@azure/msal-browser 4.29.0 → 4.30.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (329) hide show
  1. package/README.md +25 -25
  2. package/dist/app/IPublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientApplication.mjs +1 -1
  4. package/dist/app/PublicClientNext.mjs +1 -1
  5. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
  8. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  9. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  10. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  11. package/dist/cache/AccountManager.mjs +1 -1
  12. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  13. package/dist/cache/BrowserCacheManager.mjs +1 -1
  14. package/dist/cache/CacheHelpers.mjs +1 -1
  15. package/dist/cache/CacheKeys.mjs +1 -1
  16. package/dist/cache/CookieStorage.mjs +1 -1
  17. package/dist/cache/DatabaseStorage.mjs +1 -1
  18. package/dist/cache/EncryptedData.mjs +1 -1
  19. package/dist/cache/LocalStorage.mjs +1 -1
  20. package/dist/cache/MemoryStorage.mjs +1 -1
  21. package/dist/cache/SessionStorage.mjs +1 -1
  22. package/dist/cache/TokenCache.mjs +1 -1
  23. package/dist/config/Configuration.mjs +1 -1
  24. package/dist/controllers/ControllerFactory.mjs +1 -1
  25. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  26. package/dist/controllers/StandardController.d.ts +4 -2
  27. package/dist/controllers/StandardController.d.ts.map +1 -1
  28. package/dist/controllers/StandardController.mjs +55 -21
  29. package/dist/controllers/StandardController.mjs.map +1 -1
  30. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  31. package/dist/crypto/BrowserCrypto.mjs +1 -1
  32. package/dist/crypto/CryptoOps.mjs +1 -1
  33. package/dist/crypto/PkceGenerator.mjs +1 -1
  34. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  35. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  36. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  37. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  38. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
  39. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  40. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  41. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  42. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  43. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  44. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  45. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  46. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  47. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  48. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  49. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  50. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  51. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  52. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  53. package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
  54. package/dist/custom-auth-path/config/Configuration.mjs +1 -1
  55. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  56. package/dist/custom-auth-path/controllers/StandardController.d.ts +4 -2
  57. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  58. package/dist/custom-auth-path/controllers/StandardController.mjs +55 -21
  59. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  60. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  61. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  62. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  63. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  64. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  65. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  166. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  167. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  169. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  170. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  171. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  172. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  173. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  174. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  175. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  176. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  177. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  178. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  179. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  180. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  181. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  182. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  183. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +11 -3
  184. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  185. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  186. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  187. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  188. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  189. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
  190. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  191. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  192. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +5 -1
  193. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
  194. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  195. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
  196. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +15 -2
  197. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
  198. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  199. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  200. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  201. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  202. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  203. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  204. package/dist/custom-auth-path/protocol/Authorize.d.ts +28 -0
  205. package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
  206. package/dist/custom-auth-path/protocol/Authorize.mjs +53 -2
  207. package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
  208. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  209. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  210. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
  211. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  212. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  213. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  214. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  215. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  216. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
  217. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  218. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
  219. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
  220. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  221. package/dist/encode/Base64Decode.mjs +1 -1
  222. package/dist/encode/Base64Encode.mjs +1 -1
  223. package/dist/error/BrowserAuthError.mjs +1 -1
  224. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  225. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  226. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  227. package/dist/error/NativeAuthError.mjs +1 -1
  228. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  229. package/dist/error/NestedAppAuthError.mjs +1 -1
  230. package/dist/event/EventHandler.mjs +1 -1
  231. package/dist/event/EventMessage.mjs +1 -1
  232. package/dist/event/EventType.mjs +1 -1
  233. package/dist/index.mjs +1 -1
  234. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  235. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  236. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  237. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +11 -3
  238. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  239. package/dist/interaction_client/PopupClient.mjs +1 -1
  240. package/dist/interaction_client/RedirectClient.mjs +1 -1
  241. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  242. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  243. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  244. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  245. package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  246. package/dist/interaction_client/StandardInteractionClient.mjs +5 -1
  247. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  248. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  249. package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
  250. package/dist/interaction_handler/SilentHandler.mjs +15 -2
  251. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  252. package/dist/naa/BridgeError.mjs +1 -1
  253. package/dist/naa/BridgeProxy.mjs +1 -1
  254. package/dist/naa/BridgeStatusCode.mjs +1 -1
  255. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  256. package/dist/navigation/NavigationClient.mjs +1 -1
  257. package/dist/network/FetchClient.mjs +1 -1
  258. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  259. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  260. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  261. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  262. package/dist/packageMetadata.d.ts +1 -1
  263. package/dist/packageMetadata.mjs +2 -2
  264. package/dist/protocol/Authorize.d.ts +28 -0
  265. package/dist/protocol/Authorize.d.ts.map +1 -1
  266. package/dist/protocol/Authorize.mjs +53 -2
  267. package/dist/protocol/Authorize.mjs.map +1 -1
  268. package/dist/request/RequestHelpers.mjs +1 -1
  269. package/dist/response/ResponseHandler.mjs +1 -1
  270. package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
  271. package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  272. package/dist/telemetry/BrowserPerformanceClient.mjs +10 -1
  273. package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
  274. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  275. package/dist/utils/BrowserConstants.mjs +1 -1
  276. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  277. package/dist/utils/BrowserUtils.mjs +1 -1
  278. package/dist/utils/Helpers.mjs +1 -1
  279. package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
  280. package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  281. package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
  282. package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
  283. package/lib/custom-auth-path/msal-custom-auth.cjs +298 -111
  284. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  285. package/lib/custom-auth-path/msal-custom-auth.js +298 -111
  286. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  287. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  288. package/lib/custom-auth-path/types/controllers/StandardController.d.ts +4 -2
  289. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  290. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  291. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  292. package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  293. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  294. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  295. package/lib/custom-auth-path/types/protocol/Authorize.d.ts +28 -0
  296. package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
  297. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  298. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  299. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  300. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  301. package/lib/msal-browser.cjs +329 -115
  302. package/lib/msal-browser.cjs.map +1 -1
  303. package/lib/msal-browser.js +329 -115
  304. package/lib/msal-browser.js.map +1 -1
  305. package/lib/msal-browser.min.js +64 -64
  306. package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  307. package/lib/types/controllers/StandardController.d.ts +4 -2
  308. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  309. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  310. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  311. package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  312. package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  313. package/lib/types/packageMetadata.d.ts +1 -1
  314. package/lib/types/protocol/Authorize.d.ts +28 -0
  315. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  316. package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  317. package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  318. package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  319. package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  320. package/package.json +2 -2
  321. package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +24 -13
  322. package/src/controllers/StandardController.ts +74 -41
  323. package/src/interaction_client/PlatformAuthInteractionClient.ts +17 -1
  324. package/src/interaction_client/StandardInteractionClient.ts +12 -0
  325. package/src/interaction_handler/SilentHandler.ts +21 -1
  326. package/src/packageMetadata.ts +1 -1
  327. package/src/protocol/Authorize.ts +91 -0
  328. package/src/telemetry/BrowserPerformanceClient.ts +10 -0
  329. package/src/utils/MsalFrameStatsUtils.ts +27 -0
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v4.29.0 2026-02-23 */
1
+ /*! @azure/msal-browser v4.30.0 2026-03-18 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -276,7 +276,7 @@ const JsonWebTokenTypes = {
276
276
  // Token renewal offset default in seconds
277
277
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
278
278
 
