@azure/msal-browser 4.9.1 → 4.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (117) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientNext.mjs +1 -1
  4. package/dist/broker/nativeBroker/NativeMessageHandler.mjs +1 -1
  5. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  6. package/dist/cache/AccountManager.mjs +1 -1
  7. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  8. package/dist/cache/BrowserCacheManager.d.ts +7 -3
  9. package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
  10. package/dist/cache/BrowserCacheManager.mjs +8 -7
  11. package/dist/cache/BrowserCacheManager.mjs.map +1 -1
  12. package/dist/cache/CacheHelpers.mjs +1 -1
  13. package/dist/cache/CookieStorage.mjs +1 -1
  14. package/dist/cache/DatabaseStorage.mjs +1 -1
  15. package/dist/cache/LocalStorage.mjs +2 -2
  16. package/dist/cache/MemoryStorage.mjs +1 -1
  17. package/dist/cache/SessionStorage.mjs +1 -1
  18. package/dist/cache/TokenCache.mjs +1 -1
  19. package/dist/config/Configuration.d.ts +5 -0
  20. package/dist/config/Configuration.d.ts.map +1 -1
  21. package/dist/config/Configuration.mjs +4 -3
  22. package/dist/config/Configuration.mjs.map +1 -1
  23. package/dist/controllers/ControllerFactory.mjs +1 -1
  24. package/dist/controllers/NestedAppAuthController.mjs +2 -2
  25. package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
  26. package/dist/controllers/StandardController.d.ts.map +1 -1
  27. package/dist/controllers/StandardController.mjs +32 -20
  28. package/dist/controllers/StandardController.mjs.map +1 -1
  29. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  30. package/dist/crypto/BrowserCrypto.d.ts +6 -0
  31. package/dist/crypto/BrowserCrypto.d.ts.map +1 -1
  32. package/dist/crypto/BrowserCrypto.mjs +2 -2
  33. package/dist/crypto/BrowserCrypto.mjs.map +1 -1
  34. package/dist/crypto/CryptoOps.mjs +1 -1
  35. package/dist/crypto/PkceGenerator.mjs +1 -1
  36. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  37. package/dist/encode/Base64Decode.mjs +1 -1
  38. package/dist/encode/Base64Encode.mjs +1 -1
  39. package/dist/error/BrowserAuthError.mjs +2 -2
  40. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  41. package/dist/error/BrowserConfigurationAuthError.mjs +2 -2
  42. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  43. package/dist/error/NativeAuthError.mjs +1 -1
  44. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  45. package/dist/error/NestedAppAuthError.mjs +1 -1
  46. package/dist/event/EventHandler.mjs +1 -1
  47. package/dist/event/EventMessage.mjs +1 -1
  48. package/dist/event/EventType.mjs +1 -1
  49. package/dist/index.mjs +1 -1
  50. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  51. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  52. package/dist/interaction_client/NativeInteractionClient.mjs +1 -1
  53. package/dist/interaction_client/PopupClient.mjs +1 -1
  54. package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
  55. package/dist/interaction_client/RedirectClient.mjs +4 -4
  56. package/dist/interaction_client/RedirectClient.mjs.map +1 -1
  57. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  58. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  59. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  60. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  61. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  62. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  63. package/dist/interaction_handler/SilentHandler.mjs +3 -3
  64. package/dist/naa/BridgeError.mjs +1 -1
  65. package/dist/naa/BridgeProxy.mjs +1 -1
  66. package/dist/naa/BridgeStatusCode.mjs +1 -1
  67. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +2 -2
  68. package/dist/navigation/NavigationClient.mjs +1 -1
  69. package/dist/network/FetchClient.mjs +1 -1
  70. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  71. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  72. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  73. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  74. package/dist/packageMetadata.d.ts +1 -1
  75. package/dist/packageMetadata.d.ts.map +1 -1
  76. package/dist/packageMetadata.mjs +2 -2
  77. package/dist/protocol/Authorize.d.ts.map +1 -1
  78. package/dist/protocol/Authorize.mjs +3 -3
  79. package/dist/protocol/Authorize.mjs.map +1 -1
  80. package/dist/request/RequestHelpers.mjs +1 -1
  81. package/dist/response/ResponseHandler.mjs +1 -1
  82. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  83. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  84. package/dist/utils/BrowserConstants.d.ts +5 -0
  85. package/dist/utils/BrowserConstants.d.ts.map +1 -1
  86. package/dist/utils/BrowserConstants.mjs +10 -2
  87. package/dist/utils/BrowserConstants.mjs.map +1 -1
  88. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  89. package/dist/utils/BrowserUtils.mjs +1 -1
  90. package/lib/msal-browser.cjs +172 -106
  91. package/lib/msal-browser.cjs.map +1 -1
  92. package/lib/msal-browser.js +172 -106
  93. package/lib/msal-browser.js.map +1 -1
  94. package/lib/msal-browser.min.js +62 -62
  95. package/lib/types/cache/BrowserCacheManager.d.ts +7 -3
  96. package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
  97. package/lib/types/config/Configuration.d.ts +5 -0
  98. package/lib/types/config/Configuration.d.ts.map +1 -1
  99. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  100. package/lib/types/crypto/BrowserCrypto.d.ts +6 -0
  101. package/lib/types/crypto/BrowserCrypto.d.ts.map +1 -1
  102. package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
  103. package/lib/types/packageMetadata.d.ts +1 -1
  104. package/lib/types/packageMetadata.d.ts.map +1 -1
  105. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  106. package/lib/types/utils/BrowserConstants.d.ts +5 -0
  107. package/lib/types/utils/BrowserConstants.d.ts.map +1 -1
  108. package/package.json +2 -2
  109. package/src/cache/BrowserCacheManager.ts +43 -31
  110. package/src/config/Configuration.ts +6 -0
  111. package/src/controllers/NestedAppAuthController.ts +1 -1
  112. package/src/controllers/StandardController.ts +82 -54
  113. package/src/crypto/BrowserCrypto.ts +1 -1
  114. package/src/interaction_client/RedirectClient.ts +9 -2
  115. package/src/packageMetadata.ts +1 -1
  116. package/src/protocol/Authorize.ts +12 -2
  117. package/src/utils/BrowserConstants.ts +7 -0
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v4.9.1 2025-03-26 */
1
+ /*! @azure/msal-browser v4.11.0 2025-04-16 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v15.4.0 2025-03-26 */
5
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -62,10 +62,26 @@ const Constants = {
62
62
  INVALID_INSTANCE: "invalid_instance",
63
63
  };
64
64
  const HttpStatus = {
65
+ SUCCESS: 200,
66
+ SUCCESS_RANGE_START: 200,
67
+ SUCCESS_RANGE_END: 299,
68
+ REDIRECT: 302,
69
+ CLIENT_ERROR: 400,
65
70
  CLIENT_ERROR_RANGE_START: 400,
71
+ BAD_REQUEST: 400,
72
+ UNAUTHORIZED: 401,
73
+ NOT_FOUND: 404,
74
+ REQUEST_TIMEOUT: 408,
75
+ GONE: 410,
76
+ TOO_MANY_REQUESTS: 429,
66
77
  CLIENT_ERROR_RANGE_END: 499,
78
+ SERVER_ERROR: 500,
67
79
  SERVER_ERROR_RANGE_START: 500,
68
- SERVER_ERROR_RANGE_END: 599};
80
+ SERVICE_UNAVAILABLE: 503,
81
+ GATEWAY_TIMEOUT: 504,
82
+ SERVER_ERROR_RANGE_END: 599,
83
+ MULTI_SIDED_ERROR: 600,
84
+ };
69
85
  const OIDC_DEFAULT_SCOPES = [
70
86
  Constants.OPENID_SCOPE,
71
87
  Constants.PROFILE_SCOPE,
@@ -131,6 +147,7 @@ const CodeChallengeMethodValues = {
131
147
  */
132
148
  const OAuthResponseType = {
133
149
  CODE: "code",
150
+ IDTOKEN_TOKEN: "id_token token",
134
151
  IDTOKEN_TOKEN_REFRESHTOKEN: "id_token token refresh_token",
135
152
  };
136
153
  /**
@@ -145,19 +162,29 @@ const ServerResponseType = {
145
162
  * allowed values for response_mode
146
163
  */
147
164
  const ResponseMode = {
148
- QUERY: "query"};
165
+ QUERY: "query",
166
+ FRAGMENT: "fragment",
167
+ FORM_POST: "form_post",
168
+ };
149
169
  /**
150
170
  * allowed grant_type
151
171
  */
152
172
  const GrantType = {
173
+ IMPLICIT_GRANT: "implicit",
153
174
  AUTHORIZATION_CODE_GRANT: "authorization_code",
154
- REFRESH_TOKEN_GRANT: "refresh_token"};
175
+ CLIENT_CREDENTIALS_GRANT: "client_credentials",
176
+ RESOURCE_OWNER_PASSWORD_GRANT: "password",
177
+ REFRESH_TOKEN_GRANT: "refresh_token",
178
+ DEVICE_CODE_GRANT: "device_code",
179
+ JWT_BEARER: "urn:ietf:params:oauth:grant-type:jwt-bearer",
180
+ };
155
181
  /**
156
182
  * Account types in Cache
157
183
  */
158
184
  const CacheAccountType = {
159
185
  MSSTS_ACCOUNT_TYPE: "MSSTS",
160
186
  ADFS_ACCOUNT_TYPE: "ADFS",
187
+ MSAV1_ACCOUNT_TYPE: "MSA",
161
188
  GENERIC_ACCOUNT_TYPE: "Generic", // NTLM, Kerberos, FBA, Basic etc
162
189
  };
163
190
  /**
@@ -194,6 +221,7 @@ const AuthorityMetadataSource = {
194
221
  };
195
222
  const SERVER_TELEM_CONSTANTS = {
196
223
  SCHEMA_VERSION: 5,
224
+ MAX_CUR_HEADER_BYTES: 80,
197
225
  MAX_LAST_HEADER_BYTES: 330,
198
226
  MAX_CACHED_ERRORS: 50,
199
227
  CACHE_KEY: "server-telemetry",
@@ -248,7 +276,9 @@ const RegionDiscoverySources = {
248
276
  * Region Discovery Outcomes
249
277
  */
250
278
  const RegionDiscoveryOutcomes = {
279
+ CONFIGURED_MATCHES_DETECTED: "1",
251
280
  CONFIGURED_NO_AUTO_DETECTION: "2",
281
+ CONFIGURED_NOT_DETECTED: "3",
252
282
  AUTO_DETECTION_REQUESTED_SUCCESSFUL: "4",
253
283
  AUTO_DETECTION_REQUESTED_FAILED: "5",
254
284
  };
@@ -275,7 +305,7 @@ const JsonWebTokenTypes = {
275
305
  // Token renewal offset default in seconds
276
306
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
277
307
 
