@azure/msal-browser 4.5.0 → 4.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeMessageHandler.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +9 -3
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.d.ts.map +1 -1
- package/dist/cache/TokenCache.mjs +7 -7
- package/dist/cache/TokenCache.mjs.map +1 -1
- package/dist/config/Configuration.mjs +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +9 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +58 -50
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.d.ts +1 -1
- package/dist/event/EventHandler.d.ts.map +1 -1
- package/dist/event/EventHandler.mjs +7 -5
- package/dist/event/EventHandler.mjs.map +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/NativeInteractionClient.d.ts +2 -2
- package/dist/interaction_client/NativeInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/NativeInteractionClient.mjs +9 -4
- package/dist/interaction_client/NativeInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/RedirectHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +6 -5
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/request/PopupRequest.d.ts +1 -2
- package/dist/request/PopupRequest.d.ts.map +1 -1
- package/dist/request/RedirectRequest.d.ts +1 -2
- package/dist/request/RedirectRequest.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/request/SilentRequest.d.ts +0 -1
- package/dist/request/SilentRequest.d.ts.map +1 -1
- package/dist/request/SsoSilentRequest.d.ts +2 -4
- package/dist/request/SsoSilentRequest.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/lib/msal-browser.cjs +197 -168
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +197 -168
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +65 -64
- package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +9 -1
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/event/EventHandler.d.ts +1 -1
- package/lib/types/event/EventHandler.d.ts.map +1 -1
- package/lib/types/interaction_client/NativeInteractionClient.d.ts +2 -2
- package/lib/types/interaction_client/NativeInteractionClient.d.ts.map +1 -1
- package/lib/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/request/PopupRequest.d.ts +1 -2
- package/lib/types/request/PopupRequest.d.ts.map +1 -1
- package/lib/types/request/RedirectRequest.d.ts +1 -2
- package/lib/types/request/RedirectRequest.d.ts.map +1 -1
- package/lib/types/request/SilentRequest.d.ts +0 -1
- package/lib/types/request/SilentRequest.d.ts.map +1 -1
- package/lib/types/request/SsoSilentRequest.d.ts +2 -4
- package/lib/types/request/SsoSilentRequest.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/cache/BrowserCacheManager.ts +8 -2
- package/src/cache/TokenCache.ts +8 -7
- package/src/controllers/StandardController.ts +79 -54
- package/src/event/EventHandler.ts +9 -5
- package/src/interaction_client/NativeInteractionClient.ts +12 -3
- package/src/naa/mapping/NestedAppAuthAdapter.ts +8 -6
- package/src/packageMetadata.ts +1 -1
- package/src/request/PopupRequest.ts +1 -5
- package/src/request/RedirectRequest.ts +1 -5
- package/src/request/SilentRequest.ts +0 -1
- package/src/request/SsoSilentRequest.ts +2 -7
package/lib/msal-browser.cjs
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.7.0 2025-03-11 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v15.2.
|
|
5
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -306,7 +306,7 @@ const JsonWebTokenTypes = {
|
|
|
306
306
|
// Token renewal offset default in seconds
|
|
307
307
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
308
308
|
|
|
309
|
-
/*! @azure/msal-common v15.2.
|
|
309
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
310
310
|
/*
|
|
311
311
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
312
312
|
* Licensed under the MIT License.
|
|
@@ -323,7 +323,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
323
323
|
unexpectedError: unexpectedError
|
|
324
324
|
});
|
|
325
325
|
|
|
326
|
-
/*! @azure/msal-common v15.2.
|
|
326
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
327
327
|
|
|
328
328
|
/*
|
|
329
329
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -372,7 +372,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
372
372
|
: AuthErrorMessages[code]);
|
|
373
373
|
}
|
|
374
374
|
|
|
375
|
-
/*! @azure/msal-common v15.2.
|
|
375
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
376
376
|
/*
|
|
377
377
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
378
378
|
* Licensed under the MIT License.
|
|
@@ -470,7 +470,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
470
470
|
userTimeoutReached: userTimeoutReached
|
|
471
471
|
});
|
|
472
472
|
|
|
473
|
-
/*! @azure/msal-common v15.2.
|
|
473
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
474
474
|
|
|
475
475
|
/*
|
|
476
476
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -722,7 +722,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
722
722
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
723
723
|
}
|
|
724
724
|
|
|
725
|
-
/*! @azure/msal-common v15.2.
|
|
725
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
726
726
|
|
|
727
727
|
/*
|
|
728
728
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -761,7 +761,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
761
761
|
},
|
|
762
762
|
};
|
|
763
763
|
|
|
764
|
-
/*! @azure/msal-common v15.2.
|
|
764
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
765
765
|
|
|
766
766
|
/*
|
|
767
767
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -952,12 +952,12 @@ class Logger {
|
|
|
952
952
|
}
|
|
953
953
|
}
|
|
954
954
|
|
|
955
|
-
/*! @azure/msal-common v15.2.
|
|
955
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
956
956
|
/* eslint-disable header/header */
|
|
957
957
|
const name$1 = "@azure/msal-common";
|
|
958
|
-
const version$1 = "15.2.
|
|
958
|
+
const version$1 = "15.2.1";
|
|
959
959
|
|
|
960
|
-
/*! @azure/msal-common v15.2.
|
|
960
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
961
961
|
/*
|
|
962
962
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
963
963
|
* Licensed under the MIT License.
|
|
@@ -977,7 +977,7 @@ const AzureCloudInstance = {
|
|
|
977
977
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
978
978
|
};
|
|
979
979
|
|
|
980
|
-
/*! @azure/msal-common v15.2.
|
|
980
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
981
981
|
|
|
982
982
|
/*
|
|
983
983
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1038,7 +1038,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1038
1038
|
}
|
|
1039
1039
|
}
|
|
1040
1040
|
|
|
1041
|
-
/*! @azure/msal-common v15.2.
|
|
1041
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
1042
1042
|
/*
|
|
1043
1043
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1044
1044
|
* Licensed under the MIT License.
|
|
@@ -1053,6 +1053,24 @@ function nowSeconds() {
|
|
|
1053
1053
|
// Date.getTime() returns in milliseconds.
