@azure/msal-browser 4.29.0 → 4.30.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +25 -25
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.mjs +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +4 -2
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +55 -21
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +23 -9
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts +4 -2
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +55 -21
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +11 -3
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +5 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +15 -2
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts +28 -0
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +53 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +11 -3
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +5 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +15 -2
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +28 -0
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +53 -2
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +10 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +298 -111
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.js +298 -111
- package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts +4 -2
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts +28 -0
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/lib/msal-browser.cjs +329 -115
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +329 -115
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +64 -64
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +4 -2
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts +28 -0
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +24 -13
- package/src/controllers/StandardController.ts +74 -41
- package/src/interaction_client/PlatformAuthInteractionClient.ts +17 -1
- package/src/interaction_client/StandardInteractionClient.ts +12 -0
- package/src/interaction_handler/SilentHandler.ts +21 -1
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +91 -0
- package/src/telemetry/BrowserPerformanceClient.ts +10 -0
- package/src/utils/MsalFrameStatsUtils.ts +27 -0
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.30.0 2026-03-18 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v15.
|
|
5
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -276,7 +276,7 @@ const JsonWebTokenTypes = {
|
|
|
276
276
|
// Token renewal offset default in seconds
|
|
277
277
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
278
278
|
|
|
279
|
-
/*! @azure/msal-common v15.
|
|
279
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
280
280
|
/*
|
|
281
281
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
282
282
|
* Licensed under the MIT License.
|
|
@@ -287,7 +287,7 @@ const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
|
287
287
|
const unexpectedError = "unexpected_error";
|
|
288
288
|
const postRequestFailed$1 = "post_request_failed";
|
|
289
289
|
|
|
290
|
-
/*! @azure/msal-common v15.
|
|
290
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
291
291
|
|
|
292
292
|
/*
|
|
293
293
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -322,7 +322,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
322
322
|
: AuthErrorMessages[code]);
|
|
323
323
|
}
|
|
324
324
|
|
|
325
|
-
/*! @azure/msal-common v15.
|
|
325
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
326
326
|
/*
|
|
327
327
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
328
328
|
* Licensed under the MIT License.
|
|
@@ -373,7 +373,7 @@ const methodNotImplemented = "method_not_implemented";
|
|
|
373
373
|
const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
|
|
374
374
|
const platformBrokerError = "platform_broker_error";
|
|
375
375
|
|
|
376
|
-
/*! @azure/msal-common v15.
|
|
376
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
377
377
|
|
|
378
378
|
/*
|
|
379
379
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -448,7 +448,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
448
448
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
449
449
|
}
|
|
450
450
|
|
|
451
|
-
/*! @azure/msal-common v15.
|
|
451
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
452
452
|
|
|
453
453
|
/*
|
|
454
454
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -487,7 +487,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
487
487
|
},
|
|
488
488
|
};
|
|
489
489
|
|
|
490
|
-
/*! @azure/msal-common v15.
|
|
490
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
491
491
|
|
|
492
492
|
/*
|
|
493
493
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -678,12 +678,12 @@ class Logger {
|
|
|
678
678
|
}
|
|
679
679
|
}
|
|
680
680
|
|
|
681
|
-
/*! @azure/msal-common v15.
|
|
681
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
682
682
|
/* eslint-disable header/header */
|
|
683
683
|
const name$1 = "@azure/msal-common";
|
|
684
|
-
const version$1 = "15.
|
|
684
|
+
const version$1 = "15.17.0";
|
|
685
685
|
|
|
686
|
-
/*! @azure/msal-common v15.
|
|
686
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
687
687
|
/*
|
|
688
688
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
689
689
|
* Licensed under the MIT License.
|
|
@@ -692,7 +692,7 @@ const AzureCloudInstance = {
|
|
|
692
692
|
// AzureCloudInstance is not specified.
|
|
693
693
|
None: "none"};
|
|
694
694
|
|
|
695
|
-
/*! @azure/msal-common v15.
|
|
695
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
696
696
|
/*
|
|
697
697
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
698
698
|
* Licensed under the MIT License.
|
|
@@ -722,7 +722,7 @@ const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
|
722
722
|
const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
|
|
723
723
|
const invalidPlatformBrokerConfiguration = "invalid_platform_broker_configuration";
|
|
724
724
|
|
|
725
|
-
/*! @azure/msal-common v15.
|
|
725
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
726
726
|
|
|
727
727
|
/*
|
|
728
728
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -768,7 +768,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
768
768
|
return new ClientConfigurationError(errorCode);
|
|
769
769
|
}
|
|
770
770
|
|
|
771
|
-
/*! @azure/msal-common v15.
|
|
771
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
772
772
|
/*
|
|
773
773
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
774
774
|
* Licensed under the MIT License.
|
|
@@ -863,9 +863,48 @@ class StringUtils {
|
|
|
863
863
|
.replace(/\?/g, "\\?"));
|
|
864
864
|
return regex.test(input);
|
|
865
865
|
}
|
|
866
|
+
/**
|
|
867
|
+
* Tests if a given string matches a given pattern using stricter, anchored matching semantics.
|
|
868
|
+
*
|
|
869
|
+
* Differences from `matchPattern` (legacy):
|
|
870
|
+
* - All regex metacharacters (including `.`) in the pattern are treated as literals,
|
|
871
|
+
* so `example.com` matches only `example.com` and not `exampleXcom`.
|
|
872
|
+
* - The generated regex is anchored with `^` and `$` so partial/substring matches
|
|
873
|
+
* are not allowed.
|
|
874
|
+
* - `*` is the only supported wildcard. Its behaviour depends on the URL component:
|
|
875
|
+
* - `host` component: `*` matches any sequence of characters that does NOT include
|
|
876
|
+
* a dot (`.`), keeping wildcards within a single DNS label boundary.
|
|
877
|
+
* - All other components: `*` matches any sequence of characters (including `/`).
|
|
878
|
+
*
|
|
879
|
+
* @param pattern - The `protectedResourceMap` key pattern to match against. `*` is a
|
|
880
|
+
* multi-character wildcard; all other characters are treated as literals.
|
|
881
|
+
* @param input - The URL component value (e.g. host, pathname) extracted from the
|
|
882
|
+
* outgoing request URL to test against the pattern.
|
|
883
|
+
* @param options - Optional. Provide `component` to enable component-aware wildcard
|
|
884
|
+
* semantics. Accepted values: `"host"`, `"path"`, `"protocol"`, `"search"`,
|
|
885
|
+
* `"hash"`. Defaults to path-style (permissive) matching when omitted.