279
- /*! @azure/msal-common v15.15.0 2026-02-23 */
279
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
280
280
  /*
281
281
  * Copyright (c) Microsoft Corporation. All rights reserved.
282
282
  * Licensed under the MIT License.
@@ -287,7 +287,7 @@ const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
287
287
  const unexpectedError = "unexpected_error";
288
288
  const postRequestFailed$1 = "post_request_failed";
289
289
 
290
- /*! @azure/msal-common v15.15.0 2026-02-23 */
290
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
291
291
 
292
292
  /*
293
293
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -322,7 +322,7 @@ function createAuthError(code, additionalMessage) {
322
322
  : AuthErrorMessages[code]);
323
323
  }
324
324
 
325
- /*! @azure/msal-common v15.15.0 2026-02-23 */
325
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
326
326
  /*
327
327
  * Copyright (c) Microsoft Corporation. All rights reserved.
328
328
  * Licensed under the MIT License.
@@ -373,7 +373,7 @@ const methodNotImplemented = "method_not_implemented";
373
373
  const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
374
374
  const platformBrokerError = "platform_broker_error";
375
375
 
376
- /*! @azure/msal-common v15.15.0 2026-02-23 */
376
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
377
377
 
378
378
  /*
379
379
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -448,7 +448,7 @@ function createClientAuthError(errorCode, additionalMessage) {
448
448
  return new ClientAuthError(errorCode, additionalMessage);
449
449
  }
450
450
 
451
- /*! @azure/msal-common v15.15.0 2026-02-23 */
451
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
452
452
 
453
453
  /*
454
454
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -487,7 +487,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
487
487
  },
488
488
  };
489
489
 
490
- /*! @azure/msal-common v15.15.0 2026-02-23 */
490
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
491
491
 
492
492
  /*
493
493
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -678,12 +678,12 @@ class Logger {
678
678
  }
679
679
  }
680
680
 
681
- /*! @azure/msal-common v15.15.0 2026-02-23 */
681
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
682
682
  /* eslint-disable header/header */
683
683
  const name$1 = "@azure/msal-common";
684
- const version$1 = "15.15.0";
684
+ const version$1 = "15.17.0";
685
685
 
686
- /*! @azure/msal-common v15.15.0 2026-02-23 */
686
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
687
687
  /*
688
688
  * Copyright (c) Microsoft Corporation. All rights reserved.
689
689
  * Licensed under the MIT License.
@@ -692,7 +692,7 @@ const AzureCloudInstance = {
692
692
  // AzureCloudInstance is not specified.
693
693
  None: "none"};
694
694
 
695
- /*! @azure/msal-common v15.15.0 2026-02-23 */
695
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
696
696
  /*
697
697
  * Copyright (c) Microsoft Corporation. All rights reserved.
698
698
  * Licensed under the MIT License.
@@ -722,7 +722,7 @@ const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
722
722
  const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
723
723
  const invalidPlatformBrokerConfiguration = "invalid_platform_broker_configuration";
724
724
 
725
- /*! @azure/msal-common v15.15.0 2026-02-23 */
725
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
726
726
 
727
727
  /*
728
728
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -768,7 +768,7 @@ function createClientConfigurationError(errorCode) {
768
768
  return new ClientConfigurationError(errorCode);
769
769
  }
770
770
 
771
- /*! @azure/msal-common v15.15.0 2026-02-23 */
771
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
772
772
  /*
773
773
  * Copyright (c) Microsoft Corporation. All rights reserved.
774
774
  * Licensed under the MIT License.
@@ -863,9 +863,48 @@ class StringUtils {
863
863
  .replace(/\?/g, "\\?"));
864
864
  return regex.test(input);
865
865
  }
866
+ /**
867
+ * Tests if a given string matches a given pattern using stricter, anchored matching semantics.
868
+ *
869
+ * Differences from `matchPattern` (legacy):
870
+ * - All regex metacharacters (including `.`) in the pattern are treated as literals,
871
+ * so `example.com` matches only `example.com` and not `exampleXcom`.
872
+ * - The generated regex is anchored with `^` and `$` so partial/substring matches
873
+ * are not allowed.
874
+ * - `*` is the only supported wildcard. Its behaviour depends on the URL component:
875
+ * - `host` component: `*` matches any sequence of characters that does NOT include
876
+ * a dot (`.`), keeping wildcards within a single DNS label boundary.
877
+ * - All other components: `*` matches any sequence of characters (including `/`).
878
+ *
879
+ * @param pattern - The `protectedResourceMap` key pattern to match against. `*` is a
880
+ * multi-character wildcard; all other characters are treated as literals.
881
+ * @param input - The URL component value (e.g. host, pathname) extracted from the
882
+ * outgoing request URL to test against the pattern.
883
+ * @param options - Optional. Provide `component` to enable component-aware wildcard
884
+ * semantics. Accepted values: `"host"`, `"path"`, `"protocol"`, `"search"`,
885
+ * `"hash"`. Defaults to path-style (permissive) matching when omitted.
886
+ * @returns `true` if the full input string matches the pattern; `false` otherwise.
887
+ */
888
+ static matchPatternStrict(pattern, input, options) {
889
+ const component = options?.component;
890
+ // Step 1: Escape all regex special characters so literals are matched literally.
891
+ let regexBody = pattern.replace(/[.+^${}()|[\]\\*?]/g, "\\$&");
892
+ // Step 2: Replace the escaped '*' with its component-aware regex equivalent.
893
+ if (component === "host") {
894
+ regexBody = regexBody.replace(/\\\*/g, "[^.]*");
895
+ }
896
+ else {
897
+ // PATH, PROTOCOL, SEARCH, HASH, or unspecified: '*' matches any characters.
898
+ regexBody = regexBody.replace(/\\\*/g, ".*");
899
+ }
900
+ // Step 3: Anchor for full-string matching.
901
+ // eslint-disable-next-line security/detect-non-literal-regexp
902
+ const regex = new RegExp(`^${regexBody}$`);
903
+ return regex.test(input);
904
+ }
866
905
  }
867
906
 
