@azure/msal-browser 4.28.2 → 4.29.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +7 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +9 -0
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +56 -1
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +7 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts +9 -0
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +56 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts +7 -0
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +49 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts +7 -0
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +49 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +213 -68
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.js +213 -68
- package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +7 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts +9 -0
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts +7 -0
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/msal-browser.cjs +221 -70
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +221 -70
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +64 -64
- package/lib/types/config/Configuration.d.ts +7 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +9 -0
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts +7 -0
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/package.json +2 -2
- package/src/config/Configuration.ts +8 -0
- package/src/controllers/StandardController.ts +92 -0
- package/src/interaction_client/SilentIframeClient.ts +136 -0
- package/src/packageMetadata.ts +1 -1
|
@@ -80,6 +80,13 @@ export type BrowserAuthOptions = {
|
|
|
80
80
|
* @deprecated This flag is deprecated and will be removed in the next major version where all extra query params will be encoded by default.
|
|
81
81
|
*/
|
|
82
82
|
encodeExtraQueryParams?: boolean;
|
|
83
|
+
/**
|
|
84
|
+
* If set to true, MSAL will make a background SSO verification call after successful interactive authentication.
|
|
85
|
+
* COGS intensive, recommendation is to *NOT* set this flag to true unless your application has a specific need for it.
|
|
86
|
+
* This will trigger additional network calls after interactive authentication flows (acquireTokenPopup, handleRedirectPromise) calls.
|
|
87
|
+
* This is a boolean flag and defaults to false if not specified.
|
|
88
|
+
*/
|
|
89
|
+
verifySSO?: boolean;
|
|
83
90
|
};
|
|
84
91
|
/** @internal */
|
|
85
92
|
export type InternalAuthOptions = Omit<Required<BrowserAuthOptions>, "onRedirectNavigate"> & {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Configuration.d.ts","sourceRoot":"","sources":["../../../src/config/Configuration.ts"],"names":[],"mappings":"AAKA,OAAO,EACH,aAAa,EACb,aAAa,EACb,cAAc,EAGd,YAAY,EACZ,WAAW,EAKX,iBAAiB,EACjB,oBAAoB,EAGpB,kBAAkB,EAGrB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACH,oBAAoB,EAEvB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAMvE,eAAO,MAAM,wBAAwB,QAAQ,CAAC;AAC9C,eAAO,MAAM,yBAAyB,QAAQ,CAAC;AAC/C,eAAO,MAAM,2BAA2B,QAAQ,CAAC;AACjD,eAAO,MAAM,0CAA0C,OAAO,CAAC;AAE/D;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG;IAC7B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,gBAAgB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC;;OAEG;IACH,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtC;;OAEG;IACH,yBAAyB,CAAC,EAAE,OAAO,CAAC;IACpC;;OAEG;IACH,kBAAkB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACnC;;OAEG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B;;OAEG;IACH,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B;;OAEG;IACH,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC;;OAEG;IACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;IACrC;;;;OAIG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC;;OAEG;IACH,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,GAAG,IAAI,CAAC;IACrD;;OAEG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB;;;OAGG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"Configuration.d.ts","sourceRoot":"","sources":["../../../src/config/Configuration.ts"],"names":[],"mappings":"AAKA,OAAO,EACH,aAAa,EACb,aAAa,EACb,cAAc,EAGd,YAAY,EACZ,WAAW,EAKX,iBAAiB,EACjB,oBAAoB,EAGpB,kBAAkB,EAGrB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACH,oBAAoB,EAEvB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAMvE,eAAO,MAAM,wBAAwB,QAAQ,CAAC;AAC9C,eAAO,MAAM,yBAAyB,QAAQ,CAAC;AAC/C,eAAO,MAAM,2BAA2B,QAAQ,CAAC;AACjD,eAAO,MAAM,0CAA0C,OAAO,CAAC;AAE/D;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG;IAC7B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,gBAAgB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC;;OAEG;IACH,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtC;;OAEG;IACH,yBAAyB,CAAC,EAAE,OAAO,CAAC;IACpC;;OAEG;IACH,kBAAkB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACnC;;OAEG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B;;OAEG;IACH,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B;;OAEG;IACH,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC;;OAEG;IACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;IACrC;;;;OAIG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC;;OAEG;IACH,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,GAAG,IAAI,CAAC;IACrD;;OAEG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB;;;OAGG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC;;;;;OAKG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;CACvB,CAAC;AAEF,gBAAgB;AAChB,MAAM,MAAM,mBAAmB,GAAG,IAAI,CAClC,QAAQ,CAAC,kBAAkB,CAAC,EAC5B,oBAAoB,CACvB,GAAG;IACA,WAAW,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;IACnC,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,GAAG,IAAI,CAAC;CACxD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG;IACvB;;OAEG;IACH,aAAa,CAAC,EAAE,oBAAoB,GAAG,MAAM,CAAC;IAC9C;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;;OAGG;IACH,sBAAsB,CAAC,EAAE,oBAAoB,GAAG,MAAM,CAAC;IACvD;;;OAGG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC;;;OAGG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB;;;OAGG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC;;;OAGG;IACH,yBAAyB,CAAC,EAAE,OAAO,CAAC;CACvC,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,aAAa,GAAG;IAC/C;;OAEG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC;IAC9B;;OAEG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAC/B;;OAEG;IACH,gBAAgB,CAAC,EAAE,iBAAiB,CAAC;IACrC;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;OAEG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;OAEG;IACH,yBAAyB,CAAC,EAAE,MAAM,CAAC;IACnC;;OAEG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB;;OAEG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC;;OAEG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B;;OAEG;IACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;IACrC;;OAEG;IACH,4BAA4B,CAAC,EAAE,MAAM,CAAC;IACtC;;OAEG;IACH,wBAAwB,CAAC,EAAE,MAAM,CAAC;CACrC,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAAG;IAClC;;;;OAIG;IACH,WAAW,CAAC,EAAE,oBAAoB,CAAC;IAEnC,MAAM,CAAC,EAAE,kBAAkB,CAAC;CAC/B,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG;IACxB;;OAEG;IACH,IAAI,EAAE,kBAAkB,CAAC;IACzB;;OAEG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IACrB;;OAEG;IACH,MAAM,CAAC,EAAE,oBAAoB,CAAC;IAC9B;;OAEG;IACH,SAAS,CAAC,EAAE,uBAAuB,CAAC;CACvC,CAAC;AAEF,gBAAgB;AAChB,MAAM,MAAM,oBAAoB,GAAG;IAC/B,IAAI,EAAE,mBAAmB,CAAC;IAC1B,KAAK,EAAE,QAAQ,CAAC,YAAY,CAAC,CAAC;IAC9B,MAAM,EAAE,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IACvC,SAAS,EAAE,QAAQ,CAAC,uBAAuB,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,kBAAkB,CAC9B,EACI,IAAI,EAAE,aAAa,EACnB,KAAK,EAAE,cAAc,EACrB,MAAM,EAAE,eAAe,EACvB,SAAS,EAAE,kBAAkB,GAChC,EAAE,aAAa,EAChB,oBAAoB,EAAE,OAAO,GAC9B,oBAAoB,CA4ItB"}
|
|
@@ -111,6 +111,15 @@ export declare class StandardController implements IController {
|
|
|
111
111
|
*/
|
|
112
112
|
acquireTokenPopup(request: PopupRequest): Promise<AuthenticationResult>;
|
|
113
113
|
private trackPageVisibilityWithMeasurement;
|
|
114
|
+
/**
|
|
115
|
+
* SSO capability verification in the background.
|
|
116
|
+
* This method makes an iframe request to /authorize to verify SSO capability without calling /token.
|
|
117
|
+
* This method does not block the caller and tracks telemetry for success/failure.
|
|
118
|
+
* This method only executes if verifySSO is set to true in the auth configuration.
|
|
119
|
+
* @param account - The account to use for the SSO verification
|
|
120
|
+
* @param parentApi - The API ID of the parent operation for logging purposes
|
|
121
|
+
*/
|
|
122
|
+
private verifySsoCapability;
|
|
114
123
|
/**
|
|
115
124
|
