@azure/msal-browser 4.8.0 → 4.9.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeMessageHandler.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.d.ts +4 -41
- package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +18 -143
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +2 -2
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.mjs +5 -5
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts +2 -2
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +28 -16
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.d.ts +2 -2
- package/dist/controllers/UnknownOperatingContextController.d.ts.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.d.ts +11 -0
- package/dist/crypto/BrowserCrypto.d.ts.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +68 -5
- package/dist/crypto/BrowserCrypto.mjs.map +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.d.ts +3 -5
- package/dist/error/BrowserAuthError.d.ts.map +1 -1
- package/dist/error/BrowserAuthError.mjs +5 -7
- package/dist/error/BrowserAuthError.mjs.map +1 -1
- package/dist/error/BrowserAuthErrorCodes.d.ts +3 -1
- package/dist/error/BrowserAuthErrorCodes.d.ts.map +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +6 -4
- package/dist/error/BrowserAuthErrorCodes.mjs.map +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +2 -2
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/NativeInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/NativeInteractionClient.mjs +1 -3
- package/dist/interaction_client/NativeInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.d.ts +14 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +65 -64
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.d.ts +20 -3
- package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +132 -76
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts +13 -3
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +57 -44
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts +2 -3
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.d.ts +4 -5
- package/dist/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs.map +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts +4 -2
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +15 -5
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +2 -2
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +53 -1
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +147 -4
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/AuthorizationUrlRequest.d.ts +2 -4
- package/dist/request/AuthorizationUrlRequest.d.ts.map +1 -1
- package/dist/request/PopupRequest.d.ts +1 -1
- package/dist/request/PopupRequest.d.ts.map +1 -1
- package/dist/request/RedirectRequest.d.ts +1 -1
- package/dist/request/RedirectRequest.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/request/SsoSilentRequest.d.ts +1 -1
- package/dist/request/SsoSilentRequest.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.d.ts +1 -10
- package/dist/utils/BrowserConstants.d.ts.map +1 -1
- package/dist/utils/BrowserConstants.mjs +2 -15
- package/dist/utils/BrowserConstants.mjs.map +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/lib/msal-browser.cjs +1588 -1555
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +1588 -1555
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +68 -67
- package/lib/types/cache/BrowserCacheManager.d.ts +4 -41
- package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/types/controllers/NestedAppAuthController.d.ts +2 -2
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/controllers/UnknownOperatingContextController.d.ts +2 -2
- package/lib/types/controllers/UnknownOperatingContextController.d.ts.map +1 -1
- package/lib/types/crypto/BrowserCrypto.d.ts +11 -0
- package/lib/types/crypto/BrowserCrypto.d.ts.map +1 -1
- package/lib/types/error/BrowserAuthError.d.ts +3 -5
- package/lib/types/error/BrowserAuthError.d.ts.map +1 -1
- package/lib/types/error/BrowserAuthErrorCodes.d.ts +3 -1
- package/lib/types/error/BrowserAuthErrorCodes.d.ts.map +1 -1
- package/lib/types/interaction_client/NativeInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts +14 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/RedirectClient.d.ts +20 -3
- package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts +13 -3
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts +2 -3
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/InteractionHandler.d.ts +4 -5
- package/lib/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts +4 -2
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts +53 -1
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/request/AuthorizationUrlRequest.d.ts +2 -4
- package/lib/types/request/AuthorizationUrlRequest.d.ts.map +1 -1
- package/lib/types/request/PopupRequest.d.ts +1 -1
- package/lib/types/request/PopupRequest.d.ts.map +1 -1
- package/lib/types/request/RedirectRequest.d.ts +1 -1
- package/lib/types/request/RedirectRequest.d.ts.map +1 -1
- package/lib/types/request/SsoSilentRequest.d.ts +1 -1
- package/lib/types/request/SsoSilentRequest.d.ts.map +1 -1
- package/lib/types/utils/BrowserConstants.d.ts +1 -10
- package/lib/types/utils/BrowserConstants.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/cache/BrowserCacheManager.ts +30 -205
- package/src/config/Configuration.ts +2 -2
- package/src/controllers/NestedAppAuthController.ts +2 -0
- package/src/controllers/StandardController.ts +35 -24
- package/src/controllers/UnknownOperatingContextController.ts +2 -0
- package/src/crypto/BrowserCrypto.ts +91 -2
- package/src/error/BrowserAuthError.ts +6 -8
- package/src/error/BrowserAuthErrorCodes.ts +3 -1
- package/src/interaction_client/NativeInteractionClient.ts +0 -2
- package/src/interaction_client/PopupClient.ts +163 -119
- package/src/interaction_client/RedirectClient.ts +258 -140
- package/src/interaction_client/SilentAuthCodeClient.ts +2 -2
- package/src/interaction_client/SilentIframeClient.ts +154 -99
- package/src/interaction_client/StandardInteractionClient.ts +3 -3
- package/src/interaction_handler/InteractionHandler.ts +4 -4
- package/src/interaction_handler/SilentHandler.ts +31 -2
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +356 -2
- package/src/request/AuthorizationUrlRequest.ts +3 -5
- package/src/request/PopupRequest.ts +1 -0
- package/src/request/RedirectRequest.ts +1 -0
- package/src/request/SsoSilentRequest.ts +1 -0
- package/src/utils/BrowserConstants.ts +1 -10
- package/dist/interaction_handler/RedirectHandler.d.ts +0 -33
- package/dist/interaction_handler/RedirectHandler.d.ts.map +0 -1
- package/dist/interaction_handler/RedirectHandler.mjs +0 -144
- package/dist/interaction_handler/RedirectHandler.mjs.map +0 -1
- package/lib/types/interaction_handler/RedirectHandler.d.ts +0 -33
- package/lib/types/interaction_handler/RedirectHandler.d.ts.map +0 -1
- package/src/interaction_handler/RedirectHandler.ts +0 -252
|
@@ -17,12 +17,33 @@ import {
|
|
|
17
17
|
PopTokenGenerator,
|
|
18
18
|
ProtocolMode,
|
|
19
19
|
RequestParameterBuilder,
|
|
20
|
+
OAuthResponseType,
|
|
20
21
|
Constants,
|
|
22
|
+
CommonAuthorizationCodeRequest,
|
|
23
|
+
AuthorizationCodeClient,
|
|
24
|
+
ProtocolUtils,
|
|
25
|
+
ThrottlingUtils,
|
|
26
|
+
AuthorizeResponse,
|
|
27
|
+
ResponseHandler,
|
|
28
|
+
TimeUtils,
|
|
29
|
+
AuthorizationCodePayload,
|
|
30
|
+
ServerAuthorizationTokenResponse,
|
|
21
31
|
} from "@azure/msal-common/browser";
|
|
22
32
|
import { BrowserConfiguration } from "../config/Configuration.js";
|
|
23
|
-
import { BrowserConstants } from "../utils/BrowserConstants.js";
|
|
33
|
+
import { ApiId, BrowserConstants } from "../utils/BrowserConstants.js";
|
|
24
34
|
import { version } from "../packageMetadata.js";
|
|
25
35
|
import { CryptoOps } from "../crypto/CryptoOps.js";
|
|
36
|
+
import {
|
|
37
|
+
BrowserAuthErrorCodes,
|
|
38
|
+
createBrowserAuthError,
|
|
39
|
+
} from "../error/BrowserAuthError.js";
|
|
40
|
+
import { AuthenticationResult } from "../response/AuthenticationResult.js";
|
|
41
|
+
import { InteractionHandler } from "../interaction_handler/InteractionHandler.js";
|
|
42
|
+
import { BrowserCacheManager } from "../cache/BrowserCacheManager.js";
|
|
43
|
+
import { NativeInteractionClient } from "../interaction_client/NativeInteractionClient.js";
|
|
44
|
+
import { NativeMessageHandler } from "../broker/nativeBroker/NativeMessageHandler.js";
|
|
45
|
+
import { EventHandler } from "../event/EventHandler.js";
|
|
46
|
+
import { decryptEarResponse } from "../crypto/BrowserCrypto.js";
|
|
26
47
|
|
|
27
48
|
/**
|
|
28
49
|
* Returns map of parameters that are applicable to all calls to /authorize whether using PKCE or EAR
|
|
@@ -124,7 +145,7 @@ export async function getAuthCodeRequestUrl(
|
|
|
124
145
|
performanceClient,
|
|
125
146
|
request.correlationId
|
|
126
147
|
)(config, authority, request, logger, performanceClient);
|
|
127
|
-
RequestParameterBuilder.
