@azure/msal-browser 4.29.0 → 4.30.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (329) hide show
  1. package/README.md +25 -25
  2. package/dist/app/IPublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientApplication.mjs +1 -1
  4. package/dist/app/PublicClientNext.mjs +1 -1
  5. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
  8. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  9. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  10. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  11. package/dist/cache/AccountManager.mjs +1 -1
  12. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  13. package/dist/cache/BrowserCacheManager.mjs +1 -1
  14. package/dist/cache/CacheHelpers.mjs +1 -1
  15. package/dist/cache/CacheKeys.mjs +1 -1
  16. package/dist/cache/CookieStorage.mjs +1 -1
  17. package/dist/cache/DatabaseStorage.mjs +1 -1
  18. package/dist/cache/EncryptedData.mjs +1 -1
  19. package/dist/cache/LocalStorage.mjs +1 -1
  20. package/dist/cache/MemoryStorage.mjs +1 -1
  21. package/dist/cache/SessionStorage.mjs +1 -1
  22. package/dist/cache/TokenCache.mjs +1 -1
  23. package/dist/config/Configuration.mjs +1 -1
  24. package/dist/controllers/ControllerFactory.mjs +1 -1
  25. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  26. package/dist/controllers/StandardController.d.ts +4 -2
  27. package/dist/controllers/StandardController.d.ts.map +1 -1
  28. package/dist/controllers/StandardController.mjs +55 -21
  29. package/dist/controllers/StandardController.mjs.map +1 -1
  30. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  31. package/dist/crypto/BrowserCrypto.mjs +1 -1
  32. package/dist/crypto/CryptoOps.mjs +1 -1
  33. package/dist/crypto/PkceGenerator.mjs +1 -1
  34. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  35. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  36. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  37. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  38. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
  39. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  40. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  41. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  42. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  43. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  44. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  45. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  46. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  47. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  48. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  49. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  50. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  51. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  52. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  53. package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
  54. package/dist/custom-auth-path/config/Configuration.mjs +1 -1
  55. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  56. package/dist/custom-auth-path/controllers/StandardController.d.ts +4 -2
  57. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  58. package/dist/custom-auth-path/controllers/StandardController.mjs +55 -21
  59. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  60. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  61. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  62. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  63. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  64. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  65. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  166. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  167. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  169. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  170. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  171. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  172. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  173. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  174. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  175. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  176. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  177. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  178. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  179. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  180. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  181. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  182. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  183. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +11 -3
  184. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  185. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  186. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  187. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  188. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  189. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
  190. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  191. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  192. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +5 -1
  193. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
  194. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  195. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
  196. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +15 -2
  197. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
  198. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  199. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  200. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  201. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  202. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  203. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  204. package/dist/custom-auth-path/protocol/Authorize.d.ts +28 -0
  205. package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
  206. package/dist/custom-auth-path/protocol/Authorize.mjs +53 -2
  207. package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
  208. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  209. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  210. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
  211. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  212. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  213. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  214. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  215. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  216. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
  217. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  218. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
  219. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
  220. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  221. package/dist/encode/Base64Decode.mjs +1 -1
  222. package/dist/encode/Base64Encode.mjs +1 -1
  223. package/dist/error/BrowserAuthError.mjs +1 -1
  224. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  225. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  226. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  227. package/dist/error/NativeAuthError.mjs +1 -1
  228. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  229. package/dist/error/NestedAppAuthError.mjs +1 -1
  230. package/dist/event/EventHandler.mjs +1 -1
  231. package/dist/event/EventMessage.mjs +1 -1
  232. package/dist/event/EventType.mjs +1 -1
  233. package/dist/index.mjs +1 -1
  234. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  235. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  236. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  237. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +11 -3
  238. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  239. package/dist/interaction_client/PopupClient.mjs +1 -1
  240. package/dist/interaction_client/RedirectClient.mjs +1 -1
  241. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  242. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  243. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  244. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  245. package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  246. package/dist/interaction_client/StandardInteractionClient.mjs +5 -1
  247. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  248. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  249. package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
  250. package/dist/interaction_handler/SilentHandler.mjs +15 -2
  251. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  252. package/dist/naa/BridgeError.mjs +1 -1
  253. package/dist/naa/BridgeProxy.mjs +1 -1
  254. package/dist/naa/BridgeStatusCode.mjs +1 -1
  255. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  256. package/dist/navigation/NavigationClient.mjs +1 -1
  257. package/dist/network/FetchClient.mjs +1 -1
  258. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  259. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  260. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  261. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  262. package/dist/packageMetadata.d.ts +1 -1
  263. package/dist/packageMetadata.mjs +2 -2
  264. package/dist/protocol/Authorize.d.ts +28 -0
  265. package/dist/protocol/Authorize.d.ts.map +1 -1
  266. package/dist/protocol/Authorize.mjs +53 -2
  267. package/dist/protocol/Authorize.mjs.map +1 -1
  268. package/dist/request/RequestHelpers.mjs +1 -1
  269. package/dist/response/ResponseHandler.mjs +1 -1
  270. package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
  271. package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  272. package/dist/telemetry/BrowserPerformanceClient.mjs +10 -1
  273. package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
  274. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  275. package/dist/utils/BrowserConstants.mjs +1 -1
  276. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  277. package/dist/utils/BrowserUtils.mjs +1 -1
  278. package/dist/utils/Helpers.mjs +1 -1
  279. package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
  280. package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  281. package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
  282. package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
  283. package/lib/custom-auth-path/msal-custom-auth.cjs +298 -111
  284. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  285. package/lib/custom-auth-path/msal-custom-auth.js +298 -111
  286. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  287. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  288. package/lib/custom-auth-path/types/controllers/StandardController.d.ts +4 -2
  289. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  290. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  291. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  292. package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  293. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  294. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  295. package/lib/custom-auth-path/types/protocol/Authorize.d.ts +28 -0
  296. package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
  297. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  298. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  299. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  300. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  301. package/lib/msal-browser.cjs +329 -115
  302. package/lib/msal-browser.cjs.map +1 -1
  303. package/lib/msal-browser.js +329 -115
  304. package/lib/msal-browser.js.map +1 -1
  305. package/lib/msal-browser.min.js +64 -64
  306. package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  307. package/lib/types/controllers/StandardController.d.ts +4 -2
  308. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  309. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  310. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  311. package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  312. package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  313. package/lib/types/packageMetadata.d.ts +1 -1
  314. package/lib/types/protocol/Authorize.d.ts +28 -0
  315. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  316. package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  317. package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  318. package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  319. package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  320. package/package.json +2 -2
  321. package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +24 -13
  322. package/src/controllers/StandardController.ts +74 -41
  323. package/src/interaction_client/PlatformAuthInteractionClient.ts +17 -1
  324. package/src/interaction_client/StandardInteractionClient.ts +12 -0
  325. package/src/interaction_handler/SilentHandler.ts +21 -1
  326. package/src/packageMetadata.ts +1 -1
  327. package/src/protocol/Authorize.ts +91 -0
  328. package/src/telemetry/BrowserPerformanceClient.ts +10 -0
  329. package/src/utils/MsalFrameStatsUtils.ts +27 -0
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v4.29.0 2026-02-23 */
1
+ /*! @azure/msal-browser v4.30.0 2026-03-18 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -279,7 +279,7 @@ const JsonWebTokenTypes = {
279
279
  // Token renewal offset default in seconds
280
280
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
281
281
 
