@azure/msal-browser 4.28.2 → 4.29.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +25 -25
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +7 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +13 -2
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +109 -20
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +7 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts +13 -2
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +109 -20
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts +7 -0
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +49 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +5 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +15 -2
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts +7 -0
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +49 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +5 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +15 -2
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +10 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +375 -111
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.js +375 -111
- package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +7 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts +13 -2
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts +7 -0
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/lib/msal-browser.cjs +408 -113
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +408 -113
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +64 -64
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +7 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +13 -2
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts +7 -0
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +24 -13
- package/src/config/Configuration.ts +8 -0
- package/src/controllers/StandardController.ts +164 -39
- package/src/interaction_client/SilentIframeClient.ts +136 -0
- package/src/interaction_client/StandardInteractionClient.ts +12 -0
- package/src/interaction_handler/SilentHandler.ts +21 -1
- package/src/packageMetadata.ts +1 -1
- package/src/telemetry/BrowserPerformanceClient.ts +10 -0
- package/src/utils/MsalFrameStatsUtils.ts +27 -0
package/lib/msal-browser.cjs
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.29.1 2026-03-13 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v15.
|
|
5
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -279,7 +279,7 @@ const JsonWebTokenTypes = {
|
|
|
279
279
|
// Token renewal offset default in seconds
|
|
280
280
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
281
281
|
|
|
282
|
-
/*! @azure/msal-common v15.
|
|
282
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
283
283
|
/*
|
|
284
284
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
285
285
|
* Licensed under the MIT License.
|
|
@@ -296,7 +296,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
296
296
|
unexpectedError: unexpectedError
|
|
297
297
|
});
|
|
298
298
|
|
|
299
|
-
/*! @azure/msal-common v15.
|
|
299
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
300
300
|
|
|
301
301
|
/*
|
|
302
302
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -345,7 +345,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
345
345
|
: AuthErrorMessages[code]);
|
|
346
346
|
}
|
|
347
347
|
|
|
348
|
-
/*! @azure/msal-common v15.
|
|
348
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
349
349
|
/*
|
|
350
350
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
351
351
|
* Licensed under the MIT License.
|
|
@@ -445,7 +445,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
445
445
|
userTimeoutReached: userTimeoutReached
|
|
446
446
|
});
|
|
447
447
|
|
|
448
|
-
/*! @azure/msal-common v15.
|
|
448
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
449
449
|
|
|
450
450
|
/*
|
|
451
451
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -702,7 +702,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
702
702
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
703
703
|
}
|
|
704
704
|
|
|
705
|
-
/*! @azure/msal-common v15.
|
|
705
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
706
706
|
|
|
707
707
|
/*
|
|
708
708
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -741,7 +741,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
741
741
|
},
|
|
742
742
|
};
|
|
743
743
|
|
|
744
|
-
/*! @azure/msal-common v15.
|
|
744
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
745
745
|
|
|
746
746
|
/*
|
|
747
747
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -932,12 +932,12 @@ class Logger {
|
|
|
932
932
|
}
|
|
933
933
|
}
|
|
934
934
|
|
|
935
|
-
/*! @azure/msal-common v15.
|
|
935
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
936
936
|
/* eslint-disable header/header */
|
|
937
937
|
const name$1 = "@azure/msal-common";
|
|
938
|
-
const version$1 = "15.
|
|
938
|
+
const version$1 = "15.16.1";
|
|
939
939
|
|
|
940
|
-
/*! @azure/msal-common v15.
|
|
940
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
941
941
|
/*
|
|
942
942
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
943
943
|
* Licensed under the MIT License.
|
|
@@ -957,7 +957,7 @@ const AzureCloudInstance = {
|
|
|
957
957
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
958
958
|
};
|
|
959
959
|
|
|
960
|
-
/*! @azure/msal-common v15.
|
|
960
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
961
961
|
/*
|
|
962
962
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
963
963
|
* Licensed under the MIT License.
|
|
@@ -1015,7 +1015,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
1015
1015
|
urlParseError: urlParseError
|
|
1016
1016
|
});
|
|
1017
1017
|
|
|
1018
|
-
/*! @azure/msal-common v15.
|
|
1018
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1019
1019
|
|
|
1020
1020
|
/*
|
|
1021
1021
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1163,7 +1163,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
1163
1163
|
return new ClientConfigurationError(errorCode);
|
|
1164
1164
|
}
|
|
1165
1165
|
|
|
1166
|
-
/*! @azure/msal-common v15.
|
|
1166
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1167
1167
|
/*
|
|
1168
1168
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1169
1169
|
* Licensed under the MIT License.
|
|
@@ -1258,9 +1258,48 @@ class StringUtils {
|
|
|
1258
1258
|
.replace(/\?/g, "\\?"));
|
|
1259
1259
|
return regex.test(input);
|
|
1260
1260
|
}
|
|
1261
|
+
/**
|
|
1262
|
+
* Tests if a given string matches a given pattern using stricter, anchored matching semantics.
|
|
1263
|
+
*
|
|
1264
|
+
* Differences from `matchPattern` (legacy):
|
|
1265
|
+
* - All regex metacharacters (including `.`) in the pattern are treated as literals,
|
|
1266
|
+
* so `example.com` matches only `example.com` and not `exampleXcom`.
|
|
1267
|
+
* - The generated regex is anchored with `^` and `$` so partial/substring matches
|
|
1268
|
+
* are not allowed.
|
|
1269
|
+
* - `*` is the only supported wildcard. Its behaviour depends on the URL component:
|
|
1270
|
+
* - `host` component: `*` matches any sequence of characters that does NOT include
|
|
1271
|
+
* a dot (`.`), keeping wildcards within a single DNS label boundary.
|
|
1272
|
+
* - All other components: `*` matches any sequence of characters (including `/`).
|
|
1273
|
+
*
|
|
1274
|
+
* @param pattern - The `protectedResourceMap` key pattern to match against. `*` is a
|
|
1275
|
+
* multi-character wildcard; all other characters are treated as literals.
|
|
1276
|
+
* @param input - The URL component value (e.g. host, pathname) extracted from the
|
|
1277
|
+
* outgoing request URL to test against the pattern.
|
|
1278
|
+
* @param options - Optional. Provide `component` to enable component-aware wildcard
|
|
1279
|
+
* semantics. Accepted values: `"host"`, `"path"`, `"protocol"`, `"search"`,
|
|
1280
|
+
* `"hash"`. Defaults to path-style (permissive) matching when omitted.
|
|
1281
|
+
* @returns `true` if the full input string matches the pattern; `false` otherwise.
|
|
1282
|
+
*/
|
|
1283
|
+
static matchPatternStrict(pattern, input, options) {
|
|
1284
|
+
const component = options?.component;
|
|
1285
|
+
// Step 1: Escape all regex special characters so literals are matched literally.
|
|
1286
|
+
let regexBody = pattern.replace(/[.+^${}()|[\]\\*?]/g, "\\$&");
|
|
1287
|
+
// Step 2: Replace the escaped '*' with its component-aware regex equivalent.
|
|
1288
|
+
if (component === "host") {
|
|
1289
|
+
regexBody = regexBody.replace(/\\\*/g, "[^.]*");
|
|
1290
|
+
}
|
|
1291
|
+
else {
|
|
1292
|
+
// PATH, PROTOCOL, SEARCH, HASH, or unspecified: '*' matches any characters.
|
|
1293
|
+
regexBody = regexBody.replace(/\\\*/g, ".*");
|
|
1294
|
+
}
|
|
1295
|
+
// Step 3: Anchor for full-string matching.
|
|
1296
|
+
// eslint-disable-next-line security/detect-non-literal-regexp
|
|
1297
|
+
const regex = new RegExp(`^${regexBody}$`);
|
|
1298
|
+
return regex.test(input);
|
|
1299
|
+
}
|
|
1261
1300
|
}
|
|
1262
1301
|
|
|
1263
|
-
/*! @azure/msal-common v15.
