@azure/msal-browser 4.29.0 → 4.30.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (329) hide show
  1. package/README.md +25 -25
  2. package/dist/app/IPublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientApplication.mjs +1 -1
  4. package/dist/app/PublicClientNext.mjs +1 -1
  5. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
  8. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  9. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  10. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  11. package/dist/cache/AccountManager.mjs +1 -1
  12. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  13. package/dist/cache/BrowserCacheManager.mjs +1 -1
  14. package/dist/cache/CacheHelpers.mjs +1 -1
  15. package/dist/cache/CacheKeys.mjs +1 -1
  16. package/dist/cache/CookieStorage.mjs +1 -1
  17. package/dist/cache/DatabaseStorage.mjs +1 -1
  18. package/dist/cache/EncryptedData.mjs +1 -1
  19. package/dist/cache/LocalStorage.mjs +1 -1
  20. package/dist/cache/MemoryStorage.mjs +1 -1
  21. package/dist/cache/SessionStorage.mjs +1 -1
  22. package/dist/cache/TokenCache.mjs +1 -1
  23. package/dist/config/Configuration.mjs +1 -1
  24. package/dist/controllers/ControllerFactory.mjs +1 -1
  25. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  26. package/dist/controllers/StandardController.d.ts +4 -2
  27. package/dist/controllers/StandardController.d.ts.map +1 -1
  28. package/dist/controllers/StandardController.mjs +55 -21
  29. package/dist/controllers/StandardController.mjs.map +1 -1
  30. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  31. package/dist/crypto/BrowserCrypto.mjs +1 -1
  32. package/dist/crypto/CryptoOps.mjs +1 -1
  33. package/dist/crypto/PkceGenerator.mjs +1 -1
  34. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  35. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  36. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  37. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  38. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
  39. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  40. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  41. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  42. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  43. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  44. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  45. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  46. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  47. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  48. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  49. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  50. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  51. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  52. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  53. package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
  54. package/dist/custom-auth-path/config/Configuration.mjs +1 -1
  55. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  56. package/dist/custom-auth-path/controllers/StandardController.d.ts +4 -2
  57. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  58. package/dist/custom-auth-path/controllers/StandardController.mjs +55 -21
  59. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  60. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  61. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  62. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  63. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  64. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  65. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  166. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  167. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  169. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  170. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  171. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  172. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  173. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  174. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  175. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  176. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  177. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  178. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  179. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  180. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  181. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  182. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  183. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +11 -3
  184. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  185. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  186. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  187. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  188. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  189. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
  190. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  191. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  192. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +5 -1
  193. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
  194. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  195. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
  196. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +15 -2
  197. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
  198. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  199. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  200. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  201. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  202. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  203. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  204. package/dist/custom-auth-path/protocol/Authorize.d.ts +28 -0
  205. package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
  206. package/dist/custom-auth-path/protocol/Authorize.mjs +53 -2
  207. package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
  208. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  209. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  210. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
  211. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  212. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  213. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  214. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  215. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  216. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
  217. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  218. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
  219. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
  220. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  221. package/dist/encode/Base64Decode.mjs +1 -1
  222. package/dist/encode/Base64Encode.mjs +1 -1
  223. package/dist/error/BrowserAuthError.mjs +1 -1
  224. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  225. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  226. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  227. package/dist/error/NativeAuthError.mjs +1 -1
  228. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  229. package/dist/error/NestedAppAuthError.mjs +1 -1
  230. package/dist/event/EventHandler.mjs +1 -1
  231. package/dist/event/EventMessage.mjs +1 -1
  232. package/dist/event/EventType.mjs +1 -1
  233. package/dist/index.mjs +1 -1
  234. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  235. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  236. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  237. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +11 -3
  238. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  239. package/dist/interaction_client/PopupClient.mjs +1 -1
  240. package/dist/interaction_client/RedirectClient.mjs +1 -1
  241. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  242. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  243. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  244. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  245. package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  246. package/dist/interaction_client/StandardInteractionClient.mjs +5 -1
  247. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  248. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  249. package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
  250. package/dist/interaction_handler/SilentHandler.mjs +15 -2
  251. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  252. package/dist/naa/BridgeError.mjs +1 -1
  253. package/dist/naa/BridgeProxy.mjs +1 -1
  254. package/dist/naa/BridgeStatusCode.mjs +1 -1
  255. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  256. package/dist/navigation/NavigationClient.mjs +1 -1
  257. package/dist/network/FetchClient.mjs +1 -1
  258. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  259. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  260. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  261. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  262. package/dist/packageMetadata.d.ts +1 -1
  263. package/dist/packageMetadata.mjs +2 -2
  264. package/dist/protocol/Authorize.d.ts +28 -0
  265. package/dist/protocol/Authorize.d.ts.map +1 -1
  266. package/dist/protocol/Authorize.mjs +53 -2
  267. package/dist/protocol/Authorize.mjs.map +1 -1
  268. package/dist/request/RequestHelpers.mjs +1 -1
  269. package/dist/response/ResponseHandler.mjs +1 -1
  270. package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
  271. package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  272. package/dist/telemetry/BrowserPerformanceClient.mjs +10 -1
  273. package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
  274. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  275. package/dist/utils/BrowserConstants.mjs +1 -1
  276. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  277. package/dist/utils/BrowserUtils.mjs +1 -1
  278. package/dist/utils/Helpers.mjs +1 -1
  279. package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
  280. package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  281. package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
  282. package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
  283. package/lib/custom-auth-path/msal-custom-auth.cjs +298 -111
  284. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  285. package/lib/custom-auth-path/msal-custom-auth.js +298 -111
  286. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  287. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  288. package/lib/custom-auth-path/types/controllers/StandardController.d.ts +4 -2
  289. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  290. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  291. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  292. package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  293. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  294. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  295. package/lib/custom-auth-path/types/protocol/Authorize.d.ts +28 -0
  296. package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
  297. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  298. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  299. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  300. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  301. package/lib/msal-browser.cjs +329 -115
  302. package/lib/msal-browser.cjs.map +1 -1
  303. package/lib/msal-browser.js +329 -115
  304. package/lib/msal-browser.js.map +1 -1
  305. package/lib/msal-browser.min.js +64 -64
  306. package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  307. package/lib/types/controllers/StandardController.d.ts +4 -2
  308. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  309. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  310. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  311. package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  312. package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  313. package/lib/types/packageMetadata.d.ts +1 -1
  314. package/lib/types/protocol/Authorize.d.ts +28 -0
  315. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  316. package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  317. package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  318. package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  319. package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  320. package/package.json +2 -2
  321. package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +24 -13
  322. package/src/controllers/StandardController.ts +74 -41
  323. package/src/interaction_client/PlatformAuthInteractionClient.ts +17 -1
  324. package/src/interaction_client/StandardInteractionClient.ts +12 -0
  325. package/src/interaction_handler/SilentHandler.ts +21 -1
  326. package/src/packageMetadata.ts +1 -1
  327. package/src/protocol/Authorize.ts +91 -0
  328. package/src/telemetry/BrowserPerformanceClient.ts +10 -0
  329. package/src/utils/MsalFrameStatsUtils.ts +27 -0
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-browser v4.29.0 2026-02-23 */
1
+ /*! @azure/msal-browser v4.30.0 2026-03-18 */
2
2
  'use strict';
3
3
  (function (global, factory) {
4
4
  typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
@@ -6,7 +6,7 @@
6
6
  (global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msalCustomAuth = {}));
7
7
  })(this, (function (exports) { 'use strict';
8
8
 