282
- /*! @azure/msal-common v15.15.0 2026-02-23 */
282
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
283
283
  /*
284
284
  * Copyright (c) Microsoft Corporation. All rights reserved.
285
285
  * Licensed under the MIT License.
@@ -296,7 +296,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
296
296
  unexpectedError: unexpectedError
297
297
  });
298
298
 
299
- /*! @azure/msal-common v15.15.0 2026-02-23 */
299
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
300
300
 
301
301
  /*
302
302
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -345,7 +345,7 @@ function createAuthError(code, additionalMessage) {
345
345
  : AuthErrorMessages[code]);
346
346
  }
347
347
 
348
- /*! @azure/msal-common v15.15.0 2026-02-23 */
348
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
349
349
  /*
350
350
  * Copyright (c) Microsoft Corporation. All rights reserved.
351
351
  * Licensed under the MIT License.
@@ -445,7 +445,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
445
445
  userTimeoutReached: userTimeoutReached
446
446
  });
447
447
 
448
- /*! @azure/msal-common v15.15.0 2026-02-23 */
448
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
449
449
 
450
450
  /*
451
451
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -702,7 +702,7 @@ function createClientAuthError(errorCode, additionalMessage) {
702
702
  return new ClientAuthError(errorCode, additionalMessage);
703
703
  }
704
704
 
705
- /*! @azure/msal-common v15.15.0 2026-02-23 */
705
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
706
706
 
707
707
  /*
708
708
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -741,7 +741,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
741
741
  },
742
742
  };
743
743
 
744
- /*! @azure/msal-common v15.15.0 2026-02-23 */
744
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
745
745
 
746
746
  /*
747
747
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -932,12 +932,12 @@ class Logger {
932
932
  }
933
933
  }
934
934
 
935
- /*! @azure/msal-common v15.15.0 2026-02-23 */
935
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
936
936
  /* eslint-disable header/header */
937
937
  const name$1 = "@azure/msal-common";
938
- const version$1 = "15.15.0";
938
+ const version$1 = "15.17.0";
939
939
 
940
- /*! @azure/msal-common v15.15.0 2026-02-23 */
940
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
941
941
  /*
942
942
  * Copyright (c) Microsoft Corporation. All rights reserved.
943
943
  * Licensed under the MIT License.
@@ -957,7 +957,7 @@ const AzureCloudInstance = {
957
957
  AzureUsGovernment: "https://login.microsoftonline.us",
958
958
  };
959
959
 
960
- /*! @azure/msal-common v15.15.0 2026-02-23 */
960
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
961
961
  /*
962
962
  * Copyright (c) Microsoft Corporation. All rights reserved.
963
963
  * Licensed under the MIT License.
@@ -1015,7 +1015,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
1015
1015
  urlParseError: urlParseError
1016
1016
  });
1017
1017
 
1018
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1018
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1019
1019
 
1020
1020
  /*
1021
1021
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1163,7 +1163,7 @@ function createClientConfigurationError(errorCode) {
1163
1163
  return new ClientConfigurationError(errorCode);
1164
1164
  }
1165
1165
 
1166
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1166
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1167
1167
  /*
1168
1168
  * Copyright (c) Microsoft Corporation. All rights reserved.
1169
1169
  * Licensed under the MIT License.
@@ -1258,9 +1258,48 @@ class StringUtils {
1258
1258
  .replace(/\?/g, "\\?"));
1259
1259
  return regex.test(input);
1260
1260
  }
1261
+ /**
1262
+ * Tests if a given string matches a given pattern using stricter, anchored matching semantics.
1263
+ *
1264
+ * Differences from `matchPattern` (legacy):
1265
+ * - All regex metacharacters (including `.`) in the pattern are treated as literals,
1266
+ * so `example.com` matches only `example.com` and not `exampleXcom`.
1267
+ * - The generated regex is anchored with `^` and `$` so partial/substring matches
1268
+ * are not allowed.
1269
+ * - `*` is the only supported wildcard. Its behaviour depends on the URL component:
1270
+ * - `host` component: `*` matches any sequence of characters that does NOT include
1271
+ * a dot (`.`), keeping wildcards within a single DNS label boundary.
1272
+ * - All other components: `*` matches any sequence of characters (including `/`).
1273
+ *
1274
+ * @param pattern - The `protectedResourceMap` key pattern to match against. `*` is a
1275
+ * multi-character wildcard; all other characters are treated as literals.
1276
+ * @param input - The URL component value (e.g. host, pathname) extracted from the
1277
+ * outgoing request URL to test against the pattern.
1278
+ * @param options - Optional. Provide `component` to enable component-aware wildcard
1279
+ * semantics. Accepted values: `"host"`, `"path"`, `"protocol"`, `"search"`,
1280
+ * `"hash"`. Defaults to path-style (permissive) matching when omitted.
1281
+ * @returns `true` if the full input string matches the pattern; `false` otherwise.
1282
+ */
1283
+ static matchPatternStrict(pattern, input, options) {
1284
+ const component = options?.component;
1285
+ // Step 1: Escape all regex special characters so literals are matched literally.
1286
+ let regexBody = pattern.replace(/[.+^${}()|[\]\\*?]/g, "\\$&");
1287
+ // Step 2: Replace the escaped '*' with its component-aware regex equivalent.
1288
+ if (component === "host") {
1289
+ regexBody = regexBody.replace(/\\\*/g, "[^.]*");
1290
+ }
1291
+ else {
1292
+ // PATH, PROTOCOL, SEARCH, HASH, or unspecified: '*' matches any characters.
1293
+ regexBody = regexBody.replace(/\\\*/g, ".*");
1294
+ }
1295
+ // Step 3: Anchor for full-string matching.
1296
+ // eslint-disable-next-line security/detect-non-literal-regexp
1297
+ const regex = new RegExp(`^${regexBody}$`);
1298
+ return regex.test(input);
1299
+ }
1261
1300
  }
1262
1301
 
