@azure/msal-browser 4.8.0 → 4.9.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeMessageHandler.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.d.ts +4 -41
- package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +18 -143
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +2 -2
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.mjs +5 -5
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts +2 -2
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +28 -16
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.d.ts +2 -2
- package/dist/controllers/UnknownOperatingContextController.d.ts.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.d.ts +11 -0
- package/dist/crypto/BrowserCrypto.d.ts.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +68 -5
- package/dist/crypto/BrowserCrypto.mjs.map +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.d.ts +3 -5
- package/dist/error/BrowserAuthError.d.ts.map +1 -1
- package/dist/error/BrowserAuthError.mjs +5 -7
- package/dist/error/BrowserAuthError.mjs.map +1 -1
- package/dist/error/BrowserAuthErrorCodes.d.ts +3 -1
- package/dist/error/BrowserAuthErrorCodes.d.ts.map +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +6 -4
- package/dist/error/BrowserAuthErrorCodes.mjs.map +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +2 -2
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/NativeInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/NativeInteractionClient.mjs +1 -3
- package/dist/interaction_client/NativeInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.d.ts +14 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +65 -64
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.d.ts +20 -3
- package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +132 -76
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts +13 -3
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +57 -44
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts +2 -3
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.d.ts +4 -5
- package/dist/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs.map +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts +4 -2
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +15 -5
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +2 -2
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +53 -1
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +147 -4
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/AuthorizationUrlRequest.d.ts +2 -4
- package/dist/request/AuthorizationUrlRequest.d.ts.map +1 -1
- package/dist/request/PopupRequest.d.ts +1 -1
- package/dist/request/PopupRequest.d.ts.map +1 -1
- package/dist/request/RedirectRequest.d.ts +1 -1
- package/dist/request/RedirectRequest.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/request/SsoSilentRequest.d.ts +1 -1
- package/dist/request/SsoSilentRequest.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.d.ts +1 -10
- package/dist/utils/BrowserConstants.d.ts.map +1 -1
- package/dist/utils/BrowserConstants.mjs +2 -15
- package/dist/utils/BrowserConstants.mjs.map +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/lib/msal-browser.cjs +1588 -1555
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +1588 -1555
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +68 -67
- package/lib/types/cache/BrowserCacheManager.d.ts +4 -41
- package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/types/controllers/NestedAppAuthController.d.ts +2 -2