9
- /*! @azure/msal-common v15.15.0 2026-02-23 */
9
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
10
10
  /*
11
11
  * Copyright (c) Microsoft Corporation. All rights reserved.
12
12
  * Licensed under the MIT License.
@@ -280,7 +280,7 @@
280
280
  // Token renewal offset default in seconds
281
281
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
282
282
 
283
- /*! @azure/msal-common v15.15.0 2026-02-23 */
283
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
284
284
  /*
285
285
  * Copyright (c) Microsoft Corporation. All rights reserved.
286
286
  * Licensed under the MIT License.
@@ -291,7 +291,7 @@
291
291
  const unexpectedError = "unexpected_error";
292
292
  const postRequestFailed$1 = "post_request_failed";
293
293
 
294
- /*! @azure/msal-common v15.15.0 2026-02-23 */
294
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
295
295
 
296
296
  /*
297
297
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -326,7 +326,7 @@
326
326
  : AuthErrorMessages[code]);
327
327
  }
328
328
 
329
- /*! @azure/msal-common v15.15.0 2026-02-23 */
329
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
330
330
  /*
331
331
  * Copyright (c) Microsoft Corporation. All rights reserved.
332
332
  * Licensed under the MIT License.
@@ -377,7 +377,7 @@
377
377
  const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
378
378
  const platformBrokerError = "platform_broker_error";
379
379
 
380
- /*! @azure/msal-common v15.15.0 2026-02-23 */
380
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
381
381
 
382
382
  /*
383
383
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -452,7 +452,7 @@
452
452
  return new ClientAuthError(errorCode, additionalMessage);
453
453
  }
454
454
 
455
- /*! @azure/msal-common v15.15.0 2026-02-23 */
455
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
456
456
 
457
457
  /*
458
458
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -491,7 +491,7 @@
491
491
  },
492
492
  };
493
493
 
494
- /*! @azure/msal-common v15.15.0 2026-02-23 */
494
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
495
495
 
496
496
  /*
497
497
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -682,12 +682,12 @@
682
682
  }
683
683
  }
684
684
 
685
- /*! @azure/msal-common v15.15.0 2026-02-23 */
685
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
686
686
  /* eslint-disable header/header */
687
687
  const name$1 = "@azure/msal-common";
688
- const version$1 = "15.15.0";
688
+ const version$1 = "15.17.0";
689
689
 
690
- /*! @azure/msal-common v15.15.0 2026-02-23 */
690
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
691
691
  /*
692
692
  * Copyright (c) Microsoft Corporation. All rights reserved.
693
693
  * Licensed under the MIT License.
@@ -696,7 +696,7 @@
696
696
  // AzureCloudInstance is not specified.
697
697
  None: "none"};
698
698
 
699
- /*! @azure/msal-common v15.15.0 2026-02-23 */
699
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
700
700
  /*
701
701
  * Copyright (c) Microsoft Corporation. All rights reserved.
702
702
  * Licensed under the MIT License.
@@ -726,7 +726,7 @@
726
726
  const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
727
727
  const invalidPlatformBrokerConfiguration = "invalid_platform_broker_configuration";
728
728
 
729
- /*! @azure/msal-common v15.15.0 2026-02-23 */
729
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
730
730
 
731
731
  /*
732
732
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -772,7 +772,7 @@
772
772
  return new ClientConfigurationError(errorCode);
773
773
  }
774
774
 
