@azure/msal-browser 4.5.0 → 4.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (127) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientNext.mjs +1 -1
  4. package/dist/broker/nativeBroker/NativeMessageHandler.mjs +1 -1
  5. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  6. package/dist/cache/AccountManager.mjs +1 -1
  7. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  8. package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
  9. package/dist/cache/BrowserCacheManager.mjs +9 -3
  10. package/dist/cache/BrowserCacheManager.mjs.map +1 -1
  11. package/dist/cache/CacheHelpers.mjs +1 -1
  12. package/dist/cache/CookieStorage.mjs +1 -1
  13. package/dist/cache/DatabaseStorage.mjs +1 -1
  14. package/dist/cache/LocalStorage.mjs +1 -1
  15. package/dist/cache/MemoryStorage.mjs +1 -1
  16. package/dist/cache/SessionStorage.mjs +1 -1
  17. package/dist/cache/TokenCache.d.ts.map +1 -1
  18. package/dist/cache/TokenCache.mjs +7 -7
  19. package/dist/cache/TokenCache.mjs.map +1 -1
  20. package/dist/config/Configuration.mjs +1 -1
  21. package/dist/controllers/ControllerFactory.mjs +1 -1
  22. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  23. package/dist/controllers/StandardController.d.ts +9 -1
  24. package/dist/controllers/StandardController.d.ts.map +1 -1
  25. package/dist/controllers/StandardController.mjs +58 -50
  26. package/dist/controllers/StandardController.mjs.map +1 -1
  27. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  28. package/dist/crypto/BrowserCrypto.mjs +1 -1
  29. package/dist/crypto/CryptoOps.mjs +1 -1
  30. package/dist/crypto/PkceGenerator.mjs +1 -1
  31. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  32. package/dist/encode/Base64Decode.mjs +1 -1
  33. package/dist/encode/Base64Encode.mjs +1 -1
  34. package/dist/error/BrowserAuthError.mjs +1 -1
  35. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  36. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  37. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  38. package/dist/error/NativeAuthError.mjs +1 -1
  39. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  40. package/dist/error/NestedAppAuthError.mjs +1 -1
  41. package/dist/event/EventHandler.d.ts +1 -1
  42. package/dist/event/EventHandler.d.ts.map +1 -1
  43. package/dist/event/EventHandler.mjs +7 -5
  44. package/dist/event/EventHandler.mjs.map +1 -1
  45. package/dist/event/EventMessage.mjs +1 -1
  46. package/dist/event/EventType.mjs +1 -1
  47. package/dist/index.mjs +1 -1
  48. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  49. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  50. package/dist/interaction_client/NativeInteractionClient.d.ts +2 -2
  51. package/dist/interaction_client/NativeInteractionClient.d.ts.map +1 -1
  52. package/dist/interaction_client/NativeInteractionClient.mjs +9 -4
  53. package/dist/interaction_client/NativeInteractionClient.mjs.map +1 -1
  54. package/dist/interaction_client/PopupClient.mjs +1 -1
  55. package/dist/interaction_client/RedirectClient.mjs +1 -1
  56. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  57. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  58. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  59. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  60. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  61. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  62. package/dist/interaction_handler/RedirectHandler.mjs +1 -1
  63. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  64. package/dist/naa/BridgeError.mjs +1 -1
  65. package/dist/naa/BridgeProxy.mjs +1 -1
  66. package/dist/naa/BridgeStatusCode.mjs +1 -1
  67. package/dist/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  68. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +6 -5
  69. package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
  70. package/dist/navigation/NavigationClient.mjs +1 -1
  71. package/dist/network/FetchClient.mjs +1 -1
  72. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  73. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  74. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  75. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  76. package/dist/packageMetadata.d.ts +1 -1
  77. package/dist/packageMetadata.mjs +2 -2
  78. package/dist/request/PopupRequest.d.ts +1 -2
  79. package/dist/request/PopupRequest.d.ts.map +1 -1
  80. package/dist/request/RedirectRequest.d.ts +1 -2
  81. package/dist/request/RedirectRequest.d.ts.map +1 -1
  82. package/dist/request/RequestHelpers.mjs +1 -1
  83. package/dist/request/SilentRequest.d.ts +0 -1
  84. package/dist/request/SilentRequest.d.ts.map +1 -1
  85. package/dist/request/SsoSilentRequest.d.ts +2 -4
  86. package/dist/request/SsoSilentRequest.d.ts.map +1 -1
  87. package/dist/response/ResponseHandler.mjs +1 -1
  88. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  89. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  90. package/dist/utils/BrowserConstants.mjs +1 -1
  91. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  92. package/dist/utils/BrowserUtils.mjs +1 -1
  93. package/lib/msal-browser.cjs +197 -168
  94. package/lib/msal-browser.cjs.map +1 -1
  95. package/lib/msal-browser.js +197 -168
  96. package/lib/msal-browser.js.map +1 -1
  97. package/lib/msal-browser.min.js +65 -64
  98. package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
  99. package/lib/types/cache/TokenCache.d.ts.map +1 -1
  100. package/lib/types/controllers/StandardController.d.ts +9 -1
  101. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  102. package/lib/types/event/EventHandler.d.ts +1 -1
  103. package/lib/types/event/EventHandler.d.ts.map +1 -1
  104. package/lib/types/interaction_client/NativeInteractionClient.d.ts +2 -2
  105. package/lib/types/interaction_client/NativeInteractionClient.d.ts.map +1 -1
  106. package/lib/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  107. package/lib/types/packageMetadata.d.ts +1 -1
  108. package/lib/types/request/PopupRequest.d.ts +1 -2
  109. package/lib/types/request/PopupRequest.d.ts.map +1 -1
  110. package/lib/types/request/RedirectRequest.d.ts +1 -2
  111. package/lib/types/request/RedirectRequest.d.ts.map +1 -1
  112. package/lib/types/request/SilentRequest.d.ts +0 -1
  113. package/lib/types/request/SilentRequest.d.ts.map +1 -1
  114. package/lib/types/request/SsoSilentRequest.d.ts +2 -4
  115. package/lib/types/request/SsoSilentRequest.d.ts.map +1 -1
  116. package/package.json +2 -2
  117. package/src/cache/BrowserCacheManager.ts +8 -2
  118. package/src/cache/TokenCache.ts +8 -7
  119. package/src/controllers/StandardController.ts +79 -54
  120. package/src/event/EventHandler.ts +9 -5
  121. package/src/interaction_client/NativeInteractionClient.ts +12 -3
  122. package/src/naa/mapping/NestedAppAuthAdapter.ts +8 -6
  123. package/src/packageMetadata.ts +1 -1
  124. package/src/request/PopupRequest.ts +1 -5
  125. package/src/request/RedirectRequest.ts +1 -5
  126. package/src/request/SilentRequest.ts +0 -1
  127. package/src/request/SsoSilentRequest.ts +2 -7
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-browser v4.5.0 2025-02-26 */
1
+ /*! @azure/msal-browser v4.7.0 2025-03-11 */
2
2
  'use strict';
3
3
  (function (global, factory) {
4
4
  typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
@@ -6,7 +6,7 @@
6
6
  (global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
7
7
  })(this, (function (exports) { 'use strict';
8
8
 