278
- /*! @azure/msal-common v15.4.0 2025-03-26 */
308
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
279
309
  /*
280
310
  * Copyright (c) Microsoft Corporation. All rights reserved.
281
311
  * Licensed under the MIT License.
@@ -292,7 +322,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
292
322
  unexpectedError: unexpectedError
293
323
  });
294
324
 
295
- /*! @azure/msal-common v15.4.0 2025-03-26 */
325
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
296
326
 
297
327
  /*
298
328
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -341,7 +371,7 @@ function createAuthError(code, additionalMessage) {
341
371
  : AuthErrorMessages[code]);
342
372
  }
343
373
 
344
- /*! @azure/msal-common v15.4.0 2025-03-26 */
374
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
345
375
  /*
346
376
  * Copyright (c) Microsoft Corporation. All rights reserved.
347
377
  * Licensed under the MIT License.
@@ -439,7 +469,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
439
469
  userTimeoutReached: userTimeoutReached
440
470
  });
441
471
 
442
- /*! @azure/msal-common v15.4.0 2025-03-26 */
472
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
443
473
 
444
474
  /*
445
475
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -691,7 +721,7 @@ function createClientAuthError(errorCode, additionalMessage) {
691
721
  return new ClientAuthError(errorCode, additionalMessage);
692
722
  }
693
723
 