868
- /*! @azure/msal-common v15.15.0 2026-02-23 */
907
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
869
908
 
870
909
  /*
871
910
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1060,7 +1099,7 @@ class ScopeSet {
1060
1099
  }
1061
1100
  }
1062
1101
 
1063
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1102
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1064
1103
 
1065
1104
  /*
1066
1105
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1100,7 +1139,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
1100
1139
  };
1101
1140
  }
1102
1141
 
1103
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1142
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1104
1143
  /*
1105
1144
  * Copyright (c) Microsoft Corporation. All rights reserved.
1106
1145
  * Licensed under the MIT License.
@@ -1182,7 +1221,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1182
1221
  return updatedAccountInfo;
1183
1222
  }
1184
1223
 
1185
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1224
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1186
1225
  /*
1187
1226
  * Copyright (c) Microsoft Corporation. All rights reserved.
1188
1227
  * Licensed under the MIT License.
@@ -1197,7 +1236,7 @@ const AuthorityType = {
1197
1236
  Ciam: 3,
1198
1237
  };
1199
1238
 
1200
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1239
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1201
1240
  /*
1202
1241
  * Copyright (c) Microsoft Corporation. All rights reserved.
1203
1242
  * Licensed under the MIT License.
@@ -1219,7 +1258,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
1219
1258
  return null;
1220
1259
  }
1221
1260
 
1222
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1261
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1223
1262
  /*
1224
1263
  * Copyright (c) Microsoft Corporation. All rights reserved.
1225
1264
  * Licensed under the MIT License.
@@ -1243,7 +1282,7 @@ const ProtocolMode = {
1243
1282
  EAR: "EAR",
1244
1283
  };
1245
1284
 
1246
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1285
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1247
1286
 
1248
1287
  /*
1249
1288
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1478,7 +1517,7 @@ class AccountEntity {
1478
1517
  }
1479
1518
  }
1480
1519
 
1481
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1520
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1482
1521
 
1483
1522
  /*
1484
1523
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1559,7 +1598,7 @@ function checkMaxAge(authTime, maxAge) {
1559
1598
  }
1560
1599
  }
1561
1600
 
1562
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1601
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1563
1602
 
1564
1603
  /*
1565
1604
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1675,7 +1714,7 @@ function normalizeUrlForComparison(url) {
1675
1714
  }
1676
1715
  }
1677
1716
 
1678
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1717
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1679
1718
 
1680
1719
  /*
1681
1720
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1839,7 +1878,7 @@ class UrlString {
1839
1878
  }
1840
1879
  }
1841
1880
 
1842
- /*! @azure/msal-common v15.15.0 2026-02-23 */
1881
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
1843
1882
 
1844
1883
  /*
1845
1884
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2014,7 +2053,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2014
2053
  return null;
2015
2054
  }
2016
2055
 
2017
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2056
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2018
2057
  /*
2019
2058
  * Copyright (c) Microsoft Corporation. All rights reserved.
2020
2059
  * Licensed under the MIT License.
@@ -2022,7 +2061,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2022
2061
  const cacheQuotaExceeded = "cache_quota_exceeded";
2023
2062
  const cacheErrorUnknown = "cache_error_unknown";
2024
2063
 
2025
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2064
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2026
2065
 
2027
2066
  /*
2028
2067
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2067,7 +2106,7 @@ function createCacheError(e) {
2067
2106
  }
2068
2107
  }
2069
2108
 
2070
- /*! @azure/msal-common v15.15.0 2026-02-23 */
2109
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
2071
2110
 
2072
2111
  /*
2073
2112
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3177,7 +3216,7 @@ class DefaultStorageClass extends CacheManager {
3177
3216
  }
3178
3217
  }
3179
3218
 
3180
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3219
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3181
3220
  /*
3182
3221
  * Copyright (c) Microsoft Corporation. All rights reserved.
3183
3222
  * Licensed under the MIT License.
@@ -3454,7 +3493,7 @@ const PerformanceEvents = {
3454
3493
  const PerformanceEventStatus = {
3455
3494
  InProgress: 1};
3456
3495
 
3457
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3496
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3458
3497
 
3459
3498
  /*
3460
3499
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3533,7 +3572,7 @@ class StubPerformanceClient {
3533
3572
  }
3534
3573
  }
3535
3574
 
3536
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3575
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3537
3576
 
3538
3577
  /*
3539
3578
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3633,7 +3672,7 @@ function isOidcProtocolMode(config) {
3633
3672
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3634
3673
  }
3635
3674
 
3636
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3675
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3637
3676
  /*
3638
3677
  * Copyright (c) Microsoft Corporation. All rights reserved.
3639
3678
  * Licensed under the MIT License.
@@ -3643,7 +3682,7 @@ const CcsCredentialType = {
3643
3682
  UPN: "UPN",
3644
3683
  };
3645
3684
 