|
|
886
|
+
* @returns `true` if the full input string matches the pattern; `false` otherwise.
|
|
887
|
+
*/
|
|
888
|
+
static matchPatternStrict(pattern, input, options) {
|
|
889
|
+
const component = options?.component;
|
|
890
|
+
// Step 1: Escape all regex special characters so literals are matched literally.
|
|
891
|
+
let regexBody = pattern.replace(/[.+^${}()|[\]\\*?]/g, "\\$&");
|
|
892
|
+
// Step 2: Replace the escaped '*' with its component-aware regex equivalent.
|
|
893
|
+
if (component === "host") {
|
|
894
|
+
regexBody = regexBody.replace(/\\\*/g, "[^.]*");
|
|
895
|
+
}
|
|
896
|
+
else {
|
|
897
|
+
// PATH, PROTOCOL, SEARCH, HASH, or unspecified: '*' matches any characters.
|
|
898
|
+
regexBody = regexBody.replace(/\\\*/g, ".*");
|
|
899
|
+
}
|
|
900
|
+
// Step 3: Anchor for full-string matching.
|
|
901
|
+
// eslint-disable-next-line security/detect-non-literal-regexp
|
|
902
|
+
const regex = new RegExp(`^${regexBody}$`);
|
|
903
|
+
return regex.test(input);
|
|
904
|
+
}
|
|
866
905
|
}
|
|
867
906
|
|
|
868
|
-
/*! @azure/msal-common v15.
|
|
907
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
869
908
|
|
|
870
909
|
/*
|
|
871
910
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1060,7 +1099,7 @@ class ScopeSet {
|
|
|
1060
1099
|
}
|
|
1061
1100
|
}
|
|
1062
1101
|
|
|
1063
|
-
/*! @azure/msal-common v15.
|
|
1102
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1064
1103
|
|
|
1065
1104
|
/*
|
|
1066
1105
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1100,7 +1139,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
1100
1139
|
};
|
|
1101
1140
|
}
|
|
1102
1141
|
|
|
1103
|
-
/*! @azure/msal-common v15.
|
|
1142
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1104
1143
|
/*
|
|
1105
1144
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1106
1145
|
* Licensed under the MIT License.
|
|
@@ -1182,7 +1221,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1182
1221
|
return updatedAccountInfo;
|
|
1183
1222
|
}
|
|
1184
1223
|
|
|
1185
|
-
/*! @azure/msal-common v15.
|
|
1224
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1186
1225
|
/*
|
|
1187
1226
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1188
1227
|
* Licensed under the MIT License.
|
|
@@ -1197,7 +1236,7 @@ const AuthorityType = {
|
|
|
1197
1236
|
Ciam: 3,
|
|
1198
1237
|
};
|
|
1199
1238
|
|
|
1200
|
-
/*! @azure/msal-common v15.
|
|
1239
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1201
1240
|
/*
|
|
1202
1241
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1203
1242
|
* Licensed under the MIT License.
|
|
@@ -1219,7 +1258,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
1219
1258
|
return null;
|
|
1220
1259
|
}
|
|
1221
1260
|
|
|
1222
|
-
/*! @azure/msal-common v15.
|
|
1261
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1223
1262
|
/*
|
|
1224
1263
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1225
1264
|
* Licensed under the MIT License.
|
|
@@ -1243,7 +1282,7 @@ const ProtocolMode = {
|
|
|
1243
1282
|
EAR: "EAR",
|
|
1244
1283
|
};
|
|
1245
1284
|
|
|
1246
|
-
/*! @azure/msal-common v15.
|
|
1285
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1247
1286
|
|
|
1248
1287
|
/*
|
|
1249
1288
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1478,7 +1517,7 @@ class AccountEntity {
|
|
|
1478
1517
|
}
|
|
1479
1518
|
}
|
|
1480
1519
|
|
|
1481
|
-
/*! @azure/msal-common v15.
|
|
1520
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1482
1521
|
|
|
1483
1522
|
/*
|
|
1484
1523
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1559,7 +1598,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1559
1598
|
}
|
|
1560
1599
|
}
|
|
1561
1600
|
|
|
1562
|
-
/*! @azure/msal-common v15.
|
|
1601
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1563
1602
|
|
|
1564
1603
|
/*
|
|
1565
1604
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1675,7 +1714,7 @@ function normalizeUrlForComparison(url) {
|
|
|
1675
1714
|
}
|
|
1676
1715
|
}
|
|
1677
1716
|
|
|
1678
|
-
/*! @azure/msal-common v15.
|
|
1717
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1679
1718
|
|
|
1680
1719
|
/*
|
|
1681
1720
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1839,7 +1878,7 @@ class UrlString {
|
|
|
1839
1878
|
}
|
|
1840
1879
|
}
|
|
1841
1880
|
|
|
1842
|
-
/*! @azure/msal-common v15.
|
|
1881
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
1843
1882
|
|
|
1844
1883
|
/*
|
|
1845
1884
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2014,7 +2053,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2014
2053
|
return null;
|
|
2015
2054
|
}
|
|
2016
2055
|
|
|
2017
|
-
/*! @azure/msal-common v15.
|
|
2056
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
2018
2057
|
/*
|
|
2019
2058
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2020
2059
|
* Licensed under the MIT License.
|
|
@@ -2022,7 +2061,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2022
2061
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2023
2062
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2024
2063
|
|
|
2025
|
-
/*! @azure/msal-common v15.
|
|
2064
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
2026
2065
|
|
|
2027
2066
|
/*
|
|
2028
2067
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2067,7 +2106,7 @@ function createCacheError(e) {
|
|
|
2067
2106
|
}
|
|
2068
2107
|
}
|
|
2069
2108
|
|
|
2070
|
-
/*! @azure/msal-common v15.
|
|
2109
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
2071
2110
|
|
|
2072
2111
|
/*
|
|
2073
2112
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3177,7 +3216,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3177
3216
|
}
|
|
3178
3217
|
}
|
|
3179
3218
|
|
|
3180
|
-
/*! @azure/msal-common v15.
|
|
3219
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
3181
3220
|
/*
|
|
3182
3221
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3183
3222
|
* Licensed under the MIT License.