9
- /*! @azure/msal-common v15.2.0 2025-02-26 */
9
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
10
10
  /*
11
11
  * Copyright (c) Microsoft Corporation. All rights reserved.
12
12
  * Licensed under the MIT License.
@@ -310,7 +310,7 @@
310
310
  // Token renewal offset default in seconds
311
311
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
312
312
 
313
- /*! @azure/msal-common v15.2.0 2025-02-26 */
313
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
314
314
  /*
315
315
  * Copyright (c) Microsoft Corporation. All rights reserved.
316
316
  * Licensed under the MIT License.
@@ -327,7 +327,7 @@
327
327
  unexpectedError: unexpectedError
328
328
  });
329
329
 
330
- /*! @azure/msal-common v15.2.0 2025-02-26 */
330
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
331
331
 
332
332
  /*
333
333
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -376,7 +376,7 @@
376
376
  : AuthErrorMessages[code]);
377
377
  }
378
378
 
379
- /*! @azure/msal-common v15.2.0 2025-02-26 */
379
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
380
380
  /*
381
381
  * Copyright (c) Microsoft Corporation. All rights reserved.
382
382
  * Licensed under the MIT License.
@@ -474,7 +474,7 @@
474
474
  userTimeoutReached: userTimeoutReached
475
475
  });
476
476
 
477
- /*! @azure/msal-common v15.2.0 2025-02-26 */
477
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
478
478
 
479
479
  /*
480
480
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -726,7 +726,7 @@
726
726
  return new ClientAuthError(errorCode, additionalMessage);
727
727
  }
728
728
 
729
- /*! @azure/msal-common v15.2.0 2025-02-26 */
729
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
730
730
 
731
731
  /*
732
732
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -765,7 +765,7 @@
765
765
  },
766
766
  };
767
767
 
768
- /*! @azure/msal-common v15.2.0 2025-02-26 */
768
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
769
769
 
770
770
  /*
771
771
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -956,12 +956,12 @@
956
956
  }
957
957
  }
958
958
 
959
- /*! @azure/msal-common v15.2.0 2025-02-26 */
959
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
960
960
  /* eslint-disable header/header */
961
961
  const name$1 = "@azure/msal-common";
962
- const version$1 = "15.2.0";
962
+ const version$1 = "15.2.1";
963
963
 
964
- /*! @azure/msal-common v15.2.0 2025-02-26 */
964
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
965
965
  /*
966
966
  * Copyright (c) Microsoft Corporation. All rights reserved.
967
967
  * Licensed under the MIT License.
@@ -981,7 +981,7 @@
981
981
  AzureUsGovernment: "https://login.microsoftonline.us",
982
982
  };
983
983
 
984
- /*! @azure/msal-common v15.2.0 2025-02-26 */
984
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
985
985
 
986
986
  /*
987
987
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1042,7 +1042,7 @@
1042
1042
  }
1043
1043
  }
1044
1044
 
1045
- /*! @azure/msal-common v15.2.0 2025-02-26 */
1045
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
1046
1046
  /*
1047
1047
  * Copyright (c) Microsoft Corporation. All rights reserved.
1048
1048
  * Licensed under the MIT License.
@@ -1057,6 +1057,24 @@
1057
1057
  // Date.getTime() returns in milliseconds.
1058
1058
  return Math.round(new Date().getTime() / 1000.0);
1059
1059
  }
1060
+ /**
1061
+ * Converts JS Date object to seconds
1062
+ * @param date Date
1063
+ */
1064
+ function toSecondsFromDate(date) {
1065
+ // Convert date to seconds
1066
+ return date.getTime() / 1000;
1067
+ }
1068
+ /**
1069
+ * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
1070
+ * @param seconds
1071
+ */
1072
+ function toDateFromSeconds(seconds) {
1073
+ if (seconds) {
1074
+ return new Date(Number(seconds) * 1000);
1075
+ }
1076
+ return new Date();
1077
+ }
1060
1078
  /**
1061
1079
  * check if a token is expired based on given UTC time in seconds.
1062
1080
  * @param expiresOn
@@ -1079,7 +1097,7 @@
1079
1097
  return cachedAtSec > nowSeconds();
1080
1098
  }
1081
1099
 
1082
- /*! @azure/msal-common v15.2.0 2025-02-26 */
1100
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
1083
1101
 
1084
1102
  /*
1085
1103
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1406,7 +1424,7 @@
1406
1424
  return metadata.expiresAt <= nowSeconds();
1407
1425
  }
1408
1426
 
1409
- /*! @azure/msal-common v15.2.0 2025-02-26 */
1427
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
1410
1428
  /*
1411
1429
  * Copyright (c) Microsoft Corporation. All rights reserved.
1412
1430
  * Licensed under the MIT License.
@@ -1460,7 +1478,7 @@
1460
1478
  urlParseError: urlParseError
1461
1479
  });
1462
1480
 
1463
- /*! @azure/msal-common v15.2.0 2025-02-26 */
1481
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
1464
1482
 
1465
1483
  /*
1466
1484
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1598,7 +1616,7 @@
1598
1616
  return new ClientConfigurationError(errorCode);
1599
1617
  }
1600
1618
 
