redirectUriEmpty:Ae,tokenRequestEmpty:Oe,untrustedAuthority:Ue,urlEmptyError:Ee,urlParseError:_e});const Je="client_info_decoding_error",We="client_info_empty_error",Ge="token_parsing_error",Qe="null_or_empty_token",Ve="endpoints_resolution_error",Xe="network_error",Ye="openid_config_error",Ze="hash_not_deserialized",et="invalid_state",tt="state_mismatch",rt="state_not_found",nt="nonce_mismatch",ot="auth_time_not_found",it="max_age_transpired",st="multiple_matching_appMetadata",at="request_cannot_be_made",ct="cannot_remove_empty_scope",ht="cannot_append_scopeset",lt="empty_input_scopeset",dt="no_account_in_silent_request",ut="invalid_cache_record",gt="invalid_cache_environment",pt="no_account_found",mt="no_crypto_object",ft="token_refresh_required",yt="token_claims_cnf_required_for_signedjwt",wt="authorization_code_missing_from_server_response",It="binding_key_not_removed",Ct="end_session_endpoint_not_supported",vt="key_id_missing",kt="no_network_connectivity",Tt="user_canceled",bt="method_not_implemented",At="nested_app_auth_bridge_disabled";var St=Object.freeze({__proto__:null,authTimeNotFound:ot,authorizationCodeMissingFromServerResponse:wt,bindingKeyNotRemoved:It,cannotAppendScopeSet:ht,cannotRemoveEmptyScope:ct,clientInfoDecodingError:Je,clientInfoEmptyError:We,emptyInputScopeSet:lt,endSessionEndpointNotSupported:Ct,endpointResolutionError:Ve,hashNotDeserialized:Ze,invalidCacheEnvironment:gt,invalidCacheRecord:ut,invalidState:et,keyIdMissing:vt,maxAgeTranspired:it,methodNotImplemented:bt,multipleMatchingAppMetadata:st,multipleMatchingTokens:"multiple_matching_tokens",nestedAppAuthBridgeDisabled:At,networkError:Xe,noAccountFound:pt,noAccountInSilentRequest:dt,noCryptoObject:mt,noNetworkConnectivity:kt,nonceMismatch:nt,nullOrEmptyToken:Qe,openIdConfigError:Ye,platformBrokerError:"platform_broker_error",requestCannotBeMade:at,stateMismatch:tt,stateNotFound:rt,tokenClaimsCnfRequiredForSignedJwt:yt,tokenParsingError:Ge,tokenRefreshRequired:ft,unexpectedCredentialType:"unexpected_credential_type",userCanceled:Tt});class _t{constructor(e){const t=e?ke.trimArrayEntries([...e]):[],r=t?ke.removeEmptyStringsFromArray(t):[];if(!r||!r.length)throw ve(Pe);this.scopes=new Set,r.forEach((e=>this.scopes.add(e)))}static fromString(e){const t=(e||"").split(" ");return new _t(t)}static createSearchScopes(e){const t=e&&e.length>0?e:[...p],r=new _t(t);return r.containsOnlyOIDCScopes()?r.removeScope(a):r.removeOIDCScopes(),r}containsScope(e){const t=this.printScopesLowerCase().split(" "),r=new _t(t);return!!e&&r.scopes.has(e.toLowerCase())}containsScopeSet(e){return!(!e||e.scopes.size<=0)&&(this.scopes.size>=e.scopes.size&&e.asArray().every((e=>this.containsScope(e))))}containsOnlyOIDCScopes(){let e=0;return m.forEach((t=>{this.containsScope(t)&&(e+=1)})),this.scopes.size===e}appendScope(e){e&&this.scopes.add(e.trim())}appendScopes(e){try{e.forEach((e=>this.appendScope(e)))}catch(e){throw be(ht)}}removeScope(e){if(!e)throw be(ct);this.scopes.delete(e.trim())}removeOIDCScopes(){m.forEach((e=>{this.scopes.delete(e)}))}unionScopeSets(e){if(!e)throw be(lt);const t=new Set;return e.scopes.forEach((e=>t.add(e.toLowerCase()))),this.scopes.forEach((e=>t.add(e.toLowerCase()))),t}intersectingScopeSets(e){if(!e)throw be(lt);e.containsOnlyOIDCScopes()||e.removeOIDCScopes();const t=this.unionScopeSets(e),r=e.getScopeCount(),n=this.getScopeCount();return t.size<n+r}getScopeCount(){return this.scopes.size}asArray(){const e=[];return this.scopes.forEach((t=>e.push(t))),e}printScopes(){if(this.scopes){return this.asArray().join(" ")}return""}printScopesLowerCase(){return this.printScopes().toLowerCase()}}function Et(e,t,r){if(!t)return;const n=e.get(ce);n&&e.has(pe)&&r?.addFields({embeddedClientId:n,embeddedRedirectUri:e.get(he)},t)}function Pt(e,t){e.set("response_type",t)}function Rt(e,t,r=!0,n=p){!r||n.includes("openid")||t.includes("openid")||n.push("openid");const o=r?[...t||[],...n]:t||[],i=new _t(o);e.set("scope",i.printScopes())}function Ot(e,t){e.set(ce,t)}function Mt(e,t){e.set(he,t)}function xt(e,t){e.set("login_hint",t)}function qt(e,t){e.set(I,`UPN:${t}`)}function Nt(e,t){e.set(I,`Oid:${t.uid}@${t.utid}`)}function Ut(e,t){e.set("sid",t)}function Lt(e,t,r){const n=Vt(t,r);try{JSON.parse(n)}catch(e){throw ve(Re)}e.set("claims",n)}function Ht(e,t){e.set("client-request-id",t)}function Dt(e,t){e.set("x-client-SKU",t.sku),e.set("x-client-VER",t.version),t.os&&e.set("x-client-OS",t.os),t.cpu&&e.set("x-client-CPU",t.cpu)}function Ft(e,t){t?.appName&&e.set("x-app-name",t.appName),t?.appVersion&&e.set("x-app-ver",t.appVersion)}function Kt(e,t){t&&e.set("state",t)}function Bt(e,t,r){if(!t||!r)throw ve(xe);e.set("code_challenge",t),e.set("code_challenge_method",r)}function zt(e,t){e.set("client_secret",t)}function jt(e,t){t&&e.set("client_assertion",t)}function $t(e,t){t&&e.set("client_assertion_type",t)}function Jt(e,t){e.set("grant_type",t)}function Wt(e){e.set("client_info","1")}function Gt(e){e.has(fe)||e.set(fe,"true")}function Qt(e,t){Object.entries(t).forEach((([t,r])=>{!e.has(t)&&r&&e.set(t,r)}))}function Vt(e,t){let r;if(e)try{r=JSON.parse(e)}catch(e){throw ve(Re)}else r={};return t&&t.length>0&&(r.hasOwnProperty(E)||(r[E]={}),r[E][P]={values:t}),JSON.stringify(r)}function Xt(e,t){t&&(e.set(le,G.POP),e.set(de,t))}function Yt(e,t){t&&(e.set(le,G.SSH),e.set(de,t))}function Zt(e,t){e.set("x-client-current-telemetry",t.generateCurrentRequestHeaderValue()),e.set("x-client-last-telemetry",t.generateLastRequestHeaderValue())}function er(e){e.set("x-ms-lib-capability","retry-after, h429")}function tr(e,t,r){e.has(pe)||e.set(pe,t),e.has(me)||e.set(me,r)}function rr(e){if(!e)return e;let t=e.toLowerCase();return ke.endsWith(t,"?")?t=t.slice(0,-1):ke.endsWith(t,"?/")&&(t=t.slice(0,-2)),ke.endsWith(t,"/")||(t+="/"),t}function nr(e){return e.startsWith("#/")?e.substring(2):e.startsWith("#")||e.startsWith("?")?e.substring(1):e}function or(e){if(!e||e.indexOf("=")<0)return null;try{const t=nr(e),r=Object.fromEntries(new URLSearchParams(t));if(r.code||r.ear_jwe||r.error||r.error_description||r.state)return r}catch(e){throw be(Ze)}return null}function ir(e){const t=new Array;return e.forEach(((e,r)=>{t.push(`${r}=${encodeURIComponent(e)}`)})),t.join("&")}function sr(e){if(!e)return e;const t=e.split("#")[0];try{const e=new URL(t);return rr(e.origin+e.pathname+e.search)}catch(e){return rr(t)}}const ar={createNewGuid:()=>{throw be(bt)},base64Decode:()=>{throw be(bt)},base64Encode:()=>{throw be(bt)},base64UrlEncode:()=>{throw be(bt)},encodeKid:()=>{throw be(bt)},async getPublicKeyThumbprint(){throw be(bt)},async removeTokenBindingKey(){throw be(bt)},async clearKeystore(){throw be(bt)},async signJwt(){throw be(bt)},async hashString(){throw be(bt)}};var cr;e.LogLevel=void 0,(cr=e.LogLevel||(e.LogLevel={}))[cr.Error=0]="Error",cr[cr.Warning=1]="Warning",cr[cr.Info=2]="Info",cr[cr.Verbose=3]="Verbose",cr[cr.Trace=4]="Trace";const hr=new Map;function lr(e,t){const r=Date.now();let n=hr.get(e);if(n)!function(e,t){hr.delete(e),hr.set(e,t)}(e,n);else if(n={logs:[],firstEventTime:r},hr.set(e,n),hr.size>50){const e=hr.keys().next().value;e&&hr.delete(e)}n.logs.push({...t,milliseconds:r-n.firstEventTime}),n.logs.length>500&&n.logs.shift()}class dr{constructor(t,r,n){this.level=e.LogLevel.Info;const o=t||dr.createDefaultLoggerOptions();this.localCallback=o.loggerCallback||(()=>{}),this.piiLoggingEnabled=o.piiLoggingEnabled||!1,this.level="number"==typeof o.logLevel?o.logLevel:e.LogLevel.Info,this.packageName=r||"",this.packageVersion=n||""}static createDefaultLoggerOptions(){return{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info}}clone(e,t){return new dr({loggerCallback:this.localCallback,piiLoggingEnabled:this.piiLoggingEnabled,logLevel:this.level},e,t)}logMessage(t,r){const n=r.correlationId;if(function(e){if(6!==e.length)return!1;for(let t=0;t<e.length;t++){const r=e[t];if(!(r>="a"&&r<="z"||r>="A"&&r<="Z"||r>="0"&&r<="9"))return!1}return!0}(t)){lr(n,{hash:t,level:r.logLevel,containsPii:r.containsPii||!1,milliseconds:0})}if(r.logLevel>this.level||!this.piiLoggingEnabled&&r.containsPii)return;const o=`${`[${(new Date).toUTCString()}] : [${n}]`} : ${this.packageName}@${this.packageVersion} : ${e.LogLevel[r.logLevel]} - ${t}`;this.executeCallback(r.logLevel,o,r.containsPii||!1)}executeCallback(e,t,r){this.localCallback&&this.localCallback(e,t,r)}error(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!1,correlationId:r})}errorPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!0,correlationId:r})}warning(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!1,correlationId:r})}warningPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!0,correlationId:r})}info(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!1,correlationId:r})}infoPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!0,correlationId:r})}verbose(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!1,correlationId:r})}verbosePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!0,correlationId:r})}trace(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!1,correlationId:r})}tracePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!0,correlationId:r})}isPiiLoggingEnabled(){return this.piiLoggingEnabled||!1}}const ur="@azure/msal-common",gr="16.0.0-beta.0",pr={None:"none",AzurePublic:"https://login.microsoftonline.com",AzurePpe:"https://login.windows-ppe.net",AzureChina:"https://login.chinacloudapi.cn",AzureGermany:"https://login.microsoftonline.de",AzureUsGovernment:"https://login.microsoftonline.us"};function mr(e,t){return!!e&&!!t&&e===t.split(".")[1]}function fr(e,t,r,n){if(n){const{oid:t,sub:r,tid:o,name:i,tfp:s,acr:a,preferred_username:c,upn:h,login_hint:l}=n,d=o||s||a||"";return{tenantId:d,localAccountId:t||r||"",name:i,username:c||h||"",loginHint:l,isHomeTenant:mr(d,e)}}return{tenantId:r,localAccountId:t,username:"",isHomeTenant:mr(r,e)}}function yr(e,t,r,n){let o=e;if(t){const{isHomeTenant:r,...n}=t;o={...e,...n}}if(r){const{isHomeTenant:t,...i}=fr(e.homeAccountId,e.localAccountId,e.tenantId,r);return o={...o,...i,idTokenClaims:r,idToken:n},o}return o}function wr(e,t){const r=function(e){if(!e)throw be(Qe);const t=/^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/.exec(e);if(!t||t.length<4)throw be(Ge);return t[2]}(e);try{const e=t(r);return JSON.parse(e)}catch(e){throw be(Ge)}}function Ir(e){if(!e.signin_state)return!1;const t=["kmsi","dvc_dmjd"];return e.signin_state.some((e=>t.includes(e.trim().toLowerCase())))}function Cr(e,t){if(0===t||Date.now()-3e5>e+t)throw be(it)}class vr{get urlString(){return this._urlString}constructor(e){if(this._urlString=e,!this._urlString)throw ve(Ee);e.includes("#")||(this._urlString=vr.canonicalizeUri(e))}static canonicalizeUri(e){if(e){let t=e.toLowerCase();return ke.endsWith(t,"?")?t=t.slice(0,-1):ke.endsWith(t,"?/")&&(t=t.slice(0,-2)),ke.endsWith(t,"/")||(t+="/"),t}return e}validateAsUri(){let e;try{e=this.getUrlComponents()}catch(e){throw ve(_e)}if(!e.HostNameAndPort||!e.PathSegments)throw ve(_e);if(!e.Protocol||"https:"!==e.Protocol.toLowerCase())throw ve(Se)}static appendQueryString(e,t){return t?e.indexOf("?")<0?`${e}?${t}`:`${e}&${t}`:e}static removeHashFromUrl(e){return vr.canonicalizeUri(e.split("#")[0])}replaceTenantPath(e){const t=this.getUrlComponents(),r=t.PathSegments;return!e||0===r.length||r[0]!==A&&r[0]!==S||(r[0]=e),vr.constructAuthorityUriFromObject(t)}getUrlComponents(){const e=RegExp("^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?"),t=this.urlString.match(e);if(!t)throw ve(_e);const r={Protocol:t[1],HostNameAndPort:t[4],AbsolutePath:t[5],QueryString:t[7]};let n=r.AbsolutePath.split("/");return n=n.filter((e=>e&&e.length>0)),r.PathSegments=n,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(e){const t=RegExp("^([^:/?#]+://)?([^/?#]*)"),r=e.match(t);if(!r)throw ve(_e);return r[2]}static getAbsoluteUrl(e,t){if("/"===e[0]){const r=new vr(t).getUrlComponents();return r.Protocol+"//"+r.HostNameAndPort+e}return e}static constructAuthorityUriFromObject(e){return new vr(e.Protocol+"//"+e.HostNameAndPort+"/"+e.PathSegments.join("/"))}}const kr={endpointMetadata:[{host:"login.microsoftonline.com"},{host:"login.chinacloudapi.cn",issuerHost:"login.partner.microsoftonline.cn"},{host:"login.microsoftonline.us"},{host:"login.sovcloud-identity.fr"},{host:"login.sovcloud-identity.de"},{host:"login.sovcloud-identity.sg"}].reduce(((e,{host:t,issuerHost:r})=>(e[t]=function(e,t){return{token_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/token`,jwks_uri:`https://${e}/{tenantid}/discovery/v2.0/keys`,issuer:`https://${t}/{tenantid}/v2.0`,authorization_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/authorize`,end_session_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/logout`}}(t,r||t),e)),{}),instanceDiscoveryMetadata:{metadata:[{preferred_network:"login.microsoftonline.com",preferred_cache:"login.windows.net",aliases:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{preferred_network:"login.partner.microsoftonline.cn",preferred_cache:"login.partner.microsoftonline.cn",aliases:["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{preferred_network:"login.microsoftonline.de",preferred_cache:"login.microsoftonline.de",aliases:["login.microsoftonline.de"]},{preferred_network:"login.microsoftonline.us",preferred_cache:"login.microsoftonline.us",aliases:["login.microsoftonline.us","login.usgovcloudapi.net"]},{preferred_network:"login-us.microsoftonline.com",preferred_cache:"login-us.microsoftonline.com",aliases:["login-us.microsoftonline.com"]}]}},Tr=kr.endpointMetadata,br=kr.instanceDiscoveryMetadata,Ar=new Set;function Sr(e,t,r,n,o){if(e.trace("1bmquz",t),r&&n){const o=_r(n,r);if(o)return e.trace("1fotbt",t),o.aliases;e.trace("14avvj",t)}return null}function _r(e,t){for(let r=0;r<e.length;r++){const n=e[r];if(n.aliases.includes(t))return n}return null}br.metadata.forEach((e=>{e.aliases.forEach((e=>{Ar.add(e)}))}));const Er="cache_quota_exceeded";class Pr extends Error{constructor(e,t){const r=t||ye(e);super(r),Object.setPrototypeOf(this,Pr.prototype),this.name="CacheError",this.errorCode=e,this.errorMessage=r}}function Rr(e){return e instanceof Error?"QuotaExceededError"===e.name||"NS_ERROR_DOM_QUOTA_REACHED"===e.name||e.message.includes("exceeded the quota")?new Pr(Er):new Pr(e.name,e.message):new Pr("cache_error_unknown")}function Or(e,t){if(!e)throw be(We);try{const r=t(e);return JSON.parse(r)}catch(e){throw be(Je)}}function Mr(e){if(!e)throw be(Je);const t=e.split(".",2);return{uid:t[0],utid:t.length<2?"":t[1]}}const xr=0,qr=1,Nr=2,Ur=3;function Lr(e){if(e){return e.tid||e.tfp||e.acr||null}return null}const Hr={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"};function Dr(e){return{homeAccountId:e.homeAccountId,environment:e.environment,tenantId:e.realm,username:e.username,localAccountId:e.localAccountId,loginHint:e.loginHint,name:e.name,nativeAccountId:e.nativeAccountId,authorityType:e.authorityType,tenantProfiles:new Map((e.tenantProfiles||[]).map((e=>[e.tenantId,e]))),dataBoundary:e.dataBoundary}}function Fr(e,t,r){return{authorityType:e.authorityType||U,homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,nativeAccountId:e.nativeAccountId,realm:e.tenantId,environment:e.environment,username:e.username,loginHint:e.loginHint,name:e.name,cloudGraphHostName:t,msGraphHost:r,tenantProfiles:Array.from(e.tenantProfiles?.values()||[]),dataBoundary:e.dataBoundary}}function Kr(e,t,r,n,o,i){if(t!==qr&&t!==Nr){if(e)try{const t=Or(e,n.base64Decode);if(t.uid&&t.utid)return`${t.uid}.${t.utid}`}catch(e){}r.warning("1ub6wv",o)}return i?.sub||""}class Br{constructor(e,t,r,n,o){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(ur,gr),this.staticAuthorityOptions=o,this.performanceClient=n}getAllAccounts(e={},t){return this.buildTenantProfiles(this.getAccountsFilteredBy(e,t),t,e)}getAccountInfoFilteredBy(e,t){const r=this.getAllAccounts(e,t);if(r.length>1){return r.sort((e=>e.idTokenClaims?-1:1))[0]}return 1===r.length?r[0]:null}getBaseAccountInfo(e,t){const r=this.getAccountsFilteredBy(e,t);return r.length>0?Dr(r[0]):null}buildTenantProfiles(e,t,r){return e.flatMap((e=>this.getTenantProfilesFromAccountEntity(e,t,r?.tenantId,r)))}getTenantedAccountInfoByFilter(e,t,r,n,o){let i,s=null;if(o&&!this.tenantProfileMatchesFilter(r,o))return null;const a=this.getIdToken(e,n,t,r.tenantId);return a&&(i=wr(a.secret,this.cryptoImpl.base64Decode),!this.idTokenClaimsMatchTenantProfileFilter(i,o))?null:(s=yr(e,r,i,a?.secret),s)}getTenantProfilesFromAccountEntity(e,t,r,n){const o=Dr(e);let i=o.tenantProfiles||new Map;const s=this.getTokenKeys();if(r){const e=i.get(r);if(!e)return[];i=new Map([[r,e]])}const a=[];return i.forEach((e=>{const r=this.getTenantedAccountInfoByFilter(o,s,e,t,n);r&&a.push(r)})),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId))&&((!t.name||e.name===t.name)&&(void 0===t.isHomeTenant||e.isHomeTenant===t.isHomeTenant))}idTokenClaimsMatchTenantProfileFilter(e,t){if(t){if(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId))return!1;if(t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint))return!1;if(t.username&&!this.matchUsername(e.preferred_username,t.username))return!1;if(t.name&&!this.matchName(e,t.name))return!1;if(t.sid&&!this.matchSid(e,t.sid))return!1}return!0}async saveCacheRecord(e,t,r,n){if(!e)throw be(ut);try{e.account&&await this.setAccount(e.account,t,r),e.idToken&&!1!==n?.idToken&&await this.setIdTokenCredential(e.idToken,t,r),e.accessToken&&!1!==n?.accessToken&&await this.saveAccessToken(e.accessToken,t,r),e.refreshToken&&!1!==n?.refreshToken&&await this.setRefreshTokenCredential(e.refreshToken,t,r),e.appMetadata&&this.setAppMetadata(e.appMetadata,t)}catch(e){throw this.commonLogger?.error("0j476p",t),e instanceof we?e:Rr(e)}}async saveAccessToken(e,t,r){const n={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType},o=this.getTokenKeys(),i=_t.fromString(e.target);o.accessToken.forEach((e=>{if(!this.accessTokenKeyMatchesFilter(e,n,!1))return;const r=this.getAccessTokenCredential(e,t);if(r&&this.credentialMatchesFilter(r,n,t)){_t.fromString(r.target).intersectingScopeSets(i)&&this.removeAccessToken(e,t)}})),await this.setAccessTokenCredential(e,t,r)}getAccountsFilteredBy(e,t){const r=this.getAccountKeys(),n=[];return r.forEach((r=>{const o=this.getAccount(r,t);if(!o)return;if(e.homeAccountId&&!this.matchHomeAccountId(o,e.homeAccountId))return;if(e.username&&!this.matchUsername(o.username,e.username))return;if(e.environment&&!this.matchEnvironment(o,e.environment,t))return;if(e.realm&&!this.matchRealm(o,e.realm))return;if(e.nativeAccountId&&!this.matchNativeAccountId(o,e.nativeAccountId))return;if(e.authorityType&&!this.matchAuthorityType(o,e.authorityType))return;const i={localAccountId:e?.localAccountId,name:e?.name},s=o.tenantProfiles?.filter((e=>this.tenantProfileMatchesFilter(e,i)));s&&0===s.length||n.push(o)})),n}credentialMatchesFilter(e,t,r){if(t.clientId&&!this.matchClientId(e,t.clientId))return!1;if(t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash))return!1;if("string"==typeof t.homeAccountId&&!this.matchHomeAccountId(e,t.homeAccountId))return!1;if(t.environment&&!this.matchEnvironment(e,t.environment,r))return!1;if(t.realm&&!this.matchRealm(e,t.realm))return!1;if(t.credentialType&&!this.matchCredentialType(e,t.credentialType))return!1;if(t.familyId&&!this.matchFamilyId(e,t.familyId))return!1;if(t.target&&!this.matchTarget(e,t.target))return!1;if(e.credentialType===L.ACCESS_TOKEN_WITH_AUTH_SCHEME){if(t.tokenType&&!this.matchTokenType(e,t.tokenType))return!1;if(t.tokenType===G.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId))return!1}return!0}getAppMetadataFilteredBy(e,t){const r=this.getKeys(),n={};return r.forEach((r=>{if(!this.isAppMetadata(r))return;const o=this.getAppMetadata(r,t);o&&(e.environment&&!this.matchEnvironment(o,e.environment,t)||e.clientId&&!this.matchClientId(o,e.clientId)||(n[r]=o))})),n}getAuthorityMetadataByAlias(e,t){const r=this.getAuthorityMetadataKeys();let n=null;return r.forEach((r=>{if(!this.isAuthorityMetadata(r)||-1===r.indexOf(this.clientId))return;const o=this.getAuthorityMetadata(r,t);o&&-1!==o.aliases.indexOf(e)&&(n=o)})),n}removeAllAccounts(e){this.getAllAccounts({},e).forEach((t=>{this.removeAccount(t,e)}))}removeAccount(e,t){this.removeAccountContext(e,t);this.getAccountKeys().filter((t=>t.includes(e.homeAccountId)&&t.includes(e.environment))).forEach((e=>{this.removeItem(e,t),this.performanceClient.incrementFields({accountsRemoved:1},t)}))}removeAccountContext(e,t){const r=this.getTokenKeys(),n=t=>t.includes(e.homeAccountId)&&t.includes(e.environment);r.idToken.filter(n).forEach((e=>{this.removeIdToken(e,t)})),r.accessToken.filter(n).forEach((e=>{this.removeAccessToken(e,t)})),r.refreshToken.filter(n).forEach((e=>{this.removeRefreshToken(e,t)}))}removeAccessToken(e,t){const r=this.getAccessTokenCredential(e,t);if(r&&(this.removeItem(e,t),this.performanceClient.incrementFields({accessTokensRemoved:1},t),r.credentialType.toLowerCase()===L.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()&&r.tokenType===G.POP)){const e=r.keyId;e&&this.cryptoImpl.removeTokenBindingKey(e,t).catch((()=>{this.commonLogger.error("0cx291",t),this.performanceClient?.incrementFields({removeTokenBindingKeyFailure:1},t)}))}}removeAppMetadata(e){return this.getKeys().forEach((t=>{this.isAppMetadata(t)&&this.removeItem(t,e)})),!0}getIdToken(e,t,r,n){this.commonLogger.trace("1drz22",t);const o={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:L.ID_TOKEN,clientId:this.clientId,realm:n},i=this.getIdTokensByFilter(o,t,r),s=i.size;if(s<1)return this.commonLogger.info("1atvtd",t),null;if(s>1){let r=i;if(!n){const n=new Map;i.forEach(((t,r)=>{t.realm===e.tenantId&&n.set(r,t)}));const o=n.size;if(o<1)return this.commonLogger.info("0ooalx",t),i.values().next().value;if(1===o)return this.commonLogger.info("1eq2vc",t),n.values().next().value;r=n}return this.commonLogger.info("1ws328",t),r.forEach(((e,r)=>{this.removeIdToken(r,t)})),this.performanceClient.addFields({multiMatchedID:i.size},t),null}return this.commonLogger.info("1sm769",t),i.values().next().value}getIdTokensByFilter(e,t,r){const n=r&&r.idToken||this.getTokenKeys().idToken,o=new Map;return n.forEach((r=>{if(!this.idTokenKeyMatchesFilter(r,{clientId:this.clientId,...e}))return;const n=this.getIdTokenCredential(r,t);n&&this.credentialMatchesFilter(n,e,t)&&o.set(r,n)})),o}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.clientId||-1!==r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase()))}removeIdToken(e,t){this.removeItem(e,t)}removeRefreshToken(e,t){this.removeItem(e,t)}getAccessToken(e,t,r,n){const o=t.correlationId;this.commonLogger.trace("1t7hz1",o);const i=_t.createSearchScopes(t.scopes),s=t.authenticationScheme||G.BEARER,a=s&&s.toLowerCase()!==G.BEARER.toLowerCase()?L.ACCESS_TOKEN_WITH_AUTH_SCHEME:L.ACCESS_TOKEN,c={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:a,clientId:this.clientId,realm:n||e.tenantId,target:i,tokenType:s,keyId:t.sshKid},h=r&&r.accessToken||this.getTokenKeys().accessToken,l=[];h.forEach((e=>{if(this.accessTokenKeyMatchesFilter(e,c,!0)){const t=this.getAccessTokenCredential(e,o);t&&this.credentialMatchesFilter(t,c,o)&&l.push(t)}}));const d=l.length;return d<1?(this.commonLogger.info("1nckna",o),null):d>1?(this.commonLogger.info("1wkfwp",o),l.forEach((e=>{this.removeAccessToken(this.generateCredentialKey(e),o)})),this.performanceClient.addFields({multiMatchedAT:l.length},o),null):(this.commonLogger.info("06yt98",o),l[0])}accessTokenKeyMatchesFilter(e,t,r){const n=e.toLowerCase();if(t.clientId&&-1===n.indexOf(t.clientId.toLowerCase()))return!1;if(t.homeAccountId&&-1===n.indexOf(t.homeAccountId.toLowerCase()))return!1;if(t.realm&&-1===n.indexOf(t.realm.toLowerCase()))return!1;if(t.target){const e=t.target.asArray();for(let t=0;t<e.length;t++){if(r&&!n.includes(e[t].toLowerCase()))return!1;if(!r&&n.includes(e[t].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e,t){const r=this.getTokenKeys(),n=[];return r.accessToken.forEach((r=>{if(!this.accessTokenKeyMatchesFilter(r,e,!0))return;const o=this.getAccessTokenCredential(r,t);o&&this.credentialMatchesFilter(o,e,t)&&n.push(o)})),n}getRefreshToken(e,t,r,n){this.commonLogger.trace("0x53vi",r);const o=t?D:void 0,i={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:L.REFRESH_TOKEN,clientId:this.clientId,familyId:o},s=n&&n.refreshToken||this.getTokenKeys().refreshToken,a=[];s.forEach((e=>{if(this.refreshTokenKeyMatchesFilter(e,i)){const t=this.getRefreshTokenCredential(e,r);t&&this.credentialMatchesFilter(t,i,r)&&a.push(t)}}));const c=a.length;return c<1?(this.commonLogger.info("0dlw11",r),null):(c>1&&this.performanceClient.addFields({multiMatchedRT:c},r),this.commonLogger.info("0wcnep",r),a[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.familyId||-1!==r.indexOf(t.familyId.toLowerCase()))&&(!(!t.familyId&&t.clientId&&-1===r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase())))}readAppMetadataFromCache(e,t){const r={environment:e,clientId:this.clientId},n=this.getAppMetadataFilteredBy(r,t),o=Object.keys(n).map((e=>n[e])),i=o.length;if(i<1)return null;if(i>1)throw be(st);return o[0]}isAppMetadataFOCI(e,t){const r=this.readAppMetadataFromCache(e,t);return!(!r||r.familyId!==D)}matchHomeAccountId(e,t){return!("string"!=typeof e.homeAccountId||t!==e.homeAccountId)}matchLocalAccountIdFromTokenClaims(e,t){return t===(e.oid||e.sub)}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){return!(t.toLowerCase()!==e.name?.toLowerCase())}matchUsername(e,t){return!(!e||"string"!=typeof e||t?.toLowerCase()!==e.toLowerCase())}matchUserAssertionHash(e,t){return!(!e.userAssertionHash||t!==e.userAssertionHash)}matchEnvironment(e,t,r){if(this.staticAuthorityOptions){const n=function(e,t,r){let n;const o=e.canonicalAuthority;if(o){const i=new vr(o).getUrlComponents().HostNameAndPort;n=Sr(t,r,i,e.cloudDiscoveryMetadata?.metadata)||Sr(t,r,i,br.metadata)||e.knownAuthorities}return n||[]}(this.staticAuthorityOptions,this.commonLogger,r);if(n.includes(t)&&n.includes(e.environment))return!0}const n=this.getAuthorityMetadataByAlias(t,r);return!!(n&&n.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!(!e.clientId||t!==e.clientId)}matchFamilyId(e,t){return!(!e.familyId||t!==e.familyId)}matchRealm(e,t){return!(e.realm?.toLowerCase()!==t.toLowerCase())}matchNativeAccountId(e,t){return!(!e.nativeAccountId||t!