775
- /*! @azure/msal-common v15.15.0 2026-02-23 */
775
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
776
776
  /*
777
777
  * Copyright (c) Microsoft Corporation. All rights reserved.
778
778
  * Licensed under the MIT License.
@@ -867,9 +867,48 @@
867
867
  .replace(/\?/g, "\\?"));
868
868
  return regex.test(input);
869
869
  }
870
+ /**
871
+ * Tests if a given string matches a given pattern using stricter, anchored matching semantics.
872
+ *
873
+ * Differences from `matchPattern` (legacy):
874
+ * - All regex metacharacters (including `.`) in the pattern are treated as literals,
875
+ * so `example.com` matches only `example.com` and not `exampleXcom`.
876
+ * - The generated regex is anchored with `^` and `$` so partial/substring matches
877
+ * are not allowed.
878
+ * - `*` is the only supported wildcard. Its behaviour depends on the URL component:
879
+ * - `host` component: `*` matches any sequence of characters that does NOT include
880
+ * a dot (`.`), keeping wildcards within a single DNS label boundary.
881
+ * - All other components: `*` matches any sequence of characters (including `/`).
882
+ *
883
+ * @param pattern - The `protectedResourceMap` key pattern to match against. `*` is a
884
+ * multi-character wildcard; all other characters are treated as literals.
885
+ * @param input - The URL component value (e.g. host, pathname) extracted from the
886
+ * outgoing request URL to test against the pattern.
887
+ * @param options - Optional. Provide `component` to enable component-aware wildcard
888
+ * semantics. Accepted values: `"host"`, `"path"`, `"protocol"`, `"search"`,
889
+ * `"hash"`. Defaults to path-style (permissive) matching when omitted.
890
+ * @returns `true` if the full input string matches the pattern; `false` otherwise.
891
+ */
892
+ static matchPatternStrict(pattern, input, options) {
893
+ const component = options?.component;
894
+ // Step 1: Escape all regex special characters so literals are matched literally.
895
+ let regexBody = pattern.replace(/[.+^${}()|[\]\\*?]/g, "\\$&");
896
+ // Step 2: Replace the escaped '*' with its component-aware regex equivalent.
897
+ if (component === "host") {
898
+ regexBody = regexBody.replace(/\\\*/g, "[^.]*");
899
+ }
900
+ else {
901
+ // PATH, PROTOCOL, SEARCH, HASH, or unspecified: '*' matches any characters.
902
+ regexBody = regexBody.replace(/\\\*/g, ".*");
903
+ }
904
+ // Step 3: Anchor for full-string matching.
905
+ // eslint-disable-next-line security/detect-non-literal-regexp
906
+ const regex = new RegExp(`^${regexBody}$`);
907
+ return regex.test(input);
908
+ }
870
909
  }
871
910
 
872
- /*! @azure/msal-common v15.15.0 2026-02-23 */
911
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
873
912
 
874
913
  /*
875
914
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1064,7 +1103,7 @@
1064
1103
  }
1065
1104
  }
1066
1105
 
1067
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1106
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1068
1107
 
1069
1108
  /*
1070
1109
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1104,7 +1143,7 @@
1104
1143
  };
1105
1144
  }
1106
1145
 
1107
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1146
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1108
1147
  /*
1109
1148
  * Copyright (c) Microsoft Corporation. All rights reserved.
1110
1149
  * Licensed under the MIT License.
@@ -1186,7 +1225,7 @@
1186
1225
  return updatedAccountInfo;
1187
1226
  }
1188
1227
 
1189
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1228
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1190
1229
  /*
1191
1230
  * Copyright (c) Microsoft Corporation. All rights reserved.
1192
1231
  * Licensed under the MIT License.
@@ -1201,7 +1240,7 @@
1201
1240
  Ciam: 3,
1202
1241
  };
1203
1242
 
1204
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1243
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1205
1244
  /*
1206
1245
  * Copyright (c) Microsoft Corporation. All rights reserved.
1207
1246
  * Licensed under the MIT License.
@@ -1223,7 +1262,7 @@
1223
1262
  return null;
1224
1263
  }
1225
1264
 
1226
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1265
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1227
1266
  /*
1228
1267
  * Copyright (c) Microsoft Corporation. All rights reserved.
1229
1268
  * Licensed under the MIT License.
@@ -1247,7 +1286,7 @@
1247
1286
  EAR: "EAR",
1248
1287
  };
1249
1288
 
1250
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1289
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1251
1290
 
1252
1291
  /*
1253
1292
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1482,7 +1521,7 @@
1482
1521
  }
1483
1522
  }
1484
1523
 
1485
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1524
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1486
1525
 
1487
1526
  /*
1488
1527
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1563,7 +1602,7 @@
1563
1602
  }
1564
1603
  }
1565
1604
 
1566
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1605
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1567
1606
 
1568
1607
  /*
1569
1608
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1679,7 +1718,7 @@
1679
1718
  }
1680
1719
  }
1681
1720
 
1682
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1721
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1683
1722
 
1684
1723
  /*
1685
1724
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1843,7 +1882,7 @@
1843
1882
  }
1844
1883
  }
1845
1884
 
1846
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1885
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1847
1886
 
1848
1887
  /*
1849
1888
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2018,7 +2057,7 @@
2018
2057
  return null;
2019
2058
  }
2020
2059
 
2021
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2060
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2022
2061
  /*
2023
2062
  * Copyright (c) Microsoft Corporation. All rights reserved.
2024
2063
  * Licensed under the MIT License.
@@ -2026,7 +2065,7 @@
2026
2065
  const cacheQuotaExceeded = "cache_quota_exceeded";
2027
2066
  const cacheErrorUnknown = "cache_error_unknown";
2028
2067
 
2029
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2068
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2030
2069
 
2031
2070
  /*
2032
2071
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2071,7 +2110,7 @@
2071
2110
  }
2072
2111
  }
2073
2112
 
2074
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2113
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2075
2114
 
2076
2115
  /*
2077
2116
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3181,7 +3220,7 @@
3181
3220
  }
3182
3221
  }
3183
3222
 
3184
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3223
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3185
3224
  /*
3186
3225
  * Copyright (c) Microsoft Corporation. All rights reserved.
3187
3226
  * Licensed under the MIT License.
@@ -3458,7 +3497,7 @@
3458
3497
  const PerformanceEventStatus = {
3459
3498
  InProgress: 1};
3460
3499
 
3461
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3500
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3462
3501
 