|
|
@@ -3454,7 +3493,7 @@ const PerformanceEvents = {
|
|
|
3454
3493
|
const PerformanceEventStatus = {
|
|
3455
3494
|
InProgress: 1};
|
|
3456
3495
|
|
|
3457
|
-
/*! @azure/msal-common v15.
|
|
3496
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
3458
3497
|
|
|
3459
3498
|
/*
|
|
3460
3499
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3533,7 +3572,7 @@ class StubPerformanceClient {
|
|
|
3533
3572
|
}
|
|
3534
3573
|
}
|
|
3535
3574
|
|
|
3536
|
-
/*! @azure/msal-common v15.
|
|
3575
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
3537
3576
|
|
|
3538
3577
|
/*
|
|
3539
3578
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3633,7 +3672,7 @@ function isOidcProtocolMode(config) {
|
|
|
3633
3672
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3634
3673
|
}
|
|
3635
3674
|
|
|
3636
|
-
/*! @azure/msal-common v15.
|
|
3675
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
3637
3676
|
/*
|
|
3638
3677
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3639
3678
|
* Licensed under the MIT License.
|
|
@@ -3643,7 +3682,7 @@ const CcsCredentialType = {
|
|
|
3643
3682
|
UPN: "UPN",
|
|
3644
3683
|
};
|
|
3645
3684
|
|
|
3646
|
-
/*! @azure/msal-common v15.
|
|
3685
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
3647
3686
|
/*
|
|
3648
3687
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3649
3688
|
* Licensed under the MIT License.
|
|
@@ -3691,9 +3730,10 @@ const BROKER_CLIENT_ID = "brk_client_id";
|
|
|
3691
3730
|
const BROKER_REDIRECT_URI = "brk_redirect_uri";
|
|
3692
3731
|
const INSTANCE_AWARE = "instance_aware";
|
|
3693
3732
|
const EAR_JWK = "ear_jwk";
|
|
3694
|
-
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
3733
|
+
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
3734
|
+
const CLI_DATA = "clidata";
|
|
3695
3735
|
|
|
3696
|
-
/*! @azure/msal-common v15.
|
|
3736
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
3697
3737
|
|
|
3698
3738
|
/*
|
|
3699
3739
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3959,6 +3999,12 @@ function addGrantType(parameters, grantType) {
|
|
|
3959
3999
|
function addClientInfo(parameters) {
|
|
3960
4000
|
parameters.set(CLIENT_INFO, "1");
|
|
3961
4001
|
}
|
|
4002
|
+
/**
|
|
4003
|
+
* add clidata=1 to request to indicate client data support
|
|
4004
|
+
*/
|
|
4005
|
+
function addCliData(parameters) {
|
|
4006
|
+
parameters.set(CLI_DATA, "1");
|
|
4007
|
+
}
|
|
3962
4008
|
function addInstanceAware(parameters) {
|
|
3963
4009
|
if (!parameters.has(INSTANCE_AWARE)) {
|
|
3964
4010
|
parameters.set(INSTANCE_AWARE, "true");
|
|
@@ -4073,7 +4119,7 @@ function addPostBodyParameters(parameters, bodyParameters) {
|
|
|
4073
4119
|
});
|
|
4074
4120
|
}
|
|
4075
4121
|
|
|
4076
|
-
/*! @azure/msal-common v15.
|
|
4122
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4077
4123
|
/*
|
|
4078
4124
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4079
4125
|
* Licensed under the MIT License.
|
|
@@ -4085,7 +4131,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
4085
4131
|
response.hasOwnProperty("jwks_uri"));
|
|
4086
4132
|
}
|
|
4087
4133
|
|
|
4088
|
-
/*! @azure/msal-common v15.
|
|
4134
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4089
4135
|
/*
|
|
4090
4136
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4091
4137
|
* Licensed under the MIT License.
|
|
@@ -4095,7 +4141,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
4095
4141
|
response.hasOwnProperty("metadata"));
|
|
4096
4142
|
}
|
|
4097
4143
|
|
|
4098
|
-
/*! @azure/msal-common v15.
|
|
4144
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4099
4145
|
/*
|
|
4100
4146
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4101
4147
|
* Licensed under the MIT License.
|
|
@@ -4105,7 +4151,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
4105
4151
|
response.hasOwnProperty("error_description"));
|
|
4106
4152
|
}
|
|
4107
4153
|
|
|
4108
|
-
/*! @azure/msal-common v15.
|
|
4154
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4109
4155
|
/*
|
|
4110
4156
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4111
4157
|
* Licensed under the MIT License.
|
|
@@ -4201,7 +4247,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
4201
4247
|
};
|
|
4202
4248
|
};
|
|
4203
4249
|
|
|
4204
|
-
/*! @azure/msal-common v15.
|
|
4250
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4205
4251
|
|
|
4206
4252
|
/*
|
|
4207
4253
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4307,7 +4353,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
4307
4353
|
},
|
|
4308
4354
|
};
|
|
4309
4355
|
|
|
4310
|
-
/*! @azure/msal-common v15.
|
|
4356
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4311
4357
|
/*
|
|
4312
4358
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4313
4359
|
* Licensed under the MIT License.
|
|
@@ -4372,7 +4418,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
4372
4418
|
return cachedAtSec > nowSeconds();
|
|
4373
4419
|
}
|
|
4374
4420
|
|
|
4375
|
-
/*! @azure/msal-common v15.
|
|
4421
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4376
4422
|
|
|
4377
4423
|
/*
|
|
4378
4424
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4634,7 +4680,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
4634
4680
|
return metadata.expiresAt <= nowSeconds();
|
|
4635
4681
|
}
|
|
4636
4682
|
|
|
4637
|
-
/*! @azure/msal-common v15.
|
|
4683
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
4638
4684
|
|
|
4639
4685
|
/*
|
|
4640
4686
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5473,7 +5519,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
5473
5519
|
};
|
|
5474
5520
|
}
|
|
5475
5521
|
|
|
5476
|
-
/*! @azure/msal-common v15.
|
|
5522
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5477
5523
|
|
|
5478
5524
|
/*
|
|
5479
5525
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5504,7 +5550,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
5504
5550
|
}
|
|
5505
5551
|
}
|
|
5506
5552
|
|
|
5507
|
-
/*! @azure/msal-common v15.
|
|
5553
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5508
5554
|
|
|
5509
5555
|
/*
|
|
5510
5556
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5523,7 +5569,7 @@ class ServerError extends AuthError {
|
|
|
5523
5569
|
}
|
|
5524
5570
|
}
|
|
5525
5571
|
|
|
5526
|
-
/*! @azure/msal-common v15.