==e.nativeAccountId)}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t||(e.preferred_username===t||e.upn===t)}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!(!e.authorityType||t.toLowerCase()!==e.authorityType.toLowerCase())}matchTarget(e,t){if(e.credentialType!==L.ACCESS_TOKEN&&e.credentialType!==L.ACCESS_TOKEN_WITH_AUTH_SCHEME||!e.target)return!1;return _t.fromString(e.target).containsScopeSet(t)}matchTokenType(e,t){return!(!e.tokenType||e.tokenType!==t)}matchKeyId(e,t){return!(!e.keyId||e.keyId!==t)}isAppMetadata(e){return-1!==e.indexOf(H)}isAuthorityMetadata(e){return-1!==e.indexOf(F)}generateAuthorityMetadataCacheKey(e){return`${F}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class zr extends Br{async setAccount(){throw be(bt)}getAccount(){throw be(bt)}async setIdTokenCredential(){throw be(bt)}getIdTokenCredential(){throw be(bt)}async setAccessTokenCredential(){throw be(bt)}getAccessTokenCredential(){throw be(bt)}async setRefreshTokenCredential(){throw be(bt)}getRefreshTokenCredential(){throw be(bt)}setAppMetadata(){throw be(bt)}getAppMetadata(){throw be(bt)}setServerTelemetry(){throw be(bt)}getServerTelemetry(){throw be(bt)}setAuthorityMetadata(){throw be(bt)}getAuthorityMetadata(){throw be(bt)}getAuthorityMetadataKeys(){throw be(bt)}setThrottlingCache(){throw be(bt)}getThrottlingCache(){throw be(bt)}removeItem(){throw be(bt)}getKeys(){throw be(bt)}getAccountKeys(){throw be(bt)}getTokenKeys(){throw be(bt)}generateCredentialKey(){throw be(bt)}generateAccountKey(){throw be(bt)}}const jr=1,$r=2,Jr=new Set(["accessTokenSize","durationMs","idTokenSize","matsSilentStatus","matsHttpStatus","refreshTokenSize","startTimeMs","status","multiMatchedAT","multiMatchedID","multiMatchedRT","unencryptedCacheCount","encryptedCacheExpiredCount","oldAccountCount","oldAccessCount","oldIdCount","oldRefreshCount","currAccountCount","currAccessCount","currIdCount","currRefreshCount","expiredCacheRemovedCount","upgradedCacheCount"]);class Wr{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:jr,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""}}}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}const Gr={tokenRenewalOffsetSeconds:300,preventCorsPreflight:!1},Qr={loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info,correlationId:""},Vr={async sendGetRequestAsync(){throw be(bt)},async sendPostRequestAsync(){throw be(bt)}},Xr={sku:"msal.js.common",version:gr,cpu:"",os:""},Yr={clientSecret:"",clientAssertion:void 0},Zr={azureCloudInstance:pr.None,tenant:`${r}`},en={application:{appName:"",appVersion:""}};function tn({authOptions:e,systemOptions:t,loggerOptions:r,storageInterface:n,networkInterface:o,cryptoInterface:i,clientCredentials:s,libraryInfo:a,telemetry:c,serverTelemetryManager:h,persistencePlugin:l,serializableCache:d}){const u={...Qr,...r};return{authOptions:(g=e,{clientCapabilities:[],azureCloudOptions:Zr,instanceAware:!1,...g}),systemOptions:{...Gr,...t},loggerOptions:u,storageInterface:n||new zr(e.clientId,ar,new dr(u),new Wr),networkInterface:o||Vr,cryptoInterface:i||ar,clientCredentials:s||Yr,libraryInfo:{...Xr,...a},telemetry:{...en,...c},serverTelemetryManager:h||null,persistencePlugin:l||null,serializableCache:d||null};var g}function rn(e){return e.authOptions.authority.options.protocolMode===Hr.OIDC}class nn extends we{constructor(e,t,r,n,o){super(e,t,r),this.name="ServerError",this.errorNo=n,this.status=o,Object.setPrototypeOf(this,nn.prototype)}}const on="no_tokens_found",sn="native_account_unavailable",an="refresh_token_expired",cn="ux_not_allowed",hn="interaction_required",ln="consent_required",dn="login_required",un="bad_token";var gn=Object.freeze({__proto__:null,badToken:un,consentRequired:ln,interactionRequired:hn,loginRequired:dn,nativeAccountUnavailable:sn,noTokensFound:on,refreshTokenExpired:an,uxNotAllowed:cn});const pn=[hn,ln,dn,un,cn],mn=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token","ux_not_allowed"];class fn extends we{constructor(e,t,r,n,o,i,s,a){super(e,t,r),Object.setPrototypeOf(this,fn.prototype),this.timestamp=n||"",this.traceId=o||"",this.correlationId=i||"",this.claims=s||"",this.name="InteractionRequiredAuthError",this.errorNo=a}}function yn(e,t,r){const n=!!e&&pn.indexOf(e)>-1,o=!!r&&mn.indexOf(r)>-1,i=!!t&&pn.some((e=>t.indexOf(e)>-1));return n||i||o}function wn(e,t){return new fn(e,t)}function In(e,t,r){const n=function(e,t){if(!e)throw be(mt);const r={id:e.createNewGuid()};t&&(r.meta=t);const n=JSON.stringify(r);return e.base64Encode(n)}(e,r);return t?`${n}|${t}`:n}function Cn(e,t){if(!e)throw be(mt);if(!t)throw be(et);try{const r=t.split("|"),n=r[0],o=r.length>1?r.slice(1).join("|"):"",i=e(n);return{userRequestState:o||"",libraryState:JSON.parse(i)}}catch(e){throw be(et)}}function vn(){return Math.round((new Date).getTime()/1e3)}function kn(e){return e.getTime()/1e3}function Tn(e){return e?new Date(1e3*Number(e)):new Date}function bn(e,t){const r=Number(e)||0;return vn()+t>r}function An(e,t){const r=Number(e)+24*t*60*60*1e3;return Date.now()>r}function Sn(e){return Number(e)>vn()}const _n="networkClientSendPostRequestAsync",En="refreshTokenClientAcquireTokenWithCachedRefreshToken",Pn="getAuthCodeUrl",Rn="handleCodeResponseFromServer",On="popTokenGenerateCnf",Mn="handleServerTokenResponse",xn="authorityUpdateMetadataWithRegionalInformation",qn="regionDiscoveryGetRegionFromIMDS",Nn=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);if(o){const e=t+"CallCount";n.incrementFields({[e]:1},o)}try{const t=e(...i);return s.end({success:!0}),r.trace("1g8n6a",o),t}catch(e){r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}},Un=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);if(o){const e=t+"CallCount";n.incrementFields({[e]:1},o)}return e(...i).then((e=>(r.trace("1g8n6a",o),s.end({success:!0}),e))).catch((e=>{r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}))},Ln="sw";class Hn{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){const r=await Un(this.generateKid.bind(this),On,t,this.performanceClient,e.correlationId)(e),n=this.cryptoUtils.base64UrlEncode(JSON.stringify(r));return{kid:r.kid,reqCnfString:n}}async generateKid(e){return{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:Ln}}async signPopToken(e,t,r){return this.signPayload(e,t,r)}async signPayload(e,t,r,n){const{resourceRequestMethod:o,resourceRequestUri:i,shrClaims:s,shrNonce:a,shrOptions:c}=r,h=i?new vr(i):void 0,l=h?.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:vn(),m:o?.toUpperCase(),u:l?.HostNameAndPort,nonce:a||this.cryptoUtils.createNewGuid(),p:l?.AbsolutePath,q:l?.QueryString?[[],l.QueryString]:void 0,client_claims:s||void 0,...n},t,c,r.correlationId)}}class Dn{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}function Fn(e,t,r,n,o){return{credentialType:L.ID_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,realm:o,lastUpdatedAt:Date.now().toString()}}function Kn(e,t,r,n,o,i,s,a,c,h,l,d,u){const g={homeAccountId:e,credentialType:L.ACCESS_TOKEN,secret:r,cachedAt:vn().toString(),expiresOn:s.toString(),extendedExpiresOn:a.toString(),environment:t,clientId:n,realm:o,target:i,tokenType:l||G.BEARER,lastUpdatedAt:Date.now().toString()};if(d&&(g.userAssertionHash=d),h&&(g.refreshOn=h.toString()),g.tokenType?.toLowerCase()!==G.BEARER.toLowerCase())switch(g.credentialType=L.ACCESS_TOKEN_WITH_AUTH_SCHEME,g.tokenType){case G.POP:const e=wr(r,c);if(!e?.cnf?.kid)throw be(yt);g.keyId=e.cnf.kid;break;case G.SSH:g.keyId=u}return g}function Bn(e,t,r,n,o,i,s){const a={credentialType:L.REFRESH_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,lastUpdatedAt:Date.now().toString()};return i&&(a.userAssertionHash=i),o&&(a.familyId=o),s&&(a.expiresOn=s.toString()),a}function zn(e){return e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("credentialType")&&e.hasOwnProperty("clientId")&&e.hasOwnProperty("secret")}function jn(e){return!!e&&(zn(e)&&e.hasOwnProperty("realm")&&e.hasOwnProperty("target")&&(e.credentialType===L.ACCESS_TOKEN||e.credentialType===L.ACCESS_TOKEN_WITH_AUTH_SCHEME))}function $n(e){return!!e&&(zn(e)&&e.credentialType===L.REFRESH_TOKEN)}function Jn(){return vn()+86400}function Wn(e,t,r){e.authorization_endpoint=t.authorization_endpoint,e.token_endpoint=t.token_endpoint,e.end_session_endpoint=t.end_session_endpoint,e.issuer=t.issuer,e.endpointsFromNetwork=r,e.jwks_uri=t.jwks_uri}function Gn(e,t,r){e.aliases=t.aliases,e.preferred_cache=t.preferred_cache,e.preferred_network=t.preferred_network,e.aliasesFromNetwork=r}function Qn(e){return e.expiresAt<=vn()}class Vn{constructor(e,t,r,n,o,i,s){this.clientId=e,this.cacheStorage=t,this.cryptoObj=r,this.logger=n,this.performanceClient=o,this.serializableCache=i,this.persistencePlugin=s}validateTokenResponse(e,t,r){if(e.error||e.error_description||e.suberror){const n=`Error(s): ${e.error_codes||h} - Timestamp: ${e.timestamp||h} - Description: ${e.error_description||h} - Correlation ID: ${e.correlation_id||h} - Trace ID: ${e.trace_id||h}`,o=e.error_codes?.length?e.error_codes[0]:void 0,i=new nn(e.error,n,e.suberror,o,e.status);if(r&&e.status&&e.status>=500&&e.status<=599)return void this.logger.warning("16ks7j",t);if(r&&e.status&&e.status>=400&&e.status<=499)return void this.logger.warning("0g61x3",t);if(yn(e.error,e.error_description,e.suberror))throw new fn(e.error,e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",o);throw i}}async handleServerTokenResponse(e,t,r,n,o,i,s,a,c){let h,l;if(e.id_token){if(h=wr(e.id_token||"",this.cryptoObj.base64Decode),o&&o.nonce&&h.nonce!==o.nonce)throw be(nt);if(n.maxAge||0===n.maxAge){const e=h.auth_time;if(!e)throw be(ot);Cr(e,n.maxAge)}}this.homeAccountIdentifier=Kr(e.client_info||"",t.authorityType,this.logger,this.cryptoObj,n.correlationId,h),o&&o.state&&(l=Cn(this.cryptoObj.base64Decode,o.state)),e.key_id=e.key_id||n.sshKid||void 0;const d=this.generateCacheRecord(e,t,r,n,h,i,o);let u;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("0jbz5k",n.correlationId),u=new Dn(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(u)),s&&!a&&d.account){const e=this.cacheStorage.generateAccountKey(Dr(d.account));if(!this.cacheStorage.getAccount(e,n.correlationId))return this.logger.warning("1gmt66",n.correlationId),await Vn.generateAuthenticationResult(this.cryptoObj,t,d,!1,n,this.performanceClient,h,l,void 0,c)}await this.cacheStorage.saveCacheRecord(d,n.correlationId,Ir(h||{}),n.storeInCache)}finally{this.persistencePlugin&&this.serializableCache&&u&&(this.logger.verbose("1bh17u",n.correlationId),await this.persistencePlugin.afterCacheAccess(u))}return Vn.generateAuthenticationResult(this.cryptoObj,t,d,!1,n,this.performanceClient,h,l,e,c)}generateCacheRecord(e,t,r,n,o,i,s){const a=t.getPreferredCache();if(!a)throw be(gt);const c=Lr(o);let h,l;e.id_token&&o&&(h=Fn(this.homeAccountIdentifier,a,e.id_token,this.clientId,c||""),l=Xn(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,n.correlationId,o,e.client_info,a,c,s,void 0,this.logger));let d=null;if(e.access_token){const o=e.scope?_t.fromString(e.scope):new _t(n.scopes||[]),s=("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0,h=("string"==typeof e.ext_expires_in?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,l=("string"==typeof e.refresh_in?parseInt(e.refresh_in,10):e.refresh_in)||void 0,u=r+s,g=u+h,p=l&&l>0?r+l:void 0;d=Kn(this.homeAccountIdentifier,a,e.access_token,this.clientId,c||t.tenant||"",o.printScopes(),u,g,this.cryptoObj.base64Decode,p,e.token_type,i,e.key_id)}let u=null;if(e.refresh_token){let t;if(e.refresh_token_expires_in){t=r+("string"==typeof e.refresh_token_expires_in?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in)}u=Bn(this.homeAccountIdentifier,a,e.refresh_token,this.clientId,e.foci,i,t)}let g=null;return e.foci&&(g={clientId:this.clientId,environment:a,familyId:e.foci}),{account:l,idToken:h,accessToken:d,refreshToken:u,appMetadata:g}}static async generateAuthenticationResult(e,t,r,n,o,i,s,a,c,h){let l,d,u="",g=[],p=null,m="";if(r.accessToken){if(r.accessToken.tokenType!==G.POP||o.popKid)u=r.accessToken.secret;else{const t=new Hn(e,i),{secret:n,keyId:s}=r.accessToken;if(!s)throw be(vt);u=await t.signPopToken(n,s,o)}g=_t.fromString(r.accessToken.target).asArray(),p=Tn(r.accessToken.expiresOn),l=Tn(r.accessToken.extendedExpiresOn),r.accessToken.refreshOn&&(d=Tn(r.accessToken.refreshOn))}r.appMetadata&&(m=r.appMetadata.familyId===D?D:"");const f=s?.oid||s?.sub||"",y=s?.tid||"";c?.spa_accountid&&r.account&&(r.account.nativeAccountId=c?.spa_accountid);const w=r.account?yr(Dr(r.account),void 0,s,r.idToken?.secret):null;return{authority:t.canonicalAuthority,uniqueId:f,tenantId:y,scopes:g,account:w,idToken:r?.idToken?.secret||"",idTokenClaims:s||{},accessToken:u,fromCache:n,expiresOn:p,extExpiresOn:l,refreshOn:d,correlationId:o.correlationId,requestId:h||"",familyId:m,tokenType:r.accessToken?.tokenType||"",state:a?a.userRequestState:"",cloudGraphHostName:r.account?.cloudGraphHostName||"",msGraphHost:r.account?.msGraphHost||"",code:c?.spa_code,fromPlatformBroker:!1}}}function Xn(e,t,r,n,o,i,s,a,c,h,l,d){d?.verbose("09jz0t",o);const u=e.getAccountKeys().find((e=>e.startsWith(r)));let g=null;u&&(g=e.getAccount(u,o));const p=g||function(e,t,r){let n,o,i;n=t.authorityType===qr?"ADFS":t.protocolMode===Hr.OIDC?U:"MSSTS",e.clientInfo&&r&&(o=Or(e.clientInfo,r),o.xms_tdbr&&(i="EU"===o.xms_tdbr?"EU":"None"));const s=e.environment||t&&t.getPreferredCache();if(!s)throw be(gt);const a=e.idTokenClaims?.preferred_username||e.idTokenClaims?.upn,c=e.idTokenClaims?.emails?e.idTokenClaims.emails[0]:null,h=a||c||"",l=e.idTokenClaims?.login_hint,d=o?.utid||Lr(e.idTokenClaims)||"",u=o?.uid||e.idTokenClaims?.oid||e.idTokenClaims?.sub||"";let g;g=e.tenantProfiles?e.tenantProfiles:[fr(e.homeAccountId,u,d,e.idTokenClaims)];return{homeAccountId:e.homeAccountId,environment:s,realm:d,localAccountId:u,username:h,authorityType:n,loginHint:l,clientInfo:e.clientInfo,name:e.idTokenClaims?.name||"",lastModificationTime:void 0,lastModificationApp:void 0,cloudGraphHostName:e.cloudGraphHostName,msGraphHost:e.msGraphHost,nativeAccountId:e.nativeAccountId,tenantProfiles:g,dataBoundary:i}}({homeAccountId:r,idTokenClaims:i,clientInfo:s,environment:a,cloudGraphHostName:h?.cloud_graph_host_name,msGraphHost:h?.msgraph_host,nativeAccountId:l},t,n),m=p.tenantProfiles||[],f=c||p.realm;if(f&&!m.find((e=>e.tenantId===f))){const e=fr(r,p.localAccountId,f,i);m.push(e)}return p.tenantProfiles=m,p}const Yn="home_account_id",Zn="UPN";async function eo(e,t,r){if("string"==typeof e)return e;return e({clientId:t,tokenEndpoint:r})}function to(e,t,r){return{clientId:e,authority:t.authority,scopes:t.scopes,homeAccountIdentifier:r,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid,embeddedClientId:t.embeddedClientId||t.extraParameters?.clientId}}class ro{static generateThrottlingStorageKey(e){return`${Q}.${JSON.stringify(e)}`}static preProcess(e,t,r){const n=ro.generateThrottlingStorageKey(t),o=e.getThrottlingCache(n,r);if(o){if(o.throttleTime<Date.now())return void e.removeItem(n,r);throw new nn(o.errorCodes?.join(" ")||"",o.errorMessage,o.subError)}}static postProcess(e,t,r,n){if(ro.checkResponseStatus(r)||ro.checkResponseForRetryAfter(r)){const o={throttleTime:ro.calculateThrottleTime(parseInt(r.headers[w])),error:r.body.error,errorCodes:r.body.error_codes,errorMessage:r.body.error_description,subError:r.body.suberror};e.setThrottlingCache(ro.generateThrottlingStorageKey(t),o,n)}}static checkResponseStatus(e){return 429===e.status||e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return!!e.headers&&(e.headers.hasOwnProperty(w)&&(e.status<200||e.status>=300))}static calculateThrottleTime(e){const t=e<=0?0:e,r=Date.now()/1e3;return Math.floor(1e3*Math.min(r+(t||60),r+3600))}static removeThrottle(e,t,r,n){const o=to(t,r,n),i=this.generateThrottlingStorageKey(o);e.removeItem(i,r.correlationId)}}class no extends we{constructor(e,t,r){super(e.errorCode,e.errorMessage,e.subError),Object.setPrototypeOf(this,no.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=r}}function oo(e,t,r,n){return e.errorMessage=`${e.errorMessage}, additionalErrorInfo: error.name:${n?.name}, error.message:${n?.message}`,new no(e,t,r)}function io(e,t,r){const n={};if(n[f]="application/x-www-form-urlencoded;charset=utf-8",!t&&r)switch(r.type){case Yn:try{const e=Mr(r.credential);n[I]=`Oid:${e.uid}@${e.utid}`}catch(t){e.verbose("1qhtee","")}break;case Zn:n[I]=`UPN: ${r.credential}`}return n}function so(e,t,r,n){const o=new Map;return e.embeddedClientId&&tr(o,t,r),e.extraQueryParameters&&Qt(o,e.extraQueryParameters),Ht(o,e.correlationId),Et(o,e.correlationId,n),ir(o)}async function ao(e,t,r,n,o,i,s,a,c,h){const l=await async function(e,t,r,n,o,i,s,a){let c;ro.preProcess(o,e,n);try{c=await Un(i.sendPostRequestAsync.bind(i),_n,s,a,n)(t,r);const e=c.headers||{};a?.addFields({refreshTokenSize:c.body.refresh_token?.length||0,httpVerToken:e[T]||"",requestId:e[k]||""},n)}catch(e){if(e instanceof no){const t=e.responseHeaders;throw t&&a?.addFields({httpVerToken:t[T]||"",requestId:t[k]||"",contentTypeHeader:t[f]||void 0,contentLengthHeader:t[y]||void 0,httpStatus:e.httpStatus},n),e.error}throw e instanceof we?e:be(Xe)}return ro.postProcess(o,e,c,n),c}(n,e,{body:t,headers:r},o,i,s,a,c);return h&&l.status<500&&429!==l.status&&h.clearTelemetryCache(),l}class co{constructor(e,t,r,n){this.networkInterface=e,this.logger=t,this.performanceClient=r,this.correlationId=n}async detectRegion(e,t){let r=e;if(r)t.region_source=X;else{const e=co.IMDS_OPTIONS;try{const n=await Un(this.getRegionFromIMDS.bind(this),qn,this.logger,this.performanceClient,this.correlationId)("2020-06-01",e);if(200===n.status&&(r=n.body,t.region_source=Y),400===n.status){const n=await Un(this.getCurrentVersion.bind(this),"regionDiscoveryGetCurrentVersion",this.logger,this.performanceClient,this.correlationId)(e);if(!n)return t.region_source=V,null;const o=await Un(this.getRegionFromIMDS.bind(this),qn,this.logger,this.performanceClient,this.correlationId)(n,e);200===o.status&&(r=o.body,t.region_source=Y)}}catch(e){return t.region_source=V,null}}return r||(t.region_source=V),r||null}async getRegionFromIMDS(e,t){return this.networkInterface.sendGetRequestAsync(`${l}?api-version=${e}&format=text`,t,2e3)}async getCurrentVersion(e){try{const t=await this.networkInterface.sendGetRequestAsync(`${l}?format=json`,e);return 400===t.status&&t.body&&t.body["newest-versions"]&&t.body["newest-versions"].length>0?t.body["newest-versions"][0]:null}catch(e){return null}}}co.IMDS_OPTIONS={headers:{Metadata:"true"}};class ho{constructor(e,t,r,n,o,i,s,a){this.canonicalAuthority=e,this._canonicalAuthority.validateAsUri(),this.networkInterface=t,this.cacheManager=r,this.authorityOptions=n,this.regionDiscoveryMetadata={region_used:void 0,region_source:void 0,region_outcome:void 0},this.logger=o,this.performanceClient=s,this.correlationId=i,this.managedIdentity=a||!1,this.regionDiscovery=new co(t,this.logger,this.performanceClient,this.correlationId)}getAuthorityType(e){if(e.HostNameAndPort.endsWith(o))return Ur;const t=e.PathSegments;if(t.length)switch(t[0].toLowerCase()){case"adfs":return qr;case"dstsv2":return Nr}return xr}get authorityType(){return this.getAuthorityType(this.canonicalAuthorityUrlComponents)}get protocolMode(){return this.authorityOptions.protocolMode}get options(){return this.authorityOptions}get canonicalAuthority(){return this._canonicalAuthority.urlString}set canonicalAuthority(e){this._canonicalAuthority=new vr(e),this._canonicalAuthority.validateAsUri(),this._canonicalAuthorityUrlComponents=null}get canonicalAuthorityUrlComponents(){return this._canonicalAuthorityUrlComponents||(this._canonicalAuthorityUrlComponents=this._canonicalAuthority.getUrlComponents()),this._canonicalAuthorityUrlComponents}get hostnameAndPort(){return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()}get tenant(){return this.canonicalAuthorityUrlComponents.PathSegments[0]}get authorizationEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.authorization_endpoint);throw be(Ve)}get tokenEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint);throw be(Ve)}get deviceCodeEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint.replace("/token","/devicecode"));throw be(Ve)}get endSessionEndpoint(){if(this.discoveryComplete()){if(!this.metadata.end_session_endpoint)throw be(Ct);return this.replacePath(this.metadata.end_session_endpoint)}throw be(Ve)}get selfSignedJwtAudience(){if(this.discoveryComplete())return this.replacePath(this.metadata.issuer);throw be(Ve)}get jwksUri(){if(this.discoveryComplete())return this.replacePath(this.metadata.jwks_uri);throw be(Ve)}canReplaceTenant(e){return 1===e.PathSegments.length&&!ho.reservedTenantDomains.has(e.PathSegments[0])&&this.getAuthorityType(e)===xr&&this.protocolMode!==Hr.OIDC}replaceTenant(e){return e.replace(/{tenant}|{tenantid}/g,this.tenant)}replacePath(e){let t=e;const r=new vr(this.metadata.canonical_authority).getUrlComponents(),n=r.PathSegments;return this.canonicalAuthorityUrlComponents.PathSegments.forEach(((e,o)=>{let i=n[o];if(0===o&&this.canReplaceTenant(r)){const e=new vr(this.metadata.authorization_endpoint).getUrlComponents().PathSegments[0];i!==e&&(this.logger.verbose("1q3g2x",this.correlationId),i=e)}e!==i&&(t=t.replace(`/${i}/`,`/${e}/`))})),this.replaceTenant(t)}get defaultOpenIdConfigurationEndpoint(){const e=this.hostnameAndPort;return this.canonicalAuthority.endsWith("v2.0/")||this.authorityType===qr||this.protocolMode===Hr.OIDC&&!this.isAliasOfKnownMicrosoftAuthority(e)?`${this.canonicalAuthority}.well-known/openid-configuration`:`${this.canonicalAuthority}v2.0/.well-known/openid-configuration`}discoveryComplete(){return!!this.metadata}async resolveEndpointsAsync(){const e=this.getCurrentMetadataEntity(),t=await Un(this.updateCloudDiscoveryMetadata.bind(this),"authorityUpdateCloudDiscoveryMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.canonicalAuthority=this.canonicalAuthority.replace(this.hostnameAndPort,e.preferred_network);const r=await Un(this.updateEndpointMetadata.bind(this),"authorityUpdateEndpointMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.updateCachedMetadata(e,t,{source:r}),this.performanceClient?.addFields({cloudDiscoverySource:t,authorityEndpointSource:r},this.correlationId)}getCurrentMetadataEntity(){let e=this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort,this.correlationId);return e||(e={aliases:[],preferred_cache:this.hostnameAndPort,preferred_network:this.hostnameAndPort,canonical_authority:this.canonicalAuthority,authorization_endpoint:"",token_endpoint:"",end_session_endpoint:"",issuer:"",aliasesFromNetwork:!1,endpointsFromNetwork:!1,expiresAt:Jn(),jwks_uri:""}),e}updateCachedMetadata(e,t,r){t!==B&&r?.source!==B&&(e.expiresAt=Jn(),e.canonical_authority=this.canonicalAuthority);const n=this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache,this.correlationId);this.cacheManager.setAuthorityMetadata(n,e,this.correlationId),this.metadata=e}async updateEndpointMetadata(e){const t=this.updateEndpointMetadataFromLocalSources(e);if(t){if(t.source===j&&this.authorityOptions.azureRegionConfiguration?.azureRegion&&t.metadata){Wn(e,await Un(this.updateMetadataWithRegionalInformation.bind(this),xn,this.logger,this.performanceClient,this.correlationId)(t.metadata),!1),e.canonical_authority=this.canonicalAuthority}return t.source}let r=await Un(this.getEndpointMetadataFromNetwork.bind(this),"authorityGetEndpointMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return this.authorityOptions.azureRegionConfiguration?.azureRegion&&(r=await Un(this.updateMetadataWithRegionalInformation.bind(this),xn,this.logger,this.performanceClient,this.correlationId)(r)),Wn(e,r,!0),z;throw be(Ye,this.defaultOpenIdConfigurationEndpoint)}updateEndpointMetadataFromLocalSources(e){this.logger.verbose("1fi0kc",this.correlationId);const t=this.getEndpointMetadataFromConfig();if(t)return this.logger.verbose("06t0uj",this.correlationId),Wn(e,t,!1),{source:K};this.logger.verbose("151k0p",this.correlationId);const r=this.getEndpointMetadataFromHardcodedValues();if(r)return Wn(e,r,!1),{source:j,metadata:r};this.logger.verbose("1imop5",this.correlationId);const n=Qn(e);return this.isAuthoritySameType(e)&&e.endpointsFromNetwork&&!n?(this.logger.verbose("16uq31",""),{source:B}):(n&&this.logger.verbose("0uoibc",""),null)}isAuthoritySameType(e){return new vr(e.canonical_authority).getUrlComponents().PathSegments.length===this.canonicalAuthorityUrlComponents.PathSegments.length}getEndpointMetadataFromConfig(){if(this.authorityOptions.authorityMetadata)try{return JSON.parse(this.authorityOptions.authorityMetadata)}catch(e){throw ve(Ne)}return null}async getEndpointMetadataFromNetwork(){const e={},t=this.defaultOpenIdConfigurationEndpoint;this.logger.verbose("1y65x6",this.correlationId);try{const r=await this.networkInterface.sendGetRequestAsync(t,e),n=function(e){return e.hasOwnProperty("authorization_endpoint")&&e.hasOwnProperty("token_endpoint")&&e.hasOwnProperty("issuer")&&e.hasOwnProperty("jwks_uri")}(r.body);return n?r.body:(this.logger.verbose("1koyv8",this.correlationId),null)}catch(e){return this.logger.verbose("0a9wik",this.correlationId),null}}getEndpointMetadataFromHardcodedValues(){return this.hostnameAndPort in Tr?Tr[this.hostnameAndPort]:null}async updateMetadataWithRegionalInformation(e){const t=this.authorityOptions.azureRegionConfiguration?.azureRegion;if(t){if("TryAutoDetect"!==t)return this.regionDiscoveryMetadata.region_outcome=Z,this.regionDiscoveryMetadata.region_used=t,ho.replaceWithRegionalInformation(e,t);const r=await Un(this.regionDiscovery.detectRegion.bind(this.regionDiscovery),"regionDiscoveryDetectRegion",this.logger,this.performanceClient,this.correlationId)(this.authorityOptions.azureRegionConfiguration?.environmentRegion,this.regionDiscoveryMetadata);if(r)return this.regionDiscoveryMetadata.region_outcome=ee,this.regionDiscoveryMetadata.region_used=r,ho.replaceWithRegionalInformation(e,r);this.regionDiscoveryMetadata.region_outcome=te}return e}async updateCloudDiscoveryMetadata(e){const t=this.updateCloudDiscoveryMetadataFromLocalSources(e);if(t)return t;const r=await Un(this.getCloudDiscoveryMetadataFromNetwork.bind(this),"authorityGetCloudDiscoveryMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return Gn(e,r,!0),z;throw ve(Ue)}updateCloudDiscoveryMetadataFromLocalSources(e){this.logger.verbose("0jhlgt",this.correlationId),this.logger.verbosePii("1fy7uz",this.correlationId),this.logger.verbosePii("08zabj",this.correlationId),this.logger.verbosePii("1o1kv3",this.correlationId);const t=this.getCloudDiscoveryMetadataFromConfig();if(t)return this.logger.verbose("1nakio",this.correlationId),Gn(e,t,!1),K;this.logger.verbose("1x74aj",this.correlationId);const r=(n=this.hostnameAndPort,_r(br.metadata,n));var n;if(r)return this.logger.verbose("0by47c",this.correlationId),Gn(e,r,!1),j;this.logger.verbose("0r2fzy",this.correlationId);const o=Qn(e);return this.isAuthoritySameType(e)&&e.aliasesFromNetwork&&!o?