3463
3502
  /*
3464
3503
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3537,7 +3576,7 @@
3537
3576
  }
3538
3577
  }
3539
3578
 
3540
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3579
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3541
3580
 
3542
3581
  /*
3543
3582
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3637,7 +3676,7 @@
3637
3676
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3638
3677
  }
3639
3678
 
3640
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3679
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3641
3680
  /*
3642
3681
  * Copyright (c) Microsoft Corporation. All rights reserved.
3643
3682
  * Licensed under the MIT License.
@@ -3647,7 +3686,7 @@
3647
3686
  UPN: "UPN",
3648
3687
  };
3649
3688
 
3650
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3689
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3651
3690
  /*
3652
3691
  * Copyright (c) Microsoft Corporation. All rights reserved.
3653
3692
  * Licensed under the MIT License.
@@ -3695,9 +3734,10 @@
3695
3734
  const BROKER_REDIRECT_URI = "brk_redirect_uri";
3696
3735
  const INSTANCE_AWARE = "instance_aware";
3697
3736
  const EAR_JWK = "ear_jwk";
3698
- const EAR_JWE_CRYPTO = "ear_jwe_crypto";
3737
+ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
3738
+ const CLI_DATA = "clidata";
3699
3739
 
3700
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3740
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3701
3741
 
3702
3742
  /*
3703
3743
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3963,6 +4003,12 @@
3963
4003
  function addClientInfo(parameters) {
3964
4004
  parameters.set(CLIENT_INFO, "1");
3965
4005
  }
4006
+ /**
4007
+ * add clidata=1 to request to indicate client data support
4008
+ */
4009
+ function addCliData(parameters) {
4010
+ parameters.set(CLI_DATA, "1");
4011
+ }
3966
4012
  function addInstanceAware(parameters) {
3967
4013
  if (!parameters.has(INSTANCE_AWARE)) {
3968
4014
  parameters.set(INSTANCE_AWARE, "true");
@@ -4077,7 +4123,7 @@
4077
4123
  });
4078
4124
  }
4079
4125
 
4080
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4126
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4081
4127
  /*
4082
4128
  * Copyright (c) Microsoft Corporation. All rights reserved.
4083
4129
  * Licensed under the MIT License.
@@ -4089,7 +4135,7 @@
4089
4135
  response.hasOwnProperty("jwks_uri"));
4090
4136
  }
4091
4137
 
4092
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4138
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4093
4139
  /*
4094
4140
  * Copyright (c) Microsoft Corporation. All rights reserved.
4095
4141
  * Licensed under the MIT License.
@@ -4099,7 +4145,7 @@
4099
4145
  response.hasOwnProperty("metadata"));
4100
4146
  }
4101
4147
 
4102
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4148
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4103
4149
  /*
4104
4150
  * Copyright (c) Microsoft Corporation. All rights reserved.
4105
4151
  * Licensed under the MIT License.
@@ -4109,7 +4155,7 @@
4109
4155
  response.hasOwnProperty("error_description"));
4110
4156
  }
4111
4157
 
4112
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4158
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4113
4159
  /*
4114
4160
  * Copyright (c) Microsoft Corporation. All rights reserved.
4115
4161
  * Licensed under the MIT License.
@@ -4205,7 +4251,7 @@
4205
4251
  };
4206
4252
  };
4207
4253
 
4208
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4254
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4209
4255
 
4210
4256
  /*
4211
4257
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4311,7 +4357,7 @@
4311
4357
  },
4312
4358
  };
4313
4359
 
4314
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4360
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4315
4361
  /*
4316
4362
  * Copyright (c) Microsoft Corporation. All rights reserved.
4317
4363
  * Licensed under the MIT License.
@@ -4376,7 +4422,7 @@
4376
4422
  return cachedAtSec > nowSeconds();
4377
4423
  }
4378
4424
 
4379
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4425
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4380
4426
 
4381
4427
  /*
4382
4428
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4638,7 +4684,7 @@
4638
4684
  return metadata.expiresAt <= nowSeconds();
4639
4685
  }
4640
4686
 
4641
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4687
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4642
4688
 
4643
4689
  /*
4644
4690
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5477,7 +5523,7 @@
5477
5523
  };
5478
5524
  }
5479
5525
 
5480
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5526
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5481
5527
 
5482
5528
  /*
5483
5529
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5508,7 +5554,7 @@
5508
5554
  }
5509
5555
  }
5510
5556
 
5511
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5557
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5512
5558
 
5513
5559
  /*
5514
5560
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5527,7 +5573,7 @@
5527
5573
  }
5528
5574
  }
5529
5575
 
5530
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5576
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5531
5577
  /*
5532
5578
  * Copyright (c) Microsoft Corporation. All rights reserved.
5533
5579
  * Licensed under the MIT License.
@@ -5548,7 +5594,7 @@
5548
5594
  };
5549
5595
  }
5550
5596
 
5551
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5597
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5552
5598
 
5553
5599
  /*
5554
5600
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5635,7 +5681,7 @@
5635
5681
  }
5636
5682
  }
5637
5683
 
5638
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5684
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5639
5685
 
5640
5686
  /*
5641
5687
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5666,7 +5712,7 @@
5666
5712
  return new NetworkError(error, httpStatus, responseHeaders);
5667
5713
  }
5668
5714
 
5669
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5715
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5670
5716
 
5671
5717
  /*
5672
5718
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5814,7 +5860,7 @@
5814
5860
  }
5815
5861
  }
5816
5862
 
5817
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5863
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5818
5864
  /*
5819
5865
  * Copyright (c) Microsoft Corporation. All rights reserved.
5820
5866
  * Licensed under the MIT License.
@@ -5865,7 +5911,7 @@
5865
5911
  */
5866
5912
  const interruptedUser = "interrupted_user";
5867
5913
 