694
- /*! @azure/msal-common v15.4.0 2025-03-26 */
724
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
695
725
 
696
726
  /*
697
727
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -730,7 +760,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
730
760
  },
731
761
  };
732
762
 
733
- /*! @azure/msal-common v15.4.0 2025-03-26 */
763
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
734
764
 
735
765
  /*
736
766
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -921,12 +951,12 @@ class Logger {
921
951
  }
922
952
  }
923
953
 
924
- /*! @azure/msal-common v15.4.0 2025-03-26 */
954
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
925
955
  /* eslint-disable header/header */
926
956
  const name$1 = "@azure/msal-common";
927
- const version$1 = "15.4.0";
957
+ const version$1 = "15.5.1";
928
958
 
929
- /*! @azure/msal-common v15.4.0 2025-03-26 */
959
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
930
960
  /*
931
961
  * Copyright (c) Microsoft Corporation. All rights reserved.
932
962
  * Licensed under the MIT License.
@@ -946,7 +976,7 @@ const AzureCloudInstance = {
946
976
  AzureUsGovernment: "https://login.microsoftonline.us",
947
977
  };
948
978
 
949
- /*! @azure/msal-common v15.4.0 2025-03-26 */
979
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
950
980
 
951
981
  /*
952
982
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1007,7 +1037,7 @@ function checkMaxAge(authTime, maxAge) {
1007
1037
  }
1008
1038
  }
1009
1039
 
1010
- /*! @azure/msal-common v15.4.0 2025-03-26 */
1040
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
1011
1041
  /*
1012
1042
  * Copyright (c) Microsoft Corporation. All rights reserved.
1013
1043
  * Licensed under the MIT License.
@@ -1062,7 +1092,7 @@ function wasClockTurnedBack(cachedAt) {
1062
1092
  return cachedAtSec > nowSeconds();
1063
1093
  }
1064
1094
 
1065
- /*! @azure/msal-common v15.4.0 2025-03-26 */
1095
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
1066
1096
 
1067
1097
  /*
1068
1098
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1389,7 +1419,7 @@ function isAuthorityMetadataExpired(metadata) {
1389
1419
  return metadata.expiresAt <= nowSeconds();
1390
1420
  }
1391
1421
 
1392
- /*! @azure/msal-common v15.4.0 2025-03-26 */
1422
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
1393
1423
  /*
1394
1424
  * Copyright (c) Microsoft Corporation. All rights reserved.
1395
1425
  * Licensed under the MIT License.
@@ -1443,7 +1473,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
1443
1473
  urlParseError: urlParseError
1444
1474
  });
1445
1475
 
1446
- /*! @azure/msal-common v15.4.0 2025-03-26 */
1476
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
1447
1477
 
1448
1478
  /*
1449
1479
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1581,7 +1611,7 @@ function createClientConfigurationError(errorCode) {
1581
1611
  return new ClientConfigurationError(errorCode);
1582
1612
  }
1583
1613
 
1584
- /*! @azure/msal-common v15.4.0 2025-03-26 */
1614
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
1585
1615
  /*
1586
1616
  * Copyright (c) Microsoft Corporation. All rights reserved.
1587
1617
  * Licensed under the MIT License.
@@ -1678,7 +1708,7 @@ class StringUtils {
1678
1708
  }
1679
1709
  }
1680
1710
 
1681
- /*! @azure/msal-common v15.4.0 2025-03-26 */
1711
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
1682
1712
 
1683
1713
  /*
1684
1714
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1869,7 +1899,7 @@ class ScopeSet {
1869
1899
  }
1870
1900
  }
1871
1901
 
1872
- /*! @azure/msal-common v15.4.0 2025-03-26 */
1902
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
1873
1903
 
1874
1904
  /*
1875
1905
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1909,7 +1939,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
1909
1939
  };
1910
1940
  }
1911
1941
 
1912
- /*! @azure/msal-common v15.4.0 2025-03-26 */
1942
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
1913
1943
  /*
1914
1944
  * Copyright (c) Microsoft Corporation. All rights reserved.
1915
1945
  * Licensed under the MIT License.
@@ -1988,7 +2018,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1988
2018
  return updatedAccountInfo;
1989
2019
  }
1990
2020
 
1991
- /*! @azure/msal-common v15.4.0 2025-03-26 */
2021
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
1992
2022
  /*
1993
2023
  * Copyright (c) Microsoft Corporation. All rights reserved.
1994
2024
  * Licensed under the MIT License.
@@ -2003,7 +2033,7 @@ const AuthorityType = {
2003
2033
  Ciam: 3,
2004
2034
  };
2005
2035
 
2006
- /*! @azure/msal-common v15.4.0 2025-03-26 */
2036
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
2007
2037
  /*
2008
2038
  * Copyright (c) Microsoft Corporation. All rights reserved.
2009
2039
  * Licensed under the MIT License.
@@ -2025,7 +2055,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
2025
2055
  return null;
2026
2056
  }
2027
2057
 
2028
- /*! @azure/msal-common v15.4.0 2025-03-26 */
2058
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
2029
2059
  /*
2030
2060
  * Copyright (c) Microsoft Corporation. All rights reserved.
2031
2061
  * Licensed under the MIT License.
@@ -2049,7 +2079,7 @@ const ProtocolMode = {
2049
2079
  EAR: "EAR",
2050
2080
  };
2051
2081
 
2052
- /*! @azure/msal-common v15.4.0 2025-03-26 */
2082
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
2053
2083
 
2054
2084
  /*
2055
2085
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2292,7 +2322,7 @@ class AccountEntity {
2292
2322
  }
2293
2323
  }
2294
2324
 
2295
- /*! @azure/msal-common v15.4.0 2025-03-26 */
2325
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
2296
2326
 
