@azure/msal-browser 4.28.2 → 4.29.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +25 -25
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +7 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +13 -2
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +109 -20
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +7 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts +13 -2
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +109 -20
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts +7 -0
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +49 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +5 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +15 -2
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts +7 -0
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +49 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +5 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +15 -2
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +10 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +375 -111
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.js +375 -111
- package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +7 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts +13 -2
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts +7 -0
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/lib/msal-browser.cjs +408 -113
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +408 -113
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +64 -64
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +7 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +13 -2
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts +7 -0
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +24 -13
- package/src/config/Configuration.ts +8 -0
- package/src/controllers/StandardController.ts +164 -39
- package/src/interaction_client/SilentIframeClient.ts +136 -0
- package/src/interaction_client/StandardInteractionClient.ts +12 -0
- package/src/interaction_handler/SilentHandler.ts +21 -1
- package/src/packageMetadata.ts +1 -1
- package/src/telemetry/BrowserPerformanceClient.ts +10 -0
- package/src/utils/MsalFrameStatsUtils.ts +27 -0
package/lib/msal-browser.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.29.1 2026-03-13 */
|
|
2
2
|
'use strict';
|
|
3
3
|
(function (global, factory) {
|
|
4
4
|
typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
(global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
|
|
7
7
|
})(this, (function (exports) { 'use strict';
|
|
8
8
|
|
|
9
|
-
/*! @azure/msal-common v15.
|
|
9
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
10
10
|
/*
|
|
11
11
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
12
12
|
* Licensed under the MIT License.
|
|
@@ -283,7 +283,7 @@
|
|
|
283
283
|
// Token renewal offset default in seconds
|
|
284
284
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
285
285
|
|
|
286
|
-
/*! @azure/msal-common v15.
|
|
286
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
287
287
|
/*
|
|
288
288
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
289
289
|
* Licensed under the MIT License.
|
|
@@ -300,7 +300,7 @@
|
|
|
300
300
|
unexpectedError: unexpectedError
|
|
301
301
|
});
|
|
302
302
|
|
|
303
|
-
/*! @azure/msal-common v15.
|
|
303
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
304
304
|
|
|
305
305
|
/*
|
|
306
306
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -349,7 +349,7 @@
|
|
|
349
349
|
: AuthErrorMessages[code]);
|
|
350
350
|
}
|
|
351
351
|
|
|
352
|
-
/*! @azure/msal-common v15.
|
|
352
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
353
353
|
/*
|
|
354
354
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
355
355
|
* Licensed under the MIT License.
|
|
@@ -449,7 +449,7 @@
|
|
|
449
449
|
userTimeoutReached: userTimeoutReached
|
|
450
450
|
});
|
|
451
451
|
|
|
452
|
-
/*! @azure/msal-common v15.
|
|
452
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
453
453
|
|
|
454
454
|
/*
|
|
455
455
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -706,7 +706,7 @@
|
|
|
706
706
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
707
707
|
}
|
|
708
708
|
|
|
709
|
-
/*! @azure/msal-common v15.
|
|
709
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
710
710
|
|
|
711
711
|
/*
|
|
712
712
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -745,7 +745,7 @@
|
|
|
745
745
|
},
|
|
746
746
|
};
|
|
747
747
|
|
|
748
|
-
/*! @azure/msal-common v15.
|
|
748
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
749
749
|
|
|
750
750
|
/*
|
|
751
751
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -936,12 +936,12 @@
|
|
|
936
936
|
}
|
|
937
937
|
}
|
|
938
938
|
|
|
939
|
-
/*! @azure/msal-common v15.
|
|
939
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
940
940
|
/* eslint-disable header/header */
|
|
941
941
|
const name$1 = "@azure/msal-common";
|
|
942
|
-
const version$1 = "15.
|
|
942
|
+
const version$1 = "15.16.1";
|
|
943
943
|
|
|
944
|
-
/*! @azure/msal-common v15.
|
|
944
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
945
945
|
/*
|
|
946
946
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
947
947
|
* Licensed under the MIT License.
|
|
@@ -961,7 +961,7 @@
|
|
|
961
961
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
962
962
|
};
|
|
963
963
|
|
|
964
|
-
/*! @azure/msal-common v15.
|
|
964
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
965
965
|
/*
|
|
966
966
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
967
967
|
* Licensed under the MIT License.
|
|
@@ -1019,7 +1019,7 @@
|
|
|
1019
1019
|
urlParseError: urlParseError
|
|
1020
1020
|
});
|
|
1021
1021
|
|
|
1022
|
-
/*! @azure/msal-common v15.
|
|
1022
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1023
1023
|
|
|
1024
1024
|
/*
|
|
1025
1025
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1167,7 +1167,7 @@
|
|
|
1167
1167
|
return new ClientConfigurationError(errorCode);
|
|
1168
1168
|
}
|
|
1169
1169
|
|
|
1170
|
-
/*! @azure/msal-common v15.
|
|
1170
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1171
1171
|
/*
|
|
1172
1172
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1173
1173
|
* Licensed under the MIT License.
|
|
@@ -1262,9 +1262,48 @@
|
|
|
1262
1262
|
.replace(/\?/g, "\\?"));
|
|
1263
1263
|
return regex.test(input);
|
|
1264
1264
|
}
|
|
1265
|
+
/**
|
|
1266
|
+
* Tests if a given string matches a given pattern using stricter, anchored matching semantics.
|
|
1267
|
+
*
|
|
1268
|
+
* Differences from `matchPattern` (legacy):
|
|
1269
|
+
* - All regex metacharacters (including `.`) in the pattern are treated as literals,
|
|
1270
|
+
* so `example.com` matches only `example.com` and not `exampleXcom`.
|
|
1271
|
+
* - The generated regex is anchored with `^` and `$` so partial/substring matches
|
|
1272
|
+
* are not allowed.
|
|
1273
|
+
* - `*` is the only supported wildcard. Its behaviour depends on the URL component:
|
|
1274
|
+
* - `host` component: `*` matches any sequence of characters that does NOT include
|
|
1275
|
+
* a dot (`.`), keeping wildcards within a single DNS label boundary.
|
|
1276
|
+
* - All other components: `*` matches any sequence of characters (including `/`).
|
|
1277
|
+
*
|
|
1278
|
+
* @param pattern - The `protectedResourceMap` key pattern to match against. `*` is a
|
|
1279
|
+
* multi-character wildcard; all other characters are treated as literals.
|
|
1280
|
+
* @param input - The URL component value (e.g. host, pathname) extracted from the
|
|
1281
|
+
* outgoing request URL to test against the pattern.
|
|
1282
|
+
* @param options - Optional. Provide `component` to enable component-aware wildcard
|
|
1283
|
+
* semantics. Accepted values: `"host"`, `"path"`, `"protocol"`, `"search"`,
|
|
1284
|
+
* `"hash"`. Defaults to path-style (permissive) matching when omitted.
|
|
1285
|
+
* @returns `true` if the full input string matches the pattern; `false` otherwise.
|
|
1286
|
+
*/
|
|
1287
|
+
static matchPatternStrict(pattern, input, options) {
|
|
1288
|
+
const component = options?.component;
|
|
1289
|
+
// Step 1: Escape all regex special characters so literals are matched literally.
|
|
1290
|
+
let regexBody = pattern.replace(/[.+^${}()|[\]\\*?]/g, "\\$&");
|
|
1291
|
+
// Step 2: Replace the escaped '*' with its component-aware regex equivalent.
|
|
1292
|
+
if (component === "host") {
|
|
1293
|
+
regexBody = regexBody.replace(/\\\*/g, "[^.]*");
|
|
1294
|
+
}
|
|
1295
|
+
else {
|
|
1296
|
+
// PATH, PROTOCOL, SEARCH, HASH, or unspecified: '*' matches any characters.