1601
- /*! @azure/msal-common v15.2.0 2025-02-26 */
1619
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
1602
1620
  /*
1603
1621
  * Copyright (c) Microsoft Corporation. All rights reserved.
1604
1622
  * Licensed under the MIT License.
@@ -1695,7 +1713,7 @@
1695
1713
  }
1696
1714
  }
1697
1715
 
1698
- /*! @azure/msal-common v15.2.0 2025-02-26 */
1716
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
1699
1717
 
1700
1718
  /*
1701
1719
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1886,7 +1904,7 @@
1886
1904
  }
1887
1905
  }
1888
1906
 
1889
- /*! @azure/msal-common v15.2.0 2025-02-26 */
1907
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
1890
1908
 
1891
1909
  /*
1892
1910
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1926,7 +1944,7 @@
1926
1944
  };
1927
1945
  }
1928
1946
 
1929
- /*! @azure/msal-common v15.2.0 2025-02-26 */
1947
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
1930
1948
  /*
1931
1949
  * Copyright (c) Microsoft Corporation. All rights reserved.
1932
1950
  * Licensed under the MIT License.
@@ -2005,7 +2023,7 @@
2005
2023
  return updatedAccountInfo;
2006
2024
  }
2007
2025
 
2008
- /*! @azure/msal-common v15.2.0 2025-02-26 */
2026
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
2009
2027
  /*
2010
2028
  * Copyright (c) Microsoft Corporation. All rights reserved.
2011
2029
  * Licensed under the MIT License.
@@ -2020,7 +2038,7 @@
2020
2038
  Ciam: 3,
2021
2039
  };
2022
2040
 
2023
- /*! @azure/msal-common v15.2.0 2025-02-26 */
2041
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
2024
2042
  /*
2025
2043
  * Copyright (c) Microsoft Corporation. All rights reserved.
2026
2044
  * Licensed under the MIT License.
@@ -2042,7 +2060,7 @@
2042
2060
  return null;
2043
2061
  }
2044
2062
 
2045
- /*! @azure/msal-common v15.2.0 2025-02-26 */
2063
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
2046
2064
  /*
2047
2065
  * Copyright (c) Microsoft Corporation. All rights reserved.
2048
2066
  * Licensed under the MIT License.
@@ -2055,7 +2073,7 @@
2055
2073
  OIDC: "OIDC",
2056
2074
  };
2057
2075
 
2058
- /*! @azure/msal-common v15.2.0 2025-02-26 */
2076
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
2059
2077
 
2060
2078
  /*
2061
2079
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2298,7 +2316,7 @@
2298
2316
  }
2299
2317
  }
2300
2318
 
2301
- /*! @azure/msal-common v15.2.0 2025-02-26 */
2319
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
2302
2320
 
2303
2321
  /*
2304
2322
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2345,7 +2363,7 @@
2345
2363
  return null;
2346
2364
  }
2347
2365
 
2348
- /*! @azure/msal-common v15.2.0 2025-02-26 */
2366
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
2349
2367
 
2350
2368
  /*
2351
2369
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2509,7 +2527,7 @@
2509
2527
  }
2510
2528
  }
2511
2529
 
2512
- /*! @azure/msal-common v15.2.0 2025-02-26 */
2530
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
2513
2531
 
2514
2532
  /*
2515
2533
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2649,7 +2667,7 @@
2649
2667
  return null;
2650
2668
  }
2651
2669
 
2652
- /*! @azure/msal-common v15.2.0 2025-02-26 */
2670
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
2653
2671
  /*
2654
2672
  * Copyright (c) Microsoft Corporation. All rights reserved.
2655
2673
  * Licensed under the MIT License.
@@ -2657,7 +2675,7 @@
2657
2675
  const cacheQuotaExceededErrorCode = "cache_quota_exceeded";
2658
2676
  const cacheUnknownErrorCode = "cache_error_unknown";
2659
2677
 
2660
- /*! @azure/msal-common v15.2.0 2025-02-26 */
2678
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
2661
2679
 
2662
2680
  /*
2663
2681
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2684,7 +2702,7 @@
2684
2702
  }
2685
2703
  }
2686
2704
 
2687
- /*! @azure/msal-common v15.2.0 2025-02-26 */
2705
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
2688
2706
 
2689
2707
  /*
2690
2708
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3869,7 +3887,7 @@
3869
3887
  }
3870
3888
  }
3871
3889
 
3872
- /*! @azure/msal-common v15.2.0 2025-02-26 */
3890
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
3873
3891
 
3874
3892
  /*
3875
3893
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3968,7 +3986,7 @@
3968
3986
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3969
3987
  }
3970
3988
 
3971
- /*! @azure/msal-common v15.2.0 2025-02-26 */
3989
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
3972
3990
  /*
3973
3991
  * Copyright (c) Microsoft Corporation. All rights reserved.
3974
3992
  * Licensed under the MIT License.
@@ -3978,7 +3996,7 @@
3978
3996
  UPN: "UPN",
3979
3997
  };
3980
3998
 
3981
- /*! @azure/msal-common v15.2.0 2025-02-26 */
3999
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
3982
4000
  /*
3983
4001
  * Copyright (c) Microsoft Corporation. All rights reserved.
3984
4002
  * Licensed under the MIT License.
@@ -4028,7 +4046,7 @@
4028
4046
  const BROKER_CLIENT_ID = "brk_client_id";
4029
4047
  const BROKER_REDIRECT_URI = "brk_redirect_uri";
4030
4048
 
4031
- /*! @azure/msal-common v15.2.0 2025-02-26 */
4049
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
4032
4050
 
4033
4051
  /*
4034
4052
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4095,7 +4113,7 @@
4095
4113
  }
4096
4114
  }
4097
4115
 
4098
- /*! @azure/msal-common v15.2.0 2025-02-26 */
4116
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
4099
4117
 
4100
4118
  /*
4101
4119
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4503,7 +4521,7 @@
4503
4521
  }
4504
4522
  }
4505
4523
 
4506
- /*! @azure/msal-common v15.2.0 2025-02-26 */
4524
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
4507
4525
  /*
4508
4526
  * Copyright (c) Microsoft Corporation. All rights reserved.
4509
4527
  * Licensed under the MIT License.
@@ -4515,7 +4533,7 @@
4515
4533
  response.hasOwnProperty("jwks_uri"));
4516
4534
  }
4517
4535
 