|
|
5572
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5527
5573
|
/*
|
|
5528
5574
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5529
5575
|
* Licensed under the MIT License.
|
|
@@ -5544,7 +5590,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
5544
5590
|
};
|
|
5545
5591
|
}
|
|
5546
5592
|
|
|
5547
|
-
/*! @azure/msal-common v15.
|
|
5593
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5548
5594
|
|
|
5549
5595
|
/*
|
|
5550
5596
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5631,7 +5677,7 @@ class ThrottlingUtils {
|
|
|
5631
5677
|
}
|
|
5632
5678
|
}
|
|
5633
5679
|
|
|
5634
|
-
/*! @azure/msal-common v15.
|
|
5680
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5635
5681
|
|
|
5636
5682
|
/*
|
|
5637
5683
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5662,7 +5708,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
5662
5708
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
5663
5709
|
}
|
|
5664
5710
|
|
|
5665
|
-
/*! @azure/msal-common v15.
|
|
5711
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5666
5712
|
|
|
5667
5713
|
/*
|
|
5668
5714
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5810,7 +5856,7 @@ class BaseClient {
|
|
|
5810
5856
|
}
|
|
5811
5857
|
}
|
|
5812
5858
|
|
|
5813
|
-
/*! @azure/msal-common v15.
|
|
5859
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5814
5860
|
/*
|
|
5815
5861
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5816
5862
|
* Licensed under the MIT License.
|
|
@@ -5861,7 +5907,7 @@ const badToken = "bad_token";
|
|
|
5861
5907
|
*/
|
|
5862
5908
|
const interruptedUser = "interrupted_user";
|
|
5863
5909
|
|
|
5864
|
-
/*! @azure/msal-common v15.
|
|
5910
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5865
5911
|
|
|
5866
5912
|
/*
|
|
5867
5913
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5936,7 +5982,7 @@ function createInteractionRequiredAuthError(errorCode) {
|
|
|
5936
5982
|
return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
|
|
5937
5983
|
}
|
|
5938
5984
|
|
|
5939
|
-
/*! @azure/msal-common v15.
|
|
5985
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
5940
5986
|
|
|
5941
5987
|
/*
|
|
5942
5988
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6008,7 +6054,7 @@ class ProtocolUtils {
|
|
|
6008
6054
|
}
|
|
6009
6055
|
}
|
|
6010
6056
|
|
|
6011
|
-
/*! @azure/msal-common v15.
|
|
6057
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6012
6058
|
|
|
6013
6059
|
/*
|
|
6014
6060
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6090,7 +6136,7 @@ class PopTokenGenerator {
|
|
|
6090
6136
|
}
|
|
6091
6137
|
}
|
|
6092
6138
|
|
|
6093
|
-
/*! @azure/msal-common v15.
|
|
6139
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6094
6140
|
/*
|
|
6095
6141
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6096
6142
|
* Licensed under the MIT License.
|
|
@@ -6117,7 +6163,7 @@ class PopTokenGenerator {
|
|
|
6117
6163
|
}
|
|
6118
6164
|
}
|
|
6119
6165
|
|
|
6120
|
-
/*! @azure/msal-common v15.
|
|
6166
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6121
6167
|
|
|
6122
6168
|
/*
|
|
6123
6169
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6456,7 +6502,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
6456
6502
|
return baseAccount;
|
|
6457
6503
|
}
|
|
6458
6504
|
|
|
6459
|
-
/*! @azure/msal-common v15.
|
|
6505
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6460
6506
|
/*
|
|
6461
6507
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6462
6508
|
* Licensed under the MIT License.
|
|
@@ -6474,7 +6520,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
6474
6520
|
}
|
|
6475
6521
|
}
|
|
6476
6522
|
|
|
6477
|
-
/*! @azure/msal-common v15.
|
|
6523
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6478
6524
|
|
|
6479
6525
|
/*
|
|
6480
6526
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6623,11 +6669,6 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
6623
6669
|
throw createClientConfigurationError(missingSshJwk);
|
|
6624
6670
|
}
|
|
6625
6671
|
}
|
|
6626
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6627
|
-
(this.config.authOptions.clientCapabilities &&
|
|
6628
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
6629
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
6630
|
-
}
|
|
6631
6672
|
let ccsCred = undefined;
|
|
6632
6673
|
if (request.clientInfo) {
|
|
6633
6674
|
try {
|
|
@@ -6677,6 +6718,15 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
6677
6718
|
});
|
|
6678
6719
|
}
|
|
6679
6720
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
6721
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
6722
|
+
const configClaims = request.skipBrokerClaims &&
|
|
6723
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
6724
|
+
? undefined
|
|
6725
|
+
: this.config.authOptions.clientCapabilities;
|
|
6726
|
+
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6727
|
+
(configClaims && configClaims.length > 0)) {
|
|
6728
|
+
addClaims(parameters, request.claims, configClaims);
|
|
6729
|
+
}
|
|
6680
6730
|
return mapToQueryString(parameters);
|
|
6681
6731
|
}
|
|
6682
6732
|
/**
|
|
@@ -6710,7 +6760,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
6710
6760
|
}
|
|
6711
6761
|
}
|
|
6712
6762
|
|
|
6713
|
-
/*! @azure/msal-common v15.
|
|
6763
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6714
6764
|
|
|
6715
6765
|
/*
|
|
6716
6766
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6888,11 +6938,6 @@ class RefreshTokenClient extends BaseClient {
|
|
|
6888
6938
|
throw createClientConfigurationError(missingSshJwk);
|
|
6889
6939
|
}
|
|
6890
6940
|
}
|
|
6891
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6892
|
-
(this.config.authOptions.clientCapabilities &&
|
|
6893
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
6894
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
6895
|
-
}
|
|
6896
6941
|
if (this.config.systemOptions.preventCorsPreflight &&
|
|
6897
6942
|
request.ccsCredential) {
|
|
6898
6943
|
switch (request.ccsCredential.type) {
|
|
@@ -6918,11 +6963,20 @@ class RefreshTokenClient extends BaseClient {
|
|
|
6918
6963
|
addExtraQueryParameters(parameters, request.tokenBodyParameters);
|
|
6919
6964
|
}
|
|
6920
6965
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
6966
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
6967
|
+
const configClaims = request.skipBrokerClaims &&
|
|
6968
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
6969
|
+
? undefined
|
|
6970
|
+
: this.config.authOptions.clientCapabilities;
|
|
6971
|
+
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6972
|
+
(configClaims && configClaims.length > 0)) {
|
|
6973
|
+
addClaims(parameters, request.claims, configClaims);
|
|
6974
|
+
}
|
|
6921
6975
|
return mapToQueryString(parameters);
|
|
6922
6976
|
}
|
|
6923
6977
|
}
|
|
6924
6978
|
|
|
6925
|
-
/*! @azure/msal-common v15.
