@azure/msal-browser 4.29.0 → 4.29.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (311) hide show
  1. package/README.md +25 -25
  2. package/dist/app/IPublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientApplication.mjs +1 -1
  4. package/dist/app/PublicClientNext.mjs +1 -1
  5. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
  8. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  9. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  10. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  11. package/dist/cache/AccountManager.mjs +1 -1
  12. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  13. package/dist/cache/BrowserCacheManager.mjs +1 -1
  14. package/dist/cache/CacheHelpers.mjs +1 -1
  15. package/dist/cache/CacheKeys.mjs +1 -1
  16. package/dist/cache/CookieStorage.mjs +1 -1
  17. package/dist/cache/DatabaseStorage.mjs +1 -1
  18. package/dist/cache/EncryptedData.mjs +1 -1
  19. package/dist/cache/LocalStorage.mjs +1 -1
  20. package/dist/cache/MemoryStorage.mjs +1 -1
  21. package/dist/cache/SessionStorage.mjs +1 -1
  22. package/dist/cache/TokenCache.mjs +1 -1
  23. package/dist/config/Configuration.mjs +1 -1
  24. package/dist/controllers/ControllerFactory.mjs +1 -1
  25. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  26. package/dist/controllers/StandardController.d.ts +4 -2
  27. package/dist/controllers/StandardController.d.ts.map +1 -1
  28. package/dist/controllers/StandardController.mjs +55 -21
  29. package/dist/controllers/StandardController.mjs.map +1 -1
  30. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  31. package/dist/crypto/BrowserCrypto.mjs +1 -1
  32. package/dist/crypto/CryptoOps.mjs +1 -1
  33. package/dist/crypto/PkceGenerator.mjs +1 -1
  34. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  35. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  36. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  37. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  38. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
  39. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  40. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  41. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  42. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  43. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  44. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  45. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  46. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  47. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  48. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  49. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  50. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  51. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  52. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  53. package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
  54. package/dist/custom-auth-path/config/Configuration.mjs +1 -1
  55. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  56. package/dist/custom-auth-path/controllers/StandardController.d.ts +4 -2
  57. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  58. package/dist/custom-auth-path/controllers/StandardController.mjs +55 -21
  59. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  60. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  61. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  62. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  63. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  64. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  65. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  166. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  167. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  169. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  170. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  171. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  172. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  173. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  174. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  175. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  176. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  177. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  178. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  179. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  180. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  181. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  182. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  183. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  184. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  185. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  186. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  187. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
  188. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  189. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  190. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +5 -1
  191. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
  192. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  193. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
  194. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +15 -2
  195. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
  196. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  197. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  198. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  199. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  200. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  201. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  202. package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
  203. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  204. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  205. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
  206. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  207. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  208. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  209. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  210. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  211. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
  212. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  213. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
  214. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
  215. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  216. package/dist/encode/Base64Decode.mjs +1 -1
  217. package/dist/encode/Base64Encode.mjs +1 -1
  218. package/dist/error/BrowserAuthError.mjs +1 -1
  219. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  220. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  221. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  222. package/dist/error/NativeAuthError.mjs +1 -1
  223. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  224. package/dist/error/NestedAppAuthError.mjs +1 -1
  225. package/dist/event/EventHandler.mjs +1 -1
  226. package/dist/event/EventMessage.mjs +1 -1
  227. package/dist/event/EventType.mjs +1 -1
  228. package/dist/index.mjs +1 -1
  229. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  230. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  231. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  232. package/dist/interaction_client/PopupClient.mjs +1 -1
  233. package/dist/interaction_client/RedirectClient.mjs +1 -1
  234. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  235. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  236. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  237. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  238. package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  239. package/dist/interaction_client/StandardInteractionClient.mjs +5 -1
  240. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  241. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  242. package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
  243. package/dist/interaction_handler/SilentHandler.mjs +15 -2
  244. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  245. package/dist/naa/BridgeError.mjs +1 -1
  246. package/dist/naa/BridgeProxy.mjs +1 -1
  247. package/dist/naa/BridgeStatusCode.mjs +1 -1
  248. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  249. package/dist/navigation/NavigationClient.mjs +1 -1
  250. package/dist/network/FetchClient.mjs +1 -1
  251. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  252. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  253. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  254. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  255. package/dist/packageMetadata.d.ts +1 -1
  256. package/dist/packageMetadata.mjs +2 -2
  257. package/dist/protocol/Authorize.mjs +1 -1
  258. package/dist/request/RequestHelpers.mjs +1 -1
  259. package/dist/response/ResponseHandler.mjs +1 -1
  260. package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
  261. package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  262. package/dist/telemetry/BrowserPerformanceClient.mjs +10 -1
  263. package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
  264. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  265. package/dist/utils/BrowserConstants.mjs +1 -1
  266. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  267. package/dist/utils/BrowserUtils.mjs +1 -1
  268. package/dist/utils/Helpers.mjs +1 -1
  269. package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
  270. package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  271. package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
  272. package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
  273. package/lib/custom-auth-path/msal-custom-auth.cjs +228 -109
  274. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  275. package/lib/custom-auth-path/msal-custom-auth.js +228 -109
  276. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  277. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  278. package/lib/custom-auth-path/types/controllers/StandardController.d.ts +4 -2
  279. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  280. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  281. package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  282. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  283. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  284. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  285. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  286. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  287. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  288. package/lib/msal-browser.cjs +255 -111
  289. package/lib/msal-browser.cjs.map +1 -1
  290. package/lib/msal-browser.js +255 -111
  291. package/lib/msal-browser.js.map +1 -1
  292. package/lib/msal-browser.min.js +62 -62
  293. package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  294. package/lib/types/controllers/StandardController.d.ts +4 -2
  295. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  296. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  297. package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  298. package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  299. package/lib/types/packageMetadata.d.ts +1 -1
  300. package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  301. package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  302. package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  303. package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  304. package/package.json +2 -2
  305. package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +24 -13
  306. package/src/controllers/StandardController.ts +74 -41
  307. package/src/interaction_client/StandardInteractionClient.ts +12 -0
  308. package/src/interaction_handler/SilentHandler.ts +21 -1
  309. package/src/packageMetadata.ts +1 -1
  310. package/src/telemetry/BrowserPerformanceClient.ts +10 -0
  311. package/src/utils/MsalFrameStatsUtils.ts +27 -0
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v4.29.0 2026-02-23 */
1
+ /*! @azure/msal-browser v4.29.1 2026-03-13 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -279,7 +279,7 @@ const JsonWebTokenTypes = {
279
279
  // Token renewal offset default in seconds
280
280
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
281
281
 