1263
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1302
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1264
1303
 
1265
1304
  /*
1266
1305
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1455,7 +1494,7 @@ class ScopeSet {
1455
1494
  }
1456
1495
  }
1457
1496
 
1458
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1497
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1459
1498
 
1460
1499
  /*
1461
1500
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1495,7 +1534,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
1495
1534
  };
1496
1535
  }
1497
1536
 
1498
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1537
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1499
1538
  /*
1500
1539
  * Copyright (c) Microsoft Corporation. All rights reserved.
1501
1540
  * Licensed under the MIT License.
@@ -1577,7 +1616,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1577
1616
  return updatedAccountInfo;
1578
1617
  }
1579
1618
 
1580
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1619
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1581
1620
  /*
1582
1621
  * Copyright (c) Microsoft Corporation. All rights reserved.
1583
1622
  * Licensed under the MIT License.
@@ -1592,7 +1631,7 @@ const AuthorityType = {
1592
1631
  Ciam: 3,
1593
1632
  };
1594
1633
 
1595
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1634
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1596
1635
  /*
1597
1636
  * Copyright (c) Microsoft Corporation. All rights reserved.
1598
1637
  * Licensed under the MIT License.
@@ -1614,7 +1653,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
1614
1653
  return null;
1615
1654
  }
1616
1655
 
1617
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1656
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1618
1657
  /*
1619
1658
  * Copyright (c) Microsoft Corporation. All rights reserved.
1620
1659
  * Licensed under the MIT License.
@@ -1638,7 +1677,7 @@ const ProtocolMode = {
1638
1677
  EAR: "EAR",
1639
1678
  };
1640
1679
 
1641
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1680
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1642
1681
 
1643
1682
  /*
1644
1683
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1873,7 +1912,7 @@ class AccountEntity {
1873
1912
  }
1874
1913
  }
1875
1914
 
1876
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1915
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1877
1916
 
1878
1917
  /*
1879
1918
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1954,7 +1993,7 @@ function checkMaxAge(authTime, maxAge) {
1954
1993
  }
1955
1994
  }
1956
1995
 
1957
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1996
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1958
1997
 
1959
1998
  /*
1960
1999
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2070,7 +2109,7 @@ function normalizeUrlForComparison(url) {
2070
2109
  }
2071
2110
  }
2072
2111
 
2073
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2112
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2074
2113
 
2075
2114
  /*
2076
2115
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2234,7 +2273,7 @@ class UrlString {
2234
2273
  }
2235
2274
  }
2236
2275
 
2237
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2276
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2238
2277
 
2239
2278
  /*
2240
2279
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2409,7 +2448,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2409
2448
  return null;
2410
2449
  }
2411
2450
 
2412
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2451
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2413
2452
  /*
2414
2453
  * Copyright (c) Microsoft Corporation. All rights reserved.
2415
2454
  * Licensed under the MIT License.
@@ -2417,7 +2456,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2417
2456
  const cacheQuotaExceeded = "cache_quota_exceeded";
2418
2457
  const cacheErrorUnknown = "cache_error_unknown";
2419
2458
 
2420
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2459
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2421
2460
 
2422
2461
  /*
2423
2462
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2462,7 +2501,7 @@ function createCacheError(e) {
2462
2501
  }
2463
2502
  }
2464
2503
 
2465
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2504
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2466
2505
 
2467
2506
  /*
2468
2507
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3573,7 +3612,7 @@ class DefaultStorageClass extends CacheManager {
3573
3612
  }
3574
3613
  }
3575
3614
 
3576
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3615
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3577
3616
  /*
3578
3617
  * Copyright (c) Microsoft Corporation. All rights reserved.
3579
3618
  * Licensed under the MIT License.
@@ -4104,9 +4143,14 @@ const IntFields = new Set([
4104
4143
  "currRefreshCount",
4105
4144
  "expiredCacheRemovedCount",
4106
4145
  "upgradedCacheCount",
4146
+ "networkRtt",
4147
+ "iframePollIntervalMs",
4148
+ "iframeTimeoutMs",
4149
+ "iframeTickCount",
4150
+ "crossOriginTickCount",
4107
4151
  ]);
4108
4152
 
4109
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4153
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4110
4154
 
4111
4155
  /*
4112
4156
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4185,7 +4229,7 @@ class StubPerformanceClient {
4185
4229
  }
4186
4230
  }
4187
4231
 
4188
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4232
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4189
4233
 
4190
4234
  /*
4191
4235
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4285,7 +4329,7 @@ function isOidcProtocolMode(config) {
4285
4329
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
4286
4330
  }
4287
4331
 
4288
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4332
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4289
4333
  /*
4290
4334
  * Copyright (c) Microsoft Corporation. All rights reserved.
4291
4335
  * Licensed under the MIT License.
@@ -4295,7 +4339,7 @@ const CcsCredentialType = {
4295
4339
  UPN: "UPN",
4296
4340
  };
4297
4341
 
4298
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4342
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4299
4343
  /*
4300
4344
  * Copyright (c) Microsoft Corporation. All rights reserved.
4301
4345
  * Licensed under the MIT License.
@@ -4343,9 +4387,10 @@ const BROKER_CLIENT_ID = "brk_client_id";
4343
4387
  const BROKER_REDIRECT_URI = "brk_redirect_uri";
4344
4388
  const INSTANCE_AWARE = "instance_aware";
4345
4389
  const EAR_JWK = "ear_jwk";
4346
- const EAR_JWE_CRYPTO = "ear_jwe_crypto";
4390
+ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
4391
+ const CLI_DATA = "clidata";
4347
4392
 
4348
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4393
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4349
4394
 
4350
4395
  /*
4351
4396
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4611,6 +4656,12 @@ function addGrantType(parameters, grantType) {
4611
4656
  function addClientInfo(parameters) {
4612
4657
  parameters.set(CLIENT_INFO, "1");
4613
4658
  }
4659
+ /**
4660
+ * add clidata=1 to request to indicate client data support
4661
+ */
4662
+ function addCliData(parameters) {
4663
+ parameters.set(CLI_DATA, "1");
4664
+ }
4614
4665
  function addInstanceAware(parameters) {
4615
4666
  if (!parameters.has(INSTANCE_AWARE)) {
4616
4667
  parameters.set(INSTANCE_AWARE, "true");
@@ -4725,7 +4776,7 @@ function addPostBodyParameters(parameters, bodyParameters) {
4725
4776
  });
4726
4777
  }
4727
4778
 