5868
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5914
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5869
5915
 
5870
5916
  /*
5871
5917
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5940,7 +5986,7 @@
5940
5986
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
5941
5987
  }
5942
5988
 
5943
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5989
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5944
5990
 
5945
5991
  /*
5946
5992
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6012,7 +6058,7 @@
6012
6058
  }
6013
6059
  }
6014
6060
 
6015
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6061
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6016
6062
 
6017
6063
  /*
6018
6064
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6094,7 +6140,7 @@
6094
6140
  }
6095
6141
  }
6096
6142
 
6097
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6143
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6098
6144
  /*
6099
6145
  * Copyright (c) Microsoft Corporation. All rights reserved.
6100
6146
  * Licensed under the MIT License.
@@ -6121,7 +6167,7 @@
6121
6167
  }
6122
6168
  }
6123
6169
 
6124
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6170
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6125
6171
 
6126
6172
  /*
6127
6173
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6460,7 +6506,7 @@
6460
6506
  return baseAccount;
6461
6507
  }
6462
6508
 
6463
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6509
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6464
6510
  /*
6465
6511
  * Copyright (c) Microsoft Corporation. All rights reserved.
6466
6512
  * Licensed under the MIT License.
@@ -6478,7 +6524,7 @@
6478
6524
  }
6479
6525
  }
6480
6526
 
6481
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6527
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6482
6528
 
6483
6529
  /*
6484
6530
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6627,11 +6673,6 @@
6627
6673
  throw createClientConfigurationError(missingSshJwk);
6628
6674
  }
6629
6675
  }
6630
- if (!StringUtils.isEmptyObj(request.claims) ||
6631
- (this.config.authOptions.clientCapabilities &&
6632
- this.config.authOptions.clientCapabilities.length > 0)) {
6633
- addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
6634
- }
6635
6676
  let ccsCred = undefined;
6636
6677
  if (request.clientInfo) {
6637
6678
  try {
@@ -6681,6 +6722,15 @@
6681
6722
  });
6682
6723
  }
6683
6724
  instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
6725
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
6726
+ const configClaims = request.skipBrokerClaims &&
6727
+ parameters.has(BROKER_CLIENT_ID)
6728
+ ? undefined
6729
+ : this.config.authOptions.clientCapabilities;
6730
+ if (!StringUtils.isEmptyObj(request.claims) ||
6731
+ (configClaims && configClaims.length > 0)) {
6732
+ addClaims(parameters, request.claims, configClaims);
6733
+ }
6684
6734
  return mapToQueryString(parameters);
6685
6735
  }
6686
6736
  /**
@@ -6714,7 +6764,7 @@
6714
6764
  }
6715
6765
  }
6716
6766
 
6717
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6767
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6718
6768
 
6719
6769
  /*
6720
6770
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6892,11 +6942,6 @@
6892
6942
  throw createClientConfigurationError(missingSshJwk);
6893
6943
  }
6894
6944
  }
6895
- if (!StringUtils.isEmptyObj(request.claims) ||
6896
- (this.config.authOptions.clientCapabilities &&
6897
- this.config.authOptions.clientCapabilities.length > 0)) {
6898
- addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
6899
- }
6900
6945
  if (this.config.systemOptions.preventCorsPreflight &&
6901
6946
  request.ccsCredential) {
6902
6947
  switch (request.ccsCredential.type) {
@@ -6922,11 +6967,20 @@
6922
6967
  addExtraQueryParameters(parameters, request.tokenBodyParameters);
6923
6968
  }
6924
6969
  instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
6970
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
6971
+ const configClaims = request.skipBrokerClaims &&
6972
+ parameters.has(BROKER_CLIENT_ID)
6973
+ ? undefined
6974
+ : this.config.authOptions.clientCapabilities;
6975
+ if (!StringUtils.isEmptyObj(request.claims) ||
6976
+ (configClaims && configClaims.length > 0)) {
6977
+ addClaims(parameters, request.claims, configClaims);
6978
+ }
6925
6979
  return mapToQueryString(parameters);
6926
6980
  }
6927
6981
  }
6928
6982
 
6929
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6983
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6930
6984
 
6931
6985
  /*
6932
6986
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7024,7 +7078,7 @@
7024
7078
  }
7025
7079
  }
7026
7080
 
7027
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7081
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7028
7082
 
7029
7083
  /*
7030
7084
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7039,7 +7093,7 @@
7039
7093
  },
7040
7094
  };
7041
7095
 
7042
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7096
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7043
7097
 
7044
7098
  /*
7045
7099
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7071,6 +7125,8 @@
7071
7125
  addResponseMode(parameters, request.responseMode);
7072
7126
  // add client_info=1
7073
7127
  addClientInfo(parameters);
7128
+ // add clidata=1
7129
+ addCliData(parameters);
7074
7130
  if (request.prompt) {
7075
7131
  addPrompt(parameters, request.prompt);
7076
7132
  performanceClient?.addFields({ prompt: request.prompt }, correlationId);
@@ -7160,14 +7216,17 @@
7160
7216
  if (request.state) {
7161
7217
  addState(parameters, request.state);
7162
7218
  }
7163
- if (request.claims ||
7164
- (authOptions.clientCapabilities &&
7165
- authOptions.clientCapabilities.length > 0)) {
7166
- addClaims(parameters, request.claims, authOptions.clientCapabilities);
7167
- }
7168
7219
  if (request.embeddedClientId) {
7169
7220
  addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
7170
7221
  }
7222
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
7223
+ const configClaims = request.skipBrokerClaims &&
7224
+ parameters.has(BROKER_CLIENT_ID)
7225
+ ? undefined
7226
+ : authOptions.clientCapabilities;
7227
+ if (request.claims || (configClaims && configClaims.length > 0)) {
7228
+ addClaims(parameters, request.claims, configClaims);
7229
+ }
7171
7230
  // If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
7172
7231
  if (authOptions.instanceAware &&
7173
7232
  (!request.extraQueryParameters ||
@@ -7263,7 +7322,7 @@
7263
7322
  return account.loginHint || account.idTokenClaims?.login_hint || null;
7264
7323
  }
7265
7324
 