282
- /*! @azure/msal-common v15.15.0 2026-02-23 */
282
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
283
283
  /*
284
284
  * Copyright (c) Microsoft Corporation. All rights reserved.
285
285
  * Licensed under the MIT License.
@@ -296,7 +296,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
296
296
  unexpectedError: unexpectedError
297
297
  });
298
298
 
299
- /*! @azure/msal-common v15.15.0 2026-02-23 */
299
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
300
300
 
301
301
  /*
302
302
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -345,7 +345,7 @@ function createAuthError(code, additionalMessage) {
345
345
  : AuthErrorMessages[code]);
346
346
  }
347
347
 
348
- /*! @azure/msal-common v15.15.0 2026-02-23 */
348
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
349
349
  /*
350
350
  * Copyright (c) Microsoft Corporation. All rights reserved.
351
351
  * Licensed under the MIT License.
@@ -445,7 +445,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
445
445
  userTimeoutReached: userTimeoutReached
446
446
  });
447
447
 
448
- /*! @azure/msal-common v15.15.0 2026-02-23 */
448
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
449
449
 
450
450
  /*
451
451
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -702,7 +702,7 @@ function createClientAuthError(errorCode, additionalMessage) {
702
702
  return new ClientAuthError(errorCode, additionalMessage);
703
703
  }
704
704
 
705
- /*! @azure/msal-common v15.15.0 2026-02-23 */
705
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
706
706
 
707
707
  /*
708
708
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -741,7 +741,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
741
741
  },
742
742
  };
743
743
 
744
- /*! @azure/msal-common v15.15.0 2026-02-23 */
744
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
745
745
 
746
746
  /*
747
747
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -932,12 +932,12 @@ class Logger {
932
932
  }
933
933
  }
934
934
 
935
- /*! @azure/msal-common v15.15.0 2026-02-23 */
935
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
936
936
  /* eslint-disable header/header */
937
937
  const name$1 = "@azure/msal-common";
938
- const version$1 = "15.15.0";
938
+ const version$1 = "15.16.1";
939
939
 
940
- /*! @azure/msal-common v15.15.0 2026-02-23 */
940
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
941
941
  /*
942
942
  * Copyright (c) Microsoft Corporation. All rights reserved.
943
943
  * Licensed under the MIT License.
@@ -957,7 +957,7 @@ const AzureCloudInstance = {
957
957
  AzureUsGovernment: "https://login.microsoftonline.us",
958
958
  };
959
959
 
960
- /*! @azure/msal-common v15.15.0 2026-02-23 */
960
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
961
961
  /*
962
962
  * Copyright (c) Microsoft Corporation. All rights reserved.
963
963
  * Licensed under the MIT License.
@@ -1015,7 +1015,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
1015
1015
  urlParseError: urlParseError
1016
1016
  });
1017
1017
 
1018
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1018
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
1019
1019
 
1020
1020
  /*
1021
1021
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1163,7 +1163,7 @@ function createClientConfigurationError(errorCode) {
1163
1163
  return new ClientConfigurationError(errorCode);
1164
1164
  }
1165
1165
 