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/controllers/UnknownOperatingContextController.d.ts +2 -2
- package/lib/types/controllers/UnknownOperatingContextController.d.ts.map +1 -1
- package/lib/types/crypto/BrowserCrypto.d.ts +11 -0
- package/lib/types/crypto/BrowserCrypto.d.ts.map +1 -1
- package/lib/types/error/BrowserAuthError.d.ts +3 -5
- package/lib/types/error/BrowserAuthError.d.ts.map +1 -1
- package/lib/types/error/BrowserAuthErrorCodes.d.ts +3 -1
- package/lib/types/error/BrowserAuthErrorCodes.d.ts.map +1 -1
- package/lib/types/interaction_client/NativeInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts +14 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/RedirectClient.d.ts +20 -3
- package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts +13 -3
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts +2 -3
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/InteractionHandler.d.ts +4 -5
- package/lib/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts +4 -2
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts +53 -1
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/request/AuthorizationUrlRequest.d.ts +2 -4
- package/lib/types/request/AuthorizationUrlRequest.d.ts.map +1 -1
- package/lib/types/request/PopupRequest.d.ts +1 -1
- package/lib/types/request/PopupRequest.d.ts.map +1 -1
- package/lib/types/request/RedirectRequest.d.ts +1 -1
- package/lib/types/request/RedirectRequest.d.ts.map +1 -1
- package/lib/types/request/SsoSilentRequest.d.ts +1 -1
- package/lib/types/request/SsoSilentRequest.d.ts.map +1 -1
- package/lib/types/utils/BrowserConstants.d.ts +1 -10
- package/lib/types/utils/BrowserConstants.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/cache/BrowserCacheManager.ts +30 -205
- package/src/config/Configuration.ts +2 -2
- package/src/controllers/NestedAppAuthController.ts +2 -0
- package/src/controllers/StandardController.ts +35 -24
- package/src/controllers/UnknownOperatingContextController.ts +2 -0
- package/src/crypto/BrowserCrypto.ts +91 -2
- package/src/error/BrowserAuthError.ts +6 -8
- package/src/error/BrowserAuthErrorCodes.ts +3 -1
- package/src/interaction_client/NativeInteractionClient.ts +0 -2
- package/src/interaction_client/PopupClient.ts +163 -119
- package/src/interaction_client/RedirectClient.ts +258 -140
- package/src/interaction_client/SilentAuthCodeClient.ts +2 -2
- package/src/interaction_client/SilentIframeClient.ts +154 -99
- package/src/interaction_client/StandardInteractionClient.ts +3 -3
- package/src/interaction_handler/InteractionHandler.ts +4 -4
- package/src/interaction_handler/SilentHandler.ts +31 -2
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +356 -2
- package/src/request/AuthorizationUrlRequest.ts +3 -5
- package/src/request/PopupRequest.ts +1 -0
- package/src/request/RedirectRequest.ts +1 -0
- package/src/request/SsoSilentRequest.ts +1 -0
- package/src/utils/BrowserConstants.ts +1 -10
- package/dist/interaction_handler/RedirectHandler.d.ts +0 -33
- package/dist/interaction_handler/RedirectHandler.d.ts.map +0 -1
- package/dist/interaction_handler/RedirectHandler.mjs +0 -144
- package/dist/interaction_handler/RedirectHandler.mjs.map +0 -1
- package/lib/types/interaction_handler/RedirectHandler.d.ts +0 -33
- package/lib/types/interaction_handler/RedirectHandler.d.ts.map +0 -1
- package/src/interaction_handler/RedirectHandler.ts +0 -252