2297
2327
  /*
2298
2328
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2342,15 +2372,22 @@ function getDeserializedResponse(responseString) {
2342
2372
  /**
2343
2373
  * Utility to create a URL from the params map
2344
2374
  */
2345
- function mapToQueryString(parameters) {
2375
+ function mapToQueryString(parameters, encodeExtraParams = true, extraQueryParameters) {
2346
2376
  const queryParameterArray = new Array();
2347
2377
  parameters.forEach((value, key) => {
2348
- queryParameterArray.push(`${key}=${encodeURIComponent(value)}`);
2378
+ if (!encodeExtraParams &&
2379
+ extraQueryParameters &&
2380
+ key in extraQueryParameters) {
2381
+ queryParameterArray.push(`${key}=${value}`);
2382
+ }
2383
+ else {
2384
+ queryParameterArray.push(`${key}=${encodeURIComponent(value)}`);
2385
+ }
2349
2386
  });
2350
2387
  return queryParameterArray.join("&");
2351
2388
  }
2352
2389
 
2353
- /*! @azure/msal-common v15.4.0 2025-03-26 */
2390
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
2354
2391
 
2355
2392
  /*
2356
2393
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2514,7 +2551,7 @@ class UrlString {
2514
2551
  }
2515
2552
  }
2516
2553
 
2517
- /*! @azure/msal-common v15.4.0 2025-03-26 */
2554
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
2518
2555
 
2519
2556
  /*
2520
2557
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2545,6 +2582,7 @@ const rawMetdataJSON = {
2545
2582
  },
2546
2583
  },
2547
2584
  instanceDiscoveryMetadata: {
2585
+ tenant_discovery_endpoint: "https://{canonicalAuthority}/v2.0/.well-known/openid-configuration",
2548
2586
  metadata: [
2549
2587
  {
2550
2588
  preferred_network: "login.microsoftonline.com",
@@ -2653,7 +2691,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2653
2691
  return null;
2654
2692
  }
2655
2693
 
2656
- /*! @azure/msal-common v15.4.0 2025-03-26 */
2694
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
2657
2695
  /*
2658
2696
  * Copyright (c) Microsoft Corporation. All rights reserved.
2659
2697
  * Licensed under the MIT License.
@@ -2661,7 +2699,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2661
2699
  const cacheQuotaExceededErrorCode = "cache_quota_exceeded";
2662
2700
  const cacheUnknownErrorCode = "cache_error_unknown";
2663
2701
 
2664
- /*! @azure/msal-common v15.4.0 2025-03-26 */
2702
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
2665
2703
 
2666
2704
  /*
2667
2705
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2688,7 +2726,7 @@ class CacheError extends Error {
2688
2726
  }
2689
2727
  }
2690
2728
 
2691
- /*! @azure/msal-common v15.4.0 2025-03-26 */
2729
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
2692
2730
 
2693
2731
  /*
2694
2732
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3873,7 +3911,7 @@ class DefaultStorageClass extends CacheManager {
3873
3911
  }
3874
3912
  }
3875
3913
 
3876
- /*! @azure/msal-common v15.4.0 2025-03-26 */
3914
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
3877
3915
 
3878
3916
  /*
3879
3917
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3961,6 +3999,7 @@ function buildAuthOptions(authOptions) {
3961
3999
  azureCloudOptions: DEFAULT_AZURE_CLOUD_OPTIONS,
3962
4000
  skipAuthorityMetadataCache: false,
3963
4001
  instanceAware: false,
4002
+ encodeExtraQueryParams: false,
3964
4003
  ...authOptions,
3965
4004
  };
3966
4005
  }
@@ -3972,7 +4011,7 @@ function isOidcProtocolMode(config) {
3972
4011
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3973
4012
  }
3974
4013
 
3975
- /*! @azure/msal-common v15.4.0 2025-03-26 */
4014
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
3976
4015
  /*
3977
4016
  * Copyright (c) Microsoft Corporation. All rights reserved.
3978
4017
  * Licensed under the MIT License.
@@ -3982,7 +4021,7 @@ const CcsCredentialType = {
3982
4021
  UPN: "UPN",
3983
4022
  };
3984
4023
 
3985
- /*! @azure/msal-common v15.4.0 2025-03-26 */
4024
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
3986
4025
  /*
3987
4026
  * Copyright (c) Microsoft Corporation. All rights reserved.
3988
4027
  * Licensed under the MIT License.
@@ -4032,7 +4071,7 @@ const INSTANCE_AWARE = "instance_aware";
4032
4071
  const EAR_JWK = "ear_jwk";
4033
4072
  const EAR_JWE_CRYPTO = "ear_jwe_crypto";
4034
4073
 
4035
- /*! @azure/msal-common v15.4.0 2025-03-26 */
4074
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
4036
4075
 
4037
4076
  /*
4038
4077
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4400,7 +4439,7 @@ function addEARParameters(parameters, jwk) {
4400
4439
  parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
4401
4440
  }
4402
4441
 
4403
- /*! @azure/msal-common v15.4.0 2025-03-26 */
4442
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
4404
4443
  /*
4405
4444
  * Copyright (c) Microsoft Corporation. All rights reserved.
4406
4445
  * Licensed under the MIT License.
@@ -4412,7 +4451,7 @@ function isOpenIdConfigResponse(response) {
4412
4451
  response.hasOwnProperty("jwks_uri"));
4413
4452
  }
4414
4453
 
4415
- /*! @azure/msal-common v15.4.0 2025-03-26 */
4454
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
4416
4455
  /*
4417
4456
  * Copyright (c) Microsoft Corporation. All rights reserved.
4418
4457
  * Licensed under the MIT License.
@@ -4422,7 +4461,7 @@ function isCloudInstanceDiscoveryResponse(response) {
4422
4461
  response.hasOwnProperty("metadata"));
4423
4462
  }
4424
4463
 
4425
- /*! @azure/msal-common v15.4.0 2025-03-26 */
4464
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
4426
4465
  /*
4427
4466
  * Copyright (c) Microsoft Corporation. All rights reserved.
4428
4467
  * Licensed under the MIT License.
@@ -4432,7 +4471,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
4432
4471
  response.hasOwnProperty("error_description"));
4433
4472
  }
4434
4473
 
