@azure/msal-browser 4.29.0 → 4.30.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +25 -25
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.mjs +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +4 -2
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +55 -21
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts +4 -2
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +55 -21
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +11 -3
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +5 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +15 -2
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts +28 -0
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +53 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +11 -3
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +5 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +15 -2
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +28 -0
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +53 -2
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +10 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +298 -111
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.js +298 -111
- package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts +4 -2
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts +28 -0
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/lib/msal-browser.cjs +329 -115
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +329 -115
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +64 -64
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +4 -2
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts +28 -0
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +24 -13
- package/src/controllers/StandardController.ts +74 -41
- package/src/interaction_client/PlatformAuthInteractionClient.ts +17 -1
- package/src/interaction_client/StandardInteractionClient.ts +12 -0
- package/src/interaction_handler/SilentHandler.ts +21 -1
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +91 -0
- package/src/telemetry/BrowserPerformanceClient.ts +10 -0
- package/src/utils/MsalFrameStatsUtils.ts +27 -0
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.30.0 2026-03-18 */
|
|
2
2
|
'use strict';
|
|
3
3
|
(function (global, factory) {
|
|
4
4
|
typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
(global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msalCustomAuth = {}));
|
|
7
7
|
})(this, (function (exports) { 'use strict';
|
|
8
8
|
|
|
9
|
-
/*! @azure/msal-common v15.
|
|
9
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
10
10
|
/*
|
|
11
11
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
12
12
|
* Licensed under the MIT License.
|
|
@@ -280,7 +280,7 @@
|
|
|
280
280
|
// Token renewal offset default in seconds
|
|
281
281
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
282
282
|
|
|
283
|
-
/*! @azure/msal-common v15.
|
|
283
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
284
284
|
/*
|
|
285
285
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
286
286
|
* Licensed under the MIT License.
|
|
@@ -291,7 +291,7 @@
|
|
|
291
291
|
const unexpectedError = "unexpected_error";
|
|
292
292
|
const postRequestFailed$1 = "post_request_failed";
|
|
293
293
|
|
|
294
|
-
/*! @azure/msal-common v15.
|
|
294
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
295
295
|
|
|
296
296
|
/*
|
|
297
297
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -326,7 +326,7 @@
|
|
|
326
326
|
: AuthErrorMessages[code]);
|
|
327
327
|
}
|
|
328
328
|
|
|
329
|
-
/*! @azure/msal-common v15.
|
|
329
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
330
330
|
/*
|
|
331
331
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
332
332
|
* Licensed under the MIT License.
|
|
@@ -377,7 +377,7 @@
|
|
|
377
377
|
const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
|
|
378
378
|
const platformBrokerError = "platform_broker_error";
|
|
379
379
|
|
|
380
|
-
/*! @azure/msal-common v15.
|
|
380
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
381
381
|
|
|
382
382
|
/*
|
|
383
383
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -452,7 +452,7 @@
|
|
|
452
452
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
453
453
|
}
|
|
454
454
|
|
|
455
|
-
/*! @azure/msal-common v15.
|
|
455
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
456
456
|
|
|
457
457
|
/*
|
|
458
458
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -491,7 +491,7 @@
|
|
|
491
491
|
},
|
|
492
492
|
};
|
|
493
493
|
|
|
494
|
-
/*! @azure/msal-common v15.
|
|
494
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
495
495
|
|
|
496
496
|
/*
|
|
497
497
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -682,12 +682,12 @@
|
|
|
682
682
|
}
|
|
683
683
|
}
|
|
684
684
|
|
|
685
|
-
/*! @azure/msal-common v15.
|
|
685
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
686
686
|
/* eslint-disable header/header */
|
|
687
687
|
const name$1 = "@azure/msal-common";
|
|
688
|
-
const version$1 = "15.
|
|
688
|
+
const version$1 = "15.17.0";
|
|
689
689
|
|
|
690
|
-
/*! @azure/msal-common v15.
|
|
690
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
691
691
|
/*
|
|
692
692
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
693
693
|
* Licensed under the MIT License.
|
|
@@ -696,7 +696,7 @@
|
|
|
696
696
|
// AzureCloudInstance is not specified.
|
|
697
697
|
None: "none"};
|
|
698
698
|
|
|
699
|
-
/*! @azure/msal-common v15.
|
|
699
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
700
700
|
/*
|
|
701
701
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
702
702
|
* Licensed under the MIT License.
|
|
@@ -726,7 +726,7 @@
|
|
|
726
726
|
const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
|
|
727
727
|
const invalidPlatformBrokerConfiguration = "invalid_platform_broker_configuration";
|
|
728
728
|
|
|
729
|
-
/*! @azure/msal-common v15.
|
|
729
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
730
730
|
|
|
731
731
|
/*
|
|
732
732
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -772,7 +772,7 @@
|
|
|
772
772
|
return new ClientConfigurationError(errorCode);
|
|
773
773
|
}
|
|
774
774
|
|
|
775
|
-
/*! @azure/msal-common v15.
|
|
775
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
776
776
|
/*
|
|
777
777
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
778
778
|
* Licensed under the MIT License.
|
|
@@ -867,9 +867,48 @@
|
|
|
867
867
|
.replace(/\?/g, "\\?"));
|
|
868
868
|
return regex.test(input);
|
|
869
869
|
}
|
|
870
|
+
/**
|
|
871
|
+
* Tests if a given string matches a given pattern using stricter, anchored matching semantics.
|
|
872
|
+
*
|
|
873
|
+
* Differences from `matchPattern` (legacy):
|
|
874
|
+
* - All regex metacharacters (including `.`) in the pattern are treated as literals,
|
|
875
|
+
* so `example.com` matches only `example.com` and not `exampleXcom`.
|
|
876
|
+
* - The generated regex is anchored with `^` and `$` so partial/substring matches
|
|
877
|
+
* are not allowed.
|
|
878
|
+
* - `*` is the only supported wildcard. Its behaviour depends on the URL component:
|
|
879
|
+
* - `host` component: `*` matches any sequence of characters that does NOT include
|
|
880
|
+
* a dot (`.`), keeping wildcards within a single DNS label boundary.
|
|
881
|
+
* - All other components: `*` matches any sequence of characters (including `/`).
