@azure/msal-browser 5.0.0-beta.0 → 5.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (411) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  4. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  7. package/dist/cache/AccountManager.mjs +1 -1
  8. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  9. package/dist/cache/BrowserCacheManager.mjs +1 -1
  10. package/dist/cache/CacheHelpers.mjs +1 -1
  11. package/dist/cache/CacheKeys.mjs +1 -1
  12. package/dist/cache/CookieStorage.mjs +1 -1
  13. package/dist/cache/DatabaseStorage.mjs +1 -1
  14. package/dist/cache/EncryptedData.mjs +1 -1
  15. package/dist/cache/LocalStorage.mjs +1 -1
  16. package/dist/cache/MemoryStorage.mjs +1 -1
  17. package/dist/cache/SessionStorage.mjs +1 -1
  18. package/dist/cache/TokenCache.d.ts +7 -5
  19. package/dist/cache/TokenCache.d.ts.map +1 -1
  20. package/dist/cache/TokenCache.mjs +44 -32
  21. package/dist/cache/TokenCache.mjs.map +1 -1
  22. package/dist/config/Configuration.mjs +1 -1
  23. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  24. package/dist/controllers/StandardController.mjs +1 -1
  25. package/dist/crypto/BrowserCrypto.mjs +1 -1
  26. package/dist/crypto/CryptoOps.mjs +1 -1
  27. package/dist/crypto/PkceGenerator.mjs +1 -1
  28. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  29. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  30. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  31. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  32. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  33. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  34. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  35. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  36. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  37. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  38. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  39. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  40. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  41. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  42. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  43. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  44. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  45. package/dist/custom-auth-path/cache/TokenCache.d.ts +7 -5
  46. package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
  47. package/dist/custom-auth-path/config/Configuration.mjs +1 -1
  48. package/dist/custom-auth-path/controllers/StandardController.mjs +1 -1
  49. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  50. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  51. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  52. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  53. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  54. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  55. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  56. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  57. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  58. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  59. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  60. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  61. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  62. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  63. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  64. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  65. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  159. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  160. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  161. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  162. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  163. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  164. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  165. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  166. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  167. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  168. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  169. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  170. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  171. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  172. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  173. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  174. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  175. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  176. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
  177. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  178. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
  179. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  180. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
  181. package/dist/custom-auth-path/log-strings-mapping.json +2 -2
  182. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  183. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  184. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  185. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  186. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  187. package/dist/custom-auth-path/packageMetadata.d.ts.map +1 -1
  188. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  189. package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
  190. package/dist/custom-auth-path/request/AuthorizationCodeRequest.d.ts +18 -0
  191. package/dist/custom-auth-path/request/AuthorizationCodeRequest.d.ts.map +1 -1
  192. package/dist/custom-auth-path/request/ClearCacheRequest.d.ts +6 -2
  193. package/dist/custom-auth-path/request/ClearCacheRequest.d.ts.map +1 -1
  194. package/dist/custom-auth-path/request/EndSessionPopupRequest.d.ts +12 -9
  195. package/dist/custom-auth-path/request/EndSessionPopupRequest.d.ts.map +1 -1
  196. package/dist/custom-auth-path/request/EndSessionRequest.d.ts +3 -6
  197. package/dist/custom-auth-path/request/EndSessionRequest.d.ts.map +1 -1
  198. package/dist/custom-auth-path/request/InitializeApplicationRequest.d.ts +3 -2
  199. package/dist/custom-auth-path/request/InitializeApplicationRequest.d.ts.map +1 -1
  200. package/dist/custom-auth-path/request/PopupRequest.d.ts +12 -24
  201. package/dist/custom-auth-path/request/PopupRequest.d.ts.map +1 -1
  202. package/dist/custom-auth-path/request/RedirectRequest.d.ts +6 -22
  203. package/dist/custom-auth-path/request/RedirectRequest.d.ts.map +1 -1
  204. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  205. package/dist/custom-auth-path/request/SilentRequest.d.ts +33 -13
  206. package/dist/custom-auth-path/request/SilentRequest.d.ts.map +1 -1
  207. package/dist/custom-auth-path/request/SsoSilentRequest.d.ts +0 -21
  208. package/dist/custom-auth-path/request/SsoSilentRequest.d.ts.map +1 -1
  209. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  210. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts +4 -0
  211. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  212. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +1 -1
  213. package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.d.ts +1 -0
  214. package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
  215. package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  216. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  217. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  218. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  219. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  220. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
  221. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  222. package/dist/encode/Base64Decode.mjs +1 -1
  223. package/dist/encode/Base64Encode.mjs +1 -1
  224. package/dist/error/BrowserAuthError.mjs +1 -1
  225. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  226. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  227. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  228. package/dist/error/NativeAuthError.mjs +1 -1
  229. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  230. package/dist/error/NestedAppAuthError.mjs +1 -1
  231. package/dist/event/EventHandler.mjs +1 -1
  232. package/dist/event/EventMessage.mjs +1 -1
  233. package/dist/event/EventType.mjs +1 -1
  234. package/dist/index.mjs +1 -1
  235. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  236. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  237. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  238. package/dist/interaction_client/PopupClient.mjs +1 -1
  239. package/dist/interaction_client/RedirectClient.mjs +1 -1
  240. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  241. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  242. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  243. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  244. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  245. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  246. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  247. package/dist/log-strings-mapping.json +2 -2
  248. package/dist/naa/BridgeError.mjs +1 -1
  249. package/dist/naa/BridgeProxy.mjs +1 -1
  250. package/dist/naa/BridgeStatusCode.mjs +1 -1
  251. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  252. package/dist/navigation/NavigationClient.mjs +1 -1
  253. package/dist/network/FetchClient.mjs +1 -1
  254. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  255. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  256. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  257. package/dist/packageMetadata.d.ts +1 -1
  258. package/dist/packageMetadata.d.ts.map +1 -1
  259. package/dist/packageMetadata.mjs +2 -2
  260. package/dist/protocol/Authorize.mjs +1 -1
  261. package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
  262. package/dist/redirect-bridge/cache/TokenCache.d.ts +7 -5
  263. package/dist/redirect-bridge/cache/TokenCache.d.ts.map +1 -1
  264. package/dist/redirect-bridge/config/Configuration.mjs +1 -1
  265. package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
  266. package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
  267. package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
  268. package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
  269. package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
  270. package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
  271. package/dist/redirect-bridge/packageMetadata.d.ts.map +1 -1
  272. package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
  273. package/dist/redirect-bridge/request/AuthorizationCodeRequest.d.ts +18 -0
  274. package/dist/redirect-bridge/request/AuthorizationCodeRequest.d.ts.map +1 -1
  275. package/dist/redirect-bridge/request/ClearCacheRequest.d.ts +6 -2
  276. package/dist/redirect-bridge/request/ClearCacheRequest.d.ts.map +1 -1
  277. package/dist/redirect-bridge/request/EndSessionPopupRequest.d.ts +12 -9
  278. package/dist/redirect-bridge/request/EndSessionPopupRequest.d.ts.map +1 -1
  279. package/dist/redirect-bridge/request/EndSessionRequest.d.ts +3 -6
  280. package/dist/redirect-bridge/request/EndSessionRequest.d.ts.map +1 -1
  281. package/dist/redirect-bridge/request/InitializeApplicationRequest.d.ts +3 -2
  282. package/dist/redirect-bridge/request/InitializeApplicationRequest.d.ts.map +1 -1
  283. package/dist/redirect-bridge/request/PopupRequest.d.ts +12 -24
  284. package/dist/redirect-bridge/request/PopupRequest.d.ts.map +1 -1
  285. package/dist/redirect-bridge/request/RedirectRequest.d.ts +6 -22
  286. package/dist/redirect-bridge/request/RedirectRequest.d.ts.map +1 -1
  287. package/dist/redirect-bridge/request/SilentRequest.d.ts +33 -13
  288. package/dist/redirect-bridge/request/SilentRequest.d.ts.map +1 -1
  289. package/dist/redirect-bridge/request/SsoSilentRequest.d.ts +0 -21
  290. package/dist/redirect-bridge/request/SsoSilentRequest.d.ts.map +1 -1
  291. package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts +4 -0
  292. package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  293. package/dist/redirect-bridge/telemetry/BrowserRootPerformanceEvents.d.ts +1 -0
  294. package/dist/redirect-bridge/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
  295. package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
  296. package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
  297. package/dist/request/AuthorizationCodeRequest.d.ts +18 -0
  298. package/dist/request/AuthorizationCodeRequest.d.ts.map +1 -1
  299. package/dist/request/ClearCacheRequest.d.ts +6 -2
  300. package/dist/request/ClearCacheRequest.d.ts.map +1 -1
  301. package/dist/request/EndSessionPopupRequest.d.ts +12 -9
  302. package/dist/request/EndSessionPopupRequest.d.ts.map +1 -1
  303. package/dist/request/EndSessionRequest.d.ts +3 -6
  304. package/dist/request/EndSessionRequest.d.ts.map +1 -1
  305. package/dist/request/InitializeApplicationRequest.d.ts +3 -2
  306. package/dist/request/InitializeApplicationRequest.d.ts.map +1 -1
  307. package/dist/request/PopupRequest.d.ts +12 -24
  308. package/dist/request/PopupRequest.d.ts.map +1 -1
  309. package/dist/request/RedirectRequest.d.ts +6 -22
  310. package/dist/request/RedirectRequest.d.ts.map +1 -1
  311. package/dist/request/RequestHelpers.mjs +1 -1
  312. package/dist/request/SilentRequest.d.ts +33 -13
  313. package/dist/request/SilentRequest.d.ts.map +1 -1
  314. package/dist/request/SsoSilentRequest.d.ts +0 -21
  315. package/dist/request/SsoSilentRequest.d.ts.map +1 -1
  316. package/dist/response/ResponseHandler.mjs +1 -1
  317. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  318. package/dist/telemetry/BrowserPerformanceEvents.d.ts +4 -0
  319. package/dist/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  320. package/dist/telemetry/BrowserPerformanceEvents.mjs +7 -3
  321. package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
  322. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  323. package/dist/telemetry/BrowserRootPerformanceEvents.d.ts +1 -0
  324. package/dist/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
  325. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +5 -3
  326. package/dist/telemetry/BrowserRootPerformanceEvents.mjs.map +1 -1
  327. package/dist/utils/BrowserConstants.mjs +1 -1
  328. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  329. package/dist/utils/BrowserUtils.mjs +1 -1
  330. package/dist/utils/Helpers.mjs +1 -1
  331. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  332. package/lib/custom-auth-path/log-strings-mapping.json +2 -2
  333. package/lib/custom-auth-path/msal-custom-auth.cjs +77 -72
  334. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  335. package/lib/custom-auth-path/types/cache/TokenCache.d.ts +7 -5
  336. package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
  337. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  338. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  339. package/lib/custom-auth-path/types/packageMetadata.d.ts.map +1 -1
  340. package/lib/custom-auth-path/types/request/AuthorizationCodeRequest.d.ts +18 -0
  341. package/lib/custom-auth-path/types/request/AuthorizationCodeRequest.d.ts.map +1 -1
  342. package/lib/custom-auth-path/types/request/ClearCacheRequest.d.ts +6 -2
  343. package/lib/custom-auth-path/types/request/ClearCacheRequest.d.ts.map +1 -1
  344. package/lib/custom-auth-path/types/request/EndSessionPopupRequest.d.ts +12 -9
  345. package/lib/custom-auth-path/types/request/EndSessionPopupRequest.d.ts.map +1 -1
  346. package/lib/custom-auth-path/types/request/EndSessionRequest.d.ts +3 -6
  347. package/lib/custom-auth-path/types/request/EndSessionRequest.d.ts.map +1 -1
  348. package/lib/custom-auth-path/types/request/InitializeApplicationRequest.d.ts +3 -2
  349. package/lib/custom-auth-path/types/request/InitializeApplicationRequest.d.ts.map +1 -1
  350. package/lib/custom-auth-path/types/request/PopupRequest.d.ts +12 -24
  351. package/lib/custom-auth-path/types/request/PopupRequest.d.ts.map +1 -1
  352. package/lib/custom-auth-path/types/request/RedirectRequest.d.ts +6 -22
  353. package/lib/custom-auth-path/types/request/RedirectRequest.d.ts.map +1 -1
  354. package/lib/custom-auth-path/types/request/SilentRequest.d.ts +33 -13
  355. package/lib/custom-auth-path/types/request/SilentRequest.d.ts.map +1 -1
  356. package/lib/custom-auth-path/types/request/SsoSilentRequest.d.ts +0 -21
  357. package/lib/custom-auth-path/types/request/SsoSilentRequest.d.ts.map +1 -1
  358. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts +4 -0
  359. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  360. package/lib/custom-auth-path/types/telemetry/BrowserRootPerformanceEvents.d.ts +1 -0
  361. package/lib/custom-auth-path/types/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
  362. package/lib/log-strings-mapping.json +2 -2
  363. package/lib/msal-browser.cjs +128 -106
  364. package/lib/msal-browser.cjs.map +1 -1
  365. package/lib/msal-browser.js +128 -106
  366. package/lib/msal-browser.js.map +1 -1
  367. package/lib/msal-browser.min.js +2 -2
  368. package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
  369. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
  370. package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
  371. package/lib/types/cache/TokenCache.d.ts +7 -5
  372. package/lib/types/cache/TokenCache.d.ts.map +1 -1
  373. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  374. package/lib/types/packageMetadata.d.ts +1 -1
  375. package/lib/types/packageMetadata.d.ts.map +1 -1
  376. package/lib/types/request/AuthorizationCodeRequest.d.ts +18 -0
  377. package/lib/types/request/AuthorizationCodeRequest.d.ts.map +1 -1
  378. package/lib/types/request/ClearCacheRequest.d.ts +6 -2
  379. package/lib/types/request/ClearCacheRequest.d.ts.map +1 -1
  380. package/lib/types/request/EndSessionPopupRequest.d.ts +12 -9
  381. package/lib/types/request/EndSessionPopupRequest.d.ts.map +1 -1
  382. package/lib/types/request/EndSessionRequest.d.ts +3 -6
  383. package/lib/types/request/EndSessionRequest.d.ts.map +1 -1
  384. package/lib/types/request/InitializeApplicationRequest.d.ts +3 -2
  385. package/lib/types/request/InitializeApplicationRequest.d.ts.map +1 -1
  386. package/lib/types/request/PopupRequest.d.ts +12 -24
  387. package/lib/types/request/PopupRequest.d.ts.map +1 -1
  388. package/lib/types/request/RedirectRequest.d.ts +6 -22
  389. package/lib/types/request/RedirectRequest.d.ts.map +1 -1
  390. package/lib/types/request/SilentRequest.d.ts +33 -13
  391. package/lib/types/request/SilentRequest.d.ts.map +1 -1
  392. package/lib/types/request/SsoSilentRequest.d.ts +0 -21
  393. package/lib/types/request/SsoSilentRequest.d.ts.map +1 -1
  394. package/lib/types/telemetry/BrowserPerformanceEvents.d.ts +4 -0
  395. package/lib/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  396. package/lib/types/telemetry/BrowserRootPerformanceEvents.d.ts +1 -0
  397. package/lib/types/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
  398. package/package.json +5 -4
  399. package/src/cache/TokenCache.ts +143 -95
  400. package/src/packageMetadata.ts +1 -1
  401. package/src/request/AuthorizationCodeRequest.ts +18 -0
  402. package/src/request/ClearCacheRequest.ts +6 -2
  403. package/src/request/EndSessionPopupRequest.ts +12 -9
  404. package/src/request/EndSessionRequest.ts +3 -6
  405. package/src/request/InitializeApplicationRequest.ts +3 -2
  406. package/src/request/PopupRequest.ts +12 -24
  407. package/src/request/RedirectRequest.ts +6 -22
  408. package/src/request/SilentRequest.ts +33 -13
  409. package/src/request/SsoSilentRequest.ts +0 -21
  410. package/src/telemetry/BrowserPerformanceEvents.ts +5 -0
  411. package/src/telemetry/BrowserRootPerformanceEvents.ts +2 -0
@@ -1,2 +1,2 @@
1
- /*! @azure/msal-browser v5.0.0-beta.0 2025-12-05 */
2