3646
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3685
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3647
3686
  /*
3648
3687
  * Copyright (c) Microsoft Corporation. All rights reserved.
3649
3688
  * Licensed under the MIT License.
@@ -3691,9 +3730,10 @@ const BROKER_CLIENT_ID = "brk_client_id";
3691
3730
  const BROKER_REDIRECT_URI = "brk_redirect_uri";
3692
3731
  const INSTANCE_AWARE = "instance_aware";
3693
3732
  const EAR_JWK = "ear_jwk";
3694
- const EAR_JWE_CRYPTO = "ear_jwe_crypto";
3733
+ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
3734
+ const CLI_DATA = "clidata";
3695
3735
 
3696
- /*! @azure/msal-common v15.15.0 2026-02-23 */
3736
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
3697
3737
 
3698
3738
  /*
3699
3739
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3959,6 +3999,12 @@ function addGrantType(parameters, grantType) {
3959
3999
  function addClientInfo(parameters) {
3960
4000
  parameters.set(CLIENT_INFO, "1");
3961
4001
  }
4002
+ /**
4003
+ * add clidata=1 to request to indicate client data support
4004
+ */
4005
+ function addCliData(parameters) {
4006
+ parameters.set(CLI_DATA, "1");
4007
+ }
3962
4008
  function addInstanceAware(parameters) {
3963
4009
  if (!parameters.has(INSTANCE_AWARE)) {
3964
4010
  parameters.set(INSTANCE_AWARE, "true");
@@ -4073,7 +4119,7 @@ function addPostBodyParameters(parameters, bodyParameters) {
4073
4119
  });
4074
4120
  }
4075
4121
 
4076
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4122
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4077
4123
  /*
4078
4124
  * Copyright (c) Microsoft Corporation. All rights reserved.
4079
4125
  * Licensed under the MIT License.
@@ -4085,7 +4131,7 @@ function isOpenIdConfigResponse(response) {
4085
4131
  response.hasOwnProperty("jwks_uri"));
4086
4132
  }
4087
4133
 
4088
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4134
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4089
4135
  /*
4090
4136
  * Copyright (c) Microsoft Corporation. All rights reserved.
4091
4137
  * Licensed under the MIT License.
@@ -4095,7 +4141,7 @@ function isCloudInstanceDiscoveryResponse(response) {
4095
4141
  response.hasOwnProperty("metadata"));
4096
4142
  }
4097
4143
 
4098
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4144
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4099
4145
  /*
4100
4146
  * Copyright (c) Microsoft Corporation. All rights reserved.
4101
4147
  * Licensed under the MIT License.
@@ -4105,7 +4151,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
4105
4151
  response.hasOwnProperty("error_description"));
4106
4152
  }
4107
4153
 
4108
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4154
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4109
4155
  /*
4110
4156
  * Copyright (c) Microsoft Corporation. All rights reserved.
4111
4157
  * Licensed under the MIT License.
@@ -4201,7 +4247,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
4201
4247
  };
4202
4248
  };
4203
4249
 
4204
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4250
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4205
4251
 
4206
4252
  /*
4207
4253
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4307,7 +4353,7 @@ RegionDiscovery.IMDS_OPTIONS = {
4307
4353
  },
4308
4354
  };
4309
4355
 
4310
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4356
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4311
4357
  /*
4312
4358
  * Copyright (c) Microsoft Corporation. All rights reserved.
4313
4359
  * Licensed under the MIT License.
@@ -4372,7 +4418,7 @@ function wasClockTurnedBack(cachedAt) {
4372
4418
  return cachedAtSec > nowSeconds();
4373
4419
  }
4374
4420
 
4375
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4421
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4376
4422
 
4377
4423
  /*
4378
4424
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4634,7 +4680,7 @@ function isAuthorityMetadataExpired(metadata) {
4634
4680
  return metadata.expiresAt <= nowSeconds();
4635
4681
  }
4636
4682
 
4637
- /*! @azure/msal-common v15.15.0 2026-02-23 */
4683
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
4638
4684
 
4639
4685
  /*
4640
4686
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5473,7 +5519,7 @@ function buildStaticAuthorityOptions(authOptions) {
5473
5519
  };
5474
5520
  }
5475
5521
 
5476
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5522
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5477
5523
 
5478
5524
  /*
5479
5525
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5504,7 +5550,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
5504
5550
  }
5505
5551
  }
5506
5552
 
5507
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5553
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5508
5554
 
5509
5555
  /*
5510
5556
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5523,7 +5569,7 @@ class ServerError extends AuthError {
5523
5569
  }
5524
5570
  }
5525
5571
 
5526
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5572
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5527
5573
  /*
5528
5574
  * Copyright (c) Microsoft Corporation. All rights reserved.
5529
5575
  * Licensed under the MIT License.
@@ -5544,7 +5590,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
5544
5590
  };
5545
5591
  }
5546
5592
 
5547
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5593
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5548
5594
 
5549
5595
  /*
5550
5596
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5631,7 +5677,7 @@ class ThrottlingUtils {
5631
5677
  }
5632
5678
  }
5633
5679
 
5634
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5680
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5635
5681
 
5636
5682
  /*
5637
5683
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5662,7 +5708,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
5662
5708
  return new NetworkError(error, httpStatus, responseHeaders);
5663
5709
  }
5664
5710
 
5665
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5711
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5666
5712
 
5667
5713
  /*
5668
5714
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5810,7 +5856,7 @@ class BaseClient {
5810
5856
  }
5811
5857
  }
5812
5858
 
5813
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5859
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5814
5860
  /*
5815
5861
  * Copyright (c) Microsoft Corporation. All rights reserved.
5816
5862
  * Licensed under the MIT License.
@@ -5861,7 +5907,7 @@ const badToken = "bad_token";
5861
5907
  */
5862
5908
  const interruptedUser = "interrupted_user";
5863
5909
 
5864
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5910
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5865
5911
 
5866
5912
  /*
5867
5913
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5936,7 +5982,7 @@ function createInteractionRequiredAuthError(errorCode) {
5936
5982
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
5937
5983
  }
5938
5984
 