7266
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7325
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7267
7326
 
7268
7327
  /*
7269
7328
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7526,7 +7585,7 @@
7526
7585
  }
7527
7586
  }
7528
7587
 
7529
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7588
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7530
7589
  /*
7531
7590
  * Copyright (c) Microsoft Corporation. All rights reserved.
7532
7591
  * Licensed under the MIT License.
@@ -7534,7 +7593,7 @@
7534
7593
  const missingKidError = "missing_kid_error";
7535
7594
  const missingAlgError = "missing_alg_error";
7536
7595
 
7537
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7596
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7538
7597
 
7539
7598
  /*
7540
7599
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7559,7 +7618,7 @@
7559
7618
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
7560
7619
  }
7561
7620
 
7562
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7621
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7563
7622
 
7564
7623
  /*
7565
7624
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7994,7 +8053,7 @@
7994
8053
 
7995
8054
  /* eslint-disable header/header */
7996
8055
  const name = "@azure/msal-browser";
7997
- const version = "4.29.0";
8056
+ const version = "4.30.0";
7998
8057
 
7999
8058
  /*
8000
8059
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -9762,6 +9821,10 @@
9762
9821
  async initializeAuthorizationRequest(request, interactionType) {
9763
9822
  this.performanceClient.addQueueMeasurement(PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.correlationId);
9764
9823
  const redirectUri = this.getRedirectUri(request.redirectUri);
9824
+ if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
9825
+ this.logger.warning("The origin of the redirect URI does not match the origin of the current page. This is likely to cause issues with authentication.", this.correlationId);
9826
+ this.performanceClient.addFields({ isRedirectUriCrossOrigin: true }, this.correlationId);
9827
+ }
9765
9828
  const browserState = {
9766
9829
  interactionType: interactionType,
9767
9830
  };
@@ -17227,11 +17290,19 @@
17227
17290
  this.logger.trace("NativeInteractionClient - initializeNativeRequest called");
17228
17291
  const canonicalAuthority = await this.getCanonicalAuthority(request);
17229
17292
  // scopes are expected to be received by the native broker as "scope" and will be added to the request below. Other properties that should be dropped from the request to the native broker can be included in the object destructuring here.
17230
- const { scopes, ...remainingProperties } = request;
17293
+ const { scopes, claims, ...remainingProperties } = request;
17231
17294
  const scopeSet = new ScopeSet(scopes || []);
17232
17295
  scopeSet.appendScopes(OIDC_DEFAULT_SCOPES);
17296
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
17297
+ const configClaims = request.skipBrokerClaims && !!request.embeddedClientId
17298
+ ? undefined
17299
+ : this.config.auth.clientCapabilities;
17300
+ const mergedClaims = configClaims && configClaims.length
17301
+ ? addClientCapabilitiesToClaims(claims, configClaims)
17302
+ : claims;
17233
17303
  const validatedRequest = {
17234
17304
  ...remainingProperties,
17305
+ claims: mergedClaims,
17235
17306
  accountId: this.accountId,
17236
17307
  clientId: this.config.auth.clientId,
17237
17308
  authority: canonicalAuthority.urlString,
@@ -17364,6 +17435,53 @@
17364
17435
  * Copyright (c) Microsoft Corporation. All rights reserved.
17365
17436
  * Licensed under the MIT License.
17366
17437
  */
17438
+ const clientDataAccountTypeMapping = new Map([
17439
+ ["e", "AAD"],
17440
+ ["m", "MSA"],
17441
+ ]);
17442
+ /**
17443
+ * Parses the clientdata response parameter from the /authorize endpoint.
17444
+ *
17445
+ * The clientdata value is URL-encoded and pipe-delimited:
17446
+ * urlencoded(account_type | error | sub_error | cloud_instance | caller_data_boundary)
17447
+ *
17448
+ * @param clientdata - The raw clientdata string from the authorize response
17449
+ * @returns Parsed ClientData object, or null if the input is empty/invalid
17450
+ */
17451
+ function parseClientData(clientdata) {
17452
+ if (!clientdata) {
17453
+ return null;
17454
+ }
17455
+ try {
17456
+ const decoded = decodeURIComponent(clientdata);
17457
+ const parts = decoded.split("|");
17458
+ if (parts.length < 5) {
17459
+ return null;
17460
+ }
17461
+ return {
17462
+ accountType: clientDataAccountTypeMapping.get(parts[0]?.trim() || "") || "",
17463
+ error: parts[1]?.trim() || "",
17464
+ subError: parts[2]?.trim() || "",
17465
+ cloudInstance: parts[3]?.trim() || "",
17466
+ callerDataBoundary: parts[4]?.trim() || "",
17467
+ };
17468
+ }
17469
+ catch {
17470
+ return null;
17471
+ }
17472
+ }
17473
+ /**
17474
+ * Instruments account type, error, and suberror from clientdata
17475
+ */
17476
+ function instrumentClientData(response, correlationId, performanceClient) {
17477
+ const parsed = parseClientData(response.clientdata);
17478
+ parsed?.accountType &&
17479
+ performanceClient.addFields({ accountType: parsed.accountType }, correlationId);
17480
+ parsed?.error &&
17481
+ performanceClient.addFields({ serverErrorNo: parsed.error }, correlationId);
17482
+ parsed?.subError &&
17483
+ performanceClient.addFields({ serverSubErrorNo: parsed.subError }, correlationId);
17484
+ }
17367
17485
  /**
17368
17486
  * Returns map of parameters that are applicable to all calls to /authorize whether using PKCE or EAR
17369
17487
  * @param config
@@ -17526,6 +17644,8 @@
17526
17644
  async function handleResponseCode(request, response, codeVerifier, apiId, config, authClient, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
17527
17645
  // Remove throttle if it exists
17528
17646
  ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
17647
+ // Instrument clientdata telemetry fields from the authorize response
17648
+ instrumentClientData(response, request.correlationId, performanceClient);
17529
17649
  if (response.accountId) {
17530
17650
  return invokeAsync(handleResponsePlatformBroker, PerformanceEvents.HandleResponsePlatformBroker, logger, performanceClient, request.correlationId)(request, response.accountId, apiId, config, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider);
17531
17651
  }
@@ -17558,6 +17678,8 @@
17558
17678
  async function handleResponseEAR(request, response, apiId, config, authority, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
17559
17679
  // Remove throttle if it exists
17560
17680
  ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
17681
+ // Instrument clientdata telemetry fields from the authorize response
17682
+ instrumentClientData(response, request.correlationId, performanceClient);
17561
17683
  // Validate state & check response for errors
17562
17684
  validateAuthorizationResponse(response, request.state);
17563
17685
  if (!response.ear_jwe) {
@@ -18323,14 +18445,28 @@
18323
18445
  return nativeResponse;
18324
18446
  }
18325
18447
  getDOMExtraParams(extraParameters) {
18326
- const stringifiedParams = Object.entries(extraParameters).reduce((record, [key, value]) => {
18327
- record[key] = String(value);
18328
- return record;
18329
- }, {});
18330
- const validExtraParams = {
18331
- ...stringifiedParams,
18332
- };
18333
- return validExtraParams;
18448
+ try {
18449
+ const stringifiedProperties = {};
18450
+ for (const [key, value] of Object.entries(extraParameters)) {
18451
+ if (!value) {
18452
+ continue;
18453
+ }
18454
+ if (typeof value === "object") {
18455
+ stringifiedProperties[key] = JSON.stringify(value);
18456
+ }
18457
+ else {
18458
+ stringifiedProperties[key] = String(value);
18459
+ }
18460
+ }
18461
+ return stringifiedProperties;
18462
+ }
18463
+ catch (e) {
18464
+ this.logger.error(this.platformAuthType + " - Error stringifying extra parameters");
18465
+ this.logger.errorPii(this.platformAuthType +
18466
+ " - Error stringifying extra parameters: " +
18467
+ e);
18468
+ return {};
18469
+ }
18334
18470
  }
18335
18471
  }
18336
18472
 