|
|
6979
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
6926
6980
|
|
|
6927
6981
|
/*
|
|
6928
6982
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7020,7 +7074,7 @@ class SilentFlowClient extends BaseClient {
|
|
|
7020
7074
|
}
|
|
7021
7075
|
}
|
|
7022
7076
|
|
|
7023
|
-
/*! @azure/msal-common v15.
|
|
7077
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
7024
7078
|
|
|
7025
7079
|
/*
|
|
7026
7080
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7035,7 +7089,7 @@ const StubbedNetworkModule = {
|
|
|
7035
7089
|
},
|
|
7036
7090
|
};
|
|
7037
7091
|
|
|
7038
|
-
/*! @azure/msal-common v15.
|
|
7092
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
7039
7093
|
|
|
7040
7094
|
/*
|
|
7041
7095
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7067,6 +7121,8 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
|
|
|
7067
7121
|
addResponseMode(parameters, request.responseMode);
|
|
7068
7122
|
// add client_info=1
|
|
7069
7123
|
addClientInfo(parameters);
|
|
7124
|
+
// add clidata=1
|
|
7125
|
+
addCliData(parameters);
|
|
7070
7126
|
if (request.prompt) {
|
|
7071
7127
|
addPrompt(parameters, request.prompt);
|
|
7072
7128
|
performanceClient?.addFields({ prompt: request.prompt }, correlationId);
|
|
@@ -7156,14 +7212,17 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
|
|
|
7156
7212
|
if (request.state) {
|
|
7157
7213
|
addState(parameters, request.state);
|
|
7158
7214
|
}
|
|
7159
|
-
if (request.claims ||
|
|
7160
|
-
(authOptions.clientCapabilities &&
|
|
7161
|
-
authOptions.clientCapabilities.length > 0)) {
|
|
7162
|
-
addClaims(parameters, request.claims, authOptions.clientCapabilities);
|
|
7163
|
-
}
|
|
7164
7215
|
if (request.embeddedClientId) {
|
|
7165
7216
|
addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
|
|
7166
7217
|
}
|
|
7218
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
7219
|
+
const configClaims = request.skipBrokerClaims &&
|
|
7220
|
+
parameters.has(BROKER_CLIENT_ID)
|
|
7221
|
+
? undefined
|
|
7222
|
+
: authOptions.clientCapabilities;
|
|
7223
|
+
if (request.claims || (configClaims && configClaims.length > 0)) {
|
|
7224
|
+
addClaims(parameters, request.claims, configClaims);
|
|
7225
|
+
}
|
|
7167
7226
|
// If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
|
|
7168
7227
|
if (authOptions.instanceAware &&
|
|
7169
7228
|
(!request.extraQueryParameters ||
|
|
@@ -7259,7 +7318,7 @@ function extractLoginHint(account) {
|
|
|
7259
7318
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
7260
7319
|
}
|
|
7261
7320
|
|
|
7262
|
-
/*! @azure/msal-common v15.
|
|
7321
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
7263
7322
|
|
|
7264
7323
|
/*
|
|
7265
7324
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7522,7 +7581,7 @@ class ServerTelemetryManager {
|
|
|
7522
7581
|
}
|
|
7523
7582
|
}
|
|
7524
7583
|
|
|
7525
|
-
/*! @azure/msal-common v15.
|
|
7584
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
7526
7585
|
/*
|
|
7527
7586
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7528
7587
|
* Licensed under the MIT License.
|
|
@@ -7530,7 +7589,7 @@ class ServerTelemetryManager {
|
|
|
7530
7589
|
const missingKidError = "missing_kid_error";
|
|
7531
7590
|
const missingAlgError = "missing_alg_error";
|
|
7532
7591
|
|
|
7533
|
-
/*! @azure/msal-common v15.
|
|
7592
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
7534
7593
|
|
|
7535
7594
|
/*
|
|
7536
7595
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7555,7 +7614,7 @@ function createJoseHeaderError(code) {
|
|
|
7555
7614
|
return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
|
|
7556
7615
|
}
|
|
7557
7616
|
|
|
7558
|
-
/*! @azure/msal-common v15.
|
|
7617
|
+
/*! @azure/msal-common v15.17.0 2026-03-18 */
|
|
7559
7618
|
|
|
7560
7619
|
/*
|
|
7561
7620
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7990,7 +8049,7 @@ function ensureArgumentIsJSONString(argName, argValue, correlationId) {
|
|
|
7990
8049
|
|
|
7991
8050
|
/* eslint-disable header/header */
|
|
7992
8051
|
const name = "@azure/msal-browser";
|
|
7993
|
-
const version = "4.
|
|
8052
|
+
const version = "4.30.0";
|
|
7994
8053
|
|
|
7995
8054
|
/*
|
|
7996
8055
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -9758,6 +9817,10 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
9758
9817
|
async initializeAuthorizationRequest(request, interactionType) {
|
|
9759
9818
|
this.performanceClient.addQueueMeasurement(PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.correlationId);
|
|
9760
9819
|
const redirectUri = this.getRedirectUri(request.redirectUri);
|
|
9820
|
+
if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
|
|
9821
|
+
this.logger.warning("The origin of the redirect URI does not match the origin of the current page. This is likely to cause issues with authentication.", this.correlationId);
|
|
9822
|
+
this.performanceClient.addFields({ isRedirectUriCrossOrigin: true }, this.correlationId);
|
|
9823
|
+
}
|
|
9761
9824
|
const browserState = {
|
|
9762
9825
|
interactionType: interactionType,
|
|
9763
9826
|
};
|
|
@@ -17223,11 +17286,19 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
17223
17286
|
this.logger.trace("NativeInteractionClient - initializeNativeRequest called");
|
|
17224
17287
|
const canonicalAuthority = await this.getCanonicalAuthority(request);
|
|
17225
17288
|
// scopes are expected to be received by the native broker as "scope" and will be added to the request below. Other properties that should be dropped from the request to the native broker can be included in the object destructuring here.