|
|
148
|
+
RequestParameterBuilder.addResponseType(parameters, OAuthResponseType.CODE);
|
|
128
149
|
|
|
129
150
|
RequestParameterBuilder.addCodeChallengeParams(
|
|
130
151
|
parameters,
|
|
@@ -132,5 +153,338 @@ export async function getAuthCodeRequestUrl(
|
|
|
132
153
|
Constants.S256_CODE_CHALLENGE_METHOD
|
|
133
154
|
);
|
|
134
155
|
|
|
156
|
+
RequestParameterBuilder.addExtraQueryParameters(
|
|
157
|
+
parameters,
|
|
158
|
+
request.extraQueryParameters || {}
|
|
159
|
+
);
|
|
160
|
+
|
|
135
161
|
return AuthorizeProtocol.getAuthorizeUrl(authority, parameters);
|
|
136
162
|
}
|
|
163
|
+
|
|
164
|
+
/**
|
|
165
|
+
* Gets the form that will be posted to /authorize with request parameters when using EAR
|
|
166
|
+
*/
|
|
167
|
+
export async function getEARForm(
|
|
168
|
+
frame: Document,
|
|
169
|
+
config: BrowserConfiguration,
|
|
170
|
+
authority: Authority,
|
|
171
|
+
request: CommonAuthorizationUrlRequest,
|
|
172
|
+
logger: Logger,
|
|
173
|
+
performanceClient: IPerformanceClient
|
|
174
|
+
): Promise<HTMLFormElement> {
|
|
175
|
+
if (!request.earJwk) {
|
|
176
|
+
throw createBrowserAuthError(BrowserAuthErrorCodes.earJwkEmpty);
|
|
177
|
+
}
|
|
178
|
+
|
|
179
|
+
const parameters = await getStandardParameters(
|
|
180
|
+
config,
|
|
181
|
+
authority,
|
|
182
|
+
request,
|
|
183
|
+
logger,
|
|
184
|
+
performanceClient
|
|
185
|
+
);
|
|
186
|
+
|
|
187
|
+
RequestParameterBuilder.addResponseType(
|
|
188
|
+
parameters,
|
|
189
|
+
OAuthResponseType.IDTOKEN_TOKEN_REFRESHTOKEN
|
|
190
|
+
);
|
|
191
|
+
RequestParameterBuilder.addEARParameters(parameters, request.earJwk);
|
|
192
|
+
|
|
193
|
+
const queryParams = new Map<string, string>();
|
|
194
|
+
RequestParameterBuilder.addExtraQueryParameters(
|
|
195
|
+
queryParams,
|
|
196
|
+
request.extraQueryParameters || {}
|
|
197
|
+
);
|
|
198
|
+
const url = AuthorizeProtocol.getAuthorizeUrl(authority, queryParams);
|
|
199
|
+
|
|
200
|
+
return createForm(frame, url, parameters);
|
|
201
|
+
}
|
|
202
|
+
|
|
203
|
+
/**
|
|
204
|
+
* Creates form element in the provided document with auth parameters in the post body
|
|
205
|
+
* @param frame
|
|
206
|
+
* @param authorizeUrl
|
|
207
|
+
* @param parameters
|
|
208
|
+
* @returns
|
|
209
|
+
*/
|
|
210
|
+
function createForm(
|
|
211
|
+
frame: Document,
|
|
212
|
+
authorizeUrl: string,
|
|
213
|
+
parameters: Map<string, string>
|
|
214
|
+
): HTMLFormElement {
|
|
215
|
+
const form = frame.createElement("form");
|
|
216
|
+
form.method = "post";
|
|
217
|
+
form.action = authorizeUrl;
|
|
218
|
+
|
|
219
|
+
parameters.forEach((value: string, key: string) => {
|
|
220
|
+
const param = frame.createElement("input");
|
|
221
|
+
param.hidden = true;
|
|
222
|
+
param.name = key;
|
|
223
|
+
param.value = value;
|
|
224
|
+
|
|
225
|
+
form.appendChild(param);
|
|
226
|
+
});
|
|
227
|
+
|
|
228
|
+
frame.body.appendChild(form);
|
|
229
|
+
return form;
|
|
230
|
+
}
|
|
231
|
+
|
|
232
|
+
/**
|
|
233
|
+
* Response handler when server returns accountId on the /authorize request
|
|
234
|
+
* @param request
|
|
235
|
+
* @param accountId
|
|
236
|
+
* @param apiId
|
|
237
|
+
* @param config
|
|
238
|
+
* @param browserStorage
|
|
239
|
+
* @param nativeStorage
|
|
240
|
+
* @param eventHandler
|
|
241
|
+
* @param logger
|
|
242
|
+
* @param performanceClient
|
|
243
|
+
* @param nativeMessageHandler
|
|
244
|
+
* @returns
|
|
245
|
+
*/
|
|
246
|
+
export async function handleResponsePlatformBroker(
|
|
247
|
+
request: CommonAuthorizationUrlRequest,
|
|
248
|
+
accountId: string,
|
|
249
|
+
apiId: ApiId,
|
|
250
|
+
config: BrowserConfiguration,
|
|
251
|
+
browserStorage: BrowserCacheManager,
|
|
252
|
+
nativeStorage: BrowserCacheManager,