- "use strict";!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).msal={})}(this,(function(e){const t="https://login.microsoftonline.com/common/",r="common",n=`${t}discovery/instance?api-version=1.1&authorization_endpoint=`,o=".ciamlogin.com",i="openid",s="profile",a="offline_access",c="S256",h="Not Available",l="http://169.254.169.254/metadata/instance/compute/location",d=["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"],u="GET",g="POST",p=[i,s,a],m=[...p,"email"],f="Content-Type",y="Content-Length",w="Retry-After",I="X-AnchorMailbox",C="WWW-Authenticate",v="Authentication-Info",k="x-ms-request-id",T="x-ms-httpver",b="active-account-filters",A="common",S="organizations",_="consumers",E="access_token",P="xms_cc",R={LOGIN:"login",SELECT_ACCOUNT:"select_account",CONSENT:"consent",NONE:"none",CREATE:"create",NO_SESSION:"no_session"},O="code",M="id_token token refresh_token",x={QUERY:"query",FRAGMENT:"fragment",FORM_POST:"form_post"},q="authorization_code",N="refresh_token",U="Generic",L={ID_TOKEN:"IdToken",ACCESS_TOKEN:"AccessToken",ACCESS_TOKEN_WITH_AUTH_SCHEME:"AccessToken_With_AuthScheme",REFRESH_TOKEN:"RefreshToken"},H="appmetadata",D="1",F="authority-metadata",K="config",B="cache",z="network",j="hardcoded_values",$=5,J="server-telemetry",W=",",G={BEARER:"Bearer",POP:"pop",SSH:"ssh-cert"},Q="throttling",V="1",X="3",Y="4",Z="2",ee="4",te="5",re="0",ne="1",oe="2",ie="3",se="4",ae={Jwt:"JWT",Jwk:"JWK",Pop:"pop"},ce="client_id",he="redirect_uri",le="token_type",de="req_cnf",ue="return_spa_code",ge="x-client-xtra-sku",pe="brk_client_id",me="brk_redirect_uri",fe="instance_aware";function ye(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class we extends Error{constructor(e,t,r){const n=t||(e?ye(e):"");super(n?`${e}: ${n}`:e),Object.setPrototypeOf(this,we.prototype),this.errorCode=e||"",this.errorMessage=n||"",this.subError=r||"",this.name="AuthError"}setCorrelationId(e){this.correlationId=e}}function Ie(e,t){return new we(e,t||ye(e))}class Ce extends we{constructor(e){super(e),this.name="ClientConfigurationError",Object.setPrototypeOf(this,Ce.prototype)}}function ve(e){return new Ce(e)}class ke{static isEmptyObj(e){if(e)try{const t=JSON.parse(e);return 0===Object.keys(t).length}catch(e){}return!0}static startsWith(e,t){return 0===e.indexOf(t)}static endsWith(e,t){return e.length>=t.length&&e.lastIndexOf(t)===e.length-t.length}static queryStringToObject(e){const t={},r=e.split("&"),n=e=>decodeURIComponent(e.replace(/\+/g," "));return r.forEach((e=>{if(e.trim()){const[r,o]=e.split(/=(.+)/g,2);r&&o&&(t[n(r)]=n(o))}})),t}static trimArrayEntries(e){return e.map((e=>e.trim()))}static removeEmptyStringsFromArray(e){return e.filter((e=>!!e))}static jsonParseHelper(e){try{return JSON.parse(e)}catch(e){return null}}static matchPattern(e,t){return new RegExp(e.replace(/\\/g,"\\\\").replace(/\*/g,"[^ ]*").replace(/\?/g,"\\?")).test(t)}}class Te extends we{constructor(e,t){super(e,t),this.name="ClientAuthError",Object.setPrototypeOf(this,Te.prototype)}}function be(e,t){return new Te(e,t)}const Ae="redirect_uri_empty",Se="authority_uri_insecure",_e="url_parse_error",Ee="empty_url_error",Pe="empty_input_scopes_error",Re="invalid_claims",Oe="token_request_empty",Me="logout_request_empty",xe="pkce_params_missing",qe="invalid_cloud_discovery_metadata",Ne="invalid_authority_metadata",Ue="untrusted_authority",Le="missing_ssh_jwk",He="missing_ssh_kid",De="missing_nonce_authentication_header",Fe="invalid_authentication_header",Ke="cannot_set_OIDCOptions",Be="cannot_allow_platform_broker",ze="authority_mismatch",je="invalid_request_method_for_EAR";var $e=Object.freeze({__proto__:null,authorityMismatch:ze,authorityUriInsecure:Se,cannotAllowPlatformBroker:Be,cannotSetOIDCOptions:Ke,claimsRequestParsingError:"claims_request_parsing_error",emptyInputScopesError:Pe,invalidAuthenticationHeader:Fe,invalidAuthorityMetadata:Ne,invalidClaims:Re,invalidCloudDiscoveryMetadata:qe,invalidCodeChallengeMethod:"invalid_code_challenge_method",invalidRequestMethodForEAR:je,logoutRequestEmpty:Me,missingNonceAuthenticationHeader:De,missingSshJwk:Le,missingSshKid:He,pkceParamsMissing:xe,redirectUriEmpty:Ae,tokenRequestEmpty:Oe,untrustedAuthority:Ue,urlEmptyError:Ee,urlParseError:_e});const Je="client_info_decoding_error",We="client_info_empty_error",Ge="token_parsing_error",Qe="null_or_empty_token",Ve="endpoints_resolution_error",Xe="network_error",Ye="openid_config_error",Ze="hash_not_deserialized",et="invalid_state",tt="state_mismatch",rt="state_not_found",nt="nonce_mismatch",ot="auth_time_not_found",it="max_age_transpired",st="multiple_matching_appMetadata",at="request_cannot_be_made",ct="cannot_remove_empty_scope",ht="cannot_append_scopeset",lt="empty_input_scopeset",dt="no_account_in_silent_request",ut="invalid_cache_record",gt="invalid_cache_environment",pt="no_account_found",mt="no_crypto_object",ft="token_refresh_required",yt="token_claims_cnf_required_for_signedjwt",wt="authorization_code_missing_from_server_response",It="binding_key_not_removed",Ct="end_session_endpoint_not_supported",vt="key_id_missing",kt="no_network_connectivity",Tt="user_canceled",bt="method_not_implemented",At="nested_app_auth_bridge_disabled";var St=Object.freeze({__proto__:null,authTimeNotFound:ot,authorizationCodeMissingFromServerResponse:wt,bindingKeyNotRemoved:It,cannotAppendScopeSet:ht,cannotRemoveEmptyScope:ct,clientInfoDecodingError:Je,clientInfoEmptyError:We,emptyInputScopeSet:lt,endSessionEndpointNotSupported:Ct,endpointResolutionError:Ve,hashNotDeserialized:Ze,invalidCacheEnvironment:gt,invalidCacheRecord:ut,invalidState:et,keyIdMissing:vt,maxAgeTranspired:it,methodNotImplemented:bt,multipleMatchingAppMetadata:st,multipleMatchingTokens:"multiple_matching_tokens",nestedAppAuthBridgeDisabled:At,networkError:Xe,noAccountFound:pt,noAccountInSilentRequest:dt,noCryptoObject:mt,noNetworkConnectivity:kt,nonceMismatch:nt,nullOrEmptyToken:Qe,openIdConfigError:Ye,platformBrokerError:"platform_broker_error",requestCannotBeMade:at,stateMismatch:tt,stateNotFound:rt,tokenClaimsCnfRequiredForSignedJwt:yt,tokenParsingError:Ge,tokenRefreshRequired:ft,unexpectedCredentialType:"unexpected_credential_type",userCanceled:Tt});class _t{constructor(e){const t=e?ke.trimArrayEntries([...e]):[],r=t?ke.removeEmptyStringsFromArray(t):[];if(!r||!r.length)throw ve(Pe);this.scopes=new Set,r.forEach((e=>this.scopes.add(e)))}static fromString(e){const t=(e||"").split(" ");return new _t(t)}static createSearchScopes(e){const t=e&&e.length>0?e:[...p],r=new _t(t);return r.containsOnlyOIDCScopes()?r.removeScope(a):r.removeOIDCScopes(),r}containsScope(e){const t=this.printScopesLowerCase().split(" "),r=new _t(t);return!!e&&r.scopes.has(e.toLowerCase())}containsScopeSet(e){return!(!e||e.scopes.size<=0)&&(this.scopes.size>=e.scopes.size&&e.asArray().every((e=>this.containsScope(e))))}containsOnlyOIDCScopes(){let e=0;return m.forEach((t=>{this.containsScope(t)&&(e+=1)})),this.scopes.size===e}appendScope(e){e&&this.scopes.add(e.trim())}appendScopes(e){try{e.forEach((e=>this.appendScope(e)))}catch(e){throw be(ht)}}removeScope(e){if(!e)throw be(ct);this.scopes.delete(e.trim())}removeOIDCScopes(){m.forEach((e=>{this.scopes.delete(e)}))}unionScopeSets(e){if(!e)throw be(lt);const t=new Set;return e.scopes.forEach((e=>t.add(e.toLowerCase()))),this.scopes.forEach((e=>t.add(e.toLowerCase()))),t}intersectingScopeSets(e){if(!e)throw be(lt);e.containsOnlyOIDCScopes()||e.removeOIDCScopes();const t=this.unionScopeSets(e),r=e.getScopeCount(),n=this.getScopeCount();return t.size<n+r}getScopeCount(){return this.scopes.size}asArray(){const e=[];return this.scopes.forEach((t=>e.push(t))),e}printScopes(){if(this.scopes){return this.asArray().join(" ")}return""}printScopesLowerCase(){return this.printScopes().toLowerCase()}}function Et(e,t,r){if(!t)return;const n=e.get(ce);n&&e.has(pe)&&r?.addFields({embeddedClientId:n,embeddedRedirectUri:e.get(he)},t)}function Pt(e,t){e.set("response_type",t)}function Rt(e,t,r=!0,n=p){!r||n.includes("openid")||t.includes("openid")||n.push("openid");const o=r?[...t||[],...n]:t||[],i=new _t(o);e.set("scope",i.printScopes())}function Ot(e,t){e.set(ce,t)}function Mt(e,t){e.set(he,t)}function xt(e,t){e.set("login_hint",t)}function qt(e,t){e.set(I,`UPN:${t}`)}function Nt(e,t){e.set(I,`Oid:${t.uid}@${t.utid}`)}function Ut(e,t){e.set("sid",t)}function Lt(e,t,r){const n=Vt(t,r);try{JSON.parse(n)}catch(e){throw ve(Re)}e.set("claims",n)}function Ht(e,t){e.set("client-request-id",t)}function Dt(e,t){e.set("x-client-SKU",t.sku),e.set("x-client-VER",t.version),t.os&&e.set("x-client-OS",t.os),t.cpu&&e.set("x-client-CPU",t.cpu)}function Ft(e,t){t?.appName&&e.set("x-app-name",t.appName),t?.appVersion&&e.set("x-app-ver",t.appVersion)}function Kt(e,t){t&&e.set("state",t)}function Bt(e,t,r){if(!t||!r)throw ve(xe);e.set("code_challenge",t),e.set("code_challenge_method",r)}function zt(e,t){e.set("client_secret",t)}function jt(e,t){t&&e.set("client_assertion",t)}function $t(e,t){t&&e.set("client_assertion_type",t)}function Jt(e,t){e.set("grant_type",t)}function Wt(e){e.set("client_info","1")}function Gt(e){e.has(fe)||e.set(fe,"true")}function Qt(e,t){Object.entries(t).forEach((([t,r])=>{!e.has(t)&&r&&e.set(t,r)}))}function Vt(e,t){let r;if(e)try{r=JSON.parse(e)}catch(e){throw ve(Re)}else r={};return t&&t.length>0&&(r.hasOwnProperty(E)||(r[E]={}),r[E][P]={values:t}),JSON.stringify(r)}function Xt(e,t){t&&(e.set(le,G.POP),e.set(de,t))}function Yt(e,t){t&&(e.set(le,G.SSH),e.set(de,t))}function Zt(e,t){e.set("x-client-current-telemetry",t.generateCurrentRequestHeaderValue()),e.set("x-client-last-telemetry",t.generateLastRequestHeaderValue())}function er(e){e.set("x-ms-lib-capability","retry-after, h429")}function tr(e,t,r){e.has(pe)||e.set(pe,t),e.has(me)||e.set(me,r)}function rr(e){if(!e)return e;let t=e.toLowerCase();return ke.endsWith(t,"?")?t=t.slice(0,-1):ke.endsWith(t,"?/")&&(t=t.slice(0,-2)),ke.endsWith(t,"/")||(t+="/"),t}function nr(e){return e.startsWith("#/")?e.substring(2):e.startsWith("#")||e.startsWith("?")?e.substring(1):e}function or(e){if(!e||e.indexOf("=")<0)return null;try{const t=nr(e),r=Object.fromEntries(new URLSearchParams(t));if(r.code||r.ear_jwe||r.error||r.error_description||r.state)return r}catch(e){throw be(Ze)}return null}function ir(e){const t=new Array;return e.forEach(((e,r)=>{t.push(`${r}=${encodeURIComponent(e)}`)})),t.join("&")}function sr(e){if(!e)return e;const t=e.split("#")[0];try{const e=new URL(t);return rr(e.origin+e.pathname+e.search)}catch(e){return rr(t)}}const ar={createNewGuid:()=>{throw be(bt)},base64Decode:()=>{throw be(bt)},base64Encode:()=>{throw be(bt)},base64UrlEncode:()=>{throw be(bt)},encodeKid:()=>{throw be(bt)},async getPublicKeyThumbprint(){throw be(bt)},async removeTokenBindingKey(){throw be(bt)},async clearKeystore(){throw be(bt)},async signJwt(){throw be(bt)},async hashString(){throw be(bt)}};var cr;e.LogLevel=void 0,(cr=e.LogLevel||(e.LogLevel={}))[cr.Error=0]="Error",cr[cr.Warning=1]="Warning",cr[cr.Info=2]="Info",cr[cr.Verbose=3]="Verbose",cr[cr.Trace=4]="Trace";const hr=new Map;function lr(e,t){const r=Date.now();let n=hr.get(e);if(n)!function(e,t){hr.delete(e),hr.set(e,t)}(e,n);else if(n={logs:[],firstEventTime:r},hr.set(e,n),hr.size>50){const e=hr.keys().next().value;e&&hr.delete(e)}n.logs.push({...t,milliseconds:r-n.firstEventTime}),n.logs.length>500&&n.logs.shift()}class dr{constructor(t,r,n){this.level=e.LogLevel.Info;const o=t||dr.createDefaultLoggerOptions();this.localCallback=o.loggerCallback||(()=>{}),this.piiLoggingEnabled=o.piiLoggingEnabled||!1,this.level="number"==typeof o.logLevel?o.logLevel:e.LogLevel.Info,this.packageName=r||"",this.packageVersion=n||""}static createDefaultLoggerOptions(){return{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info}}clone(e,t){return new dr({loggerCallback:this.localCallback,piiLoggingEnabled:this.piiLoggingEnabled,logLevel:this.level},e,t)}logMessage(t,r){const n=r.correlationId;if(function(e){if(6!==e.length)return!1;for(let t=0;t<e.length;t++){const r=e[t];if(!(r>="a"&&r<="z"||r>="A"&&r<="Z"||r>="0"&&r<="9"))return!1}return!0}(t)){lr(n,{hash:t,level:r.logLevel,containsPii:r.containsPii||!1,milliseconds:0})}if(r.logLevel>this.level||!this.piiLoggingEnabled&&r.containsPii)return;const o=`${`[${(new Date).toUTCString()}] : [${n}]`} : ${this.packageName}@${this.packageVersion} : ${e.LogLevel[r.logLevel]} - ${t}`;this.executeCallback(r.logLevel,o,r.containsPii||!1)}executeCallback(e,t,r){this.localCallback&&this.localCallback(e,t,r)}error(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!1,correlationId:r})}errorPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!0,correlationId:r})}warning(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!1,correlationId:r})}warningPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!0,correlationId:r})}info(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!1,correlationId:r})}infoPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!0,correlationId:r})}verbose(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!1,correlationId:r})}verbosePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!0,correlationId:r})}trace(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!1,correlationId:r})}tracePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!0,correlationId:r})}isPiiLoggingEnabled(){return this.piiLoggingEnabled||!1}}const ur="@azure/msal-common",gr="16.0.0-beta.0",pr={None:"none",AzurePublic:"https://login.microsoftonline.com",AzurePpe:"https://login.windows-ppe.net",AzureChina:"https://login.chinacloudapi.cn",AzureGermany:"https://login.microsoftonline.de",AzureUsGovernment:"https://login.microsoftonline.us"};function mr(e,t){return!!e&&!!t&&e===t.split(".")[1]}function fr(e,t,r,n){if(n){const{oid:t,sub:r,tid:o,name:i,tfp:s,acr:a,preferred_username:c,upn:h,login_hint:l}=n,d=o||s||a||"";return{tenantId:d,localAccountId:t||r||"",name:i,username:c||h||"",loginHint:l,isHomeTenant:mr(d,e)}}return{tenantId:r,localAccountId:t,username:"",isHomeTenant:mr(r,e)}}function yr(e,t,r,n){let o=e;if(t){const{isHomeTenant:r,...n}=t;o={...e,...n}}if(r){const{isHomeTenant:t,...i}=fr(e.homeAccountId,e.localAccountId,e.tenantId,r);return o={...o,...i,idTokenClaims:r,idToken:n},o}return o}function wr(e,t){const r=function(e){if(!e)throw be(Qe);const t=/^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/.exec(e);if(!t||t.length<4)throw be(Ge);return t[2]}(e);try{const e=t(r);return JSON.parse(e)}catch(e){throw be(Ge)}}function Ir(e){if(!e.signin_state)return!1;const t=["kmsi","dvc_dmjd"];return e.signin_state.some((e=>t.includes(e.trim().toLowerCase())))}function Cr(e,t){if(0===t||Date.now()-3e5>e+t)throw be(it)}class vr{get urlString(){return this._urlString}constructor(e){if(this._urlString=e,!this._urlString)throw ve(Ee);e.includes("#")||(this._urlString=vr.canonicalizeUri(e))}static canonicalizeUri(e){if(e){let t=e.toLowerCase();return ke.endsWith(t,"?")?t=t.slice(0,-1):ke.endsWith(t,"?/")&&(t=t.slice(0,-2)),ke.endsWith(t,"/")||(t+="/"),t}return e}validateAsUri(){let e;try{e=this.getUrlComponents()}catch(e){throw ve(_e)}if(!e.HostNameAndPort||!e.PathSegments)throw ve(_e);if(!e.Protocol||"https:"!==e.Protocol.toLowerCase())throw ve(Se)}static appendQueryString(e,t){return t?e.indexOf("?")<0?`${e}?${t}`:`${e}&${t}`:e}static removeHashFromUrl(e){return vr.canonicalizeUri(e.split("#")[0])}replaceTenantPath(e){const t=this.getUrlComponents(),r=t.PathSegments;return!e||0===r.length||r[0]!==A&&r[0]!==S||(r[0]=e),vr.constructAuthorityUriFromObject(t)}getUrlComponents(){const e=RegExp("^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?"),t=this.urlString.match(e);if(!t)throw ve(_e);const r={Protocol:t[1],HostNameAndPort:t[4],AbsolutePath:t[5],QueryString:t[7]};let n=r.AbsolutePath.split("/");return n=n.filter((e=>e&&e.length>0)),r.PathSegments=n,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(e){const t=RegExp("^([^:/?#]+://)?([^/?#]*)"),r=e.match(t);if(!r)throw ve(_e);return r[2]}static getAbsoluteUrl(e,t){if("/"===e[0]){const r=new vr(t).getUrlComponents();return r.Protocol+"//"+r.HostNameAndPort+e}return e}static constructAuthorityUriFromObject(e){return new vr(e.Protocol+"//"+e.HostNameAndPort+"/"+e.PathSegments.join("/"))}}const kr={endpointMetadata:[{host:"login.microsoftonline.com"},{host:"login.chinacloudapi.cn",issuerHost:"login.partner.microsoftonline.cn"},{host:"login.microsoftonline.us"},{host:"login.sovcloud-identity.fr"},{host:"login.sovcloud-identity.de"},{host:"login.sovcloud-identity.sg"}].reduce(((e,{host:t,issuerHost:r})=>(e[t]=function(e,t){return{token_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/token`,jwks_uri:`https://${e}/{tenantid}/discovery/v2.0/keys`,issuer:`https://${t}/{tenantid}/v2.0`,authorization_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/authorize`,end_session_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/logout`}}(t,r||t),e)),{}),instanceDiscoveryMetadata:{metadata:[{preferred_network:"login.microsoftonline.com",preferred_cache:"login.windows.net",aliases:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{preferred_network:"login.partner.microsoftonline.cn",preferred_cache:"login.partner.microsoftonline.cn",aliases:["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{preferred_network:"login.microsoftonline.de",preferred_cache:"login.microsoftonline.de",aliases:["login.microsoftonline.de"]},{preferred_network:"login.microsoftonline.us",preferred_cache:"login.microsoftonline.us",aliases:["login.microsoftonline.us","login.usgovcloudapi.net"]},{preferred_network:"login-us.microsoftonline.com",preferred_cache:"login-us.microsoftonline.com",aliases:["login-us.microsoftonline.com"]}]}},Tr=kr.endpointMetadata,br=kr.instanceDiscoveryMetadata,Ar=new Set;function Sr(e,t,r,n,o){if(e.trace("1bmquz",t),r&&n){const o=_r(n,r);if(o)return e.trace("1fotbt",t),o.aliases;e.trace("14avvj",t)}return null}function _r(e,t){for(let r=0;r<e.length;r++){const n=e[r];if(n.aliases.includes(t))return n}return null}br.metadata.forEach((e=>{e.aliases.forEach((e=>{Ar.add(e)}))}));const Er="cache_quota_exceeded";class Pr extends Error{constructor(e,t){const r=t||ye(e);super(r),Object.setPrototypeOf(this,Pr.prototype),this.name="CacheError",this.errorCode=e,this.errorMessage=r}}function Rr(e){return e instanceof Error?"QuotaExceededError"===e.name||"NS_ERROR_DOM_QUOTA_REACHED"===e.name||e.message.includes("exceeded the quota")?new Pr(Er):new Pr(e.name,e.message):new Pr("cache_error_unknown")}function Or(e,t){if(!e)throw be(We);try{const r=t(e);return JSON.parse(r)}catch(e){throw be(Je)}}function Mr(e){if(!e)throw be(Je);const t=e.split(".",2);return{uid:t[0],utid:t.length<2?"":t[1]}}const xr=0,qr=1,Nr=2,Ur=3;function Lr(e){if(e){return e.tid||e.tfp||e.acr||null}return null}const Hr={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"};function Dr(e){return{homeAccountId:e.homeAccountId,environment:e.environment,tenantId:e.realm,username:e.username,localAccountId:e.localAccountId,loginHint:e.loginHint,name:e.name,nativeAccountId:e.nativeAccountId,authorityType:e.authorityType,tenantProfiles:new Map((e.tenantProfiles||[]).map((e=>[e.tenantId,e]))),dataBoundary:e.dataBoundary}}function Fr(e,t,r){return{authorityType:e.authorityType||U,homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,nativeAccountId:e.nativeAccountId,realm:e.tenantId,environment:e.environment,username:e.username,loginHint:e.loginHint,name:e.name,cloudGraphHostName:t,msGraphHost:r,tenantProfiles:Array.from(e.tenantProfiles?.values()||[]),dataBoundary:e.dataBoundary}}function Kr(e,t,r,n,o,i){if(t!==qr&&t!==Nr){if(e)try{const t=Or(e,n.base64Decode);if(t.uid&&t.utid)return`${t.uid}.${t.utid}`}catch(e){}r.warning("1ub6wv",o)}return i?.sub||""}class Br{constructor(e,t,r,n,o){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(ur,gr),this.staticAuthorityOptions=o,this.performanceClient=n}getAllAccounts(e={},t){return this.buildTenantProfiles(this.getAccountsFilteredBy(e,t),t,e)}getAccountInfoFilteredBy(e,t){const r=this.getAllAccounts(e,t);if(r.length>1){return r.sort((e=>e.idTokenClaims?-1:1))[0]}return 1===r.length?r[0]:null}getBaseAccountInfo(e,t){const r=this.getAccountsFilteredBy(e,t);return r.length>0?Dr(r[0]):null}buildTenantProfiles(e,t,r){return e.flatMap((e=>this.getTenantProfilesFromAccountEntity(e,t,r?.tenantId,r)))}getTenantedAccountInfoByFilter(e,t,r,n,o){let i,s=null;if(o&&!this.tenantProfileMatchesFilter(r,o))return null;const a=this.getIdToken(e,n,t,r.tenantId);return a&&(i=wr(a.secret,this.cryptoImpl.base64Decode),!this.idTokenClaimsMatchTenantProfileFilter(i,o))?null:(s=yr(e,r,i,a?.secret),s)}getTenantProfilesFromAccountEntity(e,t,r,n){const o=Dr(e);let i=o.tenantProfiles||new Map;const s=this.getTokenKeys();if(r){const e=i.get(r);if(!e)return[];i=new Map([[r,e]])}const a=[];return i.forEach((e=>{const r=this.getTenantedAccountInfoByFilter(o,s,e,t,n);r&&a.push(r)})),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId))&&((!t.name||e.name===t.name)&&(void 0===t.isHomeTenant||e.isHomeTenant===t.isHomeTenant))}idTokenClaimsMatchTenantProfileFilter(e,t){if(t){if(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId))return!1;if(t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint))return!1;if(t.username&&!this.matchUsername(e.preferred_username,t.username))return!1;if(t.name&&!this.matchName(e,t.name))return!1;if(t.sid&&!this.matchSid(e,t.sid))return!1}return!0}async saveCacheRecord(e,t,r,n){if(!e)throw be(ut);try{e.account&&await this.setAccount(e.account,t,r),e.idToken&&!1!==n?.idToken&&await this.setIdTokenCredential(e.idToken,t,r),e.accessToken&&!1!==n?.accessToken&&await this.saveAccessToken(e.accessToken,t,r),e.refreshToken&&!1!==n?.refreshToken&&await this.setRefreshTokenCredential(e.refreshToken,t,r),e.appMetadata&&this.setAppMetadata(e.appMetadata,t)}catch(e){throw this.commonLogger?.error("0j476p",t),e instanceof we?e:Rr(e)}}async saveAccessToken(e,t,r){const n={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType},o=this.getTokenKeys(),i=_t.fromString(e.target);o.accessToken.forEach((e=>{if(!this.accessTokenKeyMatchesFilter(e,n,!1))return;const r=this.getAccessTokenCredential(e,t);if(r&&this.credentialMatchesFilter(r,n,t)){_t.fromString(r.target).intersectingScopeSets(i)&&this.removeAccessToken(e,t)}})),await this.setAccessTokenCredential(e,t,r)}getAccountsFilteredBy(e,t){const r=this.getAccountKeys(),n=[];return r.forEach((r=>{const o=this.getAccount(r,t);if(!o)return;if(e.homeAccountId&&!this.matchHomeAccountId(o,e.homeAccountId))return;if(e.username&&!this.matchUsername(o.username,e.username))return;if(e.environment&&!this.matchEnvironment(o,e.environment,t))return;if(e.realm&&!this.matchRealm(o,e.realm))return;if(e.nativeAccountId&&!this.matchNativeAccountId(o,e.nativeAccountId))return;if(e.authorityType&&!this.matchAuthorityType(o,e.authorityType))return;const i={localAccountId:e?.localAccountId,name:e?.name},s=o.tenantProfiles?.filter((e=>this.tenantProfileMatchesFilter(e,i)));s&&0===s.length||n.push(o)})),n}credentialMatchesFilter(e,t,r){if(t.clientId&&!this.matchClientId(e,t.clientId))return!1;if(t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash))return!1;if("string"==typeof t.homeAccountId&&!this.matchHomeAccountId(e,t.homeAccountId))return!1;if(t.environment&&!this.matchEnvironment(e,t.environment,r))return!1;if(t.realm&&!this.matchRealm(e,t.realm))return!1;if(t.credentialType&&!this.matchCredentialType(e,t.credentialType))return!1;if(t.familyId&&!this.matchFamilyId(e,t.familyId))return!1;if(t.target&&!this.matchTarget(e,t.target))return!1;if(e.credentialType===L.ACCESS_TOKEN_WITH_AUTH_SCHEME){if(t.tokenType&&!this.matchTokenType(e,t.tokenType))return!1;if(t.tokenType===G.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId))return!1}return!0}getAppMetadataFilteredBy(e,t){const r=this.getKeys(),n={};return r.forEach((r=>{if(!this.isAppMetadata(r))return;const o=this.getAppMetadata(r,t);o&&(e.environment&&!this.matchEnvironment(o,e.environment,t)||e.clientId&&!this.matchClientId(o,e.clientId)||(n[r]=o))})),n}getAuthorityMetadataByAlias(e,t){const r=this.getAuthorityMetadataKeys();let n=null;return r.forEach((r=>{if(!this.isAuthorityMetadata(r)||-1===r.indexOf(this.clientId))return;const o=this.getAuthorityMetadata(r,t);o&&-1!==o.aliases.indexOf(e)&&(n=o)})),n}removeAllAccounts(e){this.getAllAccounts({},e).forEach((t=>{this.removeAccount(t,e)}))}removeAccount(e,t){this.removeAccountContext(e,t);this.getAccountKeys().filter((t=>t.includes(e.homeAccountId)&&t.includes(e.environment))).forEach((e=>{this.removeItem(e,t),this.performanceClient.incrementFields({accountsRemoved:1},t)}))}removeAccountContext(e,t){const r=this.getTokenKeys(),n=t=>t.includes(e.homeAccountId)&&t.includes(e.environment);r.idToken.filter(n).forEach((e=>{this.removeIdToken(e,t)})),r.accessToken.filter(n).forEach((e=>{this.removeAccessToken(e,t)})),r.refreshToken.filter(n).forEach((e=>{this.removeRefreshToken(e,t)}))}removeAccessToken(e,t){const r=this.getAccessTokenCredential(e,t);if(r&&(this.removeItem(e,t),this.performanceClient.incrementFields({accessTokensRemoved:1},t),r.credentialType.toLowerCase()===L.