@azure/msal-browser 4.29.0 → 4.30.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (329) hide show
  1. package/README.md +25 -25
  2. package/dist/app/IPublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientApplication.mjs +1 -1
  4. package/dist/app/PublicClientNext.mjs +1 -1
  5. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
  8. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  9. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  10. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  11. package/dist/cache/AccountManager.mjs +1 -1
  12. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  13. package/dist/cache/BrowserCacheManager.mjs +1 -1
  14. package/dist/cache/CacheHelpers.mjs +1 -1
  15. package/dist/cache/CacheKeys.mjs +1 -1
  16. package/dist/cache/CookieStorage.mjs +1 -1
  17. package/dist/cache/DatabaseStorage.mjs +1 -1
  18. package/dist/cache/EncryptedData.mjs +1 -1
  19. package/dist/cache/LocalStorage.mjs +1 -1
  20. package/dist/cache/MemoryStorage.mjs +1 -1
  21. package/dist/cache/SessionStorage.mjs +1 -1
  22. package/dist/cache/TokenCache.mjs +1 -1
  23. package/dist/config/Configuration.mjs +1 -1
  24. package/dist/controllers/ControllerFactory.mjs +1 -1
  25. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  26. package/dist/controllers/StandardController.d.ts +4 -2
  27. package/dist/controllers/StandardController.d.ts.map +1 -1
  28. package/dist/controllers/StandardController.mjs +55 -21
  29. package/dist/controllers/StandardController.mjs.map +1 -1
  30. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  31. package/dist/crypto/BrowserCrypto.mjs +1 -1
  32. package/dist/crypto/CryptoOps.mjs +1 -1
  33. package/dist/crypto/PkceGenerator.mjs +1 -1
  34. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  35. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  36. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  37. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  38. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
  39. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  40. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  41. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  42. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  43. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  44. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  45. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  46. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  47. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  48. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  49. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  50. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  51. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  52. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  53. package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
  54. package/dist/custom-auth-path/config/Configuration.mjs +1 -1
  55. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  56. package/dist/custom-auth-path/controllers/StandardController.d.ts +4 -2
  57. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  58. package/dist/custom-auth-path/controllers/StandardController.mjs +55 -21
  59. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  60. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  61. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  62. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  63. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  64. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  65. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  166. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  167. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  169. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  170. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  171. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  172. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  173. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  174. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  175. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  176. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  177. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  178. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  179. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  180. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  181. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  182. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  183. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +11 -3
  184. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  185. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  186. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  187. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  188. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  189. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
  190. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  191. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  192. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +5 -1
  193. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
  194. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  195. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
  196. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +15 -2
  197. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
  198. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  199. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  200. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  201. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  202. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  203. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  204. package/dist/custom-auth-path/protocol/Authorize.d.ts +28 -0
  205. package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
  206. package/dist/custom-auth-path/protocol/Authorize.mjs +53 -2
  207. package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
  208. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  209. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  210. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
  211. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  212. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  213. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  214. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  215. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  216. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
  217. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  218. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
  219. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
  220. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  221. package/dist/encode/Base64Decode.mjs +1 -1
  222. package/dist/encode/Base64Encode.mjs +1 -1
  223. package/dist/error/BrowserAuthError.mjs +1 -1
  224. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  225. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  226. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  227. package/dist/error/NativeAuthError.mjs +1 -1
  228. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  229. package/dist/error/NestedAppAuthError.mjs +1 -1
  230. package/dist/event/EventHandler.mjs +1 -1
  231. package/dist/event/EventMessage.mjs +1 -1
  232. package/dist/event/EventType.mjs +1 -1
  233. package/dist/index.mjs +1 -1
  234. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  235. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  236. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  237. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +11 -3
  238. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  239. package/dist/interaction_client/PopupClient.mjs +1 -1
  240. package/dist/interaction_client/RedirectClient.mjs +1 -1
  241. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  242. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  243. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  244. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  245. package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  246. package/dist/interaction_client/StandardInteractionClient.mjs +5 -1
  247. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  248. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  249. package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
  250. package/dist/interaction_handler/SilentHandler.mjs +15 -2
  251. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  252. package/dist/naa/BridgeError.mjs +1 -1
  253. package/dist/naa/BridgeProxy.mjs +1 -1
  254. package/dist/naa/BridgeStatusCode.mjs +1 -1
  255. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  256. package/dist/navigation/NavigationClient.mjs +1 -1
  257. package/dist/network/FetchClient.mjs +1 -1
  258. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  259. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  260. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  261. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  262. package/dist/packageMetadata.d.ts +1 -1
  263. package/dist/packageMetadata.mjs +2 -2
  264. package/dist/protocol/Authorize.d.ts +28 -0
  265. package/dist/protocol/Authorize.d.ts.map +1 -1
  266. package/dist/protocol/Authorize.mjs +53 -2
  267. package/dist/protocol/Authorize.mjs.map +1 -1
  268. package/dist/request/RequestHelpers.mjs +1 -1
  269. package/dist/response/ResponseHandler.mjs +1 -1
  270. package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
  271. package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  272. package/dist/telemetry/BrowserPerformanceClient.mjs +10 -1
  273. package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
  274. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  275. package/dist/utils/BrowserConstants.mjs +1 -1
  276. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  277. package/dist/utils/BrowserUtils.mjs +1 -1
  278. package/dist/utils/Helpers.mjs +1 -1
  279. package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
  280. package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  281. package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
  282. package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
  283. package/lib/custom-auth-path/msal-custom-auth.cjs +298 -111
  284. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  285. package/lib/custom-auth-path/msal-custom-auth.js +298 -111
  286. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  287. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  288. package/lib/custom-auth-path/types/controllers/StandardController.d.ts +4 -2
  289. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  290. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  291. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  292. package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  293. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  294. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  295. package/lib/custom-auth-path/types/protocol/Authorize.d.ts +28 -0
  296. package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
  297. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  298. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  299. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  300. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  301. package/lib/msal-browser.cjs +329 -115
  302. package/lib/msal-browser.cjs.map +1 -1
  303. package/lib/msal-browser.js +329 -115
  304. package/lib/msal-browser.js.map +1 -1
  305. package/lib/msal-browser.min.js +64 -64
  306. package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  307. package/lib/types/controllers/StandardController.d.ts +4 -2
  308. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  309. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  310. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  311. package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  312. package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  313. package/lib/types/packageMetadata.d.ts +1 -1
  314. package/lib/types/protocol/Authorize.d.ts +28 -0
  315. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  316. package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  317. package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  318. package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  319. package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  320. package/package.json +2 -2
  321. package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +24 -13
  322. package/src/controllers/StandardController.ts +74 -41
  323. package/src/interaction_client/PlatformAuthInteractionClient.ts +17 -1
  324. package/src/interaction_client/StandardInteractionClient.ts +12 -0
  325. package/src/interaction_handler/SilentHandler.ts +21 -1
  326. package/src/packageMetadata.ts +1 -1
  327. package/src/protocol/Authorize.ts +91 -0
  328. package/src/telemetry/BrowserPerformanceClient.ts +10 -0
  329. package/src/utils/MsalFrameStatsUtils.ts +27 -0
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-browser v4.29.0 2026-02-23 */
1
+ /*! @azure/msal-browser v4.30.0 2026-03-18 */
2
2
  'use strict';
3
3
  (function (global, factory) {
4
4
  typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
@@ -6,7 +6,7 @@
6
6
  (global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
7
7
  })(this, (function (exports) { 'use strict';
8
8
 