|
|
1302
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1264
1303
|
|
|
1265
1304
|
/*
|
|
1266
1305
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1455,7 +1494,7 @@ class ScopeSet {
|
|
|
1455
1494
|
}
|
|
1456
1495
|
}
|
|
1457
1496
|
|
|
1458
|
-
/*! @azure/msal-common v15.
|
|
1497
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1459
1498
|
|
|
1460
1499
|
/*
|
|
1461
1500
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1495,7 +1534,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
1495
1534
|
};
|
|
1496
1535
|
}
|
|
1497
1536
|
|
|
1498
|
-
/*! @azure/msal-common v15.
|
|
1537
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1499
1538
|
/*
|
|
1500
1539
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1501
1540
|
* Licensed under the MIT License.
|
|
@@ -1577,7 +1616,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1577
1616
|
return updatedAccountInfo;
|
|
1578
1617
|
}
|
|
1579
1618
|
|
|
1580
|
-
/*! @azure/msal-common v15.
|
|
1619
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1581
1620
|
/*
|
|
1582
1621
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1583
1622
|
* Licensed under the MIT License.
|
|
@@ -1592,7 +1631,7 @@ const AuthorityType = {
|
|
|
1592
1631
|
Ciam: 3,
|
|
1593
1632
|
};
|
|
1594
1633
|
|
|
1595
|
-
/*! @azure/msal-common v15.
|
|
1634
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1596
1635
|
/*
|
|
1597
1636
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1598
1637
|
* Licensed under the MIT License.
|
|
@@ -1614,7 +1653,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
1614
1653
|
return null;
|
|
1615
1654
|
}
|
|
1616
1655
|
|
|
1617
|
-
/*! @azure/msal-common v15.
|
|
1656
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1618
1657
|
/*
|
|
1619
1658
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1620
1659
|
* Licensed under the MIT License.
|
|
@@ -1638,7 +1677,7 @@ const ProtocolMode = {
|
|
|
1638
1677
|
EAR: "EAR",
|
|
1639
1678
|
};
|
|
1640
1679
|
|
|
1641
|
-
/*! @azure/msal-common v15.
|
|
1680
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1642
1681
|
|
|
1643
1682
|
/*
|
|
1644
1683
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1873,7 +1912,7 @@ class AccountEntity {
|
|
|
1873
1912
|
}
|
|
1874
1913
|
}
|
|
1875
1914
|
|
|
1876
|
-
/*! @azure/msal-common v15.
|
|
1915
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1877
1916
|
|
|
1878
1917
|
/*
|
|
1879
1918
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1954,7 +1993,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1954
1993
|
}
|
|
1955
1994
|
}
|
|
1956
1995
|
|
|
1957
|
-
/*! @azure/msal-common v15.
|
|
1996
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1958
1997
|
|
|
1959
1998
|
/*
|
|
1960
1999
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2070,7 +2109,7 @@ function normalizeUrlForComparison(url) {
|
|
|
2070
2109
|
}
|
|
2071
2110
|
}
|
|
2072
2111
|
|
|
2073
|
-
/*! @azure/msal-common v15.
|
|
2112
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
2074
2113
|
|
|
2075
2114
|
/*
|
|
2076
2115
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2234,7 +2273,7 @@ class UrlString {
|
|
|
2234
2273
|
}
|
|
2235
2274
|
}
|
|
2236
2275
|
|
|
2237
|
-
/*! @azure/msal-common v15.
|
|
2276
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
2238
2277
|
|
|
2239
2278
|
/*
|
|
2240
2279
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2409,7 +2448,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2409
2448
|
return null;
|
|
2410
2449
|
}
|
|
2411
2450
|
|
|
2412
|
-
/*! @azure/msal-common v15.
|
|
2451
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
2413
2452
|
/*
|
|
2414
2453
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2415
2454
|
* Licensed under the MIT License.
|
|
@@ -2417,7 +2456,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2417
2456
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2418
2457
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2419
2458
|
|
|
2420
|
-
/*! @azure/msal-common v15.
|
|
2459
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
2421
2460
|
|
|
2422
2461
|
/*
|
|
2423
2462
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2462,7 +2501,7 @@ function createCacheError(e) {
|
|
|
2462
2501
|
}
|
|
2463
2502
|
}
|
|
2464
2503
|
|
|
2465
|
-
/*! @azure/msal-common v15.
|
|
2504
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
2466
2505
|
|
|
2467
2506
|
/*
|
|
2468
2507
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3573,7 +3612,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3573
3612
|
}
|
|
3574
3613
|
}
|
|
3575
3614
|
|
|
3576
|
-
/*! @azure/msal-common v15.
|
|
3615
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
3577
3616
|
/*
|
|
3578
3617
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3579
3618
|
* Licensed under the MIT License.
|
|
@@ -3835,6 +3874,11 @@ const PerformanceEvents = {
|
|
|
3835
3874
|
LoadIdToken: "loadIdToken",
|
|
3836
3875
|
LoadAccessToken: "loadAccessToken",
|
|
3837
3876
|
LoadRefreshToken: "loadRefreshToken",
|
|
3877
|
+
/**
|
|
3878
|
+
* SSO capability verification call (msal-browser).
|
|
3879
|
+
* Fire-and-forget SSO verification call made after interactive authentication completes.
|
|
3880
|
+
*/
|
|
3881
|
+
SsoCapable: "ssoCapable",
|
|
3838
3882
|
};
|
|
3839
3883
|
const PerformanceEventAbbreviations = new Map([
|
|
3840
3884
|
[PerformanceEvents.AcquireTokenByCode, "ATByCode"],
|
|
@@ -4062,6 +4106,7 @@ const PerformanceEventAbbreviations = new Map([
|
|
|
4062
4106
|
[PerformanceEvents.Decrypt, "decrypt"],
|
|
4063
4107
|
[PerformanceEvents.GenerateEarKey, "genEarKey"],
|
|
4064
4108
|
[PerformanceEvents.DecryptEarResponse, "decryptEarResp"],
|
|
4109
|
+
[PerformanceEvents.SsoCapable, "SsoCapable"],
|
|
4065
4110
|
]);
|
|
4066
4111
|
/**
|
|
4067
4112
|
* State of the performance event.
|
|
@@ -4098,9 +4143,14 @@ const IntFields = new Set([
|
|
|
4098
4143
|
"currRefreshCount",
|
|
4099
4144
|
"expiredCacheRemovedCount",
|
|
4100
4145
|
"upgradedCacheCount",
|
|
4146
|
+
"networkRtt",
|
|
4147
|
+
"iframePollIntervalMs",
|
|
4148
|
+
"iframeTimeoutMs",
|
|
4149
|
+
"iframeTickCount",
|
|
4150
|
+
"crossOriginTickCount",
|
|
4101
4151
|
]);
|
|
4102
4152
|
|
|
4103
|
-
/*! @azure/msal-common v15.
|
|
4153
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4104
4154
|
|
|
4105
4155
|
/*
|
|
4106
4156
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4179,7 +4229,7 @@ class StubPerformanceClient {
|
|
|
4179
4229
|
}
|
|
4180
4230
|
}
|
|
4181
4231
|
|
|
4182
|
-
/*! @azure/msal-common v15.
|
|
4232
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4183
4233
|
|
|
4184
4234
|
/*
|
|
4185
4235
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4279,7 +4329,7 @@ function isOidcProtocolMode(config) {
|
|
|
4279
4329
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
4280
4330
|
}
|
|
4281
4331
|
|
|
4282
|
-
/*! @azure/msal-common v15.
|
|
4332
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4283
4333
|
/*
|
|
4284
4334
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4285
4335
|
* Licensed under the MIT License.
|
|
@@ -4289,7 +4339,7 @@ const CcsCredentialType = {
|
|
|
4289
4339
|
UPN: "UPN",
|
|
4290
4340
|
};
|
|
4291
4341
|
|
|
4292
|
-
/*! @azure/msal-common v15.