|
|
17226
|
-
const { scopes, ...remainingProperties } = request;
|
|
17289
|
+
const { scopes, claims, ...remainingProperties } = request;
|
|
17227
17290
|
const scopeSet = new ScopeSet(scopes || []);
|
|
17228
17291
|
scopeSet.appendScopes(OIDC_DEFAULT_SCOPES);
|
|
17292
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
17293
|
+
const configClaims = request.skipBrokerClaims && !!request.embeddedClientId
|
|
17294
|
+
? undefined
|
|
17295
|
+
: this.config.auth.clientCapabilities;
|
|
17296
|
+
const mergedClaims = configClaims && configClaims.length
|
|
17297
|
+
? addClientCapabilitiesToClaims(claims, configClaims)
|
|
17298
|
+
: claims;
|
|
17229
17299
|
const validatedRequest = {
|
|
17230
17300
|
...remainingProperties,
|
|
17301
|
+
claims: mergedClaims,
|
|
17231
17302
|
accountId: this.accountId,
|
|
17232
17303
|
clientId: this.config.auth.clientId,
|
|
17233
17304
|
authority: canonicalAuthority.urlString,
|
|
@@ -17360,6 +17431,53 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
17360
17431
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
17361
17432
|
* Licensed under the MIT License.
|
|
17362
17433
|
*/
|
|
17434
|
+
const clientDataAccountTypeMapping = new Map([
|
|
17435
|
+
["e", "AAD"],
|
|
17436
|
+
["m", "MSA"],
|
|
17437
|
+
]);
|
|
17438
|
+
/**
|
|
17439
|
+
* Parses the clientdata response parameter from the /authorize endpoint.
|
|
17440
|
+
*
|
|
17441
|
+
* The clientdata value is URL-encoded and pipe-delimited:
|
|
17442
|
+
* urlencoded(account_type | error | sub_error | cloud_instance | caller_data_boundary)
|
|
17443
|
+
*
|
|
17444
|
+
* @param clientdata - The raw clientdata string from the authorize response
|
|
17445
|
+
* @returns Parsed ClientData object, or null if the input is empty/invalid
|
|
17446
|
+
*/
|
|
17447
|
+
function parseClientData(clientdata) {
|
|
17448
|
+
if (!clientdata) {
|
|
17449
|
+
return null;
|
|
17450
|
+
}
|
|
17451
|
+
try {
|
|
17452
|
+
const decoded = decodeURIComponent(clientdata);
|
|
17453
|
+
const parts = decoded.split("|");
|
|
17454
|
+
if (parts.length < 5) {
|
|
17455
|
+
return null;
|
|
17456
|
+
}
|
|
17457
|
+
return {
|
|
17458
|
+
accountType: clientDataAccountTypeMapping.get(parts[0]?.trim() || "") || "",
|
|
17459
|
+
error: parts[1]?.trim() || "",
|
|
17460
|
+
subError: parts[2]?.trim() || "",
|
|
17461
|
+
cloudInstance: parts[3]?.trim() || "",
|
|
17462
|
+
callerDataBoundary: parts[4]?.trim() || "",
|
|
17463
|
+
};
|
|
17464
|
+
}
|
|
17465
|
+
catch {
|
|
17466
|
+
return null;
|
|
17467
|
+
}
|
|
17468
|
+
}
|
|
17469
|
+
/**
|
|
17470
|
+
* Instruments account type, error, and suberror from clientdata
|
|
17471
|
+
*/
|
|
17472
|
+
function instrumentClientData(response, correlationId, performanceClient) {
|
|
17473
|
+
const parsed = parseClientData(response.clientdata);
|
|
17474
|
+
parsed?.accountType &&
|
|
17475
|
+
performanceClient.addFields({ accountType: parsed.accountType }, correlationId);
|
|
17476
|
+
parsed?.error &&
|
|
17477
|
+
performanceClient.addFields({ serverErrorNo: parsed.error }, correlationId);
|
|
17478
|
+
parsed?.subError &&
|
|
17479
|
+
performanceClient.addFields({ serverSubErrorNo: parsed.subError }, correlationId);
|
|
17480
|
+
}
|
|
17363
17481
|
/**
|
|
17364
17482
|
* Returns map of parameters that are applicable to all calls to /authorize whether using PKCE or EAR
|
|
17365
17483
|
* @param config
|
|
@@ -17522,6 +17640,8 @@ async function handleResponsePlatformBroker(request, accountId, apiId, config, b
|
|
|
17522
17640
|
async function handleResponseCode(request, response, codeVerifier, apiId, config, authClient, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
|
|
17523
17641
|
// Remove throttle if it exists
|
|
17524
17642
|
ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
|
|
17643
|
+
// Instrument clientdata telemetry fields from the authorize response
|
|
17644
|
+
instrumentClientData(response, request.correlationId, performanceClient);
|
|
17525
17645
|
if (response.accountId) {
|
|
17526
17646
|
return invokeAsync(handleResponsePlatformBroker, PerformanceEvents.HandleResponsePlatformBroker, logger, performanceClient, request.correlationId)(request, response.accountId, apiId, config, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider);
|
|
17527
17647
|
}
|
|
@@ -17554,6 +17674,8 @@ async function handleResponseCode(request, response, codeVerifier, apiId, config
|
|
|
17554
17674
|
async function handleResponseEAR(request, response, apiId, config, authority, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
|
|
17555
17675
|
// Remove throttle if it exists
|
|
17556
17676
|
ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
|
|
17677
|
+