|
|
253
|
+
eventHandler: EventHandler,
|
|
254
|
+
logger: Logger,
|
|
255
|
+
performanceClient: IPerformanceClient,
|
|
256
|
+
nativeMessageHandler?: NativeMessageHandler
|
|
257
|
+
): Promise<AuthenticationResult> {
|
|
258
|
+
if (!nativeMessageHandler) {
|
|
259
|
+
throw createBrowserAuthError(
|
|
260
|
+
BrowserAuthErrorCodes.nativeConnectionNotEstablished
|
|
261
|
+
);
|
|
262
|
+
}
|
|
263
|
+
const browserCrypto = new CryptoOps(logger, performanceClient);
|
|
264
|
+
const nativeInteractionClient = new NativeInteractionClient(
|
|
265
|
+
config,
|
|
266
|
+
browserStorage,
|
|
267
|
+
browserCrypto,
|
|
268
|
+
logger,
|
|
269
|
+
eventHandler,
|
|
270
|
+
config.system.navigationClient,
|
|
271
|
+
apiId,
|
|
272
|
+
performanceClient,
|
|
273
|
+
nativeMessageHandler,
|
|
274
|
+
accountId,
|
|
275
|
+
nativeStorage,
|
|
276
|
+
request.correlationId
|
|
277
|
+
);
|
|
278
|
+
const { userRequestState } = ProtocolUtils.parseRequestState(
|
|
279
|
+
browserCrypto,
|
|
280
|
+
request.state
|
|
281
|
+
);
|
|
282
|
+
return invokeAsync(
|
|
283
|
+
nativeInteractionClient.acquireToken.bind(nativeInteractionClient),
|
|
284
|
+
PerformanceEvents.NativeInteractionClientAcquireToken,
|
|
285
|
+
logger,
|
|
286
|
+
performanceClient,
|
|
287
|
+
request.correlationId
|
|
288
|
+
)({
|
|
289
|
+
...request,
|
|
290
|
+
state: userRequestState,
|
|
291
|
+
prompt: undefined, // Server should handle the prompt, ideally native broker can do this part silently
|
|
292
|
+
});
|
|
293
|
+
}
|
|
294
|
+
|
|
295
|
+
/**
|
|
296
|
+
* Response handler when server returns code on the /authorize request
|
|
297
|
+
* @param request
|
|
298
|
+
* @param response
|
|
299
|
+
* @param codeVerifier
|
|
300
|
+
* @param authClient
|
|
301
|
+
* @param browserStorage
|
|
302
|
+
* @param logger
|
|
303
|
+
* @param performanceClient
|
|
304
|
+
* @returns
|
|
305
|
+
*/
|
|
306
|
+
export async function handleResponseCode(
|
|
307
|
+
request: CommonAuthorizationUrlRequest,
|
|
308
|
+
response: AuthorizeResponse,
|
|
309
|
+
codeVerifier: string,
|
|
310
|
+
apiId: ApiId,
|
|
311
|
+
config: BrowserConfiguration,
|
|
312
|
+
authClient: AuthorizationCodeClient,
|
|
313
|
+
browserStorage: BrowserCacheManager,
|
|
314
|
+
nativeStorage: BrowserCacheManager,
|
|
315
|
+
eventHandler: EventHandler,
|
|
316
|
+
logger: Logger,
|
|
317
|
+
performanceClient: IPerformanceClient,
|
|
318
|
+
nativeMessageHandler?: NativeMessageHandler
|
|
319
|
+
): Promise<AuthenticationResult> {
|
|
320
|
+
// Remove throttle if it exists
|
|
321
|
+
ThrottlingUtils.removeThrottle(
|
|
322
|
+
browserStorage,
|
|
323
|
+
config.auth.clientId,
|
|
324
|
+
request
|
|
325
|
+
);
|
|
326
|
+
if (response.accountId) {
|
|
327
|
+
return invokeAsync(
|
|
328
|
+
handleResponsePlatformBroker,
|
|
329
|
+
PerformanceEvents.HandleResponsePlatformBroker,
|
|
330
|
+
logger,
|
|
331
|
+
performanceClient,
|
|
332
|
+
request.correlationId
|
|
333
|
+
)(
|
|
334
|
+
request,
|
|
335
|
+
response.accountId,
|
|
336
|
+
apiId,
|
|
337
|
+
config,
|
|
338
|
+
browserStorage,
|
|
339
|
+
nativeStorage,
|
|
340
|
+
eventHandler,
|
|
341
|
+
logger,
|
|
342
|
+
performanceClient,
|
|
343
|
+
nativeMessageHandler
|
|
344
|
+
);
|
|
345
|
+
}
|
|
346
|
+
const authCodeRequest: CommonAuthorizationCodeRequest = {
|
|
347
|
+
...request,
|
|
348
|
+
code: response.code || "",
|
|
349
|
+
codeVerifier: codeVerifier,
|
|
350
|
+
};
|
|
351
|
+
// Create popup interaction handler.
|
|
352
|
+
const interactionHandler = new InteractionHandler(
|
|
353
|
+
authClient,
|
|
354
|
+
browserStorage,
|
|
355
|
+
authCodeRequest,
|
|
356
|
+
logger,
|
|
357
|
+
performanceClient
|
|
358
|
+
);
|
|
359
|
+
// Handle response from hash string.