|
|
1054
1054
|
return Math.round(new Date().getTime() / 1000.0);
|
|
1055
1055
|
}
|
|
1056
|
+
/**
|
|
1057
|
+
* Converts JS Date object to seconds
|
|
1058
|
+
* @param date Date
|
|
1059
|
+
*/
|
|
1060
|
+
function toSecondsFromDate(date) {
|
|
1061
|
+
// Convert date to seconds
|
|
1062
|
+
return date.getTime() / 1000;
|
|
1063
|
+
}
|
|
1064
|
+
/**
|
|
1065
|
+
* Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
|
|
1066
|
+
* @param seconds
|
|
1067
|
+
*/
|
|
1068
|
+
function toDateFromSeconds(seconds) {
|
|
1069
|
+
if (seconds) {
|
|
1070
|
+
return new Date(Number(seconds) * 1000);
|
|
1071
|
+
}
|
|
1072
|
+
return new Date();
|
|
1073
|
+
}
|
|
1056
1074
|
/**
|
|
1057
1075
|
* check if a token is expired based on given UTC time in seconds.
|
|
1058
1076
|
* @param expiresOn
|
|
@@ -1075,7 +1093,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
1075
1093
|
return cachedAtSec > nowSeconds();
|
|
1076
1094
|
}
|
|
1077
1095
|
|
|
1078
|
-
/*! @azure/msal-common v15.2.
|
|
1096
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
1079
1097
|
|
|
1080
1098
|
/*
|
|
1081
1099
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1402,7 +1420,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
1402
1420
|
return metadata.expiresAt <= nowSeconds();
|
|
1403
1421
|
}
|
|
1404
1422
|
|
|
1405
|
-
/*! @azure/msal-common v15.2.
|
|
1423
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
1406
1424
|
/*
|
|
1407
1425
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1408
1426
|
* Licensed under the MIT License.
|
|
@@ -1456,7 +1474,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
1456
1474
|
urlParseError: urlParseError
|
|
1457
1475
|
});
|
|
1458
1476
|
|
|
1459
|
-
/*! @azure/msal-common v15.2.
|
|
1477
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
1460
1478
|
|
|
1461
1479
|
/*
|
|
1462
1480
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1594,7 +1612,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
1594
1612
|
return new ClientConfigurationError(errorCode);
|
|
1595
1613
|
}
|
|
1596
1614
|
|
|
1597
|
-
/*! @azure/msal-common v15.2.
|
|
1615
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
1598
1616
|
/*
|
|
1599
1617
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1600
1618
|
* Licensed under the MIT License.
|
|
@@ -1691,7 +1709,7 @@ class StringUtils {
|
|
|
1691
1709
|
}
|
|
1692
1710
|
}
|
|
1693
1711
|
|
|
1694
|
-
/*! @azure/msal-common v15.2.
|
|
1712
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
1695
1713
|
|
|
1696
1714
|
/*
|
|
1697
1715
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1882,7 +1900,7 @@ class ScopeSet {
|
|
|
1882
1900
|
}
|
|
1883
1901
|
}
|
|
1884
1902
|
|
|
1885
|
-
/*! @azure/msal-common v15.2.
|
|
1903
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
1886
1904
|
|
|
1887
1905
|
/*
|
|
1888
1906
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1922,7 +1940,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
1922
1940
|
};
|
|
1923
1941
|
}
|
|
1924
1942
|
|
|
1925
|
-
/*! @azure/msal-common v15.2.
|
|
1943
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
1926
1944
|
/*
|
|
1927
1945
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1928
1946
|
* Licensed under the MIT License.
|
|
@@ -2001,7 +2019,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
2001
2019
|
return updatedAccountInfo;
|
|
2002
2020
|
}
|
|
2003
2021
|
|
|
2004
|
-
/*! @azure/msal-common v15.2.
|
|
2022
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
2005
2023
|
/*
|
|
2006
2024
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2007
2025
|
* Licensed under the MIT License.
|
|
@@ -2016,7 +2034,7 @@ const AuthorityType = {
|
|
|
2016
2034
|
Ciam: 3,
|
|
2017
2035
|
};
|
|
2018
2036
|
|
|
2019
|
-
/*! @azure/msal-common v15.2.
|
|
2037
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
2020
2038
|
/*
|
|
2021
2039
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2022
2040
|
* Licensed under the MIT License.
|
|
@@ -2038,7 +2056,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
2038
2056
|
return null;
|
|
2039
2057
|
}
|
|
2040
2058
|
|
|
2041
|
-
/*! @azure/msal-common v15.2.
|
|
2059
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
2042
2060
|
/*
|
|
2043
2061
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2044
2062
|
* Licensed under the MIT License.
|
|
@@ -2051,7 +2069,7 @@ const ProtocolMode = {
|
|
|
2051
2069
|
OIDC: "OIDC",
|
|
2052
2070
|
};
|
|
2053
2071
|
|
|
2054
|
-
/*! @azure/msal-common v15.2.
|
|
2072
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
2055
2073
|
|
|
2056
2074
|
/*
|
|
2057
2075
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2294,7 +2312,7 @@ class AccountEntity {
|
|
|
2294
2312
|
}
|
|
2295
2313
|
}
|
|
2296
2314
|
|
|
2297
|
-
/*! @azure/msal-common v15.2.
|
|
2315
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
2298
2316
|
|
|
2299
2317
|
/*
|
|
2300
2318
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2341,7 +2359,7 @@ function getDeserializedResponse(responseString) {
|
|
|
2341
2359
|
return null;
|
|
2342
2360
|
}
|
|
2343
2361
|
|
|
2344
|
-
/*! @azure/msal-common v15.2.
|
|
2362
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
2345
2363
|
|
|
2346
2364
|
/*
|
|
2347
2365
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2505,7 +2523,7 @@ class UrlString {
|
|
|
2505
2523
|
}
|
|
2506
2524
|
}
|
|
2507
2525
|
|
|
2508
|
-
/*! @azure/msal-common v15.2.
|
|
2526
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
2509
2527
|
|
|
2510
2528
|
/*
|
|
2511
2529
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2645,7 +2663,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2645
2663
|
return null;
|
|
2646
2664
|
}
|
|
2647
2665
|
|
|
2648
|
-
/*! @azure/msal-common v15.2.
|
|
2666
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
2649
2667
|
/*
|
|
2650
2668
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2651
2669
|
* Licensed under the MIT License.
|
|
@@ -2653,7 +2671,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2653
2671
|
const cacheQuotaExceededErrorCode = "cache_quota_exceeded";
|
|
2654
2672
|
const cacheUnknownErrorCode = "cache_error_unknown";
|
|
2655
2673
|
|
|
2656
|
-
/*! @azure/msal-common v15.2.