4518
- /*! @azure/msal-common v15.2.0 2025-02-26 */
4536
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
4519
4537
  /*
4520
4538
  * Copyright (c) Microsoft Corporation. All rights reserved.
4521
4539
  * Licensed under the MIT License.
@@ -4525,7 +4543,7 @@
4525
4543
  response.hasOwnProperty("metadata"));
4526
4544
  }
4527
4545
 
4528
- /*! @azure/msal-common v15.2.0 2025-02-26 */
4546
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
4529
4547
  /*
4530
4548
  * Copyright (c) Microsoft Corporation. All rights reserved.
4531
4549
  * Licensed under the MIT License.
@@ -4535,7 +4553,7 @@
4535
4553
  response.hasOwnProperty("error_description"));
4536
4554
  }
4537
4555
 
4538
- /*! @azure/msal-common v15.2.0 2025-02-26 */
4556
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
4539
4557
  /*
4540
4558
  * Copyright (c) Microsoft Corporation. All rights reserved.
4541
4559
  * Licensed under the MIT License.
@@ -5044,7 +5062,7 @@
5044
5062
  "encryptedCacheExpiredCount",
5045
5063
  ]);
5046
5064
 
5047
- /*! @azure/msal-common v15.2.0 2025-02-26 */
5065
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
5048
5066
  /*
5049
5067
  * Copyright (c) Microsoft Corporation. All rights reserved.
5050
5068
  * Licensed under the MIT License.
@@ -5140,7 +5158,7 @@
5140
5158
  };
5141
5159
  };
5142
5160
 
5143
- /*! @azure/msal-common v15.2.0 2025-02-26 */
5161
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
5144
5162
 
5145
5163
  /*
5146
5164
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5249,7 +5267,7 @@
5249
5267
  },
5250
5268
  };
5251
5269
 
5252
- /*! @azure/msal-common v15.2.0 2025-02-26 */
5270
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
5253
5271
 
5254
5272
  /*
5255
5273
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6088,7 +6106,7 @@
6088
6106
  };
6089
6107
  }
6090
6108
 
6091
- /*! @azure/msal-common v15.2.0 2025-02-26 */
6109
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
6092
6110
 
6093
6111
  /*
6094
6112
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6119,7 +6137,7 @@
6119
6137
  }
6120
6138
  }
6121
6139
 
6122
- /*! @azure/msal-common v15.2.0 2025-02-26 */
6140
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
6123
6141
 
6124
6142
  /*
6125
6143
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6138,7 +6156,28 @@
6138
6156
  }
6139
6157
  }
6140
6158
 
6141
- /*! @azure/msal-common v15.2.0 2025-02-26 */
6159
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
6160
+ /*
6161
+ * Copyright (c) Microsoft Corporation. All rights reserved.
6162
+ * Licensed under the MIT License.
6163
+ */
6164
+ function getRequestThumbprint(clientId, request, homeAccountId) {
6165
+ return {
6166
+ clientId: clientId,
6167
+ authority: request.authority,
6168
+ scopes: request.scopes,
6169
+ homeAccountIdentifier: homeAccountId,
6170
+ claims: request.claims,
6171
+ authenticationScheme: request.authenticationScheme,
6172
+ resourceRequestMethod: request.resourceRequestMethod,
6173
+ resourceRequestUri: request.resourceRequestUri,
6174
+ shrClaims: request.shrClaims,
6175
+ sshKid: request.sshKid,
6176
+ embeddedClientId: request.embeddedClientId || request.tokenBodyParameters?.clientId,
6177
+ };
6178
+ }
6179
+
6180
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
6142
6181
 
6143
6182
  /*
6144
6183
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6219,24 +6258,13 @@
6219
6258
  ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);
6220
6259
  }
6221
6260
  static removeThrottle(cacheManager, clientId, request, homeAccountIdentifier) {
6222
- const thumbprint = {
6223
- clientId: clientId,
6224
- authority: request.authority,
6225
- scopes: request.scopes,
6226
- homeAccountIdentifier: homeAccountIdentifier,
6227
- claims: request.claims,
6228
- authenticationScheme: request.authenticationScheme,
6229
- resourceRequestMethod: request.resourceRequestMethod,
6230
- resourceRequestUri: request.resourceRequestUri,
6231
- shrClaims: request.shrClaims,
6232
- sshKid: request.sshKid,
6233
- };
6261
+ const thumbprint = getRequestThumbprint(clientId, request, homeAccountIdentifier);
6234
6262
  const key = this.generateThrottlingStorageKey(thumbprint);
6235
6263
  cacheManager.removeItem(key);
6236
6264
  }
6237
6265
  }
6238
6266
 
6239
- /*! @azure/msal-common v15.2.0 2025-02-26 */
6267
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
6240
6268
 
6241
6269
  /*
6242
6270
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6266,7 +6294,7 @@
6266
6294
  return new NetworkError(error, httpStatus, responseHeaders);
6267
6295
  }
6268
6296
 
6269
- /*! @azure/msal-common v15.2.0 2025-02-26 */
6297
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
6270
6298
 
6271
6299
  /*
6272
6300
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6416,7 +6444,7 @@
6416
6444
  }
6417
6445
  }
6418
6446
 
6419
- /*! @azure/msal-common v15.2.0 2025-02-26 */
6447
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
6420
6448
  /*
6421
6449
  * Copyright (c) Microsoft Corporation. All rights reserved.
6422
6450
  * Licensed under the MIT License.
@@ -6442,7 +6470,7 @@
6442
6470
  refreshTokenExpired: refreshTokenExpired
6443
6471
  });
6444
6472
 
6445
- /*! @azure/msal-common v15.2.0 2025-02-26 */
6473
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
6446
6474
 
6447
6475
  /*
6448
6476
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6530,7 +6558,7 @@
6530
6558
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
6531
6559
  }
6532
6560
 
6533
- /*! @azure/msal-common v15.2.0 2025-02-26 */
6561
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
6534
6562
 
6535
6563
  /*
6536
6564
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6602,7 +6630,7 @@
6602
6630
  }
6603
6631
  }
6604
6632
 