|
|
4342
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4293
4343
|
/*
|
|
4294
4344
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4295
4345
|
* Licensed under the MIT License.
|
|
@@ -4339,7 +4389,7 @@ const INSTANCE_AWARE = "instance_aware";
|
|
|
4339
4389
|
const EAR_JWK = "ear_jwk";
|
|
4340
4390
|
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
4341
4391
|
|
|
4342
|
-
/*! @azure/msal-common v15.
|
|
4392
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4343
4393
|
|
|
4344
4394
|
/*
|
|
4345
4395
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4719,7 +4769,7 @@ function addPostBodyParameters(parameters, bodyParameters) {
|
|
|
4719
4769
|
});
|
|
4720
4770
|
}
|
|
4721
4771
|
|
|
4722
|
-
/*! @azure/msal-common v15.
|
|
4772
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4723
4773
|
/*
|
|
4724
4774
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4725
4775
|
* Licensed under the MIT License.
|
|
@@ -4731,7 +4781,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
4731
4781
|
response.hasOwnProperty("jwks_uri"));
|
|
4732
4782
|
}
|
|
4733
4783
|
|
|
4734
|
-
/*! @azure/msal-common v15.
|
|
4784
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4735
4785
|
/*
|
|
4736
4786
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4737
4787
|
* Licensed under the MIT License.
|
|
@@ -4741,7 +4791,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
4741
4791
|
response.hasOwnProperty("metadata"));
|
|
4742
4792
|
}
|
|
4743
4793
|
|
|
4744
|
-
/*! @azure/msal-common v15.
|
|
4794
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4745
4795
|
/*
|
|
4746
4796
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4747
4797
|
* Licensed under the MIT License.
|
|
@@ -4751,7 +4801,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
4751
4801
|
response.hasOwnProperty("error_description"));
|
|
4752
4802
|
}
|
|
4753
4803
|
|
|
4754
|
-
/*! @azure/msal-common v15.
|
|
4804
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4755
4805
|
/*
|
|
4756
4806
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4757
4807
|
* Licensed under the MIT License.
|
|
@@ -4847,7 +4897,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
4847
4897
|
};
|
|
4848
4898
|
};
|
|
4849
4899
|
|
|
4850
|
-
/*! @azure/msal-common v15.
|
|
4900
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4851
4901
|
|
|
4852
4902
|
/*
|
|
4853
4903
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4953,7 +5003,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
4953
5003
|
},
|
|
4954
5004
|
};
|
|
4955
5005
|
|
|
4956
|
-
/*! @azure/msal-common v15.
|
|
5006
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4957
5007
|
/*
|
|
4958
5008
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4959
5009
|
* Licensed under the MIT License.
|
|
@@ -5018,7 +5068,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
5018
5068
|
return cachedAtSec > nowSeconds();
|
|
5019
5069
|
}
|
|
5020
5070
|
|
|
5021
|
-
/*! @azure/msal-common v15.
|
|
5071
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5022
5072
|
|
|
5023
5073
|
/*
|
|
5024
5074
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5280,7 +5330,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
5280
5330
|
return metadata.expiresAt <= nowSeconds();
|
|
5281
5331
|
}
|
|
5282
5332
|
|
|
5283
|
-
/*! @azure/msal-common v15.
|
|
5333
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5284
5334
|
|
|
5285
5335
|
/*
|
|
5286
5336
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6119,7 +6169,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
6119
6169
|
};
|
|
6120
6170
|
}
|
|
6121
6171
|
|
|
6122
|
-
/*! @azure/msal-common v15.
|
|
6172
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6123
6173
|
|
|
6124
6174
|
/*
|
|
6125
6175
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6150,7 +6200,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
6150
6200
|
}
|
|
6151
6201
|
}
|
|
6152
6202
|
|
|
6153
|
-
/*! @azure/msal-common v15.
|
|
6203
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6154
6204
|
|
|
6155
6205
|
/*
|
|
6156
6206
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6169,7 +6219,7 @@ class ServerError extends AuthError {
|
|
|
6169
6219
|
}
|
|
6170
6220
|
}
|
|
6171
6221
|
|
|
6172
|
-
/*! @azure/msal-common v15.
|
|
6222
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6173
6223
|
/*
|
|
6174
6224
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6175
6225
|
* Licensed under the MIT License.
|
|
@@ -6190,7 +6240,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
6190
6240
|
};
|
|
6191
6241
|
}
|
|
6192
6242
|
|
|
6193
|
-
/*! @azure/msal-common v15.
|
|
6243
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6194
6244
|
|
|
6195
6245
|
/*
|
|
6196
6246
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6277,7 +6327,7 @@ class ThrottlingUtils {
|
|
|
6277
6327
|
}
|
|
6278
6328
|
}
|
|
6279
6329
|
|
|
6280
|
-
/*! @azure/msal-common v15.
|
|
6330
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6281
6331
|
|
|
6282
6332
|
/*
|
|
6283
6333
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6308,7 +6358,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
6308
6358
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
6309
6359
|
}
|
|
6310
6360
|
|
|
6311
|
-
/*! @azure/msal-common v15.
|
|
6361
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6312
6362
|
|
|
6313
6363
|
/*
|
|
6314
6364
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6456,27 +6506,63 @@ class BaseClient {
|
|
|
6456
6506
|
}
|
|
6457
6507
|
}
|
|
6458
6508
|
|
|
6459
|
-
/*! @azure/msal-common v15.
|
|
6509
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6460
6510
|
/*
|
|
6461
6511
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6462
6512
|
* Licensed under the MIT License.
|
|
6463
6513
|
*/
|
|
6464
|
-
|
|
6514
|
+
/**
|
|
6515
|
+
* MSAL-defined interaction required error code indicating no tokens are found in cache.
|
|
6516
|
+
* @public
|
|
6517
|
+
*/
|
|
6465
6518
|
const noTokensFound = "no_tokens_found";
|
|
6519
|
+
/**
|
|
6520
|
+
* MSAL-defined error code indicating a native account is unavailable on the platform.
|
|
6521
|
+
* @public
|
|
6522
|
+
*/
|
|
6466
6523
|
const nativeAccountUnavailable = "native_account_unavailable";
|
|
6524
|
+
/**
|
|
6525
|
+
* MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
|
|
6526
|
+
* @public
|
|
6527
|
+
*/
|
|
6467
6528
|
const refreshTokenExpired = "refresh_token_expired";
|
|
6529
|
+
/**
|
|
6530
|
+
* MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
|
|
6531
|
+
* @public
|
|
6532
|
+
*/
|
|
6468
6533
|
const uxNotAllowed = "ux_not_allowed";
|
|
6469
|
-
|
|
6534
|
+
/**
|
|
6535
|
+
* Server-originated error code indicating interaction is required to complete the request.
|
|
6536
|
+
* @public
|
|
6537
|
+
*/
|
|
6470
6538
|
const interactionRequired = "interaction_required";
|
|
6539
|
+
/**
|
|
6540
|
+
* Server-originated error code indicating user consent is required.
|
|
6541
|
+
* @public
|
|
6542
|
+
*/
|
|
6471
6543
|
const consentRequired = "consent_required";
|
|
6544
|
+
/**
|
|
6545
|
+
* Server-originated error code indicating user login is required.
|
|
6546
|
+
* @public
|
|
6547
|
+
*/
|
|
6472
6548
|
const loginRequired = "login_required";
|
|
6473
|
-
|
|
6549
|
+
/**
|
|
6550
|
+
* Server-originated error code indicating the token is invalid or corrupted.
|
|
6551
|
+
* @public
|
|
6552
|
+
*/
|
|
6553
|
+
const badToken = "bad_token";
|
|
6554
|
+
/**
|
|
6555
|
+
* Server-originated error code indicating the user was interrupted and must reattempt the flow.