|
|
882
|
+
*
|
|
883
|
+
* @param pattern - The `protectedResourceMap` key pattern to match against. `*` is a
|
|
884
|
+
* multi-character wildcard; all other characters are treated as literals.
|
|
885
|
+
* @param input - The URL component value (e.g. host, pathname) extracted from the
|
|
886
|
+
* outgoing request URL to test against the pattern.
|
|
887
|
+
* @param options - Optional. Provide `component` to enable component-aware wildcard
|
|
888
|
+
* semantics. Accepted values: `"host"`, `"path"`, `"protocol"`, `"search"`,
|
|
889
|
+
* `"hash"`. Defaults to path-style (permissive) matching when omitted.
|
|
890
|
+
* @returns `true` if the full input string matches the pattern; `false` otherwise.
|
|
891
|
+
*/
|
|
892
|
+
static matchPatternStrict(pattern, input, options) {
|
|
893
|
+
const component = options?.component;
|
|
894
|
+
// Step 1: Escape all regex special characters so literals are matched literally.
|
|
895
|
+
let regexBody = pattern.replace(/[.+^${}()|[\]\\*?]/g, "\\$&");
|
|
896
|
+
// Step 2: Replace the escaped '*' with its component-aware regex equivalent.
|
|
897
|
+
if (component === "host") {
|
|
898
|
+
regexBody = regexBody.replace(/\\\*/g, "[^.]*");
|
|
899
|
+
}
|
|
900
|
+
else {
|
|
901
|
+
// PATH, PROTOCOL, SEARCH, HASH, or unspecified: '*' matches any characters.
|
|
902
|
+
regexBody = regexBody.replace(/\\\*/g, ".*");
|
|
903
|
+
}
|
|
904
|
+
// Step 3: Anchor for full-string matching.
|
|
905
|
+
// eslint-disable-next-line security/detect-non-literal-regexp
|
|
906
|
+
const regex = new RegExp(`^${regexBody}$`);
|
|
907
|
+
return regex.test(input);
|
|
908
|
+
}
|
|
870
909
|
}
|
|
871
910
|
|
|
872
|
-
/*! @azure/msal-common v15.
|
|
911
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
873
912
|
|
|
874
913
|
/*
|
|
875
914
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1064,7 +1103,7 @@
|
|
|
1064
1103
|
}
|
|
1065
1104
|
}
|
|
1066
1105
|
|
|
1067
|
-
/*! @azure/msal-common v15.
|
|
1106
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1068
1107
|
|
|
1069
1108
|
/*
|
|
1070
1109
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1104,7 +1143,7 @@
|
|
|
1104
1143
|
};
|
|
1105
1144
|
}
|
|
1106
1145
|
|
|
1107
|
-
/*! @azure/msal-common v15.
|
|
1146
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1108
1147
|
/*
|
|
1109
1148
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1110
1149
|
* Licensed under the MIT License.
|
|
@@ -1186,7 +1225,7 @@
|
|
|
1186
1225
|
return updatedAccountInfo;
|
|
1187
1226
|
}
|
|
1188
1227
|
|
|
1189
|
-
/*! @azure/msal-common v15.
|
|
1228
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1190
1229
|
/*
|
|
1191
1230
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1192
1231
|
* Licensed under the MIT License.
|
|
@@ -1201,7 +1240,7 @@
|
|
|
1201
1240
|
Ciam: 3,
|
|
1202
1241
|
};
|
|
1203
1242
|
|
|
1204
|
-
/*! @azure/msal-common v15.
|
|
1243
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1205
1244
|
/*
|
|
1206
1245
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1207
1246
|
* Licensed under the MIT License.
|
|
@@ -1223,7 +1262,7 @@
|
|
|
1223
1262
|
return null;
|
|
1224
1263
|
}
|
|
1225
1264
|
|
|
1226
|
-
/*! @azure/msal-common v15.
|
|
1265
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1227
1266
|
/*
|
|
1228
1267
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1229
1268
|
* Licensed under the MIT License.
|
|
@@ -1247,7 +1286,7 @@
|
|
|
1247
1286
|
EAR: "EAR",
|
|
1248
1287
|
};
|
|
1249
1288
|
|
|
1250
|
-
/*! @azure/msal-common v15.
|
|
1289
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1251
1290
|
|
|
1252
1291
|
/*
|
|
1253
1292
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1482,7 +1521,7 @@
|
|
|
1482
1521
|
}
|
|
1483
1522
|
}
|
|
1484
1523
|
|
|
1485
|
-
/*! @azure/msal-common v15.
|
|
1524
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1486
1525
|
|
|
1487
1526
|
/*
|
|
1488
1527
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1563,7 +1602,7 @@
|
|
|
1563
1602
|
}
|
|
1564
1603
|
}
|
|
1565
1604
|
|
|
1566
|
-
/*! @azure/msal-common v15.
|
|
1605
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1567
1606
|
|
|
1568
1607
|
/*
|
|
1569
1608
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1679,7 +1718,7 @@
|
|
|
1679
1718
|
}
|
|
1680
1719
|
}
|
|
1681
1720
|
|
|
1682
|
-
/*! @azure/msal-common v15.
|
|
1721
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1683
1722
|
|
|
1684
1723
|
/*
|
|
1685
1724
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1843,7 +1882,7 @@
|
|
|
1843
1882
|
}
|
|
1844
1883
|
}
|
|
1845
1884
|
|
|
1846
|
-
/*! @azure/msal-common v15.
|
|
1885
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1847
1886
|
|
|
1848
1887
|
/*
|
|
1849
1888
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2018,7 +2057,7 @@
|
|
|
2018
2057
|
return null;
|
|
2019
2058
|
}
|
|
2020
2059
|
|
|
2021
|
-
/*! @azure/msal-common v15.
|
|
2060
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
2022
2061
|
/*
|
|
2023
2062
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2024
2063
|
* Licensed under the MIT License.
|
|
@@ -2026,7 +2065,7 @@
|
|
|
2026
2065
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2027
2066
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2028
2067
|
|
|
2029
|
-
/*! @azure/msal-common v15.
|
|
2068
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
2030
2069
|
|
|
2031
2070
|
/*
|
|
2032
2071
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2071,7 +2110,7 @@
|
|
|
2071
2110
|
}
|
|
2072
2111
|
}
|
|
2073
2112
|
|
|
2074
|
-
/*! @azure/msal-common v15.