4728
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4779
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4729
4780
  /*
4730
4781
  * Copyright (c) Microsoft Corporation. All rights reserved.
4731
4782
  * Licensed under the MIT License.
@@ -4737,7 +4788,7 @@ function isOpenIdConfigResponse(response) {
4737
4788
  response.hasOwnProperty("jwks_uri"));
4738
4789
  }
4739
4790
 
4740
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4791
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4741
4792
  /*
4742
4793
  * Copyright (c) Microsoft Corporation. All rights reserved.
4743
4794
  * Licensed under the MIT License.
@@ -4747,7 +4798,7 @@ function isCloudInstanceDiscoveryResponse(response) {
4747
4798
  response.hasOwnProperty("metadata"));
4748
4799
  }
4749
4800
 
4750
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4801
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4751
4802
  /*
4752
4803
  * Copyright (c) Microsoft Corporation. All rights reserved.
4753
4804
  * Licensed under the MIT License.
@@ -4757,7 +4808,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
4757
4808
  response.hasOwnProperty("error_description"));
4758
4809
  }
4759
4810
 
4760
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4811
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4761
4812
  /*
4762
4813
  * Copyright (c) Microsoft Corporation. All rights reserved.
4763
4814
  * Licensed under the MIT License.
@@ -4853,7 +4904,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
4853
4904
  };
4854
4905
  };
4855
4906
 
4856
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4907
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4857
4908
 
4858
4909
  /*
4859
4910
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4959,7 +5010,7 @@ RegionDiscovery.IMDS_OPTIONS = {
4959
5010
  },
4960
5011
  };
4961
5012
 
4962
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5013
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4963
5014
  /*
4964
5015
  * Copyright (c) Microsoft Corporation. All rights reserved.
4965
5016
  * Licensed under the MIT License.
@@ -5024,7 +5075,7 @@ function wasClockTurnedBack(cachedAt) {
5024
5075
  return cachedAtSec > nowSeconds();
5025
5076
  }
5026
5077
 
5027
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5078
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5028
5079
 
5029
5080
  /*
5030
5081
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5286,7 +5337,7 @@ function isAuthorityMetadataExpired(metadata) {
5286
5337
  return metadata.expiresAt <= nowSeconds();
5287
5338
  }
5288
5339
 
5289
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5340
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5290
5341
 
5291
5342
  /*
5292
5343
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6125,7 +6176,7 @@ function buildStaticAuthorityOptions(authOptions) {
6125
6176
  };
6126
6177
  }
6127
6178
 
6128
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6179
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6129
6180
 
6130
6181
  /*
6131
6182
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6156,7 +6207,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
6156
6207
  }
6157
6208
  }
6158
6209
 
6159
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6210
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6160
6211
 
6161
6212
  /*
6162
6213
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6175,7 +6226,7 @@ class ServerError extends AuthError {
6175
6226
  }
6176
6227
  }
6177
6228
 
6178
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6229
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6179
6230
  /*
6180
6231
  * Copyright (c) Microsoft Corporation. All rights reserved.
6181
6232
  * Licensed under the MIT License.
@@ -6196,7 +6247,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
6196
6247
  };
6197
6248
  }
6198
6249
 
6199
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6250
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6200
6251
 
6201
6252
  /*
6202
6253
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6283,7 +6334,7 @@ class ThrottlingUtils {
6283
6334
  }
6284
6335
  }
6285
6336
 
6286
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6337
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6287
6338
 
6288
6339
  /*
6289
6340
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6314,7 +6365,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
6314
6365
  return new NetworkError(error, httpStatus, responseHeaders);
6315
6366
  }
6316
6367
 
6317
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6368
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6318
6369
 
6319
6370
  /*
6320
6371
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6462,7 +6513,7 @@ class BaseClient {
6462
6513
  }
6463
6514
  }
6464
6515
 
6465
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6516
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6466
6517
  /*
6467
6518
  * Copyright (c) Microsoft Corporation. All rights reserved.
6468
6519
  * Licensed under the MIT License.
@@ -6526,7 +6577,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
6526
6577
  uxNotAllowed: uxNotAllowed
6527
6578
  });
6528
6579
 
6529
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6580
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6530
6581
 
6531
6582
  /*
6532
6583
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6623,7 +6674,7 @@ function createInteractionRequiredAuthError(errorCode) {
6623
6674
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
6624
6675
  }
6625
6676
 
6626
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6677
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6627
6678
 
6628
6679
  /*
6629
6680
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6695,7 +6746,7 @@ class ProtocolUtils {
6695
6746
  }
6696
6747
  }
6697
6748
 
6698
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6749
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6699
6750
 
6700
6751
  /*
6701
6752
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6777,7 +6828,7 @@ class PopTokenGenerator {
6777
6828
  }
6778
6829
  }
6779
6830
 
6780
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6831
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6781
6832
  /*
6782
6833
  * Copyright (c) Microsoft Corporation. All rights reserved.
6783
6834
  * Licensed under the MIT License.
@@ -6804,7 +6855,7 @@ class PopTokenGenerator {
6804
6855
  }
6805
6856
  }
6806
6857
 
6807
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6858
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6808
6859
 
6809
6860
  /*
6810
6861
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7143,7 +7194,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
7143
7194
  return baseAccount;
7144
7195
  }
7145
7196
 
7146
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7197
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7147
7198
  /*
7148
7199
  * Copyright (c) Microsoft Corporation. All rights reserved.
7149
7200
  * Licensed under the MIT License.
@@ -7161,7 +7212,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
7161
7212
  }
7162
7213
  }
7163
7214
 
7164
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7215
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7165
7216
 