(this.logger.verbose("1uffgh",""),B):(o&&this.logger.verbose("0uoibc",""),null)}getCloudDiscoveryMetadataFromConfig(){if(this.authorityType===Ur)return this.logger.verbose("04y84h",this.correlationId),ho.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);if(this.authorityOptions.cloudDiscoveryMetadata){this.logger.verbose("0gszr3",this.correlationId);try{this.logger.verbose("1iifkx",this.correlationId);const e=_r(JSON.parse(this.authorityOptions.cloudDiscoveryMetadata).metadata,this.hostnameAndPort);if(this.logger.verbose("0q67e3",""),e)return this.logger.verbose("0hzfao",this.correlationId),e;this.logger.verbose("1ajz3u",this.correlationId)}catch(e){throw this.logger.verbose("1wq5tu",this.correlationId),ve(qe)}}return this.isInKnownAuthorities()?(this.logger.verbose("0mt9al",this.correlationId),ho.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)):null}async getCloudDiscoveryMetadataFromNetwork(){const e=`${n}${this.canonicalAuthority}oauth2/v2.0/authorize`,t={};let r=null;try{const n=await this.networkInterface.sendGetRequestAsync(e,t);let o,i;if(function(e){return e.hasOwnProperty("tenant_discovery_endpoint")&&e.hasOwnProperty("metadata")}(n.body))o=n.body,i=o.metadata,this.logger.verbosePii("1vglyt",this.correlationId);else{if(!function(e){return e.hasOwnProperty("error")&&e.hasOwnProperty("error_description")}(n.body))return this.logger.error("0768g0",this.correlationId),null;if(this.logger.warning("062uto",this.correlationId),o=n.body,"invalid_instance"===o.error)return this.logger.error("1x90tm",this.correlationId),null;this.logger.warning("0wchdm",this.correlationId),this.logger.warning("1s5mpv",this.correlationId),this.logger.warning("1yhqpw",this.correlationId),i=[]}this.logger.verbose("1lrobr",this.correlationId),r=_r(i,this.hostnameAndPort)}catch(e){return e instanceof we?this.logger.error("0vwhc7",this.correlationId):this.logger.error("0s2z41",this.correlationId),null}return r||(this.logger.warning("0jp28q",this.correlationId),this.logger.verbose("130sd8",this.correlationId),r=ho.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),r}isInKnownAuthorities(){return this.authorityOptions.knownAuthorities.filter((e=>e&&vr.getDomainFromUrl(e).toLowerCase()===this.hostnameAndPort)).length>0}static generateAuthority(e,t){let n;if(t&&t.azureCloudInstance!==pr.None){const e=t.tenant?t.tenant:r;n=`${t.azureCloudInstance}/${e}/`}return n||e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return"login.microsoftonline.com";if(this.discoveryComplete())return this.metadata.preferred_cache;throw be(Ve)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return Ar.has(e)}static isPublicCloudAuthority(e){return d.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,r){const n=new vr(e);n.validateAsUri();const o=n.getUrlComponents();let i=`${t}.${o.HostNameAndPort}`;this.isPublicCloudAuthority(o.HostNameAndPort)&&(i=`${t}.login.microsoft.com`);const s=vr.constructAuthorityUriFromObject({...n.getUrlComponents(),HostNameAndPort:i}).urlString;return r?`${s}?${r}`:s}static replaceWithRegionalInformation(e,t){const r={...e};return r.authorization_endpoint=ho.buildRegionalAuthorityString(r.authorization_endpoint,t),r.token_endpoint=ho.buildRegionalAuthorityString(r.token_endpoint,t),r.end_session_endpoint&&(r.end_session_endpoint=ho.buildRegionalAuthorityString(r.end_session_endpoint,t)),r}static transformCIAMAuthority(e){let t=e;const r=new vr(e).getUrlComponents();if(0===r.PathSegments.length&&r.HostNameAndPort.endsWith(o)){t=`${t}${r.HostNameAndPort.split(".")[0]}.onmicrosoft.com`}return t}}function lo(e){return e.endsWith("/")?e:`${e}/`}function uo(e){const t=e.cloudDiscoveryMetadata;let r;if(t)try{r=JSON.parse(t)}catch(e){throw ve(qe)}return{canonicalAuthority:e.authority?lo(e.authority):void 0,knownAuthorities:e.knownAuthorities,cloudDiscoveryMetadata:r}}async function go(e,t,r,n,o,i,s){const a=ho.transformCIAMAuthority(lo(e)),c=new ho(a,t,r,n,o,i,s);try{return await Un(c.resolveEndpointsAsync.bind(c),"authorityResolveEndpointsAsync",o,s,i)(),c}catch(e){throw be(Ve)}}ho.reservedTenantDomains=new Set(["{tenant}","{tenantid}",A,_,S]);class po{constructor(e,t){this.includeRedirectUri=!0,this.config=tn(e),this.logger=new dr(this.config.loggerOptions,ur,gr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t,this.oidcDefaultScopes=this.config.authOptions.authority.options.OIDCOptions?.defaultScopes}async acquireToken(e,t){if(!e.code)throw be(at);t&&t.cloud_instance_host_name&&await Un(this.updateTokenEndpointAuthority.bind(this),"updateTokenEndpointAuthority",this.logger,this.performanceClient,e.correlationId)(t.cloud_instance_host_name,e.correlationId);const r=vn(),n=await Un(this.executeTokenRequest.bind(this),"authClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(this.authority,e,this.serverTelemetryManager),o=n.headers?.[k],i=new Vn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return i.validateTokenResponse(n.body,e.correlationId),Un(i.handleServerTokenResponse.bind(i),Mn,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,r,e,t,void 0,void 0,void 0,o)}getLogoutUri(e){if(!e)throw ve(Me);const t=this.createLogoutUrlQueryString(e);return vr.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t,r){const n=so(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),o=vr.appendQueryString(e.tokenEndpoint,n),i=await Un(this.createTokenRequestBody.bind(this),"authClientCreateTokenRequestBody",this.logger,this.performanceClient,t.correlationId)(t);let s;if(t.clientInfo)try{const e=Or(t.clientInfo,this.cryptoUtils.base64Decode);s={credential:`${e.uid}.${e.utid}`,type:Yn}}catch(e){this.logger.verbose("0wznt3",t.correlationId)}const a=io(this.logger,this.config.systemOptions.preventCorsPreflight,s||t.ccsCredential),c=to(this.config.authOptions.clientId,t);return Un(ao,"authorizationCodeClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,t.correlationId)(o,i,a,c,t.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,r)}async createTokenRequestBody(e){const t=new Map;if(Ot(t,e.embeddedClientId||e.extraParameters?.[ce]||this.config.authOptions.clientId),this.includeRedirectUri)Mt(t,e.redirectUri);else if(!e.redirectUri)throw ve(Ae);if(Rt(t,e.scopes,!0,this.oidcDefaultScopes),function(e,t){e.set("code",t)}(t,e.code),Dt(t,this.config.libraryInfo),Ft(t,this.config.telemetry.application),er(t),this.serverTelemetryManager&&!rn(this.config)&&Zt(t,this.serverTelemetryManager),e.codeVerifier&&function(e,t){e.set("code_verifier",t)}(t,e.codeVerifier),this.config.clientCredentials.clientSecret&&zt(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;jt(t,await eo(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),$t(t,r.assertionType)}if(Jt(t,q),Wt(t),e.authenticationScheme===G.POP){const r=new Hn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Un(r.generateCnf.bind(r),On,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}Xt(t,n)}else if(e.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);Yt(t,e.sshJwk)}let r;if((!ke.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Lt(t,e.claims,this.config.authOptions.clientCapabilities),e.clientInfo)try{const t=Or(e.clientInfo,this.cryptoUtils.base64Decode);r={credential:`${t.uid}.${t.utid}`,type:Yn}}catch(t){this.logger.verbose("0wznt3",e.correlationId)}else r=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&r)switch(r.type){case Yn:try{Nt(t,Mr(r.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case Zn:qt(t,r.credential)}return e.embeddedClientId&&tr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&Qt(t,e.extraParameters),!e.enableSpaAuthorizationCode||e.extraParameters&&e.extraParameters[ue]||Qt(t,{[ue]:"1"}),Et(t,e.correlationId,this.performanceClient),ir(t)}createLogoutUrlQueryString(e){const t=new Map;return e.postLogoutRedirectUri&&function(e,t){e.set("post_logout_redirect_uri",t)}(t,e.postLogoutRedirectUri),e.correlationId&&Ht(t,e.correlationId),e.idTokenHint&&function(e,t){e.set("id_token_hint",t)}(t,e.idTokenHint),e.state&&Kt(t,e.state),e.logoutHint&&function(e,t){e.set("logout_hint",t)}(t,e.logoutHint),e.extraQueryParameters&&Qt(t,e.extraQueryParameters),this.config.authOptions.instanceAware&&Gt(t),ir(t)}async updateTokenEndpointAuthority(e,t){const r=`https://${e}/${this.authority.tenant}/`,n=await go(r,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=n}}class mo{constructor(e,t){this.config=tn(e),this.logger=new dr(this.config.loggerOptions,ur,gr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireToken(e){const t=vn(),r=await Un(this.executeTokenRequest.bind(this),"refreshTokenClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(e,this.authority),n=r.headers?.[k],o=new Vn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return o.validateTokenResponse(r.body,e.correlationId),Un(o.handleServerTokenResponse.bind(o),Mn,this.logger,this.performanceClient,e.correlationId)(r.body,this.authority,t,e,void 0,void 0,!0,e.forceCache,n)}async acquireTokenByRefreshToken(e){if(!e)throw ve(Oe);if(!e.account)throw be(dt);if(this.cacheManager.isAppMetadataFOCI(e.account.environment,e.correlationId))try{return await Un(this.acquireTokenWithCachedRefreshToken.bind(this),En,this.logger,this.performanceClient,e.correlationId)(e,!0)}catch(t){const r=t instanceof fn&&t.errorCode===on,n=t instanceof nn&&"invalid_grant"===t.errorCode&&"client_mismatch"===t.subError;if(r||n)return Un(this.acquireTokenWithCachedRefreshToken.bind(this),En,this.logger,this.performanceClient,e.correlationId)(e,!1);throw t}return Un(this.acquireTokenWithCachedRefreshToken.bind(this),En,this.logger,this.performanceClient,e.correlationId)(e,!1)}async acquireTokenWithCachedRefreshToken(e,t){const r=Nn(this.cacheManager.getRefreshToken.bind(this.cacheManager),"cacheManagerGetRefreshToken",this.logger,this.performanceClient,e.correlationId)(e.account,t,e.correlationId,void 0);if(!r)throw wn(on);if(r.expiresOn&&bn(r.expiresOn,e.refreshTokenExpirationOffsetSeconds||300))throw this.performanceClient?.addFields({rtExpiresOnMs:Number(r.expiresOn)},e.correlationId),wn(an);const n={...e,refreshToken:r.secret,authenticationScheme:e.authenticationScheme||G.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:Yn}};try{return await Un(this.acquireToken.bind(this),"refreshTokenClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(n)}catch(t){if(t instanceof fn&&(this.performanceClient?.addFields({rtExpiresOnMs:Number(r.expiresOn)},e.correlationId),t.subError===un)){this.logger.verbose("1pg3ap",e.correlationId);const t=this.cacheManager.generateCredentialKey(r);this.cacheManager.removeRefreshToken(t,e.correlationId)}throw t}}async executeTokenRequest(e,t){const r=so(e,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),n=vr.appendQueryString(t.tokenEndpoint,r),o=await Un(this.createTokenRequestBody.bind(this),"refreshTokenClientCreateTokenRequestBody",this.logger,this.performanceClient,e.correlationId)(e),i=io(this.logger,this.config.systemOptions.preventCorsPreflight,e.ccsCredential),s=to(this.config.authOptions.clientId,e);return Un(ao,"refreshTokenClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,e.correlationId)(n,o,i,s,e.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,this.serverTelemetryManager)}async createTokenRequestBody(e){const t=new Map;if(Ot(t,e.embeddedClientId||e.extraParameters?.[ce]||this.config.authOptions.clientId),e.redirectUri&&Mt(t,e.redirectUri),Rt(t,e.scopes,!0,this.config.authOptions.authority.options.OIDCOptions?.defaultScopes),Jt(t,N),Wt(t),Dt(t,this.config.libraryInfo),Ft(t,this.config.telemetry.application),er(t),this.serverTelemetryManager&&!rn(this.config)&&Zt(t,this.serverTelemetryManager),function(e,t){e.set("refresh_token",t)}(t,e.refreshToken),this.config.clientCredentials.clientSecret&&zt(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;jt(t,await eo(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),$t(t,r.assertionType)}if(e.authenticationScheme===G.POP){const r=new Hn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Un(r.generateCnf.bind(r),On,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}Xt(t,n)}else if(e.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);Yt(t,e.sshJwk)}if((!ke.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Lt(t,e.claims,this.config.authOptions.clientCapabilities),this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case Yn:try{Nt(t,Mr(e.ccsCredential.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case Zn:qt(t,e.ccsCredential.credential)}return e.embeddedClientId&&tr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&Qt(t,{...e.extraParameters}),Et(t,e.correlationId,this.performanceClient),ir(t)}}class fo{constructor(e,t){this.config=tn(e),this.logger=new dr(this.config.loggerOptions,ur,gr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireCachedToken(e){let t=re;if(e.forceRefresh||!ke.isEmptyObj(e.claims))throw this.setCacheOutcome(ne,e.correlationId),be(ft);if(!e.account)throw be(dt);const r=e.account.tenantId||function(e){const t=new vr(e).getUrlComponents(),r=t.PathSegments.slice(-1)[0]?.toLowerCase();switch(r){case A:case S:case _:return;default:return r}}(e.authority),n=this.cacheManager.getTokenKeys(),o=this.cacheManager.getAccessToken(e.account,e,n,r);if(!o)throw this.setCacheOutcome(oe,e.correlationId),be(ft);if(Sn(o.cachedAt)||bn(o.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(ie,e.correlationId),be(ft);o.refreshOn&&bn(o.refreshOn,0)&&(t=se);const i=e.authority||this.authority.getPreferredCache(),s={account:this.cacheManager.getAccount(this.cacheManager.generateAccountKey(e.account),e.correlationId),accessToken:o,idToken:this.cacheManager.getIdToken(e.account,e.correlationId,n,r),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(i,e.correlationId)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await Un(this.generateResultFromCacheRecord.bind(this),"silentFlowClientGenerateResultFromCacheRecord",this.logger,this.performanceClient,e.correlationId)(s,e),t]}setCacheOutcome(e,t){this.serverTelemetryManager?.setCacheOutcome(e),this.performanceClient?.addFields({cacheOutcome:e},t),e!==re&&this.logger.info("09ingz",t)}async generateResultFromCacheRecord(e,t){let r;if(e.idToken&&(r=wr(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge||0===t.maxAge){const e=r?.auth_time;if(!e)throw be(ot);Cr(e,t.maxAge)}return Vn.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,this.performanceClient,r)}}const yo={sendGetRequestAsync:()=>Promise.reject(be(bt)),sendPostRequestAsync:()=>Promise.reject(be(bt))};function wo(e,t,r,n){const o=t.correlationId,i=new Map;Ot(i,t.embeddedClientId||t.extraQueryParameters?.[ce]||e.clientId);if(Rt(i,[...t.scopes||[],...t.extraScopesToConsent||[]],!0,e.authority.options.OIDCOptions?.defaultScopes),Mt(i,t.redirectUri),Ht(i,o),function(e,t){e.set("response_mode",t||x.QUERY)}(i,t.responseMode),Wt(i),t.prompt&&(!function(e,t){e.set("prompt",t)}(i,t.prompt),n?.addFields({prompt:t.prompt},o)),t.domainHint&&(!function(e,t){e.set("domain_hint",t)}(i,t.domainHint),n?.addFields({domainHintFromRequest:!0},o)),t.prompt!==R.SELECT_ACCOUNT)if(t.sid&&t.prompt===R.NONE)r.verbose("1tvqyx",t.correlationId),Ut(i,t.sid),n?.addFields({sidFromRequest:!0},o);else if(t.account){const e=(s=t.account,s.idTokenClaims?.sid||null);let a=function(e){return e.loginHint||e.idTokenClaims?.login_hint||null}(t.account);if(a&&t.domainHint&&(r.warning("0wkg3v",t.correlationId),a=null),a){r.verbose("1eyfsw",t.correlationId),xt(i,a),n?.addFields({loginHintFromClaim:!0},o);try{Nt(i,Mr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(e&&t.prompt===R.NONE){r.verbose("1rmd8s",t.correlationId),Ut(i,e),n?.addFields({sidFromClaim:!0},o);try{Nt(i,Mr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(t.loginHint)r.verbose("0y3007",t.correlationId),xt(i,t.loginHint),qt(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o);else if(t.account.username){r.verbose("02f507",t.correlationId),xt(i,t.account.username),n?.addFields({loginHintFromUpn:!0},o);try{Nt(i,Mr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}}else t.loginHint&&(r.verbose("0g01ey",t.correlationId),xt(i,t.loginHint),qt(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o));else r.verbose("169k9v",t.correlationId);var s;return t.nonce&&function(e,t){e.set("nonce",t)}(i,t.nonce),t.state&&Kt(i,t.state),(t.claims||e.clientCapabilities&&e.clientCapabilities.length>0)&&Lt(i,t.claims,e.clientCapabilities),t.embeddedClientId&&tr(i,e.clientId,e.redirectUri),!e.instanceAware||t.extraQueryParameters&&Object.keys(t.extraQueryParameters).includes(fe)||Gt(i),i}function Io(e,t){const r=ir(t);return vr.appendQueryString(e.authorizationEndpoint,r)}function Co(e,t){if(!e.state||!t)throw e.state?be(rt,"Cached State"):be(rt,"Server State");let r,n;try{r=decodeURIComponent(e.state)}catch(t){throw be(et,e.state)}try{n=decodeURIComponent(t)}catch(t){throw be(et,e.state)}if(r!==n)throw be(tt);if(e.error||e.error_description||e.suberror){const t=function(e){const t="code=",r=e.error_uri?.lastIndexOf(t);return r&&r>=0?e.error_uri?.substring(r+t.length):void 0}(e);if(yn(e.error,e.error_description,e.suberror))throw new fn(e.error||"",e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",t);throw new nn(e.error||"",e.error_description,e.suberror,t)}}const vo="unexpected_error";var ko=Object.freeze({__proto__:null,postRequestFailed:"post_request_failed",unexpectedError:vo});function To(e){const{skus:t,libraryName:r,libraryVersion:n,extensionName:o,extensionVersion:i}=e,s=new Map([[0,[r,n]],[2,[o,i]]]);let a=[];if(t?.length){if(a=t.split(","),a.length<4)return t}else a=Array.from({length:4},(()=>"|"));return s.forEach(((e,t)=>{2===e.length&&e[0]?.length&&e[1]?.length&&function(e){const{skuArr:t,index:r,skuName:n,skuVersion:o}=e;if(r>=t.length)return;t[r]=[n,o].join("|")}({skuArr:a,index:t,skuName:e[0],skuVersion:e[1]})})),a.join(",")}class bo{constructor(e,t){this.cacheOutcome=re,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||"",this.wrapperVer=e.wrapperVer||"",this.telemetryCacheKey=J+"-"+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${W}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],r=this.getNativeBrokerErrorCode();r?.length&&t.push(`broker_error=${r}`);const n=t.join(W),o=[e,this.getRegionDiscoveryFields()].join(W);return[$,o,n].join("|")}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=bo.maxErrorsToSend(e),r=e.failedRequests.slice(0,2*t).join(W),n=e.errors.slice(0,t).join(W),o=e.errors.length,i=[o,t<o?"1":"0"].join(W);return[$,e.cacheHits,r,n,i].join("|")}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=50&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof we?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push("unknown_error"),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId),e.cacheHits}getLastRequests(){return this.cacheManager.getServerTelemetry(this.telemetryCacheKey,this.correlationId)||{failedRequests:[],errors:[],cacheHits:0}}clearTelemetryCache(){const e=this.getLastRequests(),t=bo.maxErrorsToSend(e);if(t===e.errors.length)this.cacheManager.removeItem(this.telemetryCacheKey,this.correlationId);else{const r={failedRequests:e.failedRequests.slice(2*t),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,r,this.correlationId)}}static maxErrorsToSend(e){let t,r=0,n=0;const o=e.errors.length;for(t=0;t<o;t++){const o=e.failedRequests[2*t]||"",i=e.failedRequests[2*t+1]||"",s=e.errors[t]||"";if(n+=o.toString().length+i.toString().length+s.length+3,!(n<330))break;r+=1}return r}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||""),e.push(this.regionSource||""),e.push(this.regionOutcome||""),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId)}static makeExtraSkuString(e){return To(e)}}class Ao extends we{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,Ao.prototype)}}function So(e){return new Ao(e)}class _o{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw So("missing_kid_error");if(!e.alg)throw So("missing_alg_error");const t=new _o({typ:e.typ||ae.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}function Eo(e,t,r,n=5){if(e instanceof Error)return e instanceof we?(r.errorCode=e.errorCode,r.subErrorCode=e.subError,void((e instanceof nn||e instanceof fn)&&(r.serverErrorNo=e.errorNo))):void(e instanceof Pr?r.errorCode=e.errorCode:r.errorStack?.length?t.trace("0lmqrh",r.correlationId):e.stack?.length?(e.stack&&(r.errorStack=function(e,t){if(t<0)return[];const r=e.split("\n")||[],n=[],o=r[0];o.startsWith("TypeError: Cannot read property")||o.startsWith("TypeError: Cannot read properties of")||o.startsWith("TypeError: Cannot set property")||o.startsWith("TypeError: Cannot set properties of")||o.endsWith("is not a function")?n.push(Po(o)):(o.startsWith("SyntaxError")||o.startsWith("TypeError"))&&n.push(Po(o.replace(/['].*[']|["].*["]/g,"<redacted>")));for(let e=1;e<r.length&&!(n.length>=t);e++){const t=r[e];n.push(Po(t))}return n}(e.stack,n)),r.errorName=e.name):t.trace("1cnpwa",r.correlationId));t.trace("0gcyox",r.correlationId)}function Po(e){const t=e.lastIndexOf(" ")+1;if(t<1)return e;const r=e.substring(t);let n=r.lastIndexOf("/");return n=n<0?r.lastIndexOf("\\"):n,n>=0?(e.substring(0,t)+"("+r.substring(n+1)+(")"===r.charAt(r.length-1)?"":")")).trimStart():e.trimStart()}class Ro{constructor(e,t,r,n,o,i,s){this.authority=t,this.libraryName=n,this.libraryVersion=o,this.applicationTelemetry=i,this.clientId=e,this.logger=r,this.callbacks=new Map,this.eventsByCorrelationId=new Map,this.eventStack=new Map,this.intFields=s||new Set;for(const e of Jr)this.intFields.add(e)}startMeasurement(e,t){const r=t||this.generateId(),n={eventId:this.generateId(),status:jr,authority:this.authority,libraryName:this.libraryName,libraryVersion:this.libraryVersion,clientId:this.clientId,name:e,startTimeMs:Date.now(),correlationId:r,appName:this.applicationTelemetry?.appName,appVersion:this.applicationTelemetry?.appVersion};var o,i;return this.cacheEventByCorrelationId(n),o=n,(i=this.eventStack.get(r))&&i.push({name:o.name}),{end:(e,t,r)=>this.endMeasurement({...n,...e},t,r),discard:()=>this.discardMeasurements(n.correlationId),add:e=>this.addFields(e,n.correlationId),increment:e=>this.incrementFields(e,n.correlationId),event:n}}endMeasurement(e,t,r){const n=this.eventsByCorrelationId.get(e.correlationId);if(!n)return this.logger.trace("0k9ti8",e.correlationId),null;const o=e.eventId===n.eventId;e.durationMs=Math.round(e.durationMs||this.getDurationMs(e.startTimeMs));const i=JSON.stringify(function(e,t,r){if(!t?.length)return;const n=e=>e.length?e[e.length-1]:void 0,o=e.name,i=n(t);if(i?.name!==o)return;const s=t?.pop();if(!s)return;const a=r instanceof we?r.errorCode:r instanceof Error?r.name:void 0,c=r instanceof we?r.subError:void 0;a&&s.childErr!==a&&(s.err=a,c&&(s.subErr=c)),delete s.name,delete s.childErr;const h={...s,dur:e.durationMs};e.success||(h.fail=1);const l=n(t);if(!l)return{[o]:h};let d;if(a&&(l.childErr=a),l[o]){const e=Object.keys(l).filter((e=>e.startsWith(o))).length;d=`${o}_${e+1}`}else d=o;return l[d]=h,l}(e,this.eventStack.get(n.correlationId),t));if(o?this.discardMeasurements(n.correlationId):n.incompleteSubMeasurements?.delete(e.eventId),t&&Eo(t,this.logger,n),!o)return n[e.name+"DurationMs"]=Math.floor(e.durationMs),{...n};o&&!t&&(n.errorCode||n.subErrorCode)&&(this.logger.trace("1fm1tm",e.correlationId),n.errorCode=void 0,n.subErrorCode=void 0);let s={...n,...e},a=0;s.incompleteSubMeasurements?.forEach((e=>{this.logger.trace("0nxk52",s.correlationId),a++})),s.incompleteSubMeasurements=void 0;const c=function(e){const t=[];for(const r of["",e]){const e=hr.get(r);t.push(...e?.logs??[]),hr.delete(r)}return t}(e.correlationId).map((e=>`${e.milliseconds},${e.hash}`)).join(";");return s={...s,status:$r,incompleteSubsCount:a,context:i,logs:c},r&&(s.accountType=function(e){const t=e?.idTokenClaims;return t?.tfp||t?.acr?"B2C":t?.tid?"9188040d-6c67-4c5b-b112-36a304b66dad"===t?.tid?"MSA":"AAD":void 0}(r),s.dataBoundary=r.dataBoundary),this.truncateIntegralFields(s),this.emitEvents([s],e.correlationId),s}addFields(e,t){const r=this.eventsByCorrelationId.get(t);r?this.eventsByCorrelationId.set(t,{...r,...e}):this.logger.trace("0thl6s",t)}incrementFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r)for(const t in e){if(r.hasOwnProperty(t)){if(isNaN(Number(r[t])))return}else r[t]=0;r[t]+=e[t]}else this.logger.trace("0thl6s",t)}cacheEventByCorrelationId(e){const t=this.eventsByCorrelationId.get(e.correlationId);t?