|
|
2113
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
2075
2114
|
|
|
2076
2115
|
/*
|
|
2077
2116
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3181,7 +3220,7 @@
|
|
|
3181
3220
|
}
|
|
3182
3221
|
}
|
|
3183
3222
|
|
|
3184
|
-
/*! @azure/msal-common v15.
|
|
3223
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
3185
3224
|
/*
|
|
3186
3225
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3187
3226
|
* Licensed under the MIT License.
|
|
@@ -3458,7 +3497,7 @@
|
|
|
3458
3497
|
const PerformanceEventStatus = {
|
|
3459
3498
|
InProgress: 1};
|
|
3460
3499
|
|
|
3461
|
-
/*! @azure/msal-common v15.
|
|
3500
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
3462
3501
|
|
|
3463
3502
|
/*
|
|
3464
3503
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3537,7 +3576,7 @@
|
|
|
3537
3576
|
}
|
|
3538
3577
|
}
|
|
3539
3578
|
|
|
3540
|
-
/*! @azure/msal-common v15.
|
|
3579
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
3541
3580
|
|
|
3542
3581
|
/*
|
|
3543
3582
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3637,7 +3676,7 @@
|
|
|
3637
3676
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3638
3677
|
}
|
|
3639
3678
|
|
|
3640
|
-
/*! @azure/msal-common v15.
|
|
3679
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
3641
3680
|
/*
|
|
3642
3681
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3643
3682
|
* Licensed under the MIT License.
|
|
@@ -3647,7 +3686,7 @@
|
|
|
3647
3686
|
UPN: "UPN",
|
|
3648
3687
|
};
|
|
3649
3688
|
|
|
3650
|
-
/*! @azure/msal-common v15.
|
|
3689
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
3651
3690
|
/*
|
|
3652
3691
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3653
3692
|
* Licensed under the MIT License.
|
|
@@ -3695,9 +3734,10 @@
|
|
|
3695
3734
|
const BROKER_REDIRECT_URI = "brk_redirect_uri";
|
|
3696
3735
|
const INSTANCE_AWARE = "instance_aware";
|
|
3697
3736
|
const EAR_JWK = "ear_jwk";
|
|
3698
|
-
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
3737
|
+
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
3738
|
+
const CLI_DATA = "clidata";
|
|
3699
3739
|
|
|
3700
|
-
/*! @azure/msal-common v15.
|
|
3740
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
3701
3741
|
|
|
3702
3742
|
/*
|
|
3703
3743
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3963,6 +4003,12 @@
|
|
|
3963
4003
|
function addClientInfo(parameters) {
|
|
3964
4004
|
parameters.set(CLIENT_INFO, "1");
|
|
3965
4005
|
}
|
|
4006
|
+
/**
|
|
4007
|
+
* add clidata=1 to request to indicate client data support
|
|
4008
|
+
*/
|
|
4009
|
+
function addCliData(parameters) {
|
|
4010
|
+
parameters.set(CLI_DATA, "1");
|
|
4011
|
+
}
|
|
3966
4012
|
function addInstanceAware(parameters) {
|
|
3967
4013
|
if (!parameters.has(INSTANCE_AWARE)) {
|
|
3968
4014
|
parameters.set(INSTANCE_AWARE, "true");
|
|
@@ -4077,7 +4123,7 @@
|
|
|
4077
4123
|
});
|
|
4078
4124
|
}
|
|
4079
4125
|
|
|
4080
|
-
/*! @azure/msal-common v15.
|
|
4126
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4081
4127
|
/*
|
|
4082
4128
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4083
4129
|
* Licensed under the MIT License.
|
|
@@ -4089,7 +4135,7 @@
|
|
|
4089
4135
|
response.hasOwnProperty("jwks_uri"));
|
|
4090
4136
|
}
|
|
4091
4137
|
|
|
4092
|
-
/*! @azure/msal-common v15.
|
|
4138
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4093
4139
|
/*
|
|
4094
4140
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4095
4141
|
* Licensed under the MIT License.
|
|
@@ -4099,7 +4145,7 @@
|
|
|
4099
4145
|
response.hasOwnProperty("metadata"));
|
|
4100
4146
|
}
|
|
4101
4147
|
|
|
4102
|
-
/*! @azure/msal-common v15.
|
|
4148
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4103
4149
|
/*
|
|
4104
4150
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4105
4151
|
* Licensed under the MIT License.
|
|
@@ -4109,7 +4155,7 @@
|
|
|
4109
4155
|
response.hasOwnProperty("error_description"));
|
|
4110
4156
|
}
|
|
4111
4157
|
|
|
4112
|
-
/*! @azure/msal-common v15.
|
|
4158
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4113
4159
|
/*
|
|
4114
4160
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4115
4161
|
* Licensed under the MIT License.
|
|
@@ -4205,7 +4251,7 @@
|
|
|
4205
4251
|
};
|
|
4206
4252
|
};
|
|
4207
4253
|
|
|
4208
|
-
/*! @azure/msal-common v15.
|
|
4254
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4209
4255
|
|
|
4210
4256
|
/*
|
|
4211
4257
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4311,7 +4357,7 @@
|
|
|
4311
4357
|
},
|
|
4312
4358
|
};
|
|
4313
4359
|
|
|
4314
|
-
/*! @azure/msal-common v15.
|
|
4360
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4315
4361
|
/*
|
|
4316
4362
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4317
4363
|
* Licensed under the MIT License.
|
|
@@ -4376,7 +4422,7 @@
|
|
|
4376
4422
|
return cachedAtSec > nowSeconds();
|
|
4377
4423
|
}
|
|
4378
4424
|
|
|
4379
|
-
/*! @azure/msal-common v15.
|
|
4425
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4380
4426
|
|
|
4381
4427
|
/*
|
|
4382
4428
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4638,7 +4684,7 @@
|
|
|
4638
4684
|
return metadata.expiresAt <= nowSeconds();
|
|
4639
4685
|
}
|
|
4640
4686
|
|
|
4641
|
-
/*! @azure/msal-common v15.
|
|
4687
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4642
4688
|
|
|
4643
4689
|
/*
|
|
4644
4690
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5477,7 +5523,7 @@
|
|
|
5477
5523
|
};
|
|
5478
5524
|
}
|
|
5479
5525
|
|
|
5480
|
-
/*! @azure/msal-common v15.