7166
7217
  /*
7167
7218
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7310,11 +7361,6 @@ class AuthorizationCodeClient extends BaseClient {
7310
7361
  throw createClientConfigurationError(missingSshJwk);
7311
7362
  }
7312
7363
  }
7313
- if (!StringUtils.isEmptyObj(request.claims) ||
7314
- (this.config.authOptions.clientCapabilities &&
7315
- this.config.authOptions.clientCapabilities.length > 0)) {
7316
- addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
7317
- }
7318
7364
  let ccsCred = undefined;
7319
7365
  if (request.clientInfo) {
7320
7366
  try {
@@ -7364,6 +7410,15 @@ class AuthorizationCodeClient extends BaseClient {
7364
7410
  });
7365
7411
  }
7366
7412
  instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
7413
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
7414
+ const configClaims = request.skipBrokerClaims &&
7415
+ parameters.has(BROKER_CLIENT_ID)
7416
+ ? undefined
7417
+ : this.config.authOptions.clientCapabilities;
7418
+ if (!StringUtils.isEmptyObj(request.claims) ||
7419
+ (configClaims && configClaims.length > 0)) {
7420
+ addClaims(parameters, request.claims, configClaims);
7421
+ }
7367
7422
  return mapToQueryString(parameters);
7368
7423
  }
7369
7424
  /**
@@ -7397,7 +7452,7 @@ class AuthorizationCodeClient extends BaseClient {
7397
7452
  }
7398
7453
  }
7399
7454
 
7400
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7455
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7401
7456
 
7402
7457
  /*
7403
7458
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7575,11 +7630,6 @@ class RefreshTokenClient extends BaseClient {
7575
7630
  throw createClientConfigurationError(missingSshJwk);
7576
7631
  }
7577
7632
  }
7578
- if (!StringUtils.isEmptyObj(request.claims) ||
7579
- (this.config.authOptions.clientCapabilities &&
7580
- this.config.authOptions.clientCapabilities.length > 0)) {
7581
- addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
7582
- }
7583
7633
  if (this.config.systemOptions.preventCorsPreflight &&
7584
7634
  request.ccsCredential) {
7585
7635
  switch (request.ccsCredential.type) {
@@ -7605,11 +7655,20 @@ class RefreshTokenClient extends BaseClient {
7605
7655
  addExtraQueryParameters(parameters, request.tokenBodyParameters);
7606
7656
  }
7607
7657
  instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
7658
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
7659
+ const configClaims = request.skipBrokerClaims &&
7660
+ parameters.has(BROKER_CLIENT_ID)
7661
+ ? undefined
7662
+ : this.config.authOptions.clientCapabilities;
7663
+ if (!StringUtils.isEmptyObj(request.claims) ||
7664
+ (configClaims && configClaims.length > 0)) {
7665
+ addClaims(parameters, request.claims, configClaims);
7666
+ }
7608
7667
  return mapToQueryString(parameters);
7609
7668
  }
7610
7669
  }
7611
7670
 
7612
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7671
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7613
7672
 
7614
7673
  /*
7615
7674
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7707,7 +7766,7 @@ class SilentFlowClient extends BaseClient {
7707
7766
  }
7708
7767
  }
7709
7768
 
7710
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7769
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7711
7770
 
7712
7771
  /*
7713
7772
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7722,7 +7781,7 @@ const StubbedNetworkModule = {
7722
7781
  },
7723
7782
  };
7724
7783
 
7725
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7784
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7726
7785
 
7727
7786
  /*
7728
7787
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7754,6 +7813,8 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
7754
7813
  addResponseMode(parameters, request.responseMode);
7755
7814
  // add client_info=1
7756
7815
  addClientInfo(parameters);
7816
+ // add clidata=1
7817
+ addCliData(parameters);
7757
7818
  if (request.prompt) {
7758
7819
  addPrompt(parameters, request.prompt);
7759
7820
  performanceClient?.addFields({ prompt: request.prompt }, correlationId);
@@ -7843,14 +7904,17 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
7843
7904
  if (request.state) {
7844
7905
  addState(parameters, request.state);
7845
7906
  }
7846
- if (request.claims ||
7847
- (authOptions.clientCapabilities &&
7848
- authOptions.clientCapabilities.length > 0)) {
7849
- addClaims(parameters, request.claims, authOptions.clientCapabilities);
7850
- }
7851
7907
  if (request.embeddedClientId) {
7852
7908
  addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
7853
7909
  }
7910
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
7911
+ const configClaims = request.skipBrokerClaims &&
7912
+ parameters.has(BROKER_CLIENT_ID)
7913
+ ? undefined
7914
+ : authOptions.clientCapabilities;
7915
+ if (request.claims || (configClaims && configClaims.length > 0)) {
7916
+ addClaims(parameters, request.claims, configClaims);
7917
+ }
7854
7918
  // If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
7855
7919
  if (authOptions.instanceAware &&
7856
7920
  (!request.extraQueryParameters ||
@@ -7946,7 +8010,7 @@ function extractLoginHint(account) {
7946
8010
  return account.loginHint || account.idTokenClaims?.login_hint || null;
7947
8011
  }
7948
8012
 
7949
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8013
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7950
8014
 
7951
8015
  /*
7952
8016
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8004,7 +8068,7 @@ class AuthenticationHeaderParser {
8004
8068
  }
8005
8069
  }
8006
8070
 
8007
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8071
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
8008
8072
 
8009
8073
  /*
8010
8074
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8267,7 +8331,7 @@ class ServerTelemetryManager {
8267
8331
  }
8268
8332
  }
8269
8333
 
8270
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8334
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
8271
8335
  /*
8272
8336
  * Copyright (c) Microsoft Corporation. All rights reserved.
8273
8337
  * Licensed under the MIT License.
@@ -8275,7 +8339,7 @@ class ServerTelemetryManager {
8275
8339
  const missingKidError = "missing_kid_error";
8276
8340
  const missingAlgError = "missing_alg_error";
8277
8341
 
8278
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8342
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
8279
8343
 
8280
8344
  /*
8281
8345
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8300,7 +8364,7 @@ function createJoseHeaderError(code) {
8300
8364
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
8301
8365
  }
8302
8366
 
8303
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8367
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
8304
8368
 
8305
8369
  /*
8306
8370
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8340,7 +8404,7 @@ class JoseHeader {
8340
8404
  }
8341
8405
  }
8342
8406
 
8343
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8407
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
8344
8408
 
8345
8409
  /*
8346
8410
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8438,8 +8502,10 @@ function addError(error, logger, event, stackMaxSize = 5) {
8438
8502
  else if (error instanceof AuthError) {
8439
8503
  event.errorCode = error.errorCode;
8440
8504
  event.subErrorCode = error.subError;
8441
- if (error instanceof ServerError ||
8442
- error instanceof InteractionRequiredAuthError) {
8505
+ if (!event.serverErrorNo &&
8506
+ (error instanceof ServerError ||
8507
+ error instanceof InteractionRequiredAuthError) &&
8508
+ error.errorNo) {
8443
8509
  event.serverErrorNo = error.errorNo;
8444
8510
  }
8445
8511
  return;
@@ -10482,7 +10548,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
10482
10548
 