|
|
1297
|
+
regexBody = regexBody.replace(/\\\*/g, ".*");
|
|
1298
|
+
}
|
|
1299
|
+
// Step 3: Anchor for full-string matching.
|
|
1300
|
+
// eslint-disable-next-line security/detect-non-literal-regexp
|
|
1301
|
+
const regex = new RegExp(`^${regexBody}$`);
|
|
1302
|
+
return regex.test(input);
|
|
1303
|
+
}
|
|
1265
1304
|
}
|
|
1266
1305
|
|
|
1267
|
-
/*! @azure/msal-common v15.
|
|
1306
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1268
1307
|
|
|
1269
1308
|
/*
|
|
1270
1309
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1459,7 +1498,7 @@
|
|
|
1459
1498
|
}
|
|
1460
1499
|
}
|
|
1461
1500
|
|
|
1462
|
-
/*! @azure/msal-common v15.
|
|
1501
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1463
1502
|
|
|
1464
1503
|
/*
|
|
1465
1504
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1499,7 +1538,7 @@
|
|
|
1499
1538
|
};
|
|
1500
1539
|
}
|
|
1501
1540
|
|
|
1502
|
-
/*! @azure/msal-common v15.
|
|
1541
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1503
1542
|
/*
|
|
1504
1543
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1505
1544
|
* Licensed under the MIT License.
|
|
@@ -1581,7 +1620,7 @@
|
|
|
1581
1620
|
return updatedAccountInfo;
|
|
1582
1621
|
}
|
|
1583
1622
|
|
|
1584
|
-
/*! @azure/msal-common v15.
|
|
1623
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1585
1624
|
/*
|
|
1586
1625
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1587
1626
|
* Licensed under the MIT License.
|
|
@@ -1596,7 +1635,7 @@
|
|
|
1596
1635
|
Ciam: 3,
|
|
1597
1636
|
};
|
|
1598
1637
|
|
|
1599
|
-
/*! @azure/msal-common v15.
|
|
1638
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1600
1639
|
/*
|
|
1601
1640
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1602
1641
|
* Licensed under the MIT License.
|
|
@@ -1618,7 +1657,7 @@
|
|
|
1618
1657
|
return null;
|
|
1619
1658
|
}
|
|
1620
1659
|
|
|
1621
|
-
/*! @azure/msal-common v15.
|
|
1660
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1622
1661
|
/*
|
|
1623
1662
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1624
1663
|
* Licensed under the MIT License.
|
|
@@ -1642,7 +1681,7 @@
|
|
|
1642
1681
|
EAR: "EAR",
|
|
1643
1682
|
};
|
|
1644
1683
|
|
|
1645
|
-
/*! @azure/msal-common v15.
|
|
1684
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1646
1685
|
|
|
1647
1686
|
/*
|
|
1648
1687
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1877,7 +1916,7 @@
|
|
|
1877
1916
|
}
|
|
1878
1917
|
}
|
|
1879
1918
|
|
|
1880
|
-
/*! @azure/msal-common v15.
|
|
1919
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1881
1920
|
|
|
1882
1921
|
/*
|
|
1883
1922
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1958,7 +1997,7 @@
|
|
|
1958
1997
|
}
|
|
1959
1998
|
}
|
|
1960
1999
|
|
|
1961
|
-
/*! @azure/msal-common v15.
|
|
2000
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1962
2001
|
|
|
1963
2002
|
/*
|
|
1964
2003
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2074,7 +2113,7 @@
|
|
|
2074
2113
|
}
|
|
2075
2114
|
}
|
|
2076
2115
|
|
|
2077
|
-
/*! @azure/msal-common v15.
|
|
2116
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
2078
2117
|
|
|
2079
2118
|
/*
|
|
2080
2119
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2238,7 +2277,7 @@
|
|
|
2238
2277
|
}
|
|
2239
2278
|
}
|
|
2240
2279
|
|
|
2241
|
-
/*! @azure/msal-common v15.
|
|
2280
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
2242
2281
|
|
|
2243
2282
|
/*
|
|
2244
2283
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2413,7 +2452,7 @@
|
|
|
2413
2452
|
return null;
|
|
2414
2453
|
}
|
|
2415
2454
|
|
|
2416
|
-
/*! @azure/msal-common v15.
|
|
2455
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
2417
2456
|
/*
|
|
2418
2457
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2419
2458
|
* Licensed under the MIT License.
|
|
@@ -2421,7 +2460,7 @@
|
|
|
2421
2460
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2422
2461
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2423
2462
|
|
|
2424
|
-
/*! @azure/msal-common v15.
|
|
2463
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
2425
2464
|
|
|
2426
2465
|
/*
|
|
2427
2466
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2466,7 +2505,7 @@
|
|
|
2466
2505
|
}
|
|
2467
2506
|
}
|
|
2468
2507
|
|
|
2469
|
-
/*! @azure/msal-common v15.
|
|
2508
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
2470
2509
|
|
|
2471
2510
|
/*
|
|
2472
2511
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3577,7 +3616,7 @@
|
|
|
3577
3616
|
}
|
|
3578
3617
|
}
|
|
3579
3618
|
|
|
3580
|
-
/*! @azure/msal-common v15.
|
|
3619
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
3581
3620
|
/*
|
|
3582
3621
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3583
3622
|
* Licensed under the MIT License.
|
|
@@ -3839,6 +3878,11 @@
|
|
|
3839
3878
|
LoadIdToken: "loadIdToken",
|
|
3840
3879
|
LoadAccessToken: "loadAccessToken",
|
|
3841
3880
|
LoadRefreshToken: "loadRefreshToken",
|
|
3881
|
+
/**
|
|
3882
|
+
* SSO capability verification call (msal-browser).
|
|
3883
|
+
* Fire-and-forget SSO verification call made after interactive authentication completes.
|
|
3884
|
+
*/
|
|
3885
|
+
SsoCapable: "ssoCapable",
|
|
3842
3886
|
};
|
|
3843
3887
|
const PerformanceEventAbbreviations = new Map([
|
|
3844
3888
|
[PerformanceEvents.AcquireTokenByCode, "ATByCode"],
|
|
@@ -4066,6 +4110,7 @@
|
|
|
4066
4110
|
[PerformanceEvents.Decrypt, "decrypt"],
|
|
4067
4111
|
[PerformanceEvents.GenerateEarKey, "genEarKey"],
|
|
4068
4112
|
[PerformanceEvents.DecryptEarResponse, "decryptEarResp"],
|
|
4113
|
+
[PerformanceEvents.SsoCapable, "SsoCapable"],
|
|
4069
4114
|
]);
|
|
4070
4115
|
/**
|
|
4071
4116
|
* State of the performance event.
|
|
@@ -4102,9 +4147,14 @@
|
|
|
4102
4147
|
"currRefreshCount",
|
|
4103
4148
|
"expiredCacheRemovedCount",
|
|
4104
4149
|
"upgradedCacheCount",
|
|
4150
|
+
"networkRtt",
|
|
4151
|
+
"iframePollIntervalMs",
|
|
4152
|
+
"iframeTimeoutMs",
|
|
4153
|
+
"iframeTickCount",
|
|
4154
|
+
"crossOriginTickCount",
|
|
4105
4155
|
]);
|
|
4106
4156
|
|
|
4107
|
-
/*! @azure/msal-common v15.
|
|
4157
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4108
4158
|
|
|
4109
4159
|
/*
|
|
4110
4160
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4183,7 +4233,7 @@
|
|
|
4183
4233
|
}
|
|
4184
4234
|
}
|
|
4185
4235
|
|
|
4186
|
-
/*! @azure/msal-common v15.
|
|
4236
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4187
4237
|
|
|
4188
4238
|
/*
|
|
4189
4239
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4283,7 +4333,7 @@
|
|
|
4283
4333
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
4284
4334
|
}
|
|
4285
4335
|
|
|
4286
|
-
/*! @azure/msal-common v15.