@@ -19381,6 +19517,12 @@
19381
19517
  */
19382
19518
  async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, performanceClient, logger, correlationId, responseType) {
19383
19519
  performanceClient.addQueueMeasurement(PerformanceEvents.SilentHandlerMonitorIframeForHash, correlationId);
19520
+ performanceClient.addFields({
19521
+ iframePollIntervalMs: pollIntervalMilliseconds,
19522
+ iframeTimeoutMs: timeout,
19523
+ }, correlationId);
19524
+ let totalTickCount = 0;
19525
+ let crossOriginTickCount = 0;
19384
19526
  return new Promise((resolve, reject) => {
19385
19527
  if (timeout < DEFAULT_IFRAME_TIMEOUT_MS) {
19386
19528
  logger.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${timeout}ms) than the default (${DEFAULT_IFRAME_TIMEOUT_MS}ms). This may result in timeouts.`);
@@ -19394,6 +19536,7 @@
19394
19536
  reject(createBrowserAuthError(monitorWindowTimeout));
19395
19537
  }, timeout);
19396
19538
  const intervalId = window.setInterval(() => {
19539
+ totalTickCount++;
19397
19540
  let href = "";
19398
19541
  const contentWindow = iframe.contentWindow;
19399
19542
  try {
@@ -19404,7 +19547,9 @@
19404
19547
  */
19405
19548
  href = contentWindow ? contentWindow.location.href : "";
19406
19549
  }
19407
- catch (e) { }
19550
+ catch (e) {
19551
+ crossOriginTickCount++;
19552
+ }
19408
19553
  if (!href || href === "about:blank") {
19409
19554
  return;
19410
19555
  }
@@ -19422,6 +19567,10 @@
19422
19567
  resolve(responseString);
19423
19568
  }, pollIntervalMilliseconds);
19424
19569
  }).finally(() => {
19570
+ performanceClient.addFields({
19571
+ iframeTickCount: totalTickCount,
19572
+ crossOriginTickCount: crossOriginTickCount,
19573
+ }, correlationId);
19425
19574
  invoke(removeHiddenIframe, PerformanceEvents.RemoveHiddenIframe, logger, performanceClient, correlationId)(iframe);
19426
19575
  });
19427
19576
  }
@@ -20049,6 +20198,10 @@
20049
20198
  * Copyright (c) Microsoft Corporation. All rights reserved.
20050
20199
  * Licensed under the MIT License.
20051
20200
  */
20201
+ /**
20202
+ * Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
20203
+ * @returns Network connection information, or an empty object if not available.
20204
+ */
20052
20205
  function collectInstanceStats(currentClientId, performanceEvent, logger) {
20053
20206
  const frameInstances =
20054
20207
  // @ts-ignore
@@ -20142,22 +20295,30 @@
20142
20295
  this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto, this.performanceClient);
20143
20296
  this.activeSilentTokenRequests = new Map();
20144
20297
  // Register listener functions
20145
- this.trackPageVisibility = this.trackPageVisibility.bind(this);
20146
- // Register listener functions
20147
- this.trackPageVisibilityWithMeasurement =
20148
- this.trackPageVisibilityWithMeasurement.bind(this);
20298
+ this.trackStateChangeWithMeasurement =
20299
+ this.trackStateChangeWithMeasurement.bind(this);
20149
20300
  }
20150
20301
  static async createController(operatingContext, request) {
20151
20302
  const controller = new StandardController(operatingContext);
20152
20303
  await controller.initialize(request);
20153
20304
  return controller;
20154
20305
  }
20155
- trackPageVisibility(correlationId) {
20306
+ trackStateChange(correlationId, event) {
20156
20307
  if (!correlationId) {
20157
20308
  return;
20158
20309
  }
20159
- this.logger.info("Perf: Visibility change detected");
20160
- this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
20310
+ if (event.type === "visibilitychange") {
20311
+ this.logger.info("Perf: Visibility change detected");
20312
+ this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
20313
+ }
20314
+ else if (event.type === "online") {
20315
+ this.logger.info("Perf: Online status change detected");
20316
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
20317
+ }
20318
+ else if (event.type === "offline") {
20319
+ this.logger.info("Perf: Offline status change detected");
20320
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
20321
+ }
20161
20322
  }
20162
20323
  /**
20163
20324
  * Initializer function to perform async startup tasks such as connecting to WAM extension
@@ -20563,16 +20724,40 @@
20563
20724
  }
20564
20725
  });
20565
20726
  }
20566
- trackPageVisibilityWithMeasurement() {
20727
+ trackStateChangeWithMeasurement(event) {
20567
20728
  const measurement = this.ssoSilentMeasurement ||
20568
20729
  this.acquireTokenByCodeAsyncMeasurement;
20569
20730
  if (!measurement) {
20570
20731
  return;
20571
20732
  }
20572
- this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