|
|
5526
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5481
5527
|
|
|
5482
5528
|
/*
|
|
5483
5529
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5508,7 +5554,7 @@
|
|
|
5508
5554
|
}
|
|
5509
5555
|
}
|
|
5510
5556
|
|
|
5511
|
-
/*! @azure/msal-common v15.
|
|
5557
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5512
5558
|
|
|
5513
5559
|
/*
|
|
5514
5560
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5527,7 +5573,7 @@
|
|
|
5527
5573
|
}
|
|
5528
5574
|
}
|
|
5529
5575
|
|
|
5530
|
-
/*! @azure/msal-common v15.
|
|
5576
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5531
5577
|
/*
|
|
5532
5578
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5533
5579
|
* Licensed under the MIT License.
|
|
@@ -5548,7 +5594,7 @@
|
|
|
5548
5594
|
};
|
|
5549
5595
|
}
|
|
5550
5596
|
|
|
5551
|
-
/*! @azure/msal-common v15.
|
|
5597
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5552
5598
|
|
|
5553
5599
|
/*
|
|
5554
5600
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5635,7 +5681,7 @@
|
|
|
5635
5681
|
}
|
|
5636
5682
|
}
|
|
5637
5683
|
|
|
5638
|
-
/*! @azure/msal-common v15.
|
|
5684
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5639
5685
|
|
|
5640
5686
|
/*
|
|
5641
5687
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5666,7 +5712,7 @@
|
|
|
5666
5712
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
5667
5713
|
}
|
|
5668
5714
|
|
|
5669
|
-
/*! @azure/msal-common v15.
|
|
5715
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5670
5716
|
|
|
5671
5717
|
/*
|
|
5672
5718
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5814,7 +5860,7 @@
|
|
|
5814
5860
|
}
|
|
5815
5861
|
}
|
|
5816
5862
|
|
|
5817
|
-
/*! @azure/msal-common v15.
|
|
5863
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5818
5864
|
/*
|
|
5819
5865
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5820
5866
|
* Licensed under the MIT License.
|
|
@@ -5865,7 +5911,7 @@
|
|
|
5865
5911
|
*/
|
|
5866
5912
|
const interruptedUser = "interrupted_user";
|
|
5867
5913
|
|
|
5868
|
-
/*! @azure/msal-common v15.
|
|
5914
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5869
5915
|
|
|
5870
5916
|
/*
|
|
5871
5917
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5940,7 +5986,7 @@
|
|
|
5940
5986
|
return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
|
|
5941
5987
|
}
|
|
5942
5988
|
|
|
5943
|
-
/*! @azure/msal-common v15.
|
|
5989
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5944
5990
|
|
|
5945
5991
|
/*
|
|
5946
5992
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6012,7 +6058,7 @@
|
|
|
6012
6058
|
}
|
|
6013
6059
|
}
|
|
6014
6060
|
|
|
6015
|
-
/*! @azure/msal-common v15.
|
|
6061
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6016
6062
|
|
|
6017
6063
|
/*
|
|
6018
6064
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6094,7 +6140,7 @@
|
|
|
6094
6140
|
}
|
|
6095
6141
|
}
|
|
6096
6142
|
|
|
6097
|
-
/*! @azure/msal-common v15.
|
|
6143
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6098
6144
|
/*
|
|
6099
6145
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6100
6146
|
* Licensed under the MIT License.
|
|
@@ -6121,7 +6167,7 @@
|
|
|
6121
6167
|
}
|
|
6122
6168
|
}
|
|
6123
6169
|
|
|
6124
|
-
/*! @azure/msal-common v15.
|
|
6170
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6125
6171
|
|
|
6126
6172
|
/*
|
|
6127
6173
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6460,7 +6506,7 @@
|
|
|
6460
6506
|
return baseAccount;
|
|
6461
6507
|
}
|
|
6462
6508
|
|
|
6463
|
-
/*! @azure/msal-common v15.
|
|
6509
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6464
6510
|
/*
|
|
6465
6511
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6466
6512
|
* Licensed under the MIT License.
|
|
@@ -6478,7 +6524,7 @@
|
|
|
6478
6524
|
}
|
|
6479
6525
|
}
|
|
6480
6526
|
|
|
6481
|
-
/*! @azure/msal-common v15.
|
|
6527
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6482
6528
|
|
|
6483
6529
|
/*
|
|
6484
6530
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6627,11 +6673,6 @@
|
|
|
6627
6673
|
throw createClientConfigurationError(missingSshJwk);
|
|
6628
6674
|
}
|
|
6629
6675
|
}
|
|
6630
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6631
|
-
(this.config.authOptions.clientCapabilities &&
|
|
6632
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
6633
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
6634
|
-
}
|
|
6635
6676
|
let ccsCred = undefined;
|
|
6636
6677
|
if (request.clientInfo) {
|
|
6637
6678
|
try {
|
|
@@ -6681,6 +6722,15 @@
|
|
|
6681
6722
|
});
|
|
6682
6723
|
}
|
|
6683
6724
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
6725
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
6726
|
+
const configClaims = request.skipBrokerClaims &&
|
|
6727
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
6728
|
+
? undefined
|
|
6729
|
+
: this.config.authOptions.clientCapabilities;
|
|
6730
|
+
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6731
|
+
(configClaims && configClaims.length > 0)) {
|
|
6732
|
+
addClaims(parameters, request.claims, configClaims);
|
|
6733
|
+
}
|
|
6684
6734
|
return mapToQueryString(parameters);
|
|
6685
6735
|
}
|
|
6686
6736
|
/**
|
|
@@ -6714,7 +6764,7 @@
|
|
|
6714
6764
|
}
|
|
6715
6765
|
}
|
|
6716
6766
|
|
|
6717
|
-
/*! @azure/msal-common v15.
