@azure/msal-browser 4.8.0 → 4.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeMessageHandler.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.d.ts +4 -41
- package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +18 -143
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +12 -3
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts +2 -2
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +28 -16
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.d.ts +2 -2
- package/dist/controllers/UnknownOperatingContextController.d.ts.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.d.ts +11 -0
- package/dist/crypto/BrowserCrypto.d.ts.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +68 -5
- package/dist/crypto/BrowserCrypto.mjs.map +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.d.ts +3 -5
- package/dist/error/BrowserAuthError.d.ts.map +1 -1
- package/dist/error/BrowserAuthError.mjs +5 -7
- package/dist/error/BrowserAuthError.mjs.map +1 -1
- package/dist/error/BrowserAuthErrorCodes.d.ts +3 -1
- package/dist/error/BrowserAuthErrorCodes.d.ts.map +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +6 -4
- package/dist/error/BrowserAuthErrorCodes.mjs.map +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/NativeInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/NativeInteractionClient.mjs +1 -3
- package/dist/interaction_client/NativeInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.d.ts +14 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +65 -64
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.d.ts +20 -3
- package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +132 -76
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts +13 -3
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +57 -44
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts +2 -3
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.d.ts +4 -5
- package/dist/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs.map +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts +4 -2
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +13 -3
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +53 -1
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +147 -4
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/AuthorizationUrlRequest.d.ts +2 -4
- package/dist/request/AuthorizationUrlRequest.d.ts.map +1 -1
- package/dist/request/PopupRequest.d.ts +1 -1
- package/dist/request/PopupRequest.d.ts.map +1 -1
- package/dist/request/RedirectRequest.d.ts +1 -1
- package/dist/request/RedirectRequest.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/request/SsoSilentRequest.d.ts +1 -1
- package/dist/request/SsoSilentRequest.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.d.ts +1 -10
- package/dist/utils/BrowserConstants.d.ts.map +1 -1
- package/dist/utils/BrowserConstants.mjs +2 -11
- package/dist/utils/BrowserConstants.mjs.map +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/lib/msal-browser.cjs +1595 -1514
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +1595 -1514
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +68 -67
- package/lib/types/cache/BrowserCacheManager.d.ts +4 -41
- package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/NestedAppAuthController.d.ts +2 -2
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/controllers/UnknownOperatingContextController.d.ts +2 -2
- package/lib/types/controllers/UnknownOperatingContextController.d.ts.map +1 -1
- package/lib/types/crypto/BrowserCrypto.d.ts +11 -0
- package/lib/types/crypto/BrowserCrypto.d.ts.map +1 -1
- package/lib/types/error/BrowserAuthError.d.ts +3 -5
- package/lib/types/error/BrowserAuthError.d.ts.map +1 -1
- package/lib/types/error/BrowserAuthErrorCodes.d.ts +3 -1
- package/lib/types/error/BrowserAuthErrorCodes.d.ts.map +1 -1
- package/lib/types/interaction_client/NativeInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts +14 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/RedirectClient.d.ts +20 -3
- package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts +13 -3
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts +2 -3
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/InteractionHandler.d.ts +4 -5
- package/lib/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts +4 -2
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts +53 -1
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/request/AuthorizationUrlRequest.d.ts +2 -4
- package/lib/types/request/AuthorizationUrlRequest.d.ts.map +1 -1
- package/lib/types/request/PopupRequest.d.ts +1 -1
- package/lib/types/request/PopupRequest.d.ts.map +1 -1
- package/lib/types/request/RedirectRequest.d.ts +1 -1
- package/lib/types/request/RedirectRequest.d.ts.map +1 -1
- package/lib/types/request/SsoSilentRequest.d.ts +1 -1
- package/lib/types/request/SsoSilentRequest.d.ts.map +1 -1
- package/lib/types/utils/BrowserConstants.d.ts +1 -10
- package/lib/types/utils/BrowserConstants.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/cache/BrowserCacheManager.ts +30 -205
- package/src/config/Configuration.ts +14 -2
- package/src/controllers/NestedAppAuthController.ts +2 -0
- package/src/controllers/StandardController.ts +35 -24
- package/src/controllers/UnknownOperatingContextController.ts +2 -0
- package/src/crypto/BrowserCrypto.ts +91 -2
- package/src/error/BrowserAuthError.ts +6 -8
- package/src/error/BrowserAuthErrorCodes.ts +3 -1
- package/src/interaction_client/NativeInteractionClient.ts +0 -2
- package/src/interaction_client/PopupClient.ts +163 -119
- package/src/interaction_client/RedirectClient.ts +258 -140
- package/src/interaction_client/SilentAuthCodeClient.ts +2 -2
- package/src/interaction_client/SilentIframeClient.ts +154 -99
- package/src/interaction_client/StandardInteractionClient.ts +3 -3
- package/src/interaction_handler/InteractionHandler.ts +4 -4
- package/src/interaction_handler/SilentHandler.ts +31 -2
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +356 -2
- package/src/request/AuthorizationUrlRequest.ts +3 -5