10483
10549
  /* eslint-disable header/header */
10484
10550
  const name = "@azure/msal-browser";
10485
- const version = "4.29.0";
10551
+ const version = "4.30.0";
10486
10552
 
10487
10553
  /*
10488
10554
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -13955,6 +14021,10 @@ class StandardInteractionClient extends BaseInteractionClient {
13955
14021
  async initializeAuthorizationRequest(request, interactionType) {
13956
14022
  this.performanceClient.addQueueMeasurement(PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.correlationId);
13957
14023
  const redirectUri = this.getRedirectUri(request.redirectUri);
14024
+ if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
14025
+ this.logger.warning("The origin of the redirect URI does not match the origin of the current page. This is likely to cause issues with authentication.", this.correlationId);
14026
+ this.performanceClient.addFields({ isRedirectUriCrossOrigin: true }, this.correlationId);
14027
+ }
13958
14028
  const browserState = {
13959
14029
  interactionType: interactionType,
13960
14030
  };
@@ -14763,11 +14833,19 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
14763
14833
  this.logger.trace("NativeInteractionClient - initializeNativeRequest called");
14764
14834
  const canonicalAuthority = await this.getCanonicalAuthority(request);
14765
14835
  // scopes are expected to be received by the native broker as "scope" and will be added to the request below. Other properties that should be dropped from the request to the native broker can be included in the object destructuring here.
14766
- const { scopes, ...remainingProperties } = request;
14836
+ const { scopes, claims, ...remainingProperties } = request;
14767
14837
  const scopeSet = new ScopeSet(scopes || []);
14768
14838
  scopeSet.appendScopes(OIDC_DEFAULT_SCOPES);
14839
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
14840
+ const configClaims = request.skipBrokerClaims && !!request.embeddedClientId
14841
+ ? undefined
14842
+ : this.config.auth.clientCapabilities;
14843
+ const mergedClaims = configClaims && configClaims.length
14844
+ ? addClientCapabilitiesToClaims$1(claims, configClaims)
14845
+ : claims;
14769
14846
  const validatedRequest = {
14770
14847
  ...remainingProperties,
14848
+ claims: mergedClaims,
14771
14849
  accountId: this.accountId,
14772
14850
  clientId: this.config.auth.clientId,
14773
14851
  authority: canonicalAuthority.urlString,
@@ -14900,6 +14978,53 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
14900
14978
  * Copyright (c) Microsoft Corporation. All rights reserved.
14901
14979
  * Licensed under the MIT License.
14902
14980
  */
14981
+ const clientDataAccountTypeMapping = new Map([
14982
+ ["e", "AAD"],
14983
+ ["m", "MSA"],
14984
+ ]);
14985
+ /**
14986
+ * Parses the clientdata response parameter from the /authorize endpoint.
14987
+ *
14988
+ * The clientdata value is URL-encoded and pipe-delimited:
14989
+ * urlencoded(account_type | error | sub_error | cloud_instance | caller_data_boundary)
14990
+ *
14991
+ * @param clientdata - The raw clientdata string from the authorize response
14992
+ * @returns Parsed ClientData object, or null if the input is empty/invalid
14993
+ */
14994
+ function parseClientData(clientdata) {
14995
+ if (!clientdata) {
14996
+ return null;
14997
+ }
14998
+ try {
14999
+ const decoded = decodeURIComponent(clientdata);
15000
+ const parts = decoded.split("|");
15001
+ if (parts.length < 5) {
15002
+ return null;
15003
+ }
15004
+ return {
15005
+ accountType: clientDataAccountTypeMapping.get(parts[0]?.trim() || "") || "",
15006
+ error: parts[1]?.trim() || "",
15007
+ subError: parts[2]?.trim() || "",
15008
+ cloudInstance: parts[3]?.trim() || "",
15009
+ callerDataBoundary: parts[4]?.trim() || "",
15010
+ };
15011
+ }
15012
+ catch {
15013
+ return null;
15014
+ }
15015
+ }
15016
+ /**
15017
+ * Instruments account type, error, and suberror from clientdata
15018
+ */
15019
+ function instrumentClientData(response, correlationId, performanceClient) {
15020
+ const parsed = parseClientData(response.clientdata);
15021
+ parsed?.accountType &&
15022
+ performanceClient.addFields({ accountType: parsed.accountType }, correlationId);
15023
+ parsed?.error &&
15024
+ performanceClient.addFields({ serverErrorNo: parsed.error }, correlationId);
15025
+ parsed?.subError &&
15026
+ performanceClient.addFields({ serverSubErrorNo: parsed.subError }, correlationId);
15027
+ }
14903
15028
  /**
14904
15029
  * Returns map of parameters that are applicable to all calls to /authorize whether using PKCE or EAR
14905
15030
  * @param config
@@ -15062,6 +15187,8 @@ async function handleResponsePlatformBroker(request, accountId, apiId, config, b
15062
15187
  async function handleResponseCode(request, response, codeVerifier, apiId, config, authClient, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
15063
15188
  // Remove throttle if it exists
15064
15189
  ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
15190
+ // Instrument clientdata telemetry fields from the authorize response
15191
+ instrumentClientData(response, request.correlationId, performanceClient);
15065
15192
  if (response.accountId) {
15066
15193
  return invokeAsync(handleResponsePlatformBroker, PerformanceEvents.HandleResponsePlatformBroker, logger, performanceClient, request.correlationId)(request, response.accountId, apiId, config, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider);
15067
15194
  }
@@ -15094,6 +15221,8 @@ async function handleResponseCode(request, response, codeVerifier, apiId, config
15094
15221
  async function handleResponseEAR(request, response, apiId, config, authority, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
15095
15222
  // Remove throttle if it exists
15096
15223
  ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
15224
+ // Instrument clientdata telemetry fields from the authorize response
15225
+ instrumentClientData(response, request.correlationId, performanceClient);
15097
15226
  // Validate state & check response for errors
15098
15227
  validateAuthorizationResponse(response, request.state);
15099
15228
  if (!response.ear_jwe) {
@@ -15565,14 +15694,28 @@ class PlatformAuthDOMHandler {
15565
15694
  return nativeResponse;
15566
15695
  }
15567
15696
  getDOMExtraParams(extraParameters) {
15568
- const stringifiedParams = Object.entries(extraParameters).reduce((record, [key, value]) => {
15569
- record[key] = String(value);
15570
- return record;
15571
- }, {});
15572
- const validExtraParams = {
15573
- ...stringifiedParams,
15574
- };
15575
- return validExtraParams;
15697
+ try {
15698
+ const stringifiedProperties = {};
15699
+ for (const [key, value] of Object.entries(extraParameters)) {
15700
+ if (!value) {
15701
+ continue;
15702
+ }
15703
+ if (typeof value === "object") {
15704
+ stringifiedProperties[key] = JSON.stringify(value);
15705
+ }
15706
+ else {
15707
+ stringifiedProperties[key] = String(value);
15708
+ }
15709
+ }
15710
+ return stringifiedProperties;
15711
+ }
15712
+ catch (e) {
15713
+ this.logger.error(this.platformAuthType + " - Error stringifying extra parameters");
15714
+ this.logger.errorPii(this.platformAuthType +
15715
+ " - Error stringifying extra parameters: " +
15716
+ e);
15717
+ return {};
15718
+ }
15576
15719
  }
15577
15720
  }
15578
15721
 