6605
- /*! @azure/msal-common v15.2.0 2025-02-26 */
6633
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
6606
6634
 
6607
6635
  /*
6608
6636
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6686,7 +6714,7 @@
6686
6714
  }
6687
6715
  }
6688
6716
 
6689
- /*! @azure/msal-common v15.2.0 2025-02-26 */
6717
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
6690
6718
  /*
6691
6719
  * Copyright (c) Microsoft Corporation. All rights reserved.
6692
6720
  * Licensed under the MIT License.
@@ -6713,7 +6741,7 @@
6713
6741
  }
6714
6742
  }
6715
6743
 
6716
- /*! @azure/msal-common v15.2.0 2025-02-26 */
6744
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
6717
6745
 
6718
6746
  /*
6719
6747
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7005,10 +7033,11 @@
7005
7033
  accessToken = cacheRecord.accessToken.secret;
7006
7034
  }
7007
7035
  responseScopes = ScopeSet.fromString(cacheRecord.accessToken.target).asArray();
7008
- expiresOn = new Date(Number(cacheRecord.accessToken.expiresOn) * 1000);
7009
- extExpiresOn = new Date(Number(cacheRecord.accessToken.extendedExpiresOn) * 1000);
7036
+ // Access token expiresOn cached in seconds, converting to Date for AuthenticationResult
7037
+ expiresOn = toDateFromSeconds(cacheRecord.accessToken.expiresOn);
7038
+ extExpiresOn = toDateFromSeconds(cacheRecord.accessToken.extendedExpiresOn);
7010
7039
  if (cacheRecord.accessToken.refreshOn) {
7011
- refreshOn = new Date(Number(cacheRecord.accessToken.refreshOn) * 1000);
7040
+ refreshOn = toDateFromSeconds(cacheRecord.accessToken.refreshOn);
7012
7041
  }
7013
7042
  }
7014
7043
  if (cacheRecord.appMetadata) {
@@ -7090,7 +7119,7 @@
7090
7119
  return baseAccount;
7091
7120
  }
7092
7121
 
7093
- /*! @azure/msal-common v15.2.0 2025-02-26 */
7122
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
7094
7123
  /*
7095
7124
  * Copyright (c) Microsoft Corporation. All rights reserved.
7096
7125
  * Licensed under the MIT License.
@@ -7108,7 +7137,7 @@
7108
7137
  }
7109
7138
  }
7110
7139
 
7111
- /*! @azure/msal-common v15.2.0 2025-02-26 */
7140
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
7112
7141
 
7113
7142
  /*
7114
7143
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7214,18 +7243,7 @@
7214
7243
  }
7215
7244
  }
7216
7245
  const headers = this.createTokenRequestHeaders(ccsCredential || request.ccsCredential);
7217
- const thumbprint = {
7218
- clientId: request.tokenBodyParameters?.clientId ||
7219
- this.config.authOptions.clientId,
7220
- authority: authority.canonicalAuthority,
7221
- scopes: request.scopes,
7222
- claims: request.claims,
7223
- authenticationScheme: request.authenticationScheme,
7224
- resourceRequestMethod: request.resourceRequestMethod,
7225
- resourceRequestUri: request.resourceRequestUri,
7226
- shrClaims: request.shrClaims,
7227
- sshKid: request.sshKid,
7228
- };
7246
+ const thumbprint = getRequestThumbprint(this.config.authOptions.clientId, request);
7229
7247
  return invokeAsync(this.executePostToTokenEndpoint.bind(this), PerformanceEvents.AuthorizationCodeClientExecutePostToTokenEndpoint, this.logger, this.performanceClient, request.correlationId)(endpoint, requestBody, headers, thumbprint, request.correlationId, PerformanceEvents.AuthorizationCodeClientExecutePostToTokenEndpoint);
7230
7248
  }
7231
7249
  /**
@@ -7558,7 +7576,7 @@
7558
7576
  }
7559
7577
  }
7560
7578
 
7561
- /*! @azure/msal-common v15.2.0 2025-02-26 */
7579
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
7562
7580
 
7563
7581
  /*
7564
7582
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7678,18 +7696,7 @@
7678
7696
  const endpoint = UrlString.appendQueryString(authority.tokenEndpoint, queryParametersString);
7679
7697
  const requestBody = await invokeAsync(this.createTokenRequestBody.bind(this), PerformanceEvents.RefreshTokenClientCreateTokenRequestBody, this.logger, this.performanceClient, request.correlationId)(request);
7680
7698
  const headers = this.createTokenRequestHeaders(request.ccsCredential);
7681
- const thumbprint = {
7682
- clientId: request.tokenBodyParameters?.clientId ||
7683
- this.config.authOptions.clientId,
7684
- authority: authority.canonicalAuthority,
7685
- scopes: request.scopes,
7686
- claims: request.claims,
7687
- authenticationScheme: request.authenticationScheme,
7688
- resourceRequestMethod: request.resourceRequestMethod,
7689
- resourceRequestUri: request.resourceRequestUri,
7690
- shrClaims: request.shrClaims,
7691
- sshKid: request.sshKid,
7692
- };
7699
+ const thumbprint = getRequestThumbprint(this.config.authOptions.clientId, request);
7693
7700
  return invokeAsync(this.executePostToTokenEndpoint.bind(this), PerformanceEvents.RefreshTokenClientExecutePostToTokenEndpoint, this.logger, this.performanceClient, request.correlationId)(endpoint, requestBody, headers, thumbprint, request.correlationId, PerformanceEvents.RefreshTokenClientExecutePostToTokenEndpoint);
7694
7701
  }
7695
7702
  /**
@@ -7781,7 +7788,7 @@
7781
7788
  }
7782
7789
  }
7783
7790
 
7784
- /*! @azure/msal-common v15.2.0 2025-02-26 */
7791
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
7785
7792
 
7786
7793
  /*
7787
7794
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7879,7 +7886,7 @@
7879
7886
  }
7880
7887
  }
7881
7888
 
7882
- /*! @azure/msal-common v15.2.0 2025-02-26 */
7889
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
7883
7890
 
7884
7891
  /*
7885
7892
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7894,7 +7901,7 @@
7894
7901
  },
7895
7902
  };
7896
7903
 
7897
- /*! @azure/msal-common v15.2.0 2025-02-26 */
7904
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
7898
7905
 