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()&&r.tokenType===G.POP)){const e=r.keyId;e&&this.cryptoImpl.removeTokenBindingKey(e,t).catch((()=>{this.commonLogger.error("0cx291",t),this.performanceClient?.incrementFields({removeTokenBindingKeyFailure:1},t)}))}}removeAppMetadata(e){return this.getKeys().forEach((t=>{this.isAppMetadata(t)&&this.removeItem(t,e)})),!0}getIdToken(e,t,r,n){this.commonLogger.trace("1drz22",t);const o={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:L.ID_TOKEN,clientId:this.clientId,realm:n},i=this.getIdTokensByFilter(o,t,r),s=i.size;if(s<1)return this.commonLogger.info("1atvtd",t),null;if(s>1){let r=i;if(!n){const n=new Map;i.forEach(((t,r)=>{t.realm===e.tenantId&&n.set(r,t)}));const o=n.size;if(o<1)return this.commonLogger.info("0ooalx",t),i.values().next().value;if(1===o)return this.commonLogger.info("1eq2vc",t),n.values().next().value;r=n}return this.commonLogger.info("1ws328",t),r.forEach(((e,r)=>{this.removeIdToken(r,t)})),this.performanceClient.addFields({multiMatchedID:i.size},t),null}return this.commonLogger.info("1sm769",t),i.values().next().value}getIdTokensByFilter(e,t,r){const n=r&&r.idToken||this.getTokenKeys().idToken,o=new Map;return n.forEach((r=>{if(!this.idTokenKeyMatchesFilter(r,{clientId:this.clientId,...e}))return;const n=this.getIdTokenCredential(r,t);n&&this.credentialMatchesFilter(n,e,t)&&o.set(r,n)})),o}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.clientId||-1!==r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase()))}removeIdToken(e,t){this.removeItem(e,t)}removeRefreshToken(e,t){this.removeItem(e,t)}getAccessToken(e,t,r,n){const o=t.correlationId;this.commonLogger.trace("1t7hz1",o);const i=_t.createSearchScopes(t.scopes),s=t.authenticationScheme||G.BEARER,a=s&&s.toLowerCase()!==G.BEARER.toLowerCase()?L.ACCESS_TOKEN_WITH_AUTH_SCHEME:L.ACCESS_TOKEN,c={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:a,clientId:this.clientId,realm:n||e.tenantId,target:i,tokenType:s,keyId:t.sshKid},h=r&&r.accessToken||this.getTokenKeys().accessToken,l=[];h.forEach((e=>{if(this.accessTokenKeyMatchesFilter(e,c,!0)){const t=this.getAccessTokenCredential(e,o);t&&this.credentialMatchesFilter(t,c,o)&&l.push(t)}}));const d=l.length;return d<1?(this.commonLogger.info("1nckna",o),null):d>1?(this.commonLogger.info("1wkfwp",o),l.forEach((e=>{this.removeAccessToken(this.generateCredentialKey(e),o)})),this.performanceClient.addFields({multiMatchedAT:l.length},o),null):(this.commonLogger.info("06yt98",o),l[0])}accessTokenKeyMatchesFilter(e,t,r){const n=e.toLowerCase();if(t.clientId&&-1===n.indexOf(t.clientId.toLowerCase()))return!1;if(t.homeAccountId&&-1===n.indexOf(t.homeAccountId.toLowerCase()))return!1;if(t.realm&&-1===n.indexOf(t.realm.toLowerCase()))return!1;if(t.target){const e=t.target.asArray();for(let t=0;t<e.length;t++){if(r&&!n.includes(e[t].toLowerCase()))return!1;if(!r&&n.includes(e[t].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e,t){const r=this.getTokenKeys(),n=[];return r.accessToken.forEach((r=>{if(!this.accessTokenKeyMatchesFilter(r,e,!0))return;const o=this.getAccessTokenCredential(r,t);o&&this.credentialMatchesFilter(o,e,t)&&n.push(o)})),n}getRefreshToken(e,t,r,n){this.commonLogger.trace("0x53vi",r);const o=t?D:void 0,i={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:L.REFRESH_TOKEN,clientId:this.clientId,familyId:o},s=n&&n.refreshToken||this.getTokenKeys().refreshToken,a=[];s.forEach((e=>{if(this.refreshTokenKeyMatchesFilter(e,i)){const t=this.getRefreshTokenCredential(e,r);t&&this.credentialMatchesFilter(t,i,r)&&a.push(t)}}));const c=a.length;return c<1?(this.commonLogger.info("0dlw11",r),null):(c>1&&this.performanceClient.addFields({multiMatchedRT:c},r),this.commonLogger.info("0wcnep",r),a[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.familyId||-1!==r.indexOf(t.familyId.toLowerCase()))&&(!(!t.familyId&&t.clientId&&-1===r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase())))}readAppMetadataFromCache(e,t){const r={environment:e,clientId:this.clientId},n=this.getAppMetadataFilteredBy(r,t),o=Object.keys(n).map((e=>n[e])),i=o.length;if(i<1)return null;if(i>1)throw be(st);return o[0]}isAppMetadataFOCI(e,t){const r=this.readAppMetadataFromCache(e,t);return!(!r||r.familyId!==D)}matchHomeAccountId(e,t){return!("string"!=typeof e.homeAccountId||t!==e.homeAccountId)}matchLocalAccountIdFromTokenClaims(e,t){return t===(e.oid||e.sub)}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){return!(t.toLowerCase()!==e.name?.toLowerCase())}matchUsername(e,t){return!(!e||"string"!=typeof e||t?.toLowerCase()!==e.toLowerCase())}matchUserAssertionHash(e,t){return!(!e.userAssertionHash||t!==e.userAssertionHash)}matchEnvironment(e,t,r){if(this.staticAuthorityOptions){const n=function(e,t,r){let n;const o=e.canonicalAuthority;if(o){const i=new vr(o).getUrlComponents().HostNameAndPort;n=Sr(t,r,i,e.cloudDiscoveryMetadata?.metadata)||Sr(t,r,i,br.metadata)||e.knownAuthorities}return n||[]}(this.staticAuthorityOptions,this.commonLogger,r);if(n.includes(t)&&n.includes(e.environment))return!0}const n=this.getAuthorityMetadataByAlias(t,r);return!!(n&&n.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!(!e.clientId||t!==e.clientId)}matchFamilyId(e,t){return!(!e.familyId||t!==e.familyId)}matchRealm(e,t){return!(e.realm?.toLowerCase()!==t.toLowerCase())}matchNativeAccountId(e,t){return!(!e.nativeAccountId||t!==e.nativeAccountId)}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t||(e.preferred_username===t||e.upn===t)}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!(!e.authorityType||t.toLowerCase()!==e.authorityType.toLowerCase())}matchTarget(e,t){if(e.credentialType!==L.ACCESS_TOKEN&&e.credentialType!==L.ACCESS_TOKEN_WITH_AUTH_SCHEME||!e.target)return!1;return _t.fromString(e.target).containsScopeSet(t)}matchTokenType(e,t){return!(!e.tokenType||e.tokenType!==t)}matchKeyId(e,t){return!(!e.keyId||e.keyId!==t)}isAppMetadata(e){return-1!==e.indexOf(H)}isAuthorityMetadata(e){return-1!==e.indexOf(F)}generateAuthorityMetadataCacheKey(e){return`${F}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class zr extends Br{async setAccount(){throw be(bt)}getAccount(){throw be(bt)}async setIdTokenCredential(){throw be(bt)}getIdTokenCredential(){throw be(bt)}async setAccessTokenCredential(){throw be(bt)}getAccessTokenCredential(){throw be(bt)}async setRefreshTokenCredential(){throw be(bt)}getRefreshTokenCredential(){throw be(bt)}setAppMetadata(){throw be(bt)}getAppMetadata(){throw be(bt)}setServerTelemetry(){throw be(bt)}getServerTelemetry(){throw be(bt)}setAuthorityMetadata(){throw be(bt)}getAuthorityMetadata(){throw be(bt)}getAuthorityMetadataKeys(){throw be(bt)}setThrottlingCache(){throw be(bt)}getThrottlingCache(){throw be(bt)}removeItem(){throw be(bt)}getKeys(){throw be(bt)}getAccountKeys(){throw be(bt)}getTokenKeys(){throw be(bt)}generateCredentialKey(){throw be(bt)}generateAccountKey(){throw be(bt)}}const jr=1,$r=2,Jr=new Set(["accessTokenSize","durationMs","idTokenSize","matsSilentStatus","matsHttpStatus","refreshTokenSize","startTimeMs","status","multiMatchedAT","multiMatchedID","multiMatchedRT","unencryptedCacheCount","encryptedCacheExpiredCount","oldAccountCount","oldAccessCount","oldIdCount","oldRefreshCount","currAccountCount","currAccessCount","currIdCount","currRefreshCount","expiredCacheRemovedCount","upgradedCacheCount"]);class Wr{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:jr,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""}}}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}const Gr={tokenRenewalOffsetSeconds:300,preventCorsPreflight:!1},Qr={loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info,correlationId:""},Vr={async sendGetRequestAsync(){throw be(bt)},async sendPostRequestAsync(){throw be(bt)}},Xr={sku:"msal.js.common",version:gr,cpu:"",os:""},Yr={clientSecret:"",clientAssertion:void 0},Zr={azureCloudInstance:pr.None,tenant:`${r}`},en={application:{appName:"",appVersion:""}};function tn({authOptions:e,systemOptions:t,loggerOptions:r,storageInterface:n,networkInterface:o,cryptoInterface:i,clientCredentials:s,libraryInfo:a,telemetry:c,serverTelemetryManager:h,persistencePlugin:l,serializableCache:d}){const u={...Qr,...r};return{authOptions:(g=e,{clientCapabilities:[],azureCloudOptions:Zr,instanceAware:!1,...g}),systemOptions:{...Gr,...t},loggerOptions:u,storageInterface:n||new zr(e.clientId,ar,new dr(u),new Wr),networkInterface:o||Vr,cryptoInterface:i||ar,clientCredentials:s||Yr,libraryInfo:{...Xr,...a},telemetry:{...en,...c},serverTelemetryManager:h||null,persistencePlugin:l||null,serializableCache:d||null};var g}function rn(e){return e.authOptions.authority.options.protocolMode===Hr.OIDC}class nn extends we{constructor(e,t,r,n,o){super(e,t,r),this.name="ServerError",this.errorNo=n,this.status=o,Object.setPrototypeOf(this,nn.prototype)}}const on="no_tokens_found",sn="native_account_unavailable",an="refresh_token_expired",cn="ux_not_allowed",hn="interaction_required",ln="consent_required",dn="login_required",un="bad_token";var gn=Object.freeze({__proto__:null,badToken:un,consentRequired:ln,interactionRequired:hn,loginRequired:dn,nativeAccountUnavailable:sn,noTokensFound:on,refreshTokenExpired:an,uxNotAllowed:cn});const pn=[hn,ln,dn,un,cn],mn=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token","ux_not_allowed"];class fn extends we{constructor(e,t,r,n,o,i,s,a){super(e,t,r),Object.setPrototypeOf(this,fn.prototype),this.timestamp=n||"",this.traceId=o||"",this.correlationId=i||"",this.claims=s||"",this.name="InteractionRequiredAuthError",this.errorNo=a}}function yn(e,t,r){const n=!!e&&pn.indexOf(e)>-1,o=!!r&&mn.indexOf(r)>-1,i=!!t&&pn.some((e=>t.indexOf(e)>-1));return n||i||o}function wn(e,t){return new fn(e,t)}function In(e,t,r){const n=function(e,t){if(!e)throw be(mt);const r={id:e.createNewGuid()};t&&(r.meta=t);const n=JSON.stringify(r);return e.base64Encode(n)}(e,r);return t?`${n}|${t}`:n}function Cn(e,t){if(!e)throw be(mt);if(!t)throw be(et);try{const r=t.split("|"),n=r[0],o=r.length>1?r.slice(1).join("|"):"",i=e(n);return{userRequestState:o||"",libraryState:JSON.parse(i)}}catch(e){throw be(et)}}function vn(){return Math.round((new Date).getTime()/1e3)}function kn(e){return e.getTime()/1e3}function Tn(e){return e?new Date(1e3*Number(e)):new Date}function bn(e,t){const r=Number(e)||0;return vn()+t>r}function An(e,t){const r=Number(e)+24*t*60*60*1e3;return Date.now()>r}function Sn(e){return Number(e)>vn()}const _n="networkClientSendPostRequestAsync",En="refreshTokenClientAcquireTokenWithCachedRefreshToken",Pn="getAuthCodeUrl",Rn="handleCodeResponseFromServer",On="popTokenGenerateCnf",Mn="handleServerTokenResponse",xn="authorityUpdateMetadataWithRegionalInformation",qn="regionDiscoveryGetRegionFromIMDS",Nn=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);if(o){const e=t+"CallCount";n.incrementFields({[e]:1},o)}try{const t=e(...i);return s.end({success:!0}),r.trace("1g8n6a",o),t}catch(e){r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}},Un=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);if(o){const e=t+"CallCount";n.incrementFields({[e]:1},o)}return e(...i).then((e=>(r.trace("1g8n6a",o),s.end({success:!0}),e))).catch((e=>{r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}))},Ln="sw";class Hn{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){const r=await Un(this.generateKid.bind(this),On,t,this.performanceClient,e.correlationId)(e),n=this.cryptoUtils.base64UrlEncode(JSON.stringify(r));return{kid:r.kid,reqCnfString:n}}async generateKid(e){return{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:Ln}}async signPopToken(e,t,r){return this.signPayload(e,t,r)}async signPayload(e,t,r,n){const{resourceRequestMethod:o,resourceRequestUri:i,shrClaims:s,shrNonce:a,shrOptions:c}=r,h=i?new vr(i):void 0,l=h?.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:vn(),m:o?.toUpperCase(),u:l?.HostNameAndPort,nonce:a||this.cryptoUtils.createNewGuid(),p:l?.AbsolutePath,q:l?.QueryString?[[],l.QueryString]:void 0,client_claims:s||void 0,...n},t,c,r.correlationId)}}class Dn{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}function Fn(e,t,r,n,o){return{credentialType:L.ID_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,realm:o,lastUpdatedAt:Date.now().toString()}}function Kn(e,t,r,n,o,i,s,a,c,h,l,d,u){const g={homeAccountId:e,credentialType:L.ACCESS_TOKEN,secret:r,cachedAt:vn().toString(),expiresOn:s.toString(),extendedExpiresOn:a.toString(),environment:t,clientId:n,realm:o,target:i,tokenType:l||G.BEARER,lastUpdatedAt:Date.now().toString()};if(d&&(g.userAssertionHash=d),h&&(g.refreshOn=h.toString()),g.tokenType?.toLowerCase()!==G.BEARER.toLowerCase())switch(g.credentialType=L.ACCESS_TOKEN_WITH_AUTH_SCHEME,g.tokenType){case G.POP:const e=wr(r,c);if(!e?.cnf?.kid)throw be(yt);g.keyId=e.cnf.kid;break;case G.SSH:g.keyId=u}return g}function Bn(e,t,r,n,o,i,s){const a={credentialType:L.REFRESH_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,lastUpdatedAt:Date.now().toString()};return i&&(a.userAssertionHash=i),o&&(a.familyId=o),s&&(a.expiresOn=s.toString()),a}function zn(e){return e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("credentialType")&&e.hasOwnProperty("clientId")&&e.hasOwnProperty("secret")}function jn(e){return!!e&&(zn(e)&&e.hasOwnProperty("realm")&&e.hasOwnProperty("target")&&(e.credentialType===L.ACCESS_TOKEN||e.credentialType===L.ACCESS_TOKEN_WITH_AUTH_SCHEME))}function $n(e){return!!e&&(zn(e)&&e.credentialType===L.REFRESH_TOKEN)}function Jn(){return vn()+86400}function Wn(e,t,r){e.authorization_endpoint=t.authorization_endpoint,e.token_endpoint=t.token_endpoint,e.end_session_endpoint=t.end_session_endpoint,e.issuer=t.issuer,e.endpointsFromNetwork=r,e.jwks_uri=t.jwks_uri}function Gn(e,t,r){e.aliases=t.aliases,e.preferred_cache=t.preferred_cache,e.preferred_network=t.preferred_network,e.aliasesFromNetwork=r}function Qn(e){return e.expiresAt<=vn()}class Vn{constructor(e,t,r,n,o,i,s){this.clientId=e,this.cacheStorage=t,this.cryptoObj=r,this.logger=n,this.performanceClient=o,this.serializableCache=i,this.persistencePlugin=s}validateTokenResponse(e,t,r){if(e.error||e.error_description||e.suberror){const n=`Error(s): ${e.error_codes||h} - Timestamp: ${e.timestamp||h} - Description: ${e.error_description||h} - Correlation ID: ${e.correlation_id||h} - Trace ID: ${e.trace_id||h}`,o=e.error_codes?.length?e.error_codes[0]:void 0,i=new nn(e.error,n,e.suberror,o,e.status);if(r&&e.status&&e.status>=500&&e.status<=599)return void this.logger.warning("16ks7j",t);if(r&&e.status&&e.status>=400&&e.status<=499)return void this.logger.warning("0g61x3",t);if(yn(e.error,e.error_description,e.suberror))throw new fn(e.error,e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",o);throw i}}async handleServerTokenResponse(e,t,r,n,o,i,s,a,c){let h,l;if(e.id_token){if(h=wr(e.id_token||"",this.cryptoObj.base64Decode),o&&o.nonce&&h.nonce!==o.nonce)throw be(nt);if(n.maxAge||0===n.maxAge){const e=h.auth_time;if(!e)throw be(ot);Cr(e,n.maxAge)}}this.homeAccountIdentifier=Kr(e.client_info||"",t.authorityType,this.logger,this.cryptoObj,n.correlationId,h),o&&o.state&&(l=Cn(this.cryptoObj.base64Decode,o.state)),e.key_id=e.key_id||n.sshKid||void 0;const d=this.generateCacheRecord(e,t,r,n,h,i,o);let u;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("0jbz5k",n.correlationId),u=new Dn(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(u)),s&&!a&&d.account){const e=this.cacheStorage.generateAccountKey(Dr(d.account));if(!this.cacheStorage.getAccount(e,n.correlationId))return this.logger.warning("1gmt66",n.correlationId),await Vn.generateAuthenticationResult(this.cryptoObj,t,d,!1,n,this.performanceClient,h,l,void 0,c)}await this.cacheStorage.saveCacheRecord(d,n.correlationId,Ir(h||{}),n.storeInCache)}finally{this.persistencePlugin&&this.serializableCache&&u&&(this.logger.verbose("1bh17u",n.correlationId),await this.persistencePlugin.afterCacheAccess(u))}return Vn.generateAuthenticationResult(this.cryptoObj,t,d,!1,n,this.performanceClient,h,l,e,c)}generateCacheRecord(e,t,r,n,o,i,s){const a=t.getPreferredCache();if(!a)throw be(gt);const c=Lr(o);let h,l;e.id_token&&o&&(h=Fn(this.homeAccountIdentifier,a,e.id_token,this.clientId,c||""),l=Xn(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,n.correlationId,o,e.client_info,a,c,s,void 0,this.logger));let d=null;if(e.access_token){const o=e.scope?_t.fromString(e.scope):new _t(n.scopes||[]),s=("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0,h=("string"==typeof e.ext_expires_in?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,l=("string"==typeof e.refresh_in?parseInt(e.refresh_in,10):e.refresh_in)||void 0,u=r+s,g=u+h,p=l&&l>0?r+l:void 0;d=Kn(this.homeAccountIdentifier,a,e.access_token,this.clientId,c||t.tenant||"",o.printScopes(),u,g,this.cryptoObj.base64Decode,p,e.token_type,i,e.key_id)}let u=null;if(e.refresh_token){let t;if(e.refresh_token_expires_in){t=r+("string"==typeof e.refresh_token_expires_in?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in)}u=Bn(this.homeAccountIdentifier,a,e.refresh_token,this.clientId,e.foci,i,t)}let g=null;return e.foci&&(g={clientId:this.clientId,environment:a,familyId:e.foci}),{account:l,idToken:h,accessToken:d,refreshToken:u,appMetadata:g}}static async generateAuthenticationResult(e,t,r,n,o,i,s,a,c,h){let l,d,u="",g=[],p=null,m="";if(r.accessToken){if(r.accessToken.tokenType!==G.POP||o.popKid)u=r.accessToken.secret;else{const t=new Hn(e,i),{secret:n,keyId:s}=r.accessToken;if(!s)throw be(vt);u=await t.signPopToken(n,s,o)}g=_t.fromString(r.accessToken.target).asArray(),p=Tn(r.accessToken.expiresOn),l=Tn(r.accessToken.extendedExpiresOn),r.accessToken.refreshOn&&(d=Tn(r.accessToken.refreshOn))}r.appMetadata&&(m=r.appMetadata.familyId===D?D:"");const f=s?.oid||s?.sub||"",y=s?.tid||"";c?.spa_accountid&&r.account&&(r.account.nativeAccountId=c?.spa_accountid);const w=r.account?yr(Dr(r.account),void 0,s,r.idToken?.secret):null;return{authority:t.canonicalAuthority,uniqueId:f,tenantId:y,scopes:g,account:w,idToken:r?.idToken?.secret||"",idTokenClaims:s||{},accessToken:u,fromCache:n,expiresOn:p,extExpiresOn:l,refreshOn:d,correlationId:o.correlationId,requestId:h||"",familyId:m,tokenType:r.accessToken?.tokenType||"",state:a?a.userRequestState:"",cloudGraphHostName:r.account?.cloudGraphHostName||"",msGraphHost:r.account?.msGraphHost||"",code:c?.spa_code,fromPlatformBroker:!1}}}function Xn(e,t,r,n,o,i,s,a,c,h,l,d){d?.verbose("09jz0t",o);const u=e.getAccountKeys().find((e=>e.startsWith(r)));let g=null;u&&(g=e.getAccount(u,o));const p=g||function(e,t,r){let n,o,i;n=t.authorityType===qr?"ADFS":t.protocolMode===Hr.OIDC?U:"MSSTS",e.clientInfo&&r&&(o=Or(e.clientInfo,r),o.xms_tdbr&&(i="EU"===o.xms_tdbr?"EU":"None"));const s=e.environment||t&&t.getPreferredCache();if(!s)throw be(gt);const a=e.idTokenClaims?.preferred_username||e.idTokenClaims?.upn,c=e.idTokenClaims?.emails?e.idTokenClaims.emails[0]:null,h=a||c||"",l=e.idTokenClaims?.login_hint,d=o?.utid||Lr(e.idTokenClaims)||"",u=o?.uid||e.idTokenClaims?.oid||e.idTokenClaims?.sub||"";let g;g=e.tenantProfiles?e.tenantProfiles:[fr(e.homeAccountId,u,d,e.idTokenClaims)];return{homeAccountId:e.homeAccountId,environment:s,realm:d,localAccountId:u,username:h,authorityType:n,loginHint:l,clientInfo:e.clientInfo,name:e.idTokenClaims?.name||"",lastModificationTime:void 0,lastModificationApp:void 0,cloudGraphHostName:e.cloudGraphHostName,msGraphHost:e.msGraphHost,nativeAccountId:e.nativeAccountId,tenantProfiles:g,dataBoundary:i}}({homeAccountId:r,idTokenClaims:i,clientInfo:s,environment:a,cloudGraphHostName:h?.cloud_graph_host_name,msGraphHost:h?.msgraph_host,nativeAccountId:l},t,n),m=p.tenantProfiles||[],f=c||p.realm;if(f&&!m.find((e=>e.tenantId===f))){const e=fr(r,p.localAccountId,f,i);m.push(e)}return p.tenantProfiles=m,p}const Yn="home_account_id",Zn="UPN";async function eo(e,t,r){if("string"==typeof e)return e;return e({clientId:t,tokenEndpoint:r})}function to(e,t,r){return{clientId:e,authority:t.authority,scopes:t.scopes,homeAccountIdentifier:r,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid,embeddedClientId:t.embeddedClientId||t.extraParameters?.clientId}}class ro{static generateThrottlingStorageKey(e){return`${Q}.${JSON.stringify(e)}`}static preProcess(e,t,r){const n=ro.generateThrottlingStorageKey(t),o=e.getThrottlingCache(n,r);if(o){if(o.throttleTime<Date.now())return void e.removeItem(n,r);throw new nn(o.errorCodes?.join(" ")||"",o.errorMessage,o.subError)}}static postProcess(e,t,r,n){if(ro.checkResponseStatus(r)||ro.checkResponseForRetryAfter(r)){const o={throttleTime:ro.calculateThrottleTime(parseInt(r.headers[w])),error:r.body.error,errorCodes:r.body.error_codes,errorMessage:r.body.error_description,subError:r.body.suberror};e.setThrottlingCache(ro.generateThrottlingStorageKey(t),o,n)}}static checkResponseStatus(e){return 429===e.status||e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return!!e.headers&&(e.headers.hasOwnProperty(w)&&(e.status<200||e.status>=300))}static calculateThrottleTime(e){const t=e<=0?0:e,r=Date.now()/1e3;return Math.floor(1e3*Math.min(r+(t||60),r+3600))}static removeThrottle(e,t,r,n){const o=to(t,r,n),i=this.generateThrottlingStorageKey(o);e.removeItem(i,r.correlationId)}}class no extends we{constructor(e,t,r){super(e.errorCode,e.errorMessage,e.subError),Object.setPrototypeOf(this,no.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=r}}function oo(e,t,r,n){return e.errorMessage=`${e.errorMessage}, additionalErrorInfo: error.name:${n?.name}, error.message:${n?.message}`,new no(e,t,r)}function io(e,t,r){const n={};if(n[f]="application/x-www-form-urlencoded;charset=utf-8",!t&&r)switch(r.type){case Yn:try{const e=Mr(r.credential);n[I]=`Oid:${e.uid}@${e.utid}`}catch(t){e.verbose("1qhtee","")}break;case Zn:n[I]=`UPN: ${r.credential}`}return n}function so(e,t,r,n){const o=new Map;return e.embeddedClientId&&tr(o,t,r),e.extraQueryParameters&&Qt(o,e.extraQueryParameters),Ht(o,e.correlationId),Et(o,e.correlationId,n),ir(o)}async function ao(e,t,r,n,o,i,s,a,c,h){const l=await async function(e,t,r,n,o,i,s,a){let c;ro.preProcess(o,e,n);try{c=await Un(i.sendPostRequestAsync.bind(i),_n,s,a,n)(t,r);const e=c.headers||{};a?.addFields({refreshTokenSize:c.body.refresh_token?.length||0,httpVerToken:e[T]||"",requestId:e[k]||""},n)}catch(e){if(e instanceof no){const t=e.responseHeaders;throw t&&a?.addFields({httpVerToken:t[T]||"",requestId:t[k]||"",contentTypeHeader:t[f]||void 0,contentLengthHeader:t[y]||void 0,httpStatus:e.httpStatus},n),e.error}throw e instanceof we?e:be(Xe)}return ro.postProcess(o,e,c,n),c}(n,e,{body:t,headers:r},o,i,s,a,c);return h&&l.status<500&&429!