5939
- /*! @azure/msal-common v15.15.0 2026-02-23 */
5985
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
5940
5986
 
5941
5987
  /*
5942
5988
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6008,7 +6054,7 @@ class ProtocolUtils {
6008
6054
  }
6009
6055
  }
6010
6056
 
6011
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6057
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6012
6058
 
6013
6059
  /*
6014
6060
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6090,7 +6136,7 @@ class PopTokenGenerator {
6090
6136
  }
6091
6137
  }
6092
6138
 
6093
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6139
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6094
6140
  /*
6095
6141
  * Copyright (c) Microsoft Corporation. All rights reserved.
6096
6142
  * Licensed under the MIT License.
@@ -6117,7 +6163,7 @@ class PopTokenGenerator {
6117
6163
  }
6118
6164
  }
6119
6165
 
6120
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6166
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6121
6167
 
6122
6168
  /*
6123
6169
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6456,7 +6502,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
6456
6502
  return baseAccount;
6457
6503
  }
6458
6504
 
6459
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6505
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6460
6506
  /*
6461
6507
  * Copyright (c) Microsoft Corporation. All rights reserved.
6462
6508
  * Licensed under the MIT License.
@@ -6474,7 +6520,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
6474
6520
  }
6475
6521
  }
6476
6522
 
6477
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6523
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6478
6524
 
6479
6525
  /*
6480
6526
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6623,11 +6669,6 @@ class AuthorizationCodeClient extends BaseClient {
6623
6669
  throw createClientConfigurationError(missingSshJwk);
6624
6670
  }
6625
6671
  }
6626
- if (!StringUtils.isEmptyObj(request.claims) ||
6627
- (this.config.authOptions.clientCapabilities &&
6628
- this.config.authOptions.clientCapabilities.length > 0)) {
6629
- addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
6630
- }
6631
6672
  let ccsCred = undefined;
6632
6673
  if (request.clientInfo) {
6633
6674
  try {
@@ -6677,6 +6718,15 @@ class AuthorizationCodeClient extends BaseClient {
6677
6718
  });
6678
6719
  }
6679
6720
  instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
6721
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
6722
+ const configClaims = request.skipBrokerClaims &&
6723
+ parameters.has(BROKER_CLIENT_ID)
6724
+ ? undefined
6725
+ : this.config.authOptions.clientCapabilities;
6726
+ if (!StringUtils.isEmptyObj(request.claims) ||
6727
+ (configClaims && configClaims.length > 0)) {
6728
+ addClaims(parameters, request.claims, configClaims);
6729
+ }
6680
6730
  return mapToQueryString(parameters);
6681
6731
  }
6682
6732
  /**
@@ -6710,7 +6760,7 @@ class AuthorizationCodeClient extends BaseClient {
6710
6760
  }
6711
6761
  }
6712
6762
 
6713
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6763
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6714
6764
 
6715
6765
  /*
6716
6766
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6888,11 +6938,6 @@ class RefreshTokenClient extends BaseClient {
6888
6938
  throw createClientConfigurationError(missingSshJwk);
6889
6939
  }
6890
6940
  }
6891
- if (!StringUtils.isEmptyObj(request.claims) ||
6892
- (this.config.authOptions.clientCapabilities &&
6893
- this.config.authOptions.clientCapabilities.length > 0)) {
6894
- addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
6895
- }
6896
6941
  if (this.config.systemOptions.preventCorsPreflight &&
6897
6942
  request.ccsCredential) {
6898
6943
  switch (request.ccsCredential.type) {
@@ -6918,11 +6963,20 @@ class RefreshTokenClient extends BaseClient {
6918
6963
  addExtraQueryParameters(parameters, request.tokenBodyParameters);
6919
6964
  }
6920
6965
  instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
6966
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
6967
+ const configClaims = request.skipBrokerClaims &&
6968
+ parameters.has(BROKER_CLIENT_ID)
6969
+ ? undefined
6970
+ : this.config.authOptions.clientCapabilities;
6971
+ if (!StringUtils.isEmptyObj(request.claims) ||
6972
+ (configClaims && configClaims.length > 0)) {
6973
+ addClaims(parameters, request.claims, configClaims);
6974
+ }
6921
6975
  return mapToQueryString(parameters);
6922
6976
  }
6923
6977
  }
6924
6978
 
6925
- /*! @azure/msal-common v15.15.0 2026-02-23 */
6979
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
6926
6980
 
6927
6981
  /*
6928
6982
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7020,7 +7074,7 @@ class SilentFlowClient extends BaseClient {
7020
7074
  }
7021
7075
  }
7022
7076
 
7023
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7077
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7024
7078
 
7025
7079
  /*
7026
7080
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7035,7 +7089,7 @@ const StubbedNetworkModule = {
7035
7089
  },
7036
7090
  };
7037
7091
 
7038
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7092
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7039
7093
 
7040
7094
  /*
7041
7095
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7067,6 +7121,8 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
7067
7121
  addResponseMode(parameters, request.responseMode);
7068
7122
  // add client_info=1
7069
7123
  addClientInfo(parameters);
7124
+ // add clidata=1
7125
+ addCliData(parameters);
7070
7126
  if (request.prompt) {
7071
7127
  addPrompt(parameters, request.prompt);
7072
7128
  performanceClient?.addFields({ prompt: request.prompt }, correlationId);
@@ -7156,14 +7212,17 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
7156
7212
  if (request.state) {
7157
7213
  addState(parameters, request.state);
7158
7214
  }
7159
- if (request.claims ||
7160
- (authOptions.clientCapabilities &&
7161
- authOptions.clientCapabilities.length > 0)) {
7162
- addClaims(parameters, request.claims, authOptions.clientCapabilities);
7163
- }
7164
7215
  if (request.embeddedClientId) {
7165
7216
  addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
7166
7217
  }
7218
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
7219
+ const configClaims = request.skipBrokerClaims &&
7220
+ parameters.has(BROKER_CLIENT_ID)
7221
+ ? undefined
7222
+ : authOptions.clientCapabilities;
7223
+ if (request.claims || (configClaims && configClaims.length > 0)) {
7224
+ addClaims(parameters, request.claims, configClaims);
7225
+ }
7167
7226
  // If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
7168
7227
  if (authOptions.instanceAware &&
7169
7228
  (!request.extraQueryParameters ||
@@ -7259,7 +7318,7 @@ function extractLoginHint(account) {
7259
7318
  return account.loginHint || account.idTokenClaims?.login_hint || null;
7260
7319
  }
7261
7320
 