|
@@ -7,17 +7,16 @@ import {
|
|
|
7
7
|
ICrypto,
|
|
8
8
|
Logger,
|
|
9
9
|
PromptValue,
|
|
10
|
-
CommonAuthorizationCodeRequest,
|
|
11
10
|
AuthorizationCodeClient,
|
|
12
11
|
AuthError,
|
|
13
|
-
ProtocolUtils,
|
|
14
12
|
IPerformanceClient,
|
|
15
13
|
PerformanceEvents,
|
|
16
14
|
invokeAsync,
|
|
17
15
|
invoke,
|
|
16
|
+
ProtocolMode,
|
|
17
|
+
CommonAuthorizationUrlRequest,
|
|
18
18
|
} from "@azure/msal-common/browser";
|
|
19
19
|
import { StandardInteractionClient } from "./StandardInteractionClient.js";
|
|
20
|
-
import { AuthorizationUrlRequest } from "../request/AuthorizationUrlRequest.js";
|
|
21
20
|
import { BrowserConfiguration } from "../config/Configuration.js";
|
|
22
21
|
import { BrowserCacheManager } from "../cache/BrowserCacheManager.js";
|
|
23
22
|
import { EventHandler } from "../event/EventHandler.js";
|
|
@@ -32,18 +31,18 @@ import {
|
|
|
32
31
|
BrowserConstants,
|
|
33
32
|
} from "../utils/BrowserConstants.js";
|
|
34
33
|
import {
|
|
35
|
-
|
|
34
|
+
initiateCodeRequest,
|
|
35
|
+
initiateEarRequest,
|
|
36
36
|
monitorIframeForHash,
|
|
37
37
|
} from "../interaction_handler/SilentHandler.js";
|
|
38
38
|
import { SsoSilentRequest } from "../request/SsoSilentRequest.js";
|
|
39
39
|
import { NativeMessageHandler } from "../broker/nativeBroker/NativeMessageHandler.js";
|
|
40
|
-
import { NativeInteractionClient } from "./NativeInteractionClient.js";
|
|
41
40
|
import { AuthenticationResult } from "../response/AuthenticationResult.js";
|
|
42
|
-
import { InteractionHandler } from "../interaction_handler/InteractionHandler.js";
|
|
43
41
|
import * as BrowserUtils from "../utils/BrowserUtils.js";
|
|
44
42
|
import * as ResponseHandler from "../response/ResponseHandler.js";
|
|
45
|
-
import
|
|
43
|
+
import * as Authorize from "../protocol/Authorize.js";
|
|
46
44
|
import { generatePkceCodes } from "../crypto/PkceGenerator.js";
|
|
45
|
+
import { generateEarKey } from "../crypto/BrowserCrypto.js";
|
|
47
46
|
|
|
48
47
|
export class SilentIframeClient extends StandardInteractionClient {
|
|
49
48
|
protected apiId: ApiId;
|
|
@@ -116,21 +115,42 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
116
115
|
}
|
|
117
116
|
|
|
118
117
|
// Create silent request
|
|
119
|
-
const silentRequest:
|
|
118
|
+
const silentRequest: CommonAuthorizationUrlRequest = await invokeAsync(
|
|
120
119
|
this.initializeAuthorizationRequest.bind(this),
|
|
121
120
|
PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest,
|
|
122
121
|
this.logger,
|
|
123
122
|
this.performanceClient,
|
|
124
123
|
request.correlationId
|
|
125
124
|
)(inputRequest, InteractionType.Silent);
|
|
125
|
+
silentRequest.platformBroker =
|
|
126
|
+
NativeMessageHandler.isPlatformBrokerAvailable(
|
|
127
|
+
this.config,
|
|
128
|
+
this.logger,
|
|
129
|
+
this.nativeMessageHandler,
|
|
130
|
+
silentRequest.authenticationScheme
|
|
131
|
+
);
|
|
126
132
|
BrowserUtils.preconnect(silentRequest.authority);
|
|
127
133
|
|
|
134
|
+
if (this.config.auth.protocolMode === ProtocolMode.EAR) {
|
|
135
|
+
return this.executeEarFlow(silentRequest);
|
|
136
|
+
} else {
|
|
137
|
+
return this.executeCodeFlow(silentRequest);
|
|
138
|
+
}
|
|
139
|
+
}
|
|
140
|
+
|
|
141
|
+
/**
|
|
142
|
+
* Executes auth code + PKCE flow
|
|
143
|
+
* @param request
|
|
144
|
+
* @returns
|
|
145
|
+
*/
|
|
146
|
+
async executeCodeFlow(
|
|
147
|