|
|
2674
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
2657
2675
|
|
|
2658
2676
|
/*
|
|
2659
2677
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2680,7 +2698,7 @@ class CacheError extends Error {
|
|
|
2680
2698
|
}
|
|
2681
2699
|
}
|
|
2682
2700
|
|
|
2683
|
-
/*! @azure/msal-common v15.2.
|
|
2701
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
2684
2702
|
|
|
2685
2703
|
/*
|
|
2686
2704
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3865,7 +3883,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3865
3883
|
}
|
|
3866
3884
|
}
|
|
3867
3885
|
|
|
3868
|
-
/*! @azure/msal-common v15.2.
|
|
3886
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
3869
3887
|
|
|
3870
3888
|
/*
|
|
3871
3889
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3964,7 +3982,7 @@ function isOidcProtocolMode(config) {
|
|
|
3964
3982
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3965
3983
|
}
|
|
3966
3984
|
|
|
3967
|
-
/*! @azure/msal-common v15.2.
|
|
3985
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
3968
3986
|
/*
|
|
3969
3987
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3970
3988
|
* Licensed under the MIT License.
|
|
@@ -3974,7 +3992,7 @@ const CcsCredentialType = {
|
|
|
3974
3992
|
UPN: "UPN",
|
|
3975
3993
|
};
|
|
3976
3994
|
|
|
3977
|
-
/*! @azure/msal-common v15.2.
|
|
3995
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
3978
3996
|
/*
|
|
3979
3997
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3980
3998
|
* Licensed under the MIT License.
|
|
@@ -4024,7 +4042,7 @@ const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
|
|
|
4024
4042
|
const BROKER_CLIENT_ID = "brk_client_id";
|
|
4025
4043
|
const BROKER_REDIRECT_URI = "brk_redirect_uri";
|
|
4026
4044
|
|
|
4027
|
-
/*! @azure/msal-common v15.2.
|
|
4045
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
4028
4046
|
|
|
4029
4047
|
/*
|
|
4030
4048
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4091,7 +4109,7 @@ class RequestValidator {
|
|
|
4091
4109
|
}
|
|
4092
4110
|
}
|
|
4093
4111
|
|
|
4094
|
-
/*! @azure/msal-common v15.2.
|
|
4112
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
4095
4113
|
|
|
4096
4114
|
/*
|
|
4097
4115
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4499,7 +4517,7 @@ class RequestParameterBuilder {
|
|
|
4499
4517
|
}
|
|
4500
4518
|
}
|
|
4501
4519
|
|
|
4502
|
-
/*! @azure/msal-common v15.2.
|
|
4520
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
4503
4521
|
/*
|
|
4504
4522
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4505
4523
|
* Licensed under the MIT License.
|
|
@@ -4511,7 +4529,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
4511
4529
|
response.hasOwnProperty("jwks_uri"));
|
|
4512
4530
|
}
|
|
4513
4531
|
|
|
4514
|
-
/*! @azure/msal-common v15.2.
|
|
4532
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
4515
4533
|
/*
|
|
4516
4534
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4517
4535
|
* Licensed under the MIT License.
|
|
@@ -4521,7 +4539,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
4521
4539
|
response.hasOwnProperty("metadata"));
|
|
4522
4540
|
}
|
|
4523
4541
|
|
|
4524
|
-
/*! @azure/msal-common v15.2.
|
|
4542
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
4525
4543
|
/*
|
|
4526
4544
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4527
4545
|
* Licensed under the MIT License.
|
|
@@ -4531,7 +4549,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
4531
4549
|
response.hasOwnProperty("error_description"));
|
|
4532
4550
|
}
|
|
4533
4551
|
|
|
4534
|
-
/*! @azure/msal-common v15.2.
|
|
4552
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
4535
4553
|
/*
|
|
4536
4554
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4537
4555
|
* Licensed under the MIT License.
|
|
@@ -5040,7 +5058,7 @@ const IntFields = new Set([
|
|
|
5040
5058
|
"encryptedCacheExpiredCount",
|
|
5041
5059
|
]);
|
|
5042
5060
|
|
|
5043
|
-
/*! @azure/msal-common v15.2.
|
|
5061
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
5044
5062
|
/*
|
|
5045
5063
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5046
5064
|
* Licensed under the MIT License.
|
|
@@ -5136,7 +5154,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
5136
5154
|
};
|
|
5137
5155
|
};
|
|
5138
5156
|
|
|
5139
|
-
/*! @azure/msal-common v15.2.
|
|
5157
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
5140
5158
|
|
|
5141
5159
|
/*
|
|
5142
5160
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5245,7 +5263,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
5245
5263
|
},
|
|
5246
5264
|
};
|
|
5247
5265
|
|
|
5248
|
-
/*! @azure/msal-common v15.2.
|
|
5266
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
5249
5267
|
|
|
5250
5268
|
/*
|
|
5251
5269
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6084,7 +6102,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
6084
6102
|
};
|
|
6085
6103
|
}
|
|
6086
6104
|
|
|
6087
|
-
/*! @azure/msal-common v15.2.
|
|
6105
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
6088
6106
|
|
|
6089
6107
|
/*
|
|
6090
6108
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6115,7 +6133,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
6115
6133
|
}
|
|
6116
6134
|
}
|
|
6117
6135
|
|
|
6118
|
-
/*! @azure/msal-common v15.2.
|
|
6136
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
6119
6137
|
|
|
6120
6138
|
/*
|
|
6121
6139
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6134,7 +6152,28 @@ class ServerError extends AuthError {
|
|
|
6134
6152
|
}
|
|
6135
6153
|
}
|
|
6136
6154
|
|
|
6137
|
-
/*! @azure/msal-common v15.2.
|
|
6155
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
6156
|
+
/*
|
|
6157
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6158
|
+
* Licensed under the MIT License.