(t.incompleteSubMeasurements=t.incompleteSubMeasurements||new Map,t.incompleteSubMeasurements.set(e.eventId,{name:e.name,startTimeMs:e.startTimeMs})):(this.eventsByCorrelationId.set(e.correlationId,{...e}),this.eventStack.set(e.correlationId,[]))}discardMeasurements(e){this.eventsByCorrelationId.delete(e),this.eventStack.delete(e)}addPerformanceCallback(e){for(const[t,r]of this.callbacks)if(r.toString()===e.toString())return this.logger.warning("1eap5p",""),t;const t=this.generateId();return this.callbacks.set(t,e),this.logger.verbose("0c9ujz",""),t}removePerformanceCallback(e){const t=this.callbacks.delete(e);return t?this.logger.verbose("0253if",""):this.logger.verbose("0iqk07",""),t}emitEvents(e,t){this.logger.verbose("11jb1y",t),this.callbacks.forEach(((r,n)=>{this.logger.trace("0p2pjl",t),r.apply(null,[e])}))}truncateIntegralFields(e){this.intFields.forEach((t=>{t in e&&"number"==typeof e[t]&&(e[t]=Math.floor(e[t]))}))}getDurationMs(e){const t=Date.now()-e;return t<0?t:0}}const Oo="pkce_not_created",Mo="ear_jwk_empty",xo="ear_jwe_empty",qo="crypto_nonexistent",No="empty_navigate_uri",Uo="hash_empty_error",Lo="no_state_in_hash",Ho="hash_does_not_contain_known_properties",Do="unable_to_parse_state",Fo="state_interaction_type_mismatch",Ko="interaction_in_progress",Bo="interaction_in_progress_cancelled",zo="popup_window_error",jo="empty_window_error",$o="user_cancelled",Jo="redirect_bridge_empty_response",Wo="redirect_in_iframe",Go="block_iframe_reload",Qo="block_nested_popups",Vo="silent_logout_unsupported",Xo="no_account_error",Yo="no_token_request_cache_error",Zo="unable_to_parse_token_request_cache_error",ei="non_browser_environment",ti="database_not_open",ri="no_network_connectivity",ni="post_request_failed",oi="get_request_failed",ii="failed_to_parse_response",si="unable_to_load_token",ai="crypto_key_not_found",ci="auth_code_required",hi="auth_code_or_nativeAccountId_required",li="spa_code_and_nativeAccountId_present",di="database_unavailable",ui="unable_to_acquire_token_from_native_platform",gi="native_handshake_timeout",pi="native_extension_not_installed",mi="native_connection_not_established",fi="uninitialized_public_client_application",yi="native_prompt_not_supported",wi="invalid_base64_string",Ii="invalid_pop_token_request",Ci="failed_to_build_headers",vi="failed_to_parse_headers",ki="failed_to_decrypt_ear_response",Ti="timed_out",bi="empty_response";var Ai=Object.freeze({__proto__:null,authCodeOrNativeAccountIdRequired:hi,authCodeRequired:ci,authRequestNotSetError:"auth_request_not_set_error",blockIframeReload:Go,blockNestedPopups:Qo,cryptoKeyNotFound:ai,cryptoNonExistent:qo,databaseNotOpen:ti,databaseUnavailable:di,earJweEmpty:xo,earJwkEmpty:Mo,emptyNavigateUri:No,emptyResponse:bi,emptyWindowError:jo,failedToBuildHeaders:Ci,failedToDecryptEarResponse:ki,failedToParseHeaders:vi,failedToParseResponse:ii,getRequestFailed:oi,hashDoesNotContainKnownProperties:Ho,hashEmptyError:Uo,iframeClosedPrematurely:"iframe_closed_prematurely",interactionInProgress:Ko,interactionInProgressCancelled:Bo,invalidBase64String:wi,invalidCacheType:"invalid_cache_type",invalidPopTokenRequest:Ii,nativeConnectionNotEstablished:mi,nativeExtensionNotInstalled:pi,nativeHandshakeTimeout:gi,nativePromptNotSupported:yi,noAccountError:Xo,noNetworkConnectivity:ri,noStateInHash:Lo,noTokenRequestCacheError:Yo,nonBrowserEnvironment:ei,pkceNotCreated:Oo,popupWindowError:zo,postRequestFailed:ni,redirectBridgeEmptyResponse:Jo,redirectInIframe:Wo,silentLogoutUnsupported:Vo,silentPromptValueError:"silent_prompt_value_error",spaCodeAndNativeAccountIdPresent:li,stateInteractionTypeMismatch:Fo,timedOut:Ti,unableToAcquireTokenFromNativePlatform:ui,unableToLoadToken:si,unableToParseState:Do,unableToParseTokenRequestCacheError:Zo,uninitializedPublicClientApplication:fi,userCancelled:$o});function Si(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class _i extends we{constructor(e,t){super(e,Si(e),t),Object.setPrototypeOf(this,_i.prototype),this.name="BrowserAuthError"}}function Ei(e,t){return new _i(e,t)}const Pi="invalid_grant",Ri=483,Oi=600,Mi="msal",xi="msal.js.browser",qi="53ee284d-920a-4b59-9d30-a60315b26836",Ni="ppnbnpeolgkicgegkbkbjmhlideopiji",Ui="MATS",Li="MicrosoftEntra",Hi="DOM API",Di="get-token-and-sign-out",Fi="PlatformAuthDOMHandler",Ki="PlatformAuthExtensionHandler",Bi="Handshake",zi="HandshakeResponse",ji="GetToken",$i="Response",Ji={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},Wi="GET",Gi="POST",Qi="signin",Vi="signout",Xi="request.origin",Yi="urlHash",Zi="request.params",es="code.verifier",ts="interaction.status",rs="request.native",ns="wrapper.sku",os="wrapper.version",is={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962};var ss;e.InteractionType=void 0,(ss=e.InteractionType||(e.InteractionType={})).Redirect="redirect",ss.Popup="popup",ss.Silent="silent",ss.None="none";const as={Startup:"startup",Logout:"logout",AcquireToken:"acquireToken",HandleRedirect:"handleRedirect",None:"none"},cs={scopes:p},hs="msal.db",ls=`${hs}.keys`,ds={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},us=[ds.Default,ds.Skip,ds.RefreshTokenAndNetwork];function gs(e){return encodeURIComponent(ms(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function ps(e){return fs(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function ms(e){return fs((new TextEncoder).encode(e))}function fs(e){const t=Array.from(e,(e=>String.fromCodePoint(e))).join("");return btoa(t)}function ys(e){return(new TextDecoder).decode(ws(e))}function ws(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw Ei(wi)}const r=atob(t);return Uint8Array.from(r,(e=>e.codePointAt(0)||0))}const Is="AES-GCM",Cs="HKDF",vs="SHA-256",ks=new Uint8Array([1,0,1]),Ts="0123456789abcdef",bs=new Uint32Array(1),As="raw",Ss="encrypt",_s="decrypt",Es={name:"RSASSA-PKCS1-v1_5",hash:vs,modulusLength:2048,publicExponent:ks};async function Ps(e){const t=(new TextEncoder).encode(e);return window.crypto.subtle.digest(vs,t)}function Rs(e){return window.crypto.getRandomValues(e)}function Os(){return window.crypto.getRandomValues(bs),bs[0]}function Ms(){const e=Date.now(),t=1024*Os()+(1023&Os()),r=new Uint8Array(16),n=Math.trunc(t/2**30),o=t&2**30-1,i=Os();r[0]=e/2**40,r[1]=e/2**32,r[2]=e/2**24,r[3]=e/65536,r[4]=e/256,r[5]=e,r[6]=112|n>>>8,r[7]=n,r[8]=128|o>>>24,r[9]=o>>>16,r[10]=o>>>8,r[11]=o,r[12]=i>>>24,r[13]=i>>>16,r[14]=i>>>8,r[15]=i;let s="";for(let e=0;e<r.length;e++)s+=Ts.charAt(r[e]>>>4),s+=Ts.charAt(15&r[e]),3!==e&&5!==e&&7!==e&&9!==e||(s+="-");return s}async function xs(e){return window.crypto.subtle.exportKey("jwk",e)}async function qs(){const e=await Us(),t={alg:"dir",kty:"oct",k:ps(new Uint8Array(e))};return ms(JSON.stringify(t))}async function Ns(e,t){const r=t.split(".");if(5!==r.length)throw Ei(ki,"jwe_length");const n=await async function(e){const t=ys(e),r=ws(JSON.parse(t).k);return window.crypto.subtle.importKey(As,r,Is,!1,[_s])}(e).catch((()=>{throw Ei(ki,"import_key")}));try{const e=(new TextEncoder).encode(r[0]),t=ws(r[2]),o=ws(r[3]),i=ws(r[4]),s=8*i.byteLength,a=new Uint8Array(o.length+i.length);a.set(o),a.set(i,o.length);const c=await window.crypto.subtle.decrypt({name:Is,iv:t,tagLength:s,additionalData:e},n,a);return(new TextDecoder).decode(c)}catch(e){throw Ei(ki,"decrypt")}}async function Us(){const e=await window.crypto.subtle.generateKey({name:Is,length:256},!0,[Ss,_s]);return window.crypto.subtle.exportKey(As,e)}async function Ls(e){return window.crypto.subtle.importKey(As,e,Cs,!1,["deriveKey"])}async function Hs(e,t,r){return window.crypto.subtle.deriveKey({name:Cs,salt:t,hash:vs,info:(new TextEncoder).encode(r)},e,{name:Is,length:256},!1,[Ss,_s])}async function Ds(e,t,r){const n=(new TextEncoder).encode(t),o=window.crypto.getRandomValues(new Uint8Array(16)),i=await Hs(e,o,r),s=await window.crypto.subtle.encrypt({name:Is,iv:new Uint8Array(12)},i,n);return{data:ps(new Uint8Array(s)),nonce:ps(o)}}async function Fs(e,t,r,n){const o=ws(n),i=await Hs(e,ws(t),r),s=await window.crypto.subtle.decrypt({name:Is,iv:new Uint8Array(12)},i,o);return(new TextDecoder).decode(s)}const Ks="storage_not_supported",Bs="stubbed_public_client_application_called",zs="in_mem_redirect_unavailable";var js=Object.freeze({__proto__:null,inMemRedirectUnavailable:zs,storageNotSupported:Ks,stubbedPublicClientApplicationCalled:Bs});class $s extends we{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,$s.prototype)}}function Js(e){return new $s(e,Si(e))}function Ws(){const e=window.location.hash,t=window.location.search;let r,n=!1,o=!1,i="";if(e&&e.length>1){const t="#"===e.charAt(0)?e.substring(1):e,o=new URLSearchParams(t);o.has("state")&&(n=!0,i=t,r=o)}if(t&&t.length>1){const e="?"===t.charAt(0)?t.substring(1):t,n=new URLSearchParams(e);n.has("state")&&(o=!0,i=e,r=n)}if(n&&o){i=`${"?"===t.charAt(0)?t.substring(1):t}${"#"===e.charAt(0)?e.substring(1):e}`,r=new URLSearchParams(i)}if(!i||!r)throw Ei(bi);const s=r.get("state");if(!s)throw Ei(Lo);const{libraryState:a}=Cn(ys,s),{id:c,meta:h}=a;if(!c||!h)throw Ei(Do,"missing_library_state");return{params:r,payload:i,urlHash:e,urlQuery:t,hasResponseInHash:n,hasResponseInQuery:o,libraryState:{id:c,meta:h}}}function Gs(e){e.location.hash="","function"==typeof e.history.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}${e.location.search}`)}function Qs(e){const t=e.split("#");t.shift(),window.location.hash=t.length>0?t.join("#"):""}function Vs(){return window.parent!==window}function Xs(){if(Vs())return!1;try{const{libraryState:t}=Ws(),{meta:r}=t;return r.interactionType===e.InteractionType.Popup}catch(e){return!1}}let Ys=null;function Zs(e,t){Ys&&(e.verbose("18y01k",t),clearTimeout(Ys.timeoutId),Ys.channel.close(),Ys.reject(Ei(Bo)),Ys=null)}async function ea(e,t,r,n){return new Promise(((o,i)=>{t.verbose("1rf6em",n.correlationId);const{libraryState:s}=Cn(r.base64Decode,n.state||""),a=new BroadcastChannel(s.id);let c;const h=window.setTimeout((()=>{Ys=null,a.close(),i(Ei(Ti,"redirect_bridge_timeout"))}),e);Ys={timeoutId:h,channel:a,reject:i},a.onmessage=e=>{c=e.data.payload,Ys=null,clearTimeout(h),a.close(),c?o(c):i(Ei(Jo))}}))}function ta(){return"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function ra(){const e=new vr(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function na(){if(or(window.location.hash)&&Vs())throw Ei(Go)}function oa(e){if(Vs()&&!e)throw Ei(Wo)}function ia(){if(Xs())throw Ei(Qo)}function sa(){if("undefined"==typeof window)throw Ei(ei)}function aa(e){if(!e)throw Ei(fi)}function ca(e){sa(),na(),ia(),aa(e)}function ha(e,t){if(ca(e),oa(t.system.allowRedirectInIframe),t.cache.cacheLocation===Ji.MemoryStorage)throw Js(zs)}function la(e){const t=document.createElement("link");t.rel="preconnect",t.href=new URL(e).origin,t.crossOrigin="anonymous",document.head.appendChild(t),window.setTimeout((()=>{try{document.head.removeChild(t)}catch{}}),1e4)}function da(){return Ms()}const ua=Vt;var ga=Object.freeze({__proto__:null,addClientCapabilitiesToClaims:ua,blockAPICallsBeforeInitialize:aa,blockAcquireTokenInPopups:ia,blockNonBrowserEnvironment:sa,blockRedirectInIframe:oa,blockReloadInHiddenIframes:na,cancelPendingBridgeResponse:Zs,clearHash:Gs,createGuid:da,getCurrentUri:ta,getHomepage:ra,invoke:Nn,invokeAsync:Un,isInIframe:Vs,isInPopup:Xs,parseAuthResponseFromUrl:Ws,preconnect:la,preflightCheck:ca,redirectPreflightCheck:ha,replaceHash:Qs,waitForBridgeResponse:ea});const pa="standardInteractionClientGetDiscoveredAuthority",ma="nativeInteractionClientAcquireToken",fa="acquireTokenBySilentIframe",ya="initializeBaseRequest",wa="silentIframeClientTokenHelper",Ia="silentHandlerInitiateAuthRequest",Ca="silentHandlerMonitorIframeForHash",va="standardInteractionClientCreateAuthCodeClient",ka="standardInteractionClientGetClientConfiguration",Ta="standardInteractionClientInitializeAuthorizationRequest",ba="handleResponseEar",Aa="handleResponsePlatformBroker",Sa="handleResponseCode",_a="deserializeResponse",Ea="generatePkceCodes",Pa="generateHKDF",Ra="decrypt",Oa="generateEarKey";class Ma{constructor(){this.dbName=hs,this.version=1,this.tableName=ls,this.dbOpen=!1}async open(){return new Promise(((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",(e=>{e.target.result.createObjectStore(this.tableName)})),r.addEventListener("success",(t=>{const r=t;this.db=r.target.result,this.dbOpen=!0,e()})),r.addEventListener("error",(()=>t(Ei(di))))}))}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ei(ti));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async setItem(e,t){return await this.validateDbIsOpen(),new Promise(((r,n)=>{if(!this.db)return n(Ei(ti));const o=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);o.addEventListener("success",(()=>{this.closeConnection(),r()})),o.addEventListener("error",(e=>{this.closeConnection(),n(e)}))}))}async removeItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ei(ti));const n=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);n.addEventListener("success",(()=>{this.closeConnection(),t()})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async getKeys(){return await this.validateDbIsOpen(),new Promise(((e,t)=>{if(!this.db)return t(Ei(ti));const r=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();r.addEventListener("success",(t=>{const r=t;this.closeConnection(),e(r.target.result)})),r.addEventListener("error",(e=>{this.closeConnection(),t(e)}))}))}async containsKey(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ei(ti));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(1===r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise(((e,t)=>{const r=window.indexedDB.deleteDatabase(hs),n=setTimeout((()=>t(!1)),200);r.addEventListener("success",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("blocked",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("error",(()=>(clearTimeout(n),t(!1))))}))}}class xa{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)||null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach(((t,r)=>{e.push(r)})),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}decryptData(){return Promise.resolve(null)}}class qa{constructor(e){this.inMemoryCache=new xa,this.indexedDBCache=new Ma,this.logger=e}handleDatabaseAccessError(e,t){if(!(e instanceof _i&&e.errorCode===di))throw e;this.logger.error("1wx7zz",t)}async getItem(e,t){const r=this.inMemoryCache.getItem(e);if(!r)try{return this.logger.verbose("0naxpl",t),await this.indexedDBCache.getItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}async setItem(e,t,r){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(e){this.handleDatabaseAccessError(e,r)}}async removeItem(e,t){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}}async getKeys(e){const t=this.inMemoryCache.getKeys();if(0===t.length)try{return this.logger.verbose("1iqrbq",e),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t,e)}return t}async containsKey(e,t){const r=this.inMemoryCache.containsKey(e);if(!r)try{return this.logger.verbose("03zl2j",t),await this.indexedDBCache.containsKey(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}clearInMemory(e){this.logger.verbose("03r21p",e),this.inMemoryCache.clear(),this.logger.verbose("0uksk1",e)}async clearPersistent(e){try{this.logger.verbose("0rdqut",e);const t=await this.indexedDBCache.deleteDatabase();return t&&this.logger.verbose("149ouc",e),t}catch(t){return this.handleDatabaseAccessError(t,e),!1}}}class Na{constructor(e,t,r){this.logger=e,function(e){if(!window)throw Ei(ei);if(!window.crypto)throw Ei(qo);if(!e&&!window.crypto.subtle)throw Ei(qo,"crypto_subtle_undefined")}(r??!1),this.cache=new qa(this.logger),this.performanceClient=t}createNewGuid(){return Ms()}base64Encode(e){return ms(e)}base64Decode(e){return ys(e)}base64UrlEncode(e){return gs(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){const t=this.performanceClient?.startMeasurement("cryptoOptsGetPublicKeyThumbprint",e.correlationId),r=await async function(e,t){return window.crypto.subtle.generateKey(Es,e,t)}(Na.EXTRACTABLE,Na.POP_KEY_USAGES),n=await xs(r.publicKey),o=Ua({e:n.e,kty:n.kty,n:n.n}),i=await this.hashString(o),s=await xs(r.privateKey),a=await async function(e,t,r){return window.crypto.subtle.importKey("jwk",e,Es,t,r)}(s,!1,["sign"]);return await this.cache.setItem(i,{privateKey:a,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri},e.correlationId),t&&t.end({success:!0}),i}async removeTokenBindingKey(e,t){await this.cache.removeItem(e,t);if(await this.cache.containsKey(e,t))throw be(It)}async clearKeystore(e){this.cache.clearInMemory(e);try{return await this.cache.clearPersistent(e),!0}catch(t){return t instanceof Error?this.logger.error("1owpn8",e):this.logger.error("0yrmwo",e),!1}}async signJwt(e,t,r,n){const o=this.performanceClient?.startMeasurement("cryptoOptsSignJwt",n),i=await this.cache.getItem(t,n||"");if(!i)throw Ei(ai);const s=await xs(i.publicKey),a=Ua(s),c=gs(JSON.stringify({kid:t})),h=gs(_o.getShrHeaderString({...r?.header,alg:s.alg,kid:c}));e.cnf={jwk:JSON.parse(a)};const l=`${h}.${gs(JSON.stringify(e))}`,d=(new TextEncoder).encode(l),u=await async function(e,t){return window.crypto.subtle.sign(Es,e,t)}(i.privateKey,d),g=`${l}.${ps(new Uint8Array(u))}`;return o&&o.end({success:!0}),g}async hashString(e){return async function(e){const t=await Ps(e);return ps(new Uint8Array(t))}(e)}}function Ua(e){return JSON.stringify(e,Object.keys(e).sort())}Na.POP_KEY_USAGES=["sign","verify"],Na.EXTRACTABLE=!0;const La="acquireTokenSilent",Ha="acquireTokenByCode",Da="acquireTokenPopup",Fa="acquireTokenPreRedirect",Ka="acquireTokenRedirect",Ba="ssoSilent",za="initializeClientApplication",ja="localStorageUpdated";var $a=Object.freeze({__proto__:null,AcquireTokenByCode:Ha,AcquireTokenPopup:Da,AcquireTokenPreRedirect:Fa,AcquireTokenRedirect:Ka,AcquireTokenSilent:La,InitializeClientApplication:za,LocalStorageUpdated:ja,SsoSilent:Ba});const Ja="msal",Wa="browser",Ga=`${Ja}.${Wa}.log.level`,Qa=`${Ja}.${Wa}.log.pii`,Va=`${Ja}.${Wa}.performance.enabled`,Xa=`${Ja}.${Wa}.platform.auth.dom`,Ya=`${Ja}.version`,Za="account.keys",ec="token.keys";function tc(e=2){return e<1?`${Ja}.${Za}`:`${Ja}.${e}.${Za}`}function rc(e,t=2){return t<1?`${Ja}.${ec}.${e}`:`${Ja}.${t}.${ec}.${e}`}const nc=864e5,oc="Lax",ic="None";class sc{initialize(){return Promise.resolve()}getItem(e){const t=`${encodeURIComponent(e)}`,r=document.cookie.split(";");for(let e=0;e<r.length;e++){const n=r[e],[o,...i]=decodeURIComponent(n).trim().split("="),s=i.join("=");if(o===t)return s}return""}getUserData(){throw be(bt)}setItem(e,t,r,n=!0,o=oc){let i=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${o};`;if(r){const e=function(e){const t=new Date,r=new Date(t.getTime()+e*nc);return r.toUTCString()}(r);i+=`expires=${e};`}(n||o===ic)&&(i+="Secure;"),document.cookie=i}async setUserData(){return Promise.reject(be(bt))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach((e=>{const r=decodeURIComponent(e).trim().split("=");t.push(r[0])})),t}containsKey(e){return this.getKeys().includes(e)}decryptData(){return Promise.resolve(null)}}function ac(e,t){const r=e.getItem(tc(t));return r?JSON.parse(r):[]}function cc(e,t,r){const n=t.getItem(rc(e,r));if(n){const e=JSON.parse(n);if(e&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("accessToken")&&e.hasOwnProperty("refreshToken"))return e}return{idToken:[],accessToken:[],refreshToken:[]}}function hc(e){return e.hasOwnProperty("id")&&e.hasOwnProperty("nonce")&&e.hasOwnProperty("data")}const lc="msal.cache.encryption";class dc{constructor(e,t,r){if(!window.localStorage)throw Js(Ks);this.memoryStorage=new xa,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel("msal.broadcast.cache")}async initialize(e){const t=new sc,r=t.getItem(lc);let n={key:"",id:""};if(r)try{n=JSON.parse(r)}catch(e){}if(n.key&&n.id){const t=Nn(ws,"base64Decode",this.logger,this.performanceClient,e)(n.key);this.encryptionCookie={id:n.id,key:await Un(Ls,Pa,this.logger,this.performanceClient,e)(t)}}else{const r=Ms(),n=await Un(Us,"generateBaseKey",this.logger,this.performanceClient,e)(),o=Nn(ps,"urlEncodeArr",this.logger,this.performanceClient,e)(new Uint8Array(n));this.encryptionCookie={id:r,key:await Un(Ls,Pa,this.logger,this.performanceClient,e)(n)};const i={id:r,key:o};t.setItem(lc,JSON.stringify(i),0,!0,ic)}await Un(this.importExistingCache.bind(this),"importExistingCache",this.logger,this.performanceClient,e)(e),this.broadcast.addEventListener("message",(t=>{this.updateCache(t,e)})),this.initialized=!0}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw Ei(fi);return this.memoryStorage.getItem(e)}async decryptData(e,t,r){if(!this.initialized||!this.encryptionCookie)throw Ei(fi);if(t.id!==this.encryptionCookie.id)return this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},r),null;const n=await Un(Fs,Ra,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t.nonce,this.getContext(e),t.data);if(!n)return null;try{return{...JSON.parse(n),lastUpdatedAt:t.lastUpdatedAt}}catch(e){return this.performanceClient.incrementFields({encryptedCacheCorruptionCount:1},r),null}}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r,n,o){if(!this.initialized||!this.encryptionCookie)throw Ei(fi);if(o)this.setItem(e,t);else{const{data:o,nonce:i}=await Un(Ds,"encrypt",this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:o,lastUpdatedAt:n};this.setItem(e,JSON.stringify(s))}this.memoryStorage.setItem(e,t),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear();ac(this).forEach((e=>this.removeItem(e)));const e=cc(this.clientId,this);e.idToken.forEach((e=>this.removeItem(e))),e.accessToken.forEach((e=>this.removeItem(e))),e.refreshToken.forEach((e=>this.removeItem(e))),this.getKeys().forEach((e=>{(e.startsWith(Ja)||-1!==e.indexOf(this.clientId))&&this.removeItem(e)}))}async importExistingCache(e){if(!this.encryptionCookie)return;let t=ac(this);t=await this.importArray(t,e),t.length?this.setItem(tc(),JSON.stringify(t)):this.removeItem(tc());const r=cc(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),r.idToken.length||r.accessToken.length||r.refreshToken.length?this.setItem(rc(this.clientId),JSON.stringify(r)):this.removeItem(rc(this.clientId))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let n;try{n=JSON.parse(r)}catch(e){return null}return hc(n)?n.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):(this.performanceClient.incrementFields({encryptedCacheCount:1},t),Un(Fs,Ra,this.logger,this.performanceClient,t)(this.encryptionCookie.key,n.nonce,this.getContext(e),n.data)):(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),r)}async importArray(e,t){const r=[],n=[];return e.forEach((e=>{const o=this.getItemFromEncryptedCache(e,t).then((t=>{t?(this.memoryStorage.setItem(e,t),r.push(e)):this.removeItem(e)}));n.push(o)})),await Promise.all(n),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e,t){this.logger.trace("17cxcm",t);const r=this.performanceClient.startMeasurement(ja);r.add({isBackground:!0});const{key:n,value:o,context:i}=e.data;return n?i&&i!==this.clientId?(this.logger.trace("04rtdy",t),void r.end({success:!1,errorCode:"contextMismatch"})):(o?(this.memoryStorage.setItem(n,o),this.logger.verbose("1vzsgt",t)):(this.memoryStorage.removeItem(n),this.logger.verbose("04ypih",t)),void r.end({success:!0})):(this.logger.error("0e10qr",t),void r.end({success:!1,errorCode:"noKey"}))}}class uc{constructor(){if(!window.sessionStorage)throw Js(Ks)}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}decryptData(){return Promise.resolve(null)}}const gc={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_SUCCESS:"msal:loginSuccess",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",BROKERED_REQUEST_START:"msal:brokeredRequestStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",BROKERED_REQUEST_SUCCESS:"msal:brokeredRequestSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",BROKERED_REQUEST_FAILURE:"msal:brokeredRequestFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache",BROKER_CONNECTION_ESTABLISHED:"msal:brokerConnectionEstablished"},pc="@azure/msal-browser",mc="5.0.0-beta.0";function fc(e,t){const r=e.indexOf(t);r>-1&&e.splice(r,1)}class yc extends Br{constructor(e,t,r,n,o,i,s){super(e,r,n,o,s),this.cacheConfig=t,this.logger=n,this.internalStorage=new xa,this.browserStorage=wc(e,t.cacheLocation,n,o),this.temporaryCacheStorage=wc(e,Ji.SessionStorage,n,o),this.cookieStorage=new sc,this.eventHandler=i}async initialize(e){this.performanceClient.addFields({cacheLocation:this.cacheConfig.cacheLocation,cacheRetentionDays:this.cacheConfig.cacheRetentionDays},e),await this.browserStorage.initialize(e),await this.migrateExistingCache(e),this.trackVersionChanges(e)}async migrateExistingCache(e){let t=ac(this.browserStorage),r=cc(this.clientId,this.browserStorage);this.performanceClient.addFields({preMigrateAcntCount:t.length,preMigrateATCount:r.accessToken.length,preMigrateITCount:r.idToken.length,preMigrateRTCount:r.refreshToken.length},e);for(let t=0;t<2;t++){const r=t;await this.removeStaleAccounts(t,r,e)}for(let t=0;t<2;t++){const r=t;await this.migrateIdTokens(t,r,e)}const n=this.getKMSIValues();for(let t=0;t<2;t++)await this.migrateAccessTokens(t,n,e),await this.migrateRefreshTokens(t,n,e);t=ac(this.browserStorage),r=cc(this.clientId,this.browserStorage),this.performanceClient.addFields({postMigrateAcntCount:t.length,postMigrateATCount:r.accessToken.length,postMigrateITCount:r.idToken.length,postMigrateRTCount:r.refreshToken.length},e)}async updateOldEntry(e,t){const r=this.browserStorage.getItem(e),n=this.validateAndParseJson(r||"");if(!n)return this.browserStorage.removeItem(e),null;if(n.lastUpdatedAt){if(An(n.lastUpdatedAt,this.cacheConfig.cacheRetentionDays))return this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null}else n.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(n),t);const o=hc(n)?await this.browserStorage.decryptData(e,n,t):n;return o&&zn(o)?(jn(o)||$n(o))&&o.expiresOn&&bn(o.expiresOn,300)?(this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null):o:(this.performanceClient.incrementFields({invalidCacheCount:1},t),null)}async removeStaleAccounts(e,t,r){const n=ac(this.browserStorage,e);if(0!==n.length){for(const e of[...n]){this.performanceClient.incrementFields({oldAcntCount:1},r);const o=this.browserStorage.getItem(e),i=this.validateAndParseJson(o||"");i?i.lastUpdatedAt?An(i.lastUpdatedAt,this.cacheConfig.cacheRetentionDays)&&(await this.removeAccountOldSchema(e,i,t,r),fc(n,e)):(i.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(i),r)):fc(n,e)}this.setAccountKeys(n,r,e)}}async removeAccountOldSchema(e,t,r,n){const o=hc(t)?await this.browserStorage.decryptData(e,t,n):t,i=o?.homeAccountId;if(i){const e=this.getTokenKeys(r);[...e.idToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),fc(e.idToken,t)})),[...e.accessToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),fc(e.accessToken,t)})),[...e.refreshToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),fc(e.refreshToken,t)})),this.setTokenKeys(e,n,r)}this.performanceClient.incrementFields({expiredAcntRemovedCount:1},n),this.browserStorage.removeItem(e)}getKMSIValues(){const e={},t=this.getTokenKeys().idToken;for(const r of t){const t=this.browserStorage.getUserData(r);if(t){const r=JSON.parse(t),n=wr(r.secret,ys);n&&(e[r.homeAccountId]=Ir(n))}}return e}async migrateIdTokens(e,t,r){const n=cc(this.clientId,this.browserStorage,e);if(0===n.idToken.length)return;const o=cc(this.clientId,this.browserStorage,2),i=ac(this.browserStorage),s=ac(this.browserStorage,t);for(const e of[...n.idToken]){this.performanceClient.incrementFields({oldITCount:1},r);const t=await this.updateOldEntry(e,r);if(!t){fc(n.idToken,e);continue}const a=i.find((e=>e.includes(t.homeAccountId))),c=s.find((e=>e.includes(t.homeAccountId)));let h=null;if(a)h=this.getAccount(a,r);else if(c){const e=this.browserStorage.getItem(c),t=this.validateAndParseJson(e||"");h=t&&hc(t)?await this.browserStorage.decryptData(c,t,r):t}if(!h){this.performanceClient.incrementFields({skipITMigrateCount:1},r);continue}const l=wr(t.secret,ys),d=this.generateCredentialKey(t),u=this.getIdTokenCredential(d,r),g=Object.keys(l).includes("signin_state"),p=u&&Object.keys(wr(u.secret,ys)||{}).includes("signin_state");if(!u||t.lastUpdatedAt>u.lastUpdatedAt&&(g||!p)){const e=h.tenantProfiles||[],n=Lr(l)||h.realm;if(n&&!e.find((e=>e.tenantId===n))){const t=fr(h.homeAccountId,h.localAccountId,n,l);e.push(t)}h.tenantProfiles=e;const s=this.generateAccountKey(Dr(h)),a=Ir(l);await this.setUserData(s,JSON.stringify(h),r,h.lastUpdatedAt,a),i.includes(s)||i.push(s),await this.setUserData(d,JSON.stringify(t),r,t.