9
- /*! @azure/msal-common v15.15.0 2026-02-23 */
9
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
10
10
  /*
11
11
  * Copyright (c) Microsoft Corporation. All rights reserved.
12
12
  * Licensed under the MIT License.
@@ -283,7 +283,7 @@
283
283
  // Token renewal offset default in seconds
284
284
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
285
285
 
286
- /*! @azure/msal-common v15.15.0 2026-02-23 */
286
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
287
287
  /*
288
288
  * Copyright (c) Microsoft Corporation. All rights reserved.
289
289
  * Licensed under the MIT License.
@@ -300,7 +300,7 @@
300
300
  unexpectedError: unexpectedError
301
301
  });
302
302
 
303
- /*! @azure/msal-common v15.15.0 2026-02-23 */
303
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
304
304
 
305
305
  /*
306
306
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -349,7 +349,7 @@
349
349
  : AuthErrorMessages[code]);
350
350
  }
351
351
 
352
- /*! @azure/msal-common v15.15.0 2026-02-23 */
352
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
353
353
  /*
354
354
  * Copyright (c) Microsoft Corporation. All rights reserved.
355
355
  * Licensed under the MIT License.
@@ -449,7 +449,7 @@
449
449
  userTimeoutReached: userTimeoutReached
450
450
  });
451
451
 
452
- /*! @azure/msal-common v15.15.0 2026-02-23 */
452
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
453
453
 
454
454
  /*
455
455
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -706,7 +706,7 @@
706
706
  return new ClientAuthError(errorCode, additionalMessage);
707
707
  }
708
708
 
709
- /*! @azure/msal-common v15.15.0 2026-02-23 */
709
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
710
710
 
711
711
  /*
712
712
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -745,7 +745,7 @@
745
745
  },
746
746
  };
747
747
 
748
- /*! @azure/msal-common v15.15.0 2026-02-23 */
748
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
749
749
 
750
750
  /*
751
751
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -936,12 +936,12 @@
936
936
  }
937
937
  }
938
938
 
939
- /*! @azure/msal-common v15.15.0 2026-02-23 */
939
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
940
940
  /* eslint-disable header/header */
941
941
  const name$1 = "@azure/msal-common";
942
- const version$1 = "15.15.0";
942
+ const version$1 = "15.17.0";
943
943
 
944
- /*! @azure/msal-common v15.15.0 2026-02-23 */
944
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
945
945
  /*
946
946
  * Copyright (c) Microsoft Corporation. All rights reserved.
947
947
  * Licensed under the MIT License.
@@ -961,7 +961,7 @@
961
961
  AzureUsGovernment: "https://login.microsoftonline.us",
962
962
  };
963
963
 
964
- /*! @azure/msal-common v15.15.0 2026-02-23 */
964
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
965
965
  /*
966
966
  * Copyright (c) Microsoft Corporation. All rights reserved.
967
967
  * Licensed under the MIT License.
@@ -1019,7 +1019,7 @@
1019
1019
  urlParseError: urlParseError
1020
1020
  });
1021
1021
 
1022
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1022
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1023
1023
 
1024
1024
  /*
1025
1025
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1167,7 +1167,7 @@
1167
1167
  return new ClientConfigurationError(errorCode);
1168
1168
  }
1169
1169
 
1170
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1170
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1171
1171
  /*
1172
1172
  * Copyright (c) Microsoft Corporation. All rights reserved.
1173
1173
  * Licensed under the MIT License.
@@ -1262,9 +1262,48 @@
1262
1262
  .replace(/\?/g, "\\?"));
1263
1263
  return regex.test(input);
1264
1264
  }
1265
+ /**
1266
+ * Tests if a given string matches a given pattern using stricter, anchored matching semantics.
1267
+ *
1268
+ * Differences from `matchPattern` (legacy):
1269
+ * - All regex metacharacters (including `.`) in the pattern are treated as literals,
1270
+ * so `example.com` matches only `example.com` and not `exampleXcom`.
1271
+ * - The generated regex is anchored with `^` and `$` so partial/substring matches
1272
+ * are not allowed.
1273
+ * - `*` is the only supported wildcard. Its behaviour depends on the URL component:
1274
+ * - `host` component: `*` matches any sequence of characters that does NOT include
1275
+ * a dot (`.`), keeping wildcards within a single DNS label boundary.
1276
+ * - All other components: `*` matches any sequence of characters (including `/`).
1277
+ *
1278
+ * @param pattern - The `protectedResourceMap` key pattern to match against. `*` is a
1279
+ * multi-character wildcard; all other characters are treated as literals.
1280
+ * @param input - The URL component value (e.g. host, pathname) extracted from the
1281
+ * outgoing request URL to test against the pattern.
1282
+ * @param options - Optional. Provide `component` to enable component-aware wildcard
1283
+ * semantics. Accepted values: `"host"`, `"path"`, `"protocol"`, `"search"`,
1284
+ * `"hash"`. Defaults to path-style (permissive) matching when omitted.
1285
+ * @returns `true` if the full input string matches the pattern; `false` otherwise.
1286
+ */
1287
+ static matchPatternStrict(pattern, input, options) {
1288
+ const component = options?.component;
1289
+ // Step 1: Escape all regex special characters so literals are matched literally.
1290
+ let regexBody = pattern.replace(/[.+^${}()|[\]\\*?]/g, "\\$&");
1291
+ // Step 2: Replace the escaped '*' with its component-aware regex equivalent.
1292
+ if (component === "host") {
1293
+ regexBody = regexBody.replace(/\\\*/g, "[^.]*");
1294
+ }
1295
+ else {
1296
+ // PATH, PROTOCOL, SEARCH, HASH, or unspecified: '*' matches any characters.
1297
+ regexBody = regexBody.replace(/\\\*/g, ".*");
1298
+ }
1299
+ // Step 3: Anchor for full-string matching.
1300
+ // eslint-disable-next-line security/detect-non-literal-regexp
1301
+ const regex = new RegExp(`^${regexBody}$`);
1302
+ return regex.test(input);
1303
+ }
1265
1304
  }
1266
1305
 