1166
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1166
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
1167
1167
  /*
1168
1168
  * Copyright (c) Microsoft Corporation. All rights reserved.
1169
1169
  * Licensed under the MIT License.
@@ -1258,9 +1258,48 @@ class StringUtils {
1258
1258
  .replace(/\?/g, "\\?"));
1259
1259
  return regex.test(input);
1260
1260
  }
1261
+ /**
1262
+ * Tests if a given string matches a given pattern using stricter, anchored matching semantics.
1263
+ *
1264
+ * Differences from `matchPattern` (legacy):
1265
+ * - All regex metacharacters (including `.`) in the pattern are treated as literals,
1266
+ * so `example.com` matches only `example.com` and not `exampleXcom`.
1267
+ * - The generated regex is anchored with `^` and `$` so partial/substring matches
1268
+ * are not allowed.
1269
+ * - `*` is the only supported wildcard. Its behaviour depends on the URL component:
1270
+ * - `host` component: `*` matches any sequence of characters that does NOT include
1271
+ * a dot (`.`), keeping wildcards within a single DNS label boundary.
1272
+ * - All other components: `*` matches any sequence of characters (including `/`).
1273
+ *
1274
+ * @param pattern - The `protectedResourceMap` key pattern to match against. `*` is a
1275
+ * multi-character wildcard; all other characters are treated as literals.
1276
+ * @param input - The URL component value (e.g. host, pathname) extracted from the
1277
+ * outgoing request URL to test against the pattern.
1278
+ * @param options - Optional. Provide `component` to enable component-aware wildcard
1279
+ * semantics. Accepted values: `"host"`, `"path"`, `"protocol"`, `"search"`,
1280
+ * `"hash"`. Defaults to path-style (permissive) matching when omitted.
1281
+ * @returns `true` if the full input string matches the pattern; `false` otherwise.
1282
+ */
1283
+ static matchPatternStrict(pattern, input, options) {
1284
+ const component = options?.component;
1285
+ // Step 1: Escape all regex special characters so literals are matched literally.
1286
+ let regexBody = pattern.replace(/[.+^${}()|[\]\\*?]/g, "\\$&");
1287
+ // Step 2: Replace the escaped '*' with its component-aware regex equivalent.
1288
+ if (component === "host") {
1289
+ regexBody = regexBody.replace(/\\\*/g, "[^.]*");
1290
+ }
1291
+ else {
1292
+ // PATH, PROTOCOL, SEARCH, HASH, or unspecified: '*' matches any characters.
1293
+ regexBody = regexBody.replace(/\\\*/g, ".*");
1294
+ }
1295
+ // Step 3: Anchor for full-string matching.
1296
+ // eslint-disable-next-line security/detect-non-literal-regexp
1297
+ const regex = new RegExp(`^${regexBody}$`);
1298
+ return regex.test(input);
1299
+ }
1261
1300
  }
1262
1301
 
1263
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1302
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
1264
1303
 
1265
1304
  /*
1266
1305
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1455,7 +1494,7 @@ class ScopeSet {
1455
1494
  }
1456
1495
  }
1457
1496
 
1458
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1497
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
1459
1498
 
1460
1499
  /*
1461
1500
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1495,7 +1534,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
1495
1534
  };
1496
1535
  }
1497
1536
 
1498
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1537
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
1499
1538
  /*
1500
1539
  * Copyright (c) Microsoft Corporation. All rights reserved.
1501
1540
  * Licensed under the MIT License.
@@ -1577,7 +1616,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1577
1616
  return updatedAccountInfo;
1578
1617
  }
1579
1618
 
1580
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1619
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
1581
1620
  /*
1582
1621
  * Copyright (c) Microsoft Corporation. All rights reserved.
1583
1622
  * Licensed under the MIT License.
@@ -1592,7 +1631,7 @@ const AuthorityType = {
1592
1631
  Ciam: 3,
1593
1632
  };
1594
1633
 
1595
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1634
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
1596
1635
  /*
1597
1636
  * Copyright (c) Microsoft Corporation. All rights reserved.
1598
1637
  * Licensed under the MIT License.
@@ -1614,7 +1653,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
1614
1653
  return null;
1615
1654
  }
1616
1655
 
1617
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1656
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
1618
1657
  /*
1619
1658
  * Copyright (c) Microsoft Corporation. All rights reserved.
1620
1659
  * Licensed under the MIT License.
@@ -1638,7 +1677,7 @@ const ProtocolMode = {
1638
1677
  EAR: "EAR",
1639
1678
  };
1640
1679
 
1641
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1680
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
1642
1681
 
1643
1682
  /*
1644
1683
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1873,7 +1912,7 @@ class AccountEntity {
1873
1912
  }
1874
1913
  }
1875
1914
 
1876
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1915
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
1877
1916
 
1878
1917
  /*
1879
1918
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1954,7 +1993,7 @@ function checkMaxAge(authTime, maxAge) {
1954
1993
  }
1955
1994
  }
1956
1995
 
1957
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1996
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
1958
1997
 
1959
1998
  /*
1960
1999
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2070,7 +2109,7 @@ function normalizeUrlForComparison(url) {
2070
2109
  }
2071
2110
  }
2072
2111
 
2073
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2112
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
2074
2113
 
2075
2114
  /*
2076
2115
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2234,7 +2273,7 @@ class UrlString {
2234
2273
  }
2235
2274
  }
2236
2275
 
2237
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2276
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
2238
2277
 
2239
2278
  /*
2240
2279
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2409,7 +2448,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2409
2448
  return null;
2410
2449
  }
2411
2450
 
2412
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2451
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
2413
2452
  /*
2414
2453
  * Copyright (c) Microsoft Corporation. All rights reserved.
2415
2454
  * Licensed under the MIT License.
@@ -2417,7 +2456,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2417
2456
  const cacheQuotaExceeded = "cache_quota_exceeded";
2418
2457
  const cacheErrorUnknown = "cache_error_unknown";
2419
2458
 
2420
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2459
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
2421
2460
 
2422
2461
  /*
2423
2462
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2462,7 +2501,7 @@ function createCacheError(e) {
2462
2501
  }
2463
2502
  }
2464
2503
 
2465
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2504
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
2466
2505
 
2467
2506
  /*
2468
2507
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3573,7 +3612,7 @@ class DefaultStorageClass extends CacheManager {
3573
3612
  }
3574
3613
  }
3575
3614
 
3576
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3615
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
3577
3616
  /*
3578
3617
  * Copyright (c) Microsoft Corporation. All rights reserved.
3579
3618
  * Licensed under the MIT License.
@@ -4104,9 +4143,14 @@ const IntFields = new Set([
4104
4143
  "currRefreshCount",
4105
4144
  "expiredCacheRemovedCount",
4106
4145
  "upgradedCacheCount",
4146
+ "networkRtt",
4147
+ "iframePollIntervalMs",
4148
+ "iframeTimeoutMs",
4149
+ "iframeTickCount",
4150
+ "crossOriginTickCount",
4107
4151
  ]);
4108
4152
 