+
request: CommonAuthorizationUrlRequest
|
|
148
|
+
): Promise<AuthenticationResult> {
|
|
149
|
+
let authClient: AuthorizationCodeClient | undefined;
|
|
128
150
|
const serverTelemetryManager = this.initializeServerTelemetryManager(
|
|
129
151
|
this.apiId
|
|
130
152
|
);
|
|
131
153
|
|
|
132
|
-
let authClient: AuthorizationCodeClient | undefined;
|
|
133
|
-
|
|
134
154
|
try {
|
|
135
155
|
// Initialize the client
|
|
136
156
|
authClient = await invokeAsync(
|
|
@@ -141,10 +161,10 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
141
161
|
request.correlationId
|
|
142
162
|
)({
|
|
143
163
|
serverTelemetryManager,
|
|
144
|
-
requestAuthority:
|
|
145
|
-
requestAzureCloudOptions:
|
|
146
|
-
requestExtraQueryParameters:
|
|
147
|
-
account:
|
|
164
|
+
requestAuthority: request.authority,
|
|
165
|
+
requestAzureCloudOptions: request.azureCloudOptions,
|
|
166
|
+
requestExtraQueryParameters: request.extraQueryParameters,
|
|
167
|
+
account: request.account,
|
|
148
168
|
});
|
|
149
169
|
|
|
150
170
|
return await invokeAsync(
|
|
@@ -153,7 +173,7 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
153
173
|
this.logger,
|
|
154
174
|
this.performanceClient,
|
|
155
175
|
request.correlationId
|
|
156
|
-
)(authClient,
|
|
176
|
+
)(authClient, request);
|
|
157
177
|
} catch (e) {
|
|
158
178
|
if (e instanceof AuthError) {
|
|
159
179
|
(e as AuthError).setCorrelationId(this.correlationId);
|
|
@@ -175,25 +195,109 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
175
195
|
this.correlationId
|
|
176
196
|
);
|
|
177
197
|
|
|
178
|
-
const retrySilentRequest: AuthorizationUrlRequest =
|
|
179
|
-
await invokeAsync(
|
|
180
|
-
this.initializeAuthorizationRequest.bind(this),
|
|
181
|
-
PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest,
|
|
182
|
-
this.logger,
|
|
183
|
-
this.performanceClient,
|
|
184
|
-
request.correlationId
|
|
185
|
-
)(inputRequest, InteractionType.Silent);
|
|
186
|
-
|
|
187
198
|
return await invokeAsync(
|
|
188
199
|
this.silentTokenHelper.bind(this),
|
|
189
200
|
PerformanceEvents.SilentIframeClientTokenHelper,
|
|
190
201
|
this.logger,
|
|
191
202
|
this.performanceClient,
|
|
192
203
|
this.correlationId
|
|
193
|
-
)(authClient,
|
|
204
|
+
)(authClient, request);
|
|
194
205
|
}
|
|
195
206
|
}
|
|
196
207
|
|
|
208
|
+
/**
|
|
209
|
+
* Executes EAR flow
|
|
210
|
+
* @param request
|
|
211
|
+
*/
|
|
212
|
+
async executeEarFlow(
|
|
213
|
+
request: CommonAuthorizationUrlRequest
|
|
214
|
+
): Promise<AuthenticationResult> {
|
|
215
|
+
const correlationId = request.correlationId;
|
|
216
|
+
const discoveredAuthority = await invokeAsync(
|
|
217
|
+
this.getDiscoveredAuthority.bind(this),
|
|
218
|
+
PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority,
|
|
219
|
+
this.logger,
|
|
220
|
+
this.performanceClient,
|
|
221
|
+
correlationId
|
|
222
|
+
)({
|
|
223
|
+
requestAuthority: request.authority,
|
|
224
|
+
requestAzureCloudOptions: request.azureCloudOptions,
|
|
225
|
+
requestExtraQueryParameters: request.extraQueryParameters,
|
|
226
|
+
account: request.account,
|
|
227
|
+
});
|
|
228
|
+
|
|
229
|
+
const earJwk = await invokeAsync(
|
|
230
|
+
generateEarKey,
|
|
231
|
+
PerformanceEvents.GenerateEarKey,
|
|
232
|
+
this.logger,
|
|
233
|
+
this.performanceClient,
|
|
234
|
+
correlationId
|
|
235
|
+
)();
|
|
236
|
+
const silentRequest = {
|
|
237
|
+
...request,
|
|