1267
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1306
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1268
1307
 
1269
1308
  /*
1270
1309
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1459,7 +1498,7 @@
1459
1498
  }
1460
1499
  }
1461
1500
 
1462
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1501
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1463
1502
 
1464
1503
  /*
1465
1504
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1499,7 +1538,7 @@
1499
1538
  };
1500
1539
  }
1501
1540
 
1502
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1541
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1503
1542
  /*
1504
1543
  * Copyright (c) Microsoft Corporation. All rights reserved.
1505
1544
  * Licensed under the MIT License.
@@ -1581,7 +1620,7 @@
1581
1620
  return updatedAccountInfo;
1582
1621
  }
1583
1622
 
1584
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1623
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1585
1624
  /*
1586
1625
  * Copyright (c) Microsoft Corporation. All rights reserved.
1587
1626
  * Licensed under the MIT License.
@@ -1596,7 +1635,7 @@
1596
1635
  Ciam: 3,
1597
1636
  };
1598
1637
 
1599
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1638
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1600
1639
  /*
1601
1640
  * Copyright (c) Microsoft Corporation. All rights reserved.
1602
1641
  * Licensed under the MIT License.
@@ -1618,7 +1657,7 @@
1618
1657
  return null;
1619
1658
  }
1620
1659
 
1621
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1660
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1622
1661
  /*
1623
1662
  * Copyright (c) Microsoft Corporation. All rights reserved.
1624
1663
  * Licensed under the MIT License.
@@ -1642,7 +1681,7 @@
1642
1681
  EAR: "EAR",
1643
1682
  };
1644
1683
 
1645
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1684
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1646
1685
 
1647
1686
  /*
1648
1687
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1877,7 +1916,7 @@
1877
1916
  }
1878
1917
  }
1879
1918
 
1880
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1919
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1881
1920
 
1882
1921
  /*
1883
1922
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1958,7 +1997,7 @@
1958
1997
  }
1959
1998
  }
1960
1999
 
1961
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2000
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1962
2001
 
1963
2002
  /*
1964
2003
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2074,7 +2113,7 @@
2074
2113
  }
2075
2114
  }
2076
2115
 
2077
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2116
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2078
2117
 
2079
2118
  /*
2080
2119
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2238,7 +2277,7 @@
2238
2277
  }
2239
2278
  }
2240
2279
 
2241
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2280
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2242
2281
 
2243
2282
  /*
2244
2283
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2413,7 +2452,7 @@
2413
2452
  return null;
2414
2453
  }
2415
2454
 
2416
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2455
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2417
2456
  /*
2418
2457
  * Copyright (c) Microsoft Corporation. All rights reserved.
2419
2458
  * Licensed under the MIT License.
@@ -2421,7 +2460,7 @@
2421
2460
  const cacheQuotaExceeded = "cache_quota_exceeded";
2422
2461
  const cacheErrorUnknown = "cache_error_unknown";
2423
2462
 
2424
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2463
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2425
2464
 
2426
2465
  /*
2427
2466
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2466,7 +2505,7 @@
2466
2505
  }
2467
2506
  }
2468
2507
 
2469
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2508
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2470
2509
 
2471
2510
  /*
2472
2511
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3577,7 +3616,7 @@
3577
3616
  }
3578
3617
  }
3579
3618
 
3580
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3619
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3581
3620
  /*
3582
3621
  * Copyright (c) Microsoft Corporation. All rights reserved.
3583
3622
  * Licensed under the MIT License.
@@ -4108,9 +4147,14 @@
4108
4147
  "currRefreshCount",
4109
4148
  "expiredCacheRemovedCount",
4110
4149
  "upgradedCacheCount",
4150
+ "networkRtt",
4151
+ "iframePollIntervalMs",
4152
+ "iframeTimeoutMs",
4153
+ "iframeTickCount",
4154
+ "crossOriginTickCount",
4111
4155
  ]);
4112
4156
 
4113
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4157
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4114
4158
 
4115
4159
  /*
4116
4160
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4189,7 +4233,7 @@
4189
4233
  }
4190
4234
  }
4191
4235
 
4192
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4236
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4193
4237
 
4194
4238
  /*
4195
4239
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4289,7 +4333,7 @@
4289
4333
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
4290
4334
  }
4291
4335
 
4292
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4336
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4293
4337
  /*
4294
4338
  * Copyright (c) Microsoft Corporation. All rights reserved.
4295
4339
  * Licensed under the MIT License.
@@ -4299,7 +4343,7 @@
4299
4343
  UPN: "UPN",
4300
4344
  };
4301
4345
 
4302
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4346
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4303
4347
  /*
4304
4348
  * Copyright (c) Microsoft Corporation. All rights reserved.
4305
4349
  * Licensed under the MIT License.
@@ -4347,9 +4391,10 @@
4347
4391
  const BROKER_REDIRECT_URI = "brk_redirect_uri";
4348
4392
  const INSTANCE_AWARE = "instance_aware";
4349
4393
  const EAR_JWK = "ear_jwk";
4350
- const EAR_JWE_CRYPTO = "ear_jwe_crypto";
4394
+ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
4395
+ const CLI_DATA = "clidata";
4351
4396
 