- package/src/request/PopupRequest.ts +1 -0
- package/src/request/RedirectRequest.ts +1 -0
- package/src/request/SsoSilentRequest.ts +1 -0
- package/src/utils/BrowserConstants.ts +1 -10
- package/dist/interaction_handler/RedirectHandler.d.ts +0 -33
- package/dist/interaction_handler/RedirectHandler.d.ts.map +0 -1
- package/dist/interaction_handler/RedirectHandler.mjs +0 -144
- package/dist/interaction_handler/RedirectHandler.mjs.map +0 -1
- package/lib/types/interaction_handler/RedirectHandler.d.ts +0 -33
- package/lib/types/interaction_handler/RedirectHandler.d.ts.map +0 -1
- package/src/interaction_handler/RedirectHandler.ts +0 -252
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SilentHandler.d.ts","sourceRoot":"","sources":["../../../src/interaction_handler/SilentHandler.ts"],"names":[],"mappings":"AAKA,OAAO,EACH,MAAM,EACN,kBAAkB,EAIlB,kBAAkB,
|
|
1
|
+
{"version":3,"file":"SilentHandler.d.ts","sourceRoot":"","sources":["../../../src/interaction_handler/SilentHandler.ts"],"names":[],"mappings":"AAKA,OAAO,EACH,MAAM,EACN,kBAAkB,EAIlB,kBAAkB,EAClB,SAAS,EACT,6BAA6B,EAChC,MAAM,4BAA4B,CAAC;AAKpC,OAAO,EACH,oBAAoB,EAEvB,MAAM,4BAA4B,CAAC;AAGpC;;;;GAIG;AACH,wBAAsB,mBAAmB,CACrC,UAAU,EAAE,MAAM,EAClB,iBAAiB,EAAE,kBAAkB,EACrC,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,MAAM,EACrB,iBAAiB,CAAC,EAAE,MAAM,GAC3B,OAAO,CAAC,iBAAiB,CAAC,CA2B5B;AAED,wBAAsB,kBAAkB,CACpC,MAAM,EAAE,oBAAoB,EAC5B,SAAS,EAAE,SAAS,EACpB,OAAO,EAAE,6BAA6B,EACtC,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,kBAAkB,GACtC,OAAO,CAAC,iBAAiB,CAAC,CAe5B;AAED;;;;GAIG;AACH,wBAAsB,oBAAoB,CACtC,MAAM,EAAE,iBAAiB,EACzB,OAAO,EAAE,MAAM,EACf,wBAAwB,EAAE,MAAM,EAChC,iBAAiB,EAAE,kBAAkB,EACrC,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE,kBAAkB,GACjC,OAAO,CAAC,MAAM,CAAC,CA+DjB"}
|
|
@@ -1,5 +1,10 @@
|
|
|
1
|
-
import { Authority, CommonAuthorizationUrlRequest, IPerformanceClient, Logger } from "@azure/msal-common/browser";
|
|
1
|
+
import { Authority, CommonAuthorizationUrlRequest, IPerformanceClient, Logger, AuthorizationCodeClient, AuthorizeResponse } from "@azure/msal-common/browser";
|
|
2
2
|
import { BrowserConfiguration } from "../config/Configuration.js";
|
|
3
|
+
import { ApiId } from "../utils/BrowserConstants.js";
|
|
4
|
+
import { AuthenticationResult } from "../response/AuthenticationResult.js";
|
|
5
|
+
import { BrowserCacheManager } from "../cache/BrowserCacheManager.js";
|
|
6
|
+
import { NativeMessageHandler } from "../broker/nativeBroker/NativeMessageHandler.js";
|
|
7
|
+
import { EventHandler } from "../event/EventHandler.js";
|
|
3
8
|
/**
|
|
4
9
|
* Gets the full /authorize URL with request parameters when using Auth Code + PKCE
|
|
5
10
|
* @param config
|
|
@@ -10,4 +15,51 @@ import { BrowserConfiguration } from "../config/Configuration.js";
|
|
|
10
15
|
* @returns
|
|
11
16
|
*/
|
|
12
17
|
export declare function getAuthCodeRequestUrl(config: BrowserConfiguration, authority: Authority, request: CommonAuthorizationUrlRequest, logger: Logger, performanceClient: IPerformanceClient): Promise<string>;
|
|
18
|
+
/**
|
|
19
|
+
* Gets the form that will be posted to /authorize with request parameters when using EAR
|
|
20
|
+
*/
|
|
21
|
+
export declare function getEARForm(frame: Document, config: BrowserConfiguration, authority: Authority, request: CommonAuthorizationUrlRequest, logger: Logger, performanceClient: IPerformanceClient): Promise<HTMLFormElement>;
|
|
22
|
+
/**
|
|
23
|
+
* Response handler when server returns accountId on the /authorize request
|
|
24
|
+
* @param request
|
|
25
|
+
* @param accountId
|
|
26
|
+
* @param apiId
|
|
27
|
+
* @param config
|
|
28
|
+
* @param browserStorage
|
|
29
|
+
* @param nativeStorage
|
|
30
|
+
* @param eventHandler
|
|
31
|
+
* @param logger
|
|
32
|
+
* @param performanceClient
|
|
33
|
+
* @param nativeMessageHandler
|
|
34
|
+
* @returns
|
|
35
|
+
*/
|
|
36
|
+
export declare function handleResponsePlatformBroker(request: CommonAuthorizationUrlRequest, accountId: string, apiId: ApiId, config: BrowserConfiguration, browserStorage: BrowserCacheManager, nativeStorage: BrowserCacheManager, eventHandler: EventHandler, logger: Logger, performanceClient: IPerformanceClient, nativeMessageHandler?: NativeMessageHandler): Promise<AuthenticationResult>;
|
|
37
|
+
/**
|
|
38
|
+
* Response handler when server returns code on the /authorize request
|
|
39
|
+
* @param request
|
|
40
|
+
* @param response
|
|
41
|
+
* @param codeVerifier
|
|
42
|
+
* @param authClient
|
|
43
|
+
* @param browserStorage
|
|
44
|
+
* @param logger
|
|
45
|
+
* @param performanceClient
|
|
46
|
+
* @returns
|
|
47
|
+
*/
|
|
48
|
+
export declare function handleResponseCode(request: CommonAuthorizationUrlRequest, response: AuthorizeResponse, codeVerifier: string, apiId: ApiId, config: BrowserConfiguration, authClient: AuthorizationCodeClient, browserStorage: BrowserCacheManager, nativeStorage: BrowserCacheManager, eventHandler: EventHandler, logger: Logger, performanceClient: IPerformanceClient, nativeMessageHandler?: NativeMessageHandler): Promise<AuthenticationResult>;
|
|
49
|
+
/**
|
|
50
|
+
* Response handler when server returns ear_jwe on the /authorize request
|
|
51
|
+
* @param request
|
|
52
|
+
* @param response
|
|
53
|
+
* @param apiId
|
|
54
|
+
* @param config
|
|
55
|
+
* @param authority
|
|
56
|
+
* @param browserStorage
|
|
57
|
+
* @param nativeStorage
|
|
58
|
+
* @param eventHandler
|
|
59
|
+
* @param logger
|
|
60
|
+
* @param performanceClient
|
|
61
|
+
* @param nativeMessageHandler
|
|
62
|
+
* @returns
|
|
63
|
+
*/
|
|
64
|
+
export declare function handleResponseEAR(request: CommonAuthorizationUrlRequest, response: AuthorizeResponse, apiId: ApiId, config: BrowserConfiguration, authority: Authority, browserStorage: BrowserCacheManager, nativeStorage: BrowserCacheManager, eventHandler: EventHandler, logger: Logger, performanceClient: IPerformanceClient, nativeMessageHandler?: NativeMessageHandler): Promise<AuthenticationResult>;
|
|
13
65
|