20573
- measurement.increment({
20574
- visibilityChangeCount: 1,
20575
- });
20733
+ if (event.type === "visibilitychange") {
20734
+ this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
20735
+ measurement.increment({
20736
+ visibilityChangeCount: 1,
20737
+ });
20738
+ }
20739
+ else if (event.type === "online") {
20740
+ this.logger.info("Perf: Online status change detected in ", measurement.event.name);
20741
+ measurement.increment({
20742
+ onlineStatusChangeCount: 1,
20743
+ });
20744
+ }
20745
+ else if (event.type === "offline") {
20746
+ this.logger.info("Perf: Offline status change detected in ", measurement.event.name);
20747
+ measurement.increment({
20748
+ onlineStatusChangeCount: 1,
20749
+ });
20750
+ }
20751
+ }
20752
+ addStateChangeListeners(listener) {
20753
+ document.addEventListener("visibilitychange", listener);
20754
+ window.addEventListener("online", listener);
20755
+ window.addEventListener("offline", listener);
20756
+ }
20757
+ removeStateChangeListeners(listener) {
20758
+ document.removeEventListener("visibilitychange", listener);
20759
+ window.removeEventListener("online", listener);
20760
+ window.removeEventListener("offline", listener);
20576
20761
  }
20577
20762
  /**
20578
20763
  * SSO capability verification in the background.
@@ -20653,8 +20838,9 @@
20653
20838
  preflightCheck(this.initialized, this.ssoSilentMeasurement, request.account);
20654
20839
  this.ssoSilentMeasurement?.increment({
20655
20840
  visibilityChangeCount: 0,
20841
+ onlineStatusChangeCount: 0,
20656
20842
  });
20657
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
20843
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
20658
20844
  this.logger.verbose("ssoSilent called", correlationId);
20659
20845
  this.eventHandler.emitEvent(EventType.SSO_SILENT_START, InteractionType.Silent, validRequest);
20660
20846
  let result;
@@ -20698,7 +20884,7 @@
20698
20884
  throw e;
20699
20885
  })
20700
20886
  .finally(() => {
20701
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
20887
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
20702
20888
  });
20703
20889
  }
20704
20890
  /**
@@ -20810,8 +20996,9 @@
20810
20996
  this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenByCodeAsync, request.correlationId);
20811
20997
  this.acquireTokenByCodeAsyncMeasurement?.increment({
20812
20998
  visibilityChangeCount: 0,
20999
+ onlineStatusChangeCount: 0,
20813
21000
  });
20814
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
21001
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
20815
21002
  const silentAuthCodeClient = this.createSilentAuthCodeClient(request.correlationId);
20816
21003
  const silentTokenResult = await silentAuthCodeClient
20817
21004
  .acquireToken(request)
@@ -20829,7 +21016,7 @@
20829
21016
  throw tokenRenewalError;
20830
21017
  })
20831
21018
  .finally(() => {
20832
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
21019
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
20833
21020
  });
20834
21021
  return silentTokenResult;
20835
21022
  }
@@ -21374,13 +21561,13 @@
21374
21561
  * @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
21375
21562
  */
21376
21563
  async acquireTokenSilentAsync(request, account) {
21377
- const trackPageVisibility = () => this.trackPageVisibility(request.correlationId);
21564
+ const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
21378
21565
  this.performanceClient.addQueueMeasurement(PerformanceEvents.AcquireTokenSilentAsync, request.correlationId);
21379
21566
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, InteractionType.Silent, request);
21380
21567
  if (request.correlationId) {
21381
- this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
21568
+ this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
21382
21569
  }
21383
- document.addEventListener("visibilitychange", trackPageVisibility);
21570
+ this.addStateChangeListeners(trackStateChange);
21384
21571
  const silentRequest = await invokeAsync(initializeSilentRequest, PerformanceEvents.InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
21385
21572
  const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
21386
21573
  const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
@@ -21459,7 +21646,7 @@
21459
21646
  throw tokenRenewalError;
21460
21647
  })
21461
21648
  .finally(() => {
21462
- document.removeEventListener("visibilitychange", trackPageVisibility);
21649
+ this.removeStateChangeListeners(trackStateChange);
21463
21650
  });
21464
21651
  }
21465
21652
  /**