* This function uses a hidden iframe to fetch an authorization code from the eSTS. There are cases where this may not work:
|
|
116
125
|
* - Any browser using a form of Intelligent Tracking Prevention
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"StandardController.d.ts","sourceRoot":"","sources":["../../../src/controllers/StandardController.ts"],"names":[],"mappings":"AAMA,OAAO,EAEH,WAAW,EAEX,cAAc,EACd,MAAM,EACN,uBAAuB,EACvB,OAAO,EAIP,2BAA2B,EAC3B,kBAAkB,EAClB,eAAe,EASf,aAAa,EAKhB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACH,mBAAmB,EAEtB,MAAM,iCAAiC,CAAC;AAEzC,OAAO,EAAE,oBAAoB,EAAgB,MAAM,4BAA4B,CAAC;AAChF,OAAO,EAEH,KAAK,EAEL,UAAU,EACV,iBAAiB,EAKpB,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAChE,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAClE,OAAO,EAAE,qBAAqB,EAAc,MAAM,0BAA0B,CAAC;AAC7E,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACpE,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAC9E,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,MAAM,sCAAsC,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,MAAM,yCAAyC,CAAC;AACzE,OAAO,EAAE,kBAAkB,EAAE,MAAM,6CAA6C,CAAC;AACjF,OAAO,EAAE,mBAAmB,EAAE,MAAM,8CAA8C,CAAC;AAEnF,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAEtD,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAK5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,4CAA4C,CAAC;AAC/E,OAAO,EAAE,oBAAoB,EAAE,MAAM,+CAA+C,CAAC;AAKrF,OAAO,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC;AAElF,OAAO,EAAE,wBAAwB,EAAE,MAAM,iDAAiD,CAAC;AAC3F,OAAO,EAAE,oBAAoB,EAAE,MAAM,6CAA6C,CAAC;AACnF,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAC3E,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AAGpE,OAAO,EAAE,4BAA4B,EAAE,MAAM,4CAA4C,CAAC;AAM1F,OAAO,EAAE,oBAAoB,EAAE,MAAM,gDAAgD,CAAC;AAgBtF,qBAAa,kBAAmB,YAAW,WAAW;IAElD,SAAS,CAAC,QAAQ,CAAC,gBAAgB,EAAE,wBAAwB,CAAC;IAG9D,SAAS,CAAC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;IAG1C,SAAS,CAAC,QAAQ,CAAC,cAAc,EAAE,mBAAmB,CAAC;IAGvD,SAAS,CAAC,QAAQ,CAAC,qBAAqB,EAAE,mBAAmB,CAAC;IAG9D,SAAS,CAAC,QAAQ,CAAC,aAAa,EAAE,cAAc,CAAC;IAGjD,SAAS,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;IAG9C,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,oBAAoB,CAAC;IAGhD,OAAO,CAAC,UAAU,CAAa;IAG/B,SAAS,CAAC,MAAM,EAAE,MAAM,CAAC;IAGzB,SAAS,CAAC,oBAAoB,EAAE,OAAO,CAAC;IAExC,SAAS,CAAC,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IAG9C,SAAS,CAAC,QAAQ,CAAC,gBAAgB,EAAE,GAAG,CACpC,MAAM,EACN,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CACvC,CAAC;IAGF,SAAS,CAAC,oBAAoB,EAAE,oBAAoB,GAAG,SAAS,CAAC;IAGjE,OAAO,CAAC,uBAAuB,CAA6C;IAG5E,SAAS,CAAC,QAAQ,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;IAGzD,SAAS,CAAC,WAAW,EAAE,OAAO,CAAC;IAG/B,OAAO,CAAC,yBAAyB,CAG/B;IAGF,OAAO,CAAC,mBAAmB,CAAyC;IAEpE,OAAO,CAAC,oBAAoB,CAAC,CAA6B;IAC1D,OAAO,CAAC,kCAAkC,CAAC,CAA6B;IAExE,OAAO,CAAC,QAAQ,CAAwB;IAExC;;;;;;;;;;;;;;;;;;;;OAoBG;gBACS,gBAAgB,EAAE,wBAAwB;WAyFzC,gBAAgB,CACzB,gBAAgB,EAAE,oBAAoB,EACtC,OAAO,CAAC,EAAE,4BAA4B,GACvC,OAAO,CAAC,WAAW,CAAC;IAMvB,OAAO,CAAC,mBAAmB;IAW3B;;;OAGG;IACG,UAAU,CACZ,OAAO,CAAC,EAAE,4BAA4B,EACtC,QAAQ,CAAC,EAAE,OAAO,GACnB,OAAO,CAAC,IAAI,CAAC;IAmFhB;;;;;;OAMG;IACG,qBAAqB,CACvB,IAAI,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC;IAiCvC;;;;OAIG;YACW,6BAA6B;
|
|
1
|
+
{"version":3,"file":"StandardController.d.ts","sourceRoot":"","sources":["../../../src/controllers/StandardController.ts"],"names":[],"mappings":"AAMA,OAAO,EAEH,WAAW,EAEX,cAAc,EACd,MAAM,EACN,uBAAuB,EACvB,OAAO,EAIP,2BAA2B,EAC3B,kBAAkB,EAClB,eAAe,EASf,aAAa,EAKhB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACH,mBAAmB,EAEtB,MAAM,iCAAiC,CAAC;AAEzC,OAAO,EAAE,oBAAoB,EAAgB,MAAM,4BAA4B,CAAC;AAChF,OAAO,EAEH,KAAK,EAEL,UAAU,EACV,iBAAiB,EAKpB,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAChE,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAClE,OAAO,EAAE,qBAAqB,EAAc,MAAM,0BAA0B,CAAC;AAC7E,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACpE,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAC9E,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,MAAM,sCAAsC,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,MAAM,yCAAyC,CAAC;AACzE,OAAO,EAAE,kBAAkB,EAAE,MAAM,6CAA6C,CAAC;AACjF,OAAO,EAAE,mBAAmB,EAAE,MAAM,8CAA8C,CAAC;AAEnF,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAEtD,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAK5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,4CAA4C,CAAC;AAC/E,OAAO,EAAE,oBAAoB,EAAE,MAAM,+CAA+C,CAAC;AAKrF,OAAO,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC;AAElF,OAAO,EAAE,wBAAwB,EAAE,MAAM,iDAAiD,CAAC;AAC3F,OAAO,EAAE,oBAAoB,EAAE,MAAM,6CAA6C,CAAC;AACnF,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAC3E,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AAGpE,OAAO,EAAE,4BAA4B,EAAE,MAAM,4CAA4C,CAAC;AAM1F,OAAO,EAAE,oBAAoB,EAAE,MAAM,gDAAgD,CAAC;AAgBtF,qBAAa,kBAAmB,YAAW,WAAW;IAElD,SAAS,CAAC,QAAQ,CAAC,gBAAgB,EAAE,wBAAwB,CAAC;IAG9D,SAAS,CAAC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;IAG1C,SAAS,CAAC,QAAQ,CAAC,cAAc,EAAE,mBAAmB,CAAC;IAGvD,SAAS,CAAC,QAAQ,CAAC,qBAAqB,EAAE,mBAAmB,CAAC;IAG9D,SAAS,CAAC,QAAQ,CAAC,aAAa,EAAE,cAAc,CAAC;IAGjD,SAAS,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;IAG9C,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,oBAAoB,CAAC;IAGhD,OAAO,CAAC,UAAU,CAAa;IAG/B,SAAS,CAAC,MAAM,EAAE,MAAM,CAAC;IAGzB,SAAS,CAAC,oBAAoB,EAAE,OAAO,CAAC;IAExC,SAAS,CAAC,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IAG9C,SAAS,CAAC,QAAQ,CAAC,gBAAgB,EAAE,GAAG,CACpC,MAAM,EACN,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CACvC,CAAC;IAGF,SAAS,CAAC,oBAAoB,EAAE,oBAAoB,GAAG,SAAS,CAAC;IAGjE,OAAO,CAAC,uBAAuB,CAA6C;IAG5E,SAAS,CAAC,QAAQ,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;IAGzD,SAAS,CAAC,WAAW,EAAE,OAAO,CAAC;IAG/B,OAAO,CAAC,yBAAyB,CAG/B;IAGF,OAAO,CAAC,mBAAmB,CAAyC;IAEpE,OAAO,CAAC,oBAAoB,CAAC,CAA6B;IAC1D,OAAO,CAAC,kCAAkC,CAAC,CAA6B;IAExE,OAAO,CAAC,QAAQ,CAAwB;IAExC;;;;;;;;;;;;;;;;;;;;OAoBG;gBACS,gBAAgB,EAAE,wBAAwB;WAyFzC,gBAAgB,CACzB,gBAAgB,EAAE,oBAAoB,EACtC,OAAO,CAAC,EAAE,4BAA4B,GACvC,OAAO,CAAC,WAAW,CAAC;IAMvB,OAAO,CAAC,mBAAmB;IAW3B;;;OAGG;IACG,UAAU,CACZ,OAAO,CAAC,EAAE,4BAA4B,EACtC,QAAQ,CAAC,EAAE,OAAO,GACnB,OAAO,CAAC,IAAI,CAAC;IAmFhB;;;;;;OAMG;IACG,qBAAqB,CACvB,IAAI,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC;IAiCvC;;;;OAIG;YACW,6BAA6B;IA2L3C;;;;;;;;OAQG;IACG,oBAAoB,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAwKnE;;;;;;OAMG;IACH,iBAAiB,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAuKvE,OAAO,CAAC,kCAAkC;IAiB1C;;;;;;;OAOG;IACH,OAAO,CAAC,mBAAmB;IAoE3B;;;;;;;;;;;;;;OAcG;IACG,SAAS,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,oBAAoB,CAAC;IA4GzE;;;;;;;;;OASG;IACG,kBAAkB,CACpB,OAAO,EAAE,wBAAwB,GAClC,OAAO,CAAC,oBAAoB,CAAC;IA2IhC;;;;OAIG;YACW,uBAAuB;IAiDrC;;;;;;OAMG;cACa,qBAAqB,CACjC,aAAa,EAAE,uBAAuB,EACtC,iBAAiB,EAAE,iBAAiB,GACrC,OAAO,CAAC,oBAAoB,CAAC;IA0BhC;;;;;OAKG;IACU,0BAA0B,CACnC,aAAa,EAAE,uBAAuB,EACtC,iBAAiB,EAAE,iBAAiB,GACrC,OAAO,CAAC,oBAAoB,CAAC;IA4BhC;;;;OAIG;cACa,0BAA0B,CACtC,OAAO,EAAE,uBAAuB,GACjC,OAAO,CAAC,oBAAoB,CAAC;IAuBhC;;;;OAIG;IACG,MAAM,CAAC,aAAa,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAY9D;;;;OAIG;IACG,cAAc,CAAC,aAAa,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAYtE;;;OAGG;IACH,WAAW,CAAC,aAAa,CAAC,EAAE,sBAAsB,GAAG,OAAO,CAAC,IAAI,CAAC;IAmBlE;;;OAGG;IACG,UAAU,CAAC,aAAa,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAclE;;;;OAIG;IACH,cAAc,CAAC,aAAa,CAAC,EAAE,aAAa,GAAG,WAAW,EAAE;IAW5D;;;;OAIG;IACH,UAAU,CAAC,aAAa,EAAE,aAAa,GAAG,WAAW,GAAG,IAAI;IAU5D;;;;;;;OAOG;IACH,oBAAoB,CAAC,QAAQ,EAAE,MAAM,GAAG,WAAW,GAAG,IAAI;IAU1D;;;;;;OAMG;IACH,kBAAkB,CAAC,aAAa,EAAE,MAAM,GAAG,WAAW,GAAG,IAAI;IAU7D;;;;;;OAMG;IACH,mBAAmB,CAAC,cAAc,EAAE,MAAM,GAAG,WAAW,GAAG,IAAI;IAU/D;;;OAGG;IACH,gBAAgB,CAAC,OAAO,EAAE,WAAW,GAAG,IAAI,GAAG,IAAI;IASnD;;OAEG;IACH,gBAAgB,IAAI,WAAW,GAAG,IAAI;IAUtC;;;;;OAKG;IACG,YAAY,CACd,MAAM,EAAE,oBAAoB,EAC5B,OAAO,EACD,aAAa,GACb,gBAAgB,GAChB,eAAe,GACf,YAAY,GACnB,OAAO,CAAC,IAAI,CAAC;IA6BhB;;;OAGG;IACU,kBAAkB,CAC3B,OAAO,EAAE,YAAY,GAAG,aAAa,GAAG,gBAAgB,EACxD,KAAK,EAAE,KAAK,EACZ,SAAS,CAAC,EAAE,MAAM,EAClB,iBAAiB,CAAC,EAAE,iBAAiB,GACtC,OAAO,CAAC,oBAAoB,CAAC;IAyBhC;;;OAGG;IACI,oBAAoB,CACvB,OAAO,EAAE,eAAe,GAAG,YAAY,GAAG,gBAAgB,EAC1D,SAAS,CAAC,EAAE,MAAM,GACnB,OAAO;IAmDV;;;;OAIG;IACI,kBAAkB,CACrB,OAAO,EAAE,eAAe,GAAG,YAAY,GAAG,gBAAgB,GAC3D,MAAM;IAYT;;;OAGG;IACI,iBAAiB,CAAC,aAAa,CAAC,EAAE,MAAM,GAAG,WAAW;IAe7D;;;OAGG;IACH,SAAS,CAAC,oBAAoB,CAAC,aAAa,CAAC,EAAE,MAAM,GAAG,cAAc;IAetE;;;OAGG;IACI,wBAAwB,CAC3B,aAAa,CAAC,EAAE,MAAM,GACvB,kBAAkB;IAgBrB;;OAEG;IACH,SAAS,CAAC,uBAAuB,CAC7B,aAAa,CAAC,EAAE,MAAM,GACvB,iBAAiB;IAcpB;;OAEG;IACH,SAAS,CAAC,yBAAyB,CAC