@@ -16639,6 +16782,12 @@ async function initiateEarRequest(config, authority, request, logger, performanc
16639
16782
  */
16640
16783
  async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, performanceClient, logger, correlationId, responseType) {
16641
16784
  performanceClient.addQueueMeasurement(PerformanceEvents.SilentHandlerMonitorIframeForHash, correlationId);
16785
+ performanceClient.addFields({
16786
+ iframePollIntervalMs: pollIntervalMilliseconds,
16787
+ iframeTimeoutMs: timeout,
16788
+ }, correlationId);
16789
+ let totalTickCount = 0;
16790
+ let crossOriginTickCount = 0;
16642
16791
  return new Promise((resolve, reject) => {
16643
16792
  if (timeout < DEFAULT_IFRAME_TIMEOUT_MS) {
16644
16793
  logger.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${timeout}ms) than the default (${DEFAULT_IFRAME_TIMEOUT_MS}ms). This may result in timeouts.`);
@@ -16652,6 +16801,7 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
16652
16801
  reject(createBrowserAuthError(monitorWindowTimeout));
16653
16802
  }, timeout);
16654
16803
  const intervalId = window.setInterval(() => {
16804
+ totalTickCount++;
16655
16805
  let href = "";
16656
16806
  const contentWindow = iframe.contentWindow;
16657
16807
  try {
@@ -16662,7 +16812,9 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
16662
16812
  */
16663
16813
  href = contentWindow ? contentWindow.location.href : "";
16664
16814
  }
16665
- catch (e) { }
16815
+ catch (e) {
16816
+ crossOriginTickCount++;
16817
+ }
16666
16818
  if (!href || href === "about:blank") {
16667
16819
  return;
16668
16820
  }
@@ -16680,6 +16832,10 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
16680
16832
  resolve(responseString);
16681
16833
  }, pollIntervalMilliseconds);
16682
16834
  }).finally(() => {
16835
+ performanceClient.addFields({
16836
+ iframeTickCount: totalTickCount,
16837
+ crossOriginTickCount: crossOriginTickCount,
16838
+ }, correlationId);
16683
16839
  invoke(removeHiddenIframe, PerformanceEvents.RemoveHiddenIframe, logger, performanceClient, correlationId)(iframe);
16684
16840
  });
16685
16841
  }
@@ -17307,6 +17463,22 @@ class SilentAuthCodeClient extends StandardInteractionClient {
17307
17463
  * Copyright (c) Microsoft Corporation. All rights reserved.
17308
17464
  * Licensed under the MIT License.
17309
17465
  */
17466
+ /**
17467
+ * Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
17468
+ * @returns Network connection information, or an empty object if not available.
17469
+ */
17470
+ function getNetworkInfo() {
17471
+ if (typeof window === "undefined" || !window.navigator) {
17472
+ return {};
17473
+ }
17474
+ const connection = "connection" in window.navigator
17475
+ ? window.navigator.connection
17476
+ : undefined;
17477
+ return {
17478
+ effectiveType: connection?.effectiveType,
17479
+ rtt: connection?.rtt,
17480
+ };
17481
+ }
17310
17482
  function collectInstanceStats(currentClientId, performanceEvent, logger) {
17311
17483
  const frameInstances =
17312
17484
  // @ts-ignore
@@ -17400,22 +17572,30 @@ class StandardController {
17400
17572
  this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto, this.performanceClient);
17401
17573
  this.activeSilentTokenRequests = new Map();
17402
17574
  // Register listener functions
17403
- this.trackPageVisibility = this.trackPageVisibility.bind(this);
17404
- // Register listener functions
17405
- this.trackPageVisibilityWithMeasurement =
17406
- this.trackPageVisibilityWithMeasurement.bind(this);
17575
+ this.trackStateChangeWithMeasurement =
17576
+ this.trackStateChangeWithMeasurement.bind(this);
17407
17577
  }
17408
17578
  static async createController(operatingContext, request) {
17409
17579
  const controller = new StandardController(operatingContext);
17410
17580
  await controller.initialize(request);
17411
17581
  return controller;
17412
17582
  }
17413
- trackPageVisibility(correlationId) {
17583
+ trackStateChange(correlationId, event) {
17414
17584
  if (!correlationId) {
17415
17585
  return;
17416
17586
  }
17417
- this.logger.info("Perf: Visibility change detected");
17418
- this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
17587
+ if (event.type === "visibilitychange") {
17588
+ this.logger.info("Perf: Visibility change detected");
17589
+ this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
17590
+ }
17591
+ else if (event.type === "online") {
17592
+ this.logger.info("Perf: Online status change detected");
17593
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
17594
+ }
17595
+ else if (event.type === "offline") {
17596
+ this.logger.info("Perf: Offline status change detected");
17597
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
17598
+ }
17419
17599
  }
17420
17600
  /**
17421
17601
  * Initializer function to perform async startup tasks such as connecting to WAM extension
@@ -17821,16 +18001,40 @@ class StandardController {
17821
18001
  }
17822
18002
  });
17823
18003
  }
17824
- trackPageVisibilityWithMeasurement() {
18004
+ trackStateChangeWithMeasurement(event) {
17825
18005
  const measurement = this.ssoSilentMeasurement ||
17826
18006
  this.acquireTokenByCodeAsyncMeasurement;
17827
18007
  if (!measurement) {
17828
18008
  return;
17829
18009
  }
17830
- this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
17831
- measurement.increment({
17832
- visibilityChangeCount: 1,
17833
- });
18010
+ if (event.type === "visibilitychange") {
18011
+ this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
18012
+ measurement.increment({
18013
+ visibilityChangeCount: 1,
18014
+ });
18015
+ }
18016
+ else if (event.type === "online") {
18017
+ this.logger.info("Perf: Online status change detected in ", measurement.event.name);
18018
+ measurement.increment({
18019
+ onlineStatusChangeCount: 1,
18020
+ });
18021
+ }
18022
+ else if (event.type === "offline") {
18023
+ this.logger.info("Perf: Offline status change detected in ", measurement.event.name);