4109
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4153
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
4110
4154
 
4111
4155
  /*
4112
4156
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4185,7 +4229,7 @@ class StubPerformanceClient {
4185
4229
  }
4186
4230
  }
4187
4231
 
4188
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4232
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
4189
4233
 
4190
4234
  /*
4191
4235
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4285,7 +4329,7 @@ function isOidcProtocolMode(config) {
4285
4329
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
4286
4330
  }
4287
4331
 
4288
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4332
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
4289
4333
  /*
4290
4334
  * Copyright (c) Microsoft Corporation. All rights reserved.
4291
4335
  * Licensed under the MIT License.
@@ -4295,7 +4339,7 @@ const CcsCredentialType = {
4295
4339
  UPN: "UPN",
4296
4340
  };
4297
4341
 
4298
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4342
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
4299
4343
  /*
4300
4344
  * Copyright (c) Microsoft Corporation. All rights reserved.
4301
4345
  * Licensed under the MIT License.
@@ -4345,7 +4389,7 @@ const INSTANCE_AWARE = "instance_aware";
4345
4389
  const EAR_JWK = "ear_jwk";
4346
4390
  const EAR_JWE_CRYPTO = "ear_jwe_crypto";
4347
4391
 
4348
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4392
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
4349
4393
 
4350
4394
  /*
4351
4395
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4725,7 +4769,7 @@ function addPostBodyParameters(parameters, bodyParameters) {
4725
4769
  });
4726
4770
  }
4727
4771
 
4728
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4772
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
4729
4773
  /*
4730
4774
  * Copyright (c) Microsoft Corporation. All rights reserved.
4731
4775
  * Licensed under the MIT License.
@@ -4737,7 +4781,7 @@ function isOpenIdConfigResponse(response) {
4737
4781
  response.hasOwnProperty("jwks_uri"));
4738
4782
  }
4739
4783
 
4740
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4784
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
4741
4785
  /*
4742
4786
  * Copyright (c) Microsoft Corporation. All rights reserved.
4743
4787
  * Licensed under the MIT License.
@@ -4747,7 +4791,7 @@ function isCloudInstanceDiscoveryResponse(response) {
4747
4791
  response.hasOwnProperty("metadata"));
4748
4792
  }
4749
4793
 
4750
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4794
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
4751
4795
  /*
4752
4796
  * Copyright (c) Microsoft Corporation. All rights reserved.
4753
4797
  * Licensed under the MIT License.
@@ -4757,7 +4801,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
4757
4801
  response.hasOwnProperty("error_description"));
4758
4802
  }
4759
4803
 
4760
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4804
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
4761
4805
  /*
4762
4806
  * Copyright (c) Microsoft Corporation. All rights reserved.
4763
4807
  * Licensed under the MIT License.
@@ -4853,7 +4897,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
4853
4897
  };
4854
4898
  };
4855
4899
 
4856
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4900
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
4857
4901
 
4858
4902
  /*
4859
4903
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4959,7 +5003,7 @@ RegionDiscovery.IMDS_OPTIONS = {
4959
5003
  },
4960
5004
  };
4961
5005
 
4962
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5006
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
4963
5007
  /*
4964
5008
  * Copyright (c) Microsoft Corporation. All rights reserved.
4965
5009
  * Licensed under the MIT License.
@@ -5024,7 +5068,7 @@ function wasClockTurnedBack(cachedAt) {
5024
5068
  return cachedAtSec > nowSeconds();
5025
5069
  }
5026
5070
 
5027
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5071
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
5028
5072
 
5029
5073
  /*
5030
5074
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5286,7 +5330,7 @@ function isAuthorityMetadataExpired(metadata) {
5286
5330
  return metadata.expiresAt <= nowSeconds();
5287
5331
  }
5288
5332
 
5289
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5333
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
5290
5334
 
5291
5335
  /*
5292
5336
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6125,7 +6169,7 @@ function buildStaticAuthorityOptions(authOptions) {
6125
6169
  };
6126
6170
  }
6127
6171
 
6128
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6172
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
6129
6173
 
6130
6174
  /*
6131
6175
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6156,7 +6200,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
6156
6200
  }
6157
6201
  }
6158
6202
 
6159
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6203
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
6160
6204
 
6161
6205
  /*
6162
6206
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6175,7 +6219,7 @@ class ServerError extends AuthError {
6175
6219
  }
6176
6220
  }
6177
6221
 
6178
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6222
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
6179
6223
  /*
6180
6224
  * Copyright (c) Microsoft Corporation. All rights reserved.
6181
6225
  * Licensed under the MIT License.
@@ -6196,7 +6240,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
6196
6240
  };
6197
6241
  }
6198
6242
 
6199
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6243
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
6200
6244
 
6201
6245
  /*
6202
6246
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6283,7 +6327,7 @@ class ThrottlingUtils {
6283
6327
  }
6284
6328
  }
6285
6329
 
6286
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6330
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
6287
6331
 
6288
6332
  /*
6289
6333
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6314,7 +6358,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
6314
6358
  return new NetworkError(error, httpStatus, responseHeaders);
6315
6359
  }
6316
6360
 
6317
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6361
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
6318
6362
 
6319
6363
  /*
6320
6364
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6462,7 +6506,7 @@ class BaseClient {
6462
6506
  }
6463
6507
  }
6464
6508
 