7262
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7321
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7263
7322
 
7264
7323
  /*
7265
7324
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7522,7 +7581,7 @@ class ServerTelemetryManager {
7522
7581
  }
7523
7582
  }
7524
7583
 
7525
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7584
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7526
7585
  /*
7527
7586
  * Copyright (c) Microsoft Corporation. All rights reserved.
7528
7587
  * Licensed under the MIT License.
@@ -7530,7 +7589,7 @@ class ServerTelemetryManager {
7530
7589
  const missingKidError = "missing_kid_error";
7531
7590
  const missingAlgError = "missing_alg_error";
7532
7591
 
7533
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7592
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7534
7593
 
7535
7594
  /*
7536
7595
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7555,7 +7614,7 @@ function createJoseHeaderError(code) {
7555
7614
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
7556
7615
  }
7557
7616
 
7558
- /*! @azure/msal-common v15.15.0 2026-02-23 */
7617
+ /*! @azure/msal-common v15.17.0 2026-03-18 */
7559
7618
 
7560
7619
  /*
7561
7620
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7990,7 +8049,7 @@ function ensureArgumentIsJSONString(argName, argValue, correlationId) {
7990
8049
 
7991
8050
  /* eslint-disable header/header */
7992
8051
  const name = "@azure/msal-browser";
7993
- const version = "4.29.0";
8052
+ const version = "4.30.0";
7994
8053
 
7995
8054
  /*
7996
8055
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -9758,6 +9817,10 @@ class StandardInteractionClient extends BaseInteractionClient {
9758
9817
  async initializeAuthorizationRequest(request, interactionType) {
9759
9818
  this.performanceClient.addQueueMeasurement(PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.correlationId);
9760
9819
  const redirectUri = this.getRedirectUri(request.redirectUri);
9820
+ if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
9821
+ this.logger.warning("The origin of the redirect URI does not match the origin of the current page. This is likely to cause issues with authentication.", this.correlationId);
9822
+ this.performanceClient.addFields({ isRedirectUriCrossOrigin: true }, this.correlationId);
9823
+ }
9761
9824
  const browserState = {
9762
9825
  interactionType: interactionType,
9763
9826
  };
@@ -17223,11 +17286,19 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
17223
17286
  this.logger.trace("NativeInteractionClient - initializeNativeRequest called");
17224
17287
  const canonicalAuthority = await this.getCanonicalAuthority(request);
17225
17288
  // scopes are expected to be received by the native broker as "scope" and will be added to the request below. Other properties that should be dropped from the request to the native broker can be included in the object destructuring here.
17226
- const { scopes, ...remainingProperties } = request;
17289
+ const { scopes, claims, ...remainingProperties } = request;
17227
17290
  const scopeSet = new ScopeSet(scopes || []);
17228
17291
  scopeSet.appendScopes(OIDC_DEFAULT_SCOPES);
17292
+ // ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
17293
+ const configClaims = request.skipBrokerClaims && !!request.embeddedClientId
17294
+ ? undefined
17295
+ : this.config.auth.clientCapabilities;
17296
+ const mergedClaims = configClaims && configClaims.length
17297
+ ? addClientCapabilitiesToClaims(claims, configClaims)
17298
+ : claims;
17229
17299
  const validatedRequest = {
17230
17300
  ...remainingProperties,
17301
+ claims: mergedClaims,
17231
17302
  accountId: this.accountId,
17232
17303
  clientId: this.config.auth.clientId,
17233
17304
  authority: canonicalAuthority.urlString,
@@ -17360,6 +17431,53 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
17360
17431
  * Copyright (c) Microsoft Corporation. All rights reserved.
17361
17432
  * Licensed under the MIT License.
17362
17433
  */
17434
+ const clientDataAccountTypeMapping = new Map([
17435
+ ["e", "AAD"],
17436
+ ["m", "MSA"],
17437
+ ]);
17438
+ /**
17439
+ * Parses the clientdata response parameter from the /authorize endpoint.
17440
+ *
17441
+ * The clientdata value is URL-encoded and pipe-delimited:
17442
+ * urlencoded(account_type | error | sub_error | cloud_instance | caller_data_boundary)
17443
+ *
17444
+ * @param clientdata - The raw clientdata string from the authorize response
17445
+ * @returns Parsed ClientData object, or null if the input is empty/invalid
17446
+ */
17447
+ function parseClientData(clientdata) {
17448
+ if (!clientdata) {
17449
+ return null;
17450
+ }
17451
+ try {
17452
+ const decoded = decodeURIComponent(clientdata);
17453
+ const parts = decoded.split("|");
17454
+ if (parts.length < 5) {
17455
+ return null;
17456
+ }
17457
+ return {
17458
+ accountType: clientDataAccountTypeMapping.get(parts[0]?.trim() || "") || "",
17459
+ error: parts[1]?.trim() || "",
17460
+ subError: parts[2]?.trim() || "",
17461
+ cloudInstance: parts[3]?.trim() || "",
17462
+ callerDataBoundary: parts[4]?.trim() || "",
17463
+ };
17464
+ }
17465
+ catch {
17466
+ return null;
17467
+ }
17468
+ }
17469
+ /**
17470
+ * Instruments account type, error, and suberror from clientdata
17471
+ */
17472
+ function instrumentClientData(response, correlationId, performanceClient) {
17473
+ const parsed = parseClientData(response.clientdata);
17474
+ parsed?.accountType &&
17475
+ performanceClient.addFields({ accountType: parsed.accountType }, correlationId);
17476
+ parsed?.error &&
17477
+ performanceClient.addFields({ serverErrorNo: parsed.error }, correlationId);
17478
+ parsed?.subError &&
17479
+ performanceClient.addFields({ serverSubErrorNo: parsed.subError }, correlationId);
17480
+ }
17363
17481
  /**
17364
17482
  * Returns map of parameters that are applicable to all calls to /authorize whether using PKCE or EAR
17365
17483
  * @param config
@@ -17522,6 +17640,8 @@ async function handleResponsePlatformBroker(request, accountId, apiId, config, b
17522
17640
  async function handleResponseCode(request, response, codeVerifier, apiId, config, authClient, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
17523
17641
  // Remove throttle if it exists
17524
17642
  ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
17643
+ // Instrument clientdata telemetry fields from the authorize response
17644
+ instrumentClientData(response, request.correlationId, performanceClient);
17525
17645
  if (response.accountId) {
17526
17646
  return invokeAsync(handleResponsePlatformBroker, PerformanceEvents.HandleResponsePlatformBroker, logger, performanceClient, request.correlationId)(request, response.accountId, apiId, config, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider);
17527
17647
  }
@@ -17554,6 +17674,8 @@ async function handleResponseCode(request, response, codeVerifier, apiId, config
17554
17674
  async function handleResponseEAR(request, response, apiId, config, authority, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
17555
17675
  // Remove throttle if it exists
17556
17676
  ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
17677
+ // Instrument clientdata telemetry fields from the authorize response
17678
+ instrumentClientData(response, request.correlationId, performanceClient);
17557
17679
  // Validate state & check response for errors
17558
17680
  validateAuthorizationResponse(response, request.state);
17559
17681
  if (!response.ear_jwe) {
@@ -18319,14 +18441,28 @@ class PlatformAuthDOMHandler {
18319
18441
  return nativeResponse;
18320
18442
  }
18321
18443
  getDOMExtraParams(extraParameters) {
18322
- const stringifiedParams = Object.entries(extraParameters).reduce((record, [key, value]) => {
18323
- record[key] = String(value);
18324
- return record;
18325
- }, {});
18326
- const validExtraParams = {
18327
- ...stringifiedParams,
18328
- };
18329
- return validExtraParams;
18444
+ try {
18445
+ const stringifiedProperties = {};
18446
+ for (const [key, value] of Object.entries(extraParameters)) {
18447
+ if (!value) {
18448
+ continue;
18449
+ }
18450
+ if (typeof value === "object") {
18451
+ stringifiedProperties[key] = JSON.stringify(value);
18452
+ }
18453
+ else {
18454
+ stringifiedProperties[key] = String(value);
18455
+ }
18456
+ }
18457
+ return stringifiedProperties;
18458
+ }
18459
+ catch (e) {
18460
+ this.logger.error(this.platformAuthType + " - Error stringifying extra parameters");
18461
+ this.logger.errorPii(this.platformAuthType +
18462
+ " - Error stringifying extra parameters: " +
18463
+ e);
18464
+ return {};
18465
+ }
18330
18466
  }
18331
18467
  }
18332
18468
 