/B,aAAa,CAAC,EAAE,MAAM,GACvB,mBAAmB;IActB;;OAEG;IACH,SAAS,CAAC,0BAA0B,CAChC,aAAa,CAAC,EAAE,MAAM,GACvB,oBAAoB;IAevB;;;OAGG;IACH,gBAAgB,CACZ,QAAQ,EAAE,qBAAqB,EAC/B,UAAU,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,GAC9B,MAAM,GAAG,IAAI;IAIhB;;;OAGG;IACH,mBAAmB,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;IAI7C;;;;;OAKG;IACH,sBAAsB,CAAC,QAAQ,EAAE,2BAA2B,GAAG,MAAM;IAKrE;;;;;OAKG;IACH,yBAAyB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO;IAItD;;;OAGG;IACH,0BAA0B,IAAI,IAAI;IAclC;;;OAGG;IACH,2BAA2B,IAAI,IAAI;IAcnC;;OAEG;IACH,aAAa,IAAI,WAAW;IAI5B;;OAEG;IACI,SAAS,IAAI,MAAM;IAI1B;;;OAGG;IACH,SAAS,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;IAI/B;;;;OAIG;IACH,wBAAwB,CAAC,GAAG,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI;IAKhE;;;OAGG;IACH,mBAAmB,CAAC,gBAAgB,EAAE,iBAAiB,GAAG,IAAI;IAI9D;;OAEG;IACI,gBAAgB,IAAI,oBAAoB;IAI/C;;OAEG;IACI,oBAAoB,IAAI,kBAAkB;IAIjD;;OAEG;IACI,YAAY,IAAI,OAAO;IAI9B;;;;;;OAMG;IACH,SAAS,CAAC,uBAAuB,CAC7B,OAAO,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,GACnC,MAAM;IAkBT;;;;;;;;OAQG;IACG,aAAa,CAAC,OAAO,CAAC,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAS7D;;;;;;OAMG;IACH,UAAU,CAAC,OAAO,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,oBAAoB,CAAC;IASjE;;;;;OAKG;IACG,kBAAkB,CACpB,OAAO,EAAE,aAAa,GACvB,OAAO,CAAC,oBAAoB,CAAC;IAsDhC;;;;;;OAMG;YACW,yBAAyB;IAsDvC;;;;;OAKG;cACa,uBAAuB,CACnC,OAAO,EAAE,aAAa,GAAG;QAAE,aAAa,EAAE,MAAM,CAAA;KAAE,EAClD,OAAO,EAAE,WAAW,GACrB,OAAO,CAAC,oBAAoB,CAAC;IA8KhC;;;;;OAKG;YACW,0BAA0B;IAuFxC;;;OAGG;YACW,oBAAoB;IAYlC;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IAgBhC,OAAO,CAAC,oBAAoB;CAuB/B"}
|
|
@@ -28,6 +28,13 @@ export declare class SilentIframeClient extends StandardInteractionClient {
|
|
|
28
28
|
* @param request
|
|
29
29
|
*/
|
|
30
30
|
executeEarFlow(request: CommonAuthorizationUrlRequest): Promise<AuthenticationResult>;
|
|
31
|
+
/**
|
|
32
|
+
* Verifies SSO capability by making an iframe request to /authorize without exchanging the code for tokens.
|
|
33
|
+
* This is useful for verifying SSO capability in the background without the overhead of a full token exchange.
|
|
34
|
+
* @param request - The SSO silent request
|
|
35
|
+
* @returns true if SSO verification was successful with a valid authorization code, false otherwise
|
|
36
|
+
*/
|
|
37
|
+
verifySso(request: SsoSilentRequest): Promise<boolean>;
|
|
31
38
|
/**
|
|
32
39
|
* Currently Unsupported
|
|
33
40
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SilentIframeClient.d.ts","sourceRoot":"","sources":["../../../src/interaction_client/SilentIframeClient.ts"],"names":[],"mappings":"AAKA,OAAO,EACH,OAAO,EACP,MAAM,EAEN,uBAAuB,EAEvB,kBAAkB,EAKlB,6BAA6B,
|
|
1
|
+
{"version":3,"file":"SilentIframeClient.d.ts","sourceRoot":"","sources":["../../../src/interaction_client/SilentIframeClient.ts"],"names":[],"mappings":"AAKA,OAAO,EACH,OAAO,EACP,MAAM,EAEN,uBAAuB,EAEvB,kBAAkB,EAKlB,6BAA6B,EAGhC,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAC;AAClE,OAAO,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAKvE,OAAO,EAEH,KAAK,EAER,MAAM,8BAA8B,CAAC;AAOtC,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAO3E,OAAO,EAAE,oBAAoB,EAAE,MAAM,gDAAgD,CAAC;AAEtF,qBAAa,kBAAmB,SAAQ,yBAAyB;IAC7D,SAAS,CAAC,KAAK,EAAE,KAAK,CAAC;IACvB,SAAS,CAAC,aAAa,EAAE,mBAAmB,CAAC;gBAGzC,MAAM,EAAE,oBAAoB,EAC5B,WAAW,EAAE,mBAAmB,EAChC,aAAa,EAAE,OAAO,EACtB,MAAM,EAAE,MAAM,EACd,YAAY,EAAE,YAAY,EAC1B,gBAAgB,EAAE,iBAAiB,EACnC,KAAK,EAAE,KAAK,EACZ,iBAAiB,EAAE,kBAAkB,EACrC,iBAAiB,EAAE,mBAAmB,EACtC,oBAAoB,CAAC,EAAE,oBAAoB,EAC3C,aAAa,CAAC,EAAE,MAAM;IAiB1B;;;OAGG;IACG,YAAY,CACd,OAAO,EAAE,gBAAgB,GAC1B,OAAO,CAAC,oBAAoB,CAAC;IAuDhC;;;;OAIG;IACG,eAAe,CACjB,OAAO,EAAE,6BAA6B,GACvC,OAAO,CAAC,oBAAoB,CAAC;IA4DhC;;;OAGG;IACG,cAAc,CAChB,OAAO,EAAE,6BAA6B,GACvC,OAAO,CAAC,oBAAoB,CAAC;IAwIhC;;;;;OAKG;IACG,SAAS,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;IAiI5D;;OAEG;IACH,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IASvB;;;;;OAKG;cACa,iBAAiB,CAC7B,UAAU,EAAE,uBAAuB,EACnC,OAAO,EAAE,6BAA6B,GACvC,OAAO,CAAC,oBAAoB,CAAC;CAiHnC"}
|
package/package.json
CHANGED
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
"type": "git",
|
|
11
11
|
"url": "https://github.com/AzureAD/microsoft-authentication-library-for-js.git"
|
|
12
12
|
},
|
|
13
|
-
"version": "4.