4435
- /*! @azure/msal-common v15.4.0 2025-03-26 */
4474
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
4436
4475
  /*
4437
4476
  * Copyright (c) Microsoft Corporation. All rights reserved.
4438
4477
  * Licensed under the MIT License.
@@ -4924,6 +4963,7 @@ const PerformanceEventAbbreviations = new Map([
4924
4963
  * @enum {number}
4925
4964
  */
4926
4965
  const PerformanceEventStatus = {
4966
+ NotStarted: 0,
4927
4967
  InProgress: 1,
4928
4968
  Completed: 2,
4929
4969
  };
@@ -4944,7 +4984,7 @@ const IntFields = new Set([
4944
4984
  "encryptedCacheExpiredCount",
4945
4985
  ]);
4946
4986
 
4947
- /*! @azure/msal-common v15.4.0 2025-03-26 */
4987
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
4948
4988
  /*
4949
4989
  * Copyright (c) Microsoft Corporation. All rights reserved.
4950
4990
  * Licensed under the MIT License.
@@ -5040,7 +5080,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
5040
5080
  };
5041
5081
  };
5042
5082
 
5043
- /*! @azure/msal-common v15.4.0 2025-03-26 */
5083
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
5044
5084
 
5045
5085
  /*
5046
5086
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5149,7 +5189,7 @@ RegionDiscovery.IMDS_OPTIONS = {
5149
5189
  },
5150
5190
  };
5151
5191
 
5152
- /*! @azure/msal-common v15.4.0 2025-03-26 */
5192
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
5153
5193
 
5154
5194
  /*
5155
5195
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5988,7 +6028,7 @@ function buildStaticAuthorityOptions(authOptions) {
5988
6028
  };
5989
6029
  }
5990
6030
 
5991
- /*! @azure/msal-common v15.4.0 2025-03-26 */
6031
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
5992
6032
 
5993
6033
  /*
5994
6034
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6019,7 +6059,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
6019
6059
  }
6020
6060
  }
6021
6061
 
6022
- /*! @azure/msal-common v15.4.0 2025-03-26 */
6062
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
6023
6063
 
6024
6064
  /*
6025
6065
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6038,7 +6078,7 @@ class ServerError extends AuthError {
6038
6078
  }
6039
6079
  }
6040
6080
 
6041
- /*! @azure/msal-common v15.4.0 2025-03-26 */
6081
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
6042
6082
  /*
6043
6083
  * Copyright (c) Microsoft Corporation. All rights reserved.
6044
6084
  * Licensed under the MIT License.
@@ -6059,7 +6099,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
6059
6099
  };
6060
6100
  }
6061
6101
 
6062
- /*! @azure/msal-common v15.4.0 2025-03-26 */
6102
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
6063
6103
 
6064
6104
  /*
6065
6105
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6146,7 +6186,7 @@ class ThrottlingUtils {
6146
6186
  }
6147
6187
  }
6148
6188
 
6149
- /*! @azure/msal-common v15.4.0 2025-03-26 */
6189
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
6150
6190
 
6151
6191
  /*
6152
6192
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6176,7 +6216,7 @@ function createNetworkError(error, httpStatus, responseHeaders) {
6176
6216
  return new NetworkError(error, httpStatus, responseHeaders);
6177
6217
  }
6178
6218
 
6179
- /*! @azure/msal-common v15.4.0 2025-03-26 */
6219
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
6180
6220
 
6181
6221
  /*
6182
6222
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6324,7 +6364,7 @@ class BaseClient {
6324
6364
  }
6325
6365
  }
6326
6366
 
6327
- /*! @azure/msal-common v15.4.0 2025-03-26 */
6367
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
6328
6368
  /*
6329
6369
  * Copyright (c) Microsoft Corporation. All rights reserved.
6330
6370
  * Licensed under the MIT License.
@@ -6350,7 +6390,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
6350
6390
  refreshTokenExpired: refreshTokenExpired
6351
6391
  });
6352
6392
 
6353
- /*! @azure/msal-common v15.4.0 2025-03-26 */
6393
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
6354
6394
 
6355
6395
  /*
6356
6396
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6438,7 +6478,7 @@ function createInteractionRequiredAuthError(errorCode) {
6438
6478
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
6439
6479
  }
6440
6480
 
6441
- /*! @azure/msal-common v15.4.0 2025-03-26 */
6481
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
6442
6482
 
6443
6483
  /*
6444
6484
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6510,14 +6550,16 @@ class ProtocolUtils {
6510
6550
  }
6511
6551
  }
6512
6552
 
6513
- /*! @azure/msal-common v15.4.0 2025-03-26 */
6553
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
6514
6554
 
6515
6555
  /*
6516
6556
  * Copyright (c) Microsoft Corporation. All rights reserved.
6517
6557
  * Licensed under the MIT License.
6518
6558
  */
6519
6559
  const KeyLocation = {
6520
- SW: "sw"};
6560
+ SW: "sw",
6561
+ UHW: "uhw",
6562
+ };
6521
6563
  /** @internal */
6522
6564
  class PopTokenGenerator {
6523
6565
  constructor(cryptoUtils, performanceClient) {
@@ -6592,7 +6634,7 @@ class PopTokenGenerator {
6592
6634
  }
6593
6635
  }
6594
6636
 
6595
- /*! @azure/msal-common v15.4.0 2025-03-26 */
6637
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
6596
6638
  /*
6597
6639
  * Copyright (c) Microsoft Corporation. All rights reserved.
6598
6640
  * Licensed under the MIT License.
@@ -6619,7 +6661,7 @@ class PopTokenGenerator {
6619
6661
  }
6620
6662
  }
6621
6663
 
6622
- /*! @azure/msal-common v15.4.0 2025-03-26 */
6664
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
6623
6665
 
6624
6666
  /*
6625
6667
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6950,7 +6992,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
6950
6992
  return baseAccount;
6951
6993
  }
6952
6994
 
6953
- /*! @azure/msal-common v15.4.0 2025-03-26 */
6995
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
6954
6996
 
6955
6997
  /*
6956
6998
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7017,7 +7059,7 @@ class RequestValidator {
7017
7059
  }
7018
7060
  }
7019
7061
 
7020
- /*! @azure/msal-common v15.4.0 2025-03-26 */
7062
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
7021
7063
  /*
7022
7064
  * Copyright (c) Microsoft Corporation. All rights reserved.
7023
7065
  * Licensed under the MIT License.
@@ -7035,7 +7077,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
7035
7077
  }
7036
7078
  }
7037
7079
 