|
|
360
|
+
const result = await invokeAsync(
|
|
361
|
+
interactionHandler.handleCodeResponse.bind(interactionHandler),
|
|
362
|
+
PerformanceEvents.HandleCodeResponse,
|
|
363
|
+
logger,
|
|
364
|
+
performanceClient,
|
|
365
|
+
request.correlationId
|
|
366
|
+
)(response, request);
|
|
367
|
+
|
|
368
|
+
return result;
|
|
369
|
+
}
|
|
370
|
+
|
|
371
|
+
/**
|
|
372
|
+
* Response handler when server returns ear_jwe on the /authorize request
|
|
373
|
+
* @param request
|
|
374
|
+
* @param response
|
|
375
|
+
* @param apiId
|
|
376
|
+
* @param config
|
|
377
|
+
* @param authority
|
|
378
|
+
* @param browserStorage
|
|
379
|
+
* @param nativeStorage
|
|
380
|
+
* @param eventHandler
|
|
381
|
+
* @param logger
|
|
382
|
+
* @param performanceClient
|
|
383
|
+
* @param nativeMessageHandler
|
|
384
|
+
* @returns
|
|
385
|
+
*/
|
|
386
|
+
export async function handleResponseEAR(
|
|
387
|
+
request: CommonAuthorizationUrlRequest,
|
|
388
|
+
response: AuthorizeResponse,
|
|
389
|
+
apiId: ApiId,
|
|
390
|
+
config: BrowserConfiguration,
|
|
391
|
+
authority: Authority,
|
|
392
|
+
browserStorage: BrowserCacheManager,
|
|
393
|
+
nativeStorage: BrowserCacheManager,
|
|
394
|
+
eventHandler: EventHandler,
|
|
395
|
+
logger: Logger,
|
|
396
|
+
performanceClient: IPerformanceClient,
|
|
397
|
+
nativeMessageHandler?: NativeMessageHandler
|
|
398
|
+
): Promise<AuthenticationResult> {
|
|
399
|
+
// Remove throttle if it exists
|
|
400
|
+
ThrottlingUtils.removeThrottle(
|
|
401
|
+
browserStorage,
|
|
402
|
+
config.auth.clientId,
|
|
403
|
+
request
|
|
404
|
+
);
|
|
405
|
+
|
|
406
|
+
// Validate state & check response for errors
|
|
407
|
+
AuthorizeProtocol.validateAuthorizationResponse(response, request.state);
|
|
408
|
+
|
|
409
|
+
if (!response.ear_jwe) {
|
|
410
|
+
throw createBrowserAuthError(BrowserAuthErrorCodes.earJweEmpty);
|
|
411
|
+
}
|
|
412
|
+
|
|
413
|
+
if (!request.earJwk) {
|
|
414
|
+
throw createBrowserAuthError(BrowserAuthErrorCodes.earJwkEmpty);
|
|
415
|
+
}
|
|
416
|
+
|
|
417
|
+
const decryptedData = JSON.parse(
|
|
418
|
+
await invokeAsync(
|
|
419
|
+
decryptEarResponse,
|
|
420
|
+
PerformanceEvents.DecryptEarResponse,
|
|
421
|
+
logger,
|
|
422
|
+
performanceClient,
|
|
423
|
+
request.correlationId
|
|
424
|
+
)(request.earJwk, response.ear_jwe)
|
|
425
|
+
) as AuthorizeResponse & ServerAuthorizationTokenResponse;
|
|
426
|
+
|
|
427
|
+
if (decryptedData.accountId) {
|
|
428
|
+
return invokeAsync(
|
|
429
|
+
handleResponsePlatformBroker,
|
|
430
|
+
PerformanceEvents.HandleResponsePlatformBroker,
|
|
431
|
+
logger,
|
|
432
|
+
performanceClient,
|
|
433
|
+
request.correlationId
|
|
434
|
+
)(
|
|
435
|
+
request,
|
|
436
|
+
decryptedData.accountId,
|
|
437
|
+
apiId,
|
|
438
|
+
config,
|
|
439
|
+
browserStorage,
|
|
440
|
+
nativeStorage,
|
|
441
|
+
eventHandler,
|
|
442
|
+
logger,
|
|
443
|
+
performanceClient,
|
|
444
|
+
nativeMessageHandler
|
|
445
|
+
);
|
|
446
|
+
}
|
|
447
|
+
|
|
448
|
+
const responseHandler = new ResponseHandler(
|
|
449
|
+
config.auth.clientId,
|
|
450
|
+
browserStorage,
|
|
451
|
+
new CryptoOps(logger, performanceClient),
|
|
452
|
+
logger,
|
|
453
|
+
null,
|
|
454
|
+
null,
|
|
455
|
+
performanceClient
|
|
456
|
+
);
|
|
457
|
+
|
|
458
|
+
// Validate response. This function throws a server error if an error is returned by the server.
|
|
459
|
+
responseHandler.validateTokenResponse(decryptedData);
|
|
460
|
+
|
|
461
|
+
// Temporary until response handler is refactored to be more flow agnostic.
|
|
462
|
+
const additionalData: AuthorizationCodePayload = {
|
|
463
|
+
code: "",
|
|
464
|
+
state: request.state,
|
|
465
|
+
nonce: request.nonce,
|
|
466
|
+
client_info: decryptedData.client_info,
|
|
467
|
+
cloud_graph_host_name: decryptedData.cloud_graph_host_name,
|
|
468
|
+
cloud_instance_host_name: decryptedData.cloud_instance_host_name,
|
|
469
|
+
cloud_instance_name: decryptedData.cloud_instance_name,
|
|
470
|
+
msgraph_host: decryptedData.msgraph_host,
|
|
471
|
+
};
|
|
472
|
+
|
|
473
|
+
return (await invokeAsync(
|
|
474
|
+
responseHandler.handleServerTokenResponse.bind(responseHandler),
|
|
475
|
+
PerformanceEvents.HandleServerTokenResponse,
|
|
476
|
+
logger,
|
|
477
|
+
performanceClient,
|
|
478
|
+
request.correlationId
|
|
479
|
+
)(
|
|
480
|
+
decryptedData,
|
|
481
|
+
authority,
|
|
482
|
+
TimeUtils.nowSeconds(),
|
|
483
|
+
request,
|
|
484
|
+
additionalData,
|
|
485
|
+
undefined,
|
|
486
|
+
undefined,
|
|
487
|
+
undefined,
|
|
488
|
+
undefined
|
|
489
|
+
)) as AuthenticationResult;
|
|
490
|
+
}
|
|
@@ -7,11 +7,9 @@ import { CommonAuthorizationUrlRequest } from "@azure/msal-common/browser";
|
|
|
7
7
|
|
|
8
8
|
/**
|
|
9
9
|
* This type is deprecated and will be removed on the next major version update
|
|
10
|
+
* @deprecated Will be removed in future version
|
|
10
11
|
*/
|
|
11
12
|
export type AuthorizationUrlRequest = Omit<
|
|
12
13
|
CommonAuthorizationUrlRequest,
|
|
13
|
-
"
|
|
14
|
-
|
|
15
|
-
state: string;
|
|
16
|
-
nonce: string;
|
|
17
|
-
};
|
|
14
|
+
"requestedClaimsHash" | "platformBroker"
|
|
15
|
+
>;
|
|
@@ -78,21 +78,12 @@ export type HTTP_REQUEST_TYPE =
|
|
|
78
78
|
* Temporary cache keys for MSAL, deleted after any request.