7899
7906
  /*
7900
7907
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7952,7 +7959,7 @@
7952
7959
  }
7953
7960
  }
7954
7961
 
7955
- /*! @azure/msal-common v15.2.0 2025-02-26 */
7962
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
7956
7963
 
7957
7964
  /*
7958
7965
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8215,7 +8222,7 @@
8215
8222
  }
8216
8223
  }
8217
8224
 
8218
- /*! @azure/msal-common v15.2.0 2025-02-26 */
8225
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
8219
8226
  /*
8220
8227
  * Copyright (c) Microsoft Corporation. All rights reserved.
8221
8228
  * Licensed under the MIT License.
@@ -8223,7 +8230,7 @@
8223
8230
  const missingKidError = "missing_kid_error";
8224
8231
  const missingAlgError = "missing_alg_error";
8225
8232
 
8226
- /*! @azure/msal-common v15.2.0 2025-02-26 */
8233
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
8227
8234
 
8228
8235
  /*
8229
8236
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8248,7 +8255,7 @@
8248
8255
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
8249
8256
  }
8250
8257
 
8251
- /*! @azure/msal-common v15.2.0 2025-02-26 */
8258
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
8252
8259
 
8253
8260
  /*
8254
8261
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8288,7 +8295,7 @@
8288
8295
  }
8289
8296
  }
8290
8297
 
8291
- /*! @azure/msal-common v15.2.0 2025-02-26 */
8298
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
8292
8299
 
8293
8300
  /*
8294
8301
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8367,7 +8374,7 @@
8367
8374
  }
8368
8375
  }
8369
8376
 
8370
- /*! @azure/msal-common v15.2.0 2025-02-26 */
8377
+ /*! @azure/msal-common v15.2.1 2025-03-11 */
8371
8378
 
8372
8379
  /*
8373
8380
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -10404,7 +10411,7 @@
10404
10411
 
10405
10412
  /* eslint-disable header/header */
10406
10413
  const name = "@azure/msal-browser";
10407
- const version = "4.5.0";
10414
+ const version = "4.7.0";
10408
10415
 
10409
10416
  /*
10410
10417
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -12683,7 +12690,13 @@
12683
12690
  *
12684
12691
  * The next MSAL VFuture should map these both to same value if possible
12685
12692
  */
12686
- const accessTokenEntity = createAccessTokenEntity(result.account?.homeAccountId, result.account.environment, result.accessToken, this.clientId, result.tenantId, result.scopes.join(" "), result.expiresOn ? result.expiresOn.getTime() / 1000 : 0, result.extExpiresOn ? result.extExpiresOn.getTime() / 1000 : 0, base64Decode, undefined, // refreshOn
12693
+ const accessTokenEntity = createAccessTokenEntity(result.account?.homeAccountId, result.account.environment, result.accessToken, this.clientId, result.tenantId, result.scopes.join(" "),
12694
+ // Access token expiresOn stored in seconds, converting from AuthenticationResult expiresOn stored as Date
12695
+ result.expiresOn
12696
+ ? toSecondsFromDate(result.expiresOn)
12697
+ : 0, result.extExpiresOn
12698
+ ? toSecondsFromDate(result.extExpiresOn)
12699
+ : 0, base64Decode, undefined, // refreshOn
12687
12700
  result.tokenType, undefined, // userAssertionHash
12688
12701
  request.sshKid, request.claims, claimsHash);
12689
12702
  const cacheRecord = {
@@ -12889,7 +12902,9 @@
12889
12902
  constructor(logger) {
12890
12903
  this.eventCallbacks = new Map();
12891
12904
  this.logger = logger || new Logger({});
12892
- this.broadcastChannel = new BroadcastChannel(BROADCAST_CHANNEL_NAME);
12905
+ if (typeof BroadcastChannel !== "undefined") {
12906
+ this.broadcastChannel = new BroadcastChannel(BROADCAST_CHANNEL_NAME);
12907
+ }
12893
12908
  this.invokeCrossTabCallbacks = this.invokeCrossTabCallbacks.bind(this);
12894
12909
  }
12895
12910
  /**
@@ -12939,7 +12954,7 @@
12939
12954
  case EventType.ACCOUNT_REMOVED:
12940
12955
  case EventType.ACTIVE_ACCOUNT_CHANGED:
12941
12956
  // Send event to other open tabs / MSAL instances on same domain
12942
- this.broadcastChannel.postMessage(message);
12957
+ this.broadcastChannel?.postMessage(message);
12943
12958
  break;
12944
12959
  default:
12945
12960
  // Emit event to callbacks registered in this instance
@@ -12972,13 +12987,13 @@
12972
12987
  * Listen for events broadcasted from other tabs/instances
12973
12988
  */
12974
12989
  subscribeCrossTab() {
12975
- this.broadcastChannel.addEventListener("message", this.invokeCrossTabCallbacks);
12990
+ this.broadcastChannel?.addEventListener("message", this.invokeCrossTabCallbacks);
12976
12991
  }
12977
12992
  /**
12978
12993
  * Unsubscribe from broadcast events
12979
12994
  */
12980
12995
  unsubscribeCrossTab() {
12981
- this.broadcastChannel.removeEventListener("message", this.invokeCrossTabCallbacks);
12996
+ this.broadcastChannel?.removeEventListener("message", this.invokeCrossTabCallbacks);
12982
12997
  }
12983
12998
  }
12984
12999
 
