@azure/msal-browser 4.28.2 → 4.29.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +25 -25
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +7 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +13 -2
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +109 -20
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +7 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts +13 -2
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +109 -20
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts +7 -0
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +49 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +5 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +15 -2
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts +7 -0
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +49 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +5 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +15 -2
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +10 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +375 -111
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.js +375 -111
- package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +7 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts +13 -2
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts +7 -0
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/lib/msal-browser.cjs +408 -113
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +408 -113
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +64 -64
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +7 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +13 -2
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts +7 -0
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +24 -13
- package/src/config/Configuration.ts +8 -0
- package/src/controllers/StandardController.ts +164 -39
- package/src/interaction_client/SilentIframeClient.ts +136 -0
- package/src/interaction_client/StandardInteractionClient.ts +12 -0
- package/src/interaction_handler/SilentHandler.ts +21 -1
- package/src/packageMetadata.ts +1 -1
- package/src/telemetry/BrowserPerformanceClient.ts +10 -0
- package/src/utils/MsalFrameStatsUtils.ts +27 -0
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.29.1 2026-03-13 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v15.
|
|
5
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -276,7 +276,7 @@ const JsonWebTokenTypes = {
|
|
|
276
276
|
// Token renewal offset default in seconds
|
|
277
277
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
278
278
|
|
|
279
|
-
/*! @azure/msal-common v15.
|
|
279
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
280
280
|
/*
|
|
281
281
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
282
282
|
* Licensed under the MIT License.
|
|
@@ -287,7 +287,7 @@ const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
|
287
287
|
const unexpectedError = "unexpected_error";
|
|
288
288
|
const postRequestFailed$1 = "post_request_failed";
|
|
289
289
|
|
|
290
|
-
/*! @azure/msal-common v15.
|
|
290
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
291
291
|
|
|
292
292
|
/*
|
|
293
293
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -322,7 +322,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
322
322
|
: AuthErrorMessages[code]);
|
|
323
323
|
}
|
|
324
324
|
|
|
325
|
-
/*! @azure/msal-common v15.
|
|
325
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
326
326
|
/*
|
|
327
327
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
328
328
|
* Licensed under the MIT License.
|
|
@@ -373,7 +373,7 @@ const methodNotImplemented = "method_not_implemented";
|
|
|
373
373
|
const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
|
|
374
374
|
const platformBrokerError = "platform_broker_error";
|
|
375
375
|
|
|
376
|
-
/*! @azure/msal-common v15.
|
|
376
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
377
377
|
|
|
378
378
|
/*
|
|
379
379
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -448,7 +448,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
448
448
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
449
449
|
}
|
|
450
450
|
|
|
451
|
-
/*! @azure/msal-common v15.
|
|
451
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
452
452
|
|
|
453
453
|
/*
|
|
454
454
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -487,7 +487,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
487
487
|
},
|
|
488
488
|
};
|
|
489
489
|
|
|
490
|
-
/*! @azure/msal-common v15.
|
|
490
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
491
491
|
|
|
492
492
|
/*
|
|
493
493
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -678,12 +678,12 @@ class Logger {
|
|
|
678
678
|
}
|
|
679
679
|
}
|
|
680
680
|
|
|
681
|
-
/*! @azure/msal-common v15.
|
|
681
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
682
682
|
/* eslint-disable header/header */
|
|
683
683
|
const name$1 = "@azure/msal-common";
|
|
684
|
-
const version$1 = "15.
|
|
684
|
+
const version$1 = "15.16.1";
|
|
685
685
|
|
|
686
|
-
/*! @azure/msal-common v15.
|
|
686
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
687
687
|
/*
|
|
688
688
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
689
689
|
* Licensed under the MIT License.
|
|
@@ -692,7 +692,7 @@ const AzureCloudInstance = {
|
|
|
692
692
|
// AzureCloudInstance is not specified.
|
|
693
693
|
None: "none"};
|
|
694
694
|
|
|
695
|
-
/*! @azure/msal-common v15.
|
|
695
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
696
696
|
/*
|
|
697
697
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
698
698
|
* Licensed under the MIT License.
|
|
@@ -722,7 +722,7 @@ const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
|
722
722
|
const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
|
|
723
723
|
const invalidPlatformBrokerConfiguration = "invalid_platform_broker_configuration";
|
|
724
724
|
|
|
725
|
-
/*! @azure/msal-common v15.
|
|
725
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
726
726
|
|
|
727
727
|
/*
|
|
728
728
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -768,7 +768,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
768
768
|
return new ClientConfigurationError(errorCode);
|
|
769
769
|
}
|
|
770
770
|
|
|
771
|
-
/*! @azure/msal-common v15.
|
|
771
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
772
772
|
/*
|
|
773
773
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
774
774
|
* Licensed under the MIT License.
|
|
@@ -863,9 +863,48 @@ class StringUtils {
|
|
|
863
863
|
.replace(/\?/g, "\\?"));
|
|
864
864
|
return regex.test(input);
|
|
865
865
|
}
|
|
866
|
+
/**
|
|
867
|
+
* Tests if a given string matches a given pattern using stricter, anchored matching semantics.
|
|
868
|
+
*
|
|
869
|
+
* Differences from `matchPattern` (legacy):
|
|
870
|
+
* - All regex metacharacters (including `.`) in the pattern are treated as literals,
|
|
871
|
+
* so `example.com` matches only `example.com` and not `exampleXcom`.
|
|
872
|
+
* - The generated regex is anchored with `^` and `$` so partial/substring matches
|
|
873
|
+
* are not allowed.
|
|
874
|
+
* - `*` is the only supported wildcard. Its behaviour depends on the URL component:
|
|
875
|
+
* - `host` component: `*` matches any sequence of characters that does NOT include
|
|
876
|
+
* a dot (`.`), keeping wildcards within a single DNS label boundary.
|
|
877
|
+
* - All other components: `*` matches any sequence of characters (including `/`).
|
|
878
|
+
*
|
|
879
|
+
* @param pattern - The `protectedResourceMap` key pattern to match against. `*` is a
|
|
880
|
+
* multi-character wildcard; all other characters are treated as literals.
|
|
881
|
+
* @param input - The URL component value (e.g. host, pathname) extracted from the
|
|
882
|
+
* outgoing request URL to test against the pattern.
|
|
883
|
+
* @param options - Optional. Provide `component` to enable component-aware wildcard
|
|
884
|
+
* semantics. Accepted values: `"host"`, `"path"`, `"protocol"`, `"search"`,
|
|
885
|
+
* `"hash"`. Defaults to path-style (permissive) matching when omitted.
|
|
886
|
+
* @returns `true` if the full input string matches the pattern; `false` otherwise.
|
|
887
|
+
*/
|
|
888
|
+
static matchPatternStrict(pattern, input, options) {
|
|
889
|
+
const component = options?.component;
|
|
890
|
+
// Step 1: Escape all regex special characters so literals are matched literally.
|
|
891
|
+
let regexBody = pattern.replace(/[.+^${}()|[\]\\*?]/g, "\\$&");
|
|
892
|
+
// Step 2: Replace the escaped '*' with its component-aware regex equivalent.