|
|
79
79
|
*/
|
|
80
80
|
export const TemporaryCacheKeys = {
|
|
81
|
-
AUTHORITY: "authority",
|
|
82
|
-
ACQUIRE_TOKEN_ACCOUNT: "acquireToken.account",
|
|
83
|
-
SESSION_STATE: "session.state",
|
|
84
|
-
REQUEST_STATE: "request.state",
|
|
85
|
-
NONCE_IDTOKEN: "nonce.id_token",
|
|
86
81
|
ORIGIN_URI: "request.origin",
|
|
87
|
-
RENEW_STATUS: "token.renew.status",
|
|
88
82
|
URL_HASH: "urlHash",
|
|
89
83
|
REQUEST_PARAMS: "request.params",
|
|
90
|
-
|
|
84
|
+
VERIFIER: "code.verifier",
|
|
91
85
|
INTERACTION_STATUS_KEY: "interaction.status",
|
|
92
|
-
CCS_CREDENTIAL: "ccs.credential",
|
|
93
|
-
CORRELATION_ID: "request.correlationId",
|
|
94
86
|
NATIVE_REQUEST: "request.native",
|
|
95
|
-
REDIRECT_CONTEXT: "request.redirect.context",
|
|
96
87
|
} as const;
|
|
97
88
|
export type TemporaryCacheKeys =
|
|
98
89
|
(typeof TemporaryCacheKeys)[keyof typeof TemporaryCacheKeys];
|
|
@@ -1,33 +0,0 @@
|
|
|
1
|
-
import { AuthorizationCodeClient, CommonAuthorizationCodeRequest, Logger, IPerformanceClient, CcsCredential, AuthorizeResponse } from "@azure/msal-common/browser";
|
|
2
|
-
import { BrowserCacheManager } from "../cache/BrowserCacheManager.js";
|
|
3
|
-
import { INavigationClient } from "../navigation/INavigationClient.js";
|
|
4
|
-
import { AuthenticationResult } from "../response/AuthenticationResult.js";
|
|
5
|
-
export type RedirectParams = {
|
|
6
|
-
navigationClient: INavigationClient;
|
|
7
|
-
redirectTimeout: number;
|
|
8
|
-
redirectStartPage: string;
|
|
9
|
-
onRedirectNavigate?: (url: string) => void | boolean;
|
|
10
|
-
};
|
|
11
|
-
export declare class RedirectHandler {
|
|
12
|
-
authModule: AuthorizationCodeClient;
|
|
13
|
-
browserStorage: BrowserCacheManager;
|
|
14
|
-
authCodeRequest: CommonAuthorizationCodeRequest;
|
|
15
|
-
logger: Logger;
|
|
16
|
-
performanceClient: IPerformanceClient;
|
|
17
|
-
constructor(authCodeModule: AuthorizationCodeClient, storageImpl: BrowserCacheManager, authCodeRequest: CommonAuthorizationCodeRequest, logger: Logger, performanceClient: IPerformanceClient);
|
|
18
|
-
/**
|
|
19
|
-
* Redirects window to given URL.
|
|
20
|
-
* @param urlNavigate
|
|
21
|
-
*/
|
|
22
|
-
initiateAuthRequest(requestUrl: string, params: RedirectParams): Promise<void>;
|
|
23
|
-
/**
|
|
24
|
-
* Handle authorization code response in the window.
|
|
25
|
-
* @param hash
|
|
26
|
-
*/
|
|
27
|
-
handleCodeResponse(response: AuthorizeResponse, state: string): Promise<AuthenticationResult>;
|
|
28
|
-
/**
|
|
29
|
-
* Looks up ccs creds in the cache
|
|
30
|
-
*/
|
|
31
|
-
protected checkCcsCredentials(): CcsCredential | null;
|
|
32
|
-
}
|
|
33
|
-
//# sourceMappingURL=RedirectHandler.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"RedirectHandler.d.ts","sourceRoot":"","sources":["../../src/interaction_handler/RedirectHandler.ts"],"names":[],"mappings":"AAKA,OAAO,EACH,uBAAuB,EACvB,8BAA8B,EAC9B,MAAM,EAEN,kBAAkB,EAGlB,aAAa,EAGb,iBAAiB,EAEpB,MAAM,4BAA4B,CAAC;AAMpC,OAAO,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAEvE,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAE3E,MAAM,MAAM,cAAc,GAAG;IACzB,gBAAgB,EAAE,iBAAiB,CAAC;IACpC,eAAe,EAAE,MAAM,CAAC;IACxB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,GAAG,OAAO,CAAC;CACxD,CAAC;AAEF,qBAAa,eAAe;IACxB,UAAU,EAAE,uBAAuB,CAAC;IACpC,cAAc,EAAE,mBAAmB,CAAC;IACpC,eAAe,EAAE,8BAA8B,CAAC;IAChD,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,EAAE,kBAAkB,CAAC;gBAGlC,cAAc,EAAE,uBAAuB,EACvC,WAAW,EAAE,mBAAmB,EAChC,eAAe,EAAE,8BAA8B,EAC/C,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,kBAAkB;IASzC;;;OAGG;IACG,mBAAmB,CACrB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,cAAc,GACvB,OAAO,CAAC,IAAI,CAAC;IA6EhB;;;OAGG;IACG,kBAAkB,CACpB,QAAQ,EAAE,iBAAiB,EAC3B,KAAK,EAAE,MAAM,GACd,OAAO,CAAC,oBAAoB,CAAC;IAgFhC;;OAEG;IACH,SAAS,CAAC,mBAAmB,IAAI,aAAa,GAAG,IAAI;CAoBxD"}
|
|
@@ -1,144 +0,0 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.8.0 2025-03-20 */
|
|
2
|
-
'use strict';
|
|
3
|
-
import { createClientAuthError, ClientAuthErrorCodes, AuthorizeProtocol, ServerError, invokeAsync, PerformanceEvents } from '@azure/msal-common/browser';
|
|
4
|
-
import { createBrowserAuthError } from '../error/BrowserAuthError.mjs';
|
|
5
|
-
import { TemporaryCacheKeys, ApiId } from '../utils/BrowserConstants.mjs';
|
|
6
|
-
import { emptyNavigateUri, userCancelled } from '../error/BrowserAuthErrorCodes.mjs';
|
|
7
|
-
|
|
8
|
-
/*
|
|
9
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
10
|
-
* Licensed under the MIT License.
|
|
11
|
-
*/
|
|
12
|
-
class RedirectHandler {
|
|
13
|
-
constructor(authCodeModule, storageImpl, authCodeRequest, logger, performanceClient) {
|
|
14
|
-
this.authModule = authCodeModule;
|
|
15
|
-
this.browserStorage = storageImpl;
|
|
16
|
-
this.authCodeRequest = authCodeRequest;
|
|
17
|
-
this.logger = logger;
|
|
18
|
-
this.performanceClient = performanceClient;
|
|
19
|
-
}
|
|
20
|
-
/**
|
|
21
|
-
* Redirects window to given URL.