|
|
4336
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4287
4337
|
/*
|
|
4288
4338
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4289
4339
|
* Licensed under the MIT License.
|
|
@@ -4293,7 +4343,7 @@
|
|
|
4293
4343
|
UPN: "UPN",
|
|
4294
4344
|
};
|
|
4295
4345
|
|
|
4296
|
-
/*! @azure/msal-common v15.
|
|
4346
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4297
4347
|
/*
|
|
4298
4348
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4299
4349
|
* Licensed under the MIT License.
|
|
@@ -4343,7 +4393,7 @@
|
|
|
4343
4393
|
const EAR_JWK = "ear_jwk";
|
|
4344
4394
|
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
4345
4395
|
|
|
4346
|
-
/*! @azure/msal-common v15.
|
|
4396
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4347
4397
|
|
|
4348
4398
|
/*
|
|
4349
4399
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4723,7 +4773,7 @@
|
|
|
4723
4773
|
});
|
|
4724
4774
|
}
|
|
4725
4775
|
|
|
4726
|
-
/*! @azure/msal-common v15.
|
|
4776
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4727
4777
|
/*
|
|
4728
4778
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4729
4779
|
* Licensed under the MIT License.
|
|
@@ -4735,7 +4785,7 @@
|
|
|
4735
4785
|
response.hasOwnProperty("jwks_uri"));
|
|
4736
4786
|
}
|
|
4737
4787
|
|
|
4738
|
-
/*! @azure/msal-common v15.
|
|
4788
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4739
4789
|
/*
|
|
4740
4790
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4741
4791
|
* Licensed under the MIT License.
|
|
@@ -4745,7 +4795,7 @@
|
|
|
4745
4795
|
response.hasOwnProperty("metadata"));
|
|
4746
4796
|
}
|
|
4747
4797
|
|
|
4748
|
-
/*! @azure/msal-common v15.
|
|
4798
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4749
4799
|
/*
|
|
4750
4800
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4751
4801
|
* Licensed under the MIT License.
|
|
@@ -4755,7 +4805,7 @@
|
|
|
4755
4805
|
response.hasOwnProperty("error_description"));
|
|
4756
4806
|
}
|
|
4757
4807
|
|
|
4758
|
-
/*! @azure/msal-common v15.
|
|
4808
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4759
4809
|
/*
|
|
4760
4810
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4761
4811
|
* Licensed under the MIT License.
|
|
@@ -4851,7 +4901,7 @@
|
|
|
4851
4901
|
};
|
|
4852
4902
|
};
|
|
4853
4903
|
|
|
4854
|
-
/*! @azure/msal-common v15.
|
|
4904
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4855
4905
|
|
|
4856
4906
|
/*
|
|
4857
4907
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4957,7 +5007,7 @@
|
|
|
4957
5007
|
},
|
|
4958
5008
|
};
|
|
4959
5009
|
|
|
4960
|
-
/*! @azure/msal-common v15.
|
|
5010
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4961
5011
|
/*
|
|
4962
5012
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4963
5013
|
* Licensed under the MIT License.
|
|
@@ -5022,7 +5072,7 @@
|
|
|
5022
5072
|
return cachedAtSec > nowSeconds();
|
|
5023
5073
|
}
|
|
5024
5074
|
|
|
5025
|
-
/*! @azure/msal-common v15.
|
|
5075
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5026
5076
|
|
|
5027
5077
|
/*
|
|
5028
5078
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5284,7 +5334,7 @@
|
|
|
5284
5334
|
return metadata.expiresAt <= nowSeconds();
|
|
5285
5335
|
}
|
|
5286
5336
|
|
|
5287
|
-
/*! @azure/msal-common v15.
|
|
5337
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5288
5338
|
|
|
5289
5339
|
/*
|
|
5290
5340
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6123,7 +6173,7 @@
|
|
|
6123
6173
|
};
|
|
6124
6174
|
}
|
|
6125
6175
|
|
|
6126
|
-
/*! @azure/msal-common v15.
|
|
6176
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6127
6177
|
|
|
6128
6178
|
/*
|
|
6129
6179
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6154,7 +6204,7 @@
|
|
|
6154
6204
|
}
|
|
6155
6205
|
}
|
|
6156
6206
|
|
|
6157
|
-
/*! @azure/msal-common v15.
|
|
6207
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6158
6208
|
|
|
6159
6209
|
/*
|
|
6160
6210
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6173,7 +6223,7 @@
|
|
|
6173
6223
|
}
|
|
6174
6224
|
}
|
|
6175
6225
|
|
|
6176
|
-
/*! @azure/msal-common v15.
|
|
6226
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6177
6227
|
/*
|
|
6178
6228
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6179
6229
|
* Licensed under the MIT License.
|
|
@@ -6194,7 +6244,7 @@
|
|
|
6194
6244
|
};
|
|
6195
6245
|
}
|
|
6196
6246
|
|
|
6197
|
-
/*! @azure/msal-common v15.
|
|
6247
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6198
6248
|
|
|
6199
6249
|
/*
|
|
6200
6250
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6281,7 +6331,7 @@
|
|
|
6281
6331
|
}
|
|
6282
6332
|
}
|
|
6283
6333
|
|
|
6284
|
-
/*! @azure/msal-common v15.
|
|
6334
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6285
6335
|
|
|
6286
6336
|
/*
|
|
6287
6337
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6312,7 +6362,7 @@
|
|
|
6312
6362
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
6313
6363
|
}
|
|
6314
6364
|
|
|
6315
|
-
/*! @azure/msal-common v15.
|
|
6365
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6316
6366
|
|
|
6317
6367
|
/*
|
|
6318
6368
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6460,27 +6510,63 @@
|
|
|
6460
6510
|
}
|
|
6461
6511
|
}
|
|
6462
6512
|
|
|
6463
|
-
/*! @azure/msal-common v15.
|
|
6513
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6464
6514
|
/*
|
|
6465
6515
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6466
6516
|
* Licensed under the MIT License.
|
|
6467
6517
|
*/
|
|
6468
|
-
|
|
6518
|
+
/**
|
|
6519
|
+
* MSAL-defined interaction required error code indicating no tokens are found in cache.
|
|
6520
|
+
* @public
|
|
6521
|
+
*/
|
|
6469
6522
|
const noTokensFound = "no_tokens_found";
|
|
6523
|
+
/**
|
|
6524
|
+
* MSAL-defined error code indicating a native account is unavailable on the platform.
|
|
6525
|
+
* @public
|
|
6526
|
+
*/
|
|
6470
6527
|
const nativeAccountUnavailable = "native_account_unavailable";
|
|
6528
|
+
/**
|
|
6529
|
+
* MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
|
|
6530
|
+
* @public
|
|
6531
|
+
*/
|
|
6471
6532
|
const refreshTokenExpired = "refresh_token_expired";
|
|
6533
|
+
/**
|
|
6534
|
+
* MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
|
|
6535
|
+
* @public
|
|
6536
|
+
*/
|
|
6472
6537
|
const uxNotAllowed = "ux_not_allowed";
|
|
6473
|
-
|
|
6538
|
+
/**
|
|
6539
|
+
* Server-originated error code indicating interaction is required to complete the request.
|
|
6540
|
+
* @public
|
|
6541
|
+
*/
|
|
6474
6542
|
const interactionRequired = "interaction_required";
|
|
6543
|
+
/**
|
|
6544
|
+
* Server-originated error code indicating user consent is required.
|
|
6545
|
+
* @public
|
|
6546
|
+
*/
|
|
6475
6547
|
const consentRequired = "consent_required";
|
|
6548
|
+
/**
|
|
6549
|
+
* Server-originated error code indicating user login is required.