|
|
13
|
+
"version": "4.29.0",
|
|
14
14
|
"description": "Microsoft Authentication Library for js",
|
|
15
15
|
"keywords": [
|
|
16
16
|
"implicit",
|
|
@@ -114,6 +114,6 @@
|
|
|
114
114
|
"typescript": "^4.9.5"
|
|
115
115
|
},
|
|
116
116
|
"dependencies": {
|
|
117
|
-
"@azure/msal-common": "15.
|
|
117
|
+
"@azure/msal-common": "15.15.0"
|
|
118
118
|
}
|
|
119
119
|
}
|
|
@@ -113,6 +113,13 @@ export type BrowserAuthOptions = {
|
|
|
113
113
|
* @deprecated This flag is deprecated and will be removed in the next major version where all extra query params will be encoded by default.
|
|
114
114
|
*/
|
|
115
115
|
encodeExtraQueryParams?: boolean;
|
|
116
|
+
/**
|
|
117
|
+
* If set to true, MSAL will make a background SSO verification call after successful interactive authentication.
|
|
118
|
+
* COGS intensive, recommendation is to *NOT* set this flag to true unless your application has a specific need for it.
|
|
119
|
+
* This will trigger additional network calls after interactive authentication flows (acquireTokenPopup, handleRedirectPromise) calls.
|
|
120
|
+
* This is a boolean flag and defaults to false if not specified.
|
|
121
|
+
*/
|
|
122
|
+
verifySSO?: boolean;
|
|
116
123
|
};
|
|
117
124
|
|
|
118
125
|
/** @internal */
|
|
@@ -314,6 +321,7 @@ export function buildConfiguration(
|
|
|
314
321
|
supportsNestedAppAuth: false,
|
|
315
322
|
instanceAware: false,
|
|
316
323
|
encodeExtraQueryParams: false,
|
|
324
|
+
verifySSO: false,
|
|
317
325
|
};
|
|
318
326
|
|
|
319
327
|
// Default cache options for browser
|
|
@@ -567,6 +567,12 @@ export class StandardController implements IController {
|
|
|
567
567
|
undefined,
|
|
568
568
|
result.account
|
|
569
569
|
);
|
|
570
|
+
|
|
571
|
+
// Fire-and-forget SSO capability verification in background
|
|
572
|
+
this.verifySsoCapability(
|
|
573
|
+
result.account,
|
|
574
|
+
InteractionType.Redirect
|
|
575
|
+
);
|
|
570
576
|
} else {
|
|
571
577
|
/*
|
|
572
578
|
* Instrument an event only if an error code is set. Otherwise, discard it when the redirect response
|
|
@@ -930,6 +936,10 @@ export class StandardController implements IController {
|
|
|
930
936
|
undefined,
|
|
931
937
|
result.account
|
|
932
938
|
);
|
|
939
|
+
|
|
940
|
+
// SSO capability verification in background
|
|
941
|
+
this.verifySsoCapability(result.account, InteractionType.Popup);
|
|
942
|
+
|
|
933
943
|
return result;
|
|
934
944
|
})
|
|
935
945
|
.catch((e: Error) => {
|
|
@@ -984,6 +994,79 @@ export class StandardController implements IController {
|
|
|
984
994
|
visibilityChangeCount: 1,
|
|
985
995
|
});
|
|
986
996
|
}
|
|
997
|
+
|
|
998
|
+
/**
|
|
999
|
+
* SSO capability verification in the background.
|
|
1000
|
+
* This method makes an iframe request to /authorize to verify SSO capability without calling /token.
|
|
1001
|
+
* This method does not block the caller and tracks telemetry for success/failure.
|
|
1002
|
+
* This method only executes if verifySSO is set to true in the auth configuration.