|
|
893
|
+
if (component === "host") {
|
|
894
|
+
regexBody = regexBody.replace(/\\\*/g, "[^.]*");
|
|
895
|
+
}
|
|
896
|
+
else {
|
|
897
|
+
// PATH, PROTOCOL, SEARCH, HASH, or unspecified: '*' matches any characters.
|
|
898
|
+
regexBody = regexBody.replace(/\\\*/g, ".*");
|
|
899
|
+
}
|
|
900
|
+
// Step 3: Anchor for full-string matching.
|
|
901
|
+
// eslint-disable-next-line security/detect-non-literal-regexp
|
|
902
|
+
const regex = new RegExp(`^${regexBody}$`);
|
|
903
|
+
return regex.test(input);
|
|
904
|
+
}
|
|
866
905
|
}
|
|
867
906
|
|
|
868
|
-
/*! @azure/msal-common v15.
|
|
907
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
869
908
|
|
|
870
909
|
/*
|
|
871
910
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1060,7 +1099,7 @@ class ScopeSet {
|
|
|
1060
1099
|
}
|
|
1061
1100
|
}
|
|
1062
1101
|
|
|
1063
|
-
/*! @azure/msal-common v15.
|
|
1102
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1064
1103
|
|
|
1065
1104
|
/*
|
|
1066
1105
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1100,7 +1139,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
1100
1139
|
};
|
|
1101
1140
|
}
|
|
1102
1141
|
|
|
1103
|
-
/*! @azure/msal-common v15.
|
|
1142
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1104
1143
|
/*
|
|
1105
1144
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1106
1145
|
* Licensed under the MIT License.
|
|
@@ -1182,7 +1221,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1182
1221
|
return updatedAccountInfo;
|
|
1183
1222
|
}
|
|
1184
1223
|
|
|
1185
|
-
/*! @azure/msal-common v15.
|
|
1224
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1186
1225
|
/*
|
|
1187
1226
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1188
1227
|
* Licensed under the MIT License.
|
|
@@ -1197,7 +1236,7 @@ const AuthorityType = {
|
|
|
1197
1236
|
Ciam: 3,
|
|
1198
1237
|
};
|
|
1199
1238
|
|
|
1200
|
-
/*! @azure/msal-common v15.
|
|
1239
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1201
1240
|
/*
|
|
1202
1241
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1203
1242
|
* Licensed under the MIT License.
|
|
@@ -1219,7 +1258,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
1219
1258
|
return null;
|
|
1220
1259
|
}
|
|
1221
1260
|
|
|
1222
|
-
/*! @azure/msal-common v15.
|
|
1261
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1223
1262
|
/*
|
|
1224
1263
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1225
1264
|
* Licensed under the MIT License.
|
|
@@ -1243,7 +1282,7 @@ const ProtocolMode = {
|
|
|
1243
1282
|
EAR: "EAR",
|
|
1244
1283
|
};
|
|
1245
1284
|
|
|
1246
|
-
/*! @azure/msal-common v15.
|
|
1285
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1247
1286
|
|
|
1248
1287
|
/*
|
|
1249
1288
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1478,7 +1517,7 @@ class AccountEntity {
|
|
|
1478
1517
|
}
|
|
1479
1518
|
}
|
|
1480
1519
|
|
|
1481
|
-
/*! @azure/msal-common v15.
|
|
1520
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1482
1521
|
|
|
1483
1522
|
/*
|
|
1484
1523
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1559,7 +1598,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1559
1598
|
}
|
|
1560
1599
|
}
|
|
1561
1600
|
|
|
1562
|
-
/*! @azure/msal-common v15.
|
|
1601
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1563
1602
|
|
|
1564
1603
|
/*
|
|
1565
1604
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1675,7 +1714,7 @@ function normalizeUrlForComparison(url) {
|
|
|
1675
1714
|
}
|
|
1676
1715
|
}
|
|
1677
1716
|
|
|
1678
|
-
/*! @azure/msal-common v15.
|
|
1717
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1679
1718
|
|
|
1680
1719
|
/*
|
|
1681
1720
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1839,7 +1878,7 @@ class UrlString {
|
|
|
1839
1878
|
}
|
|
1840
1879
|
}
|
|
1841
1880
|
|
|
1842
|
-
/*! @azure/msal-common v15.
|
|
1881
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
1843
1882
|
|
|
1844
1883
|
/*
|
|
1845
1884
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2014,7 +2053,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2014
2053
|
return null;
|
|
2015
2054
|
}
|
|
2016
2055
|
|
|
2017
|
-
/*! @azure/msal-common v15.
|
|
2056
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
2018
2057
|
/*
|
|
2019
2058
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2020
2059
|
* Licensed under the MIT License.
|
|
@@ -2022,7 +2061,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2022
2061
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2023
2062
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2024
2063
|
|
|
2025
|
-
/*! @azure/msal-common v15.
|
|
2064
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
2026
2065
|
|
|
2027
2066
|
/*
|
|
2028
2067
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2067,7 +2106,7 @@ function createCacheError(e) {
|
|
|
2067
2106
|
}
|
|
2068
2107
|
}
|
|
2069
2108
|
|
|
2070
|
-
/*! @azure/msal-common v15.
|
|
2109
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
2071
2110
|
|
|
2072
2111
|
/*
|
|
2073
2112
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3177,7 +3216,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3177
3216
|
}
|
|
3178
3217
|
}
|
|
3179
3218
|
|
|
3180
|
-
/*! @azure/msal-common v15.
|
|
3219
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
3181
3220
|
/*
|
|
3182
3221
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3183
3222
|
* Licensed under the MIT License.
|
|
@@ -3439,6 +3478,11 @@ const PerformanceEvents = {
|
|
|
3439
3478
|
LoadIdToken: "loadIdToken",
|
|
3440
3479
|
LoadAccessToken: "loadAccessToken",
|
|
3441
3480
|
LoadRefreshToken: "loadRefreshToken",
|
|
3481
|
+
/**
|
|
3482
|
+
* SSO capability verification call (msal-browser).
|
|
3483
|
+
* Fire-and-forget SSO verification call made after interactive authentication completes.
|
|
3484
|
+
*/
|
|
3485
|
+
SsoCapable: "ssoCapable",
|
|
3442
3486
|
};
|
|
3443
3487
|
/**
|
|
3444
3488
|
* State of the performance event.
|
|
@@ -3449,7 +3493,7 @@ const PerformanceEvents = {
|
|
|
3449
3493
|
const PerformanceEventStatus = {
|
|
3450
3494
|
InProgress: 1};
|
|
3451
3495
|
|
|
3452
|
-
/*! @azure/msal-common v15.
|
|
3496
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
3453
3497
|
|
|
3454
3498
|
/*
|
|
3455
3499
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3528,7 +3572,7 @@ class StubPerformanceClient {
|
|
|
3528
3572
|
}
|
|
3529
3573
|
}
|
|
3530
3574
|
|
|
3531
|
-
/*! @azure/msal-common v15.
|
|
3575
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
3532
3576
|
|
|
3533
3577
|
/*
|
|
3534
3578
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3628,7 +3672,7 @@ function isOidcProtocolMode(config) {
|
|
|
3628
3672
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3629
3673
|
}
|
|
3630
3674
|
|
|
3631
|
-
/*! @azure/msal-common v15.