238
|
+
earJwk: earJwk,
|
|
239
|
+
};
|
|
240
|
+
const msalFrame = await invokeAsync(
|
|
241
|
+
initiateEarRequest,
|
|
242
|
+
PerformanceEvents.SilentHandlerInitiateAuthRequest,
|
|
243
|
+
this.logger,
|
|
244
|
+
this.performanceClient,
|
|
245
|
+
correlationId
|
|
246
|
+
)(
|
|
247
|
+
this.config,
|
|
248
|
+
discoveredAuthority,
|
|
249
|
+
silentRequest,
|
|
250
|
+
this.logger,
|
|
251
|
+
this.performanceClient
|
|
252
|
+
);
|
|
253
|
+
|
|
254
|
+
const responseType = this.config.auth.OIDCOptions.serverResponseType;
|
|
255
|
+
// Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
256
|
+
const responseString = await invokeAsync(
|
|
257
|
+
monitorIframeForHash,
|
|
258
|
+
PerformanceEvents.SilentHandlerMonitorIframeForHash,
|
|
259
|
+
this.logger,
|
|
260
|
+
this.performanceClient,
|
|
261
|
+
correlationId
|
|
262
|
+
)(
|
|
263
|
+
msalFrame,
|
|
264
|
+
this.config.system.iframeHashTimeout,
|
|
265
|
+
this.config.system.pollIntervalMilliseconds,
|
|
266
|
+
this.performanceClient,
|
|
267
|
+
this.logger,
|
|
268
|
+
correlationId,
|
|
269
|
+
responseType
|
|
270
|
+
);
|
|
271
|
+
|
|
272
|
+
const serverParams = invoke(
|
|
273
|
+
ResponseHandler.deserializeResponse,
|
|
274
|
+
PerformanceEvents.DeserializeResponse,
|
|
275
|
+
this.logger,
|
|
276
|
+
this.performanceClient,
|
|
277
|
+
correlationId
|
|
278
|
+
)(responseString, responseType, this.logger);
|
|
279
|
+
|
|
280
|
+
return invokeAsync(
|
|
281
|
+
Authorize.handleResponseEAR,
|
|
282
|
+
PerformanceEvents.HandleResponseEar,
|
|
283
|
+
this.logger,
|
|
284
|
+
this.performanceClient,
|
|
285
|
+
correlationId
|
|
286
|
+
)(
|
|
287
|
+
silentRequest,
|
|
288
|
+
serverParams,
|
|
289
|
+
this.apiId,
|
|
290
|
+
this.config,
|
|
291
|
+
discoveredAuthority,
|
|
292
|
+
this.browserStorage,
|
|
293
|
+
this.nativeStorage,
|
|
294
|
+
this.eventHandler,
|
|
295
|
+
this.logger,
|
|
296
|
+
this.performanceClient,
|
|
297
|
+
this.nativeMessageHandler
|
|
298
|
+
);
|
|
299
|
+
}
|
|
300
|
+
|
|
197
301
|
/**
|
|
198
302
|
* Currently Unsupported
|
|
199
303
|
*/
|
|
@@ -214,7 +318,7 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
214
318
|
*/
|
|
215
319
|
protected async silentTokenHelper(
|
|
216
320
|
authClient: AuthorizationCodeClient,
|
|
217
|
-
request:
|
|
321
|
+
request: CommonAuthorizationUrlRequest
|
|
218
322
|
): Promise<AuthenticationResult> {
|
|
219
323
|
const correlationId = request.correlationId;
|
|
220
324
|
this.performanceClient.addQueueMeasurement(
|
|
@@ -226,15 +330,16 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
226
330
|
PerformanceEvents.GeneratePkceCodes,
|
|
227
331
|
this.logger,
|
|
228
332
|
this.performanceClient,
|
|
229
|
-
|
|
230
|
-
)(this.performanceClient, this.logger,
|
|
333
|
+
correlationId
|
|
334
|
+
)(this.performanceClient, this.logger, correlationId);
|
|
335
|
+
|
|
231
336
|
const silentRequest = {
|
|
232
337
|
...request,
|
|
233
338
|
codeChallenge: pkceCodes.challenge,
|
|
234
339
|
};
|
|
235
340
|
// Create authorize request url
|
|
236
341
|
const navigateUrl = await invokeAsync(
|
|
237
|
-
getAuthCodeRequestUrl,
|
|
342
|
+
Authorize.getAuthCodeRequestUrl,
|
|
238
343
|
PerformanceEvents.GetAuthCodeUrl,
|
|
239
344
|
this.logger,
|
|
240
345
|
this.performanceClient,
|
|
@@ -242,22 +347,14 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
242
347
|
)(
|
|
243
348
|
this.config,
|
|
244