//# sourceMappingURL=Authorize.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Authorize.d.ts","sourceRoot":"","sources":["../../../src/protocol/Authorize.ts"],"names":[],"mappings":"AAKA,OAAO,EAEH,SAAS,EAGT,6BAA6B,EAG7B,kBAAkB,EAClB,MAAM,
|
|
1
|
+
{"version":3,"file":"Authorize.d.ts","sourceRoot":"","sources":["../../../src/protocol/Authorize.ts"],"names":[],"mappings":"AAKA,OAAO,EAEH,SAAS,EAGT,6BAA6B,EAG7B,kBAAkB,EAClB,MAAM,EAQN,uBAAuB,EAGvB,iBAAiB,EAKpB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAC;AAClE,OAAO,EAAE,KAAK,EAAoB,MAAM,8BAA8B,CAAC;AAOvE,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAE3E,OAAO,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AAEtE,OAAO,EAAE,oBAAoB,EAAE,MAAM,gDAAgD,CAAC;AACtF,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AA0ExD;;;;;;;;GAQG;AACH,wBAAsB,qBAAqB,CACvC,MAAM,EAAE,oBAAoB,EAC5B,SAAS,EAAE,SAAS,EACpB,OAAO,EAAE,6BAA6B,EACtC,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,kBAAkB,GACtC,OAAO,CAAC,MAAM,CAAC,CA4BjB;AAED;;GAEG;AACH,wBAAsB,UAAU,CAC5B,KAAK,EAAE,QAAQ,EACf,MAAM,EAAE,oBAAoB,EAC5B,SAAS,EAAE,SAAS,EACpB,OAAO,EAAE,6BAA6B,EACtC,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,kBAAkB,GACtC,OAAO,CAAC,eAAe,CAAC,CA2B1B;AA+BD;;;;;;;;;;;;;GAaG;AACH,wBAAsB,4BAA4B,CAC9C,OAAO,EAAE,6BAA6B,EACtC,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,oBAAoB,EAC5B,cAAc,EAAE,mBAAmB,EACnC,aAAa,EAAE,mBAAmB,EAClC,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,kBAAkB,EACrC,oBAAoB,CAAC,EAAE,oBAAoB,GAC5C,OAAO,CAAC,oBAAoB,CAAC,CAoC/B;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,kBAAkB,CACpC,OAAO,EAAE,6BAA6B,EACtC,QAAQ,EAAE,iBAAiB,EAC3B,YAAY,EAAE,MAAM,EACpB,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,oBAAoB,EAC5B,UAAU,EAAE,uBAAuB,EACnC,cAAc,EAAE,mBAAmB,EACnC,aAAa,EAAE,mBAAmB,EAClC,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,kBAAkB,EACrC,oBAAoB,CAAC,EAAE,oBAAoB,GAC5C,OAAO,CAAC,oBAAoB,CAAC,CAkD/B;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,iBAAiB,CACnC,OAAO,EAAE,6BAA6B,EACtC,QAAQ,EAAE,iBAAiB,EAC3B,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,oBAAoB,EAC5B,SAAS,EAAE,SAAS,EACpB,cAAc,EAAE,mBAAmB,EACnC,aAAa,EAAE,mBAAmB,EAClC,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,kBAAkB,EACrC,oBAAoB,CAAC,EAAE,oBAAoB,GAC5C,OAAO,CAAC,oBAAoB,CAAC,CA4F/B"}
|
|
@@ -1,9 +1,7 @@
|
|
|
1
1
|
import { CommonAuthorizationUrlRequest } from "@azure/msal-common/browser";
|
|
2
2
|
/**
|
|
3
3
|
* This type is deprecated and will be removed on the next major version update
|
|
4
|
+
* @deprecated Will be removed in future version
|
|
4
5
|
*/
|
|
5
|
-
export type AuthorizationUrlRequest = Omit<CommonAuthorizationUrlRequest, "
|
|
6
|
-
state: string;
|
|
7
|
-
nonce: string;
|
|
8
|
-
};
|
|
6
|
+
export type AuthorizationUrlRequest = Omit<CommonAuthorizationUrlRequest, "requestedClaimsHash" | "platformBroker">;
|
|
9
7
|
//# sourceMappingURL=AuthorizationUrlRequest.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthorizationUrlRequest.d.ts","sourceRoot":"","sources":["../../../src/request/AuthorizationUrlRequest.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,6BAA6B,EAAE,MAAM,4BAA4B,CAAC;AAE3E
|
|
1
|
+
{"version":3,"file":"AuthorizationUrlRequest.d.ts","sourceRoot":"","sources":["../../../src/request/AuthorizationUrlRequest.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,6BAA6B,EAAE,MAAM,4BAA4B,CAAC;AAE3E;;;GAGG;AACH,MAAM,MAAM,uBAAuB,GAAG,IAAI,CACtC,6BAA6B,EAC7B,qBAAqB,GAAG,gBAAgB,CAC3C,CAAC"}
|
|
@@ -28,7 +28,7 @@ import { PopupWindowAttributes } from "./PopupWindowAttributes.js";
|
|
|
28
28
|
* - popupWindowAttributes - Optional popup window attributes. popupSize with height and width, and popupPosition with top and left can be set.
|
|
29
29
|
* - popupWindowParent - Optional window object to use as the parent when opening popup windows. Uses global `window` if not given.
|
|
30
30
|
*/
|
|
31
|
-
export type PopupRequest = Partial<Omit<CommonAuthorizationUrlRequest, "responseMode" | "scopes" | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" | "platformBroker">> & {
|
|
31
|
+
export type PopupRequest = Partial<Omit<CommonAuthorizationUrlRequest, "responseMode" | "scopes" | "earJwk" | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" | "platformBroker">> & {
|
|
32
32
|
scopes: Array<string>;
|
|
33
33
|
popupWindowAttributes?: PopupWindowAttributes;
|
|
34
34
|
popupWindowParent?: Window;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PopupRequest.d.ts","sourceRoot":"","sources":["../../../src/request/PopupRequest.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,6BAA6B,EAAE,MAAM,4BAA4B,CAAC;AAC3E,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAEnE;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAEH,MAAM,MAAM,YAAY,GAAG,OAAO,CAC9B,IAAI,CACA,6BAA6B,EAC3B,cAAc,GACd,QAAQ,GACR,eAAe,GACf,qBAAqB,GACrB,qBAAqB,GACrB,gBAAgB,CACrB,CACJ,GAAG;IACA,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACtB,qBAAqB,CAAC,EAAE,qBAAqB,CAAC;IAC9C,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC9B,CAAC"}
|
|
1
|
+
{"version":3,"file":"PopupRequest.d.ts","sourceRoot":"","sources":["../../../src/request/PopupRequest.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,6BAA6B,EAAE,MAAM,4BAA4B,CAAC;AAC3E,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAEnE;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAEH,MAAM,MAAM,YAAY,GAAG,OAAO,CAC9B,IAAI,CACA,6BAA6B,EAC3B,cAAc,GACd,QAAQ,GACR,QAAQ,GACR,eAAe,GACf,qBAAqB,GACrB,qBAAqB,GACrB,gBAAgB,CACrB,CACJ,GAAG;IACA,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACtB,qBAAqB,CAAC,EAAE,qBAAqB,CAAC;IAC9C,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC9B,CAAC"}
|
|
@@ -27,7 +27,7 @@ import { CommonAuthorizationUrlRequest } from "@azure/msal-common/browser";
|
|
|
27
27
|
* - redirectStartPage - The page that should be returned to after loginRedirect or acquireTokenRedirect. This should only be used if this is different from the redirectUri and will default to the page that initiates the request. When the navigateToLoginRequestUrl config option is set to false this parameter will be ignored.