6465
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6509
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
6466
6510
  /*
6467
6511
  * Copyright (c) Microsoft Corporation. All rights reserved.
6468
6512
  * Licensed under the MIT License.
@@ -6526,7 +6570,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
6526
6570
  uxNotAllowed: uxNotAllowed
6527
6571
  });
6528
6572
 
6529
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6573
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
6530
6574
 
6531
6575
  /*
6532
6576
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6623,7 +6667,7 @@ function createInteractionRequiredAuthError(errorCode) {
6623
6667
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
6624
6668
  }
6625
6669
 
6626
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6670
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
6627
6671
 
6628
6672
  /*
6629
6673
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6695,7 +6739,7 @@ class ProtocolUtils {
6695
6739
  }
6696
6740
  }
6697
6741
 
6698
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6742
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
6699
6743
 
6700
6744
  /*
6701
6745
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6777,7 +6821,7 @@ class PopTokenGenerator {
6777
6821
  }
6778
6822
  }
6779
6823
 
6780
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6824
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
6781
6825
  /*
6782
6826
  * Copyright (c) Microsoft Corporation. All rights reserved.
6783
6827
  * Licensed under the MIT License.
@@ -6804,7 +6848,7 @@ class PopTokenGenerator {
6804
6848
  }
6805
6849
  }
6806
6850
 
6807
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6851
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
6808
6852
 
6809
6853
  /*
6810
6854
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7143,7 +7187,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
7143
7187
  return baseAccount;
7144
7188
  }
7145
7189
 
7146
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7190
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
7147
7191
  /*
7148
7192
  * Copyright (c) Microsoft Corporation. All rights reserved.
7149
7193
  * Licensed under the MIT License.
@@ -7161,7 +7205,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
7161
7205
  }
7162
7206
  }
7163
7207
 
7164
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7208
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
7165
7209
 
7166
7210
  /*
7167
7211
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7310,11 +7354,6 @@ class AuthorizationCodeClient extends BaseClient {
7310
7354
  throw createClientConfigurationError(missingSshJwk);
7311
7355
  }
7312
7356
  }
7313
- if (!StringUtils.isEmptyObj(request.claims) ||
7314
- (this.config.authOptions.clientCapabilities &&
7315
- this.config.authOptions.clientCapabilities.length > 0)) {
7316
- addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
7317
- }
7318
7357
  let ccsCred = undefined;
7319
7358
  if (request.clientInfo) {
7320
7359
  try {
@@ -7364,6 +7403,15 @@ class AuthorizationCodeClient extends BaseClient {
7364
7403
  });
7365
7404
  }
7366
7405
  instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
7406
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
7407
+ const configClaims = request.skipBrokerClaims &&
7408
+ parameters.has(BROKER_CLIENT_ID)
7409
+ ? undefined
7410
+ : this.config.authOptions.clientCapabilities;
7411
+ if (!StringUtils.isEmptyObj(request.claims) ||
7412
+ (configClaims && configClaims.length > 0)) {
7413
+ addClaims(parameters, request.claims, configClaims);
7414
+ }
7367
7415
  return mapToQueryString(parameters);
7368
7416
  }
7369
7417
  /**
@@ -7397,7 +7445,7 @@ class AuthorizationCodeClient extends BaseClient {
7397
7445
  }
7398
7446
  }
7399
7447
 
7400
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7448
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
7401
7449
 
7402
7450
  /*
7403
7451
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7575,11 +7623,6 @@ class RefreshTokenClient extends BaseClient {
7575
7623
  throw createClientConfigurationError(missingSshJwk);
7576
7624
  }
7577
7625
  }
7578
- if (!StringUtils.isEmptyObj(request.claims) ||
7579
- (this.config.authOptions.clientCapabilities &&
7580
- this.config.authOptions.clientCapabilities.length > 0)) {
7581
- addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
7582
- }
7583
7626
  if (this.config.systemOptions.preventCorsPreflight &&
7584
7627
  request.ccsCredential) {
7585
7628
  switch (request.ccsCredential.type) {
@@ -7605,11 +7648,20 @@ class RefreshTokenClient extends BaseClient {
7605
7648
  addExtraQueryParameters(parameters, request.tokenBodyParameters);
7606
7649
  }
7607
7650
  instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
7651
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
7652
+ const configClaims = request.skipBrokerClaims &&
7653
+ parameters.has(BROKER_CLIENT_ID)
7654
+ ? undefined
7655
+ : this.config.authOptions.clientCapabilities;
7656
+ if (!StringUtils.isEmptyObj(request.claims) ||
7657
+ (configClaims && configClaims.length > 0)) {
7658
+ addClaims(parameters, request.claims, configClaims);
7659
+ }
7608
7660
  return mapToQueryString(parameters);
7609
7661
  }
7610
7662
  }
7611
7663
 
7612
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7664
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
7613
7665
 
7614
7666
  /*
7615
7667
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7707,7 +7759,7 @@ class SilentFlowClient extends BaseClient {
7707
7759
  }
7708
7760
  }
7709
7761
 
7710
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7762
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
7711
7763
 
7712
7764
  /*
7713
7765
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7722,7 +7774,7 @@ const StubbedNetworkModule = {
7722
7774
  },
7723
7775
  };
7724
7776
 
7725
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7777
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
7726
7778
 