|
|
6556
|
+
* @public
|
|
6557
|
+
*/
|
|
6558
|
+
const interruptedUser = "interrupted_user";
|
|
6474
6559
|
|
|
6475
6560
|
var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
6476
6561
|
__proto__: null,
|
|
6477
6562
|
badToken: badToken,
|
|
6478
6563
|
consentRequired: consentRequired,
|
|
6479
6564
|
interactionRequired: interactionRequired,
|
|
6565
|
+
interruptedUser: interruptedUser,
|
|
6480
6566
|
loginRequired: loginRequired,
|
|
6481
6567
|
nativeAccountUnavailable: nativeAccountUnavailable,
|
|
6482
6568
|
noTokensFound: noTokensFound,
|
|
@@ -6484,7 +6570,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
6484
6570
|
uxNotAllowed: uxNotAllowed
|
|
6485
6571
|
});
|
|
6486
6572
|
|
|
6487
|
-
/*! @azure/msal-common v15.
|
|
6573
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6488
6574
|
|
|
6489
6575
|
/*
|
|
6490
6576
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6499,6 +6585,7 @@ const InteractionRequiredServerErrorMessage = [
|
|
|
6499
6585
|
loginRequired,
|
|
6500
6586
|
badToken,
|
|
6501
6587
|
uxNotAllowed,
|
|
6588
|
+
interruptedUser,
|
|
6502
6589
|
];
|
|
6503
6590
|
const InteractionRequiredAuthSubErrorMessage = [
|
|
6504
6591
|
"message_only",
|
|
@@ -6507,6 +6594,7 @@ const InteractionRequiredAuthSubErrorMessage = [
|
|
|
6507
6594
|
"user_password_expired",
|
|
6508
6595
|
"consent_required",
|
|
6509
6596
|
"bad_token",
|
|
6597
|
+
"interrupted_user",
|
|
6510
6598
|
];
|
|
6511
6599
|
const InteractionRequiredAuthErrorMessages = {
|
|
6512
6600
|
[noTokensFound]: "No refresh token found in the cache. Please sign-in.",
|
|
@@ -6514,6 +6602,7 @@ const InteractionRequiredAuthErrorMessages = {
|
|
|
6514
6602
|
[refreshTokenExpired]: "Refresh token has expired.",
|
|
6515
6603
|
[badToken]: "Identity provider returned bad_token due to an expired or invalid refresh token. Please invoke an interactive API to resolve.",
|
|
6516
6604
|
[uxNotAllowed]: "`canShowUI` flag in Edge was set to false. User interaction required on web page. Please invoke an interactive API to resolve.",
|
|
6605
|
+
[interruptedUser]: "The user could not be authenticated due to an interrupted state. Please invoke an interactive API to resolve.",
|
|
6517
6606
|
};
|
|
6518
6607
|
/**
|
|
6519
6608
|
* Interaction required errors defined by the SDK
|
|
@@ -6532,6 +6621,10 @@ const InteractionRequiredAuthErrorMessage = {
|
|
|
6532
6621
|
code: badToken,
|
|
6533
6622
|
desc: InteractionRequiredAuthErrorMessages[badToken],
|
|
6534
6623
|
},
|
|
6624
|
+
interrupted_user: {
|
|
6625
|
+
code: interruptedUser,
|
|
6626
|
+
desc: InteractionRequiredAuthErrorMessages[interruptedUser],
|
|
6627
|
+
},
|
|
6535
6628
|
};
|
|
6536
6629
|
/**
|
|
6537
6630
|
* Error thrown when user interaction is required.
|
|
@@ -6574,7 +6667,7 @@ function createInteractionRequiredAuthError(errorCode) {
|
|
|
6574
6667
|
return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
|
|
6575
6668
|
}
|
|
6576
6669
|
|
|
6577
|
-
/*! @azure/msal-common v15.
|
|
6670
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6578
6671
|
|
|
6579
6672
|
/*
|
|
6580
6673
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6646,7 +6739,7 @@ class ProtocolUtils {
|
|
|
6646
6739
|
}
|
|
6647
6740
|
}
|
|
6648
6741
|
|
|
6649
|
-
/*! @azure/msal-common v15.
|
|
6742
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6650
6743
|
|
|
6651
6744
|
/*
|
|
6652
6745
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6728,7 +6821,7 @@ class PopTokenGenerator {
|
|
|
6728
6821
|
}
|
|
6729
6822
|
}
|
|
6730
6823
|
|
|
6731
|
-
/*! @azure/msal-common v15.
|
|
6824
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6732
6825
|
/*
|
|
6733
6826
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6734
6827
|
* Licensed under the MIT License.
|
|
@@ -6755,7 +6848,7 @@ class PopTokenGenerator {
|
|
|
6755
6848
|
}
|
|
6756
6849
|
}
|
|
6757
6850
|
|
|
6758
|
-
/*! @azure/msal-common v15.
|
|
6851
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6759
6852
|
|
|
6760
6853
|
/*
|
|
6761
6854
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7094,7 +7187,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
7094
7187
|
return baseAccount;
|
|
7095
7188
|
}
|
|
7096
7189
|
|
|
7097
|
-
/*! @azure/msal-common v15.
|
|
7190
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7098
7191
|
/*
|
|
7099
7192
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7100
7193
|
* Licensed under the MIT License.
|
|
@@ -7112,7 +7205,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
7112
7205
|
}
|
|
7113
7206
|
}
|
|
7114
7207
|
|
|
7115
|
-
/*! @azure/msal-common v15.
|
|
7208
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7116
7209
|
|
|
7117
7210
|
/*
|
|
7118
7211
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7261,11 +7354,6 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7261
7354
|
throw createClientConfigurationError(missingSshJwk);
|
|
7262
7355
|
}
|
|
7263
7356
|
}
|
|
7264
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
7265
|
-
(this.config.authOptions.clientCapabilities &&
|
|
7266
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
7267
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
7268
|
-
}
|
|
7269
7357
|
let ccsCred = undefined;
|
|
7270
7358
|
if (request.clientInfo) {
|
|
7271
7359
|
try {
|
|
@@ -7315,6 +7403,15 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7315
7403
|
});
|
|
7316
7404
|
}
|
|
7317
7405
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
7406
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
7407
|
+
const configClaims = request.skipBrokerClaims &&
|
|
7408
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
7409
|
+
? undefined
|
|
7410
|
+
: this.config.authOptions.clientCapabilities;
|
|
7411
|
+
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
7412
|
+
(configClaims && configClaims.length > 0)) {
|
|
7413
|
+
addClaims(parameters, request.claims, configClaims);
|
|
7414
|
+
}
|
|
7318
7415
|
return mapToQueryString(parameters);
|
|
7319
7416
|
}
|
|
7320
7417
|
/**
|
|
@@ -7348,7 +7445,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7348
7445
|
}
|
|
7349
7446
|
}
|
|
7350
7447
|
|
|
7351
|
-
/*! @azure/msal-common v15.
|
|
7448
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7352
7449
|
|
|
7353
7450
|
/*
|
|
7354
7451
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7526,11 +7623,6 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7526
7623
|
throw createClientConfigurationError(missingSshJwk);
|
|
7527
7624
|
}
|
|
7528
7625
|
}
|
|
7529
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
7530
|
-
(this.config.authOptions.clientCapabilities &&
|
|
7531
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
7532
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
7533
|
-
}
|
|
7534
7626
|
if (this.config.systemOptions.preventCorsPreflight &&
|
|
7535
7627
|
request.ccsCredential) {
|
|
7536
7628
|
switch (request.ccsCredential.type) {
|
|
@@ -7556,11 +7648,20 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7556
7648
|
addExtraQueryParameters(parameters, request.tokenBodyParameters);
|
|
7557
7649
|
}
|
|
7558
7650
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
7651
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
7652
|
+
const configClaims = request.skipBrokerClaims &&
|
|
7653
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
7654
|
+
? undefined
|
|
7655
|
+
: this.config.authOptions.clientCapabilities;
|
|
7656
|
+
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
7657
|
+
(configClaims && configClaims.length > 0)) {
|
|
7658
|
+
addClaims(parameters, request.claims, configClaims);
|
|
7659
|
+
}
|
|
7559
7660
|
return mapToQueryString(parameters);
|
|
7560
7661
|
}
|
|
7561
7662
|
}
|
|
7562
7663
|
|
|
7563
|
-
/*! @azure/msal-common v15.