|
|
28
28
|
* - onRedirectNavigate - Callback that will be passed the url that MSAL will navigate to. Returning false in the callback will stop navigation.
|
|
29
29
|
*/
|
|
30
|
-
export type RedirectRequest = Partial<Omit<CommonAuthorizationUrlRequest, "responseMode" | "scopes" | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" | "platformBroker">> & {
|
|
30
|
+
export type RedirectRequest = Partial<Omit<CommonAuthorizationUrlRequest, "responseMode" | "scopes" | "earJwk" | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" | "platformBroker">> & {
|
|
31
31
|
scopes: Array<string>;
|
|
32
32
|
redirectStartPage?: string;
|
|
33
33
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"RedirectRequest.d.ts","sourceRoot":"","sources":["../../../src/request/RedirectRequest.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,6BAA6B,EAAE,MAAM,4BAA4B,CAAC;AAE3E;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,MAAM,MAAM,eAAe,GAAG,OAAO,CACjC,IAAI,CACA,6BAA6B,EAC3B,cAAc,GACd,QAAQ,GACR,eAAe,GACf,qBAAqB,GACrB,qBAAqB,GACrB,gBAAgB,CACrB,CACJ,GAAG;IACA,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACtB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,GAAG,IAAI,CAAC;CACxD,CAAC"}
|
|
1
|
+
{"version":3,"file":"RedirectRequest.d.ts","sourceRoot":"","sources":["../../../src/request/RedirectRequest.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,6BAA6B,EAAE,MAAM,4BAA4B,CAAC;AAE3E;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,MAAM,MAAM,eAAe,GAAG,OAAO,CACjC,IAAI,CACA,6BAA6B,EAC3B,cAAc,GACd,QAAQ,GACR,QAAQ,GACR,eAAe,GACf,qBAAqB,GACrB,qBAAqB,GACrB,gBAAgB,CACrB,CACJ,GAAG;IACA,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACtB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,GAAG,IAAI,CAAC;CACxD,CAAC"}
|
|
@@ -24,5 +24,5 @@ import { CommonAuthorizationUrlRequest } from "@azure/msal-common/browser";
|
|
|
24
24
|
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
25
25
|
* - nonce - A value included in the request that is returned in the id token. A randomly generated unique value is typically used to mitigate replay attacks.
|
|
26
26
|
*/
|
|
27
|
-
export type SsoSilentRequest = Partial<Omit<CommonAuthorizationUrlRequest, "responseMode" | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" | "platformBroker">>;
|
|
27
|
+
export type SsoSilentRequest = Partial<Omit<CommonAuthorizationUrlRequest, "responseMode" | "earJwk" | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" | "platformBroker">>;
|
|
28
28
|
//# sourceMappingURL=SsoSilentRequest.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SsoSilentRequest.d.ts","sourceRoot":"","sources":["../../../src/request/SsoSilentRequest.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,6BAA6B,EAAE,MAAM,4BAA4B,CAAC;AAE3E;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,MAAM,gBAAgB,GAAG,OAAO,CAClC,IAAI,CACA,6BAA6B,EAC3B,cAAc,GACd,eAAe,GACf,qBAAqB,GACrB,qBAAqB,GACrB,gBAAgB,CACrB,CACJ,CAAC"}
|
|
1
|
+
{"version":3,"file":"SsoSilentRequest.d.ts","sourceRoot":"","sources":["../../../src/request/SsoSilentRequest.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,6BAA6B,EAAE,MAAM,4BAA4B,CAAC;AAE3E;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,MAAM,gBAAgB,GAAG,OAAO,CAClC,IAAI,CACA,6BAA6B,EAC3B,cAAc,GACd,QAAQ,GACR,eAAe,GACf,qBAAqB,GACrB,qBAAqB,GACrB,gBAAgB,CACrB,CACJ,CAAC"}
|
|
@@ -63,21 +63,12 @@ export type HTTP_REQUEST_TYPE = (typeof HTTP_REQUEST_TYPE)[keyof typeof HTTP_REQ
|
|
|
63
63
|
* Temporary cache keys for MSAL, deleted after any request.
|
|
64
64
|
*/
|
|
65
65
|
export declare const TemporaryCacheKeys: {
|
|
66
|
-
readonly AUTHORITY: "authority";
|
|
67
|
-
readonly ACQUIRE_TOKEN_ACCOUNT: "acquireToken.account";
|
|
68
|
-
readonly SESSION_STATE: "session.state";
|
|
69
|
-
readonly REQUEST_STATE: "request.state";
|
|
70
|
-
readonly NONCE_IDTOKEN: "nonce.id_token";
|
|
71
66
|
readonly ORIGIN_URI: "request.origin";
|
|
72
|
-
readonly RENEW_STATUS: "token.renew.status";
|
|
73