// Instrument clientdata telemetry fields from the authorize response
|
|
17678
|
+
instrumentClientData(response, request.correlationId, performanceClient);
|
|
17557
17679
|
// Validate state & check response for errors
|
|
17558
17680
|
validateAuthorizationResponse(response, request.state);
|
|
17559
17681
|
if (!response.ear_jwe) {
|
|
@@ -18319,14 +18441,28 @@ class PlatformAuthDOMHandler {
|
|
|
18319
18441
|
return nativeResponse;
|
|
18320
18442
|
}
|
|
18321
18443
|
getDOMExtraParams(extraParameters) {
|
|
18322
|
-
|
|
18323
|
-
|
|
18324
|
-
|
|
18325
|
-
|
|
18326
|
-
|
|
18327
|
-
|
|
18328
|
-
|
|
18329
|
-
|
|
18444
|
+
try {
|
|
18445
|
+
const stringifiedProperties = {};
|
|
18446
|
+
for (const [key, value] of Object.entries(extraParameters)) {
|
|
18447
|
+
if (!value) {
|
|
18448
|
+
continue;
|
|
18449
|
+
}
|
|
18450
|
+
if (typeof value === "object") {
|
|
18451
|
+
stringifiedProperties[key] = JSON.stringify(value);
|
|
18452
|
+
}
|
|
18453
|
+
else {
|
|
18454
|
+
stringifiedProperties[key] = String(value);
|
|
18455
|
+
}
|
|
18456
|
+
}
|
|
18457
|
+
return stringifiedProperties;
|
|
18458
|
+
}
|
|
18459
|
+
catch (e) {
|
|
18460
|
+
this.logger.error(this.platformAuthType + " - Error stringifying extra parameters");
|
|
18461
|
+
this.logger.errorPii(this.platformAuthType +
|
|
18462
|
+
" - Error stringifying extra parameters: " +
|
|
18463
|
+
e);
|
|
18464
|
+
return {};
|
|
18465
|
+
}
|
|
18330
18466
|
}
|
|
18331
18467
|
}
|
|
18332
18468
|
|
|
@@ -19377,6 +19513,12 @@ async function initiateEarRequest(config, authority, request, logger, performanc
|
|
|
19377
19513
|
*/
|
|
19378
19514
|
async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, performanceClient, logger, correlationId, responseType) {
|
|
19379
19515
|
performanceClient.addQueueMeasurement(PerformanceEvents.SilentHandlerMonitorIframeForHash, correlationId);
|
|
19516
|
+
performanceClient.addFields({
|
|
19517
|
+
iframePollIntervalMs: pollIntervalMilliseconds,
|
|
19518
|
+
iframeTimeoutMs: timeout,
|
|
19519
|
+
}, correlationId);
|
|
19520
|
+
let totalTickCount = 0;
|
|
19521
|
+
let crossOriginTickCount = 0;
|
|
19380
19522
|
return new Promise((resolve, reject) => {
|
|
19381
19523
|
if (timeout < DEFAULT_IFRAME_TIMEOUT_MS) {
|
|
19382
19524
|
logger.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${timeout}ms) than the default (${DEFAULT_IFRAME_TIMEOUT_MS}ms). This may result in timeouts.`);
|
|
@@ -19390,6 +19532,7 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
|
|
|
19390
19532
|
reject(createBrowserAuthError(monitorWindowTimeout));
|
|
19391
19533
|
}, timeout);
|
|
19392
19534
|
const intervalId = window.setInterval(() => {
|
|
19535
|
+
totalTickCount++;
|
|
19393
19536
|
let href = "";
|
|
19394
19537
|
const contentWindow = iframe.contentWindow;
|
|
19395
19538
|
try {
|
|
@@ -19400,7 +19543,9 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
|
|
|
19400
19543
|
*/
|
|
19401
19544
|
href = contentWindow ? contentWindow.location.href : "";
|
|
19402
19545
|
}
|
|
19403
|
-
catch (e) {
|
|
19546
|
+
catch (e) {
|
|
19547
|
+
crossOriginTickCount++;
|
|
19548
|
+
}
|
|
19404
19549
|
if (!href || href === "about:blank") {
|
|
19405
19550
|
return;
|
|
19406
19551
|
}
|
|
@@ -19418,6 +19563,10 @@ async function monitorIframeForHash(iframe, timeout, pollIntervalMilliseconds, p
|
|
|
19418
19563
|
resolve(responseString);
|
|
19419
19564
|
}, pollIntervalMilliseconds);
|
|
19420
19565
|
}).finally(() => {
|
|
19566
|
+
performanceClient.addFields({
|
|
19567
|
+
iframeTickCount: totalTickCount,
|
|
19568
|
+
crossOriginTickCount: crossOriginTickCount,
|
|
19569
|
+
}, correlationId);
|
|
19421
19570
|
invoke(removeHiddenIframe, PerformanceEvents.RemoveHiddenIframe, logger, performanceClient, correlationId)(iframe);
|
|
19422
19571
|
});
|
|
19423
19572
|
}
|
|
@@ -20045,6 +20194,10 @@ class SilentAuthCodeClient extends StandardInteractionClient {
|
|
|
20045
20194
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
20046
20195
|
* Licensed under the MIT License.
|
|
20047
20196
|
*/
|
|
20197
|
+
/**
|
|
20198
|
+
* Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
|
|
20199
|
+
* @returns Network connection information, or an empty object if not available.
|
|
20200
|
+
*/
|
|
20048
20201
|
function collectInstanceStats(currentClientId, performanceEvent, logger) {
|
|
20049
20202
|
const frameInstances =
|
|
20050
20203
|
// @ts-ignore
|
|
@@ -20138,22 +20291,30 @@ class StandardController {
|
|
|
20138
20291
|
this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto, this.performanceClient);
|
|
20139
20292
|
this.activeSilentTokenRequests = new Map();
|
|
20140
20293
|
// Register listener functions
|
|
20141
|
-
this.