|
|
6159
|
+
*/
|
|
6160
|
+
function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
6161
|
+
return {
|
|
6162
|
+
clientId: clientId,
|
|
6163
|
+
authority: request.authority,
|
|
6164
|
+
scopes: request.scopes,
|
|
6165
|
+
homeAccountIdentifier: homeAccountId,
|
|
6166
|
+
claims: request.claims,
|
|
6167
|
+
authenticationScheme: request.authenticationScheme,
|
|
6168
|
+
resourceRequestMethod: request.resourceRequestMethod,
|
|
6169
|
+
resourceRequestUri: request.resourceRequestUri,
|
|
6170
|
+
shrClaims: request.shrClaims,
|
|
6171
|
+
sshKid: request.sshKid,
|
|
6172
|
+
embeddedClientId: request.embeddedClientId || request.tokenBodyParameters?.clientId,
|
|
6173
|
+
};
|
|
6174
|
+
}
|
|
6175
|
+
|
|
6176
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
6138
6177
|
|
|
6139
6178
|
/*
|
|
6140
6179
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6215,24 +6254,13 @@ class ThrottlingUtils {
|
|
|
6215
6254
|
ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);
|
|
6216
6255
|
}
|
|
6217
6256
|
static removeThrottle(cacheManager, clientId, request, homeAccountIdentifier) {
|
|
6218
|
-
const thumbprint =
|
|
6219
|
-
clientId: clientId,
|
|
6220
|
-
authority: request.authority,
|
|
6221
|
-
scopes: request.scopes,
|
|
6222
|
-
homeAccountIdentifier: homeAccountIdentifier,
|
|
6223
|
-
claims: request.claims,
|
|
6224
|
-
authenticationScheme: request.authenticationScheme,
|
|
6225
|
-
resourceRequestMethod: request.resourceRequestMethod,
|
|
6226
|
-
resourceRequestUri: request.resourceRequestUri,
|
|
6227
|
-
shrClaims: request.shrClaims,
|
|
6228
|
-
sshKid: request.sshKid,
|
|
6229
|
-
};
|
|
6257
|
+
const thumbprint = getRequestThumbprint(clientId, request, homeAccountIdentifier);
|
|
6230
6258
|
const key = this.generateThrottlingStorageKey(thumbprint);
|
|
6231
6259
|
cacheManager.removeItem(key);
|
|
6232
6260
|
}
|
|
6233
6261
|
}
|
|
6234
6262
|
|
|
6235
|
-
/*! @azure/msal-common v15.2.
|
|
6263
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
6236
6264
|
|
|
6237
6265
|
/*
|
|
6238
6266
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6262,7 +6290,7 @@ function createNetworkError(error, httpStatus, responseHeaders) {
|
|
|
6262
6290
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
6263
6291
|
}
|
|
6264
6292
|
|
|
6265
|
-
/*! @azure/msal-common v15.2.
|
|
6293
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
6266
6294
|
|
|
6267
6295
|
/*
|
|
6268
6296
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6412,7 +6440,7 @@ class BaseClient {
|
|
|
6412
6440
|
}
|
|
6413
6441
|
}
|
|
6414
6442
|
|
|
6415
|
-
/*! @azure/msal-common v15.2.
|
|
6443
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
6416
6444
|
/*
|
|
6417
6445
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6418
6446
|
* Licensed under the MIT License.
|
|
@@ -6438,7 +6466,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
6438
6466
|
refreshTokenExpired: refreshTokenExpired
|
|
6439
6467
|
});
|
|
6440
6468
|
|
|
6441
|
-
/*! @azure/msal-common v15.2.
|
|
6469
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
6442
6470
|
|
|
6443
6471
|
/*
|
|
6444
6472
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6526,7 +6554,7 @@ function createInteractionRequiredAuthError(errorCode) {
|
|
|
6526
6554
|
return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
|
|
6527
6555
|
}
|
|
6528
6556
|
|
|
6529
|
-
/*! @azure/msal-common v15.2.
|
|
6557
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
6530
6558
|
|
|
6531
6559
|
/*
|
|
6532
6560
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6598,7 +6626,7 @@ class ProtocolUtils {
|
|
|
6598
6626
|
}
|
|
6599
6627
|
}
|
|
6600
6628
|
|
|
6601
|
-
/*! @azure/msal-common v15.2.
|
|
6629
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
6602
6630
|
|
|
6603
6631
|
/*
|
|
6604
6632
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6682,7 +6710,7 @@ class PopTokenGenerator {
|
|
|
6682
6710
|
}
|
|
6683
6711
|
}
|
|
6684
6712
|
|
|
6685
|
-
/*! @azure/msal-common v15.2.
|
|
6713
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
6686
6714
|
/*
|
|
6687
6715
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6688
6716
|
* Licensed under the MIT License.
|
|
@@ -6709,7 +6737,7 @@ class PopTokenGenerator {
|
|
|
6709
6737
|
}
|
|
6710
6738
|
}
|
|
6711
6739
|
|
|
6712
|
-
/*! @azure/msal-common v15.2.
|
|
6740
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
6713
6741
|
|
|
6714
6742
|
/*
|
|
6715
6743
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7001,10 +7029,11 @@ class ResponseHandler {
|
|
|
7001
7029
|
accessToken = cacheRecord.accessToken.secret;
|
|
7002
7030
|
}
|
|
7003
7031
|
responseScopes = ScopeSet.fromString(cacheRecord.accessToken.target).asArray();
|
|
7004
|
-
expiresOn
|
|
7005
|
-
|
|
7032
|
+
// Access token expiresOn cached in seconds, converting to Date for AuthenticationResult
|
|
7033
|
+
expiresOn = toDateFromSeconds(cacheRecord.accessToken.expiresOn);
|
|
7034
|
+
extExpiresOn = toDateFromSeconds(cacheRecord.accessToken.extendedExpiresOn);
|
|
7006
7035
|
if (cacheRecord.accessToken.refreshOn) {
|
|
7007
|
-
refreshOn =
|
|
7036
|
+
refreshOn = toDateFromSeconds(cacheRecord.accessToken.refreshOn);
|
|
7008
7037
|
}
|
|
7009
7038
|
}
|
|
7010
7039
|
if (cacheRecord.appMetadata) {
|
|
@@ -7086,7 +7115,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
7086
7115
|
return baseAccount;
|
|
7087
7116
|
}
|
|
7088
7117
|
|
|
7089
|
-
/*! @azure/msal-common v15.2.
|
|
7118
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
7090
7119
|
/*
|
|
7091
7120
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7092
7121
|
* Licensed under the MIT License.
|
|
@@ -7104,7 +7133,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
7104
7133
|
}
|
|
7105
7134
|
}
|
|
7106
7135
|
|
|
7107
|
-
/*! @azure/msal-common v15.2.