67
|
readonly URL_HASH: "urlHash";
|
|
74
68
|
readonly REQUEST_PARAMS: "request.params";
|
|
75
|
-
readonly
|
|
69
|
+
readonly VERIFIER: "code.verifier";
|
|
76
70
|
readonly INTERACTION_STATUS_KEY: "interaction.status";
|
|
77
|
-
readonly CCS_CREDENTIAL: "ccs.credential";
|
|
78
|
-
readonly CORRELATION_ID: "request.correlationId";
|
|
79
71
|
readonly NATIVE_REQUEST: "request.native";
|
|
80
|
-
readonly REDIRECT_CONTEXT: "request.redirect.context";
|
|
81
72
|
};
|
|
82
73
|
export type TemporaryCacheKeys = (typeof TemporaryCacheKeys)[keyof typeof TemporaryCacheKeys];
|
|
83
74
|
export declare const StaticCacheKeys: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"BrowserConstants.d.ts","sourceRoot":"","sources":["../../../src/utils/BrowserConstants.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAEhE;;GAEG;AACH,eAAO,MAAM,gBAAgB;IACzB;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;CAEN,CAAC;AAEF,eAAO,MAAM,eAAe;;;;CAI3B,CAAC;AAEF,eAAO,MAAM,qBAAqB;;;;;CAKxB,CAAC;AACX,MAAM,MAAM,qBAAqB,GAC7B,CAAC,OAAO,qBAAqB,CAAC,CAAC,MAAM,OAAO,qBAAqB,CAAC,CAAC;AAEvE,eAAO,MAAM,oBAAoB;;;;CAIvB,CAAC;AACX,MAAM,MAAM,oBAAoB,GAC5B,CAAC,OAAO,oBAAoB,CAAC,CAAC,MAAM,OAAO,oBAAoB,CAAC,CAAC;AAErE;;GAEG;AACH,eAAO,MAAM,iBAAiB;;;CAGpB,CAAC;AACX,MAAM,MAAM,iBAAiB,GACzB,CAAC,OAAO,iBAAiB,CAAC,CAAC,MAAM,OAAO,iBAAiB,CAAC,CAAC;AAE/D;;GAEG;AACH,eAAO,MAAM,kBAAkB
|
|
1
|
+
{"version":3,"file":"BrowserConstants.d.ts","sourceRoot":"","sources":["../../../src/utils/BrowserConstants.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAEhE;;GAEG;AACH,eAAO,MAAM,gBAAgB;IACzB;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;CAEN,CAAC;AAEF,eAAO,MAAM,eAAe;;;;CAI3B,CAAC;AAEF,eAAO,MAAM,qBAAqB;;;;;CAKxB,CAAC;AACX,MAAM,MAAM,qBAAqB,GAC7B,CAAC,OAAO,qBAAqB,CAAC,CAAC,MAAM,OAAO,qBAAqB,CAAC,CAAC;AAEvE,eAAO,MAAM,oBAAoB;;;;CAIvB,CAAC;AACX,MAAM,MAAM,oBAAoB,GAC5B,CAAC,OAAO,oBAAoB,CAAC,CAAC,MAAM,OAAO,oBAAoB,CAAC,CAAC;AAErE;;GAEG;AACH,eAAO,MAAM,iBAAiB;;;CAGpB,CAAC;AACX,MAAM,MAAM,iBAAiB,GACzB,CAAC,OAAO,iBAAiB,CAAC,CAAC,MAAM,OAAO,iBAAiB,CAAC,CAAC;AAE/D;;GAEG;AACH,eAAO,MAAM,kBAAkB;;;;;;;CAOrB,CAAC;AACX,MAAM,MAAM,kBAAkB,GAC1B,CAAC,OAAO,kBAAkB,CAAC,CAAC,MAAM,OAAO,kBAAkB,CAAC,CAAC;AAEjE,eAAO,MAAM,eAAe;;;CAGlB,CAAC;AACX,MAAM,MAAM,eAAe,GACvB,CAAC,OAAO,eAAe,CAAC,CAAC,MAAM,OAAO,eAAe,CAAC,CAAC;AAE3D;;GAEG;AACH,eAAO,MAAM,iBAAiB;;;CAGpB,CAAC;AACX,MAAM,MAAM,iBAAiB,GACzB,CAAC,OAAO,iBAAiB,CAAC,CAAC,MAAM,OAAO,iBAAiB,CAAC,CAAC;AAE/D;;;;;GAKG;AACH,eAAO,MAAM,KAAK;;;;;;;;;;CAUR,CAAC;AACX,MAAM,MAAM,KAAK,GAAG,CAAC,OAAO,KAAK,CAAC,CAAC,MAAM,OAAO,KAAK,CAAC,CAAC;AAKvD,oBAAY,eAAe;IACvB,QAAQ,aAAa;IACrB,KAAK,UAAU;IACf,MAAM,WAAW;IACjB,IAAI,SAAS;CAChB;AAED;;;GAGG;AACH,eAAO,MAAM,iBAAiB;IAC1B;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;CAEG,CAAC;AACX,MAAM,MAAM,iBAAiB,GACzB,CAAC,OAAO,iBAAiB,CAAC,CAAC,MAAM,OAAO,iBAAiB,CAAC,CAAC;AAE/D,eAAO,MAAM,eAAe,EAAE,eAAe,GAAG,YAE/C,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,cAAc,QAAQ,CAAC;AAGpC,eAAO,MAAM,UAAU;;;CAGb,CAAC;AACX,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,UAAU,CAAC,CAAC,MAAM,OAAO,UAAU,CAAC,CAAC;AAGtE,eAAO,MAAM,OAAO,YAAY,CAAC;AACjC,eAAO,MAAM,UAAU,IAAI,CAAC;AAC5B,eAAO,MAAM,aAAa,QAAoB,CAAC;AAE/C,eAAO,MAAM,iBAAiB;;;;;;;CAmCpB,CAAC;AACX,MAAM,MAAM,iBAAiB,GACzB,CAAC,OAAO,iBAAiB,CAAC,CAAC,MAAM,OAAO,iBAAiB,CAAC,CAAC;AAE/D,eAAO,MAAM,qBAAqB,EAAE,iBAAiB,EAIpD,CAAC;AAEF,eAAO,MAAM,mBAAmB,2BAA2B,CAAC;AAC5D,eAAO,MAAM,iBAAiB,yBAAyB,CAAC;AAExD,eAAO,MAAM,wBAAwB,qCAAqC,CAAC"}
|
package/package.json
CHANGED
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
"type": "git",
|
|
11
11
|
"url": "https://github.com/AzureAD/microsoft-authentication-library-for-js.git"
|
|
12
12
|
},
|
|
13
|
-
"version": "4.
|
|
13
|
+
"version": "4.9.0",
|
|
14
14
|
"description": "Microsoft Authentication Library for js",
|
|
15
15
|
"keywords": [
|
|
16
16
|
"implicit",
|
|
@@ -103,6 +103,6 @@
|
|
|
103
103
|
"typescript": "^4.9.5"
|
|
104
104
|
},
|
|
105
105
|
"dependencies": {
|
|
106
|
-
"@azure/msal-common": "15.