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedITCount:1},r),o.idToken.push(d)}}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r),this.setAccountKeys(i,r)}async migrateAccessTokens(e,t,r){const n=cc(this.clientId,this.browserStorage,e);if(0===n.accessToken.length)return;const o=cc(this.clientId,this.browserStorage,2);for(const e of[...n.accessToken]){this.performanceClient.incrementFields({oldATCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){fc(n.accessToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipATMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.accessToken.includes(s)){const e=this.getAccessTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r),o.accessToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}async migrateRefreshTokens(e,t,r){const n=cc(this.clientId,this.browserStorage,e);if(0===n.refreshToken.length)return;const o=cc(this.clientId,this.browserStorage,2);for(const e of[...n.refreshToken]){this.performanceClient.incrementFields({oldRTCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){fc(n.refreshToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipRTMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.refreshToken.includes(s)){const e=this.getRefreshTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r),o.refreshToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}trackVersionChanges(e){const t=this.browserStorage.getItem(Ya);t&&(this.logger.info("1wuc87",e),this.performanceClient.addFields({previousLibraryVersion:t},e)),t!==mc&&this.setItem(Ya,mc,e)}validateAndParseJson(e){if(!e)return null;try{const t=JSON.parse(e);return t&&"object"==typeof t?t:null}catch(e){return null}}setItem(e,t,r){const n=new Array(3).fill(0),o=[];for(let i=0;i<=20;i++)try{if(this.browserStorage.setItem(e,t),i>0)for(let e=0;e<=2;e++){const t=n.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=i)break;const s=i>t+n[e]?t+n[e]:i;i>t&&n[e]>0&&this.removeAccessTokenKeys(o.slice(t,s),r,e)}break}catch(s){const a=Rr(s);if(!(a.errorCode===Er&&i<20))throw a;if(!o.length)for(let r=0;r<=2;r++)if(e===rc(this.clientId,r)){const e=JSON.parse(t).accessToken;o.push(...e),n[r]=e.length}else{const e=this.getTokenKeys(r).accessToken;o.push(...e),n[r]=e.length}if(o.length<=i)throw a;this.removeAccessToken(o[i],r,!1)}}async setUserData(e,t,r,n,o){const i=new Array(3).fill(0),s=[];for(let a=0;a<=20;a++)try{if(await Un(this.browserStorage.setUserData.bind(this.browserStorage),"setUserData",this.logger,this.performanceClient,r)(e,t,r,n,o),a>0)for(let e=0;e<=2;e++){const t=i.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=a)break;const n=a>t+i[e]?t+i[e]:a;a>t&&i[e]>0&&this.removeAccessTokenKeys(s.slice(t,n),r,e)}break}catch(e){const t=Rr(e);if(!(t.errorCode===Er&&a<20))throw t;if(!s.length)for(let e=0;e<=2;e++){const t=this.getTokenKeys(e).accessToken;s.push(...t),i[e]=t.length}if(s.length<=a)throw t;this.removeAccessToken(s[a],r,!1)}}getAccount(e,t){this.logger.trace("1lfvm6",t);const r=this.browserStorage.getUserData(e);if(!r)return this.removeAccountKeyFromMap(e,t),null;const n=this.validateAndParseJson(r);return n&&((o=n)&&o.hasOwnProperty("homeAccountId")&&o.hasOwnProperty("environment")&&o.hasOwnProperty("realm")&&o.hasOwnProperty("localAccountId")&&o.hasOwnProperty("username")&&o.hasOwnProperty("authorityType"))?Br.toObject({},n):null;var o}async setAccount(e,t,r){this.logger.trace("1bz3wr",t);const n=this.generateAccountKey(Dr(e)),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r),this.addAccountKeyToMap(n,t),this.performanceClient.addFields({kmsi:r},t)}setAccountKeys(e,t,r=2){0===e.length?this.removeItem(tc(r)):this.setItem(tc(r),JSON.stringify(e),t)}getAccountKeys(){return ac(this.browserStorage)}addAccountKeyToMap(e,t){this.logger.trace("0rb85k",t),this.logger.tracePii("1l9bdo",t);const r=this.getAccountKeys();return-1===r.indexOf(e)?(r.push(e),this.setItem(tc(),JSON.stringify(r),t),this.logger.verbose("0xia39",t),!0):(this.logger.verbose("0161kk",t),!1)}removeAccountKeyFromMap(e,t){this.logger.trace("1jpigu",t),this.logger.tracePii("1xzspl",t);const r=this.getAccountKeys(),n=r.indexOf(e);n>-1?(r.splice(n,1),this.setAccountKeys(r,t)):this.logger.trace("1dytu2",t)}removeAccount(e,t){const r=this.getActiveAccount(t);r?.homeAccountId===e.homeAccountId&&r?.environment===e.environment&&this.setActiveAccount(null,t),super.removeAccount(e,t),this.removeAccountKeyFromMap(this.generateAccountKey(e),t),this.browserStorage.getKeys().forEach((t=>{t.includes(e.homeAccountId)&&t.includes(e.environment)&&this.browserStorage.removeItem(t)}))}removeIdToken(e,t){super.removeIdToken(e,t);const r=this.getTokenKeys(),n=r.idToken.indexOf(e);n>-1&&(this.logger.info("05udv9",t),r.idToken.splice(n,1),this.setTokenKeys(r,t))}removeAccessToken(e,t,r=!0){super.removeAccessToken(e,t),r&&this.removeAccessTokenKeys([e],t)}removeAccessTokenKeys(e,t,r=2){this.logger.trace("17o18n",t);const n=this.getTokenKeys(r);let o=0;if(e.forEach((e=>{const t=n.accessToken.indexOf(e);t>-1&&(n.accessToken.splice(t,1),o++)})),o>0)return this.logger.info("15i5d5",t),void this.setTokenKeys(n,t,r)}removeRefreshToken(e,t){super.removeRefreshToken(e,t);const r=this.getTokenKeys(),n=r.refreshToken.indexOf(e);n>-1&&(this.logger.info("1f4fq3",t),r.refreshToken.splice(n,1),this.setTokenKeys(r,t))}getTokenKeys(e=2){return cc(this.clientId,this.browserStorage,e)}setTokenKeys(e,t,r=2){0!==e.idToken.length||0!==e.accessToken.length||0!==e.refreshToken.length?this.setItem(rc(this.clientId,r),JSON.stringify(e),t):this.removeItem(rc(this.clientId,r))}getIdTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("1jukz6",t),this.removeIdToken(e,t),null;const n=this.validateAndParseJson(r);return n&&((o=n)&&zn(o)&&o.hasOwnProperty("realm")&&o.credentialType===L.ID_TOKEN)?(this.logger.trace("01ju66",t),n):(this.logger.trace("1jukz6",t),null);var o}async setIdTokenCredential(e,t,r){this.logger.trace("13hjll",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.idToken.indexOf(n)&&(this.logger.info("07jy92",t),i.idToken.push(n),this.setTokenKeys(i,t))}getAccessTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0bqvx8",t),this.removeAccessTokenKeys([e],t),null;const n=this.validateAndParseJson(r);return n&&jn(n)?(this.logger.trace("1o81rl",t),n):(this.logger.trace("0bqvx8",t),null)}async setAccessTokenCredential(e,t,r){this.logger.trace("1pondb",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys(),s=i.accessToken.indexOf(n);-1!==s&&i.accessToken.splice(s,1),this.logger.trace("1onhey",t),i.accessToken.push(n),this.setTokenKeys(i,t)}getRefreshTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0jlizt",t),this.removeRefreshToken(e,t),null;const n=this.validateAndParseJson(r);return n&&$n(n)?(this.logger.trace("0nokxi",t),n):(this.logger.trace("0jlizt",t),null)}async setRefreshTokenCredential(e,t,r){this.logger.trace("0tcg8d",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.refreshToken.indexOf(n)&&(this.logger.info("0eckjs",t),i.refreshToken.push(n),this.setTokenKeys(i,t))}getAppMetadata(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1q101h",t),null;const n=this.validateAndParseJson(r);return n&&(o=e,(i=n)&&0===o.indexOf(H)&&i.hasOwnProperty("clientId")&&i.hasOwnProperty("environment"))?(this.logger.trace("19pvg2",t),n):(this.logger.trace("1q101h",t),null);var o,i}setAppMetadata(e,t){this.logger.trace("0cyma6",t);const r=function({environment:e,clientId:t}){return[H,e,t].join("-").toLowerCase()}(e);this.setItem(r,JSON.stringify(e),t)}getServerTelemetry(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("0jk19c",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){const r=0===e.indexOf(J);let n=!0;return t&&(n=t.hasOwnProperty("failedRequests")&&t.hasOwnProperty("errors")&&t.hasOwnProperty("cacheHits")),r&&n}(e,n)?(this.logger.trace("12jguk",t),n):(this.logger.trace("0jk19c",t),null)}setServerTelemetry(e,t,r){this.logger.trace("1poh61",r),this.setItem(e,JSON.stringify(t),r)}getAuthorityMetadata(e,t){const r=this.internalStorage.getItem(e);if(!r)return this.logger.trace("1r39oe",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){return!!t&&0===e.indexOf(F)&&t.hasOwnProperty("aliases")&&t.hasOwnProperty("preferred_cache")&&t.hasOwnProperty("preferred_network")&&t.hasOwnProperty("canonical_authority")&&t.hasOwnProperty("authorization_endpoint")&&t.hasOwnProperty("token_endpoint")&&t.hasOwnProperty("issuer")&&t.hasOwnProperty("aliasesFromNetwork")&&t.hasOwnProperty("endpointsFromNetwork")&&t.hasOwnProperty("expiresAt")&&t.hasOwnProperty("jwks_uri")}(e,n)?(this.logger.trace("1ohvk3",t),n):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter((e=>this.isAuthorityMetadata(e)))}setWrapperMetadata(e,t){this.internalStorage.setItem(ns,e),this.internalStorage.setItem(os,t)}getWrapperMetadata(){return[this.internalStorage.getItem(ns)||"",this.internalStorage.getItem(os)||""]}setAuthorityMetadata(e,t,r){this.logger.trace("07w8n2",r),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(e){const t=this.generateCacheKey(b),r=this.browserStorage.getItem(t);if(!r)return this.logger.trace("08gw0e",e),null;const n=this.validateAndParseJson(r);return n?(this.logger.trace("1t3ch7",e),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId},e)):(this.logger.trace("0me1up",e),null)}setActiveAccount(e,t){const r=this.generateCacheKey(b);if(e){this.logger.verbose("0rsj80",t);const n={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.setItem(r,JSON.stringify(n),t)}else this.logger.verbose("1bp5z5",t),this.browserStorage.removeItem(r);this.eventHandler.emitEvent(gc.ACTIVE_ACCOUNT_CHANGED)}getThrottlingCache(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1h4wa6",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){let r=!1;e&&(r=0===e.indexOf(Q));let n=!0;return t&&(n=t.hasOwnProperty("throttleTime")),r&&n}(e,n)?(this.logger.trace("0of6n8",t),n):(this.logger.trace("1h4wa6",t),null)}setThrottlingCache(e,t,r){this.logger.trace("0wfgh6",r),this.setItem(e,JSON.stringify(t),r)}getTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e,o=this.temporaryCacheStorage.getItem(n);if(!o){if(this.cacheConfig.cacheLocation===Ji.LocalStorage){const e=this.browserStorage.getItem(n);if(e)return this.logger.trace("1yt61y",t),e}return this.logger.trace("1qhy81",t),null}return o}setTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(n,t)}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e)}getKeys(){return this.browserStorage.getKeys()}clear(e){this.removeAllAccounts(e),this.removeAppMetadata(e),this.temporaryCacheStorage.getKeys().forEach((e=>{-1===e.indexOf(Ja)&&-1===e.indexOf(this.clientId)||this.removeTemporaryItem(e)})),this.browserStorage.getKeys().forEach((e=>{-1===e.indexOf(Ja)&&-1===e.indexOf(this.clientId)||this.browserStorage.removeItem(e)})),this.internalStorage.clear()}generateCacheKey(e){return ke.startsWith(e,Ja)?e:`${Ja}.${this.clientId}.${e}`}generateCredentialKey(e){const t=e.credentialType===L.REFRESH_TOKEN&&e.familyId||e.clientId,r=e.tokenType&&e.tokenType.toLowerCase()!==G.BEARER.toLowerCase()?e.tokenType.toLowerCase():"";return[`${Ja}.2`,e.homeAccountId,e.environment,e.credentialType,t,e.realm||"",e.target||"",r].join("|").toLowerCase()}generateAccountKey(e){const t=e.homeAccountId.split(".")[1];return[`${Ja}.2`,e.homeAccountId,e.environment,t||e.tenantId||""].join("|").toLowerCase()}resetRequestCache(e){this.logger.trace("0h0ynu",e),this.removeTemporaryItem(this.generateCacheKey(Zi)),this.removeTemporaryItem(this.generateCacheKey(es)),this.removeTemporaryItem(this.generateCacheKey(Xi)),this.removeTemporaryItem(this.generateCacheKey(Yi)),this.removeTemporaryItem(this.generateCacheKey(rs)),this.setInteractionInProgress(!1,void 0)}cacheAuthorizeRequest(e,t,r){this.logger.trace("1tzef5",t);const n=ms(JSON.stringify(e));if(this.setTemporaryCache(Zi,n,!0),r){const e=ms(r);this.setTemporaryCache(es,e,!0)}}getCachedRequest(e){this.logger.trace("0uen20",e);const t=this.getTemporaryCache(Zi,e,!0);if(!t)throw Ei(Yo);const r=this.getTemporaryCache(es,e,!0);let n,o="";try{n=JSON.parse(ys(t)),r&&(o=ys(r))}catch(t){throw this.logger.errorPii("0ewsey",e),this.logger.error("0tvdic",e),Ei(Zo)}return[n,o]}getCachedNativeRequest(){this.logger.trace("1yxcdm","");const e=this.getTemporaryCache(rs,"",!0);if(!e)return this.logger.trace("0mnxd4",""),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("0rrkip",""),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress()?.clientId;return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${Ja}.${ts}`,t=this.getTemporaryCache(e,"",!1);try{return t?JSON.parse(t):null}catch(t){return this.logger.error("0jjyys",""),this.removeTemporaryItem(e),this.resetRequestCache(""),Gs(window),null}}setInteractionInProgress(e,t=Qi,r=!1,n=""){const o=`${Ja}.${ts}`;if(e){if(this.getInteractionInProgress()){if(!r)throw Ei(Ko);this.logger.warning("1pmscr",n),Zs(this.logger,n),this.removeTemporaryItem(o)}this.setTemporaryCache(o,JSON.stringify({clientId:this.clientId,type:t}),!1)}else e||this.getInteractionInProgress()?.clientId!==this.clientId||this.removeTemporaryItem(o)}async hydrateCache(e,t){const r={idToken:Fn(e.account?.homeAccountId,e.account?.environment,e.idToken,this.clientId,e.tenantId),accessToken:Kn(e.account?.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?kn(e.expiresOn):0,e.extExpiresOn?kn(e.extExpiresOn):0,ys,void 0,e.tokenType,void 0,t.sshKid)};return this.saveCacheRecord(r,e.correlationId,Ir(wr(e.idToken,ys)))}async saveCacheRecord(e,t,r,n){try{await super.saveCacheRecord(e,t,r,n)}catch(e){if(e instanceof Pr&&this.performanceClient&&t)try{const e=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:e.refreshToken.length,cacheIdCount:e.idToken.length,cacheAtCount:e.accessToken.length},t)}catch(e){}throw e}}}function wc(e,t,r,n){try{switch(t){case Ji.LocalStorage:return new dc(e,r,n);case Ji.SessionStorage:return new uc}}catch(e){r.error(e,"")}return new xa}const Ic=(e,t,r,n)=>new yc(e,{cacheLocation:Ji.MemoryStorage,cacheRetentionDays:5},ar,t,r,n);function Cc(e,t,r,n,o){return e.verbose("1yd030",n),r?t.getAllAccounts(o,n):[]}function vc(e,t,r,n){if(t.trace("0u7b90",n),0===Object.keys(e).length)return t.warning("1kz0cu",n),null;const o=r.getAccountInfoFilteredBy(e,n);return o?(t.verbose("0btgll",n),o):(t.verbose("0ltaj5",n),null)}function kc(e,t,r){t.setActiveAccount(e,r)}function Tc(e,t){return e.getActiveAccount(t)}class bc{constructor(e){this.eventCallbacks=new Map,this.logger=e||new dr({}),"undefined"!=typeof BroadcastChannel&&(this.broadcastChannel=new BroadcastChannel("msal.broadcast.event")),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if("undefined"!=typeof window){const n=r||da();return this.eventCallbacks.has(n)?(this.logger.error("1578i0",""),null):(this.eventCallbacks.set(n,[e,t||[]]),this.logger.verbose("1cnec4",""),n)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose("12zotd","")}emitEvent(e,t,r,n){const o={eventType:e,interactionType:t||null,payload:r||null,error:n||null,timestamp:Date.now()};switch(e){case gc.LOGIN_SUCCESS:case gc.LOGOUT_SUCCESS:case gc.ACTIVE_ACCOUNT_CHANGED:this.broadcastChannel?.postMessage(o)}this.invokeCallbacks(o)}invokeCallbacks(e){this.eventCallbacks.forEach((([t,r],n)=>{(0===r.length||r.includes(e.eventType))&&(this.logger.verbose("15jpwk",""),t.apply(null,[e]))}))}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){this.broadcastChannel?.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){this.broadcastChannel?.removeEventListener("message",this.invokeCrossTabCallbacks)}}class Ac{constructor(e,t,r,n,o,i,s,a,c){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=o,this.navigationClient=i,this.platformAuthProvider=c,this.correlationId=a,this.logger=n.clone(xi,mc),this.performanceClient=s}}function Sc(e,t,r,n){r.verbose("0bd1la",n);const o=e||t||"";return vr.getAbsoluteUrl(o,ta())}function _c(e,t,r,n,o,i){o.verbose("1p12tq",r);const s={clientId:t,correlationId:r,apiId:e,forceRefresh:!1,wrapperSKU:n.getWrapperMetadata()[0],wrapperVer:n.getWrapperMetadata()[1]};return new bo(s,n)}async function Ec(e,t,r,n,o,i,s,a,c){const h=a&&a.hasOwnProperty("instance_aware")?a.instance_aware:void 0,l={protocolMode:e.system.protocolMode,OIDCOptions:e.auth.OIDCOptions,knownAuthorities:e.auth.knownAuthorities,cloudDiscoveryMetadata:e.auth.cloudDiscoveryMetadata,authorityMetadata:e.auth.authorityMetadata},d=i||e.auth.authority,u=h?.length?"true"===h:e.auth.instanceAware,g=c&&u?e.auth.authority.replace(vr.getDomainFromUrl(d),c.environment):d,p=ho.generateAuthority(g,s||e.auth.azureCloudOptions),m=await Un(go,"authorityFactoryCreateDiscoveredInstance",o,r,t)(p,e.system.networkClient,n,l,o,t,r);if(c&&!m.isAlias(c.environment))throw ve(ze);return m}async function Pc(e,t,r,n,o){if(o)try{e.removeAccount(o,n),r.verbose("0s4z6h",n)}catch(e){r.error("0mgg1d",n)}else try{r.verbose("0zj631",n),e.clear(n),await t.clearKeystore(n)}catch(e){r.error("12ih0c",n)}}async function Rc(e,t,r,n,o){const i=e.authority||t.auth.authority,s=[...e&&e.scopes||[]],a={...e,correlationId:e.correlationId,authority:i,scopes:s};if(a.authenticationScheme){if(a.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);if(!e.sshKid)throw ve(He)}n.verbose("1ecmns",o)}else a.authenticationScheme=G.BEARER,n.verbose("1l4fwv",o);return a}async function Oc(e,t,r,n,o){const i=await Un(Rc,ya,o,n,e.correlationId)(e,r,n,o,e.correlationId);return{...e,...i,account:t,forceRefresh:e.forceRefresh||!1}}function Mc(e,t){let r;const n=e.httpMethod;if(t===Hr.EAR){if(n&&n!==g)throw ve(je);r=g}else r=n||u;return r}class xc extends Ac{initializeLogoutRequest(e){this.logger.verbose("0546u4",this.correlationId);const t={correlationId:this.correlationId,...e};if(e)if(e.logoutHint)this.logger.verbose("12k4l4",this.correlationId);else if(e.account){const r=this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("0st5di",this.correlationId),t.logoutHint=r)}else this.logger.verbose("0pdtc3",this.correlationId);else this.logger.verbose("07ndze",this.correlationId);return e&&null===e.postLogoutRedirectUri?this.logger.verbose("0ljv63",t.correlationId):e&&e.postLogoutRedirectUri?(this.logger.verbose("1vamm6",t.correlationId),t.postLogoutRedirectUri=vr.getAbsoluteUrl(e.postLogoutRedirectUri,ta())):null===this.config.auth.postLogoutRedirectUri?this.logger.verbose("15m5g7",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("1f4xlz",t.correlationId),t.postLogoutRedirectUri=vr.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,ta())):(this.logger.verbose("17s5rf",t.correlationId),t.postLogoutRedirectUri=vr.getAbsoluteUrl(ta(),ta())),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("0mvp54",this.correlationId)}else this.logger.verbose("1e7bdp",this.correlationId);return null}async createAuthCodeClient(e){const t=await Un(this.getClientConfiguration.bind(this),ka,this.logger,this.performanceClient,this.correlationId)(e);return new po(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:r,requestAzureCloudOptions:n,requestExtraQueryParameters:o,account:i}=e,s=e.authority||await Un(Ec,pa,this.logger,this.performanceClient,this.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:s,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:a.loggerCallback,piiLoggingEnabled:a.piiLoggingEnabled,logLevel:a.logLevel,correlationId:this.correlationId},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:xi,version:mc,cpu:"",os:""},telemetry:this.config.telemetry}}}async function qc(e,t,r,n,o,i,s,a){const c=Sc(e.redirectUri,r.auth.redirectUri,i,a),h={interactionType:t},l=In(n,e&&e.state||"",h),d={...await Un(Rc,ya,i,s,a)({...e,correlationId:a},r,s,i,a),redirectUri:c,state:l,nonce:e.nonce||Ms(),responseMode:r.auth.OIDCOptions.responseMode},u={...d,httpMethod:Mc(d,r.system.protocolMode)};if(e.loginHint||e.sid)return u;const g=e.account||o.getActiveAccount(a);return g&&(i.verbose("1eqlb3",a),i.verbosePii("0tf99t",a),u.account=g),u}function Nc(e,t,r,n){const o=or(e);if(!o)throw nr(e)?(r.error("13pl0s",n),r.errorPii("1097vx",n),Ei(Ho)):(r.error("18h0l1",n),Ei(Uo));return o}function Uc(e,t,r){if(!e.state)throw Ei(Lo);const n=function(e,t){if(!t)return null;try{return Cn(e.base64Decode,t).libraryState.meta}catch(e){throw be(et)}}(t,e.state);if(!n)throw Ei(Do);if(n.interactionType!==r)throw Ei(Fo)}class Lc{constructor(e,t,r,n,o){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=n,this.performanceClient=o}async handleCodeResponse(e,t){let r;try{r=function(e,t){if(Co(e,t),!e.code)throw be(wt);return e}(e,t.state)}catch(e){throw e instanceof nn&&e.subError===$o?Ei($o):e}return Un(this.handleCodeResponseFromServer.bind(this),Rn,this.logger,this.performanceClient,t.correlationId)(r,t)}async handleCodeResponseFromServer(e,t,r=!0){if(this.logger.trace("0mf2hb",t.correlationId),this.authCodeRequest.code=e.code,r&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const e=this.createCcsCredentials(t);e&&(this.authCodeRequest.ccsCredential=e)}return await Un(this.authModule.acquireToken.bind(this.authModule),"authClientAcquireToken",this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:Yn}:e.loginHint?{credential:e.loginHint,type:Zn}:null}}class Hc extends we{constructor(e,t,r){super(e,t||Si(e)),Object.setPrototypeOf(this,Hc.prototype),this.name="NativeAuthError",this.ext=r}}function Dc(e){if(e.ext&&e.ext.status&&("PERSISTENT_ERROR"===e.ext.status||"DISABLED"===e.ext.status))return!0;if(e.ext&&e.ext.error&&-2147186943===e.ext.error)return!0;switch(e.errorCode){case"ContentError":case"PageException":return!0;default:return!1}}function Fc(e,t,r){if(r&&r.status)switch(r.status){case"ACCOUNT_UNAVAILABLE":return wn(sn,Si(e));case"USER_INTERACTION_REQUIRED":return new fn(e,t);case"USER_CANCEL":return Ei($o);case"NO_NETWORK":return Ei(ri);case"UX_NOT_ALLOWED":return wn(cn)}return new Hc(e,t,r)}class Kc extends xc{async acquireToken(e){const t=_c(is.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),r=await Un(this.getClientConfiguration.bind(this),ka,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),n=new fo(r,this.performanceClient);this.logger.verbose("0wa871",this.correlationId);try{const t=(await Un(n.acquireCachedToken.bind(n),"silentFlowClientAcquireCachedToken",this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),t}catch(e){throw e instanceof _i&&e.errorCode===ai&&this.logger.verbose("06wena",this.correlationId),e}}logout(e){this.logger.verbose("1rkurh",this.correlationId);const t=this.initializeLogoutRequest(e);return Pc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account)}}class Bc extends Ac{constructor(e,t,r,n,o,i,s,a,c,h,l,d){super(e,t,r,n,o,i,a,d,c),this.apiId=s,this.accountId=h,this.platformAuthProvider=c,this.nativeStorageManager=l,this.silentCacheClient=new Kc(e,this.nativeStorageManager,r,n,o,i,a,d,c);const u=this.platformAuthProvider.getExtensionName();this.skus=bo.makeExtraSkuString({libraryName:xi,libraryVersion:mc,extensionName:u,extensionVersion:this.platformAuthProvider.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[ge]:this.skus}}async acquireToken(e,t){this.logger.trace("03qeos",this.correlationId);const r=this.performanceClient.startMeasurement(ma,e.correlationId),n=vn(),o=_c(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const i=await this.initializeNativeRequest(e);try{const e=await this.acquireTokensFromCache(this.accountId,i);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),e}catch(e){if(t===ds.AccessToken)throw this.logger.info("0eitbc",this.correlationId),e;this.logger.info("0957j1",this.correlationId)}const s=await this.platformAuthProvider.sendMessage(i);return await this.handleNativeResponse(s,i,n).then((e=>(r.end({success:!0,isNativeBroker:!0,requestId:e.requestId}),o.clearNativeBrokerErrorCode(),e))).catch((e=>{throw r.end({success:!1,errorCode:e.errorCode,subErrorCode:e.subError,isNativeBroker:!0}),e}))}catch(e){throw e instanceof Hc&&o.setNativeBrokerErrorCode(e.errorCode),e}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:_t.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("1ndf3e",this.correlationId),be(pt);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e},t.correlationId);if(!r)throw be(pt);try{const e=this.createSilentCacheRequest(t,r),n=await this.silentCacheClient.acquireToken(e),o={...r,idTokenClaims:n?.idTokenClaims,idToken:n?.idToken};return{...n,account:o}}catch(e){throw e}}async acquireTokenRedirect(e,t,r){this.logger.trace("0luikq",this.correlationId);const n=await this.initializeNativeRequest(e),o=r?.navigateToLoginRequestUrl??!0;try{await this.platformAuthProvider.sendMessage(n)}catch(e){if(e instanceof Hc){if(_c(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).setNativeBrokerErrorCode(e.errorCode),Dc(e))throw e}}this.browserStorage.setTemporaryCache(rs,JSON.stringify(n),!0);const i={apiId:is.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},s=o?window.location.href:Sc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId);t.end({success:!0}),await this.navigationClient.navigateExternal(s,i)}async handleRedirectPromise(e,t){if(this.logger.trace("1c5lhw",this.correlationId),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",this.correlationId),null;const r=this.browserStorage.getCachedNativeRequest();if(!r)return this.logger.verbose("0a6zjb",this.correlationId),e&&t&&e?.addFields({errorCode:"no_cached_request"},t),null;const{prompt:n,...o}=r;n&&this.logger.verbose("0ac34v",this.correlationId),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(rs));const i=vn();try{this.logger.verbose("003x5a",this.correlationId);const e=await this.platformAuthProvider.sendMessage(o),t=await this.handleNativeResponse(e,o,i);return _c(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).clearNativeBrokerErrorCode(),t}catch(e){throw e}}logout(){return this.logger.trace("0u2sjm",this.correlationId),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){this.logger.trace("1bojln",this.correlationId);const n=wr(e.id_token,ys),o=this.createHomeAccountIdentifier(e,n),i=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId},this.correlationId)?.homeAccountId;if(t.extraParameters?.child_client_id&&e.account.id!