4352
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4397
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4353
4398
 
4354
4399
  /*
4355
4400
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4615,6 +4660,12 @@
4615
4660
  function addClientInfo(parameters) {
4616
4661
  parameters.set(CLIENT_INFO, "1");
4617
4662
  }
4663
+ /**
4664
+ * add clidata=1 to request to indicate client data support
4665
+ */
4666
+ function addCliData(parameters) {
4667
+ parameters.set(CLI_DATA, "1");
4668
+ }
4618
4669
  function addInstanceAware(parameters) {
4619
4670
  if (!parameters.has(INSTANCE_AWARE)) {
4620
4671
  parameters.set(INSTANCE_AWARE, "true");
@@ -4729,7 +4780,7 @@
4729
4780
  });
4730
4781
  }
4731
4782
 
4732
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4783
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4733
4784
  /*
4734
4785
  * Copyright (c) Microsoft Corporation. All rights reserved.
4735
4786
  * Licensed under the MIT License.
@@ -4741,7 +4792,7 @@
4741
4792
  response.hasOwnProperty("jwks_uri"));
4742
4793
  }
4743
4794
 
4744
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4795
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4745
4796
  /*
4746
4797
  * Copyright (c) Microsoft Corporation. All rights reserved.
4747
4798
  * Licensed under the MIT License.
@@ -4751,7 +4802,7 @@
4751
4802
  response.hasOwnProperty("metadata"));
4752
4803
  }
4753
4804
 
4754
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4805
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4755
4806
  /*
4756
4807
  * Copyright (c) Microsoft Corporation. All rights reserved.
4757
4808
  * Licensed under the MIT License.
@@ -4761,7 +4812,7 @@
4761
4812
  response.hasOwnProperty("error_description"));
4762
4813
  }
4763
4814
 
4764
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4815
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4765
4816
  /*
4766
4817
  * Copyright (c) Microsoft Corporation. All rights reserved.
4767
4818
  * Licensed under the MIT License.
@@ -4857,7 +4908,7 @@
4857
4908
  };
4858
4909
  };
4859
4910
 
4860
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4911
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4861
4912
 
4862
4913
  /*
4863
4914
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4963,7 +5014,7 @@
4963
5014
  },
4964
5015
  };
4965
5016
 
4966
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5017
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4967
5018
  /*
4968
5019
  * Copyright (c) Microsoft Corporation. All rights reserved.
4969
5020
  * Licensed under the MIT License.
@@ -5028,7 +5079,7 @@
5028
5079
  return cachedAtSec > nowSeconds();
5029
5080
  }
5030
5081
 
5031
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5082
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5032
5083
 
5033
5084
  /*
5034
5085
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5290,7 +5341,7 @@
5290
5341
  return metadata.expiresAt <= nowSeconds();
5291
5342
  }
5292
5343
 
5293
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5344
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5294
5345
 
5295
5346
  /*
5296
5347
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6129,7 +6180,7 @@
6129
6180
  };
6130
6181
  }
6131
6182
 
6132
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6183
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6133
6184
 
6134
6185
  /*
6135
6186
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6160,7 +6211,7 @@
6160
6211
  }
6161
6212
  }
6162
6213
 
6163
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6214
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6164
6215
 
6165
6216
  /*
6166
6217
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6179,7 +6230,7 @@
6179
6230
  }
6180
6231
  }
6181
6232
 
6182
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6233
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6183
6234
  /*
6184
6235
  * Copyright (c) Microsoft Corporation. All rights reserved.
6185
6236
  * Licensed under the MIT License.
@@ -6200,7 +6251,7 @@
6200
6251
  };
6201
6252
  }
6202
6253
 
6203
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6254
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6204
6255
 
6205
6256
  /*
6206
6257
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6287,7 +6338,7 @@
6287
6338
  }
6288
6339
  }
6289
6340
 
6290
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6341
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6291
6342
 
6292
6343
  /*
6293
6344
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6318,7 +6369,7 @@
6318
6369
  return new NetworkError(error, httpStatus, responseHeaders);
6319
6370
  }
6320
6371
 
6321
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6372
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6322
6373
 
6323
6374
  /*
6324
6375
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6466,7 +6517,7 @@
6466
6517
  }
6467
6518
  }
6468
6519
 
6469
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6520
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6470
6521
  /*
6471
6522
  * Copyright (c) Microsoft Corporation. All rights reserved.
6472
6523
  * Licensed under the MIT License.
@@ -6530,7 +6581,7 @@
6530
6581
  uxNotAllowed: uxNotAllowed
6531
6582
  });
6532
6583
 
6533
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6584
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6534
6585
 
6535
6586
  /*
6536
6587
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6627,7 +6678,7 @@
6627
6678
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
6628
6679
  }
6629
6680
 
6630
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6681
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6631
6682
 
6632
6683
  /*
6633
6684
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6699,7 +6750,7 @@
6699
6750
  }
6700
6751
  }
6701
6752
 
6702
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6753
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6703
6754
 
6704
6755
  /*
6705
6756
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6781,7 +6832,7 @@
6781
6832
  }
6782
6833
  }
6783
6834
 
6784
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6835
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6785
6836
  /*
6786
6837
  * Copyright (c) Microsoft Corporation. All rights reserved.
6787
6838
  * Licensed under the MIT License.
@@ -6808,7 +6859,7 @@
6808
6859
  }
6809
6860
  }
6810
6861
 
6811
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6862
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6812
6863
 
6813
6864
  /*
6814
6865
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7147,7 +7198,7 @@
7147
7198
  return baseAccount;
7148
7199
  }
7149
7200
 
7150
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7201
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7151
7202
  /*
7152
7203
  * Copyright (c) Microsoft Corporation. All rights reserved.
7153
7204
  * Licensed under the MIT License.
@@ -7165,7 +7216,7 @@
7165
7216
  }
7166
7217
  }
7167
7218
 
7168
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7219
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7169
7220
 