|
|
7664
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7564
7665
|
|
|
7565
7666
|
/*
|
|
7566
7667
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7658,7 +7759,7 @@ class SilentFlowClient extends BaseClient {
|
|
|
7658
7759
|
}
|
|
7659
7760
|
}
|
|
7660
7761
|
|
|
7661
|
-
/*! @azure/msal-common v15.
|
|
7762
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7662
7763
|
|
|
7663
7764
|
/*
|
|
7664
7765
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7673,7 +7774,7 @@ const StubbedNetworkModule = {
|
|
|
7673
7774
|
},
|
|
7674
7775
|
};
|
|
7675
7776
|
|
|
7676
|
-
/*! @azure/msal-common v15.
|
|
7777
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7677
7778
|
|
|
7678
7779
|
/*
|
|
7679
7780
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7794,14 +7895,17 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
|
|
|
7794
7895
|
if (request.state) {
|
|
7795
7896
|
addState(parameters, request.state);
|
|
7796
7897
|
}
|
|
7797
|
-
if (request.claims ||
|
|
7798
|
-
(authOptions.clientCapabilities &&
|
|
7799
|
-
authOptions.clientCapabilities.length > 0)) {
|
|
7800
|
-
addClaims(parameters, request.claims, authOptions.clientCapabilities);
|
|
7801
|
-
}
|
|
7802
7898
|
if (request.embeddedClientId) {
|
|
7803
7899
|
addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
|
|
7804
7900
|
}
|
|
7901
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
7902
|
+
const configClaims = request.skipBrokerClaims &&
|
|
7903
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
7904
|
+
? undefined
|
|
7905
|
+
: authOptions.clientCapabilities;
|
|
7906
|
+
if (request.claims || (configClaims && configClaims.length > 0)) {
|
|
7907
|
+
addClaims(parameters, request.claims, configClaims);
|
|
7908
|
+
}
|
|
7805
7909
|
// If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
|
|
7806
7910
|
if (authOptions.instanceAware &&
|
|
7807
7911
|
(!request.extraQueryParameters ||
|
|
@@ -7897,7 +8001,7 @@ function extractLoginHint(account) {
|
|
|
7897
8001
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
7898
8002
|
}
|
|
7899
8003
|
|
|
7900
|
-
/*! @azure/msal-common v15.
|
|
8004
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7901
8005
|
|
|
7902
8006
|
/*
|
|
7903
8007
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7955,7 +8059,7 @@ class AuthenticationHeaderParser {
|
|
|
7955
8059
|
}
|
|
7956
8060
|
}
|
|
7957
8061
|
|
|
7958
|
-
/*! @azure/msal-common v15.
|
|
8062
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7959
8063
|
|
|
7960
8064
|
/*
|
|
7961
8065
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8218,7 +8322,7 @@ class ServerTelemetryManager {
|
|
|
8218
8322
|
}
|
|
8219
8323
|
}
|
|
8220
8324
|
|
|
8221
|
-
/*! @azure/msal-common v15.
|
|
8325
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
8222
8326
|
/*
|
|
8223
8327
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8224
8328
|
* Licensed under the MIT License.
|
|
@@ -8226,7 +8330,7 @@ class ServerTelemetryManager {
|
|
|
8226
8330
|
const missingKidError = "missing_kid_error";
|
|
8227
8331
|
const missingAlgError = "missing_alg_error";
|
|
8228
8332
|
|
|
8229
|
-
/*! @azure/msal-common v15.
|
|
8333
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
8230
8334
|
|
|
8231
8335
|
/*
|
|
8232
8336
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8251,7 +8355,7 @@ function createJoseHeaderError(code) {
|
|
|
8251
8355
|
return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
|
|
8252
8356
|
}
|
|
8253
8357
|
|
|
8254
|
-
/*! @azure/msal-common v15.
|
|
8358
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
8255
8359
|
|
|
8256
8360
|
/*
|
|
8257
8361
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8291,7 +8395,7 @@ class JoseHeader {
|
|
|
8291
8395
|
}
|
|
8292
8396
|
}
|
|
8293
8397
|
|
|
8294
|
-
/*! @azure/msal-common v15.
|
|
8398
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
8295
8399
|
|
|
8296
8400
|
/*
|
|
8297
8401
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -10344,6 +10448,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
10344
10448
|
supportsNestedAppAuth: false,
|
|
10345
10449
|
instanceAware: false,
|
|
10346
10450
|
encodeExtraQueryParams: false,
|
|
10451
|
+
verifySSO: false,
|
|
10347
10452
|
};
|
|
10348
10453
|
// Default cache options for browser
|
|
10349
10454
|
const DEFAULT_CACHE_OPTIONS = {
|
|
@@ -10432,7 +10537,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
10432
10537
|
|
|
10433
10538
|
/* eslint-disable header/header */
|
|
10434
10539
|
const name = "@azure/msal-browser";
|
|
10435
|
-
const version = "4.
|
|
10540
|
+
const version = "4.29.1";
|
|
10436
10541
|
|
|
10437
10542
|
/*
|
|
10438
10543
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -13905,6 +14010,10 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
13905
14010
|
async initializeAuthorizationRequest(request, interactionType) {
|
|
13906
14011
|
this.performanceClient.addQueueMeasurement(PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.correlationId);
|
|
13907
14012
|
const redirectUri = this.getRedirectUri(request.redirectUri);
|
|
14013
|
+
if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
|
|
14014
|
+
this.logger.warning("The origin of the redirect URI does not match the origin of the current page. This is likely to cause issues with authentication.", this.correlationId);
|
|
14015
|
+
this.performanceClient.addFields({ isRedirectUriCrossOrigin: true }, this.correlationId);
|
|
14016
|
+
}
|
|
13908
14017
|
const browserState = {
|
|
13909
14018
|
interactionType: interactionType,
|
|
13910
14019
|
};
|
|
@@ -15515,14 +15624,28 @@ class PlatformAuthDOMHandler {
|
|
|
15515
15624
|
return nativeResponse;
|
|
15516
15625
|
}
|
|
15517
15626
|
getDOMExtraParams(extraParameters) {
|
|
15518
|
-
|
|
15519
|
-
|
|
15520
|
-
|
|
15521
|
-
|
|
15522
|
-
|
|
15523
|
-
|
|
15524
|
-
|
|
15525
|
-
|
|
15627
|
+
try {
|
|
15628
|
+
const stringifiedProperties = {};
|
|
15629
|
+
for (const [key, value] of Object.entries(extraParameters)) {
|
|
15630
|
+
if (!value) {
|
|
15631
|
+
continue;
|
|
15632
|
+
}
|
|
15633
|
+
if (typeof value === "object") {
|
|
15634
|
+
stringifiedProperties[key] = JSON.stringify(value);
|
|
15635
|
+
}
|
|
15636
|
+
else {
|
|
15637
|
+
stringifiedProperties[key] = String(value);
|
|
15638
|
+
}
|
|
15639
|
+
}
|
|
15640
|
+
return stringifiedProperties;
|
|
15641
|
+
}
|
|
15642
|
+
catch (e) {
|
|
15643
|
+
this.logger.error(this.platformAuthType + " - Error stringifying extra parameters");
|
|
15644
|
+
this.logger.errorPii(this.platformAuthType +
|
|
15645
|
+
" - Error stringifying extra parameters: " +
|
|
15646
|
+
e);
|
|
15647
|
+
return {};
|
|
15648
|
+
}
|
|
15526
15649
|
}
|
|
15527
15650
|
}
|
|
15528
15651
|
|
|