|
|
22
|
-
* @param urlNavigate
|
|
23
|
-
*/
|
|
24
|
-
async initiateAuthRequest(requestUrl, params) {
|
|
25
|
-
this.logger.verbose("RedirectHandler.initiateAuthRequest called");
|
|
26
|
-
// Navigate if valid URL
|
|
27
|
-
if (requestUrl) {
|
|
28
|
-
// Cache start page, returns to this page after redirectUri if navigateToLoginRequestUrl is true
|
|
29
|
-
if (params.redirectStartPage) {
|
|
30
|
-
this.logger.verbose("RedirectHandler.initiateAuthRequest: redirectStartPage set, caching start page");
|
|
31
|
-
this.browserStorage.setTemporaryCache(TemporaryCacheKeys.ORIGIN_URI, params.redirectStartPage, true);
|
|
32
|
-
}
|
|
33
|
-
// Set interaction status in the library.
|
|
34
|
-
this.browserStorage.setTemporaryCache(TemporaryCacheKeys.CORRELATION_ID, this.authCodeRequest.correlationId, true);
|
|
35
|
-
this.browserStorage.cacheCodeRequest(this.authCodeRequest);
|
|
36
|
-
this.logger.infoPii(`RedirectHandler.initiateAuthRequest: Navigate to: ${requestUrl}`);
|
|
37
|
-
const navigationOptions = {
|
|
38
|
-
apiId: ApiId.acquireTokenRedirect,
|
|
39
|
-
timeout: params.redirectTimeout,
|
|
40
|
-
noHistory: false,
|
|
41
|
-
};
|
|
42
|
-
// If onRedirectNavigate is implemented, invoke it and provide requestUrl
|
|
43
|
-
if (typeof params.onRedirectNavigate === "function") {
|
|
44
|
-
this.logger.verbose("RedirectHandler.initiateAuthRequest: Invoking onRedirectNavigate callback");
|
|
45
|
-
const navigate = params.onRedirectNavigate(requestUrl);
|
|
46
|
-
// Returning false from onRedirectNavigate will stop navigation
|
|
47
|
-
if (navigate !== false) {
|
|
48
|
-
this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate did not return false, navigating");
|
|
49
|
-
await params.navigationClient.navigateExternal(requestUrl, navigationOptions);
|
|
50
|
-
return;
|
|
51
|
-
}
|
|
52
|
-
else {
|
|
53
|
-
this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate returned false, stopping navigation");
|
|
54
|
-
return;
|
|
55
|
-
}
|
|
56
|
-
}
|
|
57
|
-
else {
|
|
58
|
-
// Navigate window to request URL
|
|
59
|
-
this.logger.verbose("RedirectHandler.initiateAuthRequest: Navigating window to navigate url");
|
|
60
|
-
await params.navigationClient.navigateExternal(requestUrl, navigationOptions);
|
|
61
|
-
return;
|
|
62
|
-
}
|
|
63
|
-
}
|
|
64
|
-
else {
|
|
65
|
-
// Throw error if request URL is empty.
|
|
66
|
-
this.logger.info("RedirectHandler.initiateAuthRequest: Navigate url is empty");
|
|
67
|
-
throw createBrowserAuthError(emptyNavigateUri);
|
|
68
|
-
}
|
|
69
|
-
}
|
|
70
|
-
/**
|
|
71
|
-
* Handle authorization code response in the window.
|
|
72
|
-
* @param hash
|
|
73
|
-
*/
|
|
74
|
-
async handleCodeResponse(response, state) {
|
|
75
|
-
this.logger.verbose("RedirectHandler.handleCodeResponse called");
|
|
76
|
-
// Interaction is completed - remove interaction status.
|
|
77
|
-
this.browserStorage.setInteractionInProgress(false);
|
|
78
|
-
// Handle code response.
|
|
79
|
-
const stateKey = this.browserStorage.generateStateKey(state);
|
|
80
|
-
const requestState = this.browserStorage.getTemporaryCache(stateKey);
|
|
81
|
-
if (!requestState) {
|
|
82
|
-
throw createClientAuthError(ClientAuthErrorCodes.stateNotFound, "Cached State");
|
|
83
|
-
}
|
|
84
|
-
let authCodeResponse;
|
|
85
|
-
try {
|
|
86
|
-
authCodeResponse = AuthorizeProtocol.getAuthorizationCodePayload(response, requestState);
|
|
87
|
-
}
|
|
88
|
-
catch (e) {
|
|
89
|
-
if (e instanceof ServerError &&
|
|
90
|
-
e.subError === userCancelled) {
|
|
91
|
-
// Translate server error caused by user closing native prompt to corresponding first class MSAL error
|
|
92
|
-
throw createBrowserAuthError(userCancelled);
|
|
93
|
-
}
|
|
94
|
-
else {
|
|
95
|
-
throw e;
|
|
96
|
-
}
|
|
97
|
-
}
|
|
98
|
-
// Get cached items
|
|
99
|
-
const nonceKey = this.browserStorage.generateNonceKey(requestState);
|
|
100
|
-
const cachedNonce = this.browserStorage.getTemporaryCache(nonceKey);
|
|
101
|
-
// Assign code to request
|
|
102
|
-
this.authCodeRequest.code = authCodeResponse.code;
|
|
103
|
-
// Check for new cloud instance
|
|
104
|
-
if (authCodeResponse.cloud_instance_host_name) {
|
|
105
|
-
await invokeAsync(this.authModule.updateAuthority.bind(this.authModule), PerformanceEvents.UpdateTokenEndpointAuthority, this.logger, this.performanceClient, this.authCodeRequest.correlationId)(authCodeResponse.cloud_instance_host_name, this.authCodeRequest.correlationId);
|
|
106
|
-
}
|
|
107
|
-
authCodeResponse.nonce = cachedNonce || undefined;
|
|
108
|
-
authCodeResponse.state = requestState;
|
|
109
|
-
// Add CCS parameters if available
|
|
110
|
-
if (authCodeResponse.client_info) {
|
|
111
|
-
this.authCodeRequest.clientInfo = authCodeResponse.client_info;
|
|
112
|
-
}
|
|
113
|
-
else {
|
|
114
|
-
const cachedCcsCred = this.checkCcsCredentials();
|
|
115
|
-
if (cachedCcsCred) {
|
|
116
|
-
this.authCodeRequest.ccsCredential = cachedCcsCred;
|
|
117
|
-
}
|
|
118
|
-
}
|
|
119
|
-
// Acquire token with retrieved code.