@@ -13592,7 +13607,7 @@
13592
13607
  * Acquire token from native platform via browser extension
13593
13608
  * @param request
13594
13609
  */
13595
- async acquireToken(request) {
13610
+ async acquireToken(request, cacheLookupPolicy) {
13596
13611
  this.performanceClient.addQueueMeasurement(PerformanceEvents.NativeInteractionClientAcquireToken, request.correlationId);
13597
13612
  this.logger.trace("NativeInteractionClient - acquireToken called.");
13598
13613
  // start the perf measurement
@@ -13613,6 +13628,10 @@
13613
13628
  return result;
13614
13629
  }
13615
13630
  catch (e) {
13631
+ if (cacheLookupPolicy === CacheLookupPolicy.AccessToken) {
13632
+ this.logger.info("MSAL internal Cache does not contain tokens, return error as per cache policy");
13633
+ throw e;
13634
+ }
13616
13635
  // continue with a native call for any and all errors
13617
13636
  this.logger.info("MSAL internal Cache does not contain tokens, proceed to make a native call");
13618
13637
  }
@@ -13938,7 +13957,8 @@
13938
13957
  idTokenClaims: idTokenClaims,
13939
13958
  accessToken: responseAccessToken,
13940
13959
  fromCache: mats ? this.isResponseFromCache(mats) : false,
13941
- expiresOn: new Date(Number(reqTimestamp + response.expires_in) * 1000),
13960
+ // Request timestamp and NativeResponse expires_in are in seconds, converting to Date for AuthenticationResult
13961
+ expiresOn: toDateFromSeconds(reqTimestamp + response.expires_in),
13942
13962
  tokenType: tokenType,
13943
13963
  correlationId: this.correlationId,
13944
13964
  state: response.state,
@@ -15939,11 +15959,10 @@
15939
15959
  const scopes = response.scope
15940
15960
  ? ScopeSet.fromString(response.scope)
15941
15961
  : new ScopeSet(request.scopes);
15942
- const expiresOn = options.expiresOn ||
15943
- response.expires_in + new Date().getTime() / 1000;
15962
+ const expiresOn = options.expiresOn || response.expires_in + nowSeconds();
15944
15963
  const extendedExpiresOn = options.extendedExpiresOn ||
15945
15964
  (response.ext_expires_in || response.expires_in) +
15946
- new Date().getTime() / 1000;
15965
+ nowSeconds();
15947
15966
  const accessTokenEntity = createAccessTokenEntity(homeAccountId, environment, response.access_token, this.config.auth.clientId, tenantId, scopes.printScopes(), expiresOn, extendedExpiresOn, base64Decode);
15948
15967
  await this.storage.setAccessTokenCredential(accessTokenEntity, correlationId);
15949
15968
  return accessTokenEntity;
@@ -15983,8 +16002,9 @@
15983
16002
  if (cacheRecord?.accessToken) {
15984
16003
  accessToken = cacheRecord.accessToken.secret;
15985
16004
  responseScopes = ScopeSet.fromString(cacheRecord.accessToken.target).asArray();
15986
- expiresOn = new Date(Number(cacheRecord.accessToken.expiresOn) * 1000);
15987
- extExpiresOn = new Date(Number(cacheRecord.accessToken.extendedExpiresOn) * 1000);
16005
+ // Access token expiresOn stored in seconds, converting to Date for AuthenticationResult
16006
+ expiresOn = toDateFromSeconds(cacheRecord.accessToken.expiresOn);
16007
+ extExpiresOn = toDateFromSeconds(cacheRecord.accessToken.extendedExpiresOn);
15988
16008
  }
15989
16009
  const accountEntity = cacheRecord.account;
15990
16010
  return {
@@ -16959,13 +16979,13 @@
16959
16979
  * Acquire a token from native device (e.g. WAM)
16960
16980
  * @param request
16961
16981
  */
16962
- async acquireTokenNative(request, apiId, accountId) {
16982
+ async acquireTokenNative(request, apiId, accountId, cacheLookupPolicy) {
16963
16983
  this.logger.trace("acquireTokenNative called");
16964
16984
  if (!this.nativeExtensionProvider) {
16965
16985
  throw createBrowserAuthError(nativeConnectionNotEstablished);
16966
16986
  }
16967
16987
  const nativeClient = new NativeInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, apiId, this.performanceClient, this.nativeExtensionProvider, accountId || this.getNativeAccountId(request), this.nativeInternalStorage, request.correlationId);
16968
- return nativeClient.acquireToken(request);
16988
+ return nativeClient.acquireToken(request, cacheLookupPolicy);
16969
16989
  }
16970
16990
  /**
16971
16991
  * Returns boolean indicating if this request can use the platform broker
@@ -17231,60 +17251,63 @@
17231
17251
  throw createBrowserAuthError(noAccountError);
17232
17252
  }
17233
17253
  atsMeasurement.add({ accountType: getAccountType(account) });
17234
- const thumbprint = {
17235
- clientId: this.config.auth.clientId,
17236
- authority: request.authority || Constants.EMPTY_STRING,
17237
- scopes: request.scopes,
17238
- homeAccountIdentifier: account.homeAccountId,
17239
- claims: request.claims,
17240
- authenticationScheme: request.authenticationScheme,
17241
- resourceRequestMethod: request.resourceRequestMethod,
17242
- resourceRequestUri: request.resourceRequestUri,
17243
- shrClaims: request.shrClaims,
17244
- sshKid: request.sshKid,
17245
- shrOptions: request.shrOptions,
17246
- };
17254
+ return this.acquireTokenSilentDeduped(request, account, correlationId)
17255
+ .then((result) => {
17256
+ atsMeasurement.end({
17257
+ success: true,
17258
+ fromCache: result.fromCache,
17259
+ isNativeBroker: result.fromNativeBroker,
17260
+ accessTokenSize: result.accessToken.length,
17261
+ idTokenSize: result.idToken.length,
17262
+ });
17263
+ return {
17264
+ ...result,
17265
+ state: request.state,
17266
+ correlationId: correlationId, // Ensures PWB scenarios can correctly match request to response
17267
+ };
17268
+ })
17269
+ .catch((error) => {
17270
+ if (error instanceof AuthError) {
17271
+ // Ensures PWB scenarios can correctly match request to response
17272
+ error.setCorrelationId(correlationId);
17273
+ }
17274
+ atsMeasurement.end({
17275
+ success: false,
17276
+ }, error);
17277
+ throw error;
17278
+ });
17279
+ }
17280
+ /**
17281
+ * Checks if identical request is already in flight and returns reference to the existing promise or fires off a new one if this is the first
17282
+ * @param request
17283
+ * @param account
17284
+ * @param correlationId
17285
+ * @returns
17286
+ */
17287