|
|
7136
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
7108
7137
|
|
|
7109
7138
|
/*
|
|
7110
7139
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7210,18 +7239,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7210
7239
|
}
|
|
7211
7240
|
}
|
|
7212
7241
|
const headers = this.createTokenRequestHeaders(ccsCredential || request.ccsCredential);
|
|
7213
|
-
const thumbprint =
|
|
7214
|
-
clientId: request.tokenBodyParameters?.clientId ||
|
|
7215
|
-
this.config.authOptions.clientId,
|
|
7216
|
-
authority: authority.canonicalAuthority,
|
|
7217
|
-
scopes: request.scopes,
|
|
7218
|
-
claims: request.claims,
|
|
7219
|
-
authenticationScheme: request.authenticationScheme,
|
|
7220
|
-
resourceRequestMethod: request.resourceRequestMethod,
|
|
7221
|
-
resourceRequestUri: request.resourceRequestUri,
|
|
7222
|
-
shrClaims: request.shrClaims,
|
|
7223
|
-
sshKid: request.sshKid,
|
|
7224
|
-
};
|
|
7242
|
+
const thumbprint = getRequestThumbprint(this.config.authOptions.clientId, request);
|
|
7225
7243
|
return invokeAsync(this.executePostToTokenEndpoint.bind(this), PerformanceEvents.AuthorizationCodeClientExecutePostToTokenEndpoint, this.logger, this.performanceClient, request.correlationId)(endpoint, requestBody, headers, thumbprint, request.correlationId, PerformanceEvents.AuthorizationCodeClientExecutePostToTokenEndpoint);
|
|
7226
7244
|
}
|
|
7227
7245
|
/**
|
|
@@ -7554,7 +7572,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7554
7572
|
}
|
|
7555
7573
|
}
|
|
7556
7574
|
|
|
7557
|
-
/*! @azure/msal-common v15.2.
|
|
7575
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
7558
7576
|
|
|
7559
7577
|
/*
|
|
7560
7578
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7674,18 +7692,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7674
7692
|
const endpoint = UrlString.appendQueryString(authority.tokenEndpoint, queryParametersString);
|
|
7675
7693
|
const requestBody = await invokeAsync(this.createTokenRequestBody.bind(this), PerformanceEvents.RefreshTokenClientCreateTokenRequestBody, this.logger, this.performanceClient, request.correlationId)(request);
|
|
7676
7694
|
const headers = this.createTokenRequestHeaders(request.ccsCredential);
|
|
7677
|
-
const thumbprint =
|
|
7678
|
-
clientId: request.tokenBodyParameters?.clientId ||
|
|
7679
|
-
this.config.authOptions.clientId,
|
|
7680
|
-
authority: authority.canonicalAuthority,
|
|
7681
|
-
scopes: request.scopes,
|
|
7682
|
-
claims: request.claims,
|
|
7683
|
-
authenticationScheme: request.authenticationScheme,
|
|
7684
|
-
resourceRequestMethod: request.resourceRequestMethod,
|
|
7685
|
-
resourceRequestUri: request.resourceRequestUri,
|
|
7686
|
-
shrClaims: request.shrClaims,
|
|
7687
|
-
sshKid: request.sshKid,
|
|
7688
|
-
};
|
|
7695
|
+
const thumbprint = getRequestThumbprint(this.config.authOptions.clientId, request);
|
|
7689
7696
|
return invokeAsync(this.executePostToTokenEndpoint.bind(this), PerformanceEvents.RefreshTokenClientExecutePostToTokenEndpoint, this.logger, this.performanceClient, request.correlationId)(endpoint, requestBody, headers, thumbprint, request.correlationId, PerformanceEvents.RefreshTokenClientExecutePostToTokenEndpoint);
|
|
7690
7697
|
}
|
|
7691
7698
|
/**
|
|
@@ -7777,7 +7784,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7777
7784
|
}
|
|
7778
7785
|
}
|
|
7779
7786
|
|
|
7780
|
-
/*! @azure/msal-common v15.2.
|
|
7787
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
7781
7788
|
|
|
7782
7789
|
/*
|
|
7783
7790
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7875,7 +7882,7 @@ class SilentFlowClient extends BaseClient {
|
|
|
7875
7882
|
}
|
|
7876
7883
|
}
|
|
7877
7884
|
|
|
7878
|
-
/*! @azure/msal-common v15.2.
|
|
7885
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
7879
7886
|
|
|
7880
7887
|
/*
|
|
7881
7888
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7890,7 +7897,7 @@ const StubbedNetworkModule = {
|
|
|
7890
7897
|
},
|
|
7891
7898
|
};
|
|
7892
7899
|
|
|
7893
|
-
/*! @azure/msal-common v15.2.
|
|
7900
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
7894
7901
|
|
|
7895
7902
|
/*
|
|
7896
7903
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7948,7 +7955,7 @@ class AuthenticationHeaderParser {
|
|
|
7948
7955
|
}
|
|
7949
7956
|
}
|
|
7950
7957
|
|
|
7951
|
-
/*! @azure/msal-common v15.2.
|
|
7958
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
7952
7959
|
|
|
7953
7960
|
/*
|
|
7954
7961
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8211,7 +8218,7 @@ class ServerTelemetryManager {
|
|
|
8211
8218
|
}
|
|
8212
8219
|
}
|
|
8213
8220
|
|
|
8214
|
-
/*! @azure/msal-common v15.2.
|
|
8221
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
8215
8222
|
/*
|
|
8216
8223
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8217
8224
|
* Licensed under the MIT License.
|
|
@@ -8219,7 +8226,7 @@ class ServerTelemetryManager {
|
|
|
8219
8226
|
const missingKidError = "missing_kid_error";
|
|
8220
8227
|
const missingAlgError = "missing_alg_error";
|
|
8221
8228
|
|
|
8222
|
-
/*! @azure/msal-common v15.2.
|
|
8229
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
8223
8230
|
|
|
8224
8231
|
/*
|
|
8225
8232
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8244,7 +8251,7 @@ function createJoseHeaderError(code) {
|
|
|
8244
8251
|
return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
|
|
8245
8252
|
}
|
|
8246
8253
|
|
|
8247
|
-
/*! @azure/msal-common v15.2.
|
|
8254
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
8248
8255
|
|
|
8249
8256
|
/*
|
|
8250
8257
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8284,7 +8291,7 @@ class JoseHeader {
|
|
|
8284
8291
|
}
|
|
8285
8292
|
}
|
|
8286
8293
|
|
|
8287
|
-
/*! @azure/msal-common v15.2.
|
|
8294
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
8288
8295
|
|
|
8289
8296
|
/*
|
|
8290
8297
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8363,7 +8370,7 @@ class StubPerformanceClient {
|
|
|
8363
8370
|
}
|
|
8364
8371
|
}
|
|
8365
8372
|
|
|
8366
|
-
/*! @azure/msal-common v15.2.