|
|
3675
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
3632
3676
|
/*
|
|
3633
3677
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3634
3678
|
* Licensed under the MIT License.
|
|
@@ -3638,7 +3682,7 @@ const CcsCredentialType = {
|
|
|
3638
3682
|
UPN: "UPN",
|
|
3639
3683
|
};
|
|
3640
3684
|
|
|
3641
|
-
/*! @azure/msal-common v15.
|
|
3685
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
3642
3686
|
/*
|
|
3643
3687
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3644
3688
|
* Licensed under the MIT License.
|
|
@@ -3688,7 +3732,7 @@ const INSTANCE_AWARE = "instance_aware";
|
|
|
3688
3732
|
const EAR_JWK = "ear_jwk";
|
|
3689
3733
|
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
3690
3734
|
|
|
3691
|
-
/*! @azure/msal-common v15.
|
|
3735
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
3692
3736
|
|
|
3693
3737
|
/*
|
|
3694
3738
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4068,7 +4112,7 @@ function addPostBodyParameters(parameters, bodyParameters) {
|
|
|
4068
4112
|
});
|
|
4069
4113
|
}
|
|
4070
4114
|
|
|
4071
|
-
/*! @azure/msal-common v15.
|
|
4115
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4072
4116
|
/*
|
|
4073
4117
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4074
4118
|
* Licensed under the MIT License.
|
|
@@ -4080,7 +4124,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
4080
4124
|
response.hasOwnProperty("jwks_uri"));
|
|
4081
4125
|
}
|
|
4082
4126
|
|
|
4083
|
-
/*! @azure/msal-common v15.
|
|
4127
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4084
4128
|
/*
|
|
4085
4129
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4086
4130
|
* Licensed under the MIT License.
|
|
@@ -4090,7 +4134,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
4090
4134
|
response.hasOwnProperty("metadata"));
|
|
4091
4135
|
}
|
|
4092
4136
|
|
|
4093
|
-
/*! @azure/msal-common v15.
|
|
4137
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4094
4138
|
/*
|
|
4095
4139
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4096
4140
|
* Licensed under the MIT License.
|
|
@@ -4100,7 +4144,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
4100
4144
|
response.hasOwnProperty("error_description"));
|
|
4101
4145
|
}
|
|
4102
4146
|
|
|
4103
|
-
/*! @azure/msal-common v15.
|
|
4147
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4104
4148
|
/*
|
|
4105
4149
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4106
4150
|
* Licensed under the MIT License.
|
|
@@ -4196,7 +4240,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
4196
4240
|
};
|
|
4197
4241
|
};
|
|
4198
4242
|
|
|
4199
|
-
/*! @azure/msal-common v15.
|
|
4243
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4200
4244
|
|
|
4201
4245
|
/*
|
|
4202
4246
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4302,7 +4346,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
4302
4346
|
},
|
|
4303
4347
|
};
|
|
4304
4348
|
|
|
4305
|
-
/*! @azure/msal-common v15.
|
|
4349
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4306
4350
|
/*
|
|
4307
4351
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4308
4352
|
* Licensed under the MIT License.
|
|
@@ -4367,7 +4411,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
4367
4411
|
return cachedAtSec > nowSeconds();
|
|
4368
4412
|
}
|
|
4369
4413
|
|
|
4370
|
-
/*! @azure/msal-common v15.
|
|
4414
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4371
4415
|
|
|
4372
4416
|
/*
|
|
4373
4417
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4629,7 +4673,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
4629
4673
|
return metadata.expiresAt <= nowSeconds();
|
|
4630
4674
|
}
|
|
4631
4675
|
|
|
4632
|
-
/*! @azure/msal-common v15.
|
|
4676
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
4633
4677
|
|
|
4634
4678
|
/*
|
|
4635
4679
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5468,7 +5512,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
5468
5512
|
};
|
|
5469
5513
|
}
|
|
5470
5514
|
|
|
5471
|
-
/*! @azure/msal-common v15.
|
|
5515
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5472
5516
|
|
|
5473
5517
|
/*
|
|
5474
5518
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5499,7 +5543,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
5499
5543
|
}
|
|
5500
5544
|
}
|
|
5501
5545
|
|
|
5502
|
-
/*! @azure/msal-common v15.
|
|
5546
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5503
5547
|
|
|
5504
5548
|
/*
|
|
5505
5549
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5518,7 +5562,7 @@ class ServerError extends AuthError {
|
|
|
5518
5562
|
}
|
|
5519
5563
|
}
|
|
5520
5564
|
|
|
5521
|
-
/*! @azure/msal-common v15.
|
|
5565
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5522
5566
|
/*
|
|
5523
5567
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5524
5568
|
* Licensed under the MIT License.
|
|
@@ -5539,7 +5583,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
5539
5583
|
};
|
|
5540
5584
|
}
|
|
5541
5585
|
|
|
5542
|
-
/*! @azure/msal-common v15.
|
|
5586
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5543
5587
|
|
|
5544
5588
|
/*
|
|
5545
5589
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5626,7 +5670,7 @@ class ThrottlingUtils {
|
|
|
5626
5670
|
}
|
|
5627
5671
|
}
|
|
5628
5672
|
|
|
5629
|
-
/*! @azure/msal-common v15.
|
|
5673
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5630
5674
|
|
|
5631
5675
|
/*
|
|
5632
5676
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5657,7 +5701,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
5657
5701
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
5658
5702
|
}
|
|
5659
5703
|
|
|
5660
|
-
/*! @azure/msal-common v15.
|
|
5704
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5661
5705
|
|
|
5662
5706
|
/*
|
|
5663
5707
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5805,23 +5849,58 @@ class BaseClient {
|
|
|
5805
5849
|
}
|
|
5806
5850
|
}
|
|
5807
5851
|
|
|
5808
|
-
/*! @azure/msal-common v15.
|
|
5852
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5809
5853
|
/*
|
|
5810
5854
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5811
5855
|
* Licensed under the MIT License.
|
|
5812
5856
|
*/
|
|
5813
|
-
|
|
5857
|
+
/**
|
|
5858
|
+
* MSAL-defined interaction required error code indicating no tokens are found in cache.
|
|
5859
|
+
* @public
|
|
5860
|
+
*/
|
|
5814
5861
|
const noTokensFound = "no_tokens_found";
|
|
5862
|
+
/**
|
|
5863
|
+
* MSAL-defined error code indicating a native account is unavailable on the platform.
|
|
5864
|
+
* @public
|
|
5865
|
+
*/
|
|
5815
5866
|
const nativeAccountUnavailable = "native_account_unavailable";
|
|
5867
|
+
/**
|
|
5868
|
+
* MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
|
|
5869
|
+
* @public
|
|
5870
|
+
*/
|
|
5816
5871
|
const refreshTokenExpired = "refresh_token_expired";
|
|
5872
|
+
/**
|
|
5873
|
+
* MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
|
|
5874
|
+
* @public
|
|
5875
|
+
*/
|
|
5817
5876
|
const uxNotAllowed = "ux_not_allowed";
|
|
5818
|
-
|
|
5877
|
+
/**
|
|
5878
|
+
* Server-originated error code indicating interaction is required to complete the request.