|
|
1003
|
+
* @param account - The account to use for the SSO verification
|
|
1004
|
+
* @param parentApi - The API ID of the parent operation for logging purposes
|
|
1005
|
+
*/
|
|
1006
|
+
private verifySsoCapability(account: AccountInfo, parentApi: string): void {
|
|
1007
|
+
// Check if SSO capability verification is enabled
|
|
1008
|
+
if (!this.config.auth.verifySSO) {
|
|
1009
|
+
return;
|
|
1010
|
+
}
|
|
1011
|
+
|
|
1012
|
+
const correlationId = this.browserCrypto.createNewGuid();
|
|
1013
|
+
const ssoCapableMeasurement = this.performanceClient.startMeasurement(
|
|
1014
|
+
PerformanceEvents.SsoCapable,
|
|
1015
|
+
correlationId
|
|
1016
|
+
);
|
|
1017
|
+
ssoCapableMeasurement.add({
|
|
1018
|
+
parentApi: parentApi,
|
|
1019
|
+
});
|
|
1020
|
+
|
|
1021
|
+
this.logger.verbose(
|
|
1022
|
+
`SSO capability verification initiated after ${parentApi}`,
|
|
1023
|
+
correlationId
|
|
1024
|
+
);
|
|
1025
|
+
|
|
1026
|
+
/*
|
|
1027
|
+
* Use setTimeout to ensure this runs in a separate macrotask after the current call stack completes
|
|
1028
|
+
* This ensures the result is returned to the caller before the SSO verification starts and doesn't affect performance
|
|
1029
|
+
*/
|
|
1030
|
+
setTimeout(() => {
|
|
1031
|
+
const ssoVerificationRequest: SsoSilentRequest = {
|
|
1032
|
+
account: account,
|
|
1033
|
+
correlationId: correlationId,
|
|
1034
|
+
};
|
|
1035
|
+
|
|
1036
|
+
const silentIframeClient =
|
|
1037
|
+
this.createSilentIframeClient(correlationId);
|
|
1038
|
+
silentIframeClient
|
|
1039
|
+
.verifySso(ssoVerificationRequest)
|
|
1040
|
+
.then((success: boolean) => {
|
|
1041
|
+
this.logger.verbose(
|
|
1042
|
+
`SSO capability verification completed after ${parentApi}, success: ${success}`,
|
|
1043
|
+
correlationId
|
|
1044
|
+
);
|
|
1045
|
+
ssoCapableMeasurement.end(
|
|
1046
|
+
{
|
|
1047
|
+
fromCache: false,
|
|
1048
|
+
success: success,
|
|
1049
|
+
},
|
|
1050
|
+
undefined,
|
|
1051
|
+
account
|
|
1052
|
+
);
|
|
1053
|
+
})
|
|
1054
|
+
.catch((error: Error) => {
|
|
1055
|
+
this.logger.warning(
|
|
1056
|
+
`SSO capability verification failed after ${parentApi}: ${error.message}`,
|
|
1057
|
+
correlationId
|
|
1058
|
+
);
|
|
1059
|
+
ssoCapableMeasurement.end(
|
|
1060
|
+
{
|
|
1061
|
+
fromCache: false,
|
|
1062
|
+
success: false,
|
|
1063
|
+
},
|
|
1064
|
+
error,
|
|
1065
|
+
account
|
|
1066
|
+
);
|
|
1067
|
+
});
|
|
1068
|
+
}, 0);
|
|
1069
|
+
}
|
|
987
1070
|
// #endregion
|
|
988
1071
|
|
|
989
1072
|
// #region Silent Flow
|
|
@@ -2248,6 +2331,15 @@ export class StandardController implements IController {
|
|
|
2248
2331
|
);
|
|
2249
2332
|
|
|
2250
2333
|
if (shouldTryToResolveSilently) {
|
|
2334
|
+
const silentRefreshReason = `${refreshTokenError.errorCode}${
|
|
2335
|
+
refreshTokenError.subError
|
|
2336
|
+
? `|${refreshTokenError.subError}`
|
|
2337
|
+
: ""
|
|
2338
|
+
}`;
|
|
2339
|
+
this.performanceClient.addFields(
|
|
2340
|
+
{ silentRefreshReason },
|
|
2341
|
+
silentRequest.correlationId
|
|
2342
|
+
);
|
|
2251
2343
|
if (!this.activeIframeRequest) {
|
|
2252
2344
|
let _resolve: (result: boolean) => void;
|
|
2253
2345
|
// Always set the active request tracker immediately after checking it to prevent races
|
|
@@ -16,6 +16,7 @@ import {
|
|
|
16
16
|
ProtocolMode,
|
|
17
17
|
CommonAuthorizationUrlRequest,
|
|
18
18
|
HttpMethod,
|
|
19
|
+
AuthorizeProtocol,
|
|
19
20
|
} from "@azure/msal-common/browser";
|
|
20
21
|
import { StandardInteractionClient } from "./StandardInteractionClient.js";
|
|
21
22
|
import { BrowserConfiguration } from "../config/Configuration.js";
|
|
@@ -349,6 +350,141 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
349
350
|
}
|
|
350
351
|
}
|
|
351
352
|
|
|
353
|
+
/**
|
|
354
|
+
* Verifies SSO capability by making an iframe request to /authorize without exchanging the code for tokens.
|
|
355
|
+
* This is useful for verifying SSO capability in the background without the overhead of a full token exchange.