==l.status&&h.clearTelemetryCache(),l}class co{constructor(e,t,r,n){this.networkInterface=e,this.logger=t,this.performanceClient=r,this.correlationId=n}async detectRegion(e,t){let r=e;if(r)t.region_source=X;else{const e=co.IMDS_OPTIONS;try{const n=await Un(this.getRegionFromIMDS.bind(this),qn,this.logger,this.performanceClient,this.correlationId)("2020-06-01",e);if(200===n.status&&(r=n.body,t.region_source=Y),400===n.status){const n=await Un(this.getCurrentVersion.bind(this),"regionDiscoveryGetCurrentVersion",this.logger,this.performanceClient,this.correlationId)(e);if(!n)return t.region_source=V,null;const o=await Un(this.getRegionFromIMDS.bind(this),qn,this.logger,this.performanceClient,this.correlationId)(n,e);200===o.status&&(r=o.body,t.region_source=Y)}}catch(e){return t.region_source=V,null}}return r||(t.region_source=V),r||null}async getRegionFromIMDS(e,t){return this.networkInterface.sendGetRequestAsync(`${l}?api-version=${e}&format=text`,t,2e3)}async getCurrentVersion(e){try{const t=await this.networkInterface.sendGetRequestAsync(`${l}?format=json`,e);return 400===t.status&&t.body&&t.body["newest-versions"]&&t.body["newest-versions"].length>0?t.body["newest-versions"][0]:null}catch(e){return null}}}co.IMDS_OPTIONS={headers:{Metadata:"true"}};class ho{constructor(e,t,r,n,o,i,s,a){this.canonicalAuthority=e,this._canonicalAuthority.validateAsUri(),this.networkInterface=t,this.cacheManager=r,this.authorityOptions=n,this.regionDiscoveryMetadata={region_used:void 0,region_source:void 0,region_outcome:void 0},this.logger=o,this.performanceClient=s,this.correlationId=i,this.managedIdentity=a||!1,this.regionDiscovery=new co(t,this.logger,this.performanceClient,this.correlationId)}getAuthorityType(e){if(e.HostNameAndPort.endsWith(o))return Ur;const t=e.PathSegments;if(t.length)switch(t[0].toLowerCase()){case"adfs":return qr;case"dstsv2":return Nr}return xr}get authorityType(){return this.getAuthorityType(this.canonicalAuthorityUrlComponents)}get protocolMode(){return this.authorityOptions.protocolMode}get options(){return this.authorityOptions}get canonicalAuthority(){return this._canonicalAuthority.urlString}set canonicalAuthority(e){this._canonicalAuthority=new vr(e),this._canonicalAuthority.validateAsUri(),this._canonicalAuthorityUrlComponents=null}get canonicalAuthorityUrlComponents(){return this._canonicalAuthorityUrlComponents||(this._canonicalAuthorityUrlComponents=this._canonicalAuthority.getUrlComponents()),this._canonicalAuthorityUrlComponents}get hostnameAndPort(){return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()}get tenant(){return this.canonicalAuthorityUrlComponents.PathSegments[0]}get authorizationEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.authorization_endpoint);throw be(Ve)}get tokenEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint);throw be(Ve)}get deviceCodeEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint.replace("/token","/devicecode"));throw be(Ve)}get endSessionEndpoint(){if(this.discoveryComplete()){if(!this.metadata.end_session_endpoint)throw be(Ct);return this.replacePath(this.metadata.end_session_endpoint)}throw be(Ve)}get selfSignedJwtAudience(){if(this.discoveryComplete())return this.replacePath(this.metadata.issuer);throw be(Ve)}get jwksUri(){if(this.discoveryComplete())return this.replacePath(this.metadata.jwks_uri);throw be(Ve)}canReplaceTenant(e){return 1===e.PathSegments.length&&!ho.reservedTenantDomains.has(e.PathSegments[0])&&this.getAuthorityType(e)===xr&&this.protocolMode!==Hr.OIDC}replaceTenant(e){return e.replace(/{tenant}|{tenantid}/g,this.tenant)}replacePath(e){let t=e;const r=new vr(this.metadata.canonical_authority).getUrlComponents(),n=r.PathSegments;return this.canonicalAuthorityUrlComponents.PathSegments.forEach(((e,o)=>{let i=n[o];if(0===o&&this.canReplaceTenant(r)){const e=new vr(this.metadata.authorization_endpoint).getUrlComponents().PathSegments[0];i!==e&&(this.logger.verbose("1q3g2x",this.correlationId),i=e)}e!==i&&(t=t.replace(`/${i}/`,`/${e}/`))})),this.replaceTenant(t)}get defaultOpenIdConfigurationEndpoint(){const e=this.hostnameAndPort;return this.canonicalAuthority.endsWith("v2.0/")||this.authorityType===qr||this.protocolMode===Hr.OIDC&&!this.isAliasOfKnownMicrosoftAuthority(e)?`${this.canonicalAuthority}.well-known/openid-configuration`:`${this.canonicalAuthority}v2.0/.well-known/openid-configuration`}discoveryComplete(){return!!this.metadata}async resolveEndpointsAsync(){const e=this.getCurrentMetadataEntity(),t=await Un(this.updateCloudDiscoveryMetadata.bind(this),"authorityUpdateCloudDiscoveryMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.canonicalAuthority=this.canonicalAuthority.replace(this.hostnameAndPort,e.preferred_network);const r=await Un(this.updateEndpointMetadata.bind(this),"authorityUpdateEndpointMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.updateCachedMetadata(e,t,{source:r}),this.performanceClient?.addFields({cloudDiscoverySource:t,authorityEndpointSource:r},this.correlationId)}getCurrentMetadataEntity(){let e=this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort,this.correlationId);return e||(e={aliases:[],preferred_cache:this.hostnameAndPort,preferred_network:this.hostnameAndPort,canonical_authority:this.canonicalAuthority,authorization_endpoint:"",token_endpoint:"",end_session_endpoint:"",issuer:"",aliasesFromNetwork:!1,endpointsFromNetwork:!1,expiresAt:Jn(),jwks_uri:""}),e}updateCachedMetadata(e,t,r){t!==B&&r?.source!==B&&(e.expiresAt=Jn(),e.canonical_authority=this.canonicalAuthority);const n=this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache,this.correlationId);this.cacheManager.setAuthorityMetadata(n,e,this.correlationId),this.metadata=e}async updateEndpointMetadata(e){const t=this.updateEndpointMetadataFromLocalSources(e);if(t){if(t.source===j&&this.authorityOptions.azureRegionConfiguration?.azureRegion&&t.metadata){Wn(e,await Un(this.updateMetadataWithRegionalInformation.bind(this),xn,this.logger,this.performanceClient,this.correlationId)(t.metadata),!1),e.canonical_authority=this.canonicalAuthority}return t.source}let r=await Un(this.getEndpointMetadataFromNetwork.bind(this),"authorityGetEndpointMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return this.authorityOptions.azureRegionConfiguration?.azureRegion&&(r=await Un(this.updateMetadataWithRegionalInformation.bind(this),xn,this.logger,this.performanceClient,this.correlationId)(r)),Wn(e,r,!0),z;throw be(Ye,this.defaultOpenIdConfigurationEndpoint)}updateEndpointMetadataFromLocalSources(e){this.logger.verbose("1fi0kc",this.correlationId);const t=this.getEndpointMetadataFromConfig();if(t)return this.logger.verbose("06t0uj",this.correlationId),Wn(e,t,!1),{source:K};this.logger.verbose("151k0p",this.correlationId);const r=this.getEndpointMetadataFromHardcodedValues();if(r)return Wn(e,r,!1),{source:j,metadata:r};this.logger.verbose("1imop5",this.correlationId);const n=Qn(e);return this.isAuthoritySameType(e)&&e.endpointsFromNetwork&&!n?(this.logger.verbose("16uq31",""),{source:B}):(n&&this.logger.verbose("0uoibc",""),null)}isAuthoritySameType(e){return new vr(e.canonical_authority).getUrlComponents().PathSegments.length===this.canonicalAuthorityUrlComponents.PathSegments.length}getEndpointMetadataFromConfig(){if(this.authorityOptions.authorityMetadata)try{return JSON.parse(this.authorityOptions.authorityMetadata)}catch(e){throw ve(Ne)}return null}async getEndpointMetadataFromNetwork(){const e={},t=this.defaultOpenIdConfigurationEndpoint;this.logger.verbose("1y65x6",this.correlationId);try{const r=await this.networkInterface.sendGetRequestAsync(t,e),n=function(e){return e.hasOwnProperty("authorization_endpoint")&&e.hasOwnProperty("token_endpoint")&&e.hasOwnProperty("issuer")&&e.hasOwnProperty("jwks_uri")}(r.body);return n?r.body:(this.logger.verbose("1koyv8",this.correlationId),null)}catch(e){return this.logger.verbose("0a9wik",this.correlationId),null}}getEndpointMetadataFromHardcodedValues(){return this.hostnameAndPort in Tr?Tr[this.hostnameAndPort]:null}async updateMetadataWithRegionalInformation(e){const t=this.authorityOptions.azureRegionConfiguration?.azureRegion;if(t){if("TryAutoDetect"!==t)return this.regionDiscoveryMetadata.region_outcome=Z,this.regionDiscoveryMetadata.region_used=t,ho.replaceWithRegionalInformation(e,t);const r=await Un(this.regionDiscovery.detectRegion.bind(this.regionDiscovery),"regionDiscoveryDetectRegion",this.logger,this.performanceClient,this.correlationId)(this.authorityOptions.azureRegionConfiguration?.environmentRegion,this.regionDiscoveryMetadata);if(r)return this.regionDiscoveryMetadata.region_outcome=ee,this.regionDiscoveryMetadata.region_used=r,ho.replaceWithRegionalInformation(e,r);this.regionDiscoveryMetadata.region_outcome=te}return e}async updateCloudDiscoveryMetadata(e){const t=this.updateCloudDiscoveryMetadataFromLocalSources(e);if(t)return t;const r=await Un(this.getCloudDiscoveryMetadataFromNetwork.bind(this),"authorityGetCloudDiscoveryMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return Gn(e,r,!0),z;throw ve(Ue)}updateCloudDiscoveryMetadataFromLocalSources(e){this.logger.verbose("0jhlgt",this.correlationId),this.logger.verbosePii("1fy7uz",this.correlationId),this.logger.verbosePii("08zabj",this.correlationId),this.logger.verbosePii("1o1kv3",this.correlationId);const t=this.getCloudDiscoveryMetadataFromConfig();if(t)return this.logger.verbose("1nakio",this.correlationId),Gn(e,t,!1),K;this.logger.verbose("1x74aj",this.correlationId);const r=(n=this.hostnameAndPort,_r(br.metadata,n));var n;if(r)return this.logger.verbose("0by47c",this.correlationId),Gn(e,r,!1),j;this.logger.verbose("0r2fzy",this.correlationId);const o=Qn(e);return this.isAuthoritySameType(e)&&e.aliasesFromNetwork&&!o?(this.logger.verbose("1uffgh",""),B):(o&&this.logger.verbose("0uoibc",""),null)}getCloudDiscoveryMetadataFromConfig(){if(this.authorityType===Ur)return this.logger.verbose("04y84h",this.correlationId),ho.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);if(this.authorityOptions.cloudDiscoveryMetadata){this.logger.verbose("0gszr3",this.correlationId);try{this.logger.verbose("1iifkx",this.correlationId);const e=_r(JSON.parse(this.authorityOptions.cloudDiscoveryMetadata).metadata,this.hostnameAndPort);if(this.logger.verbose("0q67e3",""),e)return this.logger.verbose("0hzfao",this.correlationId),e;this.logger.verbose("1ajz3u",this.correlationId)}catch(e){throw this.logger.verbose("1wq5tu",this.correlationId),ve(qe)}}return this.isInKnownAuthorities()?(this.logger.verbose("0mt9al",this.correlationId),ho.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)):null}async getCloudDiscoveryMetadataFromNetwork(){const e=`${n}${this.canonicalAuthority}oauth2/v2.0/authorize`,t={};let r=null;try{const n=await this.networkInterface.sendGetRequestAsync(e,t);let o,i;if(function(e){return e.hasOwnProperty("tenant_discovery_endpoint")&&e.hasOwnProperty("metadata")}(n.body))o=n.body,i=o.metadata,this.logger.verbosePii("1vglyt",this.correlationId);else{if(!function(e){return e.hasOwnProperty("error")&&e.hasOwnProperty("error_description")}(n.body))return this.logger.error("0768g0",this.correlationId),null;if(this.logger.warning("062uto",this.correlationId),o=n.body,"invalid_instance"===o.error)return this.logger.error("1x90tm",this.correlationId),null;this.logger.warning("0wchdm",this.correlationId),this.logger.warning("1s5mpv",this.correlationId),this.logger.warning("1yhqpw",this.correlationId),i=[]}this.logger.verbose("1lrobr",this.correlationId),r=_r(i,this.hostnameAndPort)}catch(e){return e instanceof we?this.logger.error("0vwhc7",this.correlationId):this.logger.error("0s2z41",this.correlationId),null}return r||(this.logger.warning("0jp28q",this.correlationId),this.logger.verbose("130sd8",this.correlationId),r=ho.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),r}isInKnownAuthorities(){return this.authorityOptions.knownAuthorities.filter((e=>e&&vr.getDomainFromUrl(e).toLowerCase()===this.hostnameAndPort)).length>0}static generateAuthority(e,t){let n;if(t&&t.azureCloudInstance!==pr.None){const e=t.tenant?t.tenant:r;n=`${t.azureCloudInstance}/${e}/`}return n||e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return"login.microsoftonline.com";if(this.discoveryComplete())return this.metadata.preferred_cache;throw be(Ve)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return Ar.has(e)}static isPublicCloudAuthority(e){return d.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,r){const n=new vr(e);n.validateAsUri();const o=n.getUrlComponents();let i=`${t}.${o.HostNameAndPort}`;this.isPublicCloudAuthority(o.HostNameAndPort)&&(i=`${t}.login.microsoft.com`);const s=vr.constructAuthorityUriFromObject({...n.getUrlComponents(),HostNameAndPort:i}).urlString;return r?`${s}?${r}`:s}static replaceWithRegionalInformation(e,t){const r={...e};return r.authorization_endpoint=ho.buildRegionalAuthorityString(r.authorization_endpoint,t),r.token_endpoint=ho.buildRegionalAuthorityString(r.token_endpoint,t),r.end_session_endpoint&&(r.end_session_endpoint=ho.buildRegionalAuthorityString(r.end_session_endpoint,t)),r}static transformCIAMAuthority(e){let t=e;const r=new vr(e).getUrlComponents();if(0===r.PathSegments.length&&r.HostNameAndPort.endsWith(o)){t=`${t}${r.HostNameAndPort.split(".")[0]}.onmicrosoft.com`}return t}}function lo(e){return e.endsWith("/")?e:`${e}/`}function uo(e){const t=e.cloudDiscoveryMetadata;let r;if(t)try{r=JSON.parse(t)}catch(e){throw ve(qe)}return{canonicalAuthority:e.authority?lo(e.authority):void 0,knownAuthorities:e.knownAuthorities,cloudDiscoveryMetadata:r}}async function go(e,t,r,n,o,i,s){const a=ho.transformCIAMAuthority(lo(e)),c=new ho(a,t,r,n,o,i,s);try{return await Un(c.resolveEndpointsAsync.bind(c),"authorityResolveEndpointsAsync",o,s,i)(),c}catch(e){throw be(Ve)}}ho.reservedTenantDomains=new Set(["{tenant}","{tenantid}",A,_,S]);class po{constructor(e,t){this.includeRedirectUri=!0,this.config=tn(e),this.logger=new dr(this.config.loggerOptions,ur,gr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t,this.oidcDefaultScopes=this.config.authOptions.authority.options.OIDCOptions?.defaultScopes}async acquireToken(e,t){if(!e.code)throw be(at);t&&t.cloud_instance_host_name&&await Un(this.updateTokenEndpointAuthority.bind(this),"updateTokenEndpointAuthority",this.logger,this.performanceClient,e.correlationId)(t.cloud_instance_host_name,e.correlationId);const r=vn(),n=await Un(this.executeTokenRequest.bind(this),"authClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(this.authority,e,this.serverTelemetryManager),o=n.headers?.[k],i=new Vn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return i.validateTokenResponse(n.body,e.correlationId),Un(i.handleServerTokenResponse.bind(i),Mn,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,r,e,t,void 0,void 0,void 0,o)}getLogoutUri(e){if(!e)throw ve(Me);const t=this.createLogoutUrlQueryString(e);return vr.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t,r){const n=so(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),o=vr.appendQueryString(e.tokenEndpoint,n),i=await Un(this.createTokenRequestBody.bind(this),"authClientCreateTokenRequestBody",this.logger,this.performanceClient,t.correlationId)(t);let s;if(t.clientInfo)try{const e=Or(t.clientInfo,this.cryptoUtils.base64Decode);s={credential:`${e.uid}.${e.utid}`,type:Yn}}catch(e){this.logger.verbose("0wznt3",t.correlationId)}const a=io(this.logger,this.config.systemOptions.preventCorsPreflight,s||t.ccsCredential),c=to(this.config.authOptions.clientId,t);return Un(ao,"authorizationCodeClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,t.correlationId)(o,i,a,c,t.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,r)}async createTokenRequestBody(e){const t=new Map;if(Ot(t,e.embeddedClientId||e.extraParameters?.[ce]||this.config.authOptions.clientId),this.includeRedirectUri)Mt(t,e.redirectUri);else if(!e.redirectUri)throw ve(Ae);if(Rt(t,e.scopes,!0,this.oidcDefaultScopes),function(e,t){e.set("code",t)}(t,e.code),Dt(t,this.config.libraryInfo),Ft(t,this.config.telemetry.application),er(t),this.serverTelemetryManager&&!rn(this.config)&&Zt(t,this.serverTelemetryManager),e.codeVerifier&&function(e,t){e.set("code_verifier",t)}(t,e.codeVerifier),this.config.clientCredentials.clientSecret&&zt(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;jt(t,await eo(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),$t(t,r.assertionType)}if(Jt(t,q),Wt(t),e.authenticationScheme===G.POP){const r=new Hn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Un(r.generateCnf.bind(r),On,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}Xt(t,n)}else if(e.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);Yt(t,e.sshJwk)}let r;if((!ke.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Lt(t,e.claims,this.config.authOptions.clientCapabilities),e.clientInfo)try{const t=Or(e.clientInfo,this.cryptoUtils.base64Decode);r={credential:`${t.uid}.${t.utid}`,type:Yn}}catch(t){this.logger.verbose("0wznt3",e.correlationId)}else r=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&r)switch(r.type){case Yn:try{Nt(t,Mr(r.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case Zn:qt(t,r.credential)}return e.embeddedClientId&&tr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&Qt(t,e.extraParameters),!e.enableSpaAuthorizationCode||e.extraParameters&&e.extraParameters[ue]||Qt(t,{[ue]:"1"}),Et(t,e.correlationId,this.performanceClient),ir(t)}createLogoutUrlQueryString(e){const t=new Map;return e.postLogoutRedirectUri&&function(e,t){e.set("post_logout_redirect_uri",t)}(t,e.postLogoutRedirectUri),e.correlationId&&Ht(t,e.correlationId),e.idTokenHint&&function(e,t){e.set("id_token_hint",t)}(t,e.idTokenHint),e.state&&Kt(t,e.state),e.logoutHint&&function(e,t){e.set("logout_hint",t)}(t,e.logoutHint),e.extraQueryParameters&&Qt(t,e.extraQueryParameters),this.config.authOptions.instanceAware&&Gt(t),ir(t)}async updateTokenEndpointAuthority(e,t){const r=`https://${e}/${this.authority.tenant}/`,n=await go(r,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=n}}class mo{constructor(e,t){this.config=tn(e),this.logger=new dr(this.config.loggerOptions,ur,gr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireToken(e){const t=vn(),r=await Un(this.executeTokenRequest.bind(this),"refreshTokenClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(e,this.authority),n=r.headers?.[k],o=new Vn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return o.validateTokenResponse(r.body,e.correlationId),Un(o.handleServerTokenResponse.bind(o),Mn,this.logger,this.performanceClient,e.correlationId)(r.body,this.authority,t,e,void 0,void 0,!0,e.forceCache,n)}async acquireTokenByRefreshToken(e){if(!e)throw ve(Oe);if(!e.account)throw be(dt);if(this.cacheManager.isAppMetadataFOCI(e.account.environment,e.correlationId))try{return await Un(this.acquireTokenWithCachedRefreshToken.bind(this),En,this.logger,this.performanceClient,e.correlationId)(e,!0)}catch(t){const r=t instanceof fn&&t.errorCode===on,n=t instanceof nn&&"invalid_grant"===t.errorCode&&"client_mismatch"===t.subError;if(r||n)return Un(this.acquireTokenWithCachedRefreshToken.bind(this),En,this.logger,this.performanceClient,e.correlationId)(e,!1);throw t}return Un(this.acquireTokenWithCachedRefreshToken.bind(this),En,this.logger,this.performanceClient,e.correlationId)(e,!1)}async acquireTokenWithCachedRefreshToken(e,t){const r=Nn(this.cacheManager.getRefreshToken.bind(this.cacheManager),"cacheManagerGetRefreshToken",this.logger,this.performanceClient,e.correlationId)(e.account,t,e.correlationId,void 0);if(!r)throw wn(on);if(r.expiresOn&&bn(r.expiresOn,e.refreshTokenExpirationOffsetSeconds||300))throw this.performanceClient?.addFields({rtExpiresOnMs:Number(r.expiresOn)},e.correlationId),wn(an);const n={...e,refreshToken:r.secret,authenticationScheme:e.authenticationScheme||G.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:Yn}};try{return await Un(this.acquireToken.bind(this),"refreshTokenClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(n)}catch(t){if(t instanceof fn&&(this.performanceClient?.addFields({rtExpiresOnMs:Number(r.expiresOn)},e.correlationId),t.subError===un)){this.logger.verbose("1pg3ap",e.correlationId);const t=this.cacheManager.generateCredentialKey(r);this.cacheManager.removeRefreshToken(t,e.correlationId)}throw t}}async executeTokenRequest(e,t){const r=so(e,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),n=vr.appendQueryString(t.tokenEndpoint,r),o=await Un(this.createTokenRequestBody.bind(this),"refreshTokenClientCreateTokenRequestBody",this.logger,this.performanceClient,e.correlationId)(e),i=io(this.logger,this.config.systemOptions.preventCorsPreflight,e.ccsCredential),s=to(this.config.authOptions.clientId,e);return Un(ao,"refreshTokenClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,e.correlationId)(n,o,i,s,e.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,this.serverTelemetryManager)}async createTokenRequestBody(e){const t=new Map;if(Ot(t,e.embeddedClientId||e.extraParameters?.[ce]||this.config.authOptions.clientId),e.redirectUri&&Mt(t,e.redirectUri),Rt(t,e.scopes,!0,this.config.authOptions.authority.options.OIDCOptions?.defaultScopes),Jt(t,N),Wt(t),Dt(t,this.config.libraryInfo),Ft(t,this.config.telemetry.application),er(t),this.serverTelemetryManager&&!rn(this.config)&&Zt(t,this.serverTelemetryManager),function(e,t){e.set("refresh_token",t)}(t,e.refreshToken),this.config.clientCredentials.clientSecret&&zt(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;jt(t,await eo(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),$t(t,r.assertionType)}if(e.authenticationScheme===G.POP){const r=new Hn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Un(r.generateCnf.bind(r),On,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}Xt(t,n)}else if(e.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);Yt(t,e.sshJwk)}if((!ke.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Lt(t,e.claims,this.config.authOptions.clientCapabilities),this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case Yn:try{Nt(t,Mr(e.ccsCredential.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case Zn:qt(t,e.ccsCredential.credential)}return e.embeddedClientId&&tr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&Qt(t,{...e.extraParameters}),Et(t,e.correlationId,this.performanceClient),ir(t)}}class fo{constructor(e,t){this.config=tn(e),this.logger=new dr(this.config.loggerOptions,ur,gr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireCachedToken(e){let t=re;if(e.forceRefresh||!ke.isEmptyObj(e.claims))throw this.setCacheOutcome(ne,e.correlationId),be(ft);if(!e.account)throw be(dt);const r=e.account.tenantId||function(e){const t=new vr(e).getUrlComponents(),r=t.PathSegments.slice(-1)[0]?.toLowerCase();switch(r){case A:case S:case _:return;default:return r}}(e.authority),n=this.cacheManager.getTokenKeys(),o=this.cacheManager.getAccessToken(e.account,e,n,r);if(!o)throw this.setCacheOutcome(oe,e.correlationId),be(ft);if(Sn(o.cachedAt)||bn(o.