|
|
5879
|
+
* @public
|
|
5880
|
+
*/
|
|
5819
5881
|
const interactionRequired = "interaction_required";
|
|
5882
|
+
/**
|
|
5883
|
+
* Server-originated error code indicating user consent is required.
|
|
5884
|
+
* @public
|
|
5885
|
+
*/
|
|
5820
5886
|
const consentRequired = "consent_required";
|
|
5887
|
+
/**
|
|
5888
|
+
* Server-originated error code indicating user login is required.
|
|
5889
|
+
* @public
|
|
5890
|
+
*/
|
|
5821
5891
|
const loginRequired = "login_required";
|
|
5822
|
-
|
|
5892
|
+
/**
|
|
5893
|
+
* Server-originated error code indicating the token is invalid or corrupted.
|
|
5894
|
+
* @public
|
|
5895
|
+
*/
|
|
5896
|
+
const badToken = "bad_token";
|
|
5897
|
+
/**
|
|
5898
|
+
* Server-originated error code indicating the user was interrupted and must reattempt the flow.
|
|
5899
|
+
* @public
|
|
5900
|
+
*/
|
|
5901
|
+
const interruptedUser = "interrupted_user";
|
|
5823
5902
|
|
|
5824
|
-
/*! @azure/msal-common v15.
|
|
5903
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5825
5904
|
|
|
5826
5905
|
/*
|
|
5827
5906
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5836,6 +5915,7 @@ const InteractionRequiredServerErrorMessage = [
|
|
|
5836
5915
|
loginRequired,
|
|
5837
5916
|
badToken,
|
|
5838
5917
|
uxNotAllowed,
|
|
5918
|
+
interruptedUser,
|
|
5839
5919
|
];
|
|
5840
5920
|
const InteractionRequiredAuthSubErrorMessage = [
|
|
5841
5921
|
"message_only",
|
|
@@ -5844,6 +5924,7 @@ const InteractionRequiredAuthSubErrorMessage = [
|
|
|
5844
5924
|
"user_password_expired",
|
|
5845
5925
|
"consent_required",
|
|
5846
5926
|
"bad_token",
|
|
5927
|
+
"interrupted_user",
|
|
5847
5928
|
];
|
|
5848
5929
|
const InteractionRequiredAuthErrorMessages = {
|
|
5849
5930
|
[noTokensFound]: "No refresh token found in the cache. Please sign-in.",
|
|
@@ -5851,6 +5932,7 @@ const InteractionRequiredAuthErrorMessages = {
|
|
|
5851
5932
|
[refreshTokenExpired]: "Refresh token has expired.",
|
|
5852
5933
|
[badToken]: "Identity provider returned bad_token due to an expired or invalid refresh token. Please invoke an interactive API to resolve.",
|
|
5853
5934
|
[uxNotAllowed]: "`canShowUI` flag in Edge was set to false. User interaction required on web page. Please invoke an interactive API to resolve.",
|
|
5935
|
+
[interruptedUser]: "The user could not be authenticated due to an interrupted state. Please invoke an interactive API to resolve.",
|
|
5854
5936
|
};
|
|
5855
5937
|
/**
|
|
5856
5938
|
* Error thrown when user interaction is required.
|
|
@@ -5893,7 +5975,7 @@ function createInteractionRequiredAuthError(errorCode) {
|
|
|
5893
5975
|
return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
|
|
5894
5976
|
}
|
|
5895
5977
|
|
|
5896
|
-
/*! @azure/msal-common v15.
|
|
5978
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5897
5979
|
|
|
5898
5980
|
/*
|
|
5899
5981
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5965,7 +6047,7 @@ class ProtocolUtils {
|
|
|
5965
6047
|
}
|
|
5966
6048
|
}
|
|
5967
6049
|
|
|
5968
|
-
/*! @azure/msal-common v15.
|
|
6050
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
5969
6051
|
|
|
5970
6052
|
/*
|
|
5971
6053
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6047,7 +6129,7 @@ class PopTokenGenerator {
|
|
|
6047
6129
|
}
|
|
6048
6130
|
}
|
|
6049
6131
|
|
|
6050
|
-
/*! @azure/msal-common v15.
|
|
6132
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6051
6133
|
/*
|
|
6052
6134
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6053
6135
|
* Licensed under the MIT License.
|
|
@@ -6074,7 +6156,7 @@ class PopTokenGenerator {
|
|
|
6074
6156
|
}
|
|
6075
6157
|
}
|
|
6076
6158
|
|
|
6077
|
-
/*! @azure/msal-common v15.
|
|
6159
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6078
6160
|
|
|
6079
6161
|
/*
|
|
6080
6162
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6413,7 +6495,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
6413
6495
|
return baseAccount;
|
|
6414
6496
|
}
|
|
6415
6497
|
|
|
6416
|
-
/*! @azure/msal-common v15.
|
|
6498
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6417
6499
|
/*
|
|
6418
6500
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6419
6501
|
* Licensed under the MIT License.
|
|
@@ -6431,7 +6513,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
6431
6513
|
}
|
|
6432
6514
|
}
|
|
6433
6515
|
|
|
6434
|
-
/*! @azure/msal-common v15.
|
|
6516
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6435
6517
|
|
|
6436
6518
|
/*
|
|
6437
6519
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6580,11 +6662,6 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
6580
6662
|
throw createClientConfigurationError(missingSshJwk);
|
|
6581
6663
|
}
|
|
6582
6664
|
}
|
|
6583
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6584
|
-
(this.config.authOptions.clientCapabilities &&
|
|
6585
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
6586
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
6587
|
-
}
|
|
6588
6665
|
let ccsCred = undefined;
|
|
6589
6666
|
if (request.clientInfo) {
|
|
6590
6667
|
try {
|
|
@@ -6634,6 +6711,15 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
6634
6711
|
});
|
|
6635
6712
|
}
|
|
6636
6713
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
6714
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
6715
|
+
const configClaims = request.skipBrokerClaims &&
|
|
6716
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
6717
|
+
? undefined
|
|
6718
|
+
: this.config.authOptions.clientCapabilities;
|
|
6719
|
+
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6720
|
+
(configClaims && configClaims.length > 0)) {
|
|
6721
|
+
addClaims(parameters, request.claims, configClaims);
|
|
6722
|
+
}
|
|
6637
6723
|
return mapToQueryString(parameters);
|
|
6638
6724
|
}
|
|
6639
6725
|
/**
|
|
@@ -6667,7 +6753,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
6667
6753
|
}
|
|
6668
6754
|
}
|
|
6669
6755
|
|
|
6670
|
-
/*! @azure/msal-common v15.