18024
+ measurement.increment({
18025
+ onlineStatusChangeCount: 1,
18026
+ });
18027
+ }
18028
+ }
18029
+ addStateChangeListeners(listener) {
18030
+ document.addEventListener("visibilitychange", listener);
18031
+ window.addEventListener("online", listener);
18032
+ window.addEventListener("offline", listener);
18033
+ }
18034
+ removeStateChangeListeners(listener) {
18035
+ document.removeEventListener("visibilitychange", listener);
18036
+ window.removeEventListener("online", listener);
18037
+ window.removeEventListener("offline", listener);
17834
18038
  }
17835
18039
  /**
17836
18040
  * SSO capability verification in the background.
@@ -17911,8 +18115,9 @@ class StandardController {
17911
18115
  preflightCheck(this.initialized, this.ssoSilentMeasurement, request.account);
17912
18116
  this.ssoSilentMeasurement?.increment({
17913
18117
  visibilityChangeCount: 0,
18118
+ onlineStatusChangeCount: 0,
17914
18119
  });
17915
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
18120
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
17916
18121
  this.logger.verbose("ssoSilent called", correlationId);
17917
18122
  this.eventHandler.emitEvent(EventType.SSO_SILENT_START, exports.InteractionType.Silent, validRequest);
17918
18123
  let result;
@@ -17956,7 +18161,7 @@ class StandardController {
17956
18161
  throw e;
17957
18162
  })
17958
18163
  .finally(() => {
17959
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
18164
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
17960
18165
  });
17961
18166
  }
17962
18167
  /**
@@ -18068,8 +18273,9 @@ class StandardController {
18068
18273
  this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenByCodeAsync, request.correlationId);
18069
18274
  this.acquireTokenByCodeAsyncMeasurement?.increment({
18070
18275
  visibilityChangeCount: 0,
18276
+ onlineStatusChangeCount: 0,
18071
18277
  });
18072
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
18278
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
18073
18279
  const silentAuthCodeClient = this.createSilentAuthCodeClient(request.correlationId);
18074
18280
  const silentTokenResult = await silentAuthCodeClient
18075
18281
  .acquireToken(request)
@@ -18087,7 +18293,7 @@ class StandardController {
18087
18293
  throw tokenRenewalError;
18088
18294
  })
18089
18295
  .finally(() => {
18090
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
18296
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
18091
18297
  });
18092
18298
  return silentTokenResult;
18093
18299
  }
@@ -18632,13 +18838,13 @@ class StandardController {
18632
18838
  * @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
18633
18839
  */
18634
18840
  async acquireTokenSilentAsync(request, account) {
18635
- const trackPageVisibility = () => this.trackPageVisibility(request.correlationId);
18841
+ const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
18636
18842
  this.performanceClient.addQueueMeasurement(PerformanceEvents.AcquireTokenSilentAsync, request.correlationId);
18637
18843
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, exports.InteractionType.Silent, request);
18638
18844
  if (request.correlationId) {
18639
- this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
18845
+ this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
18640
18846
  }
18641
- document.addEventListener("visibilitychange", trackPageVisibility);
18847
+ this.addStateChangeListeners(trackStateChange);
18642
18848
  const silentRequest = await invokeAsync(initializeSilentRequest, PerformanceEvents.InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
18643
18849
  const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
18644
18850
  const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
@@ -18717,7 +18923,7 @@ class StandardController {
18717
18923
  throw tokenRenewalError;
18718
18924
  })
18719
18925
  .finally(() => {
18720
- document.removeEventListener("visibilitychange", trackPageVisibility);
18926
+ this.removeStateChangeListeners(trackStateChange);
18721
18927
  });
18722
18928
  }
18723
18929
  /**
@@ -20896,6 +21102,9 @@ class BrowserPerformanceClient extends PerformanceClient {
20896
21102
  getPageVisibility() {
20897
21103
  return document.visibilityState?.toString() || null;
20898
21104
  }
21105
+ getOnlineStatus() {
21106
+ return typeof navigator !== "undefined" ? navigator.onLine : null;
21107
+ }
20899
21108
  deleteIncompleteSubMeasurements(inProgressEvent) {
20900
21109
  void getPerfMeasurementModule()?.then((module) => {
20901
21110
  const rootEvent = this.eventsByCorrelationId.get(inProgressEvent.event.correlationId);
@@ -20922,6 +21131,7 @@ class BrowserPerformanceClient extends PerformanceClient {
20922
21131
  startMeasurement(measureName, correlationId) {
20923
21132
  // Capture page visibilityState and then invoke start/end measurement
20924
21133
  const startPageVisibility = this.getPageVisibility();
21134
+ const startOnlineStatus = this.getOnlineStatus();
20925
21135
  const inProgressEvent = super.startMeasurement(measureName, correlationId);
20926
21136
  const startTime = supportsBrowserPerformanceNow()
20927
21137
  ? window.performance.now()
@@ -20933,11 +21143,15 @@ class BrowserPerformanceClient extends PerformanceClient {
20933
21143
  return {
20934
21144
  ...inProgressEvent,
20935
21145
  end: (event, error, account) => {
21146
+ const networkInfo = getNetworkInfo();
20936
21147
  const res = inProgressEvent.end({
20937
21148
  ...event,
20938
21149
  startPageVisibility,
21150
+ startOnlineStatus,
20939
21151
  endPageVisibility: this.getPageVisibility(),
20940
21152
  durationMs: getPerfDurationMs(startTime),
21153
+ networkEffectiveType: networkInfo.effectiveType,
21154
+ networkRtt: networkInfo.rtt,
20941
21155
  }, error, account);
20942
21156
  void browserMeasurement?.then((measurement) => measurement.endMeasurement());
20943
21157
  this.deleteIncompleteSubMeasurements(inProgressEvent);