7727
7779
  /*
7728
7780
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7843,14 +7895,17 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
7843
7895
  if (request.state) {
7844
7896
  addState(parameters, request.state);
7845
7897
  }
7846
- if (request.claims ||
7847
- (authOptions.clientCapabilities &&
7848
- authOptions.clientCapabilities.length > 0)) {
7849
- addClaims(parameters, request.claims, authOptions.clientCapabilities);
7850
- }
7851
7898
  if (request.embeddedClientId) {
7852
7899
  addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
7853
7900
  }
7901
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
7902
+ const configClaims = request.skipBrokerClaims &&
7903
+ parameters.has(BROKER_CLIENT_ID)
7904
+ ? undefined
7905
+ : authOptions.clientCapabilities;
7906
+ if (request.claims || (configClaims && configClaims.length > 0)) {
7907
+ addClaims(parameters, request.claims, configClaims);
7908
+ }
7854
7909
  // If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
7855
7910
  if (authOptions.instanceAware &&
7856
7911
  (!request.extraQueryParameters ||
@@ -7946,7 +8001,7 @@ function extractLoginHint(account) {
7946
8001
  return account.loginHint || account.idTokenClaims?.login_hint || null;
7947
8002
  }
7948
8003
 
7949
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8004
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
7950
8005
 
7951
8006
  /*
7952
8007
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8004,7 +8059,7 @@ class AuthenticationHeaderParser {
8004
8059
  }
8005
8060
  }
8006
8061
 
8007
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8062
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
8008
8063
 
8009
8064
  /*
8010
8065
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8267,7 +8322,7 @@ class ServerTelemetryManager {
8267
8322
  }
8268
8323
  }
8269
8324
 
8270
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8325
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
8271
8326
  /*
8272
8327
  * Copyright (c) Microsoft Corporation. All rights reserved.
8273
8328
  * Licensed under the MIT License.
@@ -8275,7 +8330,7 @@ class ServerTelemetryManager {
8275
8330
  const missingKidError = "missing_kid_error";
8276
8331
  const missingAlgError = "missing_alg_error";
8277
8332
 
8278
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8333
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
8279
8334
 
8280
8335
  /*
8281
8336
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8300,7 +8355,7 @@ function createJoseHeaderError(code) {
8300
8355
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
8301
8356
  }
8302
8357
 
8303
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8358
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
8304
8359
 
8305
8360
  /*
8306
8361
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8340,7 +8395,7 @@ class JoseHeader {
8340
8395
  }
8341
8396
  }
8342
8397
 
8343
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8398
+ /*! @azure/msal-common v15.16.1 2026-03-13 */
8344
8399
 
8345
8400
  /*
8346
8401
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -10482,7 +10537,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
10482
10537
 
10483
10538
  /* eslint-disable header/header */
10484
10539
  const name = "@azure/msal-browser";
10485
- const version = "4.29.0";
10540
+ const version = "4.29.1";
10486
10541
 
10487
10542
  /*
10488
10543
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -13955,6 +14010,10 @@ class StandardInteractionClient extends BaseInteractionClient {
13955
14010
  async initializeAuthorizationRequest(request, interactionType) {
13956
14011
  this.performanceClient.addQueueMeasurement(PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.correlationId);
13957
14012
  const redirectUri = this.getRedirectUri(request.redirectUri);
14013
+ if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
14014
+ this.logger.warning("The origin of the redirect URI does not match the origin of the current page. This is likely to cause issues with authentication.", this.correlationId);
14015
+ this.performanceClient.addFields({ isRedirectUriCrossOrigin: true }, this.correlationId);
14016
+ }
13958
14017
  const browserState = {
13959
14018
  interactionType: interactionType,
13960
14019
  };
@@ -15565,14 +15624,28 @@ class PlatformAuthDOMHandler {
15565
15624
  return nativeResponse;
15566
15625
  }
15567
15626
  getDOMExtraParams(extraParameters) {
15568
- const stringifiedParams = Object.entries(extraParameters).reduce((record, [key, value]) => {
15569
- record[key] = String(value);
15570
- return record;
15571
- }, {});
15572
- const validExtraParams = {
15573
- ...stringifiedParams,
15574
- };
15575
- return validExtraParams;
15627
+ try {
15628
+ const stringifiedProperties = {};
15629
+ for (const [key, value] of Object.entries(extraParameters)) {
15630
+ if (!value) {
15631
+ continue;
15632
+ }
15633
+ if (typeof value === "object") {
15634
+ stringifiedProperties[key] = JSON.stringify(value);
15635
+ }
15636
+ else {
15637
+ stringifiedProperties[key] = String(value);
15638
+ }
15639
+ }
15640
+ return stringifiedProperties;
15641
+ }
15642
+ catch (e) {
15643
+ this.logger.error(this.platformAuthType + " - Error stringifying extra parameters");
15644
+ this.logger.errorPii(this.platformAuthType +
15645
+ " - Error stringifying extra parameters: " +
15646
+ e);
15647
+ return {};
15648
+ }
15576
15649
  }
15577
15650
  }
15578
15651
 