7170
7221
  /*
7171
7222
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7314,11 +7365,6 @@
7314
7365
  throw createClientConfigurationError(missingSshJwk);
7315
7366
  }
7316
7367
  }
7317
- if (!StringUtils.isEmptyObj(request.claims) ||
7318
- (this.config.authOptions.clientCapabilities &&
7319
- this.config.authOptions.clientCapabilities.length > 0)) {
7320
- addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
7321
- }
7322
7368
  let ccsCred = undefined;
7323
7369
  if (request.clientInfo) {
7324
7370
  try {
@@ -7368,6 +7414,15 @@
7368
7414
  });
7369
7415
  }
7370
7416
  instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
7417
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
7418
+ const configClaims = request.skipBrokerClaims &&
7419
+ parameters.has(BROKER_CLIENT_ID)
7420
+ ? undefined
7421
+ : this.config.authOptions.clientCapabilities;
7422
+ if (!StringUtils.isEmptyObj(request.claims) ||
7423
+ (configClaims && configClaims.length > 0)) {
7424
+ addClaims(parameters, request.claims, configClaims);
7425
+ }
7371
7426
  return mapToQueryString(parameters);
7372
7427
  }
7373
7428
  /**
@@ -7401,7 +7456,7 @@
7401
7456
  }
7402
7457
  }
7403
7458
 
7404
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7459
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7405
7460
 
7406
7461
  /*
7407
7462
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7579,11 +7634,6 @@
7579
7634
  throw createClientConfigurationError(missingSshJwk);
7580
7635
  }
7581
7636
  }
7582
- if (!StringUtils.isEmptyObj(request.claims) ||
7583
- (this.config.authOptions.clientCapabilities &&
7584
- this.config.authOptions.clientCapabilities.length > 0)) {
7585
- addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
7586
- }
7587
7637
  if (this.config.systemOptions.preventCorsPreflight &&
7588
7638
  request.ccsCredential) {
7589
7639
  switch (request.ccsCredential.type) {
@@ -7609,11 +7659,20 @@
7609
7659
  addExtraQueryParameters(parameters, request.tokenBodyParameters);
7610
7660
  }
7611
7661
  instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
7662
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
7663
+ const configClaims = request.skipBrokerClaims &&
7664
+ parameters.has(BROKER_CLIENT_ID)
7665
+ ? undefined
7666
+ : this.config.authOptions.clientCapabilities;
7667
+ if (!StringUtils.isEmptyObj(request.claims) ||
7668
+ (configClaims && configClaims.length > 0)) {
7669
+ addClaims(parameters, request.claims, configClaims);
7670
+ }
7612
7671
  return mapToQueryString(parameters);
7613
7672
  }
7614
7673
  }
7615
7674
 
7616
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7675
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7617
7676
 
7618
7677
  /*
7619
7678
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7711,7 +7770,7 @@
7711
7770
  }
7712
7771
  }
7713
7772
 
7714
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7773
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7715
7774
 
7716
7775
  /*
7717
7776
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7726,7 +7785,7 @@
7726
7785
  },
7727
7786
  };
7728
7787
 
7729
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7788
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7730
7789
 
7731
7790
  /*
7732
7791
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7758,6 +7817,8 @@
7758
7817
  addResponseMode(parameters, request.responseMode);
7759
7818
  // add client_info=1
7760
7819
  addClientInfo(parameters);
7820
+ // add clidata=1
7821
+ addCliData(parameters);
7761
7822
  if (request.prompt) {
7762
7823
  addPrompt(parameters, request.prompt);
7763
7824
  performanceClient?.addFields({ prompt: request.prompt }, correlationId);
@@ -7847,14 +7908,17 @@
7847
7908
  if (request.state) {
7848
7909
  addState(parameters, request.state);
7849
7910
  }
7850
- if (request.claims ||
7851
- (authOptions.clientCapabilities &&
7852
- authOptions.clientCapabilities.length > 0)) {
7853
- addClaims(parameters, request.claims, authOptions.clientCapabilities);
7854
- }
7855
7911
  if (request.embeddedClientId) {
7856
7912
  addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
7857
7913
  }
7914
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
7915
+ const configClaims = request.skipBrokerClaims &&
7916
+ parameters.has(BROKER_CLIENT_ID)
7917
+ ? undefined
7918
+ : authOptions.clientCapabilities;
7919
+ if (request.claims || (configClaims && configClaims.length > 0)) {
7920
+ addClaims(parameters, request.claims, configClaims);
7921
+ }
7858
7922
  // If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
7859
7923
  if (authOptions.instanceAware &&
7860
7924
  (!request.extraQueryParameters ||
@@ -7950,7 +8014,7 @@
7950
8014
  return account.loginHint || account.idTokenClaims?.login_hint || null;
7951
8015
  }
7952
8016
 
7953
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8017
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7954
8018
 
7955
8019
  /*
7956
8020
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8008,7 +8072,7 @@
8008
8072
  }
8009
8073
  }
8010
8074
 
8011
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8075
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
8012
8076
 
8013
8077
  /*
8014
8078
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8271,7 +8335,7 @@
8271
8335
  }
8272
8336
  }
8273
8337
 
8274
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8338
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
8275
8339
  /*
8276
8340
  * Copyright (c) Microsoft Corporation. All rights reserved.
8277
8341
  * Licensed under the MIT License.
@@ -8279,7 +8343,7 @@
8279
8343
  const missingKidError = "missing_kid_error";
8280
8344
  const missingAlgError = "missing_alg_error";
8281
8345
 
8282
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8346
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
8283
8347
 
8284
8348
  /*
8285
8349
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8304,7 +8368,7 @@
8304
8368
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
8305
8369
  }
8306
8370
 
8307
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8371
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
8308
8372
 
8309
8373
  /*
8310
8374
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8344,7 +8408,7 @@
8344
8408
  }
8345
8409
  }
8346
8410
 
8347
- /*! @azure/msal-common v15.15.0 2026-02-23 */
8411
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
8348
8412
 
8349
8413
  /*
8350
8414
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8442,8 +8506,10 @@
8442
8506
  else if (error instanceof AuthError) {
8443
8507
  event.errorCode = error.errorCode;
8444
8508
  event.subErrorCode = error.subError;
8445
- if (error instanceof ServerError ||
8446
- error instanceof InteractionRequiredAuthError) {
8509
+ if (!event.serverErrorNo &&
8510
+ (error instanceof ServerError ||
8511
+ error instanceof InteractionRequiredAuthError) &&
8512
+ error.errorNo) {
8447
8513
  event.serverErrorNo = error.errorNo;
8448
8514
  }
8449
8515
  return;
@@ -10486,7 +10552,7 @@
10486
10552
 