7038
- /*! @azure/msal-common v15.4.0 2025-03-26 */
7080
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
7039
7081
 
7040
7082
  /*
7041
7083
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7264,11 +7306,11 @@ class AuthorizationCodeClient extends BaseClient {
7264
7306
  if (this.config.authOptions.instanceAware) {
7265
7307
  addInstanceAware(parameters);
7266
7308
  }
7267
- return mapToQueryString(parameters);
7309
+ return mapToQueryString(parameters, this.config.authOptions.encodeExtraQueryParams, request.extraQueryParameters);
7268
7310
  }
7269
7311
  }
7270
7312
 
7271
- /*! @azure/msal-common v15.4.0 2025-03-26 */
7313
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
7272
7314
 
7273
7315
  /*
7274
7316
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7477,7 +7519,7 @@ class RefreshTokenClient extends BaseClient {
7477
7519
  }
7478
7520
  }
7479
7521
 
7480
- /*! @azure/msal-common v15.4.0 2025-03-26 */
7522
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
7481
7523
 
7482
7524
  /*
7483
7525
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7575,7 +7617,7 @@ class SilentFlowClient extends BaseClient {
7575
7617
  }
7576
7618
  }
7577
7619
 
7578
- /*! @azure/msal-common v15.4.0 2025-03-26 */
7620
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
7579
7621
 
7580
7622
  /*
7581
7623
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7590,7 +7632,7 @@ const StubbedNetworkModule = {
7590
7632
  },
7591
7633
  };
7592
7634
 
7593
- /*! @azure/msal-common v15.4.0 2025-03-26 */
7635
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
7594
7636
 
7595
7637
  /*
7596
7638
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7733,8 +7775,8 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
7733
7775
  * @param requestParameters
7734
7776
  * @returns
7735
7777
  */
7736
- function getAuthorizeUrl(authority, requestParameters) {
7737
- const queryString = mapToQueryString(requestParameters);
7778
+ function getAuthorizeUrl(authority, requestParameters, encodeParams, extraQueryParameters) {
7779
+ const queryString = mapToQueryString(requestParameters, encodeParams, extraQueryParameters);
7738
7780
  return UrlString.appendQueryString(authority.authorizationEndpoint, queryString);
7739
7781
  }
7740
7782
  /**
@@ -7814,7 +7856,7 @@ function extractLoginHint(account) {
7814
7856
  return account.idTokenClaims?.login_hint || null;
7815
7857
  }
7816
7858
 
7817
- /*! @azure/msal-common v15.4.0 2025-03-26 */
7859
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
7818
7860
 
7819
7861
  /*
7820
7862
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7872,7 +7914,7 @@ class AuthenticationHeaderParser {
7872
7914
  }
7873
7915
  }
7874
7916
 
7875
- /*! @azure/msal-common v15.4.0 2025-03-26 */
7917
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
7876
7918
 
7877
7919
  /*
7878
7920
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8135,7 +8177,7 @@ class ServerTelemetryManager {
8135
8177
  }
8136
8178
  }
8137
8179
 
8138
- /*! @azure/msal-common v15.4.0 2025-03-26 */
8180
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
8139
8181
  /*
8140
8182
  * Copyright (c) Microsoft Corporation. All rights reserved.
8141
8183
  * Licensed under the MIT License.
@@ -8143,7 +8185,7 @@ class ServerTelemetryManager {
8143
8185
  const missingKidError = "missing_kid_error";
8144
8186
  const missingAlgError = "missing_alg_error";
8145
8187
 
8146
- /*! @azure/msal-common v15.4.0 2025-03-26 */
8188
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
8147
8189
 
8148
8190
  /*
8149
8191
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8168,7 +8210,7 @@ function createJoseHeaderError(code) {
8168
8210
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
8169
8211
  }
8170
8212
 
8171
- /*! @azure/msal-common v15.4.0 2025-03-26 */
8213
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
8172
8214
 
8173
8215
  /*
8174
8216
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8208,7 +8250,7 @@ class JoseHeader {
8208
8250
  }
8209
8251
  }
8210
8252
 
8211
- /*! @azure/msal-common v15.4.0 2025-03-26 */
8253
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
8212
8254
 
8213
8255
  /*
8214
8256
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8287,7 +8329,7 @@ class StubPerformanceClient {
8287
8329
  }
8288
8330
  }
8289
8331
 
8290
- /*! @azure/msal-common v15.4.0 2025-03-26 */
8332
+ /*! @azure/msal-common v15.5.1 2025-04-16 */
8291
8333
 
8292
8334
  /*
8293
8335
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -9277,6 +9319,10 @@ function createBrowserAuthError(errorCode, subError) {
9277
9319
  * Constants
9278
9320
  */
9279
9321
  const BrowserConstants = {
9322
+ /**
9323
+ * Interaction in progress cache value
9324
+ */
9325
+ INTERACTION_IN_PROGRESS_VALUE: "interaction_in_progress",
9280
9326
  /**
9281
9327
  * Invalid grant error code
9282
9328
  */
@@ -9325,6 +9371,10 @@ const HTTP_REQUEST_TYPE = {
9325
9371
  GET: "GET",
9326
9372
  POST: "POST",
9327
9373
  };
9374
+ const INTERACTION_TYPE = {
9375
+ SIGNIN: "signin",
9376
+ SIGNOUT: "signout",
9377
+ };
9328
9378
  /**
9329
9379
  * Temporary cache keys for MSAL, deleted after any request.
9330
9380
  */
@@ -10290,6 +10340,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
10290
10340
  skipAuthorityMetadataCache: false,
10291
10341
  supportsNestedAppAuth: false,
10292
10342
  instanceAware: false,
10343
+ encodeExtraQueryParams: false,
10293
10344
  };
10294
10345
  // Default cache options for browser
10295
10346
  const DEFAULT_CACHE_OPTIONS = {
@@ -10376,7 +10427,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
10376
10427
 