|
|
8373
|
+
/*! @azure/msal-common v15.2.1 2025-03-11 */
|
|
8367
8374
|
|
|
8368
8375
|
/*
|
|
8369
8376
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -10400,7 +10407,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
10400
10407
|
|
|
10401
10408
|
/* eslint-disable header/header */
|
|
10402
10409
|
const name = "@azure/msal-browser";
|
|
10403
|
-
const version = "4.
|
|
10410
|
+
const version = "4.7.0";
|
|
10404
10411
|
|
|
10405
10412
|
/*
|
|
10406
10413
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -12679,7 +12686,13 @@ class BrowserCacheManager extends CacheManager {
|
|
|
12679
12686
|
*
|
|
12680
12687
|
* The next MSAL VFuture should map these both to same value if possible
|
|
12681
12688
|
*/
|
|
12682
|
-
const accessTokenEntity = createAccessTokenEntity(result.account?.homeAccountId, result.account.environment, result.accessToken, this.clientId, result.tenantId, result.scopes.join(" "),
|
|
12689
|
+
const accessTokenEntity = createAccessTokenEntity(result.account?.homeAccountId, result.account.environment, result.accessToken, this.clientId, result.tenantId, result.scopes.join(" "),
|
|
12690
|
+
// Access token expiresOn stored in seconds, converting from AuthenticationResult expiresOn stored as Date
|
|
12691
|
+
result.expiresOn
|
|
12692
|
+
? toSecondsFromDate(result.expiresOn)
|
|
12693
|
+
: 0, result.extExpiresOn
|
|
12694
|
+
? toSecondsFromDate(result.extExpiresOn)
|
|
12695
|
+
: 0, base64Decode, undefined, // refreshOn
|
|
12683
12696
|
result.tokenType, undefined, // userAssertionHash
|
|
12684
12697
|
request.sshKid, request.claims, claimsHash);
|
|
12685
12698
|
const cacheRecord = {
|
|
@@ -12885,7 +12898,9 @@ class EventHandler {
|
|
|
12885
12898
|
constructor(logger) {
|
|
12886
12899
|
this.eventCallbacks = new Map();
|
|
12887
12900
|
this.logger = logger || new Logger({});
|
|
12888
|
-
|
|
12901
|
+
if (typeof BroadcastChannel !== "undefined") {
|
|
12902
|
+
this.broadcastChannel = new BroadcastChannel(BROADCAST_CHANNEL_NAME);
|
|
12903
|
+
}
|
|
12889
12904
|
this.invokeCrossTabCallbacks = this.invokeCrossTabCallbacks.bind(this);
|
|
12890
12905
|
}
|
|
12891
12906
|
/**
|
|
@@ -12935,7 +12950,7 @@ class EventHandler {
|
|
|
12935
12950
|
case EventType.ACCOUNT_REMOVED:
|
|
12936
12951
|
case EventType.ACTIVE_ACCOUNT_CHANGED:
|
|
12937
12952
|
// Send event to other open tabs / MSAL instances on same domain
|
|
12938
|
-
this.broadcastChannel
|
|
12953
|
+
this.broadcastChannel?.postMessage(message);
|
|
12939
12954
|
break;
|
|
12940
12955
|
default:
|
|
12941
12956
|
// Emit event to callbacks registered in this instance
|
|
@@ -12968,13 +12983,13 @@ class EventHandler {
|
|
|
12968
12983
|
* Listen for events broadcasted from other tabs/instances
|
|
12969
12984
|
*/
|
|
12970
12985
|
subscribeCrossTab() {
|
|
12971
|
-
this.broadcastChannel
|
|
12986
|
+
this.broadcastChannel?.addEventListener("message", this.invokeCrossTabCallbacks);
|
|
12972
12987
|
}
|
|
12973
12988
|
/**
|
|
12974
12989
|
* Unsubscribe from broadcast events
|
|
12975
12990
|
*/
|
|
12976
12991
|
unsubscribeCrossTab() {
|
|
12977
|
-
this.broadcastChannel
|
|
12992
|
+
this.broadcastChannel?.removeEventListener("message", this.invokeCrossTabCallbacks);
|
|
12978
12993
|
}
|
|
12979
12994
|
}
|
|
12980
12995
|
|
|
@@ -13588,7 +13603,7 @@ class NativeInteractionClient extends BaseInteractionClient {
|
|
|
13588
13603
|
* Acquire token from native platform via browser extension
|
|
13589
13604
|
* @param request
|
|
13590
13605
|
*/
|
|
13591
|
-
async acquireToken(request) {
|
|
13606
|
+
async acquireToken(request, cacheLookupPolicy) {
|
|
13592
13607
|
this.performanceClient.addQueueMeasurement(PerformanceEvents.NativeInteractionClientAcquireToken, request.correlationId);
|
|
13593
13608
|
this.logger.trace("NativeInteractionClient - acquireToken called.");
|
|
13594
13609
|
// start the perf measurement
|
|
@@ -13609,6 +13624,10 @@ class NativeInteractionClient extends BaseInteractionClient {
|
|
|
13609
13624
|
return result;
|
|
13610
13625
|
}
|
|
13611
13626
|
catch (e) {
|
|
13627
|
+
if (cacheLookupPolicy === CacheLookupPolicy.AccessToken) {
|
|
13628
|
+
this.logger.info("MSAL internal Cache does not contain tokens, return error as per cache policy");
|
|
13629
|
+
throw e;
|
|
13630
|
+
}
|
|
13612
13631
|
// continue with a native call for any and all errors
|
|
13613
13632
|
this.logger.info("MSAL internal Cache does not contain tokens, proceed to make a native call");
|
|
13614
13633
|
}
|
|
@@ -13934,7 +13953,8 @@ class NativeInteractionClient extends BaseInteractionClient {
|
|
|
13934
13953
|
idTokenClaims: idTokenClaims,
|
|
13935
13954
|
accessToken: responseAccessToken,
|
|
13936
13955
|
fromCache: mats ? this.isResponseFromCache(mats) : false,
|
|
13937
|
-
|
|
13956
|
+
// Request timestamp and NativeResponse expires_in are in seconds, converting to Date for AuthenticationResult
|
|
13957
|
+
expiresOn: toDateFromSeconds(reqTimestamp + response.expires_in),
|
|
13938
13958
|
tokenType: tokenType,
|
|
13939
13959
|
correlationId: this.correlationId,
|
|
13940
13960
|
state: response.state,
|
|
@@ -15935,11 +15955,10 @@ class TokenCache {
|
|
|
15935
15955
|
const scopes = response.scope
|
|
15936
15956
|