|
|
356
|
+
* @param request - The SSO silent request
|
|
357
|
+
* @returns true if SSO verification was successful with a valid authorization code, false otherwise
|
|
358
|
+
*/
|
|
359
|
+
async verifySso(request: SsoSilentRequest): Promise<boolean> {
|
|
360
|
+
this.performanceClient.addQueueMeasurement(
|
|
361
|
+
PerformanceEvents.SilentIframeClientAcquireToken,
|
|
362
|
+
request.correlationId
|
|
363
|
+
);
|
|
364
|
+
|
|
365
|
+
const inputRequest = { ...request };
|
|
366
|
+
if (!inputRequest.prompt) {
|
|
367
|
+
inputRequest.prompt = PromptValue.NONE;
|
|
368
|
+
}
|
|
369
|
+
|
|
370
|
+
// Create silent request
|
|
371
|
+
const silentRequest: CommonAuthorizationUrlRequest = await invokeAsync(
|
|
372
|
+
this.initializeAuthorizationRequest.bind(this),
|
|
373
|
+
PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest,
|
|
374
|
+
this.logger,
|
|
375
|
+
this.performanceClient,
|
|
376
|
+
request.correlationId
|
|
377
|
+
)(inputRequest, InteractionType.Silent);
|
|
378
|
+
|
|
379
|
+
const authClient = await invokeAsync(
|
|
380
|
+
this.createAuthCodeClient.bind(this),
|
|
381
|
+
PerformanceEvents.StandardInteractionClientCreateAuthCodeClient,
|
|
382
|
+
this.logger,
|
|
383
|
+
this.performanceClient,
|
|
384
|
+
request.correlationId
|
|
385
|
+
)({
|
|
386
|
+
serverTelemetryManager: this.initializeServerTelemetryManager(
|
|
387
|
+
this.apiId
|
|
388
|
+
),
|
|
389
|
+
requestAuthority: silentRequest.authority,
|
|
390
|
+
requestAzureCloudOptions: silentRequest.azureCloudOptions,
|
|
391
|
+
requestExtraQueryParameters: silentRequest.extraQueryParameters,
|
|
392
|
+
account: silentRequest.account,
|
|
393
|
+
});
|
|
394
|
+
|
|
395
|
+
const correlationId = silentRequest.correlationId;
|
|
396
|
+
const pkceCodes = await invokeAsync(
|
|
397
|
+
generatePkceCodes,
|
|
398
|
+
PerformanceEvents.GeneratePkceCodes,
|
|
399
|
+
this.logger,
|
|
400
|
+
this.performanceClient,
|
|
401
|
+
correlationId
|
|
402
|
+
)(this.performanceClient, this.logger, correlationId);
|
|
403
|
+
|
|
404
|
+
const requestWithPkce = {
|
|
405
|
+
...silentRequest,
|
|
406
|
+
codeChallenge: pkceCodes.challenge,
|
|
407
|
+
};
|
|
408
|
+
|
|
409
|
+
// Create authorize request url
|
|
410
|
+
const navigateUrl = await invokeAsync(
|
|
411
|
+
Authorize.getAuthCodeRequestUrl,
|
|
412
|
+
PerformanceEvents.GetAuthCodeUrl,
|
|
413
|
+
this.logger,
|
|
414
|
+
this.performanceClient,
|
|
415
|
+
correlationId
|
|
416
|
+
)(
|
|
417
|
+
this.config,
|
|
418
|
+
authClient.authority,
|
|
419
|
+
requestWithPkce,
|
|
420
|
+
this.logger,
|
|
421
|
+
this.performanceClient
|
|
422
|
+
);
|
|
423
|
+
|
|
424
|
+
// Get the frame handle for the silent request - this triggers the SSO verification
|
|
425
|
+
const msalFrame = await invokeAsync(
|
|
426
|
+
initiateCodeRequest,
|
|
427
|
+
PerformanceEvents.SilentHandlerInitiateAuthRequest,
|
|
428
|
+
this.logger,
|
|
429
|
+
this.performanceClient,
|
|
430
|
+
correlationId
|
|
431
|
+
)(
|
|
432
|
+
navigateUrl,
|
|
433
|
+
this.performanceClient,
|
|
434
|
+
this.logger,
|
|
435
|
+
correlationId,
|
|
436
|
+
this.config.system.navigateFrameWait
|
|
437
|
+
);
|
|
438
|
+
|
|
439
|
+
const responseType = this.config.auth.OIDCOptions.serverResponseType;
|
|
440
|
+
// Monitor the iframe for the response
|
|
441
|
+
const responseString = await invokeAsync(
|
|
442
|
+
monitorIframeForHash,
|
|
443
|
+
PerformanceEvents.SilentHandlerMonitorIframeForHash,
|
|
444
|
+
this.logger,
|
|
445
|
+
this.performanceClient,
|
|
446
|
+
correlationId
|
|
447
|
+
)(
|
|
448
|
+
msalFrame,
|
|
449
|
+
this.config.system.iframeHashTimeout,
|
|
450
|
+
this.config.system.pollIntervalMilliseconds,
|
|
451
|
+
this.performanceClient,
|
|
452
|
+
this.logger,
|
|
453
|
+
correlationId,
|
|
454
|
+
responseType
|
|
455
|
+
);
|
|
456
|
+
|
|
457
|
+
// Deserialize the response
|
|
458
|
+
const serverParams = invoke(
|
|
459
|
+
ResponseHandler.deserializeResponse,
|
|
460
|
+
PerformanceEvents.DeserializeResponse,
|
|
461
|
+
this.logger,
|
|
462
|
+
this.performanceClient,
|
|
463
|
+
correlationId
|
|
464
|
+
)(responseString, responseType, this.logger);
|
|
465
|
+
|
|
466
|
+
// Validate the response - this checks for errors and validates state
|
|
467
|
+
AuthorizeProtocol.validateAuthorizationResponse(
|
|
468
|
+
serverParams,
|
|
469
|
+
silentRequest.state
|
|
470
|
+
);
|
|
471
|
+
|
|
472
|
+
// Verify a valid authorization code is present
|
|
473
|
+
if (!serverParams.code) {
|
|
474
|
+
this.logger.warning(
|
|
475
|
+
"SSO verification response did not contain an authorization code",
|
|
476
|
+
correlationId
|
|
477
|
+
);
|
|
478
|
+
return false;
|
|
479
|
+
}
|
|
480
|
+
|
|
481
|
+
this.logger.verbose(
|
|
482
|
+
"SSO verification completed successfully with valid authorization code - skipped token exchange",
|
|
483
|
+
correlationId
|
|
484
|
+
);
|
|
485
|
+
return true;
|
|
486
|
+
}
|
|
487
|
+
|
|
352
488
|
/**
|
|
353
489
|
* Currently Unsupported
|
|
354
490
|
*/
|
package/src/packageMetadata.ts
CHANGED