|
|
6550
|
+
* @public
|
|
6551
|
+
*/
|
|
6476
6552
|
const loginRequired = "login_required";
|
|
6477
|
-
|
|
6553
|
+
/**
|
|
6554
|
+
* Server-originated error code indicating the token is invalid or corrupted.
|
|
6555
|
+
* @public
|
|
6556
|
+
*/
|
|
6557
|
+
const badToken = "bad_token";
|
|
6558
|
+
/**
|
|
6559
|
+
* Server-originated error code indicating the user was interrupted and must reattempt the flow.
|
|
6560
|
+
* @public
|
|
6561
|
+
*/
|
|
6562
|
+
const interruptedUser = "interrupted_user";
|
|
6478
6563
|
|
|
6479
6564
|
var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
6480
6565
|
__proto__: null,
|
|
6481
6566
|
badToken: badToken,
|
|
6482
6567
|
consentRequired: consentRequired,
|
|
6483
6568
|
interactionRequired: interactionRequired,
|
|
6569
|
+
interruptedUser: interruptedUser,
|
|
6484
6570
|
loginRequired: loginRequired,
|
|
6485
6571
|
nativeAccountUnavailable: nativeAccountUnavailable,
|
|
6486
6572
|
noTokensFound: noTokensFound,
|
|
@@ -6488,7 +6574,7 @@
|
|
|
6488
6574
|
uxNotAllowed: uxNotAllowed
|
|
6489
6575
|
});
|
|
6490
6576
|
|
|
6491
|
-
/*! @azure/msal-common v15.
|
|
6577
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6492
6578
|
|
|
6493
6579
|
/*
|
|
6494
6580
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6503,6 +6589,7 @@
|
|
|
6503
6589
|
loginRequired,
|
|
6504
6590
|
badToken,
|
|
6505
6591
|
uxNotAllowed,
|
|
6592
|
+
interruptedUser,
|
|
6506
6593
|
];
|
|
6507
6594
|
const InteractionRequiredAuthSubErrorMessage = [
|
|
6508
6595
|
"message_only",
|
|
@@ -6511,6 +6598,7 @@
|
|
|
6511
6598
|
"user_password_expired",
|
|
6512
6599
|
"consent_required",
|
|
6513
6600
|
"bad_token",
|
|
6601
|
+
"interrupted_user",
|
|
6514
6602
|
];
|
|
6515
6603
|
const InteractionRequiredAuthErrorMessages = {
|
|
6516
6604
|
[noTokensFound]: "No refresh token found in the cache. Please sign-in.",
|
|
@@ -6518,6 +6606,7 @@
|
|
|
6518
6606
|
[refreshTokenExpired]: "Refresh token has expired.",
|
|
6519
6607
|
[badToken]: "Identity provider returned bad_token due to an expired or invalid refresh token. Please invoke an interactive API to resolve.",
|
|
6520
6608
|
[uxNotAllowed]: "`canShowUI` flag in Edge was set to false. User interaction required on web page. Please invoke an interactive API to resolve.",
|
|
6609
|
+
[interruptedUser]: "The user could not be authenticated due to an interrupted state. Please invoke an interactive API to resolve.",
|
|
6521
6610
|
};
|
|
6522
6611
|
/**
|
|
6523
6612
|
* Interaction required errors defined by the SDK
|
|
@@ -6536,6 +6625,10 @@
|
|
|
6536
6625
|
code: badToken,
|
|
6537
6626
|
desc: InteractionRequiredAuthErrorMessages[badToken],
|
|
6538
6627
|
},
|
|
6628
|
+
interrupted_user: {
|
|
6629
|
+
code: interruptedUser,
|
|
6630
|
+
desc: InteractionRequiredAuthErrorMessages[interruptedUser],
|
|
6631
|
+
},
|
|
6539
6632
|
};
|
|
6540
6633
|
/**
|
|
6541
6634
|
* Error thrown when user interaction is required.
|
|
@@ -6578,7 +6671,7 @@
|
|
|
6578
6671
|
return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
|
|
6579
6672
|
}
|
|
6580
6673
|
|
|
6581
|
-
/*! @azure/msal-common v15.
|
|
6674
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6582
6675
|
|
|
6583
6676
|
/*
|
|
6584
6677
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6650,7 +6743,7 @@
|
|
|
6650
6743
|
}
|
|
6651
6744
|
}
|
|
6652
6745
|
|
|
6653
|
-
/*! @azure/msal-common v15.
|
|
6746
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6654
6747
|
|
|
6655
6748
|
/*
|
|
6656
6749
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6732,7 +6825,7 @@
|
|
|
6732
6825
|
}
|
|
6733
6826
|
}
|
|
6734
6827
|
|
|
6735
|
-
/*! @azure/msal-common v15.
|
|
6828
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6736
6829
|
/*
|
|
6737
6830
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6738
6831
|
* Licensed under the MIT License.
|
|
@@ -6759,7 +6852,7 @@
|
|
|
6759
6852
|
}
|
|
6760
6853
|
}
|
|
6761
6854
|
|
|
6762
|
-
/*! @azure/msal-common v15.
|
|
6855
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6763
6856
|
|
|
6764
6857
|
/*
|
|
6765
6858
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7098,7 +7191,7 @@
|
|
|
7098
7191
|
return baseAccount;
|
|
7099
7192
|
}
|
|
7100
7193
|
|
|
7101
|
-
/*! @azure/msal-common v15.
|
|
7194
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7102
7195
|
/*
|
|
7103
7196
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7104
7197
|
* Licensed under the MIT License.
|
|
@@ -7116,7 +7209,7 @@
|
|
|
7116
7209
|
}
|
|
7117
7210
|
}
|
|
7118
7211
|
|
|
7119
|
-
/*! @azure/msal-common v15.
|
|
7212
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7120
7213
|
|
|
7121
7214
|
/*
|
|
7122
7215
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7265,11 +7358,6 @@
|
|
|
7265
7358
|
throw createClientConfigurationError(missingSshJwk);
|
|
7266
7359
|
}
|
|
7267
7360
|
}
|
|
7268
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
7269
|
-
(this.config.authOptions.clientCapabilities &&
|
|
7270
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
7271
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
7272
|
-
}
|
|
7273
7361
|
let ccsCred = undefined;
|
|
7274
7362
|
if (request.clientInfo) {
|
|
7275
7363
|
try {
|
|
@@ -7319,6 +7407,15 @@
|
|
|
7319
7407
|
});
|
|
7320
7408
|
}
|
|
7321
7409
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
7410
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
7411
|
+
const configClaims = request.skipBrokerClaims &&
|
|
7412
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
7413
|
+
? undefined
|
|
7414
|
+
: this.config.authOptions.clientCapabilities;
|
|
7415
|
+
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
7416
|
+
(configClaims && configClaims.length > 0)) {
|
|
7417
|
+
addClaims(parameters, request.claims, configClaims);
|
|
7418
|
+
}
|
|
7322
7419
|
return mapToQueryString(parameters);
|
|
7323
7420
|
}
|
|
7324
7421
|
/**
|
|
@@ -7352,7 +7449,7 @@
|
|
|
7352
7449
|
}
|
|
7353
7450
|
}
|
|
7354
7451
|
|
|
7355
|
-
/*! @azure/msal-common v15.