|
|
120
|
-
const tokenResponse = (await this.authModule.acquireToken(this.authCodeRequest, authCodeResponse));
|
|
121
|
-
this.browserStorage.cleanRequestByState(state);
|
|
122
|
-
return tokenResponse;
|
|
123
|
-
}
|
|
124
|
-
/**
|
|
125
|
-
* Looks up ccs creds in the cache
|
|
126
|
-
*/
|
|
127
|
-
checkCcsCredentials() {
|
|
128
|
-
// Look up ccs credential in temp cache
|
|
129
|
-
const cachedCcsCred = this.browserStorage.getTemporaryCache(TemporaryCacheKeys.CCS_CREDENTIAL, true);
|
|
130
|
-
if (cachedCcsCred) {
|
|
131
|
-
try {
|
|
132
|
-
return JSON.parse(cachedCcsCred);
|
|
133
|
-
}
|
|
134
|
-
catch (e) {
|
|
135
|
-
this.authModule.logger.error("Cache credential could not be parsed");
|
|
136
|
-
this.authModule.logger.errorPii(`Cache credential could not be parsed: ${cachedCcsCred}`);
|
|
137
|
-
}
|
|
138
|
-
}
|
|
139
|
-
return null;
|
|
140
|
-
}
|
|
141
|
-
}
|
|
142
|
-
|
|
143
|
-
export { RedirectHandler };
|
|
144
|
-
//# sourceMappingURL=RedirectHandler.mjs.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"RedirectHandler.mjs","sources":["../../src/interaction_handler/RedirectHandler.ts"],"sourcesContent":[null],"names":["BrowserAuthErrorCodes.emptyNavigateUri","BrowserAuthErrorCodes.userCancelled"],"mappings":";;;;;;;AAAA;;;AAGG;MAiCU,eAAe,CAAA;IAOxB,WACI,CAAA,cAAuC,EACvC,WAAgC,EAChC,eAA+C,EAC/C,MAAc,EACd,iBAAqC,EAAA;AAErC,QAAA,IAAI,CAAC,UAAU,GAAG,cAAc,CAAC;AACjC,QAAA,IAAI,CAAC,cAAc,GAAG,WAAW,CAAC;AAClC,QAAA,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;AACvC,QAAA,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;AACrB,QAAA,IAAI,CAAC,iBAAiB,GAAG,iBAAiB,CAAC;KAC9C;AAED;;;AAGG;AACH,IAAA,MAAM,mBAAmB,CACrB,UAAkB,EAClB,MAAsB,EAAA;AAEtB,QAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,4CAA4C,CAAC,CAAC;;AAElE,QAAA,IAAI,UAAU,EAAE;;YAEZ,IAAI,MAAM,CAAC,iBAAiB,EAAE;AAC1B,gBAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CACf,gFAAgF,CACnF,CAAC;AACF,gBAAA,IAAI,CAAC,cAAc,CAAC,iBAAiB,CACjC,kBAAkB,CAAC,UAAU,EAC7B,MAAM,CAAC,iBAAiB,EACxB,IAAI,CACP,CAAC;AACL,aAAA;;AAGD,YAAA,IAAI,CAAC,cAAc,CAAC,iBAAiB,CACjC,kBAAkB,CAAC,cAAc,EACjC,IAAI,CAAC,eAAe,CAAC,aAAa,EAClC,IAAI,CACP,CAAC;YACF,IAAI,CAAC,cAAc,CAAC,gBAAgB,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC3D,IAAI,CAAC,MAAM,CAAC,OAAO,CACf,CAAqD,kDAAA,EAAA,UAAU,CAAE,CAAA,CACpE,CAAC;AACF,YAAA,MAAM,iBAAiB,GAAsB;gBACzC,KAAK,EAAE,KAAK,CAAC,oBAAoB;gBACjC,OAAO,EAAE,MAAM,CAAC,eAAe;AAC/B,gBAAA,SAAS,EAAE,KAAK;aACnB,CAAC;;AAGF,YAAA,IAAI,OAAO,MAAM,CAAC,kBAAkB,KAAK,UAAU,EAAE;AACjD,gBAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CACf,2EAA2E,CAC9E,CAAC;gBACF,MAAM,QAAQ,GAAG,MAAM,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;;gBAGvD,IAAI,QAAQ,KAAK,KAAK,EAAE;AACpB,oBAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CACf,0FAA0F,CAC7F,CAAC;oBACF,MAAM,MAAM,CAAC,gBAAgB,CAAC,gBAAgB,CAC1C,UAAU,EACV,iBAAiB,CACpB,CAAC;oBACF,OAAO;AACV,iBAAA;AAAM,qBAAA;AACH,oBAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CACf,6FAA6F,CAChG,CAAC;oBACF,OAAO;AACV,iBAAA;AACJ,aAAA;AAAM,iBAAA;;AAEH,gBAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CACf,wEAAwE,CAC3E,CAAC;gBACF,MAAM,MAAM,CAAC,gBAAgB,CAAC,gBAAgB,CAC1C,UAAU,EACV,iBAAiB,CACpB,CAAC;gBACF,OAAO;AACV,aAAA;AACJ,SAAA;AAAM,aAAA;;AAEH,YAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,4DAA4D,CAC/D,CAAC;AACF,YAAA,MAAM,sBAAsB,CACxBA,gBAAsC,CACzC,CAAC;AACL,SAAA;KACJ;AAED;;;AAGG;AACH,IAAA,MAAM,kBAAkB,CACpB,QAA2B,EAC3B,KAAa,EAAA;AAEb,QAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,2CAA2C,CAAC,CAAC;;AAGjE,QAAA,IAAI,CAAC,cAAc,CAAC,wBAAwB,CAAC,KAAK,CAAC,CAAC;;QAGpD,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;QAC7D,MAAM,YAAY,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QACrE,IAAI,CAAC,YAAY,EAAE;YACf,MAAM,qBAAqB,CACvB,oBAAoB,CAAC,aAAa,EAClC,cAAc,CACjB,CAAC;AACL,SAAA;AAED,QAAA,IAAI,gBAAgB,CAAC;QACrB,IAAI;YACA,gBAAgB,GAAG,iBAAiB,CAAC,2BAA2B,CAC5D,QAAQ,EACR,YAAY,CACf,CAAC;AACL,SAAA;AAAC,QAAA,OAAO,CAAC,EAAE;YACR,IACI,CAAC,YAAY,WAAW;AACxB,gBAAA,CAAC,CAAC,QAAQ,KAAKC,aAAmC,EACpD;;AAEE,gBAAA,MAAM,sBAAsB,CACxBA,aAAmC,CACtC,CAAC;AACL,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,CAAC,CAAC;AACX,aAAA;AACJ,SAAA;;QAGD,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;QACpE,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;;QAGpE,IAAI,CAAC,eAAe,CAAC,IAAI,GAAG,gBAAgB,CAAC,IAAI,CAAC;;QAGlD,IAAI,gBAAgB,CAAC,wBAAwB,EAAE;YAC3C,MAAM,WAAW,CACb,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,EACrD,iBAAiB,CAAC,4BAA4B,EAC9C,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,IAAI,CAAC,eAAe,CAAC,aAAa,CACrC,CACG,gBAAgB,CAAC,wBAAwB,EACzC,IAAI,CAAC,eAAe,CAAC,aAAa,CACrC,CAAC;AACL,SAAA;AAED,QAAA,gBAAgB,CAAC,KAAK,GAAG,WAAW,IAAI,SAAS,CAAC;AAClD,QAAA,gBAAgB,CAAC,KAAK,GAAG,YAAY,CAAC;;QAGtC,IAAI,gBAAgB,CAAC,WAAW,EAAE;YAC9B,IAAI,CAAC,eAAe,CAAC,UAAU,GAAG,gBAAgB,CAAC,WAAW,CAAC;AAClE,SAAA;AAAM,aAAA;AACH,YAAA,MAAM,aAAa,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;AACjD,YAAA,IAAI,aAAa,EAAE;AACf,gBAAA,IAAI,CAAC,eAAe,CAAC,aAAa,GAAG,aAAa,CAAC;AACtD,aAAA;AACJ,SAAA;;AAGD,QAAA,MAAM,aAAa,IAAI,MAAM,IAAI,CAAC,UAAU,CAAC,YAAY,CACrD,IAAI,CAAC,eAAe,EACpB,gBAAgB,CACnB,CAAyB,CAAC;AAE3B,QAAA,IAAI,CAAC,cAAc,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;AAC/C,QAAA,OAAO,aAAa,CAAC;KACxB;AAED;;AAEG;IACO,mBAAmB,GAAA;;AAEzB,QAAA,MAAM,aAAa,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,CACvD,kBAAkB,CAAC,cAAc,EACjC,IAAI,CACP,CAAC;AACF,QAAA,IAAI,aAAa,EAAE;YACf,IAAI;AACA,gBAAA,OAAO,IAAI,CAAC,KAAK,CAAC,aAAa,CAAkB,CAAC;AACrD,aAAA;AAAC,YAAA,OAAO,CAAC,EAAE;gBACR,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CACxB,sCAAsC,CACzC,CAAC;gBACF,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAC3B,CAAyC,sCAAA,EAAA,aAAa,CAAE,CAAA,CAC3D,CAAC;AACL,aAAA;AACJ,SAAA;AACD,QAAA,OAAO,IAAI,CAAC;KACf;AACJ;;;;"}
|
|
@@ -1,33 +0,0 @@
|
|
|
1
|
-
import { AuthorizationCodeClient, CommonAuthorizationCodeRequest, Logger, IPerformanceClient, CcsCredential, AuthorizeResponse } from "@azure/msal-common/browser";
|
|
2
|
-
import { BrowserCacheManager } from "../cache/BrowserCacheManager.js";
|
|
3
|
-
import { INavigationClient } from "../navigation/INavigationClient.js";
|
|
4
|
-
import { AuthenticationResult } from "../response/AuthenticationResult.js";
|
|
5
|
-
export type RedirectParams = {
|
|
6
|
-
navigationClient: INavigationClient;
|
|
7
|
-
redirectTimeout: number;
|
|
8
|
-
redirectStartPage: string;
|
|
9
|
-
onRedirectNavigate?: (url: string) => void | boolean;
|
|
10
|
-
};
|
|
11
|
-
export declare class RedirectHandler {
|
|
12
|
-
authModule: AuthorizationCodeClient;
|
|
13
|
-
browserStorage: BrowserCacheManager;
|
|
14
|
-
authCodeRequest: CommonAuthorizationCodeRequest;
|
|
15
|
-
logger: Logger;
|
|
16
|
-
performanceClient: IPerformanceClient;
|
|
17
|
-
constructor(authCodeModule: AuthorizationCodeClient, storageImpl: BrowserCacheManager, authCodeRequest: CommonAuthorizationCodeRequest, logger: Logger, performanceClient: IPerformanceClient);
|
|
18
|
-
/**
|
|
19
|
-
* Redirects window to given URL.
|
|
20
|
-
* @param urlNavigate
|
|
21
|
-
*/
|
|
22
|
-
initiateAuthRequest(requestUrl: string, params: RedirectParams): Promise<void>;
|
|
23
|
-
/**
|
|
24
|
-
* Handle authorization code response in the window.
|
|
25
|
-
* @param hash
|
|
26
|
-
*/
|
|
27
|
-
handleCodeResponse(response: AuthorizeResponse, state: string): Promise<AuthenticationResult>;
|
|
28
|
-
/**
|
|
29
|
-
* Looks up ccs creds in the cache
|
|
30
|
-
*/
|
|
31
|
-
protected checkCcsCredentials(): CcsCredential | null;
|
|
32
|
-
}
|
|
33
|
-
//# sourceMappingURL=RedirectHandler.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"RedirectHandler.d.ts","sourceRoot":"","sources":["../../../src/interaction_handler/RedirectHandler.ts"],"names":[],"mappings":"AAKA,OAAO,EACH,uBAAuB,EACvB,8BAA8B,EAC9B,MAAM,EAEN,kBAAkB,EAGlB,aAAa,EAGb,iBAAiB,EAEpB,MAAM,4BAA4B,CAAC;AAMpC,OAAO,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAEvE,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAE3E,MAAM,MAAM,cAAc,GAAG;IACzB,gBAAgB,EAAE,iBAAiB,CAAC;IACpC,eAAe,EAAE,MAAM,CAAC;IACxB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,GAAG,OAAO,CAAC;CACxD,CAAC;AAEF,qBAAa,eAAe;IACxB,UAAU,EAAE,uBAAuB,CAAC;IACpC,cAAc,EAAE,mBAAmB,CAAC;IACpC,eAAe,EAAE,8BAA8B,CAAC;IAChD,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,EAAE,kBAAkB,CAAC;gBAGlC,cAAc,EAAE,uBAAuB,EACvC,WAAW,EAAE,mBAAmB,EAChC,eAAe,EAAE,8BAA8B,EAC/C,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,kBAAkB;IASzC;;;OAGG;IACG,mBAAmB,CACrB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,cAAc,GACvB,OAAO,CAAC,IAAI,CAAC;IA6EhB;;;OAGG;IACG,kBAAkB,CACpB,QAAQ,EAAE,iBAAiB,EAC3B,KAAK,EAAE,MAAM,GACd,OAAO,CAAC,oBAAoB,CAAC;IAgFhC;;OAEG;IACH,SAAS,CAAC,mBAAmB,IAAI,aAAa,GAAG,IAAI;CAoBxD"}
|