==t.accountId)this.logger.info("1ub1in",this.correlationId);else if(o!==i&&e.account.id!==t.accountId)throw Fc("user_switch");const s=await Ec(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t.authority),a=Xn(this.browserStorage,s,o,ys,this.correlationId,n,e.client_info,void 0,n.tid,void 0,e.account.id);e.expires_in=Number(e.expires_in);const c=await this.generateAuthenticationResult(e,t,n,a,s.canonicalAuthority,r);return await this.cacheAccount(a,Ir(n)),await this.cacheNativeTokens(e,t,o,n,e.access_token,c.tenantId,r),c}createHomeAccountIdentifier(e,t){return Kr(e.client_info||"",xr,this.logger,this.browserCrypto,this.correlationId,t)}generateScopes(e,t){return t?_t.fromString(t):_t.fromString(e)}async generatePopAccessToken(e,t){if(t.tokenType===G.POP&&t.signPopToken){if(e.shr)return this.logger.trace("0coqhu",this.correlationId),e.shr;const r=new Hn(this.browserCrypto,this.performanceClient),n={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce,correlationId:this.correlationId};if(!t.keyId)throw be(vt);return r.signPopToken(e.access_token,t.keyId,n)}return e.access_token}async generateAuthenticationResult(e,t,r,n,o,i){const s=this.addTelemetryFromNativeResponse(e.properties.MATS),a=this.generateScopes(t.scope,e.scope),c=e.account.properties||{},h=c.UID||r.oid||r.sub||"",l=c.TenantId||r.tid||"",d=yr(Dr(n),void 0,r,e.id_token);d.nativeAccountId!==e.account.id&&(d.nativeAccountId=e.account.id);const u=await this.generatePopAccessToken(e,t),g=t.tokenType===G.POP?G.POP:G.BEARER;return{authority:o,uniqueId:h,tenantId:l,scopes:a.asArray(),account:d,idToken:e.id_token,idTokenClaims:r,accessToken:u,fromCache:!!s&&this.isResponseFromCache(s),expiresOn:Tn(i+e.expires_in),tokenType:g,correlationId:this.correlationId,state:e.state,fromPlatformBroker:!0}}async cacheAccount(e,t){await this.browserStorage.setAccount(e,this.correlationId,t),this.browserStorage.removeAccountContext(Dr(e),this.correlationId)}cacheNativeTokens(e,t,r,n,o,i,s){const a=Fn(r,t.authority,e.id_token||"",t.clientId,n.tid||""),c=s+(t.tokenType===G.POP?240:("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0),h=this.generateScopes(e.scope,t.scope),l={idToken:a,accessToken:Kn(r,t.authority,o,t.clientId,n.tid||i,h.printScopes(),c,0,ys,void 0,t.tokenType,void 0,t.keyId)};return this.nativeStorageManager.saveCacheRecord(l,this.correlationId,Ir(n),t.storeInCache)}getExpiresInValue(e,t){return e===G.POP?240:("string"==typeof t?parseInt(t,10):t)||0}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.platformAuthProvider.getExtensionId(),extensionVersion:this.platformAuthProvider.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}getMATSFromResponse(e){if(e)try{return JSON.parse(e)}catch(e){this.logger.error("0b3l57",this.correlationId)}return null}isResponseFromCache(e){return void 0===e.is_cached?(this.logger.verbose("1okqev",this.correlationId),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("04j6wj",this.correlationId);const t=await this.getCanonicalAuthority(e),{scopes:r,...n}=e,o=new _t(r||[]);o.appendScopes(p);const i={...n,accountId:this.accountId,clientId:this.config.auth.clientId,authority:t.urlString,scope:o.printScopes(),redirectUri:Sc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId),prompt:this.getPrompt(e.prompt),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraParameters},extendedExpiryToken:!1,keyId:e.popKid};if(i.signPopToken&&e.popKid)throw Ei(Ii);if(this.handleExtraBrokerParams(i),i.extraParameters=i.extraParameters||{},i.extraParameters.telemetry=Ui,e.authenticationScheme===G.POP){const t={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce,correlationId:this.correlationId},r=new Hn(this.browserCrypto,this.performanceClient);let n;if(i.keyId)n=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:i.keyId})),i.signPopToken=!1;else{const e=await Un(r.generateCnf.bind(r),On,this.logger,this.performanceClient,this.correlationId)(t,this.logger);n=e.reqCnfString,i.keyId=e.kid,i.signPopToken=!0}i.reqCnf=n}return this.addRequestSKUs(i),i}async getCanonicalAuthority(e){const t=e.authority||this.config.auth.authority,{azureCloudOptions:r,account:n}=e;n&&await Ec(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t,r,void 0,n);const o=new vr(t);return o.validateAsUri(),o}getPrompt(e){switch(this.apiId){case is.ssoSilent:case is.acquireTokenSilent_silentFlow:return this.logger.trace("1hiwaz",this.correlationId),R.NONE}if(e)switch(e){case R.NONE:case R.CONSENT:case R.LOGIN:return this.logger.trace("1ynje4",this.correlationId),e;default:throw this.logger.trace("0nkr6q",this.correlationId),Ei(yi)}else this.logger.trace("1qlu04",this.correlationId)}handleExtraBrokerParams(e){const t=e.extraParameters&&e.extraParameters.hasOwnProperty(pe)&&e.extraParameters.hasOwnProperty(me)&&e.extraParameters.hasOwnProperty(ce);if(!e.embeddedClientId&&!t)return;let r="";const n=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,r=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[me],r=e.extraParameters[ce]),e.extraParameters={child_client_id:r,child_redirect_uri:n},this.performanceClient?.addFields({embeddedClientId:r,embeddedRedirectUri:n},e.correlationId)}}async function zc(e,t,r,n,o){const i=wo({...e.auth,authority:t},r,n,o);if(Dt(i,{sku:xi,version:mc,os:"",cpu:""}),e.system.protocolMode!==Hr.OIDC&&Ft(i,e.telemetry.application),r.platformBroker&&(function(e){e.set("nativebroker","1")}(i),r.authenticationScheme===G.POP)){const e=new Na(n,o),t=new Hn(e,o);let s;if(r.popKid)s=e.encodeKid(r.popKid);else{s=(await Un(t.generateCnf.bind(t),On,n,o,r.correlationId)(r,n)).reqCnfString}Xt(i,s)}return Et(i,r.correlationId,o),i}async function jc(e,t,r,n,o){if(!r.codeChallenge)throw ve(xe);const i=await Un(zc,"getStandardParams",n,o,r.correlationId)(e,t,r,n,o);return Pt(i,O),Bt(i,r.codeChallenge,c),Qt(i,{...r.extraQueryParameters,...r.extraParameters}),Io(t,i)}async function $c(e,t,r,n,o,i){if(!n.earJwk)throw Ei(Mo);const s=await zc(t,r,n,o,i);Pt(s,M),function(e,t){e.set("ear_jwk",encodeURIComponent(t)),e.set("ear_jwe_crypto","eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}(s,n.earJwk),Bt(s,n.codeChallenge,c),Qt(s,{...n.extraParameters});const a=new Map;Qt(a,n.extraQueryParameters||{});return Wc(e,Io(r,a),s)}async function Jc(e,t,r,n,o,i){const s=await zc(t,r,n,o,i);Pt(s,O),Bt(s,n.codeChallenge,n.codeChallengeMethod||c),Qt(s,{...n.extraParameters});const a=new Map;Qt(a,n.extraQueryParameters||{});return Wc(e,Io(r,a),s)}function Wc(e,t,r){const n=e.createElement("form");return n.method="post",n.action=t,r.forEach(((t,r)=>{const o=e.createElement("input");o.hidden=!0,o.name=r,o.value=t,n.appendChild(o)})),e.body.appendChild(n),n}async function Gc(e,t,r,n,o,i,s,a,c,h){if(a.verbose("11qcow",e.correlationId),!h)throw Ei(mi);const l=new Na(a,c),d=new Bc(n,o,l,a,s,n.system.navigationClient,r,c,h,t,i,e.correlationId),{userRequestState:u}=Cn(l.base64Decode,e.state);return Un(d.acquireToken.bind(d),ma,a,c,e.correlationId)({...e,state:u,prompt:void 0})}async function Qc(e,t,r,n,o,i,s,a,c,h,l,d){if(ro.removeThrottle(s,o.auth.clientId,e),t.accountId)return Un(Gc,Aa,h,l,e.correlationId)(e,t.accountId,n,o,s,a,c,h,l,d);const u={...e,code:t.code||"",codeVerifier:r},g=new Lc(i,s,u,h,l);return await Un(g.handleCodeResponse.bind(g),"handleCodeResponse",h,l,e.correlationId)(t,e)}async function Vc(e,t,r,n,o,i,s,a,c,h,l){if(ro.removeThrottle(i,n.auth.clientId,e),Co(t,e.state),!t.ear_jwe)throw Ei(xo);if(!e.earJwk)throw Ei(Mo);const d=JSON.parse(await Un(Ns,"decryptEarResponse",c,h,e.correlationId)(e.earJwk,t.ear_jwe));if(d.accountId)return Un(Gc,Aa,c,h,e.correlationId)(e,d.accountId,r,n,i,s,a,c,h,l);const u=new Vn(n.auth.clientId,i,new Na(c,h),c,h,null,null);u.validateTokenResponse(d,e.correlationId);const g={code:"",state:e.state,nonce:e.nonce,client_info:d.client_info,cloud_graph_host_name:d.cloud_graph_host_name,cloud_instance_host_name:d.cloud_instance_host_name,cloud_instance_name:d.cloud_instance_name,msgraph_host:d.msgraph_host};return await Un(u.handleServerTokenResponse.bind(u),Mn,c,h,e.correlationId)(d,o,vn(),e,g,void 0,void 0,void 0,void 0)}async function Xc(e,t,r){const n=Nn(Yc,"generateCodeVerifier",t,e,r)(e,t,r);return{verifier:n,challenge:await Un(Zc,"generateCodeChallengeFromVerifier",t,e,r)(n,e,t,r)}}function Yc(e,t,r){try{const n=new Uint8Array(32);Nn(Rs,"getRandomValues",t,e,r)(n);return ps(n)}catch(e){throw Ei(Oo)}}async function Zc(e,t,r,n){try{const o=await Un(Ps,"sha256Digest",r,t,n)(e);return ps(new Uint8Array(o))}catch(e){throw Ei(Oo)}}class eh{navigateInternal(e,t){return eh.defaultNavigateWindow(e,t)}navigateExternal(e,t){return eh.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(((e,r)=>{setTimeout((()=>{r(Ei(Ti,"failed_to_redirect"))}),t.timeout)}))}}class th{async sendGetRequestAsync(e,t){let r,n={},o=0;const i=rh(t);try{r=await fetch(e,{method:Wi,headers:i})}catch(e){throw oo(Ei(window.navigator.onLine?oi:ri),void 0,void 0,e)}n=nh(r.headers);try{return o=r.status,{headers:n,body:await r.json(),status:o}}catch(e){throw oo(Ei(ii),o,n,e)}}async sendPostRequestAsync(e,t){const r=t&&t.body||"",n=rh(t);let o,i=0,s={};try{o=await fetch(e,{method:Gi,headers:n,body:r})}catch(e){throw oo(Ei(window.navigator.onLine?ni:ri),void 0,void 0,e)}s=nh(o.headers);try{return i=o.status,{headers:s,body:await o.json(),status:i}}catch(e){throw oo(Ei(ii),i,s,e)}}}function rh(e){try{const t=new Headers;if(!e||!e.headers)return t;const r=e.headers;return Object.entries(r).forEach((([e,r])=>{t.append(e,r)})),t}catch(e){throw oo(Ei(Ci),void 0,void 0,e)}}function nh(e){try{const t={};return e.forEach(((e,r)=>{t[r]=e})),t}catch(e){throw Ei(vi)}}function oh({auth:r,cache:n,system:o,telemetry:c},h){const l={clientId:"",authority:`${t}`,knownAuthorities:[],cloudDiscoveryMetadata:"",authorityMetadata:"",redirectUri:"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:"",postLogoutRedirectUri:"",clientCapabilities:[],OIDCOptions:{responseMode:x.FRAGMENT,defaultScopes:[i,s,a]},azureCloudOptions:{azureCloudInstance:pr.None,tenant:""},instanceAware:!1},d={cacheLocation:Ji.SessionStorage,cacheRetentionDays:5},u={loggerCallback:()=>{},logLevel:e.LogLevel.Info,piiLoggingEnabled:!1},g={...{...Gr,loggerOptions:u,networkClient:h?new th:yo,navigationClient:new eh,popupBridgeTimeout:o?.popupBridgeTimeout||6e4,iframeBridgeTimeout:o?.iframeBridgeTimeout||1e4,redirectNavigationTimeout:3e4,allowRedirectInIframe:!1,navigatePopups:!0,allowPlatformBroker:!1,nativeBrokerHandshakeTimeout:o?.nativeBrokerHandshakeTimeout||2e3,protocolMode:Hr.AAD},...o,loggerOptions:o?.loggerOptions||u},p={application:{appName:"",appVersion:""},client:new Wr};if(o?.protocolMode!==Hr.OIDC&&r?.OIDCOptions){new dr(g.loggerOptions).warning(JSON.stringify(ve(Ke)),"")}if(o?.protocolMode&&o.protocolMode===Hr.OIDC&&g?.allowPlatformBroker)throw ve(Be);return{auth:{...l,...r,OIDCOptions:{...l.OIDCOptions,...r?.OIDCOptions}},cache:{...d,...n},system:g,telemetry:{...p,...c}}}class ih{constructor(e,t,r,n){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=n,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=r.startMeasurement("nativeMessageHandlerHandshake"),this.platformAuthType=Ki}async sendMessage(e){this.logger.trace("0on4p2",e.correlationId);const t={method:ji,request:e},r={channel:qi,extensionId:this.extensionId,responseId:Ms(),body:t};this.logger.trace("1qadfi",e.correlationId),this.logger.tracePii("1xm533",e.correlationId),this.messageChannel.port1.postMessage(r);const n=await new Promise(((e,t)=>{this.resolvers.set(r.responseId,{resolve:e,reject:t})}));return this.validatePlatformBrokerResponse(n)}static async createProvider(e,t,r,n){e.trace("15zfnw",n);try{const o=new ih(e,t,r,Ni);return await o.sendHandshakeRequest(n),o}catch(o){const i=new ih(e,t,r);return await i.sendHandshakeRequest(n),i}}async sendHandshakeRequest(e){this.logger.trace("1dpg9o",e),window.addEventListener("message",this.windowListener,!1);const t={channel:qi,extensionId:this.extensionId,responseId:Ms(),body:{method:Bi}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=e=>{this.onChannelMessage(e)},window.postMessage(t,window.origin,[this.messageChannel.port2]),new Promise(((e,r)=>{this.handshakeResolvers.set(t.responseId,{resolve:e,reject:r}),this.timeoutId=window.setTimeout((()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(Ei(gi)),this.handshakeResolvers.delete(t.responseId)}),this.handshakeTimeoutMs)}))}onWindowMessage(e){const t=da();if(this.logger.trace("0jpn5u",t),e.source!==window)return;const r=e.data;if(r.channel&&r.channel===qi&&(!r.extensionId||r.extensionId===this.extensionId)&&r.body.method===Bi){const e=this.handshakeResolvers.get(r.responseId);if(!e)return void this.logger.trace("07buhm",t);this.logger.verbose(r.extensionId?"0xrkug":"No extension installed",t),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),e.reject(Ei(pi))}}onChannelMessage(e){const t=da();this.logger.trace("1py8yf",t);const r=e.data,n=this.resolvers.get(r.responseId),o=this.handshakeResolvers.get(r.responseId);try{const e=r.body.method;if(e===$i){if(!n)return;const e=r.body.response;if(this.logger.trace("19hpgm",t),this.logger.tracePii("179a24",t),"Success"!==e.status)n.reject(Fc(e.code,e.description,e.ext));else{if(!e.result)throw Ie(vo,"Event does not contain result.");e.result.code&&e.result.description?n.reject(Fc(e.result.code,e.result.description,e.result.ext)):n.resolve(e.result)}this.resolvers.delete(r.responseId)}else if(e===zi){if(!o)return void this.logger.trace("082qnt",t);clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=r.extensionId,this.extensionVersion=r.body.version,this.logger.verbose("0yf5ib",t),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),o.resolve(),this.handshakeResolvers.delete(r.responseId)}}catch(e){this.logger.error("0xf978",t),this.logger.errorPii("04i99o",t),this.logger.errorPii("0xdvsy",t),n?n.reject(e):o&&o.reject(e)}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw Ie(vo,"Response missing expected properties.")}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}getExtensionName(){return this.getExtensionId()===Ni?"chrome":this.getExtensionId()?.length?"unknown":void 0}}class sh{constructor(e,t,r){this.logger=e,this.performanceClient=t,this.correlationId=r,this.platformAuthType=Fi}static async createProvider(e,t,r){if(e.trace("12mj4a",r),window.navigator?.platformAuthentication){const n=await window.navigator.platformAuthentication.getSupportedContracts(Li);if(n?.includes(Di))return e.trace("1h5q1r",r),new sh(e,t,r)}}getExtensionId(){return Li}getExtensionVersion(){return""}getExtensionName(){return Hi}async sendMessage(e){this.logger.trace("02bcil",e.correlationId);try{const t=this.initializePlatformDOMRequest(e),r=await window.navigator.platformAuthentication.executeGetToken(t);return this.validatePlatformBrokerResponse(r,e.correlationId)}catch(t){throw this.logger.error("11im7g",e.correlationId),t}}initializePlatformDOMRequest(e){this.logger.trace("15d6yv",e.correlationId);const{accountId:t,clientId:r,authority:n,scope:o,redirectUri:i,correlationId:s,state:a,storeInCache:c,embeddedClientId:h,extraParameters:l,...d}=e,u=this.getDOMExtraParams(d);return{accountId:t,brokerId:this.getExtensionId(),authority:n,clientId:r,correlationId:s||this.correlationId,extraParameters:{...l,...u},isSecurityTokenService:!1,redirectUri:i,scope:o,state:a,storeInCache:c,embeddedClientId:h}}validatePlatformBrokerResponse(e,t){if(e.hasOwnProperty("isSuccess")){if(e.hasOwnProperty("accessToken")&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("clientInfo")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scopes")&&e.hasOwnProperty("expiresIn"))return this.logger.trace("0h4vei",t),this.convertToPlatformBrokerResponse(e,t);if(e.hasOwnProperty("error")){const r=e;if(!1===r.isSuccess&&r.error&&r.error.code)throw this.logger.trace("0g92vm",t),Fc(r.error.code,r.error.description,{error:parseInt(r.error.errorCode),protocol_error:r.error.protocolError,status:r.error.status,properties:r.error.properties})}}throw Ie(vo,"Response missing expected properties.")}convertToPlatformBrokerResponse(e,t){this.logger.trace("14913t",t);return{access_token:e.accessToken,id_token:e.idToken,client_info:e.clientInfo,account:e.account,expires_in:e.expiresIn,scope:e.scopes,state:e.state||"",properties:e.properties||{},extendedLifetimeToken:e.extendedLifetimeToken??!1,shr:e.proofOfPossessionPayload}}getDOMExtraParams(e){return{...Object.entries(e).reduce(((e,[t,r])=>(e[t]=String(r),e)),{})}}}async function ah(e,t,r,n){e.trace("134j0v",r);const o=function(){let e;try{return e=window[Ji.SessionStorage],"true"===e?.getItem(Xa)}catch(e){return!1}}();let i;e.trace("04c81g",r);try{o&&(i=await sh.createProvider(e,t,r)),i||(e.trace("0l3na8",r),i=await ih.createProvider(e,n||2e3,t,r))}catch(t){e.trace("0icbd7",t)}return i}function ch(e,t,r,n,o){if(t.trace("0uko3r",r),!e.system.allowPlatformBroker)return t.trace("04hozs",r),!1;if(!n)return t.trace("0kvv1r",r),!1;if(o)switch(o){case G.BEARER:case G.POP:return t.trace("18tev1",r),!0;default:return t.trace("1dd2nh",r),!1}return!0}class hh extends xc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a,this.eventHandler=o}acquireToken(e,t){let r;try{if(r={popupName:this.generatePopupName(e.scopes||p,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window},this.performanceClient.addFields({isAsyncPopup:!this.config.system.navigatePopups},this.correlationId),this.config.system.navigatePopups){const n={...e,httpMethod:Mc(e,this.config.system.protocolMode)};return this.logger.verbose("1f9ok3",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.acquireTokenPopupAsync(n,r,t)}return this.logger.verbose("162h4u",this.correlationId),this.acquireTokenPopupAsync(e,r,t)}catch(e){return Promise.reject(e)}}logout(e){try{this.logger.verbose("068rup",this.correlationId);const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:e?.popupWindowAttributes||{},popupWindowParent:e?.popupWindowParent??window},n=e&&e.authority,o=e&&e.mainWindowRedirectUri;return this.config.system.navigatePopups?(this.logger.verbose("1a28da",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,n,o)):(this.logger.verbose("1phd8u",this.correlationId),this.logoutPopupAsync(t,r,n,o))}catch(e){return Promise.reject(e)}}async acquireTokenPopupAsync(t,r,n){this.logger.verbose("1g77pg",this.correlationId);const o=await Un(qc,Ta,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Popup,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.popup&&la(o.authority);const i=ch(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);return o.platformBroker=i,this.config.system.protocolMode===Hr.EAR?this.executeEarFlow(o,r,n):this.executeCodeFlow(o,r,n)}async executeCodeFlow(t,r,n){const o=t.correlationId,i=_c(is.acquireTokenPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),s=n||await Un(Xc,Ea,this.logger,this.performanceClient,o)(this.performanceClient,this.logger,o),a={...t,codeChallenge:s.challenge};try{const n=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,o)({serverTelemetryManager:i,requestAuthority:a.authority,requestAzureCloudOptions:a.azureCloudOptions,requestExtraQueryParameters:a.extraQueryParameters,account:a.account});if(a.httpMethod===g)return await this.executeCodeFlowWithPost(a,r,n,s.verifier);{const i=await Un(jc,Pn,this.logger,this.performanceClient,o)(this.config,n.authority,a,this.logger,this.performanceClient),c=this.initiateAuthRequest(i,r);this.eventHandler.emitEvent(gc.POPUP_OPENED,e.InteractionType.Popup,{popupWindow:c},null);const h=await ea(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,t),l=Nn(Nc,_a,this.logger,this.performanceClient,this.correlationId)(h,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return await Un(Qc,Sa,this.logger,this.performanceClient,o)(t,l,s.verifier,is.acquireTokenPopup,this.config,n,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}catch(e){throw r.popup?.close(),e instanceof we&&(e.setCorrelationId(this.correlationId),i.cacheFailedRequest(e)),e}}async executeEarFlow(e,t,r){const{correlationId:n,authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=e,c=await Un(Ec,pa,this.logger,this.performanceClient,n)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a),h=await Un(qs,Oa,this.logger,this.performanceClient,n)(),l=r||await Un(Xc,Ea,this.logger,this.performanceClient,n)(this.performanceClient,this.logger,n),d={...e,earJwk:h,codeChallenge:l.challenge},u=t.popup||this.openPopup("about:blank",t);(await $c(u.document,this.config,c,d,this.logger,this.performanceClient)).submit();const g=await Un(ea,Ca,this.logger,this.performanceClient,n)(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,d),p=Nn(Nc,_a,this.logger,this.performanceClient,this.correlationId)(g,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);if(!p.ear_jwe&&p.code){const t=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,n)({serverTelemetryManager:_c(is.acquireTokenPopup,this.config.auth.clientId,n,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:c});return Un(Qc,Sa,this.logger,this.performanceClient,n)(d,p,l.verifier,is.acquireTokenPopup,this.config,t,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Un(Vc,ba,this.logger,this.performanceClient,n)(d,p,is.acquireTokenPopup,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async executeCodeFlowWithPost(e,t,r,n){const o=e.correlationId,i=await Un(Ec,pa,this.logger,this.performanceClient,o)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger),s=t.popup||this.openPopup("about:blank",t);(await Jc(s.document,this.config,i,e,this.logger,this.performanceClient)).submit();const a=await Un(ea,Ca,this.logger,this.performanceClient,o)(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,e),c=Nn(Nc,_a,this.logger,this.performanceClient,this.correlationId)(a,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return Un(Qc,Sa,this.logger,this.performanceClient,o)(e,c,n,is.acquireTokenPopup,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async logoutPopupAsync(t,r,n,o){this.logger.verbose("0b7yrk",this.correlationId),this.eventHandler.emitEvent(gc.LOGOUT_START,e.InteractionType.Popup,t);const i=_c(is.logoutPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{await Pc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account);const s=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:i,requestAuthority:n,account:t.account||void 0});try{s.authority.endSessionEndpoint}catch{if(t.account?.homeAccountId&&t.postLogoutRedirectUri&&s.authority.protocolMode===Hr.OIDC){if(this.eventHandler.emitEvent(gc.LOGOUT_SUCCESS,e.InteractionType.Popup,t),o){const e={apiId:is.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=vr.getAbsoluteUrl(o,ta());await this.navigationClient.navigateInternal(t,e)}return void r.popup?.close()}}const a=s.getLogoutUri(t);this.eventHandler.emitEvent(gc.LOGOUT_SUCCESS,e.InteractionType.Popup,t);const c=this.openPopup(a,r);if(this.eventHandler.emitEvent(gc.POPUP_OPENED,e.InteractionType.Popup,{popupWindow:c},null),await ea(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,t).catch((()=>{})),o){const e={apiId:is.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=vr.getAbsoluteUrl(o,ta());this.logger.verbose("0qcur2",this.correlationId),this.logger.verbosePii("0oj7lk",this.correlationId),await this.navigationClient.navigateInternal(t,e)}else this.logger.verbose("03zgcf",this.correlationId)}catch(t){throw r.popup?.close(),t instanceof we&&(t.setCorrelationId(this.correlationId),i.cacheFailedRequest(t)),this.eventHandler.emitEvent(gc.LOGOUT_FAILURE,e.InteractionType.Popup,null,t),this.eventHandler.emitEvent(gc.LOGOUT_END,e.InteractionType.Popup),t}this.eventHandler.emitEvent(gc.LOGOUT_END,e.InteractionType.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii("1kcr9k",this.correlationId),this.openPopup(e,t);throw this.logger.error("1l7hyp",this.correlationId),Ei(No)}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii("0cgeo7",this.correlationId),r.location.assign(e)):void 0===t.popup&&(this.logger.verbosePii("0c2awd",this.correlationId),r=this.openSizedPopup(e,t)),!r)throw Ei(jo);return r.focus&&r.focus(),this.currentWindow=r,r}catch(e){throw this.logger.error("0dxfb9",this.correlationId),Ei(zo)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:n}){const o=n.screenLeft?n.screenLeft:n.screenX,i=n.screenTop?n.screenTop:n.screenY,s=n.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,a=n.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let c=r.popupSize?.width,h=r.popupSize?.height,l=r.popupPosition?.top,d=r.popupPosition?.left;return(!c||c<0||c>s)&&(this.logger.verbose("08vfmo",this.correlationId),c=Ri),(!h||h<0||h>a)&&(this.logger.verbose("09cxa0",this.correlationId),h=Oi),(!l||l<0||l>a)&&(this.logger.verbose("1qh4wo",this.correlationId),l=Math.max(0,a/2-Oi/2+i)),(!d||d<0||d>s)&&(this.logger.verbose("1sz3en",this.correlationId),d=Math.max(0,s/2-Ri/2+o)),n.open(e,t,`width=${c}, height=${h}, top=${l}, left=${d}, scrollbars=yes`)}generatePopupName(e,t){return`${Mi}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${Mi}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}class lh extends xc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a}async acquireToken(t){const r=await Un(qc,Ta,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Redirect,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.platformBroker=ch(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);const n=t=>{t.persisted&&(this.logger.verbose("0udvtt",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),this.eventHandler.emitEvent(gc.RESTORE_FROM_BFCACHE,e.InteractionType.Redirect))},o=this.getRedirectStartPage(t.redirectStartPage);this.logger.verbosePii("0zao0a",this.correlationId),this.browserStorage.setTemporaryCache(Xi,o,!0),window.addEventListener("pageshow",n);try{this.config.system.protocolMode===Hr.EAR?await this.executeEarFlow(r):await this.executeCodeFlow(r)}catch(e){throw e instanceof we&&e.setCorrelationId(this.correlationId),window.removeEventListener("pageshow",n),e}}async executeCodeFlow(e){const t=e.correlationId,r=_c(is.acquireTokenRedirect,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),n=await Un(Xc,Ea,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),o={...e,codeChallenge:n.challenge};this.browserStorage.cacheAuthorizeRequest(o,this.correlationId,n.verifier);try{if(o.httpMethod===g)return await this.executeCodeFlowWithPost(o);{const t=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:r,requestAuthority:o.authority,requestAzureCloudOptions:o.azureCloudOptions,requestExtraQueryParameters:o.extraQueryParameters,account:o.account}),n=await Un(jc,Pn,this.logger,this.performanceClient,e.correlationId)(this.config,t.authority,o,this.logger,this.performanceClient);return await this.initiateAuthRequest(n)}}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),r.cacheFailedRequest(e)),e}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Un(Ec,pa,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Un(qs,Oa,this.logger,this.performanceClient,t)(),c=await Un(Xc,Ea,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge};this.browserStorage.cacheAuthorizeRequest(h,this.correlationId,c.verifier);return(await $c(document,this.config,s,h,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Ei(Ti,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async executeCodeFlowWithPost(e){const t=e.correlationId,r=await Un(Ec,pa,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger);this.browserStorage.cacheAuthorizeRequest(e,this.correlationId);return(await Jc(document,this.config,r,e,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Ei(Ti,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async handleRedirectPromise(e,t,r,n){const o=_c(is.handleRedirectPromise,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),i=n?.navigateToLoginRequestUrl??!0;try{const[s,a]=this.getRedirectResponse(n?.hash||"");if(!s)return this.logger.info("1qmv0q",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),"back_forward"!