? ScopeSet.fromString(response.scope)
|
|
15937
15957
|
: new ScopeSet(request.scopes);
|
|
15938
|
-
const expiresOn = options.expiresOn ||
|
|
15939
|
-
response.expires_in + new Date().getTime() / 1000;
|
|
15958
|
+
const expiresOn = options.expiresOn || response.expires_in + nowSeconds();
|
|
15940
15959
|
const extendedExpiresOn = options.extendedExpiresOn ||
|
|
15941
15960
|
(response.ext_expires_in || response.expires_in) +
|
|
15942
|
-
|
|
15961
|
+
nowSeconds();
|
|
15943
15962
|
const accessTokenEntity = createAccessTokenEntity(homeAccountId, environment, response.access_token, this.config.auth.clientId, tenantId, scopes.printScopes(), expiresOn, extendedExpiresOn, base64Decode);
|
|
15944
15963
|
await this.storage.setAccessTokenCredential(accessTokenEntity, correlationId);
|
|
15945
15964
|
return accessTokenEntity;
|
|
@@ -15979,8 +15998,9 @@ class TokenCache {
|
|
|
15979
15998
|
if (cacheRecord?.accessToken) {
|
|
15980
15999
|
accessToken = cacheRecord.accessToken.secret;
|
|
15981
16000
|
responseScopes = ScopeSet.fromString(cacheRecord.accessToken.target).asArray();
|
|
15982
|
-
expiresOn
|
|
15983
|
-
|
|
16001
|
+
// Access token expiresOn stored in seconds, converting to Date for AuthenticationResult
|
|
16002
|
+
expiresOn = toDateFromSeconds(cacheRecord.accessToken.expiresOn);
|
|
16003
|
+
extExpiresOn = toDateFromSeconds(cacheRecord.accessToken.extendedExpiresOn);
|
|
15984
16004
|
}
|
|
15985
16005
|
const accountEntity = cacheRecord.account;
|
|
15986
16006
|
return {
|
|
@@ -16955,13 +16975,13 @@ class StandardController {
|
|
|
16955
16975
|
* Acquire a token from native device (e.g. WAM)
|
|
16956
16976
|
* @param request
|
|
16957
16977
|
*/
|
|
16958
|
-
async acquireTokenNative(request, apiId, accountId) {
|
|
16978
|
+
async acquireTokenNative(request, apiId, accountId, cacheLookupPolicy) {
|
|
16959
16979
|
this.logger.trace("acquireTokenNative called");
|
|
16960
16980
|
if (!this.nativeExtensionProvider) {
|
|
16961
16981
|
throw createBrowserAuthError(nativeConnectionNotEstablished);
|
|
16962
16982
|
}
|
|
16963
16983
|
const nativeClient = new NativeInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, apiId, this.performanceClient, this.nativeExtensionProvider, accountId || this.getNativeAccountId(request), this.nativeInternalStorage, request.correlationId);
|
|
16964
|
-
return nativeClient.acquireToken(request);
|
|
16984
|
+
return nativeClient.acquireToken(request, cacheLookupPolicy);
|
|
16965
16985
|
}
|
|
16966
16986
|
/**
|
|
16967
16987
|
* Returns boolean indicating if this request can use the platform broker
|
|
@@ -17227,60 +17247,63 @@ class StandardController {
|
|
|
17227
17247
|
throw createBrowserAuthError(noAccountError);
|
|
17228
17248
|
}
|
|
17229
17249
|
atsMeasurement.add({ accountType: getAccountType(account) });
|
|
17230
|
-
|
|
17231
|
-
|
|
17232
|
-
|
|
17233
|
-
|
|
17234
|
-
|
|
17235
|
-
|
|
17236
|
-
|
|
17237
|
-
|
|
17238
|
-
|
|
17239
|
-
|
|
17240
|
-
|
|
17241
|
-
|
|
17242
|
-
|
|
17250
|
+
return this.acquireTokenSilentDeduped(request, account, correlationId)
|
|
17251
|
+
.then((result) => {
|
|
17252
|
+
atsMeasurement.end({
|
|
17253
|
+
success: true,
|
|
17254
|
+
fromCache: result.fromCache,
|
|
17255
|
+
isNativeBroker: result.fromNativeBroker,
|
|
17256
|
+
accessTokenSize: result.accessToken.length,
|
|
17257
|
+
idTokenSize: result.idToken.length,
|
|
17258
|
+
});
|
|
17259
|
+
return {
|
|
17260
|
+
...result,
|
|
17261
|
+
state: request.state,
|
|
17262
|
+
correlationId: correlationId, // Ensures PWB scenarios can correctly match request to response
|
|
17263
|
+
};
|
|
17264
|
+
})
|
|
17265
|
+
.catch((error) => {
|
|
17266
|
+
if (error instanceof AuthError) {
|
|
17267
|
+
// Ensures PWB scenarios can correctly match request to response
|
|
17268
|
+
error.setCorrelationId(correlationId);
|
|
17269
|
+
}
|
|
17270
|
+
atsMeasurement.end({
|
|
17271
|
+
success: false,
|
|
17272
|
+
}, error);
|
|
17273
|
+
throw error;
|
|
17274
|
+
});
|
|
17275
|
+
}
|
|
17276
|
+
/**
|
|
17277
|
+
* Checks if identical request is already in flight and returns reference to the existing promise or fires off a new one if this is the first
|
|
17278
|
+
* @param request
|
|
17279
|
+
* @param account
|
|
17280
|
+
* @param correlationId
|
|
17281
|
+
* @returns
|
|
17282
|
+
*/
|
|
17283
|
+
async acquireTokenSilentDeduped(request, account, correlationId) {
|
|
17284
|
+
const thumbprint = getRequestThumbprint(this.config.auth.clientId, {
|
|
17285
|
+
...request,
|
|
17286
|
+
authority: request.authority || this.config.auth.authority,
|
|
17287
|
+
correlationId: correlationId,
|
|
17288
|
+
}, account.homeAccountId);
|
|
17243
17289
|
const silentRequestKey = JSON.stringify(thumbprint);
|
|
17244
|
-
const
|
|
17245
|
-
if (typeof
|
|
17290
|
+
const inProgressRequest = this.activeSilentTokenRequests.get(silentRequestKey);
|
|
17291
|
+
if (typeof inProgressRequest === "undefined") {
|
|
17246
17292
|
this.logger.verbose("acquireTokenSilent called for the first time, storing active request", correlationId);
|
|
17247
|
-
|
|
17293
|
+
this.performanceClient.addFields({ deduped: false }, correlationId);
|
|
17294
|
+