|
|
20142
|
-
|
|
20143
|
-
this.trackPageVisibilityWithMeasurement =
|
|
20144
|
-
this.trackPageVisibilityWithMeasurement.bind(this);
|
|
20294
|
+
this.trackStateChangeWithMeasurement =
|
|
20295
|
+
this.trackStateChangeWithMeasurement.bind(this);
|
|
20145
20296
|
}
|
|
20146
20297
|
static async createController(operatingContext, request) {
|
|
20147
20298
|
const controller = new StandardController(operatingContext);
|
|
20148
20299
|
await controller.initialize(request);
|
|
20149
20300
|
return controller;
|
|
20150
20301
|
}
|
|
20151
|
-
|
|
20302
|
+
trackStateChange(correlationId, event) {
|
|
20152
20303
|
if (!correlationId) {
|
|
20153
20304
|
return;
|
|
20154
20305
|
}
|
|
20155
|
-
|
|
20156
|
-
|
|
20306
|
+
if (event.type === "visibilitychange") {
|
|
20307
|
+
this.logger.info("Perf: Visibility change detected");
|
|
20308
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
|
|
20309
|
+
}
|
|
20310
|
+
else if (event.type === "online") {
|
|
20311
|
+
this.logger.info("Perf: Online status change detected");
|
|
20312
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
20313
|
+
}
|
|
20314
|
+
else if (event.type === "offline") {
|
|
20315
|
+
this.logger.info("Perf: Offline status change detected");
|
|
20316
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
20317
|
+
}
|
|
20157
20318
|
}
|
|
20158
20319
|
/**
|
|
20159
20320
|
* Initializer function to perform async startup tasks such as connecting to WAM extension
|
|
@@ -20559,16 +20720,40 @@ class StandardController {
|
|
|
20559
20720
|
}
|
|
20560
20721
|
});
|
|
20561
20722
|
}
|
|
20562
|
-
|
|
20723
|
+
trackStateChangeWithMeasurement(event) {
|
|
20563
20724
|
const measurement = this.ssoSilentMeasurement ||
|
|
20564
20725
|
this.acquireTokenByCodeAsyncMeasurement;
|
|
20565
20726
|
if (!measurement) {
|
|
20566
20727
|
return;
|
|
20567
20728
|
}
|
|
20568
|
-
|
|
20569
|
-
|
|
20570
|
-
|
|
20571
|
-
|
|
20729
|
+
if (event.type === "visibilitychange") {
|
|
20730
|
+
this.logger.info("Perf: Visibility change detected in ", measurement.event.name);
|
|
20731
|
+
measurement.increment({
|
|
20732
|
+
visibilityChangeCount: 1,
|
|
20733
|
+
});
|
|
20734
|
+
}
|
|
20735
|
+
else if (event.type === "online") {
|
|
20736
|
+
this.logger.info("Perf: Online status change detected in ", measurement.event.name);
|
|
20737
|
+
measurement.increment({
|
|
20738
|
+
onlineStatusChangeCount: 1,
|
|
20739
|
+
});
|
|
20740
|
+
}
|
|
20741
|
+
else if (event.type === "offline") {
|
|
20742
|
+
this.logger.info("Perf: Offline status change detected in ", measurement.event.name);
|
|
20743
|
+
measurement.increment({
|
|
20744
|
+
onlineStatusChangeCount: 1,
|
|
20745
|
+
});
|
|
20746
|
+
}
|
|
20747
|
+
}
|
|
20748
|
+
addStateChangeListeners(listener) {
|
|
20749
|
+
document.addEventListener("visibilitychange", listener);
|
|
20750
|
+
window.addEventListener("online", listener);
|
|
20751
|
+
window.addEventListener("offline", listener);
|
|
20752
|
+
}
|
|
20753
|
+
removeStateChangeListeners(listener) {
|
|
20754
|
+
document.removeEventListener("visibilitychange", listener);
|
|
20755
|
+
window.removeEventListener("online", listener);
|
|
20756
|
+
window.removeEventListener("offline", listener);
|
|
20572
20757
|
}
|
|
20573
20758
|
/**
|
|
20574
20759
|
* SSO capability verification in the background.
|
|
@@ -20649,8 +20834,9 @@ class StandardController {
|
|
|
20649
20834
|
preflightCheck(this.initialized, this.ssoSilentMeasurement, request.account);
|
|
20650
20835
|
this.ssoSilentMeasurement?.increment({
|
|
20651
20836
|
visibilityChangeCount: 0,
|
|
20837
|
+
onlineStatusChangeCount: 0,
|
|
20652
20838
|
});
|
|
20653
|
-
|
|
20839
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20654
20840
|
this.logger.verbose("ssoSilent called", correlationId);
|
|
20655
20841
|
this.eventHandler.emitEvent(EventType.SSO_SILENT_START, InteractionType.Silent, validRequest);
|
|
20656
20842
|
let result;
|
|
@@ -20694,7 +20880,7 @@ class StandardController {
|
|
|
20694
20880
|
throw e;
|
|
20695
20881
|
})
|
|
20696
20882
|
.finally(() => {
|
|
20697
|
-
|
|
20883
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20698
20884
|
});
|
|
20699
20885
|
}
|
|
20700
20886
|
/**
|
|
@@ -20806,8 +20992,9 @@ class StandardController {
|
|
|
20806
20992
|
this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenByCodeAsync, request.correlationId);
|
|
20807
20993
|
this.acquireTokenByCodeAsyncMeasurement?.increment({
|
|
20808
20994
|
visibilityChangeCount: 0,
|
|
20995
|
+
onlineStatusChangeCount: 0,
|
|
20809
20996
|
});
|
|
20810
|
-
|
|
20997
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20811
20998
|
const silentAuthCodeClient = this.createSilentAuthCodeClient(request.correlationId);
|
|
20812
20999
|
const silentTokenResult = await silentAuthCodeClient
|
|
20813
21000
|
.acquireToken(request)
|
|
@@ -20825,7 +21012,7 @@ class StandardController {
|
|
|
20825
21012
|
throw tokenRenewalError;
|
|
20826
21013
|
})
|
|
20827
21014
|
.finally(() => {
|
|
20828
|
-
|
|
21015
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20829
21016
|
});
|
|
20830
21017
|
return silentTokenResult;
|
|
20831
21018
|
}
|
|
@@ -21370,13 +21557,13 @@ class StandardController {
|
|
|
21370
21557
|
* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
|
|
21371
21558
|
*/
|
|
21372
21559
|
async acquireTokenSilentAsync(request, account) {
|
|
21373
|
-
const
|
|
21560
|
+
const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
|
|
21374
21561
|
this.performanceClient.addQueueMeasurement(PerformanceEvents.AcquireTokenSilentAsync, request.correlationId);
|
|
21375
21562
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, InteractionType.Silent, request);
|
|
21376
21563
|
if (request.correlationId) {
|
|
21377
|
-
this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
|
|
21564
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
|
|
21378
21565
|
}
|
|
21379
|
-
|
|
21566
|
+
this.addStateChangeListeners(trackStateChange);
|
|
21380
21567
|
const silentRequest = await invokeAsync(initializeSilentRequest, PerformanceEvents.InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
|
|
21381
21568
|
const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
|
|
21382
21569
|
const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
|
|
@@ -21455,7 +21642,7 @@ class StandardController {
|
|
|
21455
21642
|
throw tokenRenewalError;
|
|
21456
21643
|
})
|
|
21457
21644
|
.finally(() => {
|
|
21458
|
-
|
|
21645
|
+
this.removeStateChangeListeners(trackStateChange);
|
|
21459
21646
|
});
|
|
21460
21647
|
}
|
|
21461
21648
|
/**
|