349
|
authClient.authority,
|
|
245
|
-
|
|
246
|
-
...silentRequest,
|
|
247
|
-
platformBroker: NativeMessageHandler.isPlatformBrokerAvailable(
|
|
248
|
-
this.config,
|
|
249
|
-
this.logger,
|
|
250
|
-
this.nativeMessageHandler,
|
|
251
|
-
silentRequest.authenticationScheme
|
|
252
|
-
),
|
|
253
|
-
},
|
|
350
|
+
silentRequest,
|
|
254
351
|
this.logger,
|
|
255
352
|
this.performanceClient
|
|
256
353
|
);
|
|
257
354
|
|
|
258
355
|
// Get the frame handle for the silent request
|
|
259
356
|
const msalFrame = await invokeAsync(
|
|
260
|
-
|
|
357
|
+
initiateCodeRequest,
|
|
261
358
|
PerformanceEvents.SilentHandlerInitiateAuthRequest,
|
|
262
359
|
this.logger,
|
|
263
360
|
this.performanceClient,
|
|
@@ -269,6 +366,7 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
269
366
|
correlationId,
|
|
270
367
|
this.config.system.navigateFrameWait
|
|
271
368
|
);
|
|
369
|
+
|
|
272
370
|
const responseType = this.config.auth.OIDCOptions.serverResponseType;
|
|
273
371
|
// Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
274
372
|
const responseString = await invokeAsync(
|
|
@@ -291,71 +389,28 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
291
389
|
PerformanceEvents.DeserializeResponse,
|
|
292
390
|
this.logger,
|
|
293
391
|
this.performanceClient,
|
|
294
|
-
|
|
392
|
+
correlationId
|
|
295
393
|
)(responseString, responseType, this.logger);
|
|
296
394
|
|
|
297
|
-
if (serverParams.accountId) {
|
|
298
|
-
this.logger.verbose(
|
|
299
|
-
"Account id found in hash, calling WAM for token"
|
|
300
|
-
);
|
|
301
|
-
if (!this.nativeMessageHandler) {
|
|
302
|
-
throw createBrowserAuthError(
|
|
303
|
-
BrowserAuthErrorCodes.nativeConnectionNotEstablished
|
|
304
|
-
);
|
|
305
|
-
}
|
|
306
|
-
const nativeInteractionClient = new NativeInteractionClient(
|
|
307
|
-
this.config,
|
|
308
|
-
this.browserStorage,
|
|
309
|
-
this.browserCrypto,
|
|
310
|
-
this.logger,
|
|
311
|
-
this.eventHandler,
|
|
312
|
-
this.navigationClient,
|
|
313
|
-
this.apiId,
|
|
314
|
-
this.performanceClient,
|
|
315
|
-
this.nativeMessageHandler,
|
|
316
|
-
serverParams.accountId,
|
|
317
|
-
this.browserStorage,
|
|
318
|
-
correlationId
|
|
319
|
-
);
|
|
320
|
-
const { userRequestState } = ProtocolUtils.parseRequestState(
|
|
321
|
-
this.browserCrypto,
|
|
322
|
-
silentRequest.state
|
|
323
|
-
);
|
|
324
|
-
return invokeAsync(
|
|
325
|
-
nativeInteractionClient.acquireToken.bind(
|
|
326
|
-
nativeInteractionClient
|
|
327
|
-
),
|
|
328
|
-
PerformanceEvents.NativeInteractionClientAcquireToken,
|
|
329
|
-
this.logger,
|
|
330
|
-
this.performanceClient,
|
|
331
|
-
correlationId
|
|
332
|
-
)({
|
|
333
|
-
...silentRequest,
|
|
334
|
-
state: userRequestState,
|
|
335
|
-
prompt: silentRequest.prompt || PromptValue.NONE,
|
|
336
|
-
});
|
|
337
|
-
}
|
|
338
|
-
const authCodeRequest: CommonAuthorizationCodeRequest = {
|
|
339
|
-
...silentRequest,
|
|
340
|
-
code: serverParams.code || "",
|
|
341
|
-
codeVerifier: pkceCodes.verifier,
|
|
342
|
-
};
|
|
343
|
-
// Create silent handler
|
|
344
|
-
const interactionHandler = new InteractionHandler(
|
|
345
|
-
authClient,
|
|
346
|
-
this.browserStorage,
|
|
347
|
-
authCodeRequest,
|
|
348
|
-
this.logger,
|
|
349
|
-
this.performanceClient
|
|
350
|
-
);
|
|
351
|
-
|
|
352
|
-
// Handle response from hash string
|
|
353
395
|
return invokeAsync(
|
|
354
|
-
|
|
355
|
-
PerformanceEvents.