const activeRequest = invokeAsync(this.acquireTokenSilentAsync.bind(this), PerformanceEvents.AcquireTokenSilentAsync, this.logger, this.performanceClient, correlationId)({
|
|
17248
17295
|
...request,
|
|
17249
17296
|
correlationId,
|
|
17250
|
-
}, account)
|
|
17251
|
-
|
|
17297
|
+
}, account);
|
|
17298
|
+
this.activeSilentTokenRequests.set(silentRequestKey, activeRequest);
|
|
17299
|
+
return activeRequest.finally(() => {
|
|
17252
17300
|
this.activeSilentTokenRequests.delete(silentRequestKey);
|
|
17253
|
-
atsMeasurement.end({
|
|
17254
|
-
success: true,
|
|
17255
|
-
fromCache: result.fromCache,
|
|
17256
|
-
isNativeBroker: result.fromNativeBroker,
|
|
17257
|
-
cacheLookupPolicy: request.cacheLookupPolicy,
|
|
17258
|
-
accessTokenSize: result.accessToken.length,
|
|
17259
|
-
idTokenSize: result.idToken.length,
|
|
17260
|
-
});
|
|
17261
|
-
return result;
|
|
17262
|
-
})
|
|
17263
|
-
.catch((error) => {
|
|
17264
|
-
this.activeSilentTokenRequests.delete(silentRequestKey);
|
|
17265
|
-
atsMeasurement.end({
|
|
17266
|
-
success: false,
|
|
17267
|
-
}, error);
|
|
17268
|
-
throw error;
|
|
17269
17301
|
});
|
|
17270
|
-
this.activeSilentTokenRequests.set(silentRequestKey, response);
|
|
17271
|
-
return {
|
|
17272
|
-
...(await response),
|
|
17273
|
-
state: request.state,
|
|
17274
|
-
};
|
|
17275
17302
|
}
|
|
17276
17303
|
else {
|
|
17277
17304
|
this.logger.verbose("acquireTokenSilent has been called previously, returning the result from the first call", correlationId);
|
|
17278
|
-
|
|
17279
|
-
|
|
17280
|
-
return {
|
|
17281
|
-
...(await cachedResponse),
|
|
17282
|
-
state: request.state,
|
|
17283
|
-
};
|
|
17305
|
+
this.performanceClient.addFields({ deduped: true }, correlationId);
|
|
17306
|
+
return inProgressRequest;
|
|
17284
17307
|
}
|
|
17285
17308
|
}
|
|
17286
17309
|
/**
|
|
@@ -17384,10 +17407,11 @@ class StandardController {
|
|
|
17384
17407
|
* @returns
|
|
17385
17408
|
*/
|
|
17386
17409
|
async acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy) {
|
|
17410
|
+
// if the cache policy is set to access_token only, we should not be hitting the native layer yet
|
|
17387
17411
|
if (NativeMessageHandler.isPlatformBrokerAvailable(this.config, this.logger, this.nativeExtensionProvider, silentRequest.authenticationScheme) &&
|
|
17388
17412
|
silentRequest.account.nativeAccountId) {
|
|
17389
17413
|
this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform");
|
|
17390
|
-
return this.acquireTokenNative(silentRequest, ApiId.acquireTokenSilent_silentFlow).catch(async (e) => {
|
|
17414
|
+
return this.acquireTokenNative(silentRequest, ApiId.acquireTokenSilent_silentFlow, silentRequest.account.nativeAccountId, cacheLookupPolicy).catch(async (e) => {
|
|
17391
17415
|
// If native token acquisition fails for availability reasons fallback to web flow
|
|
17392
17416
|
if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
|
|
17393
17417
|
this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow");
|
|
@@ -17400,6 +17424,10 @@ class StandardController {
|
|
|
17400
17424
|
}
|
|
17401
17425
|
else {
|
|
17402
17426
|
this.logger.verbose("acquireTokenSilent - attempting to acquire token from web flow");
|
|
17427
|
+
// add logs to identify embedded cache retrieval
|
|
17428
|
+
if (cacheLookupPolicy === CacheLookupPolicy.AccessToken) {
|
|
17429
|
+
this.logger.verbose("acquireTokenSilent - cache lookup policy set to AccessToken, attempting to acquire token from local cache");
|
|
17430
|
+
}
|
|
17403
17431
|
return invokeAsync(this.acquireTokenFromCache.bind(this), PerformanceEvents.AcquireTokenFromCache, this.logger, this.performanceClient, silentRequest.correlationId)(silentRequest, cacheLookupPolicy).catch((cacheError) => {
|
|
17404
17432
|
if (cacheLookupPolicy === CacheLookupPolicy.AccessToken) {
|
|
17405
17433
|
throw cacheError;
|
|
@@ -17506,7 +17534,8 @@ class NestedAppAuthAdapter {
|
|
|
17506
17534
|
if (!response.token.id_token || !response.token.access_token) {
|
|
17507
17535
|
throw createClientAuthError(nullOrEmptyToken);
|
|
17508
17536
|
}
|
|
17509
|
-
|
|
17537
|
+
// Request timestamp and AuthResult expires_in are in seconds, converting to Date for AuthenticationResult
|
|
17538
|
+
const expiresOn = toDateFromSeconds(reqTimestamp + (response.token.expires_in || 0));
|
|
17510
17539
|
const idTokenClaims = extractTokenClaims(response.token.id_token, this.crypto.base64Decode);
|
|
17511
17540
|
const account = this.fromNaaAccountInfo(response.account, response.token.id_token, idTokenClaims);
|
|
17512
17541
|
const scopes = response.token.scope || request.scope;
|
|
@@ -17635,10 +17664,10 @@ class NestedAppAuthAdapter {
|
|
|
17635
17664
|
idTokenClaims: idTokenClaims || {},
|
|
17636
17665
|
accessToken: accessToken.secret,
|
|
17637
17666
|
fromCache: true,
|
|
17638
|
-
expiresOn:
|
|
17667
|
+
expiresOn: toDateFromSeconds(accessToken.expiresOn),
|
|
17668
|
+
extExpiresOn: toDateFromSeconds(accessToken.extendedExpiresOn),
|
|
17639
17669
|
tokenType: request.authenticationScheme || AuthenticationScheme.BEARER,
|
|
17640
17670
|
correlationId,
|
|
17641
|
-
extExpiresOn: new Date(Number(accessToken.extendedExpiresOn) * 1000),
|
|
17642
17671
|
state: request.state,
|
|
17643
17672
|
};
|
|
17644
17673
|
return authenticationResult;
|