|
|
6767
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6718
6768
|
|
|
6719
6769
|
/*
|
|
6720
6770
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6892,11 +6942,6 @@
|
|
|
6892
6942
|
throw createClientConfigurationError(missingSshJwk);
|
|
6893
6943
|
}
|
|
6894
6944
|
}
|
|
6895
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6896
|
-
(this.config.authOptions.clientCapabilities &&
|
|
6897
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
6898
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
6899
|
-
}
|
|
6900
6945
|
if (this.config.systemOptions.preventCorsPreflight &&
|
|
6901
6946
|
request.ccsCredential) {
|
|
6902
6947
|
switch (request.ccsCredential.type) {
|
|
@@ -6922,11 +6967,20 @@
|
|
|
6922
6967
|
addExtraQueryParameters(parameters, request.tokenBodyParameters);
|
|
6923
6968
|
}
|
|
6924
6969
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
6970
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
6971
|
+
const configClaims = request.skipBrokerClaims &&
|
|
6972
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
6973
|
+
? undefined
|
|
6974
|
+
: this.config.authOptions.clientCapabilities;
|
|
6975
|
+
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6976
|
+
(configClaims && configClaims.length > 0)) {
|
|
6977
|
+
addClaims(parameters, request.claims, configClaims);
|
|
6978
|
+
}
|
|
6925
6979
|
return mapToQueryString(parameters);
|
|
6926
6980
|
}
|
|
6927
6981
|
}
|
|
6928
6982
|
|
|
6929
|
-
/*! @azure/msal-common v15.
|
|
6983
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6930
6984
|
|
|
6931
6985
|
/*
|
|
6932
6986
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7024,7 +7078,7 @@
|
|
|
7024
7078
|
}
|
|
7025
7079
|
}
|
|
7026
7080
|
|
|
7027
|
-
/*! @azure/msal-common v15.
|
|
7081
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
7028
7082
|
|
|
7029
7083
|
/*
|
|
7030
7084
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7039,7 +7093,7 @@
|
|
|
7039
7093
|
},
|
|
7040
7094
|
};
|
|
7041
7095
|
|
|
7042
|
-
/*! @azure/msal-common v15.
|
|
7096
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
7043
7097
|
|
|
7044
7098
|
/*
|
|
7045
7099
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7071,6 +7125,8 @@
|
|
|
7071
7125
|
addResponseMode(parameters, request.responseMode);
|
|
7072
7126
|
// add client_info=1
|
|
7073
7127
|
addClientInfo(parameters);
|
|
7128
|
+
// add clidata=1
|
|
7129
|
+
addCliData(parameters);
|
|
7074
7130
|
if (request.prompt) {
|
|
7075
7131
|
addPrompt(parameters, request.prompt);
|
|
7076
7132
|
performanceClient?.addFields({ prompt: request.prompt }, correlationId);
|
|
@@ -7160,14 +7216,17 @@
|
|
|
7160
7216
|
if (request.state) {
|
|
7161
7217
|
addState(parameters, request.state);
|
|
7162
7218
|
}
|
|
7163
|
-
if (request.claims ||
|
|
7164
|
-
(authOptions.clientCapabilities &&
|
|
7165
|
-
authOptions.clientCapabilities.length > 0)) {
|
|
7166
|
-
addClaims(parameters, request.claims, authOptions.clientCapabilities);
|
|
7167
|
-
}
|
|
7168
7219
|
if (request.embeddedClientId) {
|
|
7169
7220
|
addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
|
|
7170
7221
|
}
|
|
7222
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
7223
|
+
const configClaims = request.skipBrokerClaims &&
|
|
7224
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
7225
|
+
? undefined
|
|
7226
|
+
: authOptions.clientCapabilities;
|
|
7227
|
+
if (request.claims || (configClaims && configClaims.length > 0)) {
|
|
7228
|
+
addClaims(parameters, request.claims, configClaims);
|
|
7229
|
+
}
|
|
7171
7230
|
// If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
|
|
7172
7231
|
if (authOptions.instanceAware &&
|
|
7173
7232
|
(!request.extraQueryParameters ||
|
|
@@ -7263,7 +7322,7 @@
|
|
|
7263
7322
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
7264
7323
|
}
|
|
7265
7324
|
|
|
7266
|
-
/*! @azure/msal-common v15.
|
|
7325
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
7267
7326
|
|
|
7268
7327
|
/*
|
|
7269
7328
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7526,7 +7585,7 @@
|
|
|
7526
7585
|
}
|
|
7527
7586
|
}
|
|
7528
7587
|
|
|
7529
|
-
/*! @azure/msal-common v15.
|
|
7588
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
7530
7589
|
/*
|
|
7531
7590
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7532
7591
|
* Licensed under the MIT License.
|
|
@@ -7534,7 +7593,7 @@
|
|
|
7534
7593
|
const missingKidError = "missing_kid_error";
|
|
7535
7594
|
const missingAlgError = "missing_alg_error";
|
|
7536
7595
|
|
|
7537
|
-
/*! @azure/msal-common v15.
|
|
7596
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
7538
7597
|
|
|
7539
7598
|
/*
|
|
7540
7599
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7559,7 +7618,7 @@
|
|
|
7559
7618
|
return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
|
|
7560
7619
|
}
|
|
7561
7620
|
|
|
7562
|
-
/*! @azure/msal-common v15.
|
|
7621
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
7563
7622
|
|
|
7564
7623
|
/*
|
|
7565
7624
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7994,7 +8053,7 @@
|
|
|
7994
8053
|
|
|
7995
8054
|
/* eslint-disable header/header */
|
|
7996
8055
|
const name = "@azure/msal-browser";
|
|
7997
|
-
const version = "4.
|
|
8056
|
+
const version = "4.30.0";
|
|
7998
8057
|
|
|
7999
8058
|
/*
|
|
8000
8059
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -9762,6 +9821,10 @@
|
|
|
9762
9821
|
async initializeAuthorizationRequest(request, interactionType) {
|
|
9763
9822
|
this.performanceClient.addQueueMeasurement(PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.correlationId);
|
|
9764
9823
|
const redirectUri = this.getRedirectUri(request.redirectUri);
|
|
9824
|
+
if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
|
|
9825
|
+
this.logger.warning("The origin of the redirect URI does not match the origin of the current page. This is likely to cause issues with authentication.", this.correlationId);
|
|
9826
|
+
this.performanceClient.addFields({ isRedirectUriCrossOrigin: true }, this.correlationId);
|
|
9827
|
+
}
|
|
9765
9828
|
const browserState = {
|
|
9766
9829
|
interactionType: interactionType,
|
|
9767
9830
|
};
|
|
@@ -17227,11 +17290,19 @@
|
|
|
17227
17290
|
this.logger.trace("NativeInteractionClient - initializeNativeRequest called");
|
|
17228
17291
|
const canonicalAuthority = await this.getCanonicalAuthority(request);
|
|
17229
17292
|
// scopes are expected to be received by the native broker as "scope" and will be added to the request below. Other properties that should be dropped from the request to the native broker can be included in the object destructuring here.