|
|
6756
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6671
6757
|
|
|
6672
6758
|
/*
|
|
6673
6759
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6845,11 +6931,6 @@ class RefreshTokenClient extends BaseClient {
|
|
|
6845
6931
|
throw createClientConfigurationError(missingSshJwk);
|
|
6846
6932
|
}
|
|
6847
6933
|
}
|
|
6848
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6849
|
-
(this.config.authOptions.clientCapabilities &&
|
|
6850
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
6851
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
6852
|
-
}
|
|
6853
6934
|
if (this.config.systemOptions.preventCorsPreflight &&
|
|
6854
6935
|
request.ccsCredential) {
|
|
6855
6936
|
switch (request.ccsCredential.type) {
|
|
@@ -6875,11 +6956,20 @@ class RefreshTokenClient extends BaseClient {
|
|
|
6875
6956
|
addExtraQueryParameters(parameters, request.tokenBodyParameters);
|
|
6876
6957
|
}
|
|
6877
6958
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
6959
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
6960
|
+
const configClaims = request.skipBrokerClaims &&
|
|
6961
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
6962
|
+
? undefined
|
|
6963
|
+
: this.config.authOptions.clientCapabilities;
|
|
6964
|
+
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6965
|
+
(configClaims && configClaims.length > 0)) {
|
|
6966
|
+
addClaims(parameters, request.claims, configClaims);
|
|
6967
|
+
}
|
|
6878
6968
|
return mapToQueryString(parameters);
|
|
6879
6969
|
}
|
|
6880
6970
|
}
|
|
6881
6971
|
|
|
6882
|
-
/*! @azure/msal-common v15.
|
|
6972
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6883
6973
|
|
|
6884
6974
|
/*
|
|
6885
6975
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6977,7 +7067,7 @@ class SilentFlowClient extends BaseClient {
|
|
|
6977
7067
|
}
|
|
6978
7068
|
}
|
|
6979
7069
|
|
|
6980
|
-
/*! @azure/msal-common v15.
|
|
7070
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6981
7071
|
|
|
6982
7072
|
/*
|
|
6983
7073
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6992,7 +7082,7 @@ const StubbedNetworkModule = {
|
|
|
6992
7082
|
},
|
|
6993
7083
|
};
|
|
6994
7084
|
|
|
6995
|
-
/*! @azure/msal-common v15.
|
|
7085
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
6996
7086
|
|
|
6997
7087
|
/*
|
|
6998
7088
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7113,14 +7203,17 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
|
|
|
7113
7203
|
if (request.state) {
|
|
7114
7204
|
addState(parameters, request.state);
|
|
7115
7205
|
}
|
|
7116
|
-
if (request.claims ||
|
|
7117
|
-
(authOptions.clientCapabilities &&
|
|
7118
|
-
authOptions.clientCapabilities.length > 0)) {
|
|
7119
|
-
addClaims(parameters, request.claims, authOptions.clientCapabilities);
|
|
7120
|
-
}
|
|
7121
7206
|
if (request.embeddedClientId) {
|
|
7122
7207
|
addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
|
|
7123
7208
|
}
|
|
7209
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
7210
|
+
const configClaims = request.skipBrokerClaims &&
|
|
7211
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
7212
|
+
? undefined
|
|
7213
|
+
: authOptions.clientCapabilities;
|
|
7214
|
+
if (request.claims || (configClaims && configClaims.length > 0)) {
|
|
7215
|
+
addClaims(parameters, request.claims, configClaims);
|
|
7216
|
+
}
|
|
7124
7217
|
// If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
|
|
7125
7218
|
if (authOptions.instanceAware &&
|
|
7126
7219
|
(!request.extraQueryParameters ||
|
|
@@ -7216,7 +7309,7 @@ function extractLoginHint(account) {
|
|
|
7216
7309
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
7217
7310
|
}
|
|
7218
7311
|
|
|
7219
|
-
/*! @azure/msal-common v15.
|
|
7312
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7220
7313
|
|
|
7221
7314
|
/*
|
|
7222
7315
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7479,7 +7572,7 @@ class ServerTelemetryManager {
|
|
|
7479
7572
|
}
|
|
7480
7573
|
}
|
|
7481
7574
|
|
|
7482
|
-
/*! @azure/msal-common v15.
|
|
7575
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7483
7576
|
/*
|
|
7484
7577
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7485
7578
|
* Licensed under the MIT License.
|
|
@@ -7487,7 +7580,7 @@ class ServerTelemetryManager {
|
|
|
7487
7580
|
const missingKidError = "missing_kid_error";
|
|
7488
7581
|
const missingAlgError = "missing_alg_error";
|
|
7489
7582
|
|
|
7490
|
-
/*! @azure/msal-common v15.
|
|
7583
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7491
7584
|
|
|
7492
7585
|
/*
|
|
7493
7586
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7512,7 +7605,7 @@ function createJoseHeaderError(code) {
|
|
|
7512
7605
|
return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
|
|
7513
7606
|
}
|
|
7514
7607
|
|
|
7515
|
-
/*! @azure/msal-common v15.
|
|
7608
|
+
/*! @azure/msal-common v15.16.1 2026-03-13 */
|
|
7516
7609
|
|
|
7517
7610
|
/*
|
|
7518
7611
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7947,7 +8040,7 @@ function ensureArgumentIsJSONString(argName, argValue, correlationId) {
|
|
|
7947
8040
|
|
|
7948
8041
|
/* eslint-disable header/header */
|
|
7949
8042
|
const name = "@azure/msal-browser";
|
|
7950
|
-
const version = "4.