@@ -16589,6 +16712,12 @@ async function initiateEarRequest(config, authority, request, logger, performanc
|
|
|
16589
16712
|
*/
|
|
16590
16713
|
async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, performanceClient, logger, correlationId, responseType) {
|
|
16591
16714
|
performanceClient.addQueueMeasurement(PerformanceEvents.SilentHandlerMonitorIframeForHash, correlationId);
|
|
16715
|
+
performanceClient.addFields({
|
|
16716
|
+
iframePollIntervalMs: pollIntervalMilliseconds,
|
|
16717
|
+
iframeTimeoutMs: timeout,
|
|
16718
|
+
}, correlationId);
|
|
16719
|
+
let totalTickCount = 0;
|
|
16720
|
+
let crossOriginTickCount = 0;
|
|
16592
16721
|
return new Promise((resolve, reject) => {
|
|
16593
16722
|
if (timeout < DEFAULT_IFRAME_TIMEOUT_MS) {
|
|
16594
16723
|
logger.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${timeout}ms) than the default (${DEFAULT_IFRAME_TIMEOUT_MS}ms). This may result in timeouts.`);
|
|
@@ -16602,6 +16731,7 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
|
|
|
16602
16731
|
reject(createBrowserAuthError(monitorWindowTimeout));
|
|
16603
16732
|
}, timeout);
|
|
16604
16733
|
const intervalId = window.setInterval(() => {
|
|
16734
|
+
totalTickCount++;
|
|
16605
16735
|
let href = "";
|
|
16606
16736
|
const contentWindow = iframe.contentWindow;
|
|
16607
16737
|
try {
|
|
@@ -16612,7 +16742,9 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
|
|
|
16612
16742
|
*/
|
|
16613
16743
|
href = contentWindow ? contentWindow.location.href : "";
|
|
16614
16744
|
}
|
|
16615
|
-
catch (e) {
|
|
16745
|
+
catch (e) {
|
|
16746
|
+
crossOriginTickCount++;
|
|
16747
|
+
}
|
|
16616
16748
|
if (!href || href === "about:blank") {
|
|
16617
16749
|
return;
|
|
16618
16750
|
}
|
|
@@ -16630,6 +16762,10 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
|
|
|
16630
16762
|
resolve(responseString);
|
|
16631
16763
|
}, pollIntervalMilliseconds);
|
|
16632
16764
|
}).finally(() => {
|
|
16765
|
+
performanceClient.addFields({
|
|
16766
|
+
iframeTickCount: totalTickCount,
|
|
16767
|
+
crossOriginTickCount: crossOriginTickCount,
|
|
16768
|
+
}, correlationId);
|
|
16633
16769
|
invoke(removeHiddenIframe, PerformanceEvents.RemoveHiddenIframe, logger, performanceClient, correlationId)(iframe);
|
|
16634
16770
|
});
|
|
16635
16771
|
}
|
|
@@ -16817,6 +16953,52 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
16817
16953
|
return invokeAsync(handleResponseEAR, PerformanceEvents.HandleResponseEar, this.logger, this.performanceClient, correlationId)(silentRequest, serverParams, this.apiId, this.config, discoveredAuthority, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
16818
16954
|
}
|
|
16819
16955
|
}
|
|
16956
|
+
/**
|
|
16957
|
+
* Verifies SSO capability by making an iframe request to /authorize without exchanging the code for tokens.
|
|
16958
|
+
* This is useful for verifying SSO capability in the background without the overhead of a full token exchange.
|
|
16959
|
+
* @param request - The SSO silent request
|
|
16960
|
+
* @returns true if SSO verification was successful with a valid authorization code, false otherwise
|
|
16961
|
+
*/
|
|
16962
|
+
async verifySso(request) {
|
|
16963
|
+
this.performanceClient.addQueueMeasurement(PerformanceEvents.SilentIframeClientAcquireToken, request.correlationId);
|
|
16964
|
+
const inputRequest = { ...request };
|
|
16965
|
+
if (!inputRequest.prompt) {
|
|
16966
|
+
inputRequest.prompt = PromptValue.NONE;
|
|
16967
|
+
}
|
|
16968
|
+
// Create silent request
|
|
16969
|
+
const silentRequest = await invokeAsync(this.initializeAuthorizationRequest.bind(this), PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.logger, this.performanceClient, request.correlationId)(inputRequest, exports.InteractionType.Silent);
|
|
16970
|
+
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), PerformanceEvents.StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, request.correlationId)({
|
|
16971
|
+
serverTelemetryManager: this.initializeServerTelemetryManager(this.apiId),
|
|
16972
|
+
requestAuthority: silentRequest.authority,
|
|
16973
|
+
requestAzureCloudOptions: silentRequest.azureCloudOptions,
|
|
16974
|
+
requestExtraQueryParameters: silentRequest.extraQueryParameters,
|
|
16975
|
+
account: silentRequest.account,
|
|
16976
|
+
});
|
|
16977
|
+
const correlationId = silentRequest.correlationId;
|
|
16978
|
+
const pkceCodes = await invokeAsync(generatePkceCodes, PerformanceEvents.GeneratePkceCodes, this.logger, this.performanceClient, correlationId)(this.performanceClient, this.logger, correlationId);
|
|
16979
|
+
const requestWithPkce = {
|
|
16980
|
+
...silentRequest,
|
|
16981
|
+
codeChallenge: pkceCodes.challenge,
|
|
16982
|
+
};
|
|
16983
|
+
// Create authorize request url
|
|
16984
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, requestWithPkce, this.logger, this.performanceClient);
|
|
16985
|
+
// Get the frame handle for the silent request - this triggers the SSO verification
|
|
16986
|
+
const msalFrame = await invokeAsync(initiateCodeRequest, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId, this.config.system.navigateFrameWait);
|
|
16987
|
+
const responseType = this.config.auth.OIDCOptions.serverResponseType;
|
|
16988
|
+
// Monitor the iframe for the response
|
|
16989
|
+
const responseString = await invokeAsync(monitorIframeForHash, PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(msalFrame, this.config.system.iframeHashTimeout, this.config.system.pollIntervalMilliseconds, this.performanceClient, this.logger, correlationId, responseType);
|
|
16990
|
+
// Deserialize the response
|
|
16991
|
+
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger);
|
|
16992
|
+
// Validate the response - this checks for errors and validates state
|
|
16993
|
+
validateAuthorizationResponse(serverParams, silentRequest.state);
|
|
16994
|
+
// Verify a valid authorization code is present
|
|
16995
|
+
if (!serverParams.code) {
|
|
16996
|
+
this.logger.warning("SSO verification response did not contain an authorization code", correlationId);
|
|
16997
|
+
return false;
|
|
16998
|
+
}
|
|
16999
|
+
this.logger.verbose("SSO verification completed successfully with valid authorization code - skipped token exchange", correlationId);
|
|
17000
|
+
return true;
|
|
17001
|
+
}
|
|
16820
17002
|
/**
|
|
16821
17003
|
* Currently Unsupported
|
|
16822
17004
|
*/
|
|
@@ -17211,6 +17393,22 @@ class SilentAuthCodeClient extends StandardInteractionClient {
|
|
|
17211
17393
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
17212
17394
|
* Licensed under the MIT License.
|
|
17213
17395
|
*/
|
|
17396
|
+
/**
|
|
17397
|
+
* Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
|
|
17398
|
+
* @returns Network connection information, or an empty object if not available.