|
|
7452
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7356
7453
|
|
|
7357
7454
|
/*
|
|
7358
7455
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7530,11 +7627,6 @@
|
|
|
7530
7627
|
throw createClientConfigurationError(missingSshJwk);
|
|
7531
7628
|
}
|
|
7532
7629
|
}
|
|
7533
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
7534
|
-
(this.config.authOptions.clientCapabilities &&
|
|
7535
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
7536
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
7537
|
-
}
|
|
7538
7630
|
if (this.config.systemOptions.preventCorsPreflight &&
|
|
7539
7631
|
request.ccsCredential) {
|
|
7540
7632
|
switch (request.ccsCredential.type) {
|
|
@@ -7560,11 +7652,20 @@
|
|
|
7560
7652
|
addExtraQueryParameters(parameters, request.tokenBodyParameters);
|
|
7561
7653
|
}
|
|
7562
7654
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
7655
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
7656
|
+
const configClaims = request.skipBrokerClaims &&
|
|
7657
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
7658
|
+
? undefined
|
|
7659
|
+
: this.config.authOptions.clientCapabilities;
|
|
7660
|
+
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
7661
|
+
(configClaims && configClaims.length > 0)) {
|
|
7662
|
+
addClaims(parameters, request.claims, configClaims);
|
|
7663
|
+
}
|
|
7563
7664
|
return mapToQueryString(parameters);
|
|
7564
7665
|
}
|
|
7565
7666
|
}
|
|
7566
7667
|
|
|
7567
|
-
/*! @azure/msal-common v15.
|
|
7668
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7568
7669
|
|
|
7569
7670
|
/*
|
|
7570
7671
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7662,7 +7763,7 @@
|
|
|
7662
7763
|
}
|
|
7663
7764
|
}
|
|
7664
7765
|
|
|
7665
|
-
/*! @azure/msal-common v15.
|
|
7766
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7666
7767
|
|
|
7667
7768
|
/*
|
|
7668
7769
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7677,7 +7778,7 @@
|
|
|
7677
7778
|
},
|
|
7678
7779
|
};
|
|
7679
7780
|
|
|
7680
|
-
/*! @azure/msal-common v15.
|
|
7781
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7681
7782
|
|
|
7682
7783
|
/*
|
|
7683
7784
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7798,14 +7899,17 @@
|
|
|
7798
7899
|
if (request.state) {
|
|
7799
7900
|
addState(parameters, request.state);
|
|
7800
7901
|
}
|
|
7801
|
-
if (request.claims ||
|
|
7802
|
-
(authOptions.clientCapabilities &&
|
|
7803
|
-
authOptions.clientCapabilities.length > 0)) {
|
|
7804
|
-
addClaims(parameters, request.claims, authOptions.clientCapabilities);
|
|
7805
|
-
}
|
|
7806
7902
|
if (request.embeddedClientId) {
|
|
7807
7903
|
addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
|
|
7808
7904
|
}
|
|
7905
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
7906
|
+
const configClaims = request.skipBrokerClaims &&
|
|
7907
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
7908
|
+
? undefined
|
|
7909
|
+
: authOptions.clientCapabilities;
|
|
7910
|
+
if (request.claims || (configClaims && configClaims.length > 0)) {
|
|
7911
|
+
addClaims(parameters, request.claims, configClaims);
|
|
7912
|
+
}
|
|
7809
7913
|
// If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
|
|
7810
7914
|
if (authOptions.instanceAware &&
|
|
7811
7915
|
(!request.extraQueryParameters ||
|
|
@@ -7901,7 +8005,7 @@
|
|
|
7901
8005
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
7902
8006
|
}
|
|
7903
8007
|
|
|
7904
|
-
/*! @azure/msal-common v15.
|
|
8008
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7905
8009
|
|
|
7906
8010
|
/*
|
|
7907
8011
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7959,7 +8063,7 @@
|
|
|
7959
8063
|
}
|
|
7960
8064
|
}
|
|
7961
8065
|
|
|
7962
|
-
/*! @azure/msal-common v15.
|
|
8066
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7963
8067
|
|
|
7964
8068
|
/*
|
|
7965
8069
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8222,7 +8326,7 @@
|
|
|
8222
8326
|
}
|
|
8223
8327
|
}
|
|
8224
8328
|
|
|
8225
|
-
/*! @azure/msal-common v15.
|
|
8329
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
8226
8330
|
/*
|
|
8227
8331
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8228
8332
|
* Licensed under the MIT License.
|
|
@@ -8230,7 +8334,7 @@
|
|
|
8230
8334
|
const missingKidError = "missing_kid_error";
|
|
8231
8335
|
const missingAlgError = "missing_alg_error";
|
|
8232
8336
|
|
|
8233
|
-
/*! @azure/msal-common v15.
|
|
8337
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
8234
8338
|
|
|
8235
8339
|
/*
|
|
8236
8340
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8255,7 +8359,7 @@
|
|
|
8255
8359
|
return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
|
|
8256
8360
|
}
|
|
8257
8361
|
|
|
8258
|
-
/*! @azure/msal-common v15.
|
|
8362
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
8259
8363
|
|
|
8260
8364
|
/*
|
|
8261
8365
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8295,7 +8399,7 @@
|
|
|
8295
8399
|
}
|
|
8296
8400
|
}
|
|
8297
8401
|
|
|
8298
|
-
/*! @azure/msal-common v15.
|
|
8402
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
8299
8403
|
|
|
8300
8404
|
/*
|
|
8301
8405
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -10348,6 +10452,7 @@
|
|
|
10348
10452
|
supportsNestedAppAuth: false,
|
|
10349
10453
|
instanceAware: false,
|
|
10350
10454
|
encodeExtraQueryParams: false,
|
|
10455
|
+
verifySSO: false,
|
|
10351
10456
|
};
|
|
10352
10457
|
// Default cache options for browser
|
|
10353
10458
|
const DEFAULT_CACHE_OPTIONS = {
|
|
@@ -10436,7 +10541,7 @@
|
|
|
10436
10541
|
|
|
10437
10542
|
/* eslint-disable header/header */
|
|
10438
10543
|
const name = "@azure/msal-browser";
|
|
10439
|
-
const version = "4.