|
|
106
|
+
"@azure/msal-common": "15.4.0"
|
|
107
107
|
}
|
|
108
108
|
}
|
|
@@ -7,7 +7,6 @@ import {
|
|
|
7
7
|
Constants,
|
|
8
8
|
PersistentCacheKeys,
|
|
9
9
|
StringUtils,
|
|
10
|
-
CommonAuthorizationCodeRequest,
|
|
11
10
|
ICrypto,
|
|
12
11
|
AccountEntity,
|
|
13
12
|
IdTokenEntity,
|
|
@@ -17,14 +16,11 @@ import {
|
|
|
17
16
|
CacheManager,
|
|
18
17
|
ServerTelemetryEntity,
|
|
19
18
|
ThrottlingEntity,
|
|
20
|
-
ProtocolUtils,
|
|
21
19
|
Logger,
|
|
22
20
|
AuthorityMetadataEntity,
|
|
23
21
|
DEFAULT_CRYPTO_IMPLEMENTATION,
|
|
24
22
|
AccountInfo,
|
|
25
23
|
ActiveAccountFilters,
|
|
26
|
-
CcsCredential,
|
|
27
|
-
CcsCredentialType,
|
|
28
24
|
TokenKeys,
|
|
29
25
|
CredentialType,
|
|
30
26
|
CacheRecord,
|
|
@@ -39,6 +35,7 @@ import {
|
|
|
39
35
|
CacheError,
|
|
40
36
|
invokeAsync,
|
|
41
37
|
TimeUtils,
|
|
38
|
+
CommonAuthorizationUrlRequest,
|
|
42
39
|
} from "@azure/msal-common/browser";
|
|
43
40
|
import { CacheOptions } from "../config/Configuration.js";
|
|
44
41
|
import {
|
|
@@ -47,7 +44,6 @@ import {
|
|
|
47
44
|
} from "../error/BrowserAuthError.js";
|
|
48
45
|
import {
|
|
49
46
|
BrowserCacheLocation,
|
|
50
|
-
InteractionType,
|
|
51
47
|
TemporaryCacheKeys,
|
|
52
48
|
InMemoryCacheKeys,
|
|
53
49
|
StaticCacheKeys,
|
|
@@ -56,7 +52,6 @@ import { LocalStorage } from "./LocalStorage.js";
|
|
|
56
52
|
import { SessionStorage } from "./SessionStorage.js";
|
|
57
53
|
import { MemoryStorage } from "./MemoryStorage.js";
|
|
58
54
|
import { IWindowStorage } from "./IWindowStorage.js";
|
|
59
|
-
import { extractBrowserRequestState } from "../utils/BrowserProtocolUtils.js";
|
|
60
55
|
import { NativeTokenRequest } from "../broker/nativeBroker/NativeRequest.js";
|
|
61
56
|
import { AuthenticationResult } from "../response/AuthenticationResult.js";
|
|
62
57
|
import { SilentRequest } from "../request/SilentRequest.js";
|
|
@@ -1074,143 +1069,24 @@ export class BrowserCacheManager extends CacheManager {
|
|
|
1074
1069
|
return JSON.stringify(key);
|
|
1075
1070
|
}
|
|
1076
1071
|
|
|
1077
|
-
/**
|
|
1078
|
-
* Create authorityKey to cache authority
|
|
1079
|
-
* @param state
|
|
1080
|
-
*/
|
|
1081
|
-
generateAuthorityKey(stateString: string): string {
|
|
1082
|
-
const {
|
|
1083
|
-
libraryState: { id: stateId },
|
|
1084
|
-
} = ProtocolUtils.parseRequestState(this.cryptoImpl, stateString);
|
|
1085
|
-
|
|
1086
|
-
return this.generateCacheKey(
|
|
1087
|
-
`${TemporaryCacheKeys.AUTHORITY}.${stateId}`
|
|
1088
|
-
);
|
|
1089
|
-
}
|
|
1090
|
-
|
|
1091
|
-
/**
|
|
1092
|
-
* Create Nonce key to cache nonce
|
|
1093
|
-
* @param state
|
|
1094
|
-
*/
|
|
1095
|
-
generateNonceKey(stateString: string): string {
|
|
1096
|
-
const {
|
|
1097
|
-
libraryState: { id: stateId },
|
|
1098
|
-
} = ProtocolUtils.parseRequestState(this.cryptoImpl, stateString);
|
|
1099
|
-
|
|
1100
|
-
return this.generateCacheKey(
|
|
1101
|
-
`${TemporaryCacheKeys.NONCE_IDTOKEN}.${stateId}`
|
|
1102
|
-
);
|
|
1103
|
-
}
|
|
1104
|
-
|
|
1105
|
-
/**
|
|
1106
|
-
* Creates full cache key for the request state
|
|
1107
|
-
* @param stateString State string for the request
|
|
1108
|
-
*/
|
|
1109
|
-
generateStateKey(stateString: string): string {
|
|
1110
|
-
// Use the library state id to key temp storage for uniqueness for multiple concurrent requests
|
|
1111
|
-
const {
|
|
1112
|
-
libraryState: { id: stateId },
|
|
1113
|
-
} = ProtocolUtils.parseRequestState(this.cryptoImpl, stateString);
|
|
1114
|
-
return this.generateCacheKey(
|
|
1115
|
-
`${TemporaryCacheKeys.REQUEST_STATE}.${stateId}`
|
|
1116
|
-
);
|
|
1117
|
-
}
|
|
1118
|
-
|
|
1119
|
-
/**
|
|
1120
|
-
* Gets the cached authority based on the cached state. Returns empty if no cached state found.
|
|
1121
|
-
*/
|
|
1122
|
-
getCachedAuthority(cachedState: string): string | null {
|
|
1123
|
-
const stateCacheKey = this.generateStateKey(cachedState);
|
|
1124
|
-
const state = this.getTemporaryCache(stateCacheKey);
|
|
1125
|
-
if (!state) {
|
|
1126
|
-
return null;
|
|
1127
|
-
}
|
|
1128
|
-
|
|
1129
|
-
const authorityCacheKey = this.generateAuthorityKey(state);
|
|
1130
|
-
return this.getTemporaryCache(authorityCacheKey);
|
|
1131
|
-
}
|
|
1132
|
-
|
|
1133
|
-
/**
|
|
1134
|
-
* Updates account, authority, and state in cache
|
|
1135
|
-
* @param serverAuthenticationRequest
|
|
1136
|
-
* @param account
|
|
1137
|
-
*/
|
|
1138
|
-
updateCacheEntries(
|
|
1139
|
-
state: string,
|
|
1140
|
-
nonce: string,
|
|
1141
|
-
authorityInstance: string,
|
|
1142
|
-
loginHint: string,
|
|
1143
|
-
account: AccountInfo | null
|
|
1144
|
-
): void {
|
|
1145
|
-
this.logger.trace("BrowserCacheManager.updateCacheEntries called");
|
|
1146
|
-
// Cache the request state
|
|
1147
|
-
const stateCacheKey = this.generateStateKey(state);
|
|
1148
|
-
this.setTemporaryCache(stateCacheKey, state, false);
|
|
1149
|
-
|
|
1150
|
-
// Cache the nonce
|
|
1151
|
-
const nonceCacheKey = this.generateNonceKey(state);
|
|
1152
|
-
this.setTemporaryCache(nonceCacheKey, nonce, false);
|
|
1153
|
-
|
|
1154
|
-
// Cache authorityKey
|
|
1155
|
-
const authorityCacheKey = this.generateAuthorityKey(state);
|
|
1156
|
-
this.setTemporaryCache(authorityCacheKey, authorityInstance, false);
|
|
1157
|
-
|
|
1158
|
-
if (account) {
|
|
1159
|
-
const ccsCredential: CcsCredential = {
|
|
1160
|
-
credential: account.homeAccountId,
|
|
1161
|
-
type: CcsCredentialType.HOME_ACCOUNT_ID,
|
|
1162
|
-
};
|
|
1163
|
-
this.setTemporaryCache(
|
|
1164
|
-
TemporaryCacheKeys.CCS_CREDENTIAL,
|
|
1165
|
-
JSON.stringify(ccsCredential),
|
|
1166
|
-
true
|
|
1167
|
-
);
|
|
1168
|
-
} else if (loginHint) {
|
|
1169
|
-
const ccsCredential: CcsCredential = {
|
|
1170
|
-
credential: loginHint,
|
|
1171
|
-
type: CcsCredentialType.UPN,
|
|
1172
|
-
};
|
|
1173
|
-
this.setTemporaryCache(
|
|
1174
|
-
TemporaryCacheKeys.CCS_CREDENTIAL,
|
|
1175
|
-
JSON.stringify(ccsCredential),
|
|
1176
|
-
true
|
|
1177
|
-
);
|
|
1178
|
-
}
|
|
1179
|
-
}
|
|
1180
|
-
|
|
1181
1072
|
/**
|
|
1182
1073
|
* Reset all temporary cache items
|
|
1183
1074
|
* @param state
|
|
1184
1075
|
*/
|
|
1185
|
-
resetRequestCache(
|
|
1076
|
+
resetRequestCache(): void {
|
|
1186
1077
|
this.logger.trace("BrowserCacheManager.resetRequestCache called");
|
|
1187
|
-
// check state and remove associated cache items
|
|
1188
|
-
if (state) {
|
|
1189
|
-
this.temporaryCacheStorage.getKeys().forEach((key) => {
|
|
1190
|
-
if (key.indexOf(state) !== -1) {
|
|
1191
|
-
this.removeTemporaryItem(key);
|
|
1192
|
-
}
|
|
1193
|
-
});
|
|
1194
1078
|
|
|
1195
|
-
// delete generic interactive request parameters
|
|
1196
|
-
this.removeTemporaryItem(this.generateStateKey(state));
|
|
1197
|
-
this.removeTemporaryItem(this.generateNonceKey(state));
|
|
1198
|
-
this.removeTemporaryItem(this.generateAuthorityKey(state));
|
|
1199
|
-
}
|
|
1200
1079
|
this.removeTemporaryItem(
|
|
1201
1080
|
this.generateCacheKey(TemporaryCacheKeys.REQUEST_PARAMS)
|
|
1202
1081
|
);
|
|
1203
1082
|
this.removeTemporaryItem(
|
|
1204
|
-
this.generateCacheKey(TemporaryCacheKeys.