|
|
396
|
+
Authorize.handleResponseCode,
|
|
397
|
+
PerformanceEvents.HandleResponseCode,
|
|
356
398
|
this.logger,
|
|
357
399
|
this.performanceClient,
|
|
358
400
|
correlationId
|
|
359
|
-
)(
|
|
401
|
+
)(
|
|
402
|
+
request,
|
|
403
|
+
serverParams,
|
|
404
|
+
pkceCodes.verifier,
|
|
405
|
+
this.apiId,
|
|
406
|
+
this.config,
|
|
407
|
+
authClient,
|
|
408
|
+
this.browserStorage,
|
|
409
|
+
this.nativeStorage,
|
|
410
|
+
this.eventHandler,
|
|
411
|
+
this.logger,
|
|
412
|
+
this.performanceClient,
|
|
413
|
+
this.nativeMessageHandler
|
|
414
|
+
);
|
|
360
415
|
}
|
|
361
416
|
}
|
|
@@ -19,9 +19,9 @@ import {
|
|
|
19
19
|
invokeAsync,
|
|
20
20
|
BaseAuthRequest,
|
|
21
21
|
StringDict,
|
|
22
|
+
CommonAuthorizationUrlRequest,
|
|
22
23
|
} from "@azure/msal-common/browser";
|
|
23
24
|
import { BaseInteractionClient } from "./BaseInteractionClient.js";
|
|
24
|
-
import { AuthorizationUrlRequest } from "../request/AuthorizationUrlRequest.js";
|
|
25
25
|
import {
|
|
26
26
|
BrowserConstants,
|
|
27
27
|
InteractionType,
|
|
@@ -290,7 +290,7 @@ export abstract class StandardInteractionClient extends BaseInteractionClient {
|
|
|
290
290
|
protected async initializeAuthorizationRequest(
|
|
291
291
|
request: RedirectRequest | PopupRequest | SsoSilentRequest,
|
|
292
292
|
interactionType: InteractionType
|
|
293
|
-
): Promise<
|
|
293
|
+
): Promise<CommonAuthorizationUrlRequest> {
|
|
294
294
|
this.performanceClient.addQueueMeasurement(
|
|
295
295
|
PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest,
|
|
296
296
|
this.correlationId
|
|
@@ -319,7 +319,7 @@ export abstract class StandardInteractionClient extends BaseInteractionClient {
|
|
|
319
319
|
this.logger
|
|
320
320
|
);
|
|
321
321
|
|
|
322
|
-
const validatedRequest:
|
|
322
|
+
const validatedRequest: CommonAuthorizationUrlRequest = {
|
|
323
323
|
...baseRequest,
|
|
324
324
|
redirectUri: redirectUri,
|
|
325
325
|
state: state,
|
|
@@ -16,6 +16,7 @@ import {
|
|
|
16
16
|
CcsCredentialType,
|
|
17
17
|
AuthorizeResponse,
|
|
18
18
|
AuthorizeProtocol,
|
|
19
|
+
CommonAuthorizationUrlRequest,
|
|
19
20
|
} from "@azure/msal-common/browser";
|
|
20
21
|
|
|
21
22
|
import { BrowserCacheManager } from "../cache/BrowserCacheManager.js";
|
|
@@ -24,7 +25,6 @@ import {
|
|
|
24
25
|
BrowserAuthErrorCodes,
|
|
25
26
|
} from "../error/BrowserAuthError.js";
|
|
26
27
|
import { AuthenticationResult } from "../response/AuthenticationResult.js";
|
|
27
|
-
import { AuthorizationUrlRequest } from "../request/AuthorizationUrlRequest.js";
|
|
28
28
|
|
|
29
29
|
/**
|
|
30
30
|
* Abstract class which defines operations for a browser interaction handling class.