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(ie,e.correlationId),be(ft);o.refreshOn&&bn(o.refreshOn,0)&&(t=se);const i=e.authority||this.authority.getPreferredCache(),s={account:this.cacheManager.getAccount(this.cacheManager.generateAccountKey(e.account),e.correlationId),accessToken:o,idToken:this.cacheManager.getIdToken(e.account,e.correlationId,n,r),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(i,e.correlationId)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await Un(this.generateResultFromCacheRecord.bind(this),"silentFlowClientGenerateResultFromCacheRecord",this.logger,this.performanceClient,e.correlationId)(s,e),t]}setCacheOutcome(e,t){this.serverTelemetryManager?.setCacheOutcome(e),this.performanceClient?.addFields({cacheOutcome:e},t),e!==re&&this.logger.info("09ingz",t)}async generateResultFromCacheRecord(e,t){let r;if(e.idToken&&(r=wr(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge||0===t.maxAge){const e=r?.auth_time;if(!e)throw be(ot);Cr(e,t.maxAge)}return Vn.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,this.performanceClient,r)}}const yo={sendGetRequestAsync:()=>Promise.reject(be(bt)),sendPostRequestAsync:()=>Promise.reject(be(bt))};function wo(e,t,r,n){const o=t.correlationId,i=new Map;Ot(i,t.embeddedClientId||t.extraQueryParameters?.[ce]||e.clientId);if(Rt(i,[...t.scopes||[],...t.extraScopesToConsent||[]],!0,e.authority.options.OIDCOptions?.defaultScopes),Mt(i,t.redirectUri),Ht(i,o),function(e,t){e.set("response_mode",t||x.QUERY)}(i,t.responseMode),Wt(i),t.prompt&&(!function(e,t){e.set("prompt",t)}(i,t.prompt),n?.addFields({prompt:t.prompt},o)),t.domainHint&&(!function(e,t){e.set("domain_hint",t)}(i,t.domainHint),n?.addFields({domainHintFromRequest:!0},o)),t.prompt!==R.SELECT_ACCOUNT)if(t.sid&&t.prompt===R.NONE)r.verbose("1tvqyx",t.correlationId),Ut(i,t.sid),n?.addFields({sidFromRequest:!0},o);else if(t.account){const e=(s=t.account,s.idTokenClaims?.sid||null);let a=function(e){return e.loginHint||e.idTokenClaims?.login_hint||null}(t.account);if(a&&t.domainHint&&(r.warning("0wkg3v",t.correlationId),a=null),a){r.verbose("1eyfsw",t.correlationId),xt(i,a),n?.addFields({loginHintFromClaim:!0},o);try{Nt(i,Mr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(e&&t.prompt===R.NONE){r.verbose("1rmd8s",t.correlationId),Ut(i,e),n?.addFields({sidFromClaim:!0},o);try{Nt(i,Mr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(t.loginHint)r.verbose("0y3007",t.correlationId),xt(i,t.loginHint),qt(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o);else if(t.account.username){r.verbose("02f507",t.correlationId),xt(i,t.account.username),n?.addFields({loginHintFromUpn:!0},o);try{Nt(i,Mr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}}else t.loginHint&&(r.verbose("0g01ey",t.correlationId),xt(i,t.loginHint),qt(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o));else r.verbose("169k9v",t.correlationId);var s;return t.nonce&&function(e,t){e.set("nonce",t)}(i,t.nonce),t.state&&Kt(i,t.state),(t.claims||e.clientCapabilities&&e.clientCapabilities.length>0)&&Lt(i,t.claims,e.clientCapabilities),t.embeddedClientId&&tr(i,e.clientId,e.redirectUri),!e.instanceAware||t.extraQueryParameters&&Object.keys(t.extraQueryParameters).includes(fe)||Gt(i),i}function Io(e,t){const r=ir(t);return vr.appendQueryString(e.authorizationEndpoint,r)}function Co(e,t){if(!e.state||!t)throw e.state?be(rt,"Cached State"):be(rt,"Server State");let r,n;try{r=decodeURIComponent(e.state)}catch(t){throw be(et,e.state)}try{n=decodeURIComponent(t)}catch(t){throw be(et,e.state)}if(r!==n)throw be(tt);if(e.error||e.error_description||e.suberror){const t=function(e){const t="code=",r=e.error_uri?.lastIndexOf(t);return r&&r>=0?e.error_uri?.substring(r+t.length):void 0}(e);if(yn(e.error,e.error_description,e.suberror))throw new fn(e.error||"",e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",t);throw new nn(e.error||"",e.error_description,e.suberror,t)}}const vo="unexpected_error";var ko=Object.freeze({__proto__:null,postRequestFailed:"post_request_failed",unexpectedError:vo});function To(e){const{skus:t,libraryName:r,libraryVersion:n,extensionName:o,extensionVersion:i}=e,s=new Map([[0,[r,n]],[2,[o,i]]]);let a=[];if(t?.length){if(a=t.split(","),a.length<4)return t}else a=Array.from({length:4},(()=>"|"));return s.forEach(((e,t)=>{2===e.length&&e[0]?.length&&e[1]?.length&&function(e){const{skuArr:t,index:r,skuName:n,skuVersion:o}=e;if(r>=t.length)return;t[r]=[n,o].join("|")}({skuArr:a,index:t,skuName:e[0],skuVersion:e[1]})})),a.join(",")}class bo{constructor(e,t){this.cacheOutcome=re,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||"",this.wrapperVer=e.wrapperVer||"",this.telemetryCacheKey=J+"-"+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${W}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],r=this.getNativeBrokerErrorCode();r?.length&&t.push(`broker_error=${r}`);const n=t.join(W),o=[e,this.getRegionDiscoveryFields()].join(W);return[$,o,n].join("|")}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=bo.maxErrorsToSend(e),r=e.failedRequests.slice(0,2*t).join(W),n=e.errors.slice(0,t).join(W),o=e.errors.length,i=[o,t<o?"1":"0"].join(W);return[$,e.cacheHits,r,n,i].join("|")}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=50&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof we?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push("unknown_error"),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId),e.cacheHits}getLastRequests(){return this.cacheManager.getServerTelemetry(this.telemetryCacheKey,this.correlationId)||{failedRequests:[],errors:[],cacheHits:0}}clearTelemetryCache(){const e=this.getLastRequests(),t=bo.maxErrorsToSend(e);if(t===e.errors.length)this.cacheManager.removeItem(this.telemetryCacheKey,this.correlationId);else{const r={failedRequests:e.failedRequests.slice(2*t),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,r,this.correlationId)}}static maxErrorsToSend(e){let t,r=0,n=0;const o=e.errors.length;for(t=0;t<o;t++){const o=e.failedRequests[2*t]||"",i=e.failedRequests[2*t+1]||"",s=e.errors[t]||"";if(n+=o.toString().length+i.toString().length+s.length+3,!(n<330))break;r+=1}return r}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||""),e.push(this.regionSource||""),e.push(this.regionOutcome||""),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId)}static makeExtraSkuString(e){return To(e)}}class Ao extends we{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,Ao.prototype)}}function So(e){return new Ao(e)}class _o{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw So("missing_kid_error");if(!e.alg)throw So("missing_alg_error");const t=new _o({typ:e.typ||ae.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}function Eo(e,t,r,n=5){if(e instanceof Error)return e instanceof we?(r.errorCode=e.errorCode,r.subErrorCode=e.subError,void((e instanceof nn||e instanceof fn)&&(r.serverErrorNo=e.errorNo))):void(e instanceof Pr?r.errorCode=e.errorCode:r.errorStack?.length?t.trace("0lmqrh",r.correlationId):e.stack?.length?(e.stack&&(r.errorStack=function(e,t){if(t<0)return[];const r=e.split("\n")||[],n=[],o=r[0];o.startsWith("TypeError: Cannot read property")||o.startsWith("TypeError: Cannot read properties of")||o.startsWith("TypeError: Cannot set property")||o.startsWith("TypeError: Cannot set properties of")||o.endsWith("is not a function")?n.push(Po(o)):(o.startsWith("SyntaxError")||o.startsWith("TypeError"))&&n.push(Po(o.replace(/['].*[']|["].*["]/g,"<redacted>")));for(let e=1;e<r.length&&!(n.length>=t);e++){const t=r[e];n.push(Po(t))}return n}(e.stack,n)),r.errorName=e.name):t.trace("1cnpwa",r.correlationId));t.trace("0gcyox",r.correlationId)}function Po(e){const t=e.lastIndexOf(" ")+1;if(t<1)return e;const r=e.substring(t);let n=r.lastIndexOf("/");return n=n<0?r.lastIndexOf("\\"):n,n>=0?(e.substring(0,t)+"("+r.substring(n+1)+(")"===r.charAt(r.length-1)?"":")")).trimStart():e.trimStart()}class Ro{constructor(e,t,r,n,o,i,s){this.authority=t,this.libraryName=n,this.libraryVersion=o,this.applicationTelemetry=i,this.clientId=e,this.logger=r,this.callbacks=new Map,this.eventsByCorrelationId=new Map,this.eventStack=new Map,this.intFields=s||new Set;for(const e of Jr)this.intFields.add(e)}startMeasurement(e,t){const r=t||this.generateId(),n={eventId:this.generateId(),status:jr,authority:this.authority,libraryName:this.libraryName,libraryVersion:this.libraryVersion,clientId:this.clientId,name:e,startTimeMs:Date.now(),correlationId:r,appName:this.applicationTelemetry?.appName,appVersion:this.applicationTelemetry?.appVersion};var o,i;return this.cacheEventByCorrelationId(n),o=n,(i=this.eventStack.get(r))&&i.push({name:o.name}),{end:(e,t,r)=>this.endMeasurement({...n,...e},t,r),discard:()=>this.discardMeasurements(n.correlationId),add:e=>this.addFields(e,n.correlationId),increment:e=>this.incrementFields(e,n.correlationId),event:n}}endMeasurement(e,t,r){const n=this.eventsByCorrelationId.get(e.correlationId);if(!n)return this.logger.trace("0k9ti8",e.correlationId),null;const o=e.eventId===n.eventId;e.durationMs=Math.round(e.durationMs||this.getDurationMs(e.startTimeMs));const i=JSON.stringify(function(e,t,r){if(!t?.length)return;const n=e=>e.length?e[e.length-1]:void 0,o=e.name,i=n(t);if(i?.name!==o)return;const s=t?.pop();if(!s)return;const a=r instanceof we?r.errorCode:r instanceof Error?r.name:void 0,c=r instanceof we?r.subError:void 0;a&&s.childErr!==a&&(s.err=a,c&&(s.subErr=c)),delete s.name,delete s.childErr;const h={...s,dur:e.durationMs};e.success||(h.fail=1);const l=n(t);if(!l)return{[o]:h};let d;if(a&&(l.childErr=a),l[o]){const e=Object.keys(l).filter((e=>e.startsWith(o))).length;d=`${o}_${e+1}`}else d=o;return l[d]=h,l}(e,this.eventStack.get(n.correlationId),t));if(o?this.discardMeasurements(n.correlationId):n.incompleteSubMeasurements?.delete(e.eventId),t&&Eo(t,this.logger,n),!o)return n[e.name+"DurationMs"]=Math.floor(e.durationMs),{...n};o&&!t&&(n.errorCode||n.subErrorCode)&&(this.logger.trace("1fm1tm",e.correlationId),n.errorCode=void 0,n.subErrorCode=void 0);let s={...n,...e},a=0;s.incompleteSubMeasurements?.forEach((e=>{this.logger.trace("0nxk52",s.correlationId),a++})),s.incompleteSubMeasurements=void 0;const c=function(e){const t=[];for(const r of["",e]){const e=hr.get(r);t.push(...e?.logs??[]),hr.delete(r)}return t}(e.correlationId).map((e=>`${e.milliseconds},${e.hash}`)).join(";");return s={...s,status:$r,incompleteSubsCount:a,context:i,logs:c},r&&(s.accountType=function(e){const t=e?.idTokenClaims;return t?.tfp||t?.acr?"B2C":t?.tid?"9188040d-6c67-4c5b-b112-36a304b66dad"===t?.tid?"MSA":"AAD":void 0}(r),s.dataBoundary=r.dataBoundary),this.truncateIntegralFields(s),this.emitEvents([s],e.correlationId),s}addFields(e,t){const r=this.eventsByCorrelationId.get(t);r?this.eventsByCorrelationId.set(t,{...r,...e}):this.logger.trace("0thl6s",t)}incrementFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r)for(const t in e){if(r.hasOwnProperty(t)){if(isNaN(Number(r[t])))return}else r[t]=0;r[t]+=e[t]}else this.logger.trace("0thl6s",t)}cacheEventByCorrelationId(e){const t=this.eventsByCorrelationId.get(e.correlationId);t?(t.incompleteSubMeasurements=t.incompleteSubMeasurements||new Map,t.incompleteSubMeasurements.set(e.eventId,{name:e.name,startTimeMs:e.startTimeMs})):(this.eventsByCorrelationId.set(e.correlationId,{...e}),this.eventStack.set(e.correlationId,[]))}discardMeasurements(e){this.eventsByCorrelationId.delete(e),this.eventStack.delete(e)}addPerformanceCallback(e){for(const[t,r]of this.callbacks)if(r.toString()===e.toString())return this.logger.warning("1eap5p",""),t;const t=this.generateId();return this.callbacks.set(t,e),this.logger.verbose("0c9ujz",""),t}removePerformanceCallback(e){const t=this.callbacks.delete(e);return t?this.logger.verbose("0253if",""):this.logger.verbose("0iqk07",""),t}emitEvents(e,t){this.logger.verbose("11jb1y",t),this.callbacks.forEach(((r,n)=>{this.logger.trace("0p2pjl",t),r.apply(null,[e])}))}truncateIntegralFields(e){this.intFields.forEach((t=>{t in e&&"number"==typeof e[t]&&(e[t]=Math.floor(e[t]))}))}getDurationMs(e){const t=Date.now()-e;return t<0?t:0}}const Oo="pkce_not_created",Mo="ear_jwk_empty",xo="ear_jwe_empty",qo="crypto_nonexistent",No="empty_navigate_uri",Uo="hash_empty_error",Lo="no_state_in_hash",Ho="hash_does_not_contain_known_properties",Do="unable_to_parse_state",Fo="state_interaction_type_mismatch",Ko="interaction_in_progress",Bo="interaction_in_progress_cancelled",zo="popup_window_error",jo="empty_window_error",$o="user_cancelled",Jo="redirect_bridge_empty_response",Wo="redirect_in_iframe",Go="block_iframe_reload",Qo="block_nested_popups",Vo="silent_logout_unsupported",Xo="no_account_error",Yo="no_token_request_cache_error",Zo="unable_to_parse_token_request_cache_error",ei="non_browser_environment",ti="database_not_open",ri="no_network_connectivity",ni="post_request_failed",oi="get_request_failed",ii="failed_to_parse_response",si="unable_to_load_token",ai="crypto_key_not_found",ci="auth_code_required",hi="auth_code_or_nativeAccountId_required",li="spa_code_and_nativeAccountId_present",di="database_unavailable",ui="unable_to_acquire_token_from_native_platform",gi="native_handshake_timeout",pi="native_extension_not_installed",mi="native_connection_not_established",fi="uninitialized_public_client_application",yi="native_prompt_not_supported",wi="invalid_base64_string",Ii="invalid_pop_token_request",Ci="failed_to_build_headers",vi="failed_to_parse_headers",ki="failed_to_decrypt_ear_response",Ti="timed_out",bi="empty_response";var Ai=Object.freeze({__proto__:null,authCodeOrNativeAccountIdRequired:hi,authCodeRequired:ci,authRequestNotSetError:"auth_request_not_set_error",blockIframeReload:Go,blockNestedPopups:Qo,cryptoKeyNotFound:ai,cryptoNonExistent:qo,databaseNotOpen:ti,databaseUnavailable:di,earJweEmpty:xo,earJwkEmpty:Mo,emptyNavigateUri:No,emptyResponse:bi,emptyWindowError:jo,failedToBuildHeaders:Ci,failedToDecryptEarResponse:ki,failedToParseHeaders:vi,failedToParseResponse:ii,getRequestFailed:oi,hashDoesNotContainKnownProperties:Ho,hashEmptyError:Uo,iframeClosedPrematurely:"iframe_closed_prematurely",interactionInProgress:Ko,interactionInProgressCancelled:Bo,invalidBase64String:wi,invalidCacheType:"invalid_cache_type",invalidPopTokenRequest:Ii,nativeConnectionNotEstablished:mi,nativeExtensionNotInstalled:pi,nativeHandshakeTimeout:gi,nativePromptNotSupported:yi,noAccountError:Xo,noNetworkConnectivity:ri,noStateInHash:Lo,noTokenRequestCacheError:Yo,nonBrowserEnvironment:ei,pkceNotCreated:Oo,popupWindowError:zo,postRequestFailed:ni,redirectBridgeEmptyResponse:Jo,redirectInIframe:Wo,silentLogoutUnsupported:Vo,silentPromptValueError:"silent_prompt_value_error",spaCodeAndNativeAccountIdPresent:li,stateInteractionTypeMismatch:Fo,timedOut:Ti,unableToAcquireTokenFromNativePlatform:ui,unableToLoadToken:si,unableToParseState:Do,unableToParseTokenRequestCacheError:Zo,uninitializedPublicClientApplication:fi,userCancelled:$o});function Si(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class _i extends we{constructor(e,t){super(e,Si(e),t),Object.setPrototypeOf(this,_i.prototype),this.name="BrowserAuthError"}}function Ei(e,t){return new _i(e,t)}const Pi="invalid_grant",Ri=483,Oi=600,Mi="msal",xi="msal.js.browser",qi="53ee284d-920a-4b59-9d30-a60315b26836",Ni="ppnbnpeolgkicgegkbkbjmhlideopiji",Ui="MATS",Li="MicrosoftEntra",Hi="DOM API",Di="get-token-and-sign-out",Fi="PlatformAuthDOMHandler",Ki="PlatformAuthExtensionHandler",Bi="Handshake",zi="HandshakeResponse",ji="GetToken",$i="Response",Ji={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},Wi="GET",Gi="POST",Qi="signin",Vi="signout",Xi="request.origin",Yi="urlHash",Zi="request.params",es="code.verifier",ts="interaction.status",rs="request.native",ns="wrapper.sku",os="wrapper.version",is={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962};var ss;e.InteractionType=void 0,(ss=e.InteractionType||(e.InteractionType={})).Redirect="redirect",ss.Popup="popup",ss.Silent="silent",ss.None="none";const as={Startup:"startup",Logout:"logout",AcquireToken:"acquireToken",HandleRedirect:"handleRedirect",None:"none"},cs={scopes:p},hs="msal.db",ls=`${hs}.keys`,ds={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},us=[ds.Default,ds.Skip,ds.RefreshTokenAndNetwork];function gs(e){return encodeURIComponent(ms(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function ps(e){return fs(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function ms(e){return fs((new TextEncoder).encode(e))}function fs(e){const t=Array.from(e,(e=>String.fromCodePoint(e))).join("");return btoa(t)}function ys(e){return(new TextDecoder).decode(ws(e))}function ws(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw Ei(wi)}const r=atob(t);return Uint8Array.from(r,(e=>e.codePointAt(0)||0))}const Is="AES-GCM",Cs="HKDF",vs="SHA-256",ks=new Uint8Array([1,0,1]),Ts="0123456789abcdef",bs=new Uint32Array(1),As="raw",Ss="encrypt",_s="decrypt",Es={name:"RSASSA-PKCS1-v1_5",hash:vs,modulusLength:2048,publicExponent:ks};async function Ps(e){const t=(new TextEncoder).encode(e);return window.crypto.subtle.digest(vs,t)}function Rs(e){return window.crypto.getRandomValues(e)}function Os(){return window.crypto.getRandomValues(bs),bs[0]}function Ms(){const e=Date.now(),t=1024*Os()+(1023&Os()),r=new Uint8Array(16),n=Math.trunc(t/2**30),o=t&2**30-1,i=Os();r[0]=e/2**40,r[1]=e/2**32,r[2]=e/2**24,r[3]=e/65536,r[4]=e/256,r[5]=e,r[6]=112|n>>>8,r[7]=n,r[8]=128|o>>>24,r[9]=o>>>16,r[10]=o>>>8,r[11]=o,r[12]=i>>>24,r[13]=i>>>16,r[14]=i>>>8,r[15]=i;let s="";for(let e=0;e<r.length;e++)s+=Ts.charAt(r[e]>>>4),s+=Ts.charAt(15&r[e]),3!==e&&5!==e&&7!==e&&9!==e||(s+="-");return s}async function xs(e){return window.crypto.subtle.exportKey("jwk",e)}async function qs(){const e=await Us(),t={alg:"dir",kty:"oct",k:ps(new Uint8Array(e))};return ms(JSON.stringify(t))}async function Ns(e,t){const r=t.split(".");if(5!==r.length)throw Ei(ki,"jwe_length");const n=await async function(e){const t=ys(e),r=ws(JSON.parse(t).k);return window.crypto.subtle.importKey(As,r,Is,!1,[_s])}(e).catch((()=>{throw Ei(ki,"import_key")}));try{const e=(new TextEncoder).encode(r[0]),t=ws(r[2]),o=ws(r[3]),i=ws(r[4]),s=8*i.byteLength,a=new Uint8Array(o.length+i.length);a.set(o),a.set(i,o.length);const c=await window.crypto.subtle.decrypt({name:Is,iv:t,tagLength:s,additionalData:e},n,a);return(new TextDecoder).decode(c)}catch(e){throw Ei(ki,"decrypt")}}async function Us(){const e=await window.crypto.subtle.generateKey({name:Is,length:256},!0,[Ss,_s]);return window.crypto.subtle.exportKey(As,e)}async function Ls(e){return window.crypto.subtle.importKey(As,e,Cs,!1,["deriveKey"])}async function Hs(e,t,r){return window.crypto.subtle.deriveKey({name:Cs,salt:t,hash:vs,info:(new TextEncoder).encode(r)},e,{name:Is,length:256},!1,[Ss,_s])}async function Ds(e,t,r){const n=(new TextEncoder).encode(t),o=window.crypto.getRandomValues(new Uint8Array(16)),i=await Hs(e,o,r),s=await window.crypto.subtle.encrypt({name:Is,iv:new Uint8Array(12)},i,n);return{data:ps(new Uint8Array(s)),nonce:ps(o)}}async function Fs(e,t,r,n){const o=ws(n),i=await Hs(e,ws(t),r),s=await window.crypto.subtle.decrypt({name:Is,iv:new Uint8Array(12)},i,o);return(new TextDecoder).decode(s)}const Ks="storage_not_supported",Bs="stubbed_public_client_application_called",zs="in_mem_redirect_unavailable";var js=Object.freeze({__proto__:null,inMemRedirectUnavailable:zs,storageNotSupported:Ks,stubbedPublicClientApplicationCalled:Bs});class $s extends we{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,$s.prototype)}}function Js(e){return new $s(e,Si(e))}function Ws(){const e=window.location.hash,t=window.location.search;let r,n=!1,o=!1,i="";if(e&&e.length>1){const t="#"===e.charAt(0)?e.substring(1):e,o=new URLSearchParams(t);o.has("state")&&(n=!0,i=t,r=o)}if(t&&t.length>1){const e="?"===t.charAt(0)?t.substring(1):t,n=new URLSearchParams(e);n.has("state")&&(o=!0,i=e,r=n)}if(n&&o){i=`${"?"===t.charAt(0)?t.substring(1):t}${"#"===e.charAt(0)?e.substring(1):e}`,r=new URLSearchParams(i)}if(!i||!r)throw Ei(bi);const s=r.get("state");if(!s)throw Ei(Lo);const{libraryState:a}=Cn(ys,s),{id:c,meta:h}=a;if(!c||!h)throw Ei(Do,"missing_library_state");return{params:r,payload:i,urlHash:e,urlQuery:t,hasResponseInHash:n,hasResponseInQuery:o,libraryState:{id:c,meta:h}}}function Gs(e){e.location.hash="","function"==typeof e.history.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}${e.location.search}`)}function Qs(e){const t=e.split("#");t.shift(),window.location.hash=t.length>0?t.join("#"):""}function Vs(){return window.parent!