|
|
1205
|
-
);
|
|
1206
|
-
this.removeTemporaryItem(
|
|
1207
|
-
this.generateCacheKey(TemporaryCacheKeys.URL_HASH)
|
|
1083
|
+
this.generateCacheKey(TemporaryCacheKeys.VERIFIER)
|
|
1208
1084
|
);
|
|
1209
1085
|
this.removeTemporaryItem(
|
|
1210
|
-
this.generateCacheKey(TemporaryCacheKeys.
|
|
1086
|
+
this.generateCacheKey(TemporaryCacheKeys.ORIGIN_URI)
|
|
1211
1087
|
);
|
|
1212
1088
|
this.removeTemporaryItem(
|
|
1213
|
-
this.generateCacheKey(TemporaryCacheKeys.
|
|
1089
|
+
this.generateCacheKey(TemporaryCacheKeys.URL_HASH)
|
|
1214
1090
|
);
|
|
1215
1091
|
this.removeTemporaryItem(
|
|
1216
1092
|
this.generateCacheKey(TemporaryCacheKeys.NATIVE_REQUEST)
|
|
@@ -1218,64 +1094,11 @@ export class BrowserCacheManager extends CacheManager {
|
|
|
1218
1094
|
this.setInteractionInProgress(false);
|
|
1219
1095
|
}
|
|
1220
1096
|
|
|
1221
|
-
|
|
1222
|
-
|
|
1223
|
-
|
|
1224
|
-
|
|
1225
|
-
|
|
1226
|
-
this.logger.trace("BrowserCacheManager.cleanRequestByState called");
|
|
1227
|
-
// Interaction is completed - remove interaction status.
|
|
1228
|
-
if (stateString) {
|
|
1229
|
-
const stateKey = this.generateStateKey(stateString);
|
|
1230
|
-
const cachedState = this.temporaryCacheStorage.getItem(stateKey);
|
|
1231
|
-
this.logger.infoPii(
|
|
1232
|
-
`BrowserCacheManager.cleanRequestByState: Removing temporary cache items for state: ${cachedState}`
|
|
1233
|
-
);
|
|
1234
|
-
this.resetRequestCache(cachedState || Constants.EMPTY_STRING);
|
|
1235
|
-
}
|
|
1236
|
-
}
|
|
1237
|
-
|
|
1238
|
-
/**
|
|
1239
|
-
* Looks in temporary cache for any state values with the provided interactionType and removes all temporary cache items for that state
|
|
1240
|
-
* Used in scenarios where temp cache needs to be cleaned but state is not known, such as clicking browser back button.
|
|
1241
|
-
* @param interactionType
|
|
1242
|
-
*/
|
|
1243
|
-
cleanRequestByInteractionType(interactionType: InteractionType): void {
|
|
1244
|
-
this.logger.trace(
|
|
1245
|
-
"BrowserCacheManager.cleanRequestByInteractionType called"
|
|
1246
|
-
);
|
|
1247
|
-
// Loop through all keys to find state key
|
|
1248
|
-
this.temporaryCacheStorage.getKeys().forEach((key) => {
|
|
1249
|
-
// If this key is not the state key, move on
|
|
1250
|
-
if (key.indexOf(TemporaryCacheKeys.REQUEST_STATE) === -1) {
|
|
1251
|
-
return;
|
|
1252
|
-
}
|
|
1253
|
-
|
|
1254
|
-
// Retrieve state value, return if not a valid value
|
|
1255
|
-
const stateValue = this.temporaryCacheStorage.getItem(key);
|
|
1256
|
-
if (!stateValue) {
|
|
1257
|
-
return;
|
|
1258
|
-
}
|
|
1259
|
-
// Extract state and ensure it matches given InteractionType, then clean request cache
|
|
1260
|
-
const parsedState = extractBrowserRequestState(
|
|
1261
|
-
this.cryptoImpl,
|
|
1262
|
-
stateValue
|
|
1263
|
-
);
|
|
1264
|
-
if (
|
|
1265
|
-
parsedState &&
|
|
1266
|
-
parsedState.interactionType === interactionType
|
|
1267
|
-
) {
|
|
1268
|
-
this.logger.infoPii(
|
|
1269
|
-
`BrowserCacheManager.cleanRequestByInteractionType: Removing temporary cache items for state: ${stateValue}`
|
|
1270
|
-
);
|
|
1271
|
-
this.resetRequestCache(stateValue);
|
|
1272
|
-
}
|
|
1273
|
-
});
|
|
1274
|
-
this.setInteractionInProgress(false);
|
|
1275
|
-
}
|
|
1276
|
-
|
|
1277
|
-
cacheCodeRequest(authCodeRequest: CommonAuthorizationCodeRequest): void {
|
|
1278
|
-
this.logger.trace("BrowserCacheManager.cacheCodeRequest called");
|
|
1097
|
+
cacheAuthorizeRequest(
|
|
1098
|
+
authCodeRequest: CommonAuthorizationUrlRequest,
|
|
1099
|
+
codeVerifier?: string
|
|
1100
|
+
): void {
|
|
1101
|
+
this.logger.trace("BrowserCacheManager.cacheAuthorizeRequest called");
|
|
1279
1102
|
|
|
1280
1103
|
const encodedValue = base64Encode(JSON.stringify(authCodeRequest));
|
|
1281
1104
|
this.setTemporaryCache(
|
|
@@ -1283,12 +1106,21 @@ export class BrowserCacheManager extends CacheManager {
|
|
|
1283
1106
|
encodedValue,
|
|
1284
1107
|
true
|
|
1285
1108
|
);
|
|
1109
|
+
|
|
1110
|
+
if (codeVerifier) {
|
|
1111
|
+
const encodedVerifier = base64Encode(codeVerifier);
|
|
1112
|
+
this.setTemporaryCache(
|
|
1113
|
+
TemporaryCacheKeys.VERIFIER,
|
|
1114
|
+
encodedVerifier,
|
|
1115
|
+
true
|
|
1116
|
+
);
|
|
1117
|
+
}
|
|
1286
1118
|
}
|
|
1287
1119
|
|
|
1288
1120
|
/**
|
|
1289
1121
|
* Gets the token exchange parameters from the cache. Throws an error if nothing is found.