|
|
17230
|
-
const { scopes, ...remainingProperties } = request;
|
|
17293
|
+
const { scopes, claims, ...remainingProperties } = request;
|
|
17231
17294
|
const scopeSet = new ScopeSet(scopes || []);
|
|
17232
17295
|
scopeSet.appendScopes(OIDC_DEFAULT_SCOPES);
|
|
17296
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
17297
|
+
const configClaims = request.skipBrokerClaims && !!request.embeddedClientId
|
|
17298
|
+
? undefined
|
|
17299
|
+
: this.config.auth.clientCapabilities;
|
|
17300
|
+
const mergedClaims = configClaims && configClaims.length
|
|
17301
|
+
? addClientCapabilitiesToClaims(claims, configClaims)
|
|
17302
|
+
: claims;
|
|
17233
17303
|
const validatedRequest = {
|
|
17234
17304
|
...remainingProperties,
|
|
17305
|
+
claims: mergedClaims,
|
|
17235
17306
|
accountId: this.accountId,
|
|
17236
17307
|
clientId: this.config.auth.clientId,
|
|
17237
17308
|
authority: canonicalAuthority.urlString,
|
|
@@ -17364,6 +17435,53 @@
|
|
|
17364
17435
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
17365
17436
|
* Licensed under the MIT License.
|
|
17366
17437
|
*/
|
|
17438
|
+
const clientDataAccountTypeMapping = new Map([
|
|
17439
|
+
["e", "AAD"],
|
|
17440
|
+
["m", "MSA"],
|
|
17441
|
+
]);
|
|
17442
|
+
/**
|
|
17443
|
+
* Parses the clientdata response parameter from the /authorize endpoint.
|
|
17444
|
+
*
|
|
17445
|
+
* The clientdata value is URL-encoded and pipe-delimited:
|
|
17446
|
+
* urlencoded(account_type | error | sub_error | cloud_instance | caller_data_boundary)
|
|
17447
|
+
*
|
|
17448
|
+
* @param clientdata - The raw clientdata string from the authorize response
|
|
17449
|
+
* @returns Parsed ClientData object, or null if the input is empty/invalid
|
|
17450
|
+
*/
|
|
17451
|
+
function parseClientData(clientdata) {
|
|
17452
|
+
if (!clientdata) {
|
|
17453
|
+
return null;
|
|
17454
|
+
}
|
|
17455
|
+
try {
|
|
17456
|
+
const decoded = decodeURIComponent(clientdata);
|
|
17457
|
+
const parts = decoded.split("|");
|
|
17458
|
+
if (parts.length < 5) {
|
|
17459
|
+
return null;
|
|
17460
|
+
}
|
|
17461
|
+
return {
|
|
17462
|
+
accountType: clientDataAccountTypeMapping.get(parts[0]?.trim() || "") || "",
|
|
17463
|
+
error: parts[1]?.trim() || "",
|
|
17464
|
+
subError: parts[2]?.trim() || "",
|
|
17465
|
+
cloudInstance: parts[3]?.trim() || "",
|
|
17466
|
+
callerDataBoundary: parts[4]?.trim() || "",
|
|
17467
|
+
};
|
|
17468
|
+
}
|
|
17469
|
+
catch {
|
|
17470
|
+
return null;
|
|
17471
|
+
}
|
|
17472
|
+
}
|
|
17473
|
+
/**
|
|
17474
|
+
* Instruments account type, error, and suberror from clientdata
|
|
17475
|
+
*/
|
|
17476
|
+
function instrumentClientData(response, correlationId, performanceClient) {
|
|
17477
|
+
const parsed = parseClientData(response.clientdata);
|
|
17478
|
+
parsed?.accountType &&
|
|
17479
|
+
performanceClient.addFields({ accountType: parsed.accountType }, correlationId);
|
|
17480
|
+
parsed?.error &&
|
|
17481
|
+
performanceClient.addFields({ serverErrorNo: parsed.error }, correlationId);
|
|
17482
|
+
parsed?.subError &&
|
|
17483
|
+
performanceClient.addFields({ serverSubErrorNo: parsed.subError }, correlationId);
|
|
17484
|
+
}
|
|
17367
17485
|
/**
|
|
17368
17486
|
* Returns map of parameters that are applicable to all calls to /authorize whether using PKCE or EAR
|
|
17369
17487
|
* @param config
|
|
@@ -17526,6 +17644,8 @@
|
|
|
17526
17644
|
async function handleResponseCode(request, response, codeVerifier, apiId, config, authClient, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
|
|
17527
17645
|
// Remove throttle if it exists
|
|
17528
17646
|
ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
|
|
17647
|
+
// Instrument clientdata telemetry fields from the authorize response
|
|
17648
|
+
instrumentClientData(response, request.correlationId, performanceClient);
|
|
17529
17649
|
if (response.accountId) {
|
|
17530
17650
|
return invokeAsync(handleResponsePlatformBroker, PerformanceEvents.HandleResponsePlatformBroker, logger, performanceClient, request.correlationId)(request, response.accountId, apiId, config, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider);
|
|
17531
17651
|
}
|
|
@@ -17558,6 +17678,8 @@
|
|
|
17558
17678
|
async function handleResponseEAR(request, response, apiId, config, authority, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
|
|
17559
17679
|
// Remove throttle if it exists
|
|
17560
17680