==function(){if("undefined"==typeof window||void 0===window.performance||"function"!=typeof window.performance.getEntriesByType)return;const e=window.performance.getEntriesByType("navigation"),t=e.length?e[0]:void 0;return t?.type}()?r.event.errorCode="no_server_response":this.logger.verbose("1eqegq",this.correlationId),null;const c=this.browserStorage.getTemporaryCache(Xi,this.correlationId,!0)||"",h=sr(c);if(h===sr(window.location.href)&&i){this.logger.verbose("11yred",this.correlationId),c.indexOf("#")>-1&&Qs(c);return await this.handleResponse(s,e,t,o)}if(!i)return this.logger.verbose("0v4sdv",this.correlationId),await this.handleResponse(s,e,t,o);if(!Vs()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(Yi,a,!0);const r={apiId:is.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let n=!0;if(c&&"null"!==c)this.logger.verbose("08jpy1",this.correlationId),n=await this.navigationClient.navigateInternal(c,r);else{const e=ra();this.browserStorage.setTemporaryCache(Xi,e,!0),this.logger.warning("1dutq1",this.correlationId),n=await this.navigationClient.navigateInternal(e,r)}if(!n)return await this.handleResponse(s,e,t,o)}return null}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),o.cacheFailedRequest(e)),e}}getRedirectResponse(t){this.logger.verbose("1c5i8m",this.correlationId);let r=t;r||(r=this.config.auth.OIDCOptions.responseMode===x.QUERY?window.location.search:window.location.hash);let n=or(r);if(n){try{Uc(n,this.browserCrypto,e.InteractionType.Redirect)}catch(e){return e instanceof we&&this.logger.error("0bkq6p",this.correlationId),[null,""]}return Gs(window),this.logger.verbose("00uvho",this.correlationId),[n,r]}const o=this.browserStorage.getTemporaryCache(Yi,this.correlationId,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Yi)),o&&(n=or(o),n)?(this.logger.verbose("001671",this.correlationId),[n,o]):[null,""]}async handleResponse(e,t,r,n){if(!e.state)throw Ei(Lo);const{authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=t;if(e.ear_jwe){const r=await Un(Ec,pa,this.logger,this.performanceClient,t.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a);return Un(Vc,ba,this.logger,this.performanceClient,t.correlationId)(t,e,is.acquireTokenRedirect,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}const c=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority});return Un(Qc,Sa,this.logger,this.performanceClient,t.correlationId)(t,e,r,is.acquireTokenRedirect,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async initiateAuthRequest(e){if(this.logger.verbose("0yaw2e",this.correlationId),e){this.logger.infoPii("1luf83",this.correlationId);const t={apiId:is.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},r=this.config.auth.onRedirectNavigate;if("function"==typeof r){this.logger.verbose("1nehvl",this.correlationId);return!1!==r(e)?(this.logger.verbose("1a0jxh",this.correlationId),void await this.navigationClient.navigateExternal(e,t)):void this.logger.verbose("09k5h5",this.correlationId)}return this.logger.verbose("0klwf7",this.correlationId),void await this.navigationClient.navigateExternal(e,t)}throw this.logger.info("0rlh4e",this.correlationId),Ei(No)}async logout(t){this.logger.verbose("1rkurh",this.correlationId);const r=this.initializeLogoutRequest(t),n=_c(is.logout,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{this.eventHandler.emitEvent(gc.LOGOUT_START,e.InteractionType.Redirect,t),await Pc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,r.account);const o={apiId:is.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t&&t.authority,requestExtraQueryParameters:t?.extraQueryParameters,account:t&&t.account||void 0});if(i.authority.protocolMode===Hr.OIDC)try{i.authority.endSessionEndpoint}catch{if(r.account?.homeAccountId)return void this.eventHandler.emitEvent(gc.LOGOUT_SUCCESS,e.InteractionType.Redirect,r)}const s=i.getLogoutUri(r);r.account?.homeAccountId&&this.eventHandler.emitEvent(gc.LOGOUT_SUCCESS,e.InteractionType.Redirect,r);const a=this.config.auth.onRedirectNavigate;if("function"!=typeof a)return this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Vi),void await this.navigationClient.navigateExternal(s,o);if(!1!==a(s))return this.logger.verbose("06v57e",this.correlationId),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Vi),void await this.navigationClient.navigateExternal(s,o);this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("0xqes1",this.correlationId)}catch(t){throw t instanceof we&&(t.setCorrelationId(this.correlationId),n.cacheFailedRequest(t)),this.eventHandler.emitEvent(gc.LOGOUT_FAILURE,e.InteractionType.Redirect,null,t),this.eventHandler.emitEvent(gc.LOGOUT_END,e.InteractionType.Redirect),t}this.eventHandler.emitEvent(gc.LOGOUT_END,e.InteractionType.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return vr.getAbsoluteUrl(t,ta())}}async function dh(e,t,r,n){if(!e)throw r.info("1l7hyp",n),Ei(No);return Nn(ph,"silentHandlerLoadFrameSync",r,t,n)(e)}async function uh(e,t,r,n,o){const i=mh();if(!i.contentDocument)throw"No document associated with iframe!";return(await Jc(i.contentDocument,e,t,r,n,o)).submit(),i}async function gh(e,t,r,n,o){const i=mh();if(!i.contentDocument)throw"No document associated with iframe!";return(await $c(i.contentDocument,e,t,r,n,o)).submit(),i}function ph(e){const t=mh();return t.src=e,t}function mh(){const e=document.createElement("iframe");return e.className="msalSilentIframe",e.style.visibility="hidden",e.style.position="absolute",e.style.width=e.style.height="0",e.style.border="0",e.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),e.setAttribute("allow","local-network-access *"),document.body.appendChild(e),e}class fh extends xc{constructor(e,t,r,n,o,i,s,a,c,h,l){super(e,t,r,n,o,i,a,h,l),this.apiId=s,this.nativeStorage=c}async acquireToken(t){t.loginHint||t.sid||t.account&&t.account.username||this.logger.warning("1kl318",this.correlationId);const r={...t};r.prompt?r.prompt!==R.NONE&&r.prompt!==R.NO_SESSION&&(this.logger.warning("0bmctg",this.correlationId),r.prompt=R.NONE):r.prompt=R.NONE;const n=await Un(qc,Ta,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);return n.platformBroker=ch(this.config,this.logger,this.correlationId,this.platformAuthProvider,n.authenticationScheme),la(n.authority),this.config.system.protocolMode===Hr.EAR?this.executeEarFlow(n):this.executeCodeFlow(n)}async executeCodeFlow(e){let t;const r=_c(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{return t=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await Un(this.silentTokenHelper.bind(this),wa,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(n){if(n instanceof we&&(n.setCorrelationId(this.correlationId),r.cacheFailedRequest(n)),!(t&&n instanceof we&&n.errorCode===Pi))throw n;return this.performanceClient.addFields({retryError:n.errorCode},this.correlationId),await Un(this.silentTokenHelper.bind(this),wa,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Un(Ec,pa,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Un(qs,Oa,this.logger,this.performanceClient,t)(),c=await Un(Xc,Ea,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge};await Un(gh,Ia,this.logger,this.performanceClient,t)(this.config,s,h,this.logger,this.performanceClient);const l=this.config.auth.OIDCOptions.responseMode,d=await Un(ea,Ca,this.logger,this.performanceClient,t)(this.config.system.iframeBridgeTimeout,this.logger,this.browserCrypto,e),u=Nn(Nc,_a,this.logger,this.performanceClient,t)(d,l,this.logger,this.correlationId);if(!u.ear_jwe&&u.code){const r=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,t)({serverTelemetryManager:_c(this.apiId,this.config.auth.clientId,t,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:s});return Un(Qc,Sa,this.logger,this.performanceClient,t)(h,u,c.verifier,this.apiId,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Un(Vc,ba,this.logger,this.performanceClient,t)(h,u,this.apiId,this.config,s,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}logout(){return Promise.reject(Ei(Vo))}async silentTokenHelper(e,t){const r=t.correlationId,n=await Un(Xc,Ea,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),o={...t,codeChallenge:n.challenge};if(t.httpMethod===g)await Un(uh,Ia,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);else{const t=await Un(jc,Pn,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);await Un(dh,Ia,this.logger,this.performanceClient,r)(t,this.performanceClient,this.logger,r)}const i=this.config.auth.OIDCOptions.responseMode,s=await Un(ea,Ca,this.logger,this.performanceClient,r)(this.config.system.iframeBridgeTimeout,this.logger,this.browserCrypto,t),a=Nn(Nc,_a,this.logger,this.performanceClient,r)(s,i,this.logger,this.correlationId);return Un(Qc,Sa,this.logger,this.performanceClient,r)(t,a,n.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}class yh extends xc{async acquireToken(e){const t=await Un(Rc,ya,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger,this.correlationId),r={...e,...t};e.redirectUri&&(r.redirectUri=Sc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId));const n=_c(is.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),o=await this.createRefreshTokenClient({serverTelemetryManager:n,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return Un(o.acquireTokenByRefreshToken.bind(o),"refreshTokenClientAcquireTokenByRefreshToken",this.logger,this.performanceClient,e.correlationId)(r).catch((e=>{throw e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e),e}))}logout(){return Promise.reject(Ei(Vo))}async createRefreshTokenClient(e){const t=await Un(this.getClientConfiguration.bind(this),ka,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new mo(t,this.performanceClient)}}class wh extends po{constructor(e,t){super(e,t),this.includeRedirectUri=!1}}class Ih extends xc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,a,c,h),this.apiId=s}async acquireToken(t){if(!t.code)throw Ei(ci);const r=await Un(qc,Ta,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),n=_c(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const e={...r,code:t.code},o=await Un(this.getClientConfiguration.bind(this),ka,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:r.authority,requestAzureCloudOptions:r.azureCloudOptions,requestExtraQueryParameters:r.extraQueryParameters,account:r.account}),i=new wh(o,this.performanceClient);this.logger.verbose("1uic5e",this.correlationId);const s=new Lc(i,this.browserStorage,e,this.logger,this.performanceClient);return await Un(s.handleCodeResponseFromServer.bind(s),Rn,this.logger,this.performanceClient,this.correlationId)({code:t.code,msgraph_host:t.msGraphHost,cloud_graph_host_name:t.cloudGraphHostName,cloud_instance_host_name:t.cloudInstanceHostName},r,!1)}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e)),e}}logout(){return Promise.reject(Ei(Vo))}}function Ch(e,t,r){try{ca(e)}catch(e){throw t.end({success:!1},e,r),e}}class vh{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new Na(this.logger,this.performanceClient):ar,this.eventHandler=new bc(this.logger),this.browserStorage=this.isBrowserEnvironment?new yc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,uo(this.config.auth)):Ic(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:Ji.MemoryStorage,cacheRetentionDays:5};this.nativeInternalStorage=new yc(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this)}static async createController(e,t){const r=new vh(e);return await r.initialize(t),r}trackPageVisibility(e){e&&(this.logger.info("16v6hv",e),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e){const t=this.getRequestCorrelationId(e);if(this.logger.trace("1f7joy",t),this.initialized)return void this.logger.info("061m5x",t);if(!this.isBrowserEnvironment)return this.logger.info("19fvpi",t),this.initialized=!0,void this.eventHandler.emitEvent(gc.INITIALIZE_END);const r=e?.correlationId||this.getRequestCorrelationId(),n=this.config.system.allowPlatformBroker,o=this.performanceClient.startMeasurement(za,r);if(this.eventHandler.emitEvent(gc.INITIALIZE_START),this.logMultipleInstances(o,r),await Un(this.browserStorage.initialize.bind(this.browserStorage),"initializeCache",this.logger,this.performanceClient,r)(r),n)try{this.platformAuthProvider=await ah(this.logger,this.performanceClient,r,this.config.system.nativeBrokerHandshakeTimeout)}catch(e){this.logger.verbose(e,r)}this.config.cache.cacheLocation===Ji.LocalStorage&&this.eventHandler.subscribeCrossTab(),!this.config.system.navigatePopups&&await this.preGeneratePkceCodes(r),this.initialized=!0,this.eventHandler.emitEvent(gc.INITIALIZE_END),o.end({allowPlatformBroker:n,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("02l8bm",""),aa(this.initialized),this.isBrowserEnvironment){const t=e?.hash||"";let r=this.redirectResponse.get(t);return void 0===r?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("1wn9kp","")):this.logger.verbose("0w0gm3",""),r}return this.logger.verbose("12xi63",""),null}async handleRedirectPromiseInternal(t){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",""),null;const r=this.browserStorage.getInteractionInProgress()?.type;if(r===Vi)return this.logger.verbose("1ywcv2",""),this.browserStorage.setInteractionInProgress(!1),Promise.resolve(null);const n=this.getAllAccounts(),o=this.browserStorage.getCachedNativeRequest(),i=o&&this.platformAuthProvider&&!t?.hash;let s,a;this.eventHandler.emitEvent(gc.HANDLE_REDIRECT_START,e.InteractionType.Redirect);try{if(i&&this.platformAuthProvider){const e=o?.correlationId||"";s=this.performanceClient.startMeasurement(Ka,e),this.logger.trace("12v7is",e);const t=new Bc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,is.handleRedirectPromise,this.performanceClient,this.platformAuthProvider,o.accountId,this.nativeInternalStorage,o.correlationId);a=Un(t.handleRedirectPromise.bind(t),"handleNativeRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(this.performanceClient,s.event.correlationId)}else{const[e,r]=this.browserStorage.getCachedRequest(""),n=e.correlationId;s=this.performanceClient.startMeasurement(Ka,n),this.logger.trace("0znzs5",n);const o=this.createRedirectClient(n);a=Un(o.handleRedirectPromise.bind(o),"handleRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(e,r,s,t)}}catch(e){throw this.browserStorage.resetRequestCache(""),e}return a.then((t=>{if(t){this.browserStorage.resetRequestCache(t.correlationId),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Redirect,t),this.logger.verbose("0ui8f5",t.correlationId);n.length<this.getAllAccounts().length&&(this.eventHandler.emitEvent(gc.LOGIN_SUCCESS,e.InteractionType.Redirect,t.account),this.logger.verbose("16im3l",t.correlationId)),s.end({success:!0},void 0,t.account)}else s.event.errorCode?s.end({success:!1},void 0):s.discard();return this.eventHandler.emitEvent(gc.HANDLE_REDIRECT_END,e.InteractionType.Redirect),t})).catch((t=>{this.browserStorage.resetRequestCache(s.event.correlationId);const r=t;throw this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Redirect,null,r),this.eventHandler.emitEvent(gc.HANDLE_REDIRECT_END,e.InteractionType.Redirect),s.end({success:!1},r),t}))}async acquireTokenRedirect(t){const r=this.getRequestCorrelationId(t);this.logger.verbose("0os66p",r);const n=this.performanceClient.startMeasurement(Fa,r);n.add({scenarioId:t.scenarioId});const o=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=e=>{const r="function"==typeof o?o(e):void 0;return n.add({navigateCallbackResult:!1!==r}),n.event=n.end({success:!0},void 0,t.account)||n.event,r};try{let o;if(ha(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Qi),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Redirect,t),this.platformAuthProvider&&this.canUsePlatformBroker(t)){o=new Bc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,is.acquireTokenRedirect,this.performanceClient,this.platformAuthProvider,this.getNativeAccountId(t),this.nativeInternalStorage,r).acquireTokenRedirect(t,n).catch((e=>{if(e instanceof Hc&&Dc(e)){this.platformAuthProvider=void 0;return this.createRedirectClient(r).acquireToken(t)}if(e instanceof fn){this.logger.verbose("1ipyz4",r);return this.createRedirectClient(r).acquireToken(t)}throw e}))}else{o=this.createRedirectClient(r).acquireToken(t)}return await o}catch(o){throw this.browserStorage.resetRequestCache(r),2===n.event.status?this.performanceClient.startMeasurement(Ka,r).end({success:!1},o,t.account):n.end({success:!1},o,t.account),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Redirect,null,o),o}}acquireTokenPopup(t){const r=this.getRequestCorrelationId(t),n=this.performanceClient.startMeasurement(Da,r);n.add({scenarioId:t.scenarioId});try{this.logger.verbose("0ch87b",r),Ch(this.initialized,n,t.account),this.browserStorage.setInteractionInProgress(!0,Qi,t.overrideInteractionInProgress,r)}catch(e){return Promise.reject(e)}const o=this.getAllAccounts();let i;this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Popup,t);const s=this.getPreGeneratedPkceCodes(r);if(this.canUsePlatformBroker(t))i=this.acquireTokenNative({...t,correlationId:r},is.acquireTokenPopup).then((e=>(n.end({success:!0,isNativeBroker:!0},void 0,e.account),e))).catch((e=>{if(e instanceof Hc&&Dc(e)){this.platformAuthProvider=void 0;return this.createPopupClient(r).acquireToken(t,s)}if(e instanceof fn){this.logger.verbose("0yy5fw",r);return this.createPopupClient(r).acquireToken(t,s)}throw e}));else{i=this.createPopupClient(r).acquireToken(t,s)}return i.then((t=>{const r=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Popup,t),r&&this.eventHandler.emitEvent(gc.LOGIN_SUCCESS,e.InteractionType.Popup,t.account),n.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t})).catch((r=>(this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Popup,null,r),n.end({success:!1},r,t.account),Promise.reject(r)))).finally((async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.navigatePopups||await this.preGeneratePkceCodes(r)}))}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;e&&e.increment({visibilityChangeCount:1})}async ssoSilent(t){const r=this.getRequestCorrelationId(t),n={...t,prompt:t.prompt,correlationId:r};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(Ba,r),this.ssoSilentMeasurement?.add({scenarioId:t.scenarioId}),Ch(this.initialized,this.ssoSilentMeasurement,t.account),this.ssoSilentMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const o=this.getAllAccounts();let i;if(this.logger.verbose("0w1b45",r),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,n),this.canUsePlatformBroker(n))i=this.acquireTokenNative(n,is.ssoSilent).catch((e=>{if(e instanceof Hc&&Dc(e)){this.platformAuthProvider=void 0;return this.createSilentIframeClient(n.correlationId).acquireToken(n)}throw e}));else{i=this.createSilentIframeClient(n.correlationId).acquireToken(n)}return i.then((t=>{const r=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,t),r&&this.eventHandler.emitEvent(gc.LOGIN_SUCCESS,e.InteractionType.Silent,t.account),this.ssoSilentMeasurement?.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t})).catch((r=>{throw this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,r),this.ssoSilentMeasurement?.end({success:!1},r,t.account),r})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenByCode(t){const r=this.getRequestCorrelationId(t);this.logger.trace("0ch6ga",r);const n=this.performanceClient.startMeasurement(Ha,r);Ch(this.initialized,n),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,t),n.add({scenarioId:t.scenarioId});try{if(t.code&&t.nativeAccountId)throw Ei(li);if(t.code){const o=t.code;let i=this.hybridAuthCodeResponses.get(o);return i?(this.logger.verbose("0qgp28",r),n.discard()):(this.logger.verbose("06eh73",r),i=this.acquireTokenByCodeAsync({...t,correlationId:r}).then((t=>(this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,t),this.hybridAuthCodeResponses.delete(o),n.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((t=>{throw this.hybridAuthCodeResponses.delete(o),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),n.end({success:!1},t),t})),this.hybridAuthCodeResponses.set(o,i)),await i}if(t.nativeAccountId){if(this.canUsePlatformBroker(t,t.nativeAccountId)){const e=await this.acquireTokenNative({...t,correlationId:r},is.acquireTokenByCode,t.nativeAccountId).catch((e=>{throw e instanceof Hc&&Dc(e)&&(this.platformAuthProvider=void 0),e}));return n.end({success:!0},void 0,e.account),e}throw Ei(ui)}throw Ei(hi)}catch(t){throw this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),n.end({success:!1},t),t}}async acquireTokenByCodeAsync(e){const t=this.getRequestCorrelationId(e);this.logger.trace("10d9hy",t),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement("acquireTokenByCodeAsync",t),this.acquireTokenByCodeAsyncMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const r=this.createSilentAuthCodeClient(t);return await r.acquireToken(e).then((e=>(this.acquireTokenByCodeAsyncMeasurement?.end({success:!0,fromCache:e.fromCache,isNativeBroker:e.fromPlatformBroker}),e))).catch((e=>{throw this.acquireTokenByCodeAsyncMeasurement?.end({success:!1},e),e})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenFromCache(e,t){switch(t){case ds.Default:case ds.AccessToken:case ds.AccessTokenAndRefreshToken:const t=this.createSilentCacheClient(e.correlationId);return Un(t.acquireToken.bind(t),"silentCacheClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw be(ft)}}async acquireTokenByRefreshToken(e,t){switch(t){case ds.Default:case ds.AccessTokenAndRefreshToken:case ds.RefreshToken:case ds.RefreshTokenAndNetwork:const t=this.createSilentRefreshClient(e.correlationId);return Un(t.acquireToken.bind(t),"silentRefreshClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw be(ft)}}async acquireTokenBySilentIframe(e){const t=this.createSilentIframeClient(e.correlationId);return Un(t.acquireToken.bind(t),"silentIframeClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e)}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);ha(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Vi);return this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);ca(this.initialized),this.browserStorage.setInteractionInProgress(!0,Vi);return this.createPopupClient(t).logout(e).finally((()=>{this.browserStorage.setInteractionInProgress(!1)}))}catch(e){return Promise.reject(e)}}async clearCache(e){if(!this.isBrowserEnvironment)return;const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return Cc(this.logger,this.browserStorage,this.isBrowserEnvironment,this.getRequestCorrelationId(),e)}getAccount(e){return vc(e,this.logger,this.browserStorage,this.getRequestCorrelationId())}setActiveAccount(e){kc(e,this.browserStorage,this.getRequestCorrelationId())}getActiveAccount(){return Tc(this.browserStorage,this.getRequestCorrelationId())}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=Fr(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,Ir(e.idTokenClaims)),e.fromPlatformBroker?(this.logger.verbose("1fxyu8",e.correlationId),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,r,n){const o=this.getRequestCorrelationId(e);if(this.logger.trace("0b9y3p",o),!this.platformAuthProvider)throw Ei(mi);return new Bc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.platformAuthProvider,r||this.getNativeAccountId(e),this.nativeInternalStorage,o).acquireToken(e,n)}canUsePlatformBroker(e,t){const r=this.getRequestCorrelationId(e);if(this.logger.trace("1n9lbl",r),!this.platformAuthProvider)return this.logger.trace("0vnu11",r),!1;if(!ch(this.config,this.logger,r,this.platformAuthProvider,e.authenticationScheme))return this.logger.trace("1m4bzf",r),!1;if(e.prompt)switch(e.prompt){case R.NONE:case R.CONSENT:case R.LOGIN:this.logger.trace("0vdv8e",r);break;default:return this.logger.trace("0pdzw6",r),!1}return!(!t&&!this.getNativeAccountId(e))||(this.logger.trace("16lbtk",r),!1)}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||this.getActiveAccount();return t&&t.nativeAccountId||""}createPopupClient(e){return new hh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createRedirectClient(e){return new lh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentIframeClient(e){return new fh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,is.ssoSilent,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentCacheClient(e){return new Kc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentRefreshClient(e){return new yh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentAuthCodeClient(e){return new Ih(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,is.acquireTokenByCode,this.performanceClient,e,this.platformAuthProvider)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return sa(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e?.correlationId?e.correlationId:this.isBrowserEnvironment?Ms():""}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0lz9hf",t),this.acquireTokenRedirect({correlationId:t,...e||cs})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0qw7v5",t),this.acquireTokenPopup({correlationId:t,...e||cs})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(La,t);r.