==window}function Xs(){if(Vs())return!1;try{const{libraryState:t}=Ws(),{meta:r}=t;return r.interactionType===e.InteractionType.Popup}catch(e){return!1}}let Ys=null;function Zs(e,t){Ys&&(e.verbose("18y01k",t),clearTimeout(Ys.timeoutId),Ys.channel.close(),Ys.reject(Ei(Bo)),Ys=null)}async function ea(e,t,r,n){return new Promise(((o,i)=>{t.verbose("1rf6em",n.correlationId);const{libraryState:s}=Cn(r.base64Decode,n.state||""),a=new BroadcastChannel(s.id);let c;const h=window.setTimeout((()=>{Ys=null,a.close(),i(Ei(Ti,"redirect_bridge_timeout"))}),e);Ys={timeoutId:h,channel:a,reject:i},a.onmessage=e=>{c=e.data.payload,Ys=null,clearTimeout(h),a.close(),c?o(c):i(Ei(Jo))}}))}function ta(){return"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function ra(){const e=new vr(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function na(){if(or(window.location.hash)&&Vs())throw Ei(Go)}function oa(e){if(Vs()&&!e)throw Ei(Wo)}function ia(){if(Xs())throw Ei(Qo)}function sa(){if("undefined"==typeof window)throw Ei(ei)}function aa(e){if(!e)throw Ei(fi)}function ca(e){sa(),na(),ia(),aa(e)}function ha(e,t){if(ca(e),oa(t.system.allowRedirectInIframe),t.cache.cacheLocation===Ji.MemoryStorage)throw Js(zs)}function la(e){const t=document.createElement("link");t.rel="preconnect",t.href=new URL(e).origin,t.crossOrigin="anonymous",document.head.appendChild(t),window.setTimeout((()=>{try{document.head.removeChild(t)}catch{}}),1e4)}function da(){return Ms()}const ua=Vt;var ga=Object.freeze({__proto__:null,addClientCapabilitiesToClaims:ua,blockAPICallsBeforeInitialize:aa,blockAcquireTokenInPopups:ia,blockNonBrowserEnvironment:sa,blockRedirectInIframe:oa,blockReloadInHiddenIframes:na,cancelPendingBridgeResponse:Zs,clearHash:Gs,createGuid:da,getCurrentUri:ta,getHomepage:ra,invoke:Nn,invokeAsync:Un,isInIframe:Vs,isInPopup:Xs,parseAuthResponseFromUrl:Ws,preconnect:la,preflightCheck:ca,redirectPreflightCheck:ha,replaceHash:Qs,waitForBridgeResponse:ea});const pa="standardInteractionClientGetDiscoveredAuthority",ma="nativeInteractionClientAcquireToken",fa="acquireTokenBySilentIframe",ya="initializeBaseRequest",wa="silentIframeClientTokenHelper",Ia="silentHandlerInitiateAuthRequest",Ca="silentHandlerMonitorIframeForHash",va="standardInteractionClientCreateAuthCodeClient",ka="standardInteractionClientGetClientConfiguration",Ta="standardInteractionClientInitializeAuthorizationRequest",ba="handleResponseEar",Aa="handleResponsePlatformBroker",Sa="handleResponseCode",_a="deserializeResponse",Ea="generatePkceCodes",Pa="generateHKDF",Ra="decrypt",Oa="generateEarKey";class Ma{constructor(){this.dbName=hs,this.version=1,this.tableName=ls,this.dbOpen=!1}async open(){return new Promise(((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",(e=>{e.target.result.createObjectStore(this.tableName)})),r.addEventListener("success",(t=>{const r=t;this.db=r.target.result,this.dbOpen=!0,e()})),r.addEventListener("error",(()=>t(Ei(di))))}))}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ei(ti));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async setItem(e,t){return await this.validateDbIsOpen(),new Promise(((r,n)=>{if(!this.db)return n(Ei(ti));const o=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);o.addEventListener("success",(()=>{this.closeConnection(),r()})),o.addEventListener("error",(e=>{this.closeConnection(),n(e)}))}))}async removeItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ei(ti));const n=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);n.addEventListener("success",(()=>{this.closeConnection(),t()})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async getKeys(){return await this.validateDbIsOpen(),new Promise(((e,t)=>{if(!this.db)return t(Ei(ti));const r=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();r.addEventListener("success",(t=>{const r=t;this.closeConnection(),e(r.target.result)})),r.addEventListener("error",(e=>{this.closeConnection(),t(e)}))}))}async containsKey(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ei(ti));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(1===r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise(((e,t)=>{const r=window.indexedDB.deleteDatabase(hs),n=setTimeout((()=>t(!1)),200);r.addEventListener("success",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("blocked",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("error",(()=>(clearTimeout(n),t(!1))))}))}}class xa{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)||null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach(((t,r)=>{e.push(r)})),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}decryptData(){return Promise.resolve(null)}}class qa{constructor(e){this.inMemoryCache=new xa,this.indexedDBCache=new Ma,this.logger=e}handleDatabaseAccessError(e,t){if(!(e instanceof _i&&e.errorCode===di))throw e;this.logger.error("1wx7zz",t)}async getItem(e,t){const r=this.inMemoryCache.getItem(e);if(!r)try{return this.logger.verbose("0naxpl",t),await this.indexedDBCache.getItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}async setItem(e,t,r){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(e){this.handleDatabaseAccessError(e,r)}}async removeItem(e,t){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}}async getKeys(e){const t=this.inMemoryCache.getKeys();if(0===t.length)try{return this.logger.verbose("1iqrbq",e),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t,e)}return t}async containsKey(e,t){const r=this.inMemoryCache.containsKey(e);if(!r)try{return this.logger.verbose("03zl2j",t),await this.indexedDBCache.containsKey(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}clearInMemory(e){this.logger.verbose("03r21p",e),this.inMemoryCache.clear(),this.logger.verbose("0uksk1",e)}async clearPersistent(e){try{this.logger.verbose("0rdqut",e);const t=await this.indexedDBCache.deleteDatabase();return t&&this.logger.verbose("149ouc",e),t}catch(t){return this.handleDatabaseAccessError(t,e),!1}}}class Na{constructor(e,t,r){this.logger=e,function(e){if(!window)throw Ei(ei);if(!window.crypto)throw Ei(qo);if(!e&&!window.crypto.subtle)throw Ei(qo,"crypto_subtle_undefined")}(r??!1),this.cache=new qa(this.logger),this.performanceClient=t}createNewGuid(){return Ms()}base64Encode(e){return ms(e)}base64Decode(e){return ys(e)}base64UrlEncode(e){return gs(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){const t=this.performanceClient?.startMeasurement("cryptoOptsGetPublicKeyThumbprint",e.correlationId),r=await async function(e,t){return window.crypto.subtle.generateKey(Es,e,t)}(Na.EXTRACTABLE,Na.POP_KEY_USAGES),n=await xs(r.publicKey),o=Ua({e:n.e,kty:n.kty,n:n.n}),i=await this.hashString(o),s=await xs(r.privateKey),a=await async function(e,t,r){return window.crypto.subtle.importKey("jwk",e,Es,t,r)}(s,!1,["sign"]);return await this.cache.setItem(i,{privateKey:a,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri},e.correlationId),t&&t.end({success:!0}),i}async removeTokenBindingKey(e,t){await this.cache.removeItem(e,t);if(await this.cache.containsKey(e,t))throw be(It)}async clearKeystore(e){this.cache.clearInMemory(e);try{return await this.cache.clearPersistent(e),!0}catch(t){return t instanceof Error?this.logger.error("1owpn8",e):this.logger.error("0yrmwo",e),!1}}async signJwt(e,t,r,n){const o=this.performanceClient?.startMeasurement("cryptoOptsSignJwt",n),i=await this.cache.getItem(t,n||"");if(!i)throw Ei(ai);const s=await xs(i.publicKey),a=Ua(s),c=gs(JSON.stringify({kid:t})),h=gs(_o.getShrHeaderString({...r?.header,alg:s.alg,kid:c}));e.cnf={jwk:JSON.parse(a)};const l=`${h}.${gs(JSON.stringify(e))}`,d=(new TextEncoder).encode(l),u=await async function(e,t){return window.crypto.subtle.sign(Es,e,t)}(i.privateKey,d),g=`${l}.${ps(new Uint8Array(u))}`;return o&&o.end({success:!0}),g}async hashString(e){return async function(e){const t=await Ps(e);return ps(new Uint8Array(t))}(e)}}function Ua(e){return JSON.stringify(e,Object.keys(e).sort())}Na.POP_KEY_USAGES=["sign","verify"],Na.EXTRACTABLE=!0;const La="acquireTokenSilent",Ha="acquireTokenByCode",Da="acquireTokenPopup",Fa="acquireTokenPreRedirect",Ka="acquireTokenRedirect",Ba="ssoSilent",za="initializeClientApplication",ja="localStorageUpdated";var $a=Object.freeze({__proto__:null,AcquireTokenByCode:Ha,AcquireTokenPopup:Da,AcquireTokenPreRedirect:Fa,AcquireTokenRedirect:Ka,AcquireTokenSilent:La,InitializeClientApplication:za,LocalStorageUpdated:ja,SsoSilent:Ba});const Ja="msal",Wa="browser",Ga=`${Ja}.${Wa}.log.level`,Qa=`${Ja}.${Wa}.log.pii`,Va=`${Ja}.${Wa}.performance.enabled`,Xa=`${Ja}.${Wa}.platform.auth.dom`,Ya=`${Ja}.version`,Za="account.keys",ec="token.keys";function tc(e=2){return e<1?`${Ja}.${Za}`:`${Ja}.${e}.${Za}`}function rc(e,t=2){return t<1?`${Ja}.${ec}.${e}`:`${Ja}.${t}.${ec}.${e}`}const nc=864e5,oc="Lax",ic="None";class sc{initialize(){return Promise.resolve()}getItem(e){const t=`${encodeURIComponent(e)}`,r=document.cookie.split(";");for(let e=0;e<r.length;e++){const n=r[e],[o,...i]=decodeURIComponent(n).trim().split("="),s=i.join("=");if(o===t)return s}return""}getUserData(){throw be(bt)}setItem(e,t,r,n=!0,o=oc){let i=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${o};`;if(r){const e=function(e){const t=new Date,r=new Date(t.getTime()+e*nc);return r.toUTCString()}(r);i+=`expires=${e};`}(n||o===ic)&&(i+="Secure;"),document.cookie=i}async setUserData(){return Promise.reject(be(bt))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach((e=>{const r=decodeURIComponent(e).trim().split("=");t.push(r[0])})),t}containsKey(e){return this.getKeys().includes(e)}decryptData(){return Promise.resolve(null)}}function ac(e,t){const r=e.getItem(tc(t));return r?JSON.parse(r):[]}function cc(e,t,r){const n=t.getItem(rc(e,r));if(n){const e=JSON.parse(n);if(e&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("accessToken")&&e.hasOwnProperty("refreshToken"))return e}return{idToken:[],accessToken:[],refreshToken:[]}}function hc(e){return e.hasOwnProperty("id")&&e.hasOwnProperty("nonce")&&e.hasOwnProperty("data")}const lc="msal.cache.encryption";class dc{constructor(e,t,r){if(!window.localStorage)throw Js(Ks);this.memoryStorage=new xa,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel("msal.broadcast.cache")}async initialize(e){const t=new sc,r=t.getItem(lc);let n={key:"",id:""};if(r)try{n=JSON.parse(r)}catch(e){}if(n.key&&n.id){const t=Nn(ws,"base64Decode",this.logger,this.performanceClient,e)(n.key);this.encryptionCookie={id:n.id,key:await Un(Ls,Pa,this.logger,this.performanceClient,e)(t)}}else{const r=Ms(),n=await Un(Us,"generateBaseKey",this.logger,this.performanceClient,e)(),o=Nn(ps,"urlEncodeArr",this.logger,this.performanceClient,e)(new Uint8Array(n));this.encryptionCookie={id:r,key:await Un(Ls,Pa,this.logger,this.performanceClient,e)(n)};const i={id:r,key:o};t.setItem(lc,JSON.stringify(i),0,!0,ic)}await Un(this.importExistingCache.bind(this),"importExistingCache",this.logger,this.performanceClient,e)(e),this.broadcast.addEventListener("message",(t=>{this.updateCache(t,e)})),this.initialized=!0}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw Ei(fi);return this.memoryStorage.getItem(e)}async decryptData(e,t,r){if(!this.initialized||!this.encryptionCookie)throw Ei(fi);if(t.id!==this.encryptionCookie.id)return this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},r),null;const n=await Un(Fs,Ra,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t.nonce,this.getContext(e),t.data);if(!n)return null;try{return{...JSON.parse(n),lastUpdatedAt:t.lastUpdatedAt}}catch(e){return this.performanceClient.incrementFields({encryptedCacheCorruptionCount:1},r),null}}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r,n,o){if(!this.initialized||!this.encryptionCookie)throw Ei(fi);if(o)this.setItem(e,t);else{const{data:o,nonce:i}=await Un(Ds,"encrypt",this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:o,lastUpdatedAt:n};this.setItem(e,JSON.stringify(s))}this.memoryStorage.setItem(e,t),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear();ac(this).forEach((e=>this.removeItem(e)));const e=cc(this.clientId,this);e.idToken.forEach((e=>this.removeItem(e))),e.accessToken.forEach((e=>this.removeItem(e))),e.refreshToken.forEach((e=>this.removeItem(e))),this.getKeys().forEach((e=>{(e.startsWith(Ja)||-1!==e.indexOf(this.clientId))&&this.removeItem(e)}))}async importExistingCache(e){if(!this.encryptionCookie)return;let t=ac(this);t=await this.importArray(t,e),t.length?this.setItem(tc(),JSON.stringify(t)):this.removeItem(tc());const r=cc(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),r.idToken.length||r.accessToken.length||r.refreshToken.length?this.setItem(rc(this.clientId),JSON.stringify(r)):this.removeItem(rc(this.clientId))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let n;try{n=JSON.parse(r)}catch(e){return null}return hc(n)?n.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):(this.performanceClient.incrementFields({encryptedCacheCount:1},t),Un(Fs,Ra,this.logger,this.performanceClient,t)(this.encryptionCookie.key,n.nonce,this.getContext(e),n.data)):(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),r)}async importArray(e,t){const r=[],n=[];return e.forEach((e=>{const o=this.getItemFromEncryptedCache(e,t).then((t=>{t?(this.memoryStorage.setItem(e,t),r.push(e)):this.removeItem(e)}));n.push(o)})),await Promise.all(n),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e,t){this.logger.trace("17cxcm",t);const r=this.performanceClient.startMeasurement(ja);r.add({isBackground:!0});const{key:n,value:o,context:i}=e.data;return n?i&&i!==this.clientId?(this.logger.trace("04rtdy",t),void r.end({success:!1,errorCode:"contextMismatch"})):(o?(this.memoryStorage.setItem(n,o),this.logger.verbose("1vzsgt",t)):(this.memoryStorage.removeItem(n),this.logger.verbose("04ypih",t)),void r.end({success:!0})):(this.logger.error("0e10qr",t),void r.end({success:!1,errorCode:"noKey"}))}}class uc{constructor(){if(!window.sessionStorage)throw Js(Ks)}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}decryptData(){return Promise.resolve(null)}}const gc={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_SUCCESS:"msal:loginSuccess",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",BROKERED_REQUEST_START:"msal:brokeredRequestStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",BROKERED_REQUEST_SUCCESS:"msal:brokeredRequestSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",BROKERED_REQUEST_FAILURE:"msal:brokeredRequestFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache",BROKER_CONNECTION_ESTABLISHED:"msal:brokerConnectionEstablished"},pc="@azure/msal-browser",mc="5.0.0-beta.0";function fc(e,t){const r=e.indexOf(t);r>-1&&e.splice(r,1)}class yc extends Br{constructor(e,t,r,n,o,i,s){super(e,r,n,o,s),this.cacheConfig=t,this.logger=n,this.internalStorage=new xa,this.browserStorage=wc(e,t.cacheLocation,n,o),this.temporaryCacheStorage=wc(e,Ji.SessionStorage,n,o),this.cookieStorage=new sc,this.eventHandler=i}async initialize(e){this.performanceClient.addFields({cacheLocation:this.cacheConfig.cacheLocation,cacheRetentionDays:this.cacheConfig.cacheRetentionDays},e),await this.browserStorage.initialize(e),await this.migrateExistingCache(e),this.trackVersionChanges(e)}async migrateExistingCache(e){let t=ac(this.browserStorage),r=cc(this.clientId,this.browserStorage);this.performanceClient.addFields({preMigrateAcntCount:t.length,preMigrateATCount:r.accessToken.length,preMigrateITCount:r.idToken.length,preMigrateRTCount:r.refreshToken.length},e);for(let t=0;t<2;t++){const r=t;await this.removeStaleAccounts(t,r,e)}for(let t=0;t<2;t++){const r=t;await this.migrateIdTokens(t,r,e)}const n=this.getKMSIValues();for(let t=0;t<2;t++)await this.migrateAccessTokens(t,n,e),await this.migrateRefreshTokens(t,n,e);t=ac(this.browserStorage),r=cc(this.clientId,this.browserStorage),this.performanceClient.addFields({postMigrateAcntCount:t.length,postMigrateATCount:r.accessToken.length,postMigrateITCount:r.idToken.length,postMigrateRTCount:r.refreshToken.length},e)}async updateOldEntry(e,t){const r=this.browserStorage.getItem(e),n=this.validateAndParseJson(r||"");if(!n)return this.browserStorage.removeItem(e),null;if(n.lastUpdatedAt){if(An(n.lastUpdatedAt,this.cacheConfig.cacheRetentionDays))return this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null}else n.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(n),t);const o=hc(n)?await this.browserStorage.decryptData(e,n,t):n;return o&&zn(o)?(jn(o)||$n(o))&&o.expiresOn&&bn(o.expiresOn,300)?(this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null):o:(this.performanceClient.incrementFields({invalidCacheCount:1},t),null)}async removeStaleAccounts(e,t,r){const n=ac(this.browserStorage,e);if(0!==n.length){for(const e of[...n]){this.performanceClient.incrementFields({oldAcntCount:1},r);const o=this.browserStorage.getItem(e),i=this.validateAndParseJson(o||"");i?i.lastUpdatedAt?An(i.lastUpdatedAt,this.cacheConfig.cacheRetentionDays)&&(await this.removeAccountOldSchema(e,i,t,r),fc(n,e)):(i.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(i),r)):fc(n,e)}this.setAccountKeys(n,r,e)}}async removeAccountOldSchema(e,t,r,n){const o=hc(t)?await this.browserStorage.decryptData(e,t,n):t,i=o?.homeAccountId;if(i){const e=this.getTokenKeys(r);[...e.idToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),fc(e.idToken,t)})),[...e.accessToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),fc(e.accessToken,t)})),[...e.refreshToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),fc(e.refreshToken,t)})),this.setTokenKeys(e,n,r)}this.performanceClient.incrementFields({expiredAcntRemovedCount:1},n),this.browserStorage.removeItem(e)}getKMSIValues(){const e={},t=this.getTokenKeys().idToken;for(const r of t){const t=this.browserStorage.getUserData(r);if(t){const r=JSON.parse(t),n=wr(r.secret,ys);n&&(e[r.homeAccountId]=Ir(n))}}return e}async migrateIdTokens(e,t,r){const n=cc(this.clientId,this.browserStorage,e);if(0===n.idToken.length)return;const o=cc(this.clientId,this.browserStorage,2),i=ac(this.browserStorage),s=ac(this.browserStorage,t);for(const e of[...n.idToken]){this.performanceClient.incrementFields({oldITCount:1},r);const t=await this.updateOldEntry(e,r);if(!t){fc(n.idToken,e);continue}const a=i.find((e=>e.includes(t.homeAccountId))),c=s.find((e=>e.includes(t.homeAccountId)));let h=null;if(a)h=this.getAccount(a,r);else if(c){const e=this.browserStorage.getItem(c),t=this.validateAndParseJson(e||"");h=t&&hc(t)?await this.browserStorage.decryptData(c,t,r):t}if(!h){this.performanceClient.incrementFields({skipITMigrateCount:1},r);continue}const l=wr(t.secret,ys),d=this.generateCredentialKey(t),u=this.getIdTokenCredential(d,r),g=Object.keys(l).includes("signin_state"),p=u&&Object.keys(wr(u.secret,ys)||{}).includes("signin_state");if(!u||t.lastUpdatedAt>u.lastUpdatedAt&&(g||!p)){const e=h.tenantProfiles||[],n=Lr(l)||h.realm;if(n&&!e.find((e=>e.tenantId===n))){const t=fr(h.homeAccountId,h.localAccountId,n,l);e.push(t)}h.tenantProfiles=e;const s=this.generateAccountKey(Dr(h)),a=Ir(l);await this.setUserData(s,JSON.stringify(h),r,h.lastUpdatedAt,a),i.includes(s)||i.push(s),await this.setUserData(d,JSON.stringify(t),r,t.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedITCount:1},r),o.idToken.push(d)}}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r),this.setAccountKeys(i,r)}async migrateAccessTokens(e,t,r){const n=cc(this.clientId,this.browserStorage,e);if(0===n.accessToken.length)return;const o=cc(this.clientId,this.browserStorage,2);for(const e of[...n.accessToken]){this.performanceClient.incrementFields({oldATCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){fc(n.accessToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipATMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.accessToken.includes(s)){const e=this.getAccessTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r),o.accessToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}async migrateRefreshTokens(e,t,r){const n=cc(this.clientId,this.browserStorage,e);if(0===n.refreshToken.length)return;const o=cc(this.clientId,this.browserStorage,2);for(const e of[...n.refreshToken]){this.performanceClient.incrementFields({oldRTCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){fc(n.refreshToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipRTMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.refreshToken.includes(s)){const e=this.getRefreshTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r),o.refreshToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}trackVersionChanges(e){const t=this.browserStorage.getItem(Ya);t&&(this.logger.info("1wuc87",e),this.performanceClient.addFields({previousLibraryVersion:t},e)),t!==mc&&this.setItem(Ya,mc,e)}validateAndParseJson(e){if(!e)return null;try{const t=JSON.parse(e);return t&&"object"==typeof t?t:null}catch(e){return null}}setItem(e,t,r){const n=new Array(3).fill(0),o=[];for(let i=0;i<=20;i++)try{if(this.browserStorage.setItem(e,t),i>0)for(let e=0;e<=2;e++){const t=n.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=i)break;const s=i>t+n[e]?t+n[e]:i;i>t&&n[e]>0&&this.removeAccessTokenKeys(o.slice(t,s),r,e)}break}catch(s){const a=Rr(s);if(!(a.errorCode===Er&&i<20))throw a;if(!o.length)for(let r=0;r<=2;r++)if(e===rc(this.clientId,r)){const e=JSON.parse(t).accessToken;o.push(...e),n[r]=e.length}else{const e=this.getTokenKeys(r).accessToken;o.push(...e),n[r]=e.length}if(o.length<=i)throw a;this.removeAccessToken(o[i],r,!1)}}async setUserData(e,t,r,n,o){const i=new Array(3).fill(0),s=[];for(let a=0;a<=20;a++)try{if(await Un(this.browserStorage.setUserData.bind(this.browserStorage),"setUserData",this.logger,this.performanceClient,r)(e,t,r,n,o),a>0)for(let e=0;e<=2;e++){const t=i.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=a)break;const n=a>t+i[e]?t+i[e]:a;a>t&&i[e]>0&&this.removeAccessTokenKeys(s.slice(t,n),r,e)}break}catch(e){const t=Rr(e);if(!(t.errorCode===Er&&a<20))throw t;if(!s.length)for(let e=0;e<=2;e++){const t=this.getTokenKeys(e).accessToken;s.push(...t),i[e]=t.length}if(s.length<=a)throw t;this.removeAccessToken(s[a],r,!1)}}getAccount(e,t){this.logger.trace("1lfvm6",t);const r=this.browserStorage.getUserData(e);if(!r)return this.removeAccountKeyFromMap(e,t),null;const n=this.validateAndParseJson(r);return n&&((o=n)&&o.hasOwnProperty("homeAccountId")&&o.hasOwnProperty("environment")&&o.hasOwnProperty("realm")&&o.hasOwnProperty("localAccountId")&&o.hasOwnProperty("username")&&o.hasOwnProperty("authorityType"))?Br.toObject({},n):null;var o}async setAccount(e,t,r){this.logger.trace("1bz3wr",t);const n=this.generateAccountKey(Dr(e)),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r),this.addAccountKeyToMap(n,t),this.performanceClient.addFields({kmsi:r},t)}setAccountKeys(e,t,r=2){0===e.length?this.removeItem(tc(r)):this.setItem(tc(r),JSON.stringify(e),t)}getAccountKeys(){return ac(this.browserStorage)}addAccountKeyToMap(e,t){this.logger.trace("0rb85k",t),this.logger.tracePii("1l9bdo",t);const r=this.getAccountKeys();return-1===r.indexOf(e)?(r.push(e),this.setItem(tc(),JSON.stringify(r),t),this.logger.verbose("0xia39",t),!0):(this.logger.verbose("0161kk",t),!1)}removeAccountKeyFromMap(e,t){this.logger.trace("1jpigu",t),this.logger.tracePii("1xzspl",t);const r=this.getAccountKeys(),n=r.indexOf(e);n>-1?(r.splice(n,1),this.setAccountKeys(r,t)):this.logger.trace("1dytu2",t)}removeAccount(e,t){const r=this.getActiveAccount(t);r?.homeAccountId===e.homeAccountId&&r?.environment===e.environment&&this.setActiveAccount(null,t),super.removeAccount(e,t),this.removeAccountKeyFromMap(this.generateAccountKey(e),t),this.browserStorage.getKeys().forEach((t=>{t.includes(e.homeAccountId)&&t.includes(e.environment)&&this.browserStorage.removeItem(t)}))}removeIdToken(e,t){super.removeIdToken(e,t);const r=this.getTokenKeys(),n=r.idToken.indexOf(e);n>-1&&(this.logger.info("05udv9",t),r.idToken.splice(n,1),this.setTokenKeys(r,t))}removeAccessToken(e,t,r=!0){super.removeAccessToken(e,t),r&&this.removeAccessTokenKeys([e],t)}removeAccessTokenKeys(e,t,r=2){this.logger.trace("17o18n",t);const n=this.getTokenKeys(r);let o=0;if(e.forEach((e=>{const t=n.accessToken.indexOf(e);t>-1&&(n.accessToken.splice(t,1),o++)})),o>0)return this.logger.info("15i5d5",t),void this.setTokenKeys(n,t,r)}removeRefreshToken(e,t){super.removeRefreshToken(e,t);const r=this.getTokenKeys(),n=r.refreshToken.indexOf(e);n>-1&&(this.logger.info("1f4fq3",t),r.refreshToken.splice(n,1),this.setTokenKeys(r,t))}getTokenKeys(e=2){return cc(this.clientId,this.browserStorage,e)}setTokenKeys(e,t,r=2){0!==e.idToken.length||0!