|
|
@@ -56,7 +56,7 @@ export class InteractionHandler {
|
|
|
56
56
|
*/
|
|
57
57
|
async handleCodeResponse(
|
|
58
58
|
response: AuthorizeResponse,
|
|
59
|
-
request:
|
|
59
|
+
request: CommonAuthorizationUrlRequest
|
|
60
60
|
): Promise<AuthenticationResult> {
|
|
61
61
|
this.performanceClient.addQueueMeasurement(
|
|
62
62
|
PerformanceEvents.HandleCodeResponse,
|
|
@@ -102,7 +102,7 @@ export class InteractionHandler {
|
|
|
102
102
|
*/
|
|
103
103
|
async handleCodeResponseFromServer(
|
|
104
104
|
authCodeResponse: AuthorizationCodePayload,
|
|
105
|
-
request:
|
|
105
|
+
request: CommonAuthorizationUrlRequest,
|
|
106
106
|
validateNonce: boolean = true
|
|
107
107
|
): Promise<AuthenticationResult> {
|
|
108
108
|
this.performanceClient.addQueueMeasurement(
|
|
@@ -160,7 +160,7 @@ export class InteractionHandler {
|
|
|
160
160
|
* Build ccs creds if available
|
|
161
161
|
*/
|
|
162
162
|
protected createCcsCredentials(
|
|
163
|
-
request:
|
|
163
|
+
request: CommonAuthorizationUrlRequest
|
|
164
164
|
): CcsCredential | null {
|
|
165
165
|
if (request.account) {
|
|
166
166
|
return {
|
|
@@ -10,19 +10,25 @@ import {
|
|
|
10
10
|
invokeAsync,
|
|
11
11
|
invoke,
|
|
12
12
|
ServerResponseType,
|
|
13
|
+
Authority,
|
|
14
|
+
CommonAuthorizationUrlRequest,
|
|
13
15
|
} from "@azure/msal-common/browser";
|
|
14
16
|
import {
|
|
15
17
|
createBrowserAuthError,
|
|
16
18
|
BrowserAuthErrorCodes,
|
|
17
19
|
} from "../error/BrowserAuthError.js";
|
|
18
|
-
import {
|
|
20
|
+
import {
|
|
21
|
+
BrowserConfiguration,
|
|
22
|
+
DEFAULT_IFRAME_TIMEOUT_MS,
|
|
23
|
+
} from "../config/Configuration.js";
|
|
24
|
+
import { getEARForm } from "../protocol/Authorize.js";
|
|
19
25
|
|
|
20
26
|
/**
|
|
21
27
|
* Creates a hidden iframe to given URL using user-requested scopes as an id.
|
|
22
28
|
* @param urlNavigate
|
|
23
29
|
* @param userRequestScopes
|
|
24
30
|
*/
|
|
25
|
-
export async function
|
|
31
|
+
export async function initiateCodeRequest(
|
|
26
32
|
requestUrl: string,
|
|
27
33
|
performanceClient: IPerformanceClient,
|
|
28
34
|
logger: Logger,
|
|
@@ -57,6 +63,29 @@ export async function initiateAuthRequest(
|
|
|
57
63
|
)(requestUrl);
|
|
58
64
|
}
|
|
59
65
|
|
|
66
|
+
export async function initiateEarRequest(
|
|
67
|
+
config: BrowserConfiguration,
|
|
68
|
+
authority: Authority,
|
|
69
|
+
request: CommonAuthorizationUrlRequest,
|
|
70
|
+
logger: Logger,
|
|
71
|
+
performanceClient: IPerformanceClient
|
|
72
|
+
): Promise<HTMLIFrameElement> {
|
|
73
|
+
const frame = createHiddenIframe();
|
|
74
|
+
if (!frame.contentDocument) {
|
|
75
|
+
throw "No document associated with iframe!";
|
|
76
|
+
}
|
|
77
|
+
const form = await getEARForm(
|
|
78
|
+
frame.contentDocument,
|
|
79
|
+
config,
|
|
80
|
+
authority,
|
|
81
|
+
request,
|
|
82
|
+
logger,
|
|
83
|
+
performanceClient
|
|
84
|
+
);
|
|
85
|
+
form.submit();
|
|
86
|
+
return frame;
|
|
87
|
+
}
|
|
88
|
+
|
|
60
89
|
/**
|
|
61
90
|
* Monitors an iframe content window until it loads a url with a known hash, or hits a specified timeout.
|
|
62
91
|
* @param iframe
|
package/src/packageMetadata.ts
CHANGED