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),Ch(this.initialized,r,e.account),this.logger.verbose("0x1c4s",t);const n=e.account||this.getActiveAccount();if(!n)throw Ei(Xo);return this.acquireTokenSilentDeduped(e,n,t).then((n=>(r.end({success:!0,fromCache:n.fromCache,isNativeBroker:n.fromPlatformBroker,accessTokenSize:n.accessToken.length,idTokenSize:n.idToken.length},void 0,n.account),{...n,state:e.state,correlationId:t}))).catch((e=>{throw e instanceof we&&e.setCorrelationId(t),r.end({success:!1},e,n),e}))}async acquireTokenSilentDeduped(e,t,r){const n=to(this.config.auth.clientId,{...e,authority:e.authority||this.config.auth.authority},t.homeAccountId),o=JSON.stringify(n),i=this.activeSilentTokenRequests.get(o);if(void 0===i){this.logger.verbose("0fcjbk",r),this.performanceClient.addFields({deduped:!1},r);const n=Un(this.acquireTokenSilentAsync.bind(this),"acquireTokenSilentAsync",this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(o,n),n.finally((()=>{this.activeSilentTokenRequests.delete(o)}))}return this.logger.verbose("1yq7nb",r),this.performanceClient.addFields({deduped:!0},r),i}async acquireTokenSilentAsync(t,r){const n=()=>this.trackPageVisibility(t.correlationId);this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,t),t.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},t.correlationId),document.addEventListener("visibilitychange",n);const o=await Un(Oc,"initializeSilentRequest",this.logger,this.performanceClient,t.correlationId)(t,r,this.config,this.performanceClient,this.logger),i=t.cacheLookupPolicy||ds.Default;return this.acquireTokenSilentNoIframe(o,i).catch((async e=>{const t=function(e,t){const r=!(e instanceof fn&&e.subError!==un),n=e.errorCode===Pi||e.errorCode===ft,o=r&&n||e.errorCode===on||e.errorCode===an,i=us.includes(t);return o&&i}(e,i);if(t){if(this.activeIframeRequest){if(i!==ds.Skip){const[t,r]=this.activeIframeRequest;this.logger.verbose("1w8fso",o.correlationId);const n=this.performanceClient.startMeasurement("awaitConcurrentIframe",o.correlationId);n.add({awaitIframeCorrelationId:r});const s=await t;if(n.end({success:s}),s)return this.logger.verbose("0ywzzi",o.correlationId),this.acquireTokenSilentNoIframe(o,i);throw this.logger.info("17y14q",o.correlationId),e}return this.logger.warning("1bd4p8",o.correlationId),Un(this.acquireTokenBySilentIframe.bind(this),fa,this.logger,this.performanceClient,o.correlationId)(o)}{let e;return this.activeIframeRequest=[new Promise((t=>{e=t})),o.correlationId],this.logger.verbose("0rh08z",o.correlationId),Un(this.acquireTokenBySilentIframe.bind(this),fa,this.logger,this.performanceClient,o.correlationId)(o).then((t=>(e(!0),t))).catch((t=>{throw e(!1),t})).finally((()=>{this.activeIframeRequest=void 0}))}}throw e})).then((r=>(this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,r),t.correlationId&&this.performanceClient.addFields({fromCache:r.fromCache,isNativeBroker:r.fromPlatformBroker},t.correlationId),r))).catch((t=>{throw this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),t})).finally((()=>{document.removeEventListener("visibilitychange",n)}))}async acquireTokenSilentNoIframe(t,r){return ch(this.config,this.logger,t.correlationId,this.platformAuthProvider,t.authenticationScheme)&&t.account.nativeAccountId?(this.logger.verbose("0sczo4",t.correlationId),this.acquireTokenNative(t,is.acquireTokenSilent_silentFlow,t.account.nativeAccountId,r).catch((async e=>{if(e instanceof Hc&&Dc(e))throw this.logger.verbose("07rkmb",t.correlationId),this.platformAuthProvider=void 0,be(ft);throw e}))):(this.logger.verbose("0ox81t",t.correlationId),r===ds.AccessToken&&this.logger.verbose("0fvwxe",t.correlationId),Un(this.acquireTokenFromCache.bind(this),"acquireTokenFromCache",this.logger,this.performanceClient,t.correlationId)(t,r).catch((n=>{if(r===ds.AccessToken)throw n;return this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_NETWORK_START,e.InteractionType.Silent,t),Un(this.acquireTokenByRefreshToken.bind(this),"acquireTokenByRefreshToken",this.logger,this.performanceClient,t.correlationId)(t,r)})))}async preGeneratePkceCodes(e){return this.logger.verbose("1x6uj6",e),this.pkceCode=await Un(Xc,Ea,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,t?this.logger.verbose("12js1o",e):this.logger.verbose("1oe9ci",e),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}logMultipleInstances(e,t){const r=this.config.auth.clientId;if(!window)return;window.msal=window.msal||{},window.msal.clientIds=window.msal.clientIds||[];window.msal.clientIds.length>0&&this.logger.verbose("1qtz3l",t),window.msal.clientIds.push(r),function(e,t,r,n){const o=window.msal?.clientIds||[],i=o.length,s=o.filter((t=>t===e)).length;s>1&&r.warning("1e88vg",n),t.add({msalInstanceCount:i,sameClientIdInstanceCount:s})}(r,e,this.logger,t)}}class kh{static loggerCallback(t,r){switch(t){case e.LogLevel.Error:return void console.error(r);case e.LogLevel.Info:return void console.info(r);case e.LogLevel.Verbose:return void console.debug(r);case e.LogLevel.Warning:return void console.warn(r);default:return void console.log(r)}}constructor(t){let r;this.browserEnvironment="undefined"!=typeof window,this.config=oh(t,this.browserEnvironment);try{r=window[Ji.SessionStorage]}catch(e){}const n=r?.getItem(Ga),o=r?.getItem(Qa)?.toLowerCase(),i="true"===o||"false"!==o&&void 0,s={...this.config.system.loggerOptions},a=n&&Object.keys(e.LogLevel).includes(n)?e.LogLevel[n]:void 0;a&&(s.loggerCallback=kh.loggerCallback,s.logLevel=a),void 0!==i&&(s.piiLoggingEnabled=i),this.logger=new dr(s,pc,mc),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}class Th extends kh{getModuleName(){return Th.MODULE_NAME}getId(){return Th.ID}async initialize(e){return this.available="undefined"!=typeof window,this.available}}Th.MODULE_NAME="",Th.ID="StandardOperatingContext";const bh="USER_INTERACTION_REQUIRED",Ah="USER_CANCEL",Sh="NO_NETWORK",_h="TRANSIENT_ERROR",Eh="PERSISTENT_ERROR",Ph="DISABLED",Rh="ACCOUNT_UNAVAILABLE",Oh="NESTED_APP_AUTH_UNAVAILABLE";class Mh{constructor(e,t,r,n){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=n}toNaaTokenRequest(e){let t;t=void 0===e.extraQueryParameters?new Map:new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId||this.crypto.createNewGuid(),n=Vt(e.claims,this.clientCapabilities),o=e.scopes||p;return{platformBrokerId:e.account?.homeAccountId,clientId:this.clientId,authority:e.authority,scope:o.join(" "),correlationId:r,claims:ke.isEmptyObj(n)?void 0:n,state:e.state,authenticationScheme:e.authenticationScheme||G.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token||!t.token.access_token)throw be(Qe);const n=Tn(r+(t.token.expires_in||0)),o=wr(t.token.id_token,this.crypto.base64Decode),i=this.fromNaaAccountInfo(t.account,t.token.id_token,o),s=t.token.scope||e.scope;return{authority:t.token.authority||i.environment,uniqueId:i.localAccountId,tenantId:i.tenantId,scopes:s.split(" "),account:i,idToken:t.token.id_token,idTokenClaims:o,accessToken:t.token.access_token,fromCache:!1,expiresOn:n,tokenType:e.authenticationScheme||G.BEARER,correlationId:e.correlationId,extExpiresOn:n,state:e.state}}fromNaaAccountInfo(e,t,r){const n=r||e.idTokenClaims,o=e.localAccountId||n?.oid||n?.sub||"",i=e.tenantId||n?.tid||"",s=e.homeAccountId||`${o}.${i}`,a=e.username||n?.preferred_username||"",c=e.name||n?.name,h=e.loginHint||n?.login_hint,l=new Map,d=fr(s,o,i,n);l.set(i,d);return{homeAccountId:s,environment:e.environment,tenantId:i,username:a,localAccountId:o,name:c,loginHint:h,idToken:t,idTokenClaims:n,tenantProfiles:l}}fromBridgeError(e){if(!function(e){return void 0!==e.status}(e))return new we("unknown_error","An unknown error occurred");switch(e.status){case Ah:return new Te(Tt);case Sh:return new Te(kt);case Rh:return new Te(pt);case Ph:return new Te(At);case Oh:return new Te(e.code||At,e.description);case _h:case Eh:return new nn(e.code,e.description);case bh:return new fn(e.code,e.description);default:return new we(e.code,e.description)}}toAuthenticationResultFromCache(e,t,r,n,o){if(!t||!r)throw be(Qe);const i=wr(t.secret,this.crypto.base64Decode),s=r.target||n.scopes.join(" ");return{authority:r.environment||e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:s.split(" "),account:e,idToken:t.secret,idTokenClaims:i||{},accessToken:r.secret,fromCache:!0,expiresOn:Tn(r.expiresOn),extExpiresOn:Tn(r.extendedExpiresOn),tokenType:n.authenticationScheme||G.BEARER,correlationId:o,state:n.state}}}class xh extends we{constructor(e,t){super(e,t),Object.setPrototypeOf(this,xh.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(){return new xh("unsupported_method")}}class qh{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(void 0===t)throw new Error("unexpected: bridgeProxy is undefined");this.bridgeProxy=t,this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new Na(this.logger,this.performanceClient,!0):ar,this.eventHandler=new bc(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new yc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,uo(this.config.auth)):Ic(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new Mh(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r||null}static async createController(e){const t=new qh(e);return Promise.resolve(t)}async initialize(e,t){const r=e?.correlationId||Ms();return await this.browserStorage.initialize(r),Promise.resolve()}ensureValidRequest(e){return e?.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(t){const r=this.ensureValidRequest(t),n=r.correlationId||Ms();this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Popup,r);const o=this.performanceClient.startMeasurement(Da,n);o.add({nestedAppAuthRequest:!0});try{const i=this.nestedAppAuthAdapter.toNaaTokenRequest(r),s=vn(),a=await this.bridgeProxy.getTokenInteractive(i),c={...this.nestedAppAuthAdapter.fromNaaTokenResponse(i,a,s)};try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Popup,c),o.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),o.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const n=r instanceof we?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Popup,null,r),o.end({success:!1},r,t.account),n}}async acquireTokenSilentInternal(t){const r=this.ensureValidRequest(t),n=r.correlationId||Ms();this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,r);const o=await this.acquireTokenFromCache(r);if(o)return this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,o),o;const i=this.performanceClient.startMeasurement(Ba,n);i.increment({visibilityChangeCount:0}),i.add({nestedAppAuthRequest:!0});try{const o=this.nestedAppAuthAdapter.toNaaTokenRequest(r);o.forceRefresh=r.forceRefresh;const s=vn(),a=await this.bridgeProxy.getTokenSilent(o),c=this.nestedAppAuthAdapter.fromNaaTokenResponse(o,a,s);try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,c),i?.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),i?.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const n=r instanceof we?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,r),i?.end({success:!1},r,t.account),n}}async acquireTokenFromCache(t){const r=t.correlationId||Ms(),n=this.performanceClient.startMeasurement(La,r);if(n?.add({nestedAppAuthRequest:!0}),t.claims)return this.logger.verbose("11t57w",r),null;if(t.forceRefresh)return this.logger.verbose("1ovnmo",r),null;let o=null;switch(t.cacheLookupPolicy||(t.cacheLookupPolicy=ds.Default),t.cacheLookupPolicy){case ds.Default:case ds.AccessToken:case ds.AccessTokenAndRefreshToken:o=await this.acquireTokenFromCacheInternal(t);break;default:return null}return o?(this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,o),n.add({accessTokenSize:o.accessToken.length,idTokenSize:o.idToken.length}),n.end({success:!0},void 0,o.account),o):(this.logger.warning("1yb4fi",r),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null),n.end({success:!1},void 0,t.account),null)}async acquireTokenFromCacheInternal(e){const t=this.bridgeProxy.getAccountContext()||this.currentAccountContext,r=e.correlationId||Ms();let n=null;if(t&&(n=vc(t,this.logger,this.browserStorage,r)),!n)return this.logger.verbose("10qnr0",r),Promise.resolve(null);this.logger.verbose("1u7hux",r);const o={...e,correlationId:r,authority:e.authority||n.environment,scopes:e.scopes?.length?e.scopes:[...p]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(n,o,i,n.tenantId);if(!s)return this.logger.verbose("03vm49",r),Promise.resolve(null);if(Sn(s.cachedAt)||bn(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("18egye",r),Promise.resolve(null);const a=this.browserStorage.getIdToken(n,o.correlationId,i,n.tenantId);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(n,a,s,o,o.correlationId):(this.logger.verbose("0d68kd",r),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw xh.createUnsupportedError()}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw xh.createUnsupportedError()}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw xh.createUnsupportedError()}removePerformanceCallback(e){throw xh.createUnsupportedError()}getAllAccounts(e){return Cc(this.logger,this.browserStorage,this.isBrowserEnv(),Ms(),e)}getAccount(e){return vc(e,this.logger,this.browserStorage,Ms())}setActiveAccount(e){return kc(e,this.browserStorage,Ms())}getActiveAccount(){return Tc(this.browserStorage,Ms())}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e||cs)}loginRedirect(e){throw xh.createUnsupportedError()}logoutRedirect(e){throw xh.createUnsupportedError()}logoutPopup(e){throw xh.createUnsupportedError()}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("1k8729","")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw xh.createUnsupportedError()}getRedirectResponse(){throw xh.createUnsupportedError()}async clearCache(e){throw xh.createUnsupportedError()}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=Fr(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,Ir(e.idTokenClaims)),this.browserStorage.hydrateCache(e,t)}}class Nh{static async initializeNestedAppAuthBridge(){if(void 0===window)throw new Error("window is undefined");if(void 0===window.nestedAppAuthBridge)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",(e=>{const t="string"==typeof e?e:e.data,r=JSON.parse(t),n=Nh.bridgeRequests.find((e=>e.requestId===r.requestId));void 0!==n&&(Nh.bridgeRequests.splice(Nh.bridgeRequests.indexOf(n),1),r.success?n.resolve(r):n.reject(r.error))}));const e=await new Promise(((e,t)=>{const r=Nh.buildRequest("GetInitContext"),n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Nh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}));return Nh.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:Nh.validateBridgeResultOrThrow(r.token),account:Nh.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:Ms(),sendTime:Date.now(),clientLibrary:xi,clientLibraryVersion:mc,...t}}sendRequest(e,t){const r=Nh.buildRequest(e,t);return new Promise(((e,t)=>{const n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Nh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}))}static validateBridgeResultOrThrow(e){if(void 0===e){throw{status:Oh}}return e}constructor(e,t,r,n){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=n}static async create(){const e=await Nh.initializeNestedAppAuthBridge();return new Nh(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}Nh.bridgeRequests=[];class Uh extends kh{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return Uh.MODULE_NAME}getId(){return Uh.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(e){try{if("undefined"!=typeof window){"function"==typeof window.__initializeNestedAppAuth&&await window.__initializeNestedAppAuth();const e=await Nh.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=void 0!==e}}catch(t){this.logger.infoPii("1mdxyj",e)}return this.logger.info("12jy9a",e),this.available}}Uh.MODULE_NAME="",Uh.ID="NestedAppOperatingContext";class Lh{constructor(e,t){this.controller=t||new vh(new Th(e))}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}getAccount(e){return this.controller.getAccount(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function Hh(e){const t=new Lh(e);return await t.initialize(),t}const Dh={initialize:()=>Promise.reject(Js(Bs)),acquireTokenPopup:()=>Promise.reject(Js(Bs)),acquireTokenRedirect:()=>Promise.reject(Js(Bs)),acquireTokenSilent:()=>Promise.reject(Js(Bs)),acquireTokenByCode:()=>Promise.reject(Js(Bs)),getAllAccounts:()=>[],getAccount:()=>null,handleRedirectPromise:()=>Promise.reject(Js(Bs)),loginPopup:()=>Promise.reject(Js(Bs)),loginRedirect:()=>Promise.reject(Js(Bs)),logoutRedirect:()=>Promise.reject(Js(Bs)),logoutPopup:()=>Promise.reject(Js(Bs)),ssoSilent:()=>Promise.reject(Js(Bs)),addEventCallback:()=>null,removeEventCallback:()=>{},addPerformanceCallback:()=>"",removePerformanceCallback:()=>!1,getLogger:()=>{throw Js(Bs)},setLogger:()=>{},setActiveAccount:()=>{},getActiveAccount:()=>null,initializeWrapperLibrary:()=>{},setNavigationClient:()=>{},getConfiguration:()=>{throw Js(Bs)},hydrateCache:()=>Promise.reject(Js(Bs)),clearCache:()=>Promise.reject(Js(Bs))};function Fh(){let e;try{e=window[Ji.SessionStorage];const t=e?.getItem(Va);if(1===Number(t))return Promise.resolve().then((function(){return jh}))}catch(e){}}function Kh(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.now}function Bh(e){if(e&&Kh())return Math.round(window.performance.now()-e)}class zh{constructor(e,t){this.correlationId=t,this.measureName=zh.makeMeasureName(e,t),this.startMark=zh.makeStartMark(e,t),this.endMark=zh.makeEndMark(e,t)}static makeMeasureName(e,t){return`msal.measure.${e}.${t}`}static makeStartMark(e,t){return`msal.start.${e}.${t}`}static makeEndMark(e,t){return`msal.end.${e}.${t}`}static supportsBrowserPerformance(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.mark&&"function"==typeof window.performance.measure&&"function"==typeof window.performance.clearMarks&&"function"==typeof window.performance.clearMeasures&&"function"==typeof window.performance.getEntriesByName}static flushMeasurements(e,t){if(zh.supportsBrowserPerformance())try{t.forEach((t=>{const r=zh.makeMeasureName(t.name,e);window.performance.getEntriesByName(r,"measure").length>0&&(window.performance.clearMeasures(r),window.performance.clearMarks(zh.makeStartMark(r,e)),window.performance.clearMarks(zh.makeEndMark(r,e)))}))}catch(e){}}startMeasurement(){if(zh.supportsBrowserPerformance())try{window.performance.mark(this.startMark)}catch(e){}}endMeasurement(){if(zh.supportsBrowserPerformance())try{window.performance.mark(this.endMark),window.performance.measure(this.measureName,this.startMark,this.endMark)}catch(e){}}flushMeasurement(){if(zh.supportsBrowserPerformance())try{const e=window.performance.getEntriesByName(this.measureName,"measure");if(e.length>0){const t=e[0].duration;return window.performance.clearMeasures(this.measureName),window.performance.clearMarks(this.startMark),window.performance.clearMarks(this.endMark),t}}catch(e){}return null}}var jh=Object.freeze({__proto__:null,BrowserPerformanceMeasurement:zh});const $h=G,Jh=x,Wh=R,Gh=ae,Qh=p;e.ApiId=is,e.AuthError=we,e.AuthErrorCodes=ko,e.AuthenticationHeaderParser=class{constructor(e){this.headers=e}getShrNonce(){const e=this.headers[v];if(e){const t=this.parseChallenges(e);if(t.nextnonce)return t.nextnonce;throw ve(Fe)}const t=this.headers[C];if(t){const e=this.parseChallenges(t);if(e.nonce)return e.nonce;throw ve(Fe)}throw ve(De)}parseChallenges(e){const t=e.indexOf(" "),r=e.substr(t+1).split(","),n={};return r.forEach((e=>{const[t,r]=e.split("=");n[t]=unescape(r.replace(/['"]+/g,""))})),n}},e.AuthenticationScheme=$h,e.AzureCloudInstance=pr,e.BrowserAuthError=_i,e.BrowserAuthErrorCodes=Ai,e.BrowserCacheLocation=Ji,e.BrowserConfigurationAuthError=$s,e.BrowserConfigurationAuthErrorCodes=js,e.BrowserPerformanceClient=class extends Ro{constructor(e,r){super(e.auth.clientId,e.auth.authority||`${t}`,new dr(e.system?.loggerOptions||{},pc,mc),pc,mc,e.telemetry?.application||{appName:"",appVersion:""},r)}generateId(){return Ms()}getPageVisibility(){return document.visibilityState?.toString()||null}deleteIncompleteSubMeasurements(e){Fh()?.then((t=>{const r=this.eventsByCorrelationId.get(e.event.correlationId),n=r&&r.eventId===e.event.eventId,o=[];n&&r?.incompleteSubMeasurements&&r.incompleteSubMeasurements.forEach((e=>{o.push({...e})})),t.BrowserPerformanceMeasurement.flushMeasurements(e.event.correlationId,o)}))}startMeasurement(e,t){const r=this.getPageVisibility(),n=super.startMeasurement(e,t),o=Kh()?window.performance.now():void 0,i=Fh()?.then((t=>new t.BrowserPerformanceMeasurement(e,n.event.correlationId)));return i?.then((e=>e.startMeasurement())),{...n,end:(e,t,s)=>{const a=n.end({...e,startPageVisibility:r,endPageVisibility:this.getPageVisibility(),durationMs:Bh(o)},t,s);return i?.then((e=>e.endMeasurement())),this.deleteIncompleteSubMeasurements(n),a},discard:()=>{n.discard(),i?.then((e=>e.flushMeasurement())),this.deleteIncompleteSubMeasurements(n)}}}},e.BrowserPerformanceMeasurement=zh,e.BrowserRootPerformanceEvents=$a,e.BrowserUtils=ga,e.CacheLookupPolicy=ds,e.ClientAuthError=Te,e.ClientAuthErrorCodes=St,e.ClientConfigurationError=Ce,e.ClientConfigurationErrorCodes=$e,e.DEFAULT_IFRAME_TIMEOUT_MS=1e4,e.EventHandler=bc,e.EventMessageUtils=class{static getInteractionStatusFromEvent(t,r){switch(t.eventType){case gc.ACQUIRE_TOKEN_START:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup)return as.AcquireToken;break;case gc.HANDLE_REDIRECT_START:return as.HandleRedirect;case gc.LOGOUT_START:return as.Logout;case gc.LOGOUT_END:if(r&&r!==as.Logout)break;return as.None;case gc.HANDLE_REDIRECT_END:if(r&&r!==as.HandleRedirect)break;return as.None;case gc.ACQUIRE_TOKEN_SUCCESS:case gc.ACQUIRE_TOKEN_FAILURE:case gc.RESTORE_FROM_BFCACHE:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup){if(r&&r!==as.AcquireToken)break;return as.None}}return null}},e.EventType=gc,e.InteractionRequiredAuthError=fn,e.InteractionRequiredAuthErrorCodes=gn,e.InteractionStatus=as,e.JsonWebTokenTypes=Gh,e.LocalStorage=dc,e.Logger=dr,e.MemoryStorage=xa,e.NavigationClient=eh,e.OIDC_DEFAULT_SCOPES=Qh,e.PromptValue=Wh,e.ProtocolMode=Hr,e.PublicClientApplication=Lh,e.ResponseMode=Jh,e.ServerError=nn,e.SessionStorage=uc,e.SignedHttpRequest=class{constructor(e,t){const r=t&&t.loggerOptions||{};this.logger=new dr(r,pc,mc),this.cryptoOps=new Na(this.logger),this.popTokenGenerator=new Hn(this.cryptoOps,new Wr),this.shrParameters=e}async generatePublicKeyThumbprint(){const{kid:e}=await this.popTokenGenerator.generateKid(this.shrParameters);return e}async signRequest(e,t,r){return this.popTokenGenerator.signPayload(e,t,this.shrParameters,r)}async removeKeys(e,t){return this.cryptoOps.removeTokenBindingKey(e,t)}},e.StubPerformanceClient=Wr,e.WrapperSKU={React:"@azure/msal-react",Angular:"@azure/msal-angular"},e.createNestablePublicClientApplication=async function(e,t,r){const n=t||Ms(),o=new Uh(e);if(await o.initialize(n),o.isAvailable()){const t=new qh(o),i=r?r(e,t):new Lh(e,t);return await i.initialize({correlationId:n}),i}return Hh(e)},e.createStandardPublicClientApplication=Hh,e.isPlatformBrokerAvailable=async function(e,t,r){const n=new dr(e||{},pc,mc),o=r||"";n.trace("07660b",o);const i=t||new Wr;return"undefined"==typeof window?(n.trace("082ed3",o),!1):!!await ah(n,i,o)},e.loadExternalTokens=async function(e,t,r,n){sa();const o=oh(e,!0),i=t.correlationId||Ms(),s=r.id_token?wr(r.id_token,ys):void 0,a=Ir(s||{}),c={protocolMode:o.system.protocolMode,knownAuthorities:o.auth.knownAuthorities,cloudDiscoveryMetadata:o.auth.cloudDiscoveryMetadata,authorityMetadata:o.auth.authorityMetadata},h=new dr(o.system.loggerOptions||{}),l=new Na(h,o.telemetry.client),d=new yc(o.auth.clientId,o.cache,l,h,o.telemetry.client,new bc(h),uo(o.auth)),u=t.authority?new ho(ho.generateAuthority(t.authority,t.azureCloudOptions),o.system.networkClient,d,c,h,t.correlationId||Ms(),o.telemetry.client):void 0,g=await async function(e,t,r,n,o,i,s,a){if(o.verbose("0ke46k",r),e.account){const t=Fr(e.account);return await n.setAccount(t,r,Ir(s||{})),t}if(!a||!t&&!s)throw o.error("1ychpz",r),Ei(si);const c=Kr(t,a.authorityType,o,i,r,s),h=s?.tid,l=Xn(n,a,c,ys,r,s,t,a.hostnameAndPort,h,void 0,void 0,o);return await n.setAccount(l,r,Ir(s||{})),l}(t,n.clientInfo||r.client_info||"",i,d,h,l,s,u),p=await async function(e,t,r,n,o,i,s,a,c){if(!e.id_token)return a.verbose("1pm7g1",i),null;a.verbose("168lyi",i);const h=Fn(t,r,e.id_token,c,n);return await s.setIdTokenCredential(h,i,o),h}(r,g.homeAccountId,g.environment,g.realm,a,i,d,h,e.auth.clientId),m=await async function(e,t,r,n,o,i,s,a,c,h,l){if(!t.access_token)return h.verbose("1ckp9e",a),null;if(!t.expires_in)return h.error("15mzx8",a),null;if(!(t.scope||e.scopes&&e.scopes.length))return h.error("1h7xse",a),null;h.verbose("01kmxb",a);const d=t.scope?_t.fromString(t.scope):new _t(e.scopes),u=s.expiresOn||t.expires_in+vn(),g=s.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+vn(),p=Kn(r,n,t.access_token,l,o,d.printScopes(),u,g,ys);return await c.setAccessTokenCredential(p,a,i),p}(t,r,g.homeAccountId,g.environment,g.realm,a,n,i,d,h,e.auth.clientId),f=await async function(e,t,r,n,o,i,s,a){if(!e.refresh_token)return s.verbose("1l7um5",o),null;s.verbose("0qy8ev",o);const c=Bn(t,r,e.refresh_token,a,e.foci,void 0,e.refresh_token_expires_in);return await i.setRefreshTokenCredential(c,o,n),c}(r,g.homeAccountId,g.environment,a,i,d,h,e.auth.clientId);return function(e,t,r,n){let o,i="",s=[],a=null;t?.accessToken&&(i=t.accessToken.secret,s=_t.fromString(t.accessToken.target).asArray(),a=Tn(t.accessToken.expiresOn),o=Tn(t.accessToken.extendedExpiresOn));const c=t.account;return{authority:n?n.canonicalAuthority:"",uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:Dr(c),idToken:t.idToken?.secret||"",idTokenClaims:r||{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId||"",requestId:"",extExpiresOn:o,familyId:t.refreshToken?.familyId||"",tokenType:t?.accessToken?.tokenType||"",state:e.state||"",cloudGraphHostName:c.cloudGraphHostName||"",msGraphHost:c.msGraphHost||"",fromPlatformBroker:!1}}(t,{account:g,idToken:p,accessToken:m,refreshToken:f},s,u)},e.stubbedPublicClientApplication=Dh,e.version=mc}));