|
|
8043
|
+
const version = "4.29.1";
|
|
7951
8044
|
|
|
7952
8045
|
/*
|
|
7953
8046
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -9715,6 +9808,10 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
9715
9808
|
async initializeAuthorizationRequest(request, interactionType) {
|
|
9716
9809
|
this.performanceClient.addQueueMeasurement(PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.correlationId);
|
|
9717
9810
|
const redirectUri = this.getRedirectUri(request.redirectUri);
|
|
9811
|
+
if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
|
|
9812
|
+
this.logger.warning("The origin of the redirect URI does not match the origin of the current page. This is likely to cause issues with authentication.", this.correlationId);
|
|
9813
|
+
this.performanceClient.addFields({ isRedirectUriCrossOrigin: true }, this.correlationId);
|
|
9814
|
+
}
|
|
9718
9815
|
const browserState = {
|
|
9719
9816
|
interactionType: interactionType,
|
|
9720
9817
|
};
|
|
@@ -17802,6 +17899,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
17802
17899
|
supportsNestedAppAuth: false,
|
|
17803
17900
|
instanceAware: false,
|
|
17804
17901
|
encodeExtraQueryParams: false,
|
|
17902
|
+
verifySSO: false,
|
|
17805
17903
|
};
|
|
17806
17904
|
// Default cache options for browser
|
|
17807
17905
|
const DEFAULT_CACHE_OPTIONS = {
|
|
@@ -18275,14 +18373,28 @@ class PlatformAuthDOMHandler {
|
|
|
18275
18373
|
return nativeResponse;
|
|
18276
18374
|
}
|
|
18277
18375
|
getDOMExtraParams(extraParameters) {
|
|
18278
|
-
|
|
18279
|
-
|
|
18280
|
-
|
|
18281
|
-
|
|
18282
|
-
|
|
18283
|
-
|
|
18284
|
-
|
|
18285
|
-
|
|
18376
|
+
try {
|
|
18377
|
+
const stringifiedProperties = {};
|
|
18378
|
+
for (const [key, value] of Object.entries(extraParameters)) {
|
|
18379
|
+
if (!value) {
|
|
18380
|
+
continue;
|
|
18381
|
+
}
|
|
18382
|
+
if (typeof value === "object") {
|
|
18383
|
+
stringifiedProperties[key] = JSON.stringify(value);
|
|
18384
|
+
}
|
|
18385
|
+
else {
|
|
18386
|
+
stringifiedProperties[key] = String(value);
|
|
18387
|
+
}
|
|
18388
|
+
}
|
|
18389
|
+
return stringifiedProperties;
|
|
18390
|
+
}
|
|
18391
|
+
catch (e) {
|
|
18392
|
+
this.logger.error(this.platformAuthType + " - Error stringifying extra parameters");
|
|
18393
|
+
this.logger.errorPii(this.platformAuthType +
|
|
18394
|
+
" - Error stringifying extra parameters: " +
|
|
18395
|
+
e);
|
|
18396
|
+
return {};
|
|
18397
|
+
}
|
|
18286
18398
|
}
|
|
18287
18399
|
}
|
|
18288
18400
|
|
|
@@ -19333,6 +19445,12 @@ async function initiateEarRequest(config, authority, request, logger, performanc
|
|
|
19333
19445
|
*/
|
|
19334
19446
|
async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, performanceClient, logger, correlationId, responseType) {
|
|
19335
19447
|
performanceClient.addQueueMeasurement(PerformanceEvents.SilentHandlerMonitorIframeForHash, correlationId);
|
|
19448
|
+
performanceClient.addFields({
|
|
19449
|
+
iframePollIntervalMs: pollIntervalMilliseconds,
|
|
19450
|
+
iframeTimeoutMs: timeout,
|
|
19451
|
+
}, correlationId);
|
|
19452
|
+
let totalTickCount = 0;
|
|
19453
|
+
let crossOriginTickCount = 0;
|
|
19336
19454
|
return new Promise((resolve, reject) => {
|
|
19337
19455
|
if (timeout < DEFAULT_IFRAME_TIMEOUT_MS) {
|
|
19338
19456
|
logger.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${timeout}ms) than the default (${DEFAULT_IFRAME_TIMEOUT_MS}ms). This may result in timeouts.`);
|
|
@@ -19346,6 +19464,7 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
|
|
|
19346
19464
|
reject(createBrowserAuthError(monitorWindowTimeout));
|
|
19347
19465
|
}, timeout);
|
|
19348
19466
|
const intervalId = window.setInterval(() => {
|
|
19467
|
+
totalTickCount++;
|
|
19349
19468
|
let href = "";
|
|
19350
19469
|
const contentWindow = iframe.contentWindow;
|
|
19351
19470
|
try {
|
|
@@ -19356,7 +19475,9 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
|
|
|
19356
19475
|
*/
|
|
19357
19476
|
href = contentWindow ? contentWindow.location.href : "";
|
|
19358
19477
|
}
|
|
19359
|
-
catch (e) {
|
|
19478
|
+
catch (e) {
|
|
19479
|
+
crossOriginTickCount++;
|
|
19480
|
+
}
|
|
19360
19481
|
if (!href || href === "about:blank") {
|
|
19361
19482
|
return;
|
|
19362
19483
|
}
|
|
@@ -19374,6 +19495,10 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
|
|
|
19374
19495
|
resolve(responseString);
|
|
19375
19496
|
}, pollIntervalMilliseconds);
|
|
19376
19497
|
}).finally(() => {
|
|
19498
|
+
performanceClient.addFields({
|
|
19499
|
+
iframeTickCount: totalTickCount,
|
|
19500
|
+
crossOriginTickCount: crossOriginTickCount,
|
|
19501
|
+
}, correlationId);
|
|
19377
19502
|
invoke(removeHiddenIframe, PerformanceEvents.RemoveHiddenIframe, logger, performanceClient, correlationId)(iframe);
|
|
19378
19503
|
});
|
|
19379
19504
|
}
|
|
@@ -19561,6 +19686,52 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
19561
19686
|
return invokeAsync(handleResponseEAR, PerformanceEvents.HandleResponseEar, this.logger, this.performanceClient, correlationId)(silentRequest, serverParams, this.apiId, this.config, discoveredAuthority, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
19562
19687
|
}
|
|
19563
19688
|
}
|
|
19689
|
+
/**
|
|
19690
|
+
* Verifies SSO capability by making an iframe request to /authorize without exchanging the code for tokens.
|
|
19691
|
+
* This is useful for verifying SSO capability in the background without the overhead of a full token exchange.
|
|
19692
|
+
* @param request - The SSO silent request
|
|
19693
|
+
* @returns true if SSO verification was successful with a valid authorization code, false otherwise
|
|
19694
|
+
*/
|
|
19695
|
+
async verifySso(request) {
|
|
19696
|
+
this.performanceClient.addQueueMeasurement(PerformanceEvents.SilentIframeClientAcquireToken, request.correlationId);
|
|
19697
|
+
const inputRequest = { ...request };
|
|
19698
|
+
if (!inputRequest.prompt) {
|
|
19699
|
+
inputRequest.prompt = PromptValue.NONE;
|
|
19700
|
+
}
|
|
19701
|
+
// Create silent request
|
|
19702
|
+
const silentRequest = await invokeAsync(this.initializeAuthorizationRequest.bind(this), PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.logger, this.performanceClient, request.correlationId)(inputRequest, InteractionType.Silent);
|
|
19703
|
+
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), PerformanceEvents.StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, request.correlationId)({
|
|
19704
|
+
serverTelemetryManager: this.initializeServerTelemetryManager(this.apiId),
|
|
19705
|
+
requestAuthority: silentRequest.authority,
|
|
19706
|
+
requestAzureCloudOptions: silentRequest.azureCloudOptions,
|
|
19707
|
+
requestExtraQueryParameters: silentRequest.extraQueryParameters,
|
|
19708
|
+
account: silentRequest.account,
|
|
19709
|
+
});
|
|
19710
|
+
const correlationId = silentRequest.correlationId;
|
|
19711
|
+
const pkceCodes = await invokeAsync(generatePkceCodes, PerformanceEvents.GeneratePkceCodes, this.logger, this.performanceClient, correlationId)(this.performanceClient, this.logger, correlationId);
|
|
19712
|
+
const requestWithPkce = {
|
|
19713
|
+
...silentRequest,
|
|
19714
|
+
codeChallenge: pkceCodes.challenge,
|
|
19715
|
+
};
|
|
19716
|
+
// Create authorize request url
|
|
19717
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, requestWithPkce, this.logger, this.performanceClient);
|
|
19718
|
+
// Get the frame handle for the silent request - this triggers the SSO verification
|
|
19719
|
+
const msalFrame = await invokeAsync(initiateCodeRequest, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId, this.config.system.navigateFrameWait);
|
|
19720
|
+
const responseType = this.config.auth.OIDCOptions.serverResponseType;
|
|
19721
|
+
// Monitor the iframe for the response
|
|
19722
|
+
const responseString = await invokeAsync(monitorIframeForHash, PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(msalFrame, this.config.system.iframeHashTimeout, this.config.system.pollIntervalMilliseconds, this.performanceClient, this.logger, correlationId, responseType);
|
|
19723
|
+
// Deserialize the response
|
|
19724
|
+
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger);
|
|
19725
|
+
// Validate the response - this checks for errors and validates state
|
|
19726
|
+
validateAuthorizationResponse(serverParams, silentRequest.state);
|
|
19727
|
+
// Verify a valid authorization code is present
|
|
19728
|
+
if (!serverParams.code) {
|
|
19729
|
+
this.logger.warning("SSO verification response did not contain an authorization code", correlationId);
|
|
19730
|
+
return false;
|
|
19731
|
+
}
|
|
19732
|
+
this.logger.verbose("SSO verification completed successfully with valid authorization code - skipped token exchange", correlationId);
|
|
19733
|
+
return true;
|
|
19734
|
+
}
|
|
19564
19735
|
/**
|
|
19565
19736
|
* Currently Unsupported
|
|
19566
19737
|
*/
|
|
@@ -19955,6 +20126,10 @@ class SilentAuthCodeClient extends StandardInteractionClient {
|
|
|
19955
20126
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
19956
20127
|
* Licensed under the MIT License.