|
|
10544
|
+
const version = "4.29.1";
|
|
10440
10545
|
|
|
10441
10546
|
/*
|
|
10442
10547
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -13909,6 +14014,10 @@
|
|
|
13909
14014
|
async initializeAuthorizationRequest(request, interactionType) {
|
|
13910
14015
|
this.performanceClient.addQueueMeasurement(PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.correlationId);
|
|
13911
14016
|
const redirectUri = this.getRedirectUri(request.redirectUri);
|
|
14017
|
+
if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
|
|
14018
|
+
this.logger.warning("The origin of the redirect URI does not match the origin of the current page. This is likely to cause issues with authentication.", this.correlationId);
|
|
14019
|
+
this.performanceClient.addFields({ isRedirectUriCrossOrigin: true }, this.correlationId);
|
|
14020
|
+
}
|
|
13912
14021
|
const browserState = {
|
|
13913
14022
|
interactionType: interactionType,
|
|
13914
14023
|
};
|
|
@@ -15519,14 +15628,28 @@
|
|
|
15519
15628
|
return nativeResponse;
|
|
15520
15629
|
}
|
|
15521
15630
|
getDOMExtraParams(extraParameters) {
|
|
15522
|
-
|
|
15523
|
-
|
|
15524
|
-
|
|
15525
|
-
|
|
15526
|
-
|
|
15527
|
-
|
|
15528
|
-
|
|
15529
|
-
|
|
15631
|
+
try {
|
|
15632
|
+
const stringifiedProperties = {};
|
|
15633
|
+
for (const [key, value] of Object.entries(extraParameters)) {
|
|
15634
|
+
if (!value) {
|
|
15635
|
+
continue;
|
|
15636
|
+
}
|
|
15637
|
+
if (typeof value === "object") {
|
|
15638
|
+
stringifiedProperties[key] = JSON.stringify(value);
|
|
15639
|
+
}
|
|
15640
|
+
else {
|
|
15641
|
+
stringifiedProperties[key] = String(value);
|
|
15642
|
+
}
|
|
15643
|
+
}
|
|
15644
|
+
return stringifiedProperties;
|
|
15645
|
+
}
|
|
15646
|
+
catch (e) {
|
|
15647
|
+
this.logger.error(this.platformAuthType + " - Error stringifying extra parameters");
|
|
15648
|
+
this.logger.errorPii(this.platformAuthType +
|
|
15649
|
+
" - Error stringifying extra parameters: " +
|
|
15650
|
+
e);
|
|
15651
|
+
return {};
|
|
15652
|
+
}
|
|
15530
15653
|
}
|
|
15531
15654
|
}
|
|
15532
15655
|
|
|
@@ -16593,6 +16716,12 @@
|
|
|
16593
16716
|
*/
|
|
16594
16717
|
async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, performanceClient, logger, correlationId, responseType) {
|
|
16595
16718
|
performanceClient.addQueueMeasurement(PerformanceEvents.SilentHandlerMonitorIframeForHash, correlationId);
|
|
16719
|
+
performanceClient.addFields({
|
|
16720
|
+
iframePollIntervalMs: pollIntervalMilliseconds,
|
|
16721
|
+
iframeTimeoutMs: timeout,
|
|
16722
|
+
}, correlationId);
|
|
16723
|
+
let totalTickCount = 0;
|
|
16724
|
+
let crossOriginTickCount = 0;
|
|
16596
16725
|
return new Promise((resolve, reject) => {
|
|
16597
16726
|
if (timeout < DEFAULT_IFRAME_TIMEOUT_MS) {
|
|
16598
16727
|
logger.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${timeout}ms) than the default (${DEFAULT_IFRAME_TIMEOUT_MS}ms). This may result in timeouts.`);
|
|
@@ -16606,6 +16735,7 @@
|
|
|
16606
16735
|
reject(createBrowserAuthError(monitorWindowTimeout));
|
|
16607
16736
|
}, timeout);
|
|
16608
16737
|
const intervalId = window.setInterval(() => {
|
|
16738
|
+
totalTickCount++;
|
|
16609
16739
|
let href = "";
|
|
16610
16740
|
const contentWindow = iframe.contentWindow;
|
|
16611
16741
|
try {
|
|
@@ -16616,7 +16746,9 @@
|
|
|
16616
16746
|
*/
|
|
16617
16747
|
href = contentWindow ? contentWindow.location.href : "";
|
|
16618
16748
|
}
|
|
16619
|
-
catch (e) {
|
|
16749
|
+
catch (e) {
|
|
16750
|
+
crossOriginTickCount++;
|
|
16751
|
+
}
|
|
16620
16752
|
if (!href || href === "about:blank") {
|
|
16621
16753
|
return;
|
|
16622
16754
|
}
|
|
@@ -16634,6 +16766,10 @@
|
|
|
16634
16766
|
resolve(responseString);
|
|
16635
16767
|
}, pollIntervalMilliseconds);
|
|
16636
16768
|
}).finally(() => {
|
|
16769
|
+
performanceClient.addFields({
|
|
16770
|
+
iframeTickCount: totalTickCount,
|
|
16771
|
+
crossOriginTickCount: crossOriginTickCount,
|
|
16772
|
+
}, correlationId);
|
|
16637
16773
|
invoke(removeHiddenIframe, PerformanceEvents.RemoveHiddenIframe, logger, performanceClient, correlationId)(iframe);
|
|
16638
16774
|
});
|
|
16639
16775
|
}
|
|
@@ -16821,6 +16957,52 @@
|
|
|
16821
16957
|
return invokeAsync(handleResponseEAR, PerformanceEvents.HandleResponseEar, this.logger, this.performanceClient, correlationId)(silentRequest, serverParams, this.apiId, this.config, discoveredAuthority, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
16822
16958
|
}
|
|
16823
16959
|
}
|
|
16960
|
+
/**
|
|
16961
|
+
* Verifies SSO capability by making an iframe request to /authorize without exchanging the code for tokens.
|
|
16962
|
+
* This is useful for verifying SSO capability in the background without the overhead of a full token exchange.
|
|
16963
|
+
* @param request - The SSO silent request
|
|
16964
|
+
* @returns true if SSO verification was successful with a valid authorization code, false otherwise
|
|
16965
|
+
*/
|
|
16966
|
+
async verifySso(request) {
|
|
16967
|
+
this.performanceClient.addQueueMeasurement(PerformanceEvents.SilentIframeClientAcquireToken, request.correlationId);
|
|
16968
|
+
const inputRequest = { ...request };
|
|
16969
|
+
if (!inputRequest.prompt) {
|
|
16970
|
+
inputRequest.prompt = PromptValue.NONE;
|
|
16971
|
+
}
|
|
16972
|
+
// Create silent request
|
|
16973
|
+
const silentRequest = await invokeAsync(this.initializeAuthorizationRequest.bind(this), PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.logger, this.performanceClient, request.correlationId)(inputRequest, exports.InteractionType.Silent);
|
|
16974
|
+
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), PerformanceEvents.StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, request.correlationId)({
|
|
16975
|
+
serverTelemetryManager: this.initializeServerTelemetryManager(this.apiId),
|
|
16976
|
+
requestAuthority: silentRequest.authority,
|
|
16977
|
+
requestAzureCloudOptions: silentRequest.azureCloudOptions,
|
|
16978
|
+
requestExtraQueryParameters: silentRequest.extraQueryParameters,
|
|
16979
|
+
account: silentRequest.account,
|
|
16980
|
+
});
|
|
16981
|
+
const correlationId = silentRequest.correlationId;
|
|
16982
|
+
const pkceCodes = await invokeAsync(generatePkceCodes, PerformanceEvents.GeneratePkceCodes, this.logger, this.performanceClient, correlationId)(this.performanceClient, this.logger, correlationId);
|
|
16983
|
+
const requestWithPkce = {
|
|
16984
|
+
...silentRequest,
|
|
16985
|
+
codeChallenge: pkceCodes.challenge,
|
|
16986
|
+
};
|
|
16987
|
+
// Create authorize request url
|
|
16988
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, requestWithPkce, this.logger, this.performanceClient);
|
|
16989
|
+
// Get the frame handle for the silent request - this triggers the SSO verification
|
|
16990
|
+
const msalFrame = await invokeAsync(initiateCodeRequest, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId, this.config.system.navigateFrameWait);
|
|
16991
|
+
const responseType = this.config.auth.OIDCOptions.serverResponseType;
|
|
16992
|
+
// Monitor the iframe for the response
|
|
16993
|
+
const responseString = await invokeAsync(monitorIframeForHash, PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(msalFrame, this.config.system.iframeHashTimeout, this.config.system.pollIntervalMilliseconds, this.performanceClient, this.logger, correlationId, responseType);
|
|
16994
|
+
// Deserialize the response
|
|
16995
|
+
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger);
|
|
16996
|
+
// Validate the response - this checks for errors and validates state
|
|
16997
|
+
validateAuthorizationResponse(serverParams, silentRequest.state);
|
|
16998
|
+
// Verify a valid authorization code is present
|
|
16999
|
+
if (!serverParams.code) {
|
|
17000
|
+
this.logger.warning("SSO verification response did not contain an authorization code", correlationId);
|
|
17001
|
+
return false;
|
|
17002
|
+
}
|
|
17003
|
+
this.logger.verbose("SSO verification completed successfully with valid authorization code - skipped token exchange", correlationId);
|
|
17004
|
+
return true;
|
|
17005
|
+
}
|
|
16824
17006
|
/**
|
|
16825
17007
|
* Currently Unsupported
|
|
16826
17008
|
*/
|
|
@@ -17215,6 +17397,22 @@
|
|
|
17215
17397
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
17216
17398
|
* Licensed under the MIT License.
|
|
17217
17399
|
*/
|
|
17400
|
+
/**
|
|
17401
|
+
* Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
|
|
17402
|
+
* @returns Network connection information, or an empty object if not available.