|
|
1290
1122
|
*/
|
|
1291
|
-
getCachedRequest(
|
|
1123
|
+
getCachedRequest(): [CommonAuthorizationUrlRequest, string] {
|
|
1292
1124
|
this.logger.trace("BrowserCacheManager.getCachedRequest called");
|
|
1293
1125
|
// Get token request from cache and parse as TokenExchangeParameters.
|
|
1294
1126
|
const encodedTokenRequest = this.getTemporaryCache(
|
|
@@ -1300,10 +1132,18 @@ export class BrowserCacheManager extends CacheManager {
|
|
|
1300
1132
|
BrowserAuthErrorCodes.noTokenRequestCacheError
|
|
1301
1133
|
);
|
|
1302
1134
|
}
|
|
1135
|
+
const encodedVerifier = this.getTemporaryCache(
|
|
1136
|
+
TemporaryCacheKeys.VERIFIER,
|
|
1137
|
+
true
|
|
1138
|
+
);
|
|
1303
1139
|
|
|
1304
|
-
let parsedRequest:
|
|
1140
|
+
let parsedRequest: CommonAuthorizationUrlRequest;
|
|
1141
|
+
let verifier = "";
|
|
1305
1142
|
try {
|
|
1306
1143
|
parsedRequest = JSON.parse(base64Decode(encodedTokenRequest));
|
|
1144
|
+
if (encodedVerifier) {
|
|
1145
|
+
verifier = base64Decode(encodedVerifier);
|
|
1146
|
+
}
|
|
1307
1147
|
} catch (e) {
|
|
1308
1148
|
this.logger.errorPii(`Attempted to parse: ${encodedTokenRequest}`);
|
|
1309
1149
|
this.logger.error(
|
|
@@ -1313,23 +1153,8 @@ export class BrowserCacheManager extends CacheManager {
|
|
|
1313
1153
|
BrowserAuthErrorCodes.unableToParseTokenRequestCacheError
|
|
1314
1154
|
);
|
|
1315
1155
|
}
|
|
1316
|
-
this.removeTemporaryItem(
|
|
1317
|
-
this.generateCacheKey(TemporaryCacheKeys.REQUEST_PARAMS)
|
|
1318
|
-
);
|
|
1319
1156
|
|
|
1320
|
-
|
|
1321
|
-
if (!parsedRequest.authority) {
|
|
1322
|
-
const authorityCacheKey: string = this.generateAuthorityKey(state);
|
|
1323
|
-
const cachedAuthority = this.getTemporaryCache(authorityCacheKey);
|
|
1324
|
-
if (!cachedAuthority) {
|
|
1325
|
-
throw createBrowserAuthError(
|
|
1326
|
-
BrowserAuthErrorCodes.noCachedAuthorityError
|
|
1327
|
-
);
|
|
1328
|
-
}
|
|
1329
|
-
parsedRequest.authority = cachedAuthority;
|
|
1330
|
-
}
|
|
1331
|
-
|
|
1332
|
-
return parsedRequest;
|
|
1157
|
+
return [parsedRequest, verifier];
|
|
1333
1158
|
}
|
|
1334
1159
|
|
|
1335
1160
|
/**
|
|
@@ -377,10 +377,10 @@ export function buildConfiguration(
|
|
|
377
377
|
);
|
|
378
378
|
}
|
|
379
379
|
|
|
380
|
-
// Throw an error if user has set allowPlatformBroker to true
|
|
380
|
+
// Throw an error if user has set allowPlatformBroker to true with OIDC protocol mode
|
|
381
381
|
if (
|
|
382
382
|
userInputAuth?.protocolMode &&
|
|
383
|
-
userInputAuth.protocolMode
|
|
383
|
+
userInputAuth.protocolMode === ProtocolMode.OIDC &&
|
|
384
384
|
providedSystemOptions?.allowPlatformBroker
|
|
385
385
|
) {
|
|
386
386
|
throw createClientConfigurationError(
|
|
@@ -402,5 +402,17 @@ export function buildConfiguration(
|
|
|
402
402
|
telemetry: { ...DEFAULT_TELEMETRY_OPTIONS, ...userInputTelemetry },
|
|
403
403
|
};
|
|
404
404
|
|
|
405
|
+
/**
|
|
406
|
+
* Temporarily disable EAR until implementation is complete
|
|
407
|
+
* TODO: Remove this
|
|
408
|
+
*/
|
|
409
|
+
if (overlayedConfig.auth.protocolMode === ProtocolMode.EAR) {
|
|
410
|
+
const logger = new Logger(providedSystemOptions.loggerOptions);
|
|
411
|
+
logger.warning(
|
|
412
|
+
"EAR Protocol Mode is not yet supported. Overriding to use PKCE auth"
|
|
413
|
+
);
|
|
414
|
+
overlayedConfig.auth.protocolMode = ProtocolMode.AAD;
|
|
415
|
+
}
|
|
416
|
+
|
|
405
417
|
return overlayedConfig;
|
|
406
418
|
}
|
|
@@ -599,6 +599,7 @@ export class NestedAppAuthController implements IController {
|
|
|
599
599
|
CommonAuthorizationUrlRequest,
|
|
600
600
|
| "requestedClaimsHash"
|
|
601
601
|
| "responseMode"
|
|
602
|
+
| "earJwk"
|
|
602
603
|
| "codeChallenge"
|
|
603
604
|
| "codeChallengeMethod"
|
|
604
605
|
| "platformBroker"
|
|
@@ -792,6 +793,7 @@ export class NestedAppAuthController implements IController {
|
|
|
792
793
|
CommonAuthorizationUrlRequest,
|
|
793
794
|
| "requestedClaimsHash"
|
|
794
795
|
| "responseMode"
|
|
796
|
+
| "earJwk"
|
|
795
797
|
| "codeChallenge"
|
|
796
798
|
| "codeChallengeMethod"
|
|
797
799
|
| "platformBroker"
|