@@ -19377,6 +19513,12 @@ async function initiateEarRequest(config, authority, request, logger, performanc
19377
19513
  */
19378
19514
  async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, performanceClient, logger, correlationId, responseType) {
19379
19515
  performanceClient.addQueueMeasurement(PerformanceEvents.SilentHandlerMonitorIframeForHash, correlationId);
19516
+ performanceClient.addFields({
19517
+ iframePollIntervalMs: pollIntervalMilliseconds,
19518
+ iframeTimeoutMs: timeout,
19519
+ }, correlationId);
19520
+ let totalTickCount = 0;
19521
+ let crossOriginTickCount = 0;
19380
19522
  return new Promise((resolve, reject) => {
19381
19523
  if (timeout < DEFAULT_IFRAME_TIMEOUT_MS) {
19382
19524
  logger.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${timeout}ms) than the default (${DEFAULT_IFRAME_TIMEOUT_MS}ms). This may result in timeouts.`);
@@ -19390,6 +19532,7 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
19390
19532
  reject(createBrowserAuthError(monitorWindowTimeout));
19391
19533
  }, timeout);
19392
19534
  const intervalId = window.setInterval(() => {
19535
+ totalTickCount++;
19393
19536
  let href = "";
19394
19537
  const contentWindow = iframe.contentWindow;
19395
19538
  try {
@@ -19400,7 +19543,9 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
19400
19543
  */
19401
19544
  href = contentWindow ? contentWindow.location.href : "";
19402
19545
  }
19403
- catch (e) { }
19546
+ catch (e) {
19547
+ crossOriginTickCount++;
19548
+ }
19404
19549
  if (!href || href === "about:blank") {
19405
19550
  return;
19406
19551
  }
@@ -19418,6 +19563,10 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
19418
19563
  resolve(responseString);
19419
19564
  }, pollIntervalMilliseconds);
19420
19565
  }).finally(() => {
19566
+ performanceClient.addFields({
19567
+ iframeTickCount: totalTickCount,
19568
+ crossOriginTickCount: crossOriginTickCount,
19569
+ }, correlationId);
19421
19570
  invoke(removeHiddenIframe, PerformanceEvents.RemoveHiddenIframe, logger, performanceClient, correlationId)(iframe);
19422
19571
  });
19423
19572
  }
@@ -20045,6 +20194,10 @@ class SilentAuthCodeClient extends StandardInteractionClient {
20045
20194
  * Copyright (c) Microsoft Corporation. All rights reserved.
20046
20195
  * Licensed under the MIT License.
20047
20196
  */
20197
+ /**
20198
+ * Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
20199
+ * @returns Network connection information, or an empty object if not available.
20200
+ */
20048
20201
  function collectInstanceStats(currentClientId, performanceEvent, logger) {
20049
20202
  const frameInstances =
20050
20203
  // @ts-ignore
@@ -20138,22 +20291,30 @@ class StandardController {
20138
20291
  this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto, this.performanceClient);
20139
20292
  this.activeSilentTokenRequests = new Map();
20140
20293
  // Register listener functions
20141
- this.trackPageVisibility = this.trackPageVisibility.bind(this);
20142
- // Register listener functions
20143
- this.trackPageVisibilityWithMeasurement =
20144
- this.trackPageVisibilityWithMeasurement.bind(this);
20294
+ this.trackStateChangeWithMeasurement =
20295
+ this.trackStateChangeWithMeasurement.bind(this);
20145
20296
  }
20146
20297
  static async createController(operatingContext, request) {
20147
20298
  const controller = new StandardController(operatingContext);
20148
20299
  await controller.initialize(request);
20149
20300
  return controller;
20150
20301
  }
20151
- trackPageVisibility(correlationId) {
20302
+ trackStateChange(correlationId, event) {
20152
20303
  if (!correlationId) {
20153
20304
  return;
20154
20305
  }
20155
- this.logger.info("Perf: Visibility change detected");
20156
- this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
20306
+ if (event.type === "visibilitychange") {
20307
+ this.logger.info("Perf: Visibility change detected");
20308
+ this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
20309
+ }
20310
+ else if (event.type === "online") {
20311
+ this.logger.info("Perf: Online status change detected");
20312
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
20313
+ }
20314
+ else if (event.type === "offline") {
20315
+ this.logger.info("Perf: Offline status change detected");
20316
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
20317
+ }
20157
20318
  }
20158
20319
  /**
20159
20320
  * Initializer function to perform async startup tasks such as connecting to WAM extension
@@ -20559,16 +20720,40 @@ class StandardController {
20559
20720
  }
20560
20721
  });
20561
20722
  }
20562
- trackPageVisibilityWithMeasurement() {
20723
+ trackStateChangeWithMeasurement(event) {
20563
20724
  const measurement = this.ssoSilentMeasurement ||
20564
20725
  this.acquireTokenByCodeAsyncMeasurement;
20565
20726