|
|
17403
|
+
*/
|
|
17404
|
+
function getNetworkInfo() {
|
|
17405
|
+
if (typeof window === "undefined" || !window.navigator) {
|
|
17406
|
+
return {};
|
|
17407
|
+
}
|
|
17408
|
+
const connection = "connection" in window.navigator
|
|
17409
|
+
? window.navigator.connection
|
|
17410
|
+
: undefined;
|
|
17411
|
+
return {
|
|
17412
|
+
effectiveType: connection?.effectiveType,
|
|
17413
|
+
rtt: connection?.rtt,
|
|
17414
|
+
};
|
|
17415
|
+
}
|
|
17218
17416
|
function collectInstanceStats(currentClientId, performanceEvent, logger) {
|
|
17219
17417
|
const frameInstances =
|
|
17220
17418
|
// @ts-ignore
|
|
@@ -17308,22 +17506,30 @@
|
|
|
17308
17506
|
this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto, this.performanceClient);
|
|
17309
17507
|
this.activeSilentTokenRequests = new Map();
|
|
17310
17508
|
// Register listener functions
|
|
17311
|
-
this.
|
|
17312
|
-
|
|
17313
|
-
this.trackPageVisibilityWithMeasurement =
|
|
17314
|
-
this.trackPageVisibilityWithMeasurement.bind(this);
|
|
17509
|
+
this.trackStateChangeWithMeasurement =
|
|
17510
|
+
this.trackStateChangeWithMeasurement.bind(this);
|
|
17315
17511
|
}
|
|
17316
17512
|
static async createController(operatingContext, request) {
|
|
17317
17513
|
const controller = new StandardController(operatingContext);
|
|
17318
17514
|
await controller.initialize(request);
|
|
17319
17515
|
return controller;
|
|
17320
17516
|
}
|
|
17321
|
-
|
|
17517
|
+
trackStateChange(correlationId, event) {
|
|
17322
17518
|
if (!correlationId) {
|
|
17323
17519
|
return;
|
|
17324
17520
|
}
|
|
17325
|
-
|
|
17326
|
-
|
|
17521
|
+
if (event.type === "visibilitychange") {
|
|
17522
|
+
this.logger.info("Perf: Visibility change detected");
|
|
17523
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
|
|
17524
|
+
}
|
|
17525
|
+
else if (event.type === "online") {
|
|
17526
|
+
this.logger.info("Perf: Online status change detected");
|
|
17527
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
17528
|
+
}
|
|
17529
|
+
else if (event.type === "offline") {
|
|
17530
|
+
this.logger.info("Perf: Offline status change detected");
|
|
17531
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
17532
|
+
}
|
|
17327
17533
|
}
|
|
17328
17534
|
/**
|
|
17329
17535
|
* Initializer function to perform async startup tasks such as connecting to WAM extension
|
|
@@ -17471,6 +17677,8 @@
|
|
|
17471
17677
|
rootMeasurement.end({
|
|
17472
17678
|
success: true,
|
|
17473
17679
|
}, undefined, result.account);
|
|
17680
|
+
// Fire-and-forget SSO capability verification in background
|
|
17681
|
+
this.verifySsoCapability(result.account, exports.InteractionType.Redirect);
|
|
17474
17682
|
}
|
|
17475
17683
|
else {
|
|
17476
17684
|
/*
|
|
@@ -17703,6 +17911,8 @@
|
|
|
17703
17911
|
accessTokenSize: result.accessToken.length,
|
|
17704
17912
|
idTokenSize: result.idToken.length,
|
|
17705
17913
|
}, undefined, result.account);
|
|
17914
|
+
// SSO capability verification in background
|
|
17915
|
+
this.verifySsoCapability(result.account, exports.InteractionType.Popup);
|
|
17706
17916
|
return result;
|
|
17707
17917
|
})
|
|
17708
17918
|
.catch((e) => {
|
|
@@ -17725,16 +17935,87 @@
|
|
|
17725
17935
|
}
|
|
17726
17936
|
});
|
|
17727
17937
|
}
|
|
17728
|
-
|
|
17938
|
+
trackStateChangeWithMeasurement(event) {
|
|
17729
17939
|
const measurement = this.ssoSilentMeasurement ||
|
|
17730
17940
|
this.acquireTokenByCodeAsyncMeasurement;
|
|
17731
17941
|
if (!measurement) {
|
|
17732
17942
|
return;
|
|
17733
17943
|
}
|
|
17734
|
-
|
|
17735
|
-
|
|
17736
|
-
|
|
17944
|
+
if (event.type === "visibilitychange") {
|
|
17945
|
+
this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
|
|
17946
|
+
measurement.increment({
|
|
17947
|
+
visibilityChangeCount: 1,
|
|
17948
|
+
});
|
|
17949
|
+
}
|
|
17950
|
+
else if (event.type === "online") {
|
|
17951
|
+
this.logger.info("Perf: Online status change detected in ", measurement.event.name);
|
|
17952
|
+
measurement.increment({
|
|
17953
|
+
onlineStatusChangeCount: 1,
|
|
17954
|
+
});
|
|
17955
|
+
}
|
|
17956
|
+
else if (event.type === "offline") {
|
|
17957
|
+
this.logger.info("Perf: Offline status change detected in ", measurement.event.name);
|
|
17958
|
+
measurement.increment({
|
|
17959
|
+
onlineStatusChangeCount: 1,
|
|
17960
|
+
});
|
|
17961
|
+
}
|
|
17962
|
+
}
|
|
17963
|
+
addStateChangeListeners(listener) {
|
|
17964
|
+
document.addEventListener("visibilitychange", listener);
|
|
17965
|
+
window.addEventListener("online", listener);
|
|
17966
|
+
window.addEventListener("offline", listener);
|
|
17967
|
+
}
|
|
17968
|
+
removeStateChangeListeners(listener) {
|
|
17969
|
+
document.removeEventListener("visibilitychange", listener);
|
|
17970
|
+
window.removeEventListener("online", listener);
|
|
17971
|
+
window.removeEventListener("offline", listener);
|
|
17972
|
+
}
|
|
17973
|
+
/**
|
|
17974
|
+
* SSO capability verification in the background.
|
|
17975
|
+
* This method makes an iframe request to /authorize to verify SSO capability without calling /token.
|
|
17976
|
+
* This method does not block the caller and tracks telemetry for success/failure.
|
|
17977
|
+
* This method only executes if verifySSO is set to true in the auth configuration.