==e.accessToken.length||0!==e.refreshToken.length?this.setItem(rc(this.clientId,r),JSON.stringify(e),t):this.removeItem(rc(this.clientId,r))}getIdTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("1jukz6",t),this.removeIdToken(e,t),null;const n=this.validateAndParseJson(r);return n&&((o=n)&&zn(o)&&o.hasOwnProperty("realm")&&o.credentialType===L.ID_TOKEN)?(this.logger.trace("01ju66",t),n):(this.logger.trace("1jukz6",t),null);var o}async setIdTokenCredential(e,t,r){this.logger.trace("13hjll",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.idToken.indexOf(n)&&(this.logger.info("07jy92",t),i.idToken.push(n),this.setTokenKeys(i,t))}getAccessTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0bqvx8",t),this.removeAccessTokenKeys([e],t),null;const n=this.validateAndParseJson(r);return n&&jn(n)?(this.logger.trace("1o81rl",t),n):(this.logger.trace("0bqvx8",t),null)}async setAccessTokenCredential(e,t,r){this.logger.trace("1pondb",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys(),s=i.accessToken.indexOf(n);-1!==s&&i.accessToken.splice(s,1),this.logger.trace("1onhey",t),i.accessToken.push(n),this.setTokenKeys(i,t)}getRefreshTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0jlizt",t),this.removeRefreshToken(e,t),null;const n=this.validateAndParseJson(r);return n&&$n(n)?(this.logger.trace("0nokxi",t),n):(this.logger.trace("0jlizt",t),null)}async setRefreshTokenCredential(e,t,r){this.logger.trace("0tcg8d",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.refreshToken.indexOf(n)&&(this.logger.info("0eckjs",t),i.refreshToken.push(n),this.setTokenKeys(i,t))}getAppMetadata(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1q101h",t),null;const n=this.validateAndParseJson(r);return n&&(o=e,(i=n)&&0===o.indexOf(H)&&i.hasOwnProperty("clientId")&&i.hasOwnProperty("environment"))?(this.logger.trace("19pvg2",t),n):(this.logger.trace("1q101h",t),null);var o,i}setAppMetadata(e,t){this.logger.trace("0cyma6",t);const r=function({environment:e,clientId:t}){return[H,e,t].join("-").toLowerCase()}(e);this.setItem(r,JSON.stringify(e),t)}getServerTelemetry(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("0jk19c",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){const r=0===e.indexOf(J);let n=!0;return t&&(n=t.hasOwnProperty("failedRequests")&&t.hasOwnProperty("errors")&&t.hasOwnProperty("cacheHits")),r&&n}(e,n)?(this.logger.trace("12jguk",t),n):(this.logger.trace("0jk19c",t),null)}setServerTelemetry(e,t,r){this.logger.trace("1poh61",r),this.setItem(e,JSON.stringify(t),r)}getAuthorityMetadata(e,t){const r=this.internalStorage.getItem(e);if(!r)return this.logger.trace("1r39oe",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){return!!t&&0===e.indexOf(F)&&t.hasOwnProperty("aliases")&&t.hasOwnProperty("preferred_cache")&&t.hasOwnProperty("preferred_network")&&t.hasOwnProperty("canonical_authority")&&t.hasOwnProperty("authorization_endpoint")&&t.hasOwnProperty("token_endpoint")&&t.hasOwnProperty("issuer")&&t.hasOwnProperty("aliasesFromNetwork")&&t.hasOwnProperty("endpointsFromNetwork")&&t.hasOwnProperty("expiresAt")&&t.hasOwnProperty("jwks_uri")}(e,n)?(this.logger.trace("1ohvk3",t),n):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter((e=>this.isAuthorityMetadata(e)))}setWrapperMetadata(e,t){this.internalStorage.setItem(ns,e),this.internalStorage.setItem(os,t)}getWrapperMetadata(){return[this.internalStorage.getItem(ns)||"",this.internalStorage.getItem(os)||""]}setAuthorityMetadata(e,t,r){this.logger.trace("07w8n2",r),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(e){const t=this.generateCacheKey(b),r=this.browserStorage.getItem(t);if(!r)return this.logger.trace("08gw0e",e),null;const n=this.validateAndParseJson(r);return n?(this.logger.trace("1t3ch7",e),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId},e)):(this.logger.trace("0me1up",e),null)}setActiveAccount(e,t){const r=this.generateCacheKey(b);if(e){this.logger.verbose("0rsj80",t);const n={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.setItem(r,JSON.stringify(n),t)}else this.logger.verbose("1bp5z5",t),this.browserStorage.removeItem(r);this.eventHandler.emitEvent(gc.ACTIVE_ACCOUNT_CHANGED)}getThrottlingCache(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1h4wa6",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){let r=!1;e&&(r=0===e.indexOf(Q));let n=!0;return t&&(n=t.hasOwnProperty("throttleTime")),r&&n}(e,n)?(this.logger.trace("0of6n8",t),n):(this.logger.trace("1h4wa6",t),null)}setThrottlingCache(e,t,r){this.logger.trace("0wfgh6",r),this.setItem(e,JSON.stringify(t),r)}getTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e,o=this.temporaryCacheStorage.getItem(n);if(!o){if(this.cacheConfig.cacheLocation===Ji.LocalStorage){const e=this.browserStorage.getItem(n);if(e)return this.logger.trace("1yt61y",t),e}return this.logger.trace("1qhy81",t),null}return o}setTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(n,t)}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e)}getKeys(){return this.browserStorage.getKeys()}clear(e){this.removeAllAccounts(e),this.removeAppMetadata(e),this.temporaryCacheStorage.getKeys().forEach((e=>{-1===e.indexOf(Ja)&&-1===e.indexOf(this.clientId)||this.removeTemporaryItem(e)})),this.browserStorage.getKeys().forEach((e=>{-1===e.indexOf(Ja)&&-1===e.indexOf(this.clientId)||this.browserStorage.removeItem(e)})),this.internalStorage.clear()}generateCacheKey(e){return ke.startsWith(e,Ja)?e:`${Ja}.${this.clientId}.${e}`}generateCredentialKey(e){const t=e.credentialType===L.REFRESH_TOKEN&&e.familyId||e.clientId,r=e.tokenType&&e.tokenType.toLowerCase()!==G.BEARER.toLowerCase()?e.tokenType.toLowerCase():"";return[`${Ja}.2`,e.homeAccountId,e.environment,e.credentialType,t,e.realm||"",e.target||"",r].join("|").toLowerCase()}generateAccountKey(e){const t=e.homeAccountId.split(".")[1];return[`${Ja}.2`,e.homeAccountId,e.environment,t||e.tenantId||""].join("|").toLowerCase()}resetRequestCache(e){this.logger.trace("0h0ynu",e),this.removeTemporaryItem(this.generateCacheKey(Zi)),this.removeTemporaryItem(this.generateCacheKey(es)),this.removeTemporaryItem(this.generateCacheKey(Xi)),this.removeTemporaryItem(this.generateCacheKey(Yi)),this.removeTemporaryItem(this.generateCacheKey(rs)),this.setInteractionInProgress(!1,void 0)}cacheAuthorizeRequest(e,t,r){this.logger.trace("1tzef5",t);const n=ms(JSON.stringify(e));if(this.setTemporaryCache(Zi,n,!0),r){const e=ms(r);this.setTemporaryCache(es,e,!0)}}getCachedRequest(e){this.logger.trace("0uen20",e);const t=this.getTemporaryCache(Zi,e,!0);if(!t)throw Ei(Yo);const r=this.getTemporaryCache(es,e,!0);let n,o="";try{n=JSON.parse(ys(t)),r&&(o=ys(r))}catch(t){throw this.logger.errorPii("0ewsey",e),this.logger.error("0tvdic",e),Ei(Zo)}return[n,o]}getCachedNativeRequest(){this.logger.trace("1yxcdm","");const e=this.getTemporaryCache(rs,"",!0);if(!e)return this.logger.trace("0mnxd4",""),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("0rrkip",""),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress()?.clientId;return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${Ja}.${ts}`,t=this.getTemporaryCache(e,"",!1);try{return t?JSON.parse(t):null}catch(t){return this.logger.error("0jjyys",""),this.removeTemporaryItem(e),this.resetRequestCache(""),Gs(window),null}}setInteractionInProgress(e,t=Qi,r=!1,n=""){const o=`${Ja}.${ts}`;if(e){if(this.getInteractionInProgress()){if(!r)throw Ei(Ko);this.logger.warning("1pmscr",n),Zs(this.logger,n),this.removeTemporaryItem(o)}this.setTemporaryCache(o,JSON.stringify({clientId:this.clientId,type:t}),!1)}else e||this.getInteractionInProgress()?.clientId!==this.clientId||this.removeTemporaryItem(o)}async hydrateCache(e,t){const r={idToken:Fn(e.account?.homeAccountId,e.account?.environment,e.idToken,this.clientId,e.tenantId),accessToken:Kn(e.account?.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?kn(e.expiresOn):0,e.extExpiresOn?kn(e.extExpiresOn):0,ys,void 0,e.tokenType,void 0,t.sshKid)};return this.saveCacheRecord(r,e.correlationId,Ir(wr(e.idToken,ys)))}async saveCacheRecord(e,t,r,n){try{await super.saveCacheRecord(e,t,r,n)}catch(e){if(e instanceof Pr&&this.performanceClient&&t)try{const e=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:e.refreshToken.length,cacheIdCount:e.idToken.length,cacheAtCount:e.accessToken.length},t)}catch(e){}throw e}}}function wc(e,t,r,n){try{switch(t){case Ji.LocalStorage:return new dc(e,r,n);case Ji.SessionStorage:return new uc}}catch(e){r.error(e,"")}return new xa}const Ic=(e,t,r,n)=>new yc(e,{cacheLocation:Ji.MemoryStorage,cacheRetentionDays:5},ar,t,r,n);function Cc(e,t,r,n,o){return e.verbose("1yd030",n),r?t.getAllAccounts(o,n):[]}function vc(e,t,r,n){if(t.trace("0u7b90",n),0===Object.keys(e).length)return t.warning("1kz0cu",n),null;const o=r.getAccountInfoFilteredBy(e,n);return o?(t.verbose("0btgll",n),o):(t.verbose("0ltaj5",n),null)}function kc(e,t,r){t.setActiveAccount(e,r)}function Tc(e,t){return e.getActiveAccount(t)}class bc{constructor(e){this.eventCallbacks=new Map,this.logger=e||new dr({}),"undefined"!=typeof BroadcastChannel&&(this.broadcastChannel=new BroadcastChannel("msal.broadcast.event")),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if("undefined"!=typeof window){const n=r||da();return this.eventCallbacks.has(n)?(this.logger.error("1578i0",""),null):(this.eventCallbacks.set(n,[e,t||[]]),this.logger.verbose("1cnec4",""),n)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose("12zotd","")}emitEvent(e,t,r,n){const o={eventType:e,interactionType:t||null,payload:r||null,error:n||null,timestamp:Date.now()};switch(e){case gc.LOGIN_SUCCESS:case gc.LOGOUT_SUCCESS:case gc.ACTIVE_ACCOUNT_CHANGED:this.broadcastChannel?.postMessage(o)}this.invokeCallbacks(o)}invokeCallbacks(e){this.eventCallbacks.forEach((([t,r],n)=>{(0===r.length||r.includes(e.eventType))&&(this.logger.verbose("15jpwk",""),t.apply(null,[e]))}))}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){this.broadcastChannel?.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){this.broadcastChannel?.removeEventListener("message",this.invokeCrossTabCallbacks)}}class Ac{constructor(e,t,r,n,o,i,s,a,c){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=o,this.navigationClient=i,this.platformAuthProvider=c,this.correlationId=a,this.logger=n.clone(xi,mc),this.performanceClient=s}}function Sc(e,t,r,n){r.verbose("0bd1la",n);const o=e||t||"";return vr.getAbsoluteUrl(o,ta())}function _c(e,t,r,n,o,i){o.verbose("1p12tq",r);const s={clientId:t,correlationId:r,apiId:e,forceRefresh:!1,wrapperSKU:n.getWrapperMetadata()[0],wrapperVer:n.getWrapperMetadata()[1]};return new bo(s,n)}async function Ec(e,t,r,n,o,i,s,a,c){const h=a&&a.hasOwnProperty("instance_aware")?a.instance_aware:void 0,l={protocolMode:e.system.protocolMode,OIDCOptions:e.auth.OIDCOptions,knownAuthorities:e.auth.knownAuthorities,cloudDiscoveryMetadata:e.auth.cloudDiscoveryMetadata,authorityMetadata:e.auth.authorityMetadata},d=i||e.auth.authority,u=h?.length?"true"===h:e.auth.instanceAware,g=c&&u?e.auth.authority.replace(vr.getDomainFromUrl(d),c.environment):d,p=ho.generateAuthority(g,s||e.auth.azureCloudOptions),m=await Un(go,"authorityFactoryCreateDiscoveredInstance",o,r,t)(p,e.system.networkClient,n,l,o,t,r);if(c&&!m.isAlias(c.environment))throw ve(ze);return m}async function Pc(e,t,r,n,o){if(o)try{e.removeAccount(o,n),r.verbose("0s4z6h",n)}catch(e){r.error("0mgg1d",n)}else try{r.verbose("0zj631",n),e.clear(n),await t.clearKeystore(n)}catch(e){r.error("12ih0c",n)}}async function Rc(e,t,r,n,o){const i=e.authority||t.auth.authority,s=[...e&&e.scopes||[]],a={...e,correlationId:e.correlationId,authority:i,scopes:s};if(a.authenticationScheme){if(a.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);if(!e.sshKid)throw ve(He)}n.verbose("1ecmns",o)}else a.authenticationScheme=G.BEARER,n.verbose("1l4fwv",o);return a}async function Oc(e,t,r,n,o){const i=await Un(Rc,ya,o,n,e.correlationId)(e,r,n,o,e.correlationId);return{...e,...i,account:t,forceRefresh:e.forceRefresh||!1}}function Mc(e,t){let r;const n=e.httpMethod;if(t===Hr.EAR){if(n&&n!==g)throw ve(je);r=g}else r=n||u;return r}class xc extends Ac{initializeLogoutRequest(e){this.logger.verbose("0546u4",this.correlationId);const t={correlationId:this.correlationId,...e};if(e)if(e.logoutHint)this.logger.verbose("12k4l4",this.correlationId);else if(e.account){const r=this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("0st5di",this.correlationId),t.logoutHint=r)}else this.logger.verbose("0pdtc3",this.correlationId);else this.logger.verbose("07ndze",this.correlationId);return e&&null===e.postLogoutRedirectUri?this.logger.verbose("0ljv63",t.correlationId):e&&e.postLogoutRedirectUri?(this.logger.verbose("1vamm6",t.correlationId),t.postLogoutRedirectUri=vr.getAbsoluteUrl(e.postLogoutRedirectUri,ta())):null===this.config.auth.postLogoutRedirectUri?this.logger.verbose("15m5g7",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("1f4xlz",t.correlationId),t.postLogoutRedirectUri=vr.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,ta())):(this.logger.verbose("17s5rf",t.correlationId),t.postLogoutRedirectUri=vr.getAbsoluteUrl(ta(),ta())),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("0mvp54",this.correlationId)}else this.logger.verbose("1e7bdp",this.correlationId);return null}async createAuthCodeClient(e){const t=await Un(this.getClientConfiguration.bind(this),ka,this.logger,this.performanceClient,this.correlationId)(e);return new po(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:r,requestAzureCloudOptions:n,requestExtraQueryParameters:o,account:i}=e,s=e.authority||await Un(Ec,pa,this.logger,this.performanceClient,this.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:s,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:a.loggerCallback,piiLoggingEnabled:a.piiLoggingEnabled,logLevel:a.logLevel,correlationId:this.correlationId},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:xi,version:mc,cpu:"",os:""},telemetry:this.config.telemetry}}}async function qc(e,t,r,n,o,i,s,a){const c=Sc(e.redirectUri,r.auth.redirectUri,i,a),h={interactionType:t},l=In(n,e&&e.state||"",h),d={...await Un(Rc,ya,i,s,a)({...e,correlationId:a},r,s,i,a),redirectUri:c,state:l,nonce:e.nonce||Ms(),responseMode:r.auth.OIDCOptions.responseMode},u={...d,httpMethod:Mc(d,r.system.protocolMode)};if(e.loginHint||e.sid)return u;const g=e.account||o.getActiveAccount(a);return g&&(i.verbose("1eqlb3",a),i.verbosePii("0tf99t",a),u.account=g),u}function Nc(e,t,r,n){const o=or(e);if(!o)throw nr(e)?(r.error("13pl0s",n),r.errorPii("1097vx",n),Ei(Ho)):(r.error("18h0l1",n),Ei(Uo));return o}function Uc(e,t,r){if(!e.state)throw Ei(Lo);const n=function(e,t){if(!t)return null;try{return Cn(e.base64Decode,t).libraryState.meta}catch(e){throw be(et)}}(t,e.state);if(!n)throw Ei(Do);if(n.interactionType!==r)throw Ei(Fo)}class Lc{constructor(e,t,r,n,o){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=n,this.performanceClient=o}async handleCodeResponse(e,t){let r;try{r=function(e,t){if(Co(e,t),!e.code)throw be(wt);return e}(e,t.state)}catch(e){throw e instanceof nn&&e.subError===$o?Ei($o):e}return Un(this.handleCodeResponseFromServer.bind(this),Rn,this.logger,this.performanceClient,t.correlationId)(r,t)}async handleCodeResponseFromServer(e,t,r=!0){if(this.logger.trace("0mf2hb",t.correlationId),this.authCodeRequest.code=e.code,r&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const e=this.createCcsCredentials(t);e&&(this.authCodeRequest.ccsCredential=e)}return await Un(this.authModule.acquireToken.bind(this.authModule),"authClientAcquireToken",this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:Yn}:e.loginHint?{credential:e.loginHint,type:Zn}:null}}class Hc extends we{constructor(e,t,r){super(e,t||Si(e)),Object.setPrototypeOf(this,Hc.prototype),this.name="NativeAuthError",this.ext=r}}function Dc(e){if(e.ext&&e.ext.status&&("PERSISTENT_ERROR"===e.ext.status||"DISABLED"===e.ext.status))return!0;if(e.ext&&e.ext.error&&-2147186943===e.ext.error)return!0;switch(e.errorCode){case"ContentError":case"PageException":return!0;default:return!1}}function Fc(e,t,r){if(r&&r.status)switch(r.status){case"ACCOUNT_UNAVAILABLE":return wn(sn,Si(e));case"USER_INTERACTION_REQUIRED":return new fn(e,t);case"USER_CANCEL":return Ei($o);case"NO_NETWORK":return Ei(ri);case"UX_NOT_ALLOWED":return wn(cn)}return new Hc(e,t,r)}class Kc extends xc{async acquireToken(e){const t=_c(is.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),r=await Un(this.getClientConfiguration.bind(this),ka,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),n=new fo(r,this.performanceClient);this.logger.verbose("0wa871",this.correlationId);try{const t=(await Un(n.acquireCachedToken.bind(n),"silentFlowClientAcquireCachedToken",this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),t}catch(e){throw e instanceof _i&&e.errorCode===ai&&this.logger.verbose("06wena",this.correlationId),e}}logout(e){this.logger.verbose("1rkurh",this.correlationId);const t=this.initializeLogoutRequest(e);return Pc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account)}}class Bc extends Ac{constructor(e,t,r,n,o,i,s,a,c,h,l,d){super(e,t,r,n,o,i,a,d,c),this.apiId=s,this.accountId=h,this.platformAuthProvider=c,this.nativeStorageManager=l,this.silentCacheClient=new Kc(e,this.nativeStorageManager,r,n,o,i,a,d,c);const u=this.platformAuthProvider.getExtensionName();this.skus=bo.makeExtraSkuString({libraryName:xi,libraryVersion:mc,extensionName:u,extensionVersion:this.platformAuthProvider.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[ge]:this.skus}}async acquireToken(e,t){this.logger.trace("03qeos",this.correlationId);const r=this.performanceClient.startMeasurement(ma,e.correlationId),n=vn(),o=_c(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const i=await this.initializeNativeRequest(e);try{const e=await this.acquireTokensFromCache(this.accountId,i);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),e}catch(e){if(t===ds.AccessToken)throw this.logger.info("0eitbc",this.correlationId),e;this.logger.info("0957j1",this.correlationId)}const s=await this.platformAuthProvider.sendMessage(i);return await this.handleNativeResponse(s,i,n).then((e=>(r.end({success:!0,isNativeBroker:!0,requestId:e.requestId}),o.clearNativeBrokerErrorCode(),e))).catch((e=>{throw r.end({success:!1,errorCode:e.errorCode,subErrorCode:e.subError,isNativeBroker:!0}),e}))}catch(e){throw e instanceof Hc&&o.setNativeBrokerErrorCode(e.errorCode),e}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:_t.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("1ndf3e",this.correlationId),be(pt);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e},t.correlationId);if(!r)throw be(pt);try{const e=this.createSilentCacheRequest(t,r),n=await this.silentCacheClient.acquireToken(e),o={...r,idTokenClaims:n?.idTokenClaims,idToken:n?.idToken};return{...n,account:o}}catch(e){throw e}}async acquireTokenRedirect(e,t,r){this.logger.trace("0luikq",this.correlationId);const n=await this.initializeNativeRequest(e),o=r?.navigateToLoginRequestUrl??!0;try{await this.platformAuthProvider.sendMessage(n)}catch(e){if(e instanceof Hc){if(_c(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).setNativeBrokerErrorCode(e.errorCode),Dc(e))throw e}}this.browserStorage.setTemporaryCache(rs,JSON.stringify(n),!0);const i={apiId:is.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},s=o?window.location.href:Sc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId);t.end({success:!0}),await this.navigationClient.navigateExternal(s,i)}async handleRedirectPromise(e,t){if(this.logger.trace("1c5lhw",this.correlationId),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",this.correlationId),null;const r=this.browserStorage.getCachedNativeRequest();if(!r)return this.logger.verbose("0a6zjb",this.correlationId),e&&t&&e?.addFields({errorCode:"no_cached_request"},t),null;const{prompt:n,...o}=r;n&&this.logger.verbose("0ac34v",this.correlationId),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(rs));const i=vn();try{this.logger.verbose("003x5a",this.correlationId);const e=await this.platformAuthProvider.sendMessage(o),t=await this.handleNativeResponse(e,o,i);return _c(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).clearNativeBrokerErrorCode(),t}catch(e){throw e}}logout(){return this.logger.trace("0u2sjm",this.correlationId),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){this.logger.trace("1bojln",this.correlationId);const n=wr(e.id_token,ys),o=this.createHomeAccountIdentifier(e,n),i=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId},this.correlationId)?.homeAccountId;if(t.extraParameters?.child_client_id&&e.account.id!==t.accountId)this.logger.info("1ub1in",this.correlationId);else if(o!==i&&e.account.id!==t.accountId)throw Fc("user_switch");const s=await Ec(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t.authority),a=Xn(this.browserStorage,s,o,ys,this.correlationId,n,e.client_info,void 0,n.tid,void 0,e.account.id);e.expires_in=Number(e.expires_in);const c=await this.generateAuthenticationResult(e,t,n,a,s.canonicalAuthority,r);return await this.cacheAccount(a,Ir(n)),await this.cacheNativeTokens(e,t,o,n,e.access_token,c.tenantId,r),c}createHomeAccountIdentifier(e,t){return Kr(e.client_info||"",xr,this.logger,this.browserCrypto,this.correlationId,t)}generateScopes(e,t){return t?_t.fromString(t):_t.fromString(e)}async generatePopAccessToken(e,t){if(t.tokenType===G.POP&&t.signPopToken){if(e.shr)return this.logger.trace("0coqhu",this.correlationId),e.shr;const r=new Hn(this.browserCrypto,this.performanceClient),n={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce,correlationId:this.correlationId};if(!t.keyId)throw be(vt);return r.signPopToken(e.access_token,t.keyId,n)}return e.access_token}async generateAuthenticationResult(e,t,r,n,o,i){const s=this.addTelemetryFromNativeResponse(e.properties.MATS),a=this.generateScopes(t.scope,e.scope),c=e.account.properties||{},h=c.UID||r.oid||r.sub||"",l=c.TenantId||r.tid||"",d=yr(Dr(n),void 0,r,e.id_token);d.nativeAccountId!==e.account.id&&(d.nativeAccountId=e.account.id);const u=await this.generatePopAccessToken(e,t),g=t.tokenType===G.POP?G.POP:G.BEARER;return{authority:o,uniqueId:h,tenantId:l,scopes:a.asArray(),account:d,idToken:e.id_token,idTokenClaims:r,accessToken:u,fromCache:!!s&&this.isResponseFromCache(s),expiresOn:Tn(i+e.expires_in),tokenType:g,correlationId:this.correlationId,state:e.state,fromPlatformBroker:!0}}async cacheAccount(e,t){await this.browserStorage.setAccount(e,this.correlationId,t),this.browserStorage.removeAccountContext(Dr(e),this.correlationId)}cacheNativeTokens(e,t,r,n,o,i,s){const a=Fn(r,t.authority,e.id_token||"",t.clientId,n.tid||""),c=s+(t.tokenType===G.POP?240:("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0),h=this.generateScopes(e.scope,t.scope),l={idToken:a,accessToken:Kn(r,t.authority,o,t.clientId,n.tid||i,h.printScopes(),c,0,ys,void 0,t.tokenType,void 0,t.keyId)};return this.nativeStorageManager.saveCacheRecord(l,this.correlationId,Ir(n),t.storeInCache)}getExpiresInValue(e,t){return e===G.POP?240:("string"==typeof t?parseInt(t,10):t)||0}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.platformAuthProvider.getExtensionId(),extensionVersion:this.platformAuthProvider.