|
ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
|
|
17681
|
+
// Instrument clientdata telemetry fields from the authorize response
|
|
17682
|
+
instrumentClientData(response, request.correlationId, performanceClient);
|
|
17561
17683
|
// Validate state & check response for errors
|
|
17562
17684
|
validateAuthorizationResponse(response, request.state);
|
|
17563
17685
|
if (!response.ear_jwe) {
|
|
@@ -18323,14 +18445,28 @@
|
|
|
18323
18445
|
return nativeResponse;
|
|
18324
18446
|
}
|
|
18325
18447
|
getDOMExtraParams(extraParameters) {
|
|
18326
|
-
|
|
18327
|
-
|
|
18328
|
-
|
|
18329
|
-
|
|
18330
|
-
|
|
18331
|
-
|
|
18332
|
-
|
|
18333
|
-
|
|
18448
|
+
try {
|
|
18449
|
+
const stringifiedProperties = {};
|
|
18450
|
+
for (const [key, value] of Object.entries(extraParameters)) {
|
|
18451
|
+
if (!value) {
|
|
18452
|
+
continue;
|
|
18453
|
+
}
|
|
18454
|
+
if (typeof value === "object") {
|
|
18455
|
+
stringifiedProperties[key] = JSON.stringify(value);
|
|
18456
|
+
}
|
|
18457
|
+
else {
|
|
18458
|
+
stringifiedProperties[key] = String(value);
|
|
18459
|
+
}
|
|
18460
|
+
}
|
|
18461
|
+
return stringifiedProperties;
|
|
18462
|
+
}
|
|
18463
|
+
catch (e) {
|
|
18464
|
+
this.logger.error(this.platformAuthType + " - Error stringifying extra parameters");
|
|
18465
|
+
this.logger.errorPii(this.platformAuthType +
|
|
18466
|
+
" - Error stringifying extra parameters: " +
|
|
18467
|
+
e);
|
|
18468
|
+
return {};
|
|
18469
|
+
}
|
|
18334
18470
|
}
|
|
18335
18471
|
}
|
|
18336
18472
|
|
|
@@ -19381,6 +19517,12 @@
|
|
|
19381
19517
|
*/
|
|
19382
19518
|
async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, performanceClient, logger, correlationId, responseType) {
|
|
19383
19519
|
performanceClient.addQueueMeasurement(PerformanceEvents.SilentHandlerMonitorIframeForHash, correlationId);
|
|
19520
|
+
performanceClient.addFields({
|
|
19521
|
+
iframePollIntervalMs: pollIntervalMilliseconds,
|
|
19522
|
+
iframeTimeoutMs: timeout,
|
|
19523
|
+
}, correlationId);
|
|
19524
|
+
let totalTickCount = 0;
|
|
19525
|
+
let crossOriginTickCount = 0;
|
|
19384
19526
|
return new Promise((resolve, reject) => {
|
|
19385
19527
|
if (timeout < DEFAULT_IFRAME_TIMEOUT_MS) {
|
|
19386
19528
|
logger.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${timeout}ms) than the default (${DEFAULT_IFRAME_TIMEOUT_MS}ms). This may result in timeouts.`);
|
|
@@ -19394,6 +19536,7 @@
|
|
|
19394
19536
|
reject(createBrowserAuthError(monitorWindowTimeout));
|
|
19395
19537
|
}, timeout);
|
|
19396
19538
|
const intervalId = window.setInterval(() => {
|
|
19539
|
+
totalTickCount++;
|
|
19397
19540
|
let href = "";
|
|
19398
19541
|
const contentWindow = iframe.contentWindow;
|
|
19399
19542
|
try {
|
|
@@ -19404,7 +19547,9 @@
|
|
|
19404
19547
|
*/
|
|
19405
19548
|
href = contentWindow ? contentWindow.location.href : "";
|
|
19406
19549
|
}
|
|
19407
|
-
catch (e) {
|
|
19550
|
+
catch (e) {
|
|
19551
|
+
crossOriginTickCount++;
|
|
19552
|
+
}
|
|
19408
19553
|
if (!href || href === "about:blank") {
|
|
19409
19554
|
return;
|
|
19410
19555
|
}
|
|
@@ -19422,6 +19567,10 @@
|
|
|
19422
19567
|
resolve(responseString);
|
|
19423
19568
|
}, pollIntervalMilliseconds);
|
|
19424
19569
|
}).finally(() => {
|
|
19570
|
+
performanceClient.addFields({
|
|
19571
|
+
iframeTickCount: totalTickCount,
|
|
19572
|
+
crossOriginTickCount: crossOriginTickCount,
|
|
19573
|
+
}, correlationId);
|
|
19425
19574
|
invoke(removeHiddenIframe, PerformanceEvents.RemoveHiddenIframe, logger, performanceClient, correlationId)(iframe);
|
|
19426
19575
|
});
|
|
19427
19576
|
}
|
|
@@ -20049,6 +20198,10 @@
|
|
|
20049
20198
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
20050
20199
|
* Licensed under the MIT License.
|
|
20051
20200
|
*/
|
|
20201
|
+
/**
|
|
20202
|
+
* Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
|
|
20203
|
+
* @returns Network connection information, or an empty object if not available.
|
|
20204
|
+
*/
|
|
20052
20205
|
function collectInstanceStats(currentClientId, performanceEvent, logger) {
|
|
20053
20206
|
const frameInstances =
|
|
20054
20207
|
// @ts-ignore
|
|
@@ -20142,22 +20295,30 @@
|
|
|
20142
20295
|
this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto, this.performanceClient);
|
|
20143
20296
|
this.activeSilentTokenRequests = new Map();
|
|
20144
20297
|
// Register listener functions
|
|
20145
|
-
this.