@@ -16639,6 +16712,12 @@ async function initiateEarRequest(config, authority, request, logger, performanc
16639
16712
  */
16640
16713
  async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, performanceClient, logger, correlationId, responseType) {
16641
16714
  performanceClient.addQueueMeasurement(PerformanceEvents.SilentHandlerMonitorIframeForHash, correlationId);
16715
+ performanceClient.addFields({
16716
+ iframePollIntervalMs: pollIntervalMilliseconds,
16717
+ iframeTimeoutMs: timeout,
16718
+ }, correlationId);
16719
+ let totalTickCount = 0;
16720
+ let crossOriginTickCount = 0;
16642
16721
  return new Promise((resolve, reject) => {
16643
16722
  if (timeout < DEFAULT_IFRAME_TIMEOUT_MS) {
16644
16723
  logger.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${timeout}ms) than the default (${DEFAULT_IFRAME_TIMEOUT_MS}ms). This may result in timeouts.`);
@@ -16652,6 +16731,7 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
16652
16731
  reject(createBrowserAuthError(monitorWindowTimeout));
16653
16732
  }, timeout);
16654
16733
  const intervalId = window.setInterval(() => {
16734
+ totalTickCount++;
16655
16735
  let href = "";
16656
16736
  const contentWindow = iframe.contentWindow;
16657
16737
  try {
@@ -16662,7 +16742,9 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
16662
16742
  */
16663
16743
  href = contentWindow ? contentWindow.location.href : "";
16664
16744
  }
16665
- catch (e) { }
16745
+ catch (e) {
16746
+ crossOriginTickCount++;
16747
+ }
16666
16748
  if (!href || href === "about:blank") {
16667
16749
  return;
16668
16750
  }
@@ -16680,6 +16762,10 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
16680
16762
  resolve(responseString);
16681
16763
  }, pollIntervalMilliseconds);
16682
16764
  }).finally(() => {
16765
+ performanceClient.addFields({
16766
+ iframeTickCount: totalTickCount,
16767
+ crossOriginTickCount: crossOriginTickCount,
16768
+ }, correlationId);
16683
16769
  invoke(removeHiddenIframe, PerformanceEvents.RemoveHiddenIframe, logger, performanceClient, correlationId)(iframe);
16684
16770
  });
16685
16771
  }
@@ -17307,6 +17393,22 @@ class SilentAuthCodeClient extends StandardInteractionClient {
17307
17393
  * Copyright (c) Microsoft Corporation. All rights reserved.
17308
17394
  * Licensed under the MIT License.
17309
17395
  */
17396
+ /**
17397
+ * Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
17398
+ * @returns Network connection information, or an empty object if not available.
17399
+ */
17400
+ function getNetworkInfo() {
17401
+ if (typeof window === "undefined" || !window.navigator) {
17402
+ return {};
17403
+ }
17404
+ const connection = "connection" in window.navigator
17405
+ ? window.navigator.connection
17406
+ : undefined;
17407
+ return {
17408
+ effectiveType: connection?.effectiveType,
17409
+ rtt: connection?.rtt,
17410
+ };
17411
+ }
17310
17412
  function collectInstanceStats(currentClientId, performanceEvent, logger) {
17311
17413
  const frameInstances =
17312
17414
  // @ts-ignore
@@ -17400,22 +17502,30 @@ class StandardController {
17400
17502
  this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto, this.performanceClient);
17401
17503
  this.activeSilentTokenRequests = new Map();
17402
17504
  // Register listener functions
17403
- this.trackPageVisibility = this.trackPageVisibility.bind(this);
17404
- // Register listener functions
17405
- this.trackPageVisibilityWithMeasurement =
17406
- this.trackPageVisibilityWithMeasurement.bind(this);
17505
+ this.trackStateChangeWithMeasurement =
17506
+ this.trackStateChangeWithMeasurement.bind(this);
17407
17507
  }
17408
17508
  static async createController(operatingContext, request) {
17409
17509
  const controller = new StandardController(operatingContext);
17410
17510
  await controller.initialize(request);
17411
17511
  return controller;
17412
17512
  }
17413
- trackPageVisibility(correlationId) {
17513
+ trackStateChange(correlationId, event) {
17414
17514
  if (!correlationId) {
17415
17515
  return;
17416
17516
  }
17417
- this.logger.info("Perf: Visibility change detected");
17418
- this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
17517
+ if (event.type === "visibilitychange") {
17518
+ this.logger.info("Perf: Visibility change detected");
17519
+ this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
17520
+ }
17521
+ else if (event.type === "online") {
17522
+ this.logger.info("Perf: Online status change detected");
17523
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
17524
+ }
17525
+ else if (event.type === "offline") {
17526
+ this.logger.info("Perf: Offline status change detected");
17527
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
17528
+ }
17419
17529
  }
17420
17530
  /**
17421
17531
  * Initializer function to perform async startup tasks such as connecting to WAM extension
@@ -17821,16 +17931,40 @@ class StandardController {
17821
17931
  }
17822
17932
  });
17823
17933
  }
17824
- trackPageVisibilityWithMeasurement() {
17934
+ trackStateChangeWithMeasurement(event) {
17825
17935
  const measurement = this.ssoSilentMeasurement ||
17826
17936
  this.acquireTokenByCodeAsyncMeasurement;
17827
17937
  if (!measurement) {
17828
17938
  return;
17829
17939
  }
17830
- this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
17831
- measurement.increment({
17832
- visibilityChangeCount: 1,
17833
- });
17940
+ if (event.type === "visibilitychange") {
17941
+ this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
17942
+ measurement.increment({
17943
+ visibilityChangeCount: 1,
17944
+ });
17945
+ }
17946
+ else if (event.type === "online") {
17947
+ this.logger.info("Perf: Online status change detected in ", measurement.event.name);
17948
+ measurement.increment({
17949
+ onlineStatusChangeCount: 1,
17950
+ });
17951
+ }
17952
+ else if (event.type === "offline") {
17953
+ this.logger.info("Perf: Offline status change detected in ", measurement.event.name);