10487
10553
  /* eslint-disable header/header */
10488
10554
  const name = "@azure/msal-browser";
10489
- const version = "4.29.0";
10555
+ const version = "4.30.0";
10490
10556
 
10491
10557
  /*
10492
10558
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -13959,6 +14025,10 @@
13959
14025
  async initializeAuthorizationRequest(request, interactionType) {
13960
14026
  this.performanceClient.addQueueMeasurement(PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.correlationId);
13961
14027
  const redirectUri = this.getRedirectUri(request.redirectUri);
14028
+ if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
14029
+ this.logger.warning("The origin of the redirect URI does not match the origin of the current page. This is likely to cause issues with authentication.", this.correlationId);
14030
+ this.performanceClient.addFields({ isRedirectUriCrossOrigin: true }, this.correlationId);
14031
+ }
13962
14032
  const browserState = {
13963
14033
  interactionType: interactionType,
13964
14034
  };
@@ -14767,11 +14837,19 @@
14767
14837
  this.logger.trace("NativeInteractionClient - initializeNativeRequest called");
14768
14838
  const canonicalAuthority = await this.getCanonicalAuthority(request);
14769
14839
  // scopes are expected to be received by the native broker as "scope" and will be added to the request below. Other properties that should be dropped from the request to the native broker can be included in the object destructuring here.
14770
- const { scopes, ...remainingProperties } = request;
14840
+ const { scopes, claims, ...remainingProperties } = request;
14771
14841
  const scopeSet = new ScopeSet(scopes || []);
14772
14842
  scopeSet.appendScopes(OIDC_DEFAULT_SCOPES);
14843
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
14844
+ const configClaims = request.skipBrokerClaims && !!request.embeddedClientId
14845
+ ? undefined
14846
+ : this.config.auth.clientCapabilities;
14847
+ const mergedClaims = configClaims && configClaims.length
14848
+ ? addClientCapabilitiesToClaims$1(claims, configClaims)
14849
+ : claims;
14773
14850
  const validatedRequest = {
14774
14851
  ...remainingProperties,
14852
+ claims: mergedClaims,
14775
14853
  accountId: this.accountId,
14776
14854
  clientId: this.config.auth.clientId,
14777
14855
  authority: canonicalAuthority.urlString,
@@ -14904,6 +14982,53 @@
14904
14982
  * Copyright (c) Microsoft Corporation. All rights reserved.
14905
14983
  * Licensed under the MIT License.
14906
14984
  */
14985
+ const clientDataAccountTypeMapping = new Map([
14986
+ ["e", "AAD"],
14987
+ ["m", "MSA"],
14988
+ ]);
14989
+ /**
14990
+ * Parses the clientdata response parameter from the /authorize endpoint.
14991
+ *
14992
+ * The clientdata value is URL-encoded and pipe-delimited:
14993
+ * urlencoded(account_type | error | sub_error | cloud_instance | caller_data_boundary)
14994
+ *
14995
+ * @param clientdata - The raw clientdata string from the authorize response
14996
+ * @returns Parsed ClientData object, or null if the input is empty/invalid
14997
+ */
14998
+ function parseClientData(clientdata) {
14999
+ if (!clientdata) {
15000
+ return null;
15001
+ }
15002
+ try {
15003
+ const decoded = decodeURIComponent(clientdata);
15004
+ const parts = decoded.split("|");
15005
+ if (parts.length < 5) {
15006
+ return null;
15007
+ }
15008
+ return {
15009
+ accountType: clientDataAccountTypeMapping.get(parts[0]?.trim() || "") || "",
15010
+ error: parts[1]?.trim() || "",
15011
+ subError: parts[2]?.trim() || "",
15012
+ cloudInstance: parts[3]?.trim() || "",
15013
+ callerDataBoundary: parts[4]?.trim() || "",
15014
+ };
15015
+ }
15016
+ catch {
15017
+ return null;
15018
+ }
15019
+ }
15020
+ /**
15021
+ * Instruments account type, error, and suberror from clientdata
15022
+ */
15023
+ function instrumentClientData(response, correlationId, performanceClient) {
15024
+ const parsed = parseClientData(response.clientdata);
15025
+ parsed?.accountType &&
15026
+ performanceClient.addFields({ accountType: parsed.accountType }, correlationId);
15027
+ parsed?.error &&
15028
+ performanceClient.addFields({ serverErrorNo: parsed.error }, correlationId);
15029
+ parsed?.subError &&
15030
+ performanceClient.addFields({ serverSubErrorNo: parsed.subError }, correlationId);
15031
+ }
14907
15032
  /**
14908
15033
  * Returns map of parameters that are applicable to all calls to /authorize whether using PKCE or EAR
14909
15034
  * @param config
@@ -15066,6 +15191,8 @@
15066
15191
  async function handleResponseCode(request, response, codeVerifier, apiId, config, authClient, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
15067
15192
  // Remove throttle if it exists
15068
15193
  ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
15194
+ // Instrument clientdata telemetry fields from the authorize response
15195
+ instrumentClientData(response, request.correlationId, performanceClient);
15069
15196
  if (response.accountId) {
15070
15197
  return invokeAsync(handleResponsePlatformBroker, PerformanceEvents.HandleResponsePlatformBroker, logger, performanceClient, request.correlationId)(request, response.accountId, apiId, config, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider);
15071
15198
  }
@@ -15098,6 +15225,8 @@
15098
15225
  async function handleResponseEAR(request, response, apiId, config, authority, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
15099
15226
  // Remove throttle if it exists
15100
15227
  ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
15228
+ // Instrument clientdata telemetry fields from the authorize response
15229
+ instrumentClientData(response, request.correlationId, performanceClient);
15101
15230
  // Validate state & check response for errors
15102
15231
  validateAuthorizationResponse(response, request.state);
15103
15232
  if (!response.ear_jwe) {
@@ -15569,14 +15698,28 @@
15569
15698
  return nativeResponse;
15570
15699
  }
15571
15700
  getDOMExtraParams(extraParameters) {
15572
- const stringifiedParams = Object.entries(extraParameters).reduce((record, [key, value]) => {
15573
- record[key] = String(value);
15574
- return record;
15575
- }, {});
15576
- const validExtraParams = {
15577
- ...stringifiedParams,
15578
- };
15579
- return validExtraParams;
15701
+ try {
15702
+ const stringifiedProperties = {};
15703
+ for (const [key, value] of Object.entries(extraParameters)) {
15704
+ if (!value) {
15705
+ continue;
15706
+ }
15707
+ if (typeof value === "object") {
15708
+ stringifiedProperties[key] = JSON.stringify(value);
15709
+ }
15710
+ else {
15711
+ stringifiedProperties[key] = String(value);
15712
+ }
15713
+ }
15714
+ return stringifiedProperties;
15715
+ }
15716
+ catch (e) {
15717
+ this.logger.error(this.platformAuthType + " - Error stringifying extra parameters");
15718
+ this.logger.errorPii(this.platformAuthType +
15719
+ " - Error stringifying extra parameters: " +
15720
+ e);
15721
+ return {};
15722
+ }
15580
15723
  }
15581
15724
  }
15582
15725
 