+ async acquireTokenSilentDeduped(request, account, correlationId) {
17288
+ const thumbprint = getRequestThumbprint(this.config.auth.clientId, {
17289
+ ...request,
17290
+ authority: request.authority || this.config.auth.authority,
17291
+ correlationId: correlationId,
17292
+ }, account.homeAccountId);
17247
17293
  const silentRequestKey = JSON.stringify(thumbprint);
17248
- const cachedResponse = this.activeSilentTokenRequests.get(silentRequestKey);
17249
- if (typeof cachedResponse === "undefined") {
17294
+ const inProgressRequest = this.activeSilentTokenRequests.get(silentRequestKey);
17295
+ if (typeof inProgressRequest === "undefined") {
17250
17296
  this.logger.verbose("acquireTokenSilent called for the first time, storing active request", correlationId);
17251
- const response = invokeAsync(this.acquireTokenSilentAsync.bind(this), PerformanceEvents.AcquireTokenSilentAsync, this.logger, this.performanceClient, correlationId)({
17297
+ this.performanceClient.addFields({ deduped: false }, correlationId);
17298
+ const activeRequest = invokeAsync(this.acquireTokenSilentAsync.bind(this), PerformanceEvents.AcquireTokenSilentAsync, this.logger, this.performanceClient, correlationId)({
17252
17299
  ...request,
17253
17300
  correlationId,
17254
- }, account)
17255
- .then((result) => {
17301
+ }, account);
17302
+ this.activeSilentTokenRequests.set(silentRequestKey, activeRequest);
17303
+ return activeRequest.finally(() => {
17256
17304
  this.activeSilentTokenRequests.delete(silentRequestKey);
17257
- atsMeasurement.end({
17258
- success: true,
17259
- fromCache: result.fromCache,
17260
- isNativeBroker: result.fromNativeBroker,
17261
- cacheLookupPolicy: request.cacheLookupPolicy,
17262
- accessTokenSize: result.accessToken.length,
17263
- idTokenSize: result.idToken.length,
17264
- });
17265
- return result;
17266
- })
17267
- .catch((error) => {
17268
- this.activeSilentTokenRequests.delete(silentRequestKey);
17269
- atsMeasurement.end({
17270
- success: false,
17271
- }, error);
17272
- throw error;
17273
17305
  });
17274
- this.activeSilentTokenRequests.set(silentRequestKey, response);
17275
- return {
17276
- ...(await response),
17277
- state: request.state,
17278
- };
17279
17306
  }
17280
17307
  else {
17281
17308
  this.logger.verbose("acquireTokenSilent has been called previously, returning the result from the first call", correlationId);
17282
- // Discard measurements for memoized calls, as they are usually only a couple of ms and will artificially deflate metrics
17283
- atsMeasurement.discard();
17284
- return {
17285
- ...(await cachedResponse),
17286
- state: request.state,
17287
- };
17309
+ this.performanceClient.addFields({ deduped: true }, correlationId);
17310
+ return inProgressRequest;
17288
17311
  }
17289
17312
  }
17290
17313
  /**
@@ -17388,10 +17411,11 @@
17388
17411
  * @returns
17389
17412
  */
17390
17413
  async acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy) {
17414
+ // if the cache policy is set to access_token only, we should not be hitting the native layer yet
17391
17415
  if (NativeMessageHandler.isPlatformBrokerAvailable(this.config, this.logger, this.nativeExtensionProvider, silentRequest.authenticationScheme) &&
17392
17416
  silentRequest.account.nativeAccountId) {
17393
17417
  this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform");
17394
- return this.acquireTokenNative(silentRequest, ApiId.acquireTokenSilent_silentFlow).catch(async (e) => {
17418
+ return this.acquireTokenNative(silentRequest, ApiId.acquireTokenSilent_silentFlow, silentRequest.account.nativeAccountId, cacheLookupPolicy).catch(async (e) => {
17395
17419
  // If native token acquisition fails for availability reasons fallback to web flow
17396
17420
  if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
17397
17421
  this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow");
@@ -17404,6 +17428,10 @@
17404
17428
  }
17405
17429
  else {
17406
17430
  this.logger.verbose("acquireTokenSilent - attempting to acquire token from web flow");
17431
+ // add logs to identify embedded cache retrieval
17432
+ if (cacheLookupPolicy === CacheLookupPolicy.AccessToken) {
17433
+ this.logger.verbose("acquireTokenSilent - cache lookup policy set to AccessToken, attempting to acquire token from local cache");
17434
+ }
17407
17435
  return invokeAsync(this.acquireTokenFromCache.bind(this), PerformanceEvents.AcquireTokenFromCache, this.logger, this.performanceClient, silentRequest.correlationId)(silentRequest, cacheLookupPolicy).catch((cacheError) => {
17408
17436
  if (cacheLookupPolicy === CacheLookupPolicy.AccessToken) {
17409
17437
  throw cacheError;
@@ -17510,7 +17538,8 @@
17510
17538
  if (!response.token.id_token || !response.token.access_token) {
17511
17539
  throw createClientAuthError(nullOrEmptyToken);
17512
17540
  }
17513
- const expiresOn = new Date((reqTimestamp + (response.token.expires_in || 0)) * 1000);
17541
+ // Request timestamp and AuthResult expires_in are in seconds, converting to Date for AuthenticationResult
17542
+ const expiresOn = toDateFromSeconds(reqTimestamp + (response.token.expires_in || 0));
17514
17543
  const idTokenClaims = extractTokenClaims(response.token.id_token, this.crypto.base64Decode);
17515
17544
  const account = this.fromNaaAccountInfo(response.account, response.token.id_token, idTokenClaims);
17516
17545
  const scopes = response.token.scope || request.scope;
@@ -17639,10 +17668,10 @@
17639
17668
  idTokenClaims: idTokenClaims || {},
17640
17669
  accessToken: accessToken.secret,
17641
17670
  fromCache: true,
17642
- expiresOn: new Date(Number(accessToken.expiresOn) * 1000),
17671
+ expiresOn: toDateFromSeconds(accessToken.expiresOn),
17672
+ extExpiresOn: toDateFromSeconds(accessToken.extendedExpiresOn),
17643
17673
  tokenType: request.authenticationScheme || AuthenticationScheme.BEARER,
17644
17674
  correlationId,
17645
- extExpiresOn: new Date(Number(accessToken.extendedExpiresOn) * 1000),
17646
17675
  state: request.state,
17647
17676
  };
17648
17677
  return authenticationResult;