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}getMATSFromResponse(e){if(e)try{return JSON.parse(e)}catch(e){this.logger.error("0b3l57",this.correlationId)}return null}isResponseFromCache(e){return void 0===e.is_cached?(this.logger.verbose("1okqev",this.correlationId),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("04j6wj",this.correlationId);const t=await this.getCanonicalAuthority(e),{scopes:r,...n}=e,o=new _t(r||[]);o.appendScopes(p);const i={...n,accountId:this.accountId,clientId:this.config.auth.clientId,authority:t.urlString,scope:o.printScopes(),redirectUri:Sc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId),prompt:this.getPrompt(e.prompt),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraParameters},extendedExpiryToken:!1,keyId:e.popKid};if(i.signPopToken&&e.popKid)throw Ei(Ii);if(this.handleExtraBrokerParams(i),i.extraParameters=i.extraParameters||{},i.extraParameters.telemetry=Ui,e.authenticationScheme===G.POP){const t={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce,correlationId:this.correlationId},r=new Hn(this.browserCrypto,this.performanceClient);let n;if(i.keyId)n=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:i.keyId})),i.signPopToken=!1;else{const e=await Un(r.generateCnf.bind(r),On,this.logger,this.performanceClient,this.correlationId)(t,this.logger);n=e.reqCnfString,i.keyId=e.kid,i.signPopToken=!0}i.reqCnf=n}return this.addRequestSKUs(i),i}async getCanonicalAuthority(e){const t=e.authority||this.config.auth.authority,{azureCloudOptions:r,account:n}=e;n&&await Ec(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t,r,void 0,n);const o=new vr(t);return o.validateAsUri(),o}getPrompt(e){switch(this.apiId){case is.ssoSilent:case is.acquireTokenSilent_silentFlow:return this.logger.trace("1hiwaz",this.correlationId),R.NONE}if(e)switch(e){case R.NONE:case R.CONSENT:case R.LOGIN:return this.logger.trace("1ynje4",this.correlationId),e;default:throw this.logger.trace("0nkr6q",this.correlationId),Ei(yi)}else this.logger.trace("1qlu04",this.correlationId)}handleExtraBrokerParams(e){const t=e.extraParameters&&e.extraParameters.hasOwnProperty(pe)&&e.extraParameters.hasOwnProperty(me)&&e.extraParameters.hasOwnProperty(ce);if(!e.embeddedClientId&&!t)return;let r="";const n=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,r=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[me],r=e.extraParameters[ce]),e.extraParameters={child_client_id:r,child_redirect_uri:n},this.performanceClient?.addFields({embeddedClientId:r,embeddedRedirectUri:n},e.correlationId)}}async function zc(e,t,r,n,o){const i=wo({...e.auth,authority:t},r,n,o);if(Dt(i,{sku:xi,version:mc,os:"",cpu:""}),e.system.protocolMode!==Hr.OIDC&&Ft(i,e.telemetry.application),r.platformBroker&&(function(e){e.set("nativebroker","1")}(i),r.authenticationScheme===G.POP)){const e=new Na(n,o),t=new Hn(e,o);let s;if(r.popKid)s=e.encodeKid(r.popKid);else{s=(await Un(t.generateCnf.bind(t),On,n,o,r.correlationId)(r,n)).reqCnfString}Xt(i,s)}return Et(i,r.correlationId,o),i}async function jc(e,t,r,n,o){if(!r.codeChallenge)throw ve(xe);const i=await Un(zc,"getStandardParams",n,o,r.correlationId)(e,t,r,n,o);return Pt(i,O),Bt(i,r.codeChallenge,c),Qt(i,{...r.extraQueryParameters,...r.extraParameters}),Io(t,i)}async function $c(e,t,r,n,o,i){if(!n.earJwk)throw Ei(Mo);const s=await zc(t,r,n,o,i);Pt(s,M),function(e,t){e.set("ear_jwk",encodeURIComponent(t)),e.set("ear_jwe_crypto","eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}(s,n.earJwk),Bt(s,n.codeChallenge,c),Qt(s,{...n.extraParameters});const a=new Map;Qt(a,n.extraQueryParameters||{});return Wc(e,Io(r,a),s)}async function Jc(e,t,r,n,o,i){const s=await zc(t,r,n,o,i);Pt(s,O),Bt(s,n.codeChallenge,n.codeChallengeMethod||c),Qt(s,{...n.extraParameters});const a=new Map;Qt(a,n.extraQueryParameters||{});return Wc(e,Io(r,a),s)}function Wc(e,t,r){const n=e.createElement("form");return n.method="post",n.action=t,r.forEach(((t,r)=>{const o=e.createElement("input");o.hidden=!0,o.name=r,o.value=t,n.appendChild(o)})),e.body.appendChild(n),n}async function Gc(e,t,r,n,o,i,s,a,c,h){if(a.verbose("11qcow",e.correlationId),!h)throw Ei(mi);const l=new Na(a,c),d=new Bc(n,o,l,a,s,n.system.navigationClient,r,c,h,t,i,e.correlationId),{userRequestState:u}=Cn(l.base64Decode,e.state);return Un(d.acquireToken.bind(d),ma,a,c,e.correlationId)({...e,state:u,prompt:void 0})}async function Qc(e,t,r,n,o,i,s,a,c,h,l,d){if(ro.removeThrottle(s,o.auth.clientId,e),t.accountId)return Un(Gc,Aa,h,l,e.correlationId)(e,t.accountId,n,o,s,a,c,h,l,d);const u={...e,code:t.code||"",codeVerifier:r},g=new Lc(i,s,u,h,l);return await Un(g.handleCodeResponse.bind(g),"handleCodeResponse",h,l,e.correlationId)(t,e)}async function Vc(e,t,r,n,o,i,s,a,c,h,l){if(ro.removeThrottle(i,n.auth.clientId,e),Co(t,e.state),!t.ear_jwe)throw Ei(xo);if(!e.earJwk)throw Ei(Mo);const d=JSON.parse(await Un(Ns,"decryptEarResponse",c,h,e.correlationId)(e.earJwk,t.ear_jwe));if(d.accountId)return Un(Gc,Aa,c,h,e.correlationId)(e,d.accountId,r,n,i,s,a,c,h,l);const u=new Vn(n.auth.clientId,i,new Na(c,h),c,h,null,null);u.validateTokenResponse(d,e.correlationId);const g={code:"",state:e.state,nonce:e.nonce,client_info:d.client_info,cloud_graph_host_name:d.cloud_graph_host_name,cloud_instance_host_name:d.cloud_instance_host_name,cloud_instance_name:d.cloud_instance_name,msgraph_host:d.msgraph_host};return await Un(u.handleServerTokenResponse.bind(u),Mn,c,h,e.correlationId)(d,o,vn(),e,g,void 0,void 0,void 0,void 0)}async function Xc(e,t,r){const n=Nn(Yc,"generateCodeVerifier",t,e,r)(e,t,r);return{verifier:n,challenge:await Un(Zc,"generateCodeChallengeFromVerifier",t,e,r)(n,e,t,r)}}function Yc(e,t,r){try{const n=new Uint8Array(32);Nn(Rs,"getRandomValues",t,e,r)(n);return ps(n)}catch(e){throw Ei(Oo)}}async function Zc(e,t,r,n){try{const o=await Un(Ps,"sha256Digest",r,t,n)(e);return ps(new Uint8Array(o))}catch(e){throw Ei(Oo)}}class eh{navigateInternal(e,t){return eh.defaultNavigateWindow(e,t)}navigateExternal(e,t){return eh.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(((e,r)=>{setTimeout((()=>{r(Ei(Ti,"failed_to_redirect"))}),t.timeout)}))}}class th{async sendGetRequestAsync(e,t){let r,n={},o=0;const i=rh(t);try{r=await fetch(e,{method:Wi,headers:i})}catch(e){throw oo(Ei(window.navigator.onLine?oi:ri),void 0,void 0,e)}n=nh(r.headers);try{return o=r.status,{headers:n,body:await r.json(),status:o}}catch(e){throw oo(Ei(ii),o,n,e)}}async sendPostRequestAsync(e,t){const r=t&&t.body||"",n=rh(t);let o,i=0,s={};try{o=await fetch(e,{method:Gi,headers:n,body:r})}catch(e){throw oo(Ei(window.navigator.onLine?ni:ri),void 0,void 0,e)}s=nh(o.headers);try{return i=o.status,{headers:s,body:await o.json(),status:i}}catch(e){throw oo(Ei(ii),i,s,e)}}}function rh(e){try{const t=new Headers;if(!e||!e.headers)return t;const r=e.headers;return Object.entries(r).forEach((([e,r])=>{t.append(e,r)})),t}catch(e){throw oo(Ei(Ci),void 0,void 0,e)}}function nh(e){try{const t={};return e.forEach(((e,r)=>{t[r]=e})),t}catch(e){throw Ei(vi)}}function oh({auth:r,cache:n,system:o,telemetry:c},h){const l={clientId:"",authority:`${t}`,knownAuthorities:[],cloudDiscoveryMetadata:"",authorityMetadata:"",redirectUri:"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:"",postLogoutRedirectUri:"",clientCapabilities:[],OIDCOptions:{responseMode:x.FRAGMENT,defaultScopes:[i,s,a]},azureCloudOptions:{azureCloudInstance:pr.None,tenant:""},instanceAware:!1},d={cacheLocation:Ji.SessionStorage,cacheRetentionDays:5},u={loggerCallback:()=>{},logLevel:e.LogLevel.Info,piiLoggingEnabled:!1},g={...{...Gr,loggerOptions:u,networkClient:h?new th:yo,navigationClient:new eh,popupBridgeTimeout:o?.popupBridgeTimeout||6e4,iframeBridgeTimeout:o?.iframeBridgeTimeout||1e4,redirectNavigationTimeout:3e4,allowRedirectInIframe:!1,navigatePopups:!0,allowPlatformBroker:!1,nativeBrokerHandshakeTimeout:o?.nativeBrokerHandshakeTimeout||2e3,protocolMode:Hr.AAD},...o,loggerOptions:o?.loggerOptions||u},p={application:{appName:"",appVersion:""},client:new Wr};if(o?.protocolMode!==Hr.OIDC&&r?.OIDCOptions){new dr(g.loggerOptions).warning(JSON.stringify(ve(Ke)),"")}if(o?.protocolMode&&o.protocolMode===Hr.OIDC&&g?.allowPlatformBroker)throw ve(Be);return{auth:{...l,...r,OIDCOptions:{...l.OIDCOptions,...r?.OIDCOptions}},cache:{...d,...n},system:g,telemetry:{...p,...c}}}class ih{constructor(e,t,r,n){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=n,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=r.startMeasurement("nativeMessageHandlerHandshake"),this.platformAuthType=Ki}async sendMessage(e){this.logger.trace("0on4p2",e.correlationId);const t={method:ji,request:e},r={channel:qi,extensionId:this.extensionId,responseId:Ms(),body:t};this.logger.trace("1qadfi",e.correlationId),this.logger.tracePii("1xm533",e.correlationId),this.messageChannel.port1.postMessage(r);const n=await new Promise(((e,t)=>{this.resolvers.set(r.responseId,{resolve:e,reject:t})}));return this.validatePlatformBrokerResponse(n)}static async createProvider(e,t,r,n){e.trace("15zfnw",n);try{const o=new ih(e,t,r,Ni);return await o.sendHandshakeRequest(n),o}catch(o){const i=new ih(e,t,r);return await i.sendHandshakeRequest(n),i}}async sendHandshakeRequest(e){this.logger.trace("1dpg9o",e),window.addEventListener("message",this.windowListener,!1);const t={channel:qi,extensionId:this.extensionId,responseId:Ms(),body:{method:Bi}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=e=>{this.onChannelMessage(e)},window.postMessage(t,window.origin,[this.messageChannel.port2]),new Promise(((e,r)=>{this.handshakeResolvers.set(t.responseId,{resolve:e,reject:r}),this.timeoutId=window.setTimeout((()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(Ei(gi)),this.handshakeResolvers.delete(t.responseId)}),this.handshakeTimeoutMs)}))}onWindowMessage(e){const t=da();if(this.logger.trace("0jpn5u",t),e.source!==window)return;const r=e.data;if(r.channel&&r.channel===qi&&(!r.extensionId||r.extensionId===this.extensionId)&&r.body.method===Bi){const e=this.handshakeResolvers.get(r.responseId);if(!e)return void this.logger.trace("07buhm",t);this.logger.verbose(r.extensionId?"0xrkug":"No extension installed",t),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),e.reject(Ei(pi))}}onChannelMessage(e){const t=da();this.logger.trace("1py8yf",t);const r=e.data,n=this.resolvers.get(r.responseId),o=this.handshakeResolvers.get(r.responseId);try{const e=r.body.method;if(e===$i){if(!n)return;const e=r.body.response;if(this.logger.trace("19hpgm",t),this.logger.tracePii("179a24",t),"Success"!==e.status)n.reject(Fc(e.code,e.description,e.ext));else{if(!e.result)throw Ie(vo,"Event does not contain result.");e.result.code&&e.result.description?n.reject(Fc(e.result.code,e.result.description,e.result.ext)):n.resolve(e.result)}this.resolvers.delete(r.responseId)}else if(e===zi){if(!o)return void this.logger.trace("082qnt",t);clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=r.extensionId,this.extensionVersion=r.body.version,this.logger.verbose("0yf5ib",t),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),o.resolve(),this.handshakeResolvers.delete(r.responseId)}}catch(e){this.logger.error("0xf978",t),this.logger.errorPii("04i99o",t),this.logger.errorPii("0xdvsy",t),n?n.reject(e):o&&o.reject(e)}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw Ie(vo,"Response missing expected properties.")}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}getExtensionName(){return this.getExtensionId()===Ni?"chrome":this.getExtensionId()?.length?"unknown":void 0}}class sh{constructor(e,t,r){this.logger=e,this.performanceClient=t,this.correlationId=r,this.platformAuthType=Fi}static async createProvider(e,t,r){if(e.trace("12mj4a",r),window.navigator?.platformAuthentication){const n=await window.navigator.platformAuthentication.getSupportedContracts(Li);if(n?.includes(Di))return e.trace("1h5q1r",r),new sh(e,t,r)}}getExtensionId(){return Li}getExtensionVersion(){return""}getExtensionName(){return Hi}async sendMessage(e){this.logger.trace("02bcil",e.correlationId);try{const t=this.initializePlatformDOMRequest(e),r=await window.navigator.platformAuthentication.executeGetToken(t);return this.validatePlatformBrokerResponse(r,e.correlationId)}catch(t){throw this.logger.error("11im7g",e.correlationId),t}}initializePlatformDOMRequest(e){this.logger.trace("15d6yv",e.correlationId);const{accountId:t,clientId:r,authority:n,scope:o,redirectUri:i,correlationId:s,state:a,storeInCache:c,embeddedClientId:h,extraParameters:l,...d}=e,u=this.getDOMExtraParams(d);return{accountId:t,brokerId:this.getExtensionId(),authority:n,clientId:r,correlationId:s||this.correlationId,extraParameters:{...l,...u},isSecurityTokenService:!1,redirectUri:i,scope:o,state:a,storeInCache:c,embeddedClientId:h}}validatePlatformBrokerResponse(e,t){if(e.hasOwnProperty("isSuccess")){if(e.hasOwnProperty("accessToken")&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("clientInfo")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scopes")&&e.hasOwnProperty("expiresIn"))return this.logger.trace("0h4vei",t),this.convertToPlatformBrokerResponse(e,t);if(e.hasOwnProperty("error")){const r=e;if(!1===r.isSuccess&&r.error&&r.error.code)throw this.logger.trace("0g92vm",t),Fc(r.error.code,r.error.description,{error:parseInt(r.error.errorCode),protocol_error:r.error.protocolError,status:r.error.status,properties:r.error.properties})}}throw Ie(vo,"Response missing expected properties.")}convertToPlatformBrokerResponse(e,t){this.logger.trace("14913t",t);return{access_token:e.accessToken,id_token:e.idToken,client_info:e.clientInfo,account:e.account,expires_in:e.expiresIn,scope:e.scopes,state:e.state||"",properties:e.properties||{},extendedLifetimeToken:e.extendedLifetimeToken??!1,shr:e.proofOfPossessionPayload}}getDOMExtraParams(e){return{...Object.entries(e).reduce(((e,[t,r])=>(e[t]=String(r),e)),{})}}}async function ah(e,t,r,n){e.trace("134j0v",r);const o=function(){let e;try{return e=window[Ji.SessionStorage],"true"===e?.getItem(Xa)}catch(e){return!1}}();let i;e.trace("04c81g",r);try{o&&(i=await sh.createProvider(e,t,r)),i||(e.trace("0l3na8",r),i=await ih.createProvider(e,n||2e3,t,r))}catch(t){e.trace("0icbd7",t)}return i}function ch(e,t,r,n,o){if(t.trace("0uko3r",r),!e.system.allowPlatformBroker)return t.trace("04hozs",r),!1;if(!n)return t.trace("0kvv1r",r),!1;if(o)switch(o){case G.BEARER:case G.POP:return t.trace("18tev1",r),!0;default:return t.trace("1dd2nh",r),!1}return!0}class hh extends xc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a,this.eventHandler=o}acquireToken(e,t){let r;try{if(r={popupName:this.generatePopupName(e.scopes||p,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window},this.performanceClient.addFields({isAsyncPopup:!this.config.system.navigatePopups},this.correlationId),this.config.system.navigatePopups){const n={...e,httpMethod:Mc(e,this.config.system.protocolMode)};return this.logger.verbose("1f9ok3",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.acquireTokenPopupAsync(n,r,t)}return this.logger.verbose("162h4u",this.correlationId),this.acquireTokenPopupAsync(e,r,t)}catch(e){return Promise.reject(e)}}logout(e){try{this.logger.verbose("068rup",this.correlationId);const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:e?.popupWindowAttributes||{},popupWindowParent:e?.popupWindowParent??window},n=e&&e.authority,o=e&&e.mainWindowRedirectUri;return this.config.system.navigatePopups?(this.logger.verbose("1a28da",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,n,o)):(this.logger.verbose("1phd8u",this.correlationId),this.logoutPopupAsync(t,r,n,o))}catch(e){return Promise.reject(e)}}async acquireTokenPopupAsync(t,r,n){this.logger.verbose("1g77pg",this.correlationId);const o=await Un(qc,Ta,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Popup,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.popup&&la(o.authority);const i=ch(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);return o.platformBroker=i,this.config.system.protocolMode===Hr.EAR?this.executeEarFlow(o,r,n):this.executeCodeFlow(o,r,n)}async executeCodeFlow(t,r,n){const o=t.correlationId,i=_c(is.acquireTokenPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),s=n||await Un(Xc,Ea,this.logger,this.performanceClient,o)(this.performanceClient,this.logger,o),a={...t,codeChallenge:s.challenge};try{const n=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,o)({serverTelemetryManager:i,requestAuthority:a.authority,requestAzureCloudOptions:a.azureCloudOptions,requestExtraQueryParameters:a.extraQueryParameters,account:a.account});if(a.httpMethod===g)return await this.executeCodeFlowWithPost(a,r,n,s.verifier);{const i=await Un(jc,Pn,this.logger,this.performanceClient,o)(this.config,n.authority,a,this.logger,this.performanceClient),c=this.initiateAuthRequest(i,r);this.eventHandler.emitEvent(gc.POPUP_OPENED,e.InteractionType.Popup,{popupWindow:c},null);const h=await ea(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,t),l=Nn(Nc,_a,this.logger,this.performanceClient,this.correlationId)(h,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return await Un(Qc,Sa,this.logger,this.performanceClient,o)(t,l,s.verifier,is.acquireTokenPopup,this.config,n,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}catch(e){throw r.popup?.close(),e instanceof we&&(e.setCorrelationId(this.correlationId),i.cacheFailedRequest(e)),e}}async executeEarFlow(e,t,r){const{correlationId:n,authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=e,c=await Un(Ec,pa,this.logger,this.performanceClient,n)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a),h=await Un(qs,Oa,this.logger,this.performanceClient,n)(),l=r||await Un(Xc,Ea,this.logger,this.performanceClient,n)(this.performanceClient,this.logger,n),d={...e,earJwk:h,codeChallenge:l.challenge},u=t.popup||this.openPopup("about:blank",t);(await $c(u.document,this.config,c,d,this.logger,this.performanceClient)).submit();const g=await Un(ea,Ca,this.logger,this.performanceClient,n)(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,d),p=Nn(Nc,_a,this.logger,this.performanceClient,this.correlationId)(g,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);if(!p.ear_jwe&&p.code){const t=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,n)({serverTelemetryManager:_c(is.acquireTokenPopup,this.config.auth.clientId,n,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:c});return Un(Qc,Sa,this.logger,this.performanceClient,n)(d,p,l.verifier,is.acquireTokenPopup,this.config,t,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Un(Vc,ba,this.logger,this.performanceClient,n)(d,p,is.acquireTokenPopup,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async executeCodeFlowWithPost(e,t,r,n){const o=e.correlationId,i=await Un(Ec,pa,this.logger,this.performanceClient,o)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger),s=t.popup||this.openPopup("about:blank",t);(await Jc(s.document,this.config,i,e,this.logger,this.performanceClient)).submit();const a=await Un(ea,Ca,this.logger,this.performanceClient,o)(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,e),c=Nn(Nc,_a,this.logger,this.performanceClient,this.correlationId)(a,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return Un(Qc,Sa,this.logger,this.performanceClient,o)(e,c,n,is.acquireTokenPopup,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async logoutPopupAsync(t,r,n,o){this.logger.verbose("0b7yrk",this.correlationId),this.eventHandler.emitEvent(gc.LOGOUT_START,e.InteractionType.Popup,t);const i=_c(is.logoutPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{await Pc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account);const s=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:i,requestAuthority:n,account:t.account||void 0});try{s.authority.endSessionEndpoint}catch{if(t.account?.homeAccountId&&t.postLogoutRedirectUri&&s.authority.protocolMode===Hr.OIDC){if(this.eventHandler.emitEvent(gc.LOGOUT_SUCCESS,e.InteractionType.Popup,t),o){const e={apiId:is.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=vr.getAbsoluteUrl(o,ta());await this.navigationClient.navigateInternal(t,e)}return void r.popup?.close()}}const a=s.getLogoutUri(t);this.eventHandler.emitEvent(gc.LOGOUT_SUCCESS,e.InteractionType.Popup,t);const c=this.openPopup(a,r);if(this.eventHandler.emitEvent(gc.POPUP_OPENED,e.InteractionType.Popup,{popupWindow:c},null),await ea(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,t).catch((()=>{})),o){const e={apiId:is.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=vr.getAbsoluteUrl(o,ta());this.logger.verbose("0qcur2",this.correlationId),this.logger.verbosePii("0oj7lk",this.correlationId),await this.navigationClient.navigateInternal(t,e)}else this.logger.verbose("03zgcf",this.correlationId)}catch(t){throw r.popup?.close(),t instanceof we&&(t.setCorrelationId(this.correlationId),i.cacheFailedRequest(t)),this.eventHandler.emitEvent(gc.LOGOUT_FAILURE,e.InteractionType.Popup,null,t),this.eventHandler.emitEvent(gc.LOGOUT_END,e.InteractionType.Popup),t}this.eventHandler.emitEvent(gc.LOGOUT_END,e.InteractionType.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii("1kcr9k",this.correlationId),this.openPopup(e,t);throw this.logger.error("1l7hyp",this.correlationId),Ei(No)}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii("0cgeo7",this.correlationId),r.location.assign(e)):void 0===t.popup&&(this.logger.verbosePii("0c2awd",this.correlationId),r=this.openSizedPopup(e,t)),!r)throw Ei(jo);return r.focus&&r.focus(),this.currentWindow=r,r}catch(e){throw this.logger.error("0dxfb9",this.correlationId),Ei(zo)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:n}){const o=n.screenLeft?n.screenLeft:n.screenX,i=n.screenTop?n.screenTop:n.screenY,s=n.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,a=n.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let c=r.popupSize?.width,h=r.popupSize?.height,l=r.popupPosition?.top,d=r.popupPosition?.left;return(!c||c<0||c>s)&&(this.logger.verbose("08vfmo",this.correlationId),c=Ri),(!h||h<0||h>a)&&(this.logger.verbose("09cxa0",this.correlationId),h=Oi),(!l||l<0||l>