17954
+ measurement.increment({
17955
+ onlineStatusChangeCount: 1,
17956
+ });
17957
+ }
17958
+ }
17959
+ addStateChangeListeners(listener) {
17960
+ document.addEventListener("visibilitychange", listener);
17961
+ window.addEventListener("online", listener);
17962
+ window.addEventListener("offline", listener);
17963
+ }
17964
+ removeStateChangeListeners(listener) {
17965
+ document.removeEventListener("visibilitychange", listener);
17966
+ window.removeEventListener("online", listener);
17967
+ window.removeEventListener("offline", listener);
17834
17968
  }
17835
17969
  /**
17836
17970
  * SSO capability verification in the background.
@@ -17911,8 +18045,9 @@ class StandardController {
17911
18045
  preflightCheck(this.initialized, this.ssoSilentMeasurement, request.account);
17912
18046
  this.ssoSilentMeasurement?.increment({
17913
18047
  visibilityChangeCount: 0,
18048
+ onlineStatusChangeCount: 0,
17914
18049
  });
17915
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
18050
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
17916
18051
  this.logger.verbose("ssoSilent called", correlationId);
17917
18052
  this.eventHandler.emitEvent(EventType.SSO_SILENT_START, exports.InteractionType.Silent, validRequest);
17918
18053
  let result;
@@ -17956,7 +18091,7 @@ class StandardController {
17956
18091
  throw e;
17957
18092
  })
17958
18093
  .finally(() => {
17959
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
18094
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
17960
18095
  });
17961
18096
  }
17962
18097
  /**
@@ -18068,8 +18203,9 @@ class StandardController {
18068
18203
  this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenByCodeAsync, request.correlationId);
18069
18204
  this.acquireTokenByCodeAsyncMeasurement?.increment({
18070
18205
  visibilityChangeCount: 0,
18206
+ onlineStatusChangeCount: 0,
18071
18207
  });
18072
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
18208
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
18073
18209
  const silentAuthCodeClient = this.createSilentAuthCodeClient(request.correlationId);
18074
18210
  const silentTokenResult = await silentAuthCodeClient
18075
18211
  .acquireToken(request)
@@ -18087,7 +18223,7 @@ class StandardController {
18087
18223
  throw tokenRenewalError;
18088
18224
  })
18089
18225
  .finally(() => {
18090
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
18226
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
18091
18227
  });
18092
18228
  return silentTokenResult;
18093
18229
  }
@@ -18632,13 +18768,13 @@ class StandardController {
18632
18768
  * @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
18633
18769
  */
18634
18770
  async acquireTokenSilentAsync(request, account) {
18635
- const trackPageVisibility = () => this.trackPageVisibility(request.correlationId);
18771
+ const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
18636
18772
  this.performanceClient.addQueueMeasurement(PerformanceEvents.AcquireTokenSilentAsync, request.correlationId);
18637
18773
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, exports.InteractionType.Silent, request);
18638
18774
  if (request.correlationId) {
18639
- this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
18775
+ this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
18640
18776
  }
18641
- document.addEventListener("visibilitychange", trackPageVisibility);
18777
+ this.addStateChangeListeners(trackStateChange);
18642
18778
  const silentRequest = await invokeAsync(initializeSilentRequest, PerformanceEvents.InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
18643
18779
  const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
18644
18780
  const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
@@ -18717,7 +18853,7 @@ class StandardController {
18717
18853
  throw tokenRenewalError;
18718
18854
  })
18719
18855
  .finally(() => {
18720
- document.removeEventListener("visibilitychange", trackPageVisibility);
18856
+ this.removeStateChangeListeners(trackStateChange);
18721
18857
  });
18722
18858
  }
18723
18859
  /**
@@ -20896,6 +21032,9 @@ class BrowserPerformanceClient extends PerformanceClient {
20896
21032
  getPageVisibility() {
20897
21033
  return document.visibilityState?.toString() || null;
20898
21034
  }
21035
+ getOnlineStatus() {
21036
+ return typeof navigator !== "undefined" ? navigator.onLine : null;
21037
+ }
20899
21038
  deleteIncompleteSubMeasurements(inProgressEvent) {
20900
21039
  void getPerfMeasurementModule()?.then((module) => {
20901
21040
  const rootEvent = this.eventsByCorrelationId.get(inProgressEvent.event.correlationId);
@@ -20922,6 +21061,7 @@ class BrowserPerformanceClient extends PerformanceClient {
20922
21061
  startMeasurement(measureName, correlationId) {
20923
21062
  // Capture page visibilityState and then invoke start/end measurement
20924
21063
  const startPageVisibility = this.getPageVisibility();
21064
+ const startOnlineStatus = this.getOnlineStatus();
20925
21065
  const inProgressEvent = super.startMeasurement(measureName, correlationId);
20926
21066
  const startTime = supportsBrowserPerformanceNow()
20927
21067
  ? window.performance.now()
@@ -20933,11 +21073,15 @@ class BrowserPerformanceClient extends PerformanceClient {
20933
21073
  return {
20934
21074
  ...inProgressEvent,
20935
21075
  end: (event, error, account) => {
21076
+ const networkInfo = getNetworkInfo();
20936
21077
  const res = inProgressEvent.end({
20937
21078
  ...event,
20938
21079
  startPageVisibility,
21080
+ startOnlineStatus,
20939
21081
  endPageVisibility: this.getPageVisibility(),
20940
21082
  durationMs: getPerfDurationMs(startTime),
21083
+ networkEffectiveType: networkInfo.effectiveType,
21084
+ networkRtt: networkInfo.rtt,
20941
21085
  }, error, account);
20942
21086
  void browserMeasurement?.then((measurement) => measurement.endMeasurement());
20943
21087
  this.deleteIncompleteSubMeasurements(inProgressEvent);