|
|
20146
|
-
|
|
20147
|
-
this.trackPageVisibilityWithMeasurement =
|
|
20148
|
-
this.trackPageVisibilityWithMeasurement.bind(this);
|
|
20298
|
+
this.trackStateChangeWithMeasurement =
|
|
20299
|
+
this.trackStateChangeWithMeasurement.bind(this);
|
|
20149
20300
|
}
|
|
20150
20301
|
static async createController(operatingContext, request) {
|
|
20151
20302
|
const controller = new StandardController(operatingContext);
|
|
20152
20303
|
await controller.initialize(request);
|
|
20153
20304
|
return controller;
|
|
20154
20305
|
}
|
|
20155
|
-
|
|
20306
|
+
trackStateChange(correlationId, event) {
|
|
20156
20307
|
if (!correlationId) {
|
|
20157
20308
|
return;
|
|
20158
20309
|
}
|
|
20159
|
-
|
|
20160
|
-
|
|
20310
|
+
if (event.type === "visibilitychange") {
|
|
20311
|
+
this.logger.info("Perf: Visibility change detected");
|
|
20312
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
|
|
20313
|
+
}
|
|
20314
|
+
else if (event.type === "online") {
|
|
20315
|
+
this.logger.info("Perf: Online status change detected");
|
|
20316
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
20317
|
+
}
|
|
20318
|
+
else if (event.type === "offline") {
|
|
20319
|
+
this.logger.info("Perf: Offline status change detected");
|
|
20320
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
20321
|
+
}
|
|
20161
20322
|
}
|
|
20162
20323
|
/**
|
|
20163
20324
|
* Initializer function to perform async startup tasks such as connecting to WAM extension
|
|
@@ -20563,16 +20724,40 @@
|
|
|
20563
20724
|
}
|
|
20564
20725
|
});
|
|
20565
20726
|
}
|
|
20566
|
-
|
|
20727
|
+
trackStateChangeWithMeasurement(event) {
|
|
20567
20728
|
const measurement = this.ssoSilentMeasurement ||
|
|
20568
20729
|
this.acquireTokenByCodeAsyncMeasurement;
|
|
20569
20730
|
if (!measurement) {
|
|
20570
20731
|
return;
|
|
20571
20732
|
}
|
|
20572
|
-
|
|
20573
|
-
|
|
20574
|
-
|
|
20575
|
-
|
|
20733
|
+
if (event.type === "visibilitychange") {
|
|
20734
|
+
this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
|
|
20735
|
+
measurement.increment({
|
|
20736
|
+
visibilityChangeCount: 1,
|
|
20737
|
+
});
|
|
20738
|
+
}
|
|
20739
|
+
else if (event.type === "online") {
|
|
20740
|
+
this.logger.info("Perf: Online status change detected in ", measurement.event.name);
|
|
20741
|
+
measurement.increment({
|
|
20742
|
+
onlineStatusChangeCount: 1,
|
|
20743
|
+
});
|
|
20744
|
+
}
|
|
20745
|
+
else if (event.type === "offline") {
|
|
20746
|
+
this.logger.info("Perf: Offline status change detected in ", measurement.event.name);
|
|
20747
|
+
measurement.increment({
|
|
20748
|
+
onlineStatusChangeCount: 1,
|
|
20749
|
+
});
|
|
20750
|
+
}
|
|
20751
|
+
}
|
|
20752
|
+
addStateChangeListeners(listener) {
|
|
20753
|
+
document.addEventListener("visibilitychange", listener);
|
|
20754
|
+
window.addEventListener("online", listener);
|
|
20755
|
+
window.addEventListener("offline", listener);
|
|
20756
|
+
}
|
|
20757
|
+
removeStateChangeListeners(listener) {
|
|
20758
|
+
document.removeEventListener("visibilitychange", listener);
|
|
20759
|
+
window.removeEventListener("online", listener);
|
|
20760
|
+
window.removeEventListener("offline", listener);
|
|
20576
20761
|
}
|
|
20577
20762
|
/**
|
|
20578
20763
|
* SSO capability verification in the background.
|
|
@@ -20653,8 +20838,9 @@
|
|
|
20653
20838
|
preflightCheck(this.initialized, this.ssoSilentMeasurement, request.account);
|
|
20654
20839
|
this.ssoSilentMeasurement?.increment({
|
|
20655
20840
|
visibilityChangeCount: 0,
|
|
20841
|
+
onlineStatusChangeCount: 0,
|
|
20656
20842
|
});
|
|
20657
|
-
|
|
20843
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20658
20844
|
this.logger.verbose("ssoSilent called", correlationId);
|
|
20659
20845
|
this.eventHandler.emitEvent(EventType.SSO_SILENT_START, InteractionType.Silent, validRequest);
|
|
20660
20846
|
let result;
|
|
@@ -20698,7 +20884,7 @@
|
|
|
20698
20884
|
throw e;
|
|
20699
20885
|
})
|
|
20700
20886
|
.finally(() => {
|
|
20701
|
-
|
|
20887
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20702
20888
|
});
|
|
20703
20889
|
}
|
|
20704
20890
|
/**
|
|
@@ -20810,8 +20996,9 @@
|
|
|
20810
20996
|
this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenByCodeAsync, request.correlationId);
|
|
20811
20997
|
this.acquireTokenByCodeAsyncMeasurement?.increment({
|
|
20812
20998
|
visibilityChangeCount: 0,
|
|
20999
|
+
onlineStatusChangeCount: 0,
|
|
20813
21000
|
});
|
|
20814
|
-
|
|
21001
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20815
21002
|
const silentAuthCodeClient = this.createSilentAuthCodeClient(request.correlationId);
|
|
20816
21003
|
const silentTokenResult = await silentAuthCodeClient
|
|
20817
21004
|
.acquireToken(request)
|
|
@@ -20829,7 +21016,7 @@
|
|
|
20829
21016
|
throw tokenRenewalError;
|
|
20830
21017
|
})
|
|
20831
21018
|
.finally(() => {
|
|
20832
|
-
|
|
21019
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20833
21020
|
});
|
|
20834
21021
|
return silentTokenResult;
|
|
20835
21022
|
}
|
|
@@ -21374,13 +21561,13 @@
|
|
|
21374
21561
|
* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
|
|
21375
21562
|
*/
|
|
21376
21563
|
async acquireTokenSilentAsync(request, account) {
|
|
21377
|
-
const
|
|
21564
|
+
const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
|
|
21378
21565
|
this.performanceClient.addQueueMeasurement(PerformanceEvents.AcquireTokenSilentAsync, request.correlationId);
|
|
21379
21566
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, InteractionType.Silent, request);
|
|
21380
21567
|
if (request.correlationId) {
|
|
21381
|
-
this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
|
|
21568
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
|
|
21382
21569
|
}
|
|
21383
|
-
|
|
21570
|
+
this.addStateChangeListeners(trackStateChange);
|
|
21384
21571
|
const silentRequest = await invokeAsync(initializeSilentRequest, PerformanceEvents.InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
|
|
21385
21572
|
const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
|
|
21386
21573
|
const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
|
|
@@ -21459,7 +21646,7 @@
|
|
|
21459
21646
|
throw tokenRenewalError;
|
|
21460
21647
|
})
|
|
21461
21648
|
.finally(() => {
|
|
21462
|
-
|
|
21649
|
+
this.removeStateChangeListeners(trackStateChange);
|
|
21463
21650
|
});
|
|
21464
21651
|
}
|
|
21465
21652
|
/**
|