|
|
17399
|
+
*/
|
|
17400
|
+
function getNetworkInfo() {
|
|
17401
|
+
if (typeof window === "undefined" || !window.navigator) {
|
|
17402
|
+
return {};
|
|
17403
|
+
}
|
|
17404
|
+
const connection = "connection" in window.navigator
|
|
17405
|
+
? window.navigator.connection
|
|
17406
|
+
: undefined;
|
|
17407
|
+
return {
|
|
17408
|
+
effectiveType: connection?.effectiveType,
|
|
17409
|
+
rtt: connection?.rtt,
|
|
17410
|
+
};
|
|
17411
|
+
}
|
|
17214
17412
|
function collectInstanceStats(currentClientId, performanceEvent, logger) {
|
|
17215
17413
|
const frameInstances =
|
|
17216
17414
|
// @ts-ignore
|
|
@@ -17304,22 +17502,30 @@ class StandardController {
|
|
|
17304
17502
|
this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto, this.performanceClient);
|
|
17305
17503
|
this.activeSilentTokenRequests = new Map();
|
|
17306
17504
|
// Register listener functions
|
|
17307
|
-
this.
|
|
17308
|
-
|
|
17309
|
-
this.trackPageVisibilityWithMeasurement =
|
|
17310
|
-
this.trackPageVisibilityWithMeasurement.bind(this);
|
|
17505
|
+
this.trackStateChangeWithMeasurement =
|
|
17506
|
+
this.trackStateChangeWithMeasurement.bind(this);
|
|
17311
17507
|
}
|
|
17312
17508
|
static async createController(operatingContext, request) {
|
|
17313
17509
|
const controller = new StandardController(operatingContext);
|
|
17314
17510
|
await controller.initialize(request);
|
|
17315
17511
|
return controller;
|
|
17316
17512
|
}
|
|
17317
|
-
|
|
17513
|
+
trackStateChange(correlationId, event) {
|
|
17318
17514
|
if (!correlationId) {
|
|
17319
17515
|
return;
|
|
17320
17516
|
}
|
|
17321
|
-
|
|
17322
|
-
|
|
17517
|
+
if (event.type === "visibilitychange") {
|
|
17518
|
+
this.logger.info("Perf: Visibility change detected");
|
|
17519
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
|
|
17520
|
+
}
|
|
17521
|
+
else if (event.type === "online") {
|
|
17522
|
+
this.logger.info("Perf: Online status change detected");
|
|
17523
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
17524
|
+
}
|
|
17525
|
+
else if (event.type === "offline") {
|
|
17526
|
+
this.logger.info("Perf: Offline status change detected");
|
|
17527
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
17528
|
+
}
|
|
17323
17529
|
}
|
|
17324
17530
|
/**
|
|
17325
17531
|
* Initializer function to perform async startup tasks such as connecting to WAM extension
|
|
@@ -17467,6 +17673,8 @@ class StandardController {
|
|
|
17467
17673
|
rootMeasurement.end({
|
|
17468
17674
|
success: true,
|
|
17469
17675
|
}, undefined, result.account);
|
|
17676
|
+
// Fire-and-forget SSO capability verification in background
|
|
17677
|
+
this.verifySsoCapability(result.account, exports.InteractionType.Redirect);
|
|
17470
17678
|
}
|
|
17471
17679
|
else {
|
|
17472
17680
|
/*
|
|
@@ -17699,6 +17907,8 @@ class StandardController {
|
|
|
17699
17907
|
accessTokenSize: result.accessToken.length,
|
|
17700
17908
|
idTokenSize: result.idToken.length,
|
|
17701
17909
|
}, undefined, result.account);
|
|
17910
|
+
// SSO capability verification in background
|
|
17911
|
+
this.verifySsoCapability(result.account, exports.InteractionType.Popup);
|
|
17702
17912
|
return result;
|
|
17703
17913
|
})
|
|
17704
17914
|
.catch((e) => {
|
|
@@ -17721,16 +17931,87 @@ class StandardController {
|
|
|
17721
17931
|
}
|
|
17722
17932
|
});
|
|
17723
17933
|
}
|
|
17724
|
-
|
|
17934
|
+
trackStateChangeWithMeasurement(event) {
|
|
17725
17935
|
const measurement = this.ssoSilentMeasurement ||
|
|
17726
17936
|
this.acquireTokenByCodeAsyncMeasurement;
|
|
17727
17937
|
if (!measurement) {
|
|
17728
17938
|
return;
|
|
17729
17939
|
}
|
|
17730
|
-
|
|
17731
|
-
|
|
17732
|
-
|
|
17940
|
+
if (event.type === "visibilitychange") {
|
|
17941
|
+
this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
|
|
17942
|
+
measurement.increment({
|
|
17943
|
+
visibilityChangeCount: 1,
|
|
17944
|
+
});
|
|
17945
|
+
}
|
|
17946
|
+
else if (event.type === "online") {
|
|
17947
|
+
this.logger.info("Perf: Online status change detected in ", measurement.event.name);
|
|
17948
|
+
measurement.increment({
|
|
17949
|
+
onlineStatusChangeCount: 1,
|
|
17950
|
+
});
|
|
17951
|
+
}
|
|
17952
|
+
else if (event.type === "offline") {
|
|
17953
|
+
this.logger.info("Perf: Offline status change detected in ", measurement.event.name);
|
|
17954
|
+
measurement.increment({
|
|
17955
|
+
onlineStatusChangeCount: 1,
|
|
17956
|
+
});
|
|
17957
|
+
}
|
|
17958
|
+
}
|
|
17959
|
+
addStateChangeListeners(listener) {
|
|
17960
|
+
document.addEventListener("visibilitychange", listener);
|
|
17961
|
+
window.addEventListener("online", listener);
|
|
17962
|
+
window.addEventListener("offline", listener);
|
|
17963
|
+
}
|
|
17964
|
+
removeStateChangeListeners(listener) {
|
|
17965
|
+
document.removeEventListener("visibilitychange", listener);
|
|
17966
|
+
window.removeEventListener("online", listener);
|
|
17967
|
+
window.removeEventListener("offline", listener);
|
|
17968
|
+
}
|
|
17969
|
+
/**
|
|
17970
|
+
* SSO capability verification in the background.
|
|
17971
|
+
* This method makes an iframe request to /authorize to verify SSO capability without calling /token.
|
|
17972
|
+
* This method does not block the caller and tracks telemetry for success/failure.
|
|
17973
|
+
* This method only executes if verifySSO is set to true in the auth configuration.