  if (!measurement) {
20566
20727
  return;
20567
20728
  }
20568
- this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
20569
- measurement.increment({
20570
- visibilityChangeCount: 1,
20571
- });
20729
+ if (event.type === "visibilitychange") {
20730
+ this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
20731
+ measurement.increment({
20732
+ visibilityChangeCount: 1,
20733
+ });
20734
+ }
20735
+ else if (event.type === "online") {
20736
+ this.logger.info("Perf: Online status change detected in ", measurement.event.name);
20737
+ measurement.increment({
20738
+ onlineStatusChangeCount: 1,
20739
+ });
20740
+ }
20741
+ else if (event.type === "offline") {
20742
+ this.logger.info("Perf: Offline status change detected in ", measurement.event.name);
20743
+ measurement.increment({
20744
+ onlineStatusChangeCount: 1,
20745
+ });
20746
+ }
20747
+ }
20748
+ addStateChangeListeners(listener) {
20749
+ document.addEventListener("visibilitychange", listener);
20750
+ window.addEventListener("online", listener);
20751
+ window.addEventListener("offline", listener);
20752
+ }
20753
+ removeStateChangeListeners(listener) {
20754
+ document.removeEventListener("visibilitychange", listener);
20755
+ window.removeEventListener("online", listener);
20756
+ window.removeEventListener("offline", listener);
20572
20757
  }
20573
20758
  /**
20574
20759
  * SSO capability verification in the background.
@@ -20649,8 +20834,9 @@ class StandardController {
20649
20834
  preflightCheck(this.initialized, this.ssoSilentMeasurement, request.account);
20650
20835
  this.ssoSilentMeasurement?.increment({
20651
20836
  visibilityChangeCount: 0,
20837
+ onlineStatusChangeCount: 0,
20652
20838
  });
20653
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
20839
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
20654
20840
  this.logger.verbose("ssoSilent called", correlationId);
20655
20841
  this.eventHandler.emitEvent(EventType.SSO_SILENT_START, InteractionType.Silent, validRequest);
20656
20842
  let result;
@@ -20694,7 +20880,7 @@ class StandardController {
20694
20880
  throw e;
20695
20881
  })
20696
20882
  .finally(() => {
20697
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
20883
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
20698
20884
  });
20699
20885
  }
20700
20886
  /**
@@ -20806,8 +20992,9 @@ class StandardController {
20806
20992
  this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenByCodeAsync, request.correlationId);
20807
20993
  this.acquireTokenByCodeAsyncMeasurement?.increment({
20808
20994
  visibilityChangeCount: 0,
20995
+ onlineStatusChangeCount: 0,
20809
20996
  });
20810
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
20997
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
20811
20998
  const silentAuthCodeClient = this.createSilentAuthCodeClient(request.correlationId);
20812
20999
  const silentTokenResult = await silentAuthCodeClient
20813
21000
  .acquireToken(request)
@@ -20825,7 +21012,7 @@ class StandardController {
20825
21012
  throw tokenRenewalError;
20826
21013
  })
20827
21014
  .finally(() => {
20828
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
21015
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
20829
21016
  });
20830
21017
  return silentTokenResult;
20831
21018
  }
@@ -21370,13 +21557,13 @@ class StandardController {
21370
21557
  * @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
21371
21558
  */
21372
21559
  async acquireTokenSilentAsync(request, account) {
21373
- const trackPageVisibility = () => this.trackPageVisibility(request.correlationId);
21560
+ const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
21374
21561
  this.performanceClient.addQueueMeasurement(PerformanceEvents.AcquireTokenSilentAsync, request.correlationId);
21375
21562
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, InteractionType.Silent, request);
21376
21563
  if (request.correlationId) {
21377
- this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
21564
+ this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
21378
21565
  }
21379
- document.addEventListener("visibilitychange", trackPageVisibility);
21566
+ this.addStateChangeListeners(trackStateChange);
21380
21567
  const silentRequest = await invokeAsync(initializeSilentRequest, PerformanceEvents.InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
21381
21568
  const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
21382
21569
  const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
@@ -21455,7 +21642,7 @@ class StandardController {
21455
21642
  throw tokenRenewalError;
21456
21643
  })
21457
21644
  .finally(() => {
21458
- document.removeEventListener("visibilitychange", trackPageVisibility);
21645
+ this.removeStateChangeListeners(trackStateChange);
21459
21646
  });
21460
21647
  }
21461
21648
  /**