@@ -16643,6 +16786,12 @@
16643
16786
  */
16644
16787
  async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, performanceClient, logger, correlationId, responseType) {
16645
16788
  performanceClient.addQueueMeasurement(PerformanceEvents.SilentHandlerMonitorIframeForHash, correlationId);
16789
+ performanceClient.addFields({
16790
+ iframePollIntervalMs: pollIntervalMilliseconds,
16791
+ iframeTimeoutMs: timeout,
16792
+ }, correlationId);
16793
+ let totalTickCount = 0;
16794
+ let crossOriginTickCount = 0;
16646
16795
  return new Promise((resolve, reject) => {
16647
16796
  if (timeout < DEFAULT_IFRAME_TIMEOUT_MS) {
16648
16797
  logger.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${timeout}ms) than the default (${DEFAULT_IFRAME_TIMEOUT_MS}ms). This may result in timeouts.`);
@@ -16656,6 +16805,7 @@
16656
16805
  reject(createBrowserAuthError(monitorWindowTimeout));
16657
16806
  }, timeout);
16658
16807
  const intervalId = window.setInterval(() => {
16808
+ totalTickCount++;
16659
16809
  let href = "";
16660
16810
  const contentWindow = iframe.contentWindow;
16661
16811
  try {
@@ -16666,7 +16816,9 @@
16666
16816
  */
16667
16817
  href = contentWindow ? contentWindow.location.href : "";
16668
16818
  }
16669
- catch (e) { }
16819
+ catch (e) {
16820
+ crossOriginTickCount++;
16821
+ }
16670
16822
  if (!href || href === "about:blank") {
16671
16823
  return;
16672
16824
  }
@@ -16684,6 +16836,10 @@
16684
16836
  resolve(responseString);
16685
16837
  }, pollIntervalMilliseconds);
16686
16838
  }).finally(() => {
16839
+ performanceClient.addFields({
16840
+ iframeTickCount: totalTickCount,
16841
+ crossOriginTickCount: crossOriginTickCount,
16842
+ }, correlationId);
16687
16843
  invoke(removeHiddenIframe, PerformanceEvents.RemoveHiddenIframe, logger, performanceClient, correlationId)(iframe);
16688
16844
  });
16689
16845
  }
@@ -17311,6 +17467,22 @@
17311
17467
  * Copyright (c) Microsoft Corporation. All rights reserved.
17312
17468
  * Licensed under the MIT License.
17313
17469
  */
17470
+ /**
17471
+ * Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
17472
+ * @returns Network connection information, or an empty object if not available.
17473
+ */
17474
+ function getNetworkInfo() {
17475
+ if (typeof window === "undefined" || !window.navigator) {
17476
+ return {};
17477
+ }
17478
+ const connection = "connection" in window.navigator
17479
+ ? window.navigator.connection
17480
+ : undefined;
17481
+ return {
17482
+ effectiveType: connection?.effectiveType,
17483
+ rtt: connection?.rtt,
17484
+ };
17485
+ }
17314
17486
  function collectInstanceStats(currentClientId, performanceEvent, logger) {
17315
17487
  const frameInstances =
17316
17488
  // @ts-ignore
@@ -17404,22 +17576,30 @@
17404
17576
  this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto, this.performanceClient);
17405
17577
  this.activeSilentTokenRequests = new Map();
17406
17578
  // Register listener functions
17407
- this.trackPageVisibility = this.trackPageVisibility.bind(this);
17408
- // Register listener functions
17409
- this.trackPageVisibilityWithMeasurement =
17410
- this.trackPageVisibilityWithMeasurement.bind(this);
17579
+ this.trackStateChangeWithMeasurement =
17580
+ this.trackStateChangeWithMeasurement.bind(this);
17411
17581
  }
17412
17582
  static async createController(operatingContext, request) {
17413
17583
  const controller = new StandardController(operatingContext);
17414
17584
  await controller.initialize(request);
17415
17585
  return controller;
17416
17586
  }
17417
- trackPageVisibility(correlationId) {
17587
+ trackStateChange(correlationId, event) {
17418
17588
  if (!correlationId) {
17419
17589
  return;
17420
17590
  }
17421
- this.logger.info("Perf: Visibility change detected");
17422
- this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
17591
+ if (event.type === "visibilitychange") {
17592
+ this.logger.info("Perf: Visibility change detected");
17593
+ this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
17594
+ }
17595
+ else if (event.type === "online") {
17596
+ this.logger.info("Perf: Online status change detected");
17597
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
17598
+ }
17599
+ else if (event.type === "offline") {
17600
+ this.logger.info("Perf: Offline status change detected");
17601
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
17602
+ }
17423
17603
  }
17424
17604
  /**
17425
17605
  * Initializer function to perform async startup tasks such as connecting to WAM extension
@@ -17825,16 +18005,40 @@
17825
18005
  }
17826
18006
  });
17827
18007
  }
17828
- trackPageVisibilityWithMeasurement() {
18008
+ trackStateChangeWithMeasurement(event) {
17829
18009
  const measurement = this.ssoSilentMeasurement ||
17830
18010
  this.acquireTokenByCodeAsyncMeasurement;
17831
18011
  if (!measurement) {
17832
18012
  return;
17833
18013
  }
17834
- this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
17835
- measurement.increment({
17836
- visibilityChangeCount: 1,
17837
- });
18014
+ if (event.type === "visibilitychange") {
18015
+ this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
18016
+ measurement.increment({
18017
+ visibilityChangeCount: 1,
18018
+ });
18019
+ }
18020
+ else if (event.type === "online") {
18021
+ this.logger.info("Perf: Online status change detected in ", measurement.event.name);
18022
+ measurement.increment({
18023
+ onlineStatusChangeCount: 1,
18024
+ });
18025
+ }
18026
+ else if (event.type === "offline") {
18027
+ this.logger.info("Perf: Offline status change detected in ", measurement.event.name);