|
|
17974
|
+
* @param account - The account to use for the SSO verification
|
|
17975
|
+
* @param parentApi - The API ID of the parent operation for logging purposes
|
|
17976
|
+
*/
|
|
17977
|
+
verifySsoCapability(account, parentApi) {
|
|
17978
|
+
// Check if SSO capability verification is enabled
|
|
17979
|
+
if (!this.config.auth.verifySSO) {
|
|
17980
|
+
return;
|
|
17981
|
+
}
|
|
17982
|
+
const correlationId = this.browserCrypto.createNewGuid();
|
|
17983
|
+
const ssoCapableMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.SsoCapable, correlationId);
|
|
17984
|
+
ssoCapableMeasurement.add({
|
|
17985
|
+
parentApi: parentApi,
|
|
17733
17986
|
});
|
|
17987
|
+
this.logger.verbose(`SSO capability verification initiated after ${parentApi}`, correlationId);
|
|
17988
|
+
/*
|
|
17989
|
+
* Use setTimeout to ensure this runs in a separate macrotask after the current call stack completes
|
|
17990
|
+
* This ensures the result is returned to the caller before the SSO verification starts and doesn't affect performance
|
|
17991
|
+
*/
|
|
17992
|
+
setTimeout(() => {
|
|
17993
|
+
const ssoVerificationRequest = {
|
|
17994
|
+
account: account,
|
|
17995
|
+
correlationId: correlationId,
|
|
17996
|
+
};
|
|
17997
|
+
const silentIframeClient = this.createSilentIframeClient(correlationId);
|
|
17998
|
+
silentIframeClient
|
|
17999
|
+
.verifySso(ssoVerificationRequest)
|
|
18000
|
+
.then((success) => {
|
|
18001
|
+
this.logger.verbose(`SSO capability verification completed after ${parentApi}, success: ${success}`, correlationId);
|
|
18002
|
+
ssoCapableMeasurement.end({
|
|
18003
|
+
fromCache: false,
|
|
18004
|
+
success: success,
|
|
18005
|
+
}, undefined, account);
|
|
18006
|
+
})
|
|
18007
|
+
.catch((error) => {
|
|
18008
|
+
this.logger.warning(`SSO capability verification failed after ${parentApi}: ${error.message}`, correlationId);
|
|
18009
|
+
ssoCapableMeasurement.end({
|
|
18010
|
+
fromCache: false,
|
|
18011
|
+
success: false,
|
|
18012
|
+
}, error, account);
|
|
18013
|
+
});
|
|
18014
|
+
}, 0);
|
|
17734
18015
|
}
|
|
17735
18016
|
// #endregion
|
|
17736
18017
|
// #region Silent Flow
|
|
@@ -17764,8 +18045,9 @@ class StandardController {
|
|
|
17764
18045
|
preflightCheck(this.initialized, this.ssoSilentMeasurement, request.account);
|
|
17765
18046
|
this.ssoSilentMeasurement?.increment({
|
|
17766
18047
|
visibilityChangeCount: 0,
|
|
18048
|
+
onlineStatusChangeCount: 0,
|
|
17767
18049
|
});
|
|
17768
|
-
|
|
18050
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
17769
18051
|
this.logger.verbose("ssoSilent called", correlationId);
|
|
17770
18052
|
this.eventHandler.emitEvent(EventType.SSO_SILENT_START, exports.InteractionType.Silent, validRequest);
|
|
17771
18053
|
let result;
|
|
@@ -17809,7 +18091,7 @@ class StandardController {
|
|
|
17809
18091
|
throw e;
|
|
17810
18092
|
})
|
|
17811
18093
|
.finally(() => {
|
|
17812
|
-
|
|
18094
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
17813
18095
|
});
|
|
17814
18096
|
}
|
|
17815
18097
|
/**
|
|
@@ -17921,8 +18203,9 @@ class StandardController {
|
|
|
17921
18203
|
this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenByCodeAsync, request.correlationId);
|
|
17922
18204
|
this.acquireTokenByCodeAsyncMeasurement?.increment({
|
|
17923
18205
|
visibilityChangeCount: 0,
|
|
18206
|
+
onlineStatusChangeCount: 0,
|
|
17924
18207
|
});
|
|
17925
|
-
|
|
18208
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
17926
18209
|
const silentAuthCodeClient = this.createSilentAuthCodeClient(request.correlationId);
|
|
17927
18210
|
const silentTokenResult = await silentAuthCodeClient
|
|
17928
18211
|
.acquireToken(request)
|
|
@@ -17940,7 +18223,7 @@ class StandardController {
|
|
|
17940
18223
|
throw tokenRenewalError;
|
|
17941
18224
|
})
|
|
17942
18225
|
.finally(() => {
|
|
17943
|
-
|
|
18226
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
17944
18227
|
});
|
|
17945
18228
|
return silentTokenResult;
|
|
17946
18229
|
}
|
|
@@ -18485,18 +18768,22 @@ class StandardController {
|
|
|
18485
18768
|
* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
|
|
18486
18769
|
*/
|
|
18487
18770
|
async acquireTokenSilentAsync(request, account) {
|
|
18488
|
-
const
|
|
18771
|
+
const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
|
|
18489
18772
|
this.performanceClient.addQueueMeasurement(PerformanceEvents.AcquireTokenSilentAsync, request.correlationId);
|
|
18490
18773
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, exports.InteractionType.Silent, request);
|
|
18491
18774
|
if (request.correlationId) {
|
|
18492
|
-
this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
|
|
18775
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
|
|
18493
18776
|
}
|
|
18494
|
-
|
|
18777
|
+
this.addStateChangeListeners(trackStateChange);
|
|
18495
18778
|
const silentRequest = await invokeAsync(initializeSilentRequest, PerformanceEvents.InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
|
|
18496
18779
|
const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
|
|
18497
18780
|
const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
|
|
18498
18781
|
const shouldTryToResolveSilently = checkIfRefreshTokenErrorCanBeResolvedSilently(refreshTokenError, cacheLookupPolicy);
|
|
18499
18782
|
if (shouldTryToResolveSilently) {
|
|
18783
|
+
const silentRefreshReason = `${refreshTokenError.errorCode}${refreshTokenError.subError
|
|
18784
|
+
? `|${refreshTokenError.subError}`
|
|
18785
|
+
: ""}`;
|
|
18786
|
+
this.performanceClient.addFields({ silentRefreshReason }, silentRequest.correlationId);
|
|
18500
18787
|
if (!this.activeIframeRequest) {
|
|
18501
18788
|
let _resolve;
|
|
18502
18789
|
// Always set the active request tracker immediately after checking it to prevent races
|
|
@@ -18566,7 +18853,7 @@ class StandardController {
|
|
|
18566
18853
|
throw tokenRenewalError;
|
|
18567
18854
|
})
|
|
18568
18855
|
.finally(() => {
|
|
18569
|
-
|
|
18856
|
+
this.removeStateChangeListeners(trackStateChange);
|
|
18570
18857
|
});
|
|
18571
18858
|
}
|
|
18572
18859
|
/**
|
|
@@ -20745,6 +21032,9 @@ class BrowserPerformanceClient extends PerformanceClient {
|
|
|
20745
21032
|
getPageVisibility() {
|
|
20746
21033
|
return document.visibilityState?.toString() || null;
|
|
20747
21034
|
}
|
|
21035
|
+
getOnlineStatus() {
|
|
21036
|
+
return typeof navigator !== "undefined" ? navigator.onLine : null;
|
|
21037
|
+
}
|
|
20748
21038
|
deleteIncompleteSubMeasurements(inProgressEvent) {
|
|
20749
21039
|
void getPerfMeasurementModule()?.then((module) => {
|
|
20750
21040
|
const rootEvent = this.eventsByCorrelationId.get(inProgressEvent.event.correlationId);
|
|
@@ -20771,6 +21061,7 @@ class BrowserPerformanceClient extends PerformanceClient {
|
|
|
20771
21061
|
startMeasurement(measureName, correlationId) {
|
|
20772
21062
|
// Capture page visibilityState and then invoke start/end measurement
|
|
20773
21063
|
const startPageVisibility = this.getPageVisibility();
|
|
21064
|
+
const startOnlineStatus = this.getOnlineStatus();
|
|
20774
21065
|
const inProgressEvent = super.startMeasurement(measureName, correlationId);
|
|
20775
21066
|
const startTime = supportsBrowserPerformanceNow()
|
|
20776
21067
|
? window.performance.now()
|
|
@@ -20782,11 +21073,15 @@ class BrowserPerformanceClient extends PerformanceClient {
|
|
|
20782
21073
|
return {
|
|
20783
21074
|
...inProgressEvent,
|
|
20784
21075
|
end: (event, error, account) => {
|
|
21076
|
+
const networkInfo = getNetworkInfo();
|
|
20785
21077
|
const res = inProgressEvent.end({
|
|
20786
21078
|
...event,
|
|
20787
21079
|
startPageVisibility,
|
|
21080
|
+
startOnlineStatus,
|
|
20788
21081
|
endPageVisibility: this.getPageVisibility(),
|
|
20789
21082
|
durationMs: getPerfDurationMs(startTime),
|
|
21083
|
+
networkEffectiveType: networkInfo.effectiveType,
|
|
21084
|
+
networkRtt: networkInfo.rtt,
|
|
20790
21085
|
}, error, account);
|
|
20791
21086
|
void browserMeasurement?.then((measurement) => measurement.endMeasurement());
|
|
20792
21087
|
this.deleteIncompleteSubMeasurements(inProgressEvent);
|