|
|
19957
20128
|
*/
|
|
20129
|
+
/**
|
|
20130
|
+
* Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
|
|
20131
|
+
* @returns Network connection information, or an empty object if not available.
|
|
20132
|
+
*/
|
|
19958
20133
|
function collectInstanceStats(currentClientId, performanceEvent, logger) {
|
|
19959
20134
|
const frameInstances =
|
|
19960
20135
|
// @ts-ignore
|
|
@@ -20048,22 +20223,30 @@ class StandardController {
|
|
|
20048
20223
|
this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto, this.performanceClient);
|
|
20049
20224
|
this.activeSilentTokenRequests = new Map();
|
|
20050
20225
|
// Register listener functions
|
|
20051
|
-
this.
|
|
20052
|
-
|
|
20053
|
-
this.trackPageVisibilityWithMeasurement =
|
|
20054
|
-
this.trackPageVisibilityWithMeasurement.bind(this);
|
|
20226
|
+
this.trackStateChangeWithMeasurement =
|
|
20227
|
+
this.trackStateChangeWithMeasurement.bind(this);
|
|
20055
20228
|
}
|
|
20056
20229
|
static async createController(operatingContext, request) {
|
|
20057
20230
|
const controller = new StandardController(operatingContext);
|
|
20058
20231
|
await controller.initialize(request);
|
|
20059
20232
|
return controller;
|
|
20060
20233
|
}
|
|
20061
|
-
|
|
20234
|
+
trackStateChange(correlationId, event) {
|
|
20062
20235
|
if (!correlationId) {
|
|
20063
20236
|
return;
|
|
20064
20237
|
}
|
|
20065
|
-
|
|
20066
|
-
|
|
20238
|
+
if (event.type === "visibilitychange") {
|
|
20239
|
+
this.logger.info("Perf: Visibility change detected");
|
|
20240
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
|
|
20241
|
+
}
|
|
20242
|
+
else if (event.type === "online") {
|
|
20243
|
+
this.logger.info("Perf: Online status change detected");
|
|
20244
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
20245
|
+
}
|
|
20246
|
+
else if (event.type === "offline") {
|
|
20247
|
+
this.logger.info("Perf: Offline status change detected");
|
|
20248
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
20249
|
+
}
|
|
20067
20250
|
}
|
|
20068
20251
|
/**
|
|
20069
20252
|
* Initializer function to perform async startup tasks such as connecting to WAM extension
|
|
@@ -20211,6 +20394,8 @@ class StandardController {
|
|
|
20211
20394
|
rootMeasurement.end({
|
|
20212
20395
|
success: true,
|
|
20213
20396
|
}, undefined, result.account);
|
|
20397
|
+
// Fire-and-forget SSO capability verification in background
|
|
20398
|
+
this.verifySsoCapability(result.account, InteractionType.Redirect);
|
|
20214
20399
|
}
|
|
20215
20400
|
else {
|
|
20216
20401
|
/*
|
|
@@ -20443,6 +20628,8 @@ class StandardController {
|
|
|
20443
20628
|
accessTokenSize: result.accessToken.length,
|
|
20444
20629
|
idTokenSize: result.idToken.length,
|
|
20445
20630
|
}, undefined, result.account);
|
|
20631
|
+
// SSO capability verification in background
|
|
20632
|
+
this.verifySsoCapability(result.account, InteractionType.Popup);
|
|
20446
20633
|
return result;
|
|
20447
20634
|
})
|
|
20448
20635
|
.catch((e) => {
|
|
@@ -20465,16 +20652,87 @@ class StandardController {
|
|
|
20465
20652
|
}
|
|
20466
20653
|
});
|
|
20467
20654
|
}
|
|
20468
|
-
|
|
20655
|
+
trackStateChangeWithMeasurement(event) {
|
|
20469
20656
|
const measurement = this.ssoSilentMeasurement ||
|
|
20470
20657
|
this.acquireTokenByCodeAsyncMeasurement;
|
|
20471
20658
|
if (!measurement) {
|
|
20472
20659
|
return;
|
|
20473
20660
|
}
|
|
20474
|
-
|
|
20475
|
-
|
|
20476
|
-
|
|
20661
|
+
if (event.type === "visibilitychange") {
|
|
20662
|
+
this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
|
|
20663
|
+
measurement.increment({
|
|
20664
|
+
visibilityChangeCount: 1,
|
|
20665
|
+
});
|
|
20666
|
+
}
|
|
20667
|
+
else if (event.type === "online") {
|
|
20668
|
+
this.logger.info("Perf: Online status change detected in ", measurement.event.name);
|
|
20669
|
+
measurement.increment({
|
|
20670
|
+
onlineStatusChangeCount: 1,
|
|
20671
|
+
});
|
|
20672
|
+
}
|
|
20673
|
+
else if (event.type === "offline") {
|
|
20674
|
+
this.logger.info("Perf: Offline status change detected in ", measurement.event.name);
|
|
20675
|
+
measurement.increment({
|
|
20676
|
+
onlineStatusChangeCount: 1,
|
|
20677
|
+
});
|
|
20678
|
+
}
|
|
20679
|
+
}
|
|
20680
|
+
addStateChangeListeners(listener) {
|
|
20681
|
+
document.addEventListener("visibilitychange", listener);
|
|
20682
|
+
window.addEventListener("online", listener);
|
|
20683
|
+
window.addEventListener("offline", listener);
|
|
20684
|
+
}
|
|
20685
|
+
removeStateChangeListeners(listener) {
|
|
20686
|
+
document.removeEventListener("visibilitychange", listener);
|
|
20687
|
+
window.removeEventListener("online", listener);
|
|
20688
|
+
window.removeEventListener("offline", listener);
|
|
20689
|
+
}
|
|
20690
|
+
/**
|
|
20691
|
+
* SSO capability verification in the background.
|
|
20692
|
+
* This method makes an iframe request to /authorize to verify SSO capability without calling /token.
|
|
20693
|
+
* This method does not block the caller and tracks telemetry for success/failure.