10377
10428
  /* eslint-disable header/header */
10378
10429
  const name = "@azure/msal-browser";
10379
- const version = "4.9.1";
10430
+ const version = "4.11.0";
10380
10431
 
10381
10432
  /*
10382
10433
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -12462,7 +12513,7 @@ class BrowserCacheManager extends CacheManager {
12462
12513
  return parsedRequest;
12463
12514
  }
12464
12515
  isInteractionInProgress(matchClientId) {
12465
- const clientId = this.getInteractionInProgress();
12516
+ const clientId = this.getInteractionInProgress()?.clientId;
12466
12517
  if (matchClientId) {
12467
12518
  return clientId === this.clientId;
12468
12519
  }
@@ -12472,9 +12523,10 @@ class BrowserCacheManager extends CacheManager {
12472
12523
  }
12473
12524
  getInteractionInProgress() {
12474
12525
  const key = `${Constants.CACHE_PREFIX}.${TemporaryCacheKeys.INTERACTION_STATUS_KEY}`;
12475
- return this.getTemporaryCache(key, false);
12526
+ const value = this.getTemporaryCache(key, false);
12527
+ return value ? JSON.parse(value) : null;
12476
12528
  }
12477
- setInteractionInProgress(inProgress) {
12529
+ setInteractionInProgress(inProgress, type = INTERACTION_TYPE.SIGNIN) {
12478
12530
  // Ensure we don't overwrite interaction in progress for a different clientId
12479
12531
  const key = `${Constants.CACHE_PREFIX}.${TemporaryCacheKeys.INTERACTION_STATUS_KEY}`;
12480
12532
  if (inProgress) {
@@ -12483,11 +12535,11 @@ class BrowserCacheManager extends CacheManager {
12483
12535
  }
12484
12536
  else {
12485
12537
  // No interaction is in progress
12486
- this.setTemporaryCache(key, this.clientId, false);
12538
+ this.setTemporaryCache(key, JSON.stringify({ clientId: this.clientId, type }), false);
12487
12539
  }
12488
12540
  }
12489
12541
  else if (!inProgress &&
12490
- this.getInteractionInProgress() === this.clientId) {
12542
+ this.getInteractionInProgress()?.clientId === this.clientId) {
12491
12543
  this.removeTemporaryItem(key);
12492
12544
  }
12493
12545
  }
@@ -14431,7 +14483,7 @@ async function getAuthCodeRequestUrl(config, authority, request, logger, perform
14431
14483
  addResponseType(parameters, OAuthResponseType.CODE);
14432
14484
  addCodeChallengeParams(parameters, request.codeChallenge, Constants.S256_CODE_CHALLENGE_METHOD);
14433
14485
  addExtraQueryParameters(parameters, request.extraQueryParameters || {});
14434
- return getAuthorizeUrl(authority, parameters);
14486
+ return getAuthorizeUrl(authority, parameters, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
14435
14487
  }
14436
14488
  /**
14437
14489
  * Gets the form that will be posted to /authorize with request parameters when using EAR
@@ -14445,7 +14497,7 @@ async function getEARForm(frame, config, authority, request, logger, performance
14445
14497
  addEARParameters(parameters, request.earJwk);
14446
14498
  const queryParams = new Map();
14447
14499
  addExtraQueryParameters(queryParams, request.extraQueryParameters || {});
14448
- const url = getAuthorizeUrl(authority, queryParams);
14500
+ const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
14449
14501
  return createForm(frame, url, parameters);
14450
14502
  }
14451
14503
  /**
@@ -15443,7 +15495,7 @@ class RedirectClient extends StandardInteractionClient {
15443
15495
  this.logger.verbose("Logout onRedirectNavigate did not return false, navigating");
15444
15496
  // Ensure interaction is in progress
15445
15497
  if (!this.browserStorage.getInteractionInProgress()) {
15446
- this.browserStorage.setInteractionInProgress(true);
15498
+ this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNOUT);
15447
15499
  }
15448
15500
  await this.navigationClient.navigateExternal(logoutUri, navigationOptions);
15449
15501
  return;
@@ -15457,7 +15509,7 @@ class RedirectClient extends StandardInteractionClient {
15457
15509
  else {
15458
15510
  // Ensure interaction is in progress
15459
15511
  if (!this.browserStorage.getInteractionInProgress()) {
15460
- this.browserStorage.setInteractionInProgress(true);
15512
+ this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNOUT);
15461
15513
  }
15462
15514
  await this.navigationClient.navigateExternal(logoutUri, navigationOptions);
15463
15515
  return;
@@ -16295,29 +16347,41 @@ class StandardController {
16295
16347
  this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null.");
16296
16348
  return null;
16297
16349
  }
16350
+ const interactionType = this.browserStorage.getInteractionInProgress()?.type;
16351
+ if (interactionType === INTERACTION_TYPE.SIGNOUT) {
16352
+ this.logger.verbose("handleRedirectPromise removing interaction_in_progress flag and returning null after sign-out");
16353
+ this.browserStorage.setInteractionInProgress(false);
16354
+ return Promise.resolve(null);
16355
+ }
16298
16356
  const loggedInAccounts = this.getAllAccounts();
16299
16357
  const platformBrokerRequest = this.browserStorage.getCachedNativeRequest();
16300
16358
  const useNative = platformBrokerRequest &&
16301
16359
  NativeMessageHandler.isPlatformBrokerAvailable(this.config, this.logger, this.nativeExtensionProvider) &&
16302
16360
  this.nativeExtensionProvider &&
16303
16361
  !hash;
16304
- let rootMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenRedirect, platformBrokerRequest?.correlationId || "");
16362
+ let rootMeasurement;
16305
16363
  this.eventHandler.emitEvent(EventType.HANDLE_REDIRECT_START, exports.InteractionType.Redirect);
16306
16364
  let redirectResponse;
16307
- if (useNative && this.nativeExtensionProvider) {
16308
- this.logger.trace("handleRedirectPromise - acquiring token from native platform");
16309
- const nativeClient = new NativeInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.handleRedirectPromise, this.performanceClient, this.nativeExtensionProvider, platformBrokerRequest.accountId, this.nativeInternalStorage, platformBrokerRequest.correlationId);
16310