18028
+ measurement.increment({
18029
+ onlineStatusChangeCount: 1,
18030
+ });
18031
+ }
18032
+ }
18033
+ addStateChangeListeners(listener) {
18034
+ document.addEventListener("visibilitychange", listener);
18035
+ window.addEventListener("online", listener);
18036
+ window.addEventListener("offline", listener);
18037
+ }
18038
+ removeStateChangeListeners(listener) {
18039
+ document.removeEventListener("visibilitychange", listener);
18040
+ window.removeEventListener("online", listener);
18041
+ window.removeEventListener("offline", listener);
17838
18042
  }
17839
18043
  /**
17840
18044
  * SSO capability verification in the background.
@@ -17915,8 +18119,9 @@
17915
18119
  preflightCheck(this.initialized, this.ssoSilentMeasurement, request.account);
17916
18120
  this.ssoSilentMeasurement?.increment({
17917
18121
  visibilityChangeCount: 0,
18122
+ onlineStatusChangeCount: 0,
17918
18123
  });
17919
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
18124
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
17920
18125
  this.logger.verbose("ssoSilent called", correlationId);
17921
18126
  this.eventHandler.emitEvent(EventType.SSO_SILENT_START, exports.InteractionType.Silent, validRequest);
17922
18127
  let result;
@@ -17960,7 +18165,7 @@
17960
18165
  throw e;
17961
18166
  })
17962
18167
  .finally(() => {
17963
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
18168
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
17964
18169
  });
17965
18170
  }
17966
18171
  /**
@@ -18072,8 +18277,9 @@
18072
18277
  this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenByCodeAsync, request.correlationId);
18073
18278
  this.acquireTokenByCodeAsyncMeasurement?.increment({
18074
18279
  visibilityChangeCount: 0,
18280
+ onlineStatusChangeCount: 0,
18075
18281
  });
18076
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
18282
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
18077
18283
  const silentAuthCodeClient = this.createSilentAuthCodeClient(request.correlationId);
18078
18284
  const silentTokenResult = await silentAuthCodeClient
18079
18285
  .acquireToken(request)
@@ -18091,7 +18297,7 @@
18091
18297
  throw tokenRenewalError;
18092
18298
  })
18093
18299
  .finally(() => {
18094
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
18300
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
18095
18301
  });
18096
18302
  return silentTokenResult;
18097
18303
  }
@@ -18636,13 +18842,13 @@
18636
18842
  * @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
18637
18843
  */
18638
18844
  async acquireTokenSilentAsync(request, account) {
18639
- const trackPageVisibility = () => this.trackPageVisibility(request.correlationId);
18845
+ const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
18640
18846
  this.performanceClient.addQueueMeasurement(PerformanceEvents.AcquireTokenSilentAsync, request.correlationId);
18641
18847
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, exports.InteractionType.Silent, request);
18642
18848
  if (request.correlationId) {
18643
- this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
18849
+ this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
18644
18850
  }
18645
- document.addEventListener("visibilitychange", trackPageVisibility);
18851
+ this.addStateChangeListeners(trackStateChange);
18646
18852
  const silentRequest = await invokeAsync(initializeSilentRequest, PerformanceEvents.InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
18647
18853
  const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
18648
18854
  const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
@@ -18721,7 +18927,7 @@
18721
18927
  throw tokenRenewalError;
18722
18928
  })
18723
18929
  .finally(() => {
18724
- document.removeEventListener("visibilitychange", trackPageVisibility);
18930
+ this.removeStateChangeListeners(trackStateChange);
18725
18931
  });
18726
18932
  }
18727
18933
  /**
@@ -20900,6 +21106,9 @@
20900
21106
  getPageVisibility() {
20901
21107
  return document.visibilityState?.toString() || null;
20902
21108
  }
21109
+ getOnlineStatus() {
21110
+ return typeof navigator !== "undefined" ? navigator.onLine : null;
21111
+ }
20903
21112
  deleteIncompleteSubMeasurements(inProgressEvent) {
20904
21113
  void getPerfMeasurementModule()?.then((module) => {
20905
21114
  const rootEvent = this.eventsByCorrelationId.get(inProgressEvent.event.correlationId);
@@ -20926,6 +21135,7 @@
20926
21135
  startMeasurement(measureName, correlationId) {
20927
21136
  // Capture page visibilityState and then invoke start/end measurement
20928
21137
  const startPageVisibility = this.getPageVisibility();
21138
+ const startOnlineStatus = this.getOnlineStatus();
20929
21139
  const inProgressEvent = super.startMeasurement(measureName, correlationId);
20930
21140
  const startTime = supportsBrowserPerformanceNow()
20931
21141
  ? window.performance.now()
@@ -20937,11 +21147,15 @@
20937
21147
  return {
20938
21148
  ...inProgressEvent,
20939
21149
  end: (event, error, account) => {
21150
+ const networkInfo = getNetworkInfo();
20940
21151
  const res = inProgressEvent.end({
20941
21152
  ...event,
20942
21153
  startPageVisibility,
21154
+ startOnlineStatus,
20943
21155
  endPageVisibility: this.getPageVisibility(),
20944
21156
  durationMs: getPerfDurationMs(startTime),
21157
+ networkEffectiveType: networkInfo.effectiveType,
21158
+ networkRtt: networkInfo.rtt,
20945
21159
  }, error, account);
20946
21160
  void browserMeasurement?.then((measurement) => measurement.endMeasurement());
20947
21161
  this.deleteIncompleteSubMeasurements(inProgressEvent);