|
|
20694
|
+
* This method only executes if verifySSO is set to true in the auth configuration.
|
|
20695
|
+
* @param account - The account to use for the SSO verification
|
|
20696
|
+
* @param parentApi - The API ID of the parent operation for logging purposes
|
|
20697
|
+
*/
|
|
20698
|
+
verifySsoCapability(account, parentApi) {
|
|
20699
|
+
// Check if SSO capability verification is enabled
|
|
20700
|
+
if (!this.config.auth.verifySSO) {
|
|
20701
|
+
return;
|
|
20702
|
+
}
|
|
20703
|
+
const correlationId = this.browserCrypto.createNewGuid();
|
|
20704
|
+
const ssoCapableMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.SsoCapable, correlationId);
|
|
20705
|
+
ssoCapableMeasurement.add({
|
|
20706
|
+
parentApi: parentApi,
|
|
20477
20707
|
});
|
|
20708
|
+
this.logger.verbose(`SSO capability verification initiated after ${parentApi}`, correlationId);
|
|
20709
|
+
/*
|
|
20710
|
+
* Use setTimeout to ensure this runs in a separate macrotask after the current call stack completes
|
|
20711
|
+
* This ensures the result is returned to the caller before the SSO verification starts and doesn't affect performance
|
|
20712
|
+
*/
|
|
20713
|
+
setTimeout(() => {
|
|
20714
|
+
const ssoVerificationRequest = {
|
|
20715
|
+
account: account,
|
|
20716
|
+
correlationId: correlationId,
|
|
20717
|
+
};
|
|
20718
|
+
const silentIframeClient = this.createSilentIframeClient(correlationId);
|
|
20719
|
+
silentIframeClient
|
|
20720
|
+
.verifySso(ssoVerificationRequest)
|
|
20721
|
+
.then((success) => {
|
|
20722
|
+
this.logger.verbose(`SSO capability verification completed after ${parentApi}, success: ${success}`, correlationId);
|
|
20723
|
+
ssoCapableMeasurement.end({
|
|
20724
|
+
fromCache: false,
|
|
20725
|
+
success: success,
|
|
20726
|
+
}, undefined, account);
|
|
20727
|
+
})
|
|
20728
|
+
.catch((error) => {
|
|
20729
|
+
this.logger.warning(`SSO capability verification failed after ${parentApi}: ${error.message}`, correlationId);
|
|
20730
|
+
ssoCapableMeasurement.end({
|
|
20731
|
+
fromCache: false,
|
|
20732
|
+
success: false,
|
|
20733
|
+
}, error, account);
|
|
20734
|
+
});
|
|
20735
|
+
}, 0);
|
|
20478
20736
|
}
|
|
20479
20737
|
// #endregion
|
|
20480
20738
|
// #region Silent Flow
|
|
@@ -20508,8 +20766,9 @@ class StandardController {
|
|
|
20508
20766
|
preflightCheck(this.initialized, this.ssoSilentMeasurement, request.account);
|
|
20509
20767
|
this.ssoSilentMeasurement?.increment({
|
|
20510
20768
|
visibilityChangeCount: 0,
|
|
20769
|
+
onlineStatusChangeCount: 0,
|
|
20511
20770
|
});
|
|
20512
|
-
|
|
20771
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20513
20772
|
this.logger.verbose("ssoSilent called", correlationId);
|
|
20514
20773
|
this.eventHandler.emitEvent(EventType.SSO_SILENT_START, InteractionType.Silent, validRequest);
|
|
20515
20774
|
let result;
|
|
@@ -20553,7 +20812,7 @@ class StandardController {
|
|
|
20553
20812
|
throw e;
|
|
20554
20813
|
})
|
|
20555
20814
|
.finally(() => {
|
|
20556
|
-
|
|
20815
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20557
20816
|
});
|
|
20558
20817
|
}
|
|
20559
20818
|
/**
|
|
@@ -20665,8 +20924,9 @@ class StandardController {
|
|
|
20665
20924
|
this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenByCodeAsync, request.correlationId);
|
|
20666
20925
|
this.acquireTokenByCodeAsyncMeasurement?.increment({
|
|
20667
20926
|
visibilityChangeCount: 0,
|
|
20927
|
+
onlineStatusChangeCount: 0,
|
|
20668
20928
|
});
|
|
20669
|
-
|
|
20929
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20670
20930
|
const silentAuthCodeClient = this.createSilentAuthCodeClient(request.correlationId);
|
|
20671
20931
|
const silentTokenResult = await silentAuthCodeClient
|
|
20672
20932
|
.acquireToken(request)
|
|
@@ -20684,7 +20944,7 @@ class StandardController {
|
|
|
20684
20944
|
throw tokenRenewalError;
|
|
20685
20945
|
})
|
|
20686
20946
|
.finally(() => {
|
|
20687
|
-
|
|
20947
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20688
20948
|
});
|
|
20689
20949
|
return silentTokenResult;
|
|
20690
20950
|
}
|
|
@@ -21229,18 +21489,22 @@ class StandardController {
|
|
|
21229
21489
|
* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
|
|
21230
21490
|
*/
|
|
21231
21491
|
async acquireTokenSilentAsync(request, account) {
|
|
21232
|
-
const
|
|
21492
|
+
const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
|
|
21233
21493
|
this.performanceClient.addQueueMeasurement(PerformanceEvents.AcquireTokenSilentAsync, request.correlationId);
|
|
21234
21494
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, InteractionType.Silent, request);
|
|
21235
21495
|
if (request.correlationId) {
|
|
21236
|
-
this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
|
|
21496
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
|
|
21237
21497
|
}
|
|
21238
|
-
|
|
21498
|
+
this.addStateChangeListeners(trackStateChange);
|
|
21239
21499
|
const silentRequest = await invokeAsync(initializeSilentRequest, PerformanceEvents.InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
|
|
21240
21500
|
const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
|
|
21241
21501
|
const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
|
|
21242
21502
|
const shouldTryToResolveSilently = checkIfRefreshTokenErrorCanBeResolvedSilently(refreshTokenError, cacheLookupPolicy);
|
|
21243
21503
|
if (shouldTryToResolveSilently) {
|
|
21504
|
+
const silentRefreshReason = `${refreshTokenError.errorCode}${refreshTokenError.subError
|
|
21505
|
+
? `|${refreshTokenError.subError}`
|
|
21506
|
+
: ""}`;
|
|
21507
|
+
this.performanceClient.addFields({ silentRefreshReason }, silentRequest.correlationId);
|
|
21244
21508
|
if (!this.activeIframeRequest) {
|
|
21245
21509
|
let _resolve;
|
|
21246
21510
|
// Always set the active request tracker immediately after checking it to prevent races
|
|
@@ -21310,7 +21574,7 @@ class StandardController {
|
|
|
21310
21574
|
throw tokenRenewalError;
|
|
21311
21575
|
})
|
|
21312
21576
|
.finally(() => {
|
|
21313
|
-
|
|
21577
|
+
this.removeStateChangeListeners(trackStateChange);
|
|
21314
21578
|
});
|
|
21315
21579
|
}
|
|
21316
21580
|
/**
|