|
|
17978
|
+
* @param account - The account to use for the SSO verification
|
|
17979
|
+
* @param parentApi - The API ID of the parent operation for logging purposes
|
|
17980
|
+
*/
|
|
17981
|
+
verifySsoCapability(account, parentApi) {
|
|
17982
|
+
// Check if SSO capability verification is enabled
|
|
17983
|
+
if (!this.config.auth.verifySSO) {
|
|
17984
|
+
return;
|
|
17985
|
+
}
|
|
17986
|
+
const correlationId = this.browserCrypto.createNewGuid();
|
|
17987
|
+
const ssoCapableMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.SsoCapable, correlationId);
|
|
17988
|
+
ssoCapableMeasurement.add({
|
|
17989
|
+
parentApi: parentApi,
|
|
17737
17990
|
});
|
|
17991
|
+
this.logger.verbose(`SSO capability verification initiated after ${parentApi}`, correlationId);
|
|
17992
|
+
/*
|
|
17993
|
+
* Use setTimeout to ensure this runs in a separate macrotask after the current call stack completes
|
|
17994
|
+
* This ensures the result is returned to the caller before the SSO verification starts and doesn't affect performance
|
|
17995
|
+
*/
|
|
17996
|
+
setTimeout(() => {
|
|
17997
|
+
const ssoVerificationRequest = {
|
|
17998
|
+
account: account,
|
|
17999
|
+
correlationId: correlationId,
|
|
18000
|
+
};
|
|
18001
|
+
const silentIframeClient = this.createSilentIframeClient(correlationId);
|
|
18002
|
+
silentIframeClient
|
|
18003
|
+
.verifySso(ssoVerificationRequest)
|
|
18004
|
+
.then((success) => {
|
|
18005
|
+
this.logger.verbose(`SSO capability verification completed after ${parentApi}, success: ${success}`, correlationId);
|
|
18006
|
+
ssoCapableMeasurement.end({
|
|
18007
|
+
fromCache: false,
|
|
18008
|
+
success: success,
|
|
18009
|
+
}, undefined, account);
|
|
18010
|
+
})
|
|
18011
|
+
.catch((error) => {
|
|
18012
|
+
this.logger.warning(`SSO capability verification failed after ${parentApi}: ${error.message}`, correlationId);
|
|
18013
|
+
ssoCapableMeasurement.end({
|
|
18014
|
+
fromCache: false,
|
|
18015
|
+
success: false,
|
|
18016
|
+
}, error, account);
|
|
18017
|
+
});
|
|
18018
|
+
}, 0);
|
|
17738
18019
|
}
|
|
17739
18020
|
// #endregion
|
|
17740
18021
|
// #region Silent Flow
|
|
@@ -17768,8 +18049,9 @@
|
|
|
17768
18049
|
preflightCheck(this.initialized, this.ssoSilentMeasurement, request.account);
|
|
17769
18050
|
this.ssoSilentMeasurement?.increment({
|
|
17770
18051
|
visibilityChangeCount: 0,
|
|
18052
|
+
onlineStatusChangeCount: 0,
|
|
17771
18053
|
});
|
|
17772
|
-
|
|
18054
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
17773
18055
|
this.logger.verbose("ssoSilent called", correlationId);
|
|
17774
18056
|
this.eventHandler.emitEvent(EventType.SSO_SILENT_START, exports.InteractionType.Silent, validRequest);
|
|
17775
18057
|
let result;
|
|
@@ -17813,7 +18095,7 @@
|
|
|
17813
18095
|
throw e;
|
|
17814
18096
|
})
|
|
17815
18097
|
.finally(() => {
|
|
17816
|
-
|
|
18098
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
17817
18099
|
});
|
|
17818
18100
|
}
|
|
17819
18101
|
/**
|
|
@@ -17925,8 +18207,9 @@
|
|
|
17925
18207
|
this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenByCodeAsync, request.correlationId);
|
|
17926
18208
|
this.acquireTokenByCodeAsyncMeasurement?.increment({
|
|
17927
18209
|
visibilityChangeCount: 0,
|
|
18210
|
+
onlineStatusChangeCount: 0,
|
|
17928
18211
|
});
|
|
17929
|
-
|
|
18212
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
17930
18213
|
const silentAuthCodeClient = this.createSilentAuthCodeClient(request.correlationId);
|
|
17931
18214
|
const silentTokenResult = await silentAuthCodeClient
|
|
17932
18215
|
.acquireToken(request)
|
|
@@ -17944,7 +18227,7 @@
|
|
|
17944
18227
|
throw tokenRenewalError;
|
|
17945
18228
|
})
|
|
17946
18229
|
.finally(() => {
|
|
17947
|
-
|
|
18230
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
17948
18231
|
});
|
|
17949
18232
|
return silentTokenResult;
|
|
17950
18233
|
}
|
|
@@ -18489,18 +18772,22 @@
|
|
|
18489
18772
|
* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
|
|
18490
18773
|
*/
|
|
18491
18774
|
async acquireTokenSilentAsync(request, account) {
|
|
18492
|
-
const
|
|
18775
|
+
const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
|
|
18493
18776
|
this.performanceClient.addQueueMeasurement(PerformanceEvents.AcquireTokenSilentAsync, request.correlationId);
|
|
18494
18777
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, exports.InteractionType.Silent, request);
|
|
18495
18778
|
if (request.correlationId) {
|
|
18496
|
-
this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
|
|
18779
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
|
|
18497
18780
|
}
|
|
18498
|
-
|
|
18781
|
+
this.addStateChangeListeners(trackStateChange);
|
|
18499
18782
|
const silentRequest = await invokeAsync(initializeSilentRequest, PerformanceEvents.InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
|
|
18500
18783
|
const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
|
|
18501
18784
|
const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
|
|
18502
18785
|
const shouldTryToResolveSilently = checkIfRefreshTokenErrorCanBeResolvedSilently(refreshTokenError, cacheLookupPolicy);
|
|
18503
18786
|
if (shouldTryToResolveSilently) {
|
|
18787
|
+
const silentRefreshReason = `${refreshTokenError.errorCode}${refreshTokenError.subError
|
|
18788
|
+
? `|${refreshTokenError.subError}`
|
|
18789
|
+
: ""}`;
|
|
18790
|
+
this.performanceClient.addFields({ silentRefreshReason }, silentRequest.correlationId);
|
|
18504
18791
|
if (!this.activeIframeRequest) {
|
|
18505
18792
|
let _resolve;
|
|
18506
18793
|
// Always set the active request tracker immediately after checking it to prevent races
|
|
@@ -18570,7 +18857,7 @@
|
|
|
18570
18857
|
throw tokenRenewalError;
|
|
18571
18858
|
})
|
|
18572
18859
|
.finally(() => {
|
|
18573
|
-
|
|
18860
|
+
this.removeStateChangeListeners(trackStateChange);
|
|
18574
18861
|
});
|
|
18575
18862
|
}
|
|
18576
18863
|
/**
|
|
@@ -20749,6 +21036,9 @@
|
|
|
20749
21036
|
getPageVisibility() {
|
|
20750
21037
|
return document.visibilityState?.toString() || null;
|
|
20751
21038
|
}
|
|
21039
|
+
getOnlineStatus() {
|
|
21040
|
+
return typeof navigator !== "undefined" ? navigator.onLine : null;
|
|
21041
|
+
}
|
|
20752
21042
|
deleteIncompleteSubMeasurements(inProgressEvent) {
|
|
20753
21043
|
void getPerfMeasurementModule()?.then((module) => {
|
|
20754
21044
|
const rootEvent = this.eventsByCorrelationId.get(inProgressEvent.event.correlationId);
|
|
@@ -20775,6 +21065,7 @@
|
|
|
20775
21065
|
startMeasurement(measureName, correlationId) {
|
|
20776
21066
|
// Capture page visibilityState and then invoke start/end measurement
|
|
20777
21067
|
const startPageVisibility = this.getPageVisibility();
|
|
21068
|
+
const startOnlineStatus = this.getOnlineStatus();
|
|
20778
21069
|
const inProgressEvent = super.startMeasurement(measureName, correlationId);
|
|
20779
21070
|
const startTime = supportsBrowserPerformanceNow()
|
|
20780
21071
|
? window.performance.now()
|
|
@@ -20786,11 +21077,15 @@
|
|
|
20786
21077
|
return {
|
|
20787
21078
|
...inProgressEvent,
|
|
20788
21079
|
end: (event, error, account) => {
|
|
21080
|
+
const networkInfo = getNetworkInfo();
|
|
20789
21081
|
const res = inProgressEvent.end({
|
|
20790
21082
|
...event,
|
|
20791
21083
|
startPageVisibility,
|
|
21084
|
+
startOnlineStatus,
|
|
20792
21085
|
endPageVisibility: this.getPageVisibility(),
|
|
20793
21086
|
durationMs: getPerfDurationMs(startTime),
|
|
21087
|
+
networkEffectiveType: networkInfo.effectiveType,
|
|
21088
|
+
networkRtt: networkInfo.rtt,
|
|
20794
21089
|
}, error, account);
|
|
20795
21090
|
void browserMeasurement?.then((measurement) => measurement.endMeasurement());
|
|
20796
21091
|
this.deleteIncompleteSubMeasurements(inProgressEvent);
|