- redirectResponse = invokeAsync(nativeClient.handleRedirectPromise.bind(nativeClient), PerformanceEvents.HandleNativeRedirectPromiseMeasurement, this.logger, this.performanceClient, rootMeasurement.event.correlationId)(this.performanceClient, rootMeasurement.event.correlationId);
16365
+ try {
16366
+ if (useNative && this.nativeExtensionProvider) {
16367
+ rootMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenRedirect, platformBrokerRequest?.correlationId || "");
16368
+ this.logger.trace("handleRedirectPromise - acquiring token from native platform");
16369
+ const nativeClient = new NativeInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.handleRedirectPromise, this.performanceClient, this.nativeExtensionProvider, platformBrokerRequest.accountId, this.nativeInternalStorage, platformBrokerRequest.correlationId);
16370
+ redirectResponse = invokeAsync(nativeClient.handleRedirectPromise.bind(nativeClient), PerformanceEvents.HandleNativeRedirectPromiseMeasurement, this.logger, this.performanceClient, rootMeasurement.event.correlationId)(this.performanceClient, rootMeasurement.event.correlationId);
16371
+ }
16372
+ else {
16373
+ const [standardRequest, codeVerifier] = this.browserStorage.getCachedRequest();
16374
+ const correlationId = standardRequest.correlationId;
16375
+ // Reset rootMeasurement now that we have correlationId
16376
+ rootMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenRedirect, correlationId);
16377
+ this.logger.trace("handleRedirectPromise - acquiring token from web flow");
16378
+ const redirectClient = this.createRedirectClient(correlationId);
16379
+ redirectResponse = invokeAsync(redirectClient.handleRedirectPromise.bind(redirectClient), PerformanceEvents.HandleRedirectPromiseMeasurement, this.logger, this.performanceClient, rootMeasurement.event.correlationId)(hash, standardRequest, codeVerifier, rootMeasurement);
16380
+ }
16311
16381
  }
16312
- else {
16313
- const [standardRequest, codeVerifier] = this.browserStorage.getCachedRequest();
16314
- const correlationId = standardRequest.correlationId;
16315
- // Reset rootMeasurement now that we have correlationId
16316
- rootMeasurement.discard();
16317
- rootMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenRedirect, correlationId);
16318
- this.logger.trace("handleRedirectPromise - acquiring token from web flow");
16319
- const redirectClient = this.createRedirectClient(correlationId);
16320
- redirectResponse = invokeAsync(redirectClient.handleRedirectPromise.bind(redirectClient), PerformanceEvents.HandleRedirectPromiseMeasurement, this.logger, this.performanceClient, rootMeasurement.event.correlationId)(hash, standardRequest, codeVerifier, rootMeasurement);
16382
+ catch (e) {
16383
+ this.browserStorage.resetRequestCache();
16384
+ throw e;
16321
16385
  }
16322
16386
  return redirectResponse
16323
16387
  .then((result) => {
@@ -16423,7 +16487,7 @@ class StandardController {
16423
16487
  const isLoggedIn = this.getAllAccounts().length > 0;
16424
16488
  try {
16425
16489
  redirectPreflightCheck(this.initialized, this.config);
16426
- this.browserStorage.setInteractionInProgress(true);
16490
+ this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN);
16427
16491
  if (isLoggedIn) {
16428
16492
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, exports.InteractionType.Redirect, request);
16429
16493
  }
@@ -16488,7 +16552,7 @@ class StandardController {
16488
16552
  try {
16489
16553
  this.logger.verbose("acquireTokenPopup called", correlationId);
16490
16554
  preflightCheck(this.initialized, atPopupMeasurement);
16491
- this.browserStorage.setInteractionInProgress(true);
16555
+ this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN);
16492
16556
  }
16493
16557
  catch (e) {
16494
16558
  // Since this function is syncronous we need to reject
@@ -16863,7 +16927,7 @@ class StandardController {
16863
16927
  async logoutRedirect(logoutRequest) {
16864
16928
  const correlationId = this.getRequestCorrelationId(logoutRequest);
16865
16929
  redirectPreflightCheck(this.initialized, this.config);
16866
- this.browserStorage.setInteractionInProgress(true);
16930
+ this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNOUT);
16867
16931
  const redirectClient = this.createRedirectClient(correlationId);
16868
16932
  return redirectClient.logout(logoutRequest);
16869
16933
  }
@@ -16875,7 +16939,7 @@ class StandardController {
16875
16939
  try {
16876
16940
  const correlationId = this.getRequestCorrelationId(logoutRequest);
16877
16941
  preflightCheck$1(this.initialized);
16878
- this.browserStorage.setInteractionInProgress(true);
16942
+ this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNOUT);
16879
16943
  const popupClient = this.createPopupClient(correlationId);
16880
16944
  return popupClient.logout(logoutRequest).finally(() => {
16881
16945
  this.browserStorage.setInteractionInProgress(false);
@@ -17295,7 +17359,9 @@ class StandardController {
17295
17359
  async acquireTokenSilentDeduped(request, account, correlationId) {
17296
17360
  const thumbprint = getRequestThumbprint(this.config.auth.clientId, {
17297
17361
  ...request,
17298
- authority: request.authority || this.config.auth.authority}, account.homeAccountId);
17362
+ authority: request.authority || this.config.auth.authority,
17363
+ correlationId: correlationId,
17364
+ }, account.homeAccountId);
17299
17365
  const silentRequestKey = JSON.stringify(thumbprint);
17300
17366
  const inProgressRequest = this.activeSilentTokenRequests.get(silentRequestKey);
17301
17367
  if (typeof inProgressRequest === "undefined") {
@@ -17922,7 +17988,7 @@ class NestedAppAuthController {
17922
17988
  });
17923
17989
  return result;
17924
17990
  }
17925
- this.logger.error("Cached tokens are not found for the account, proceeding with silent token request.");
17991
+ this.logger.warning("Cached tokens are not found for the account, proceeding with silent token request.");
17926
17992
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_FAILURE, exports.InteractionType.Silent, null);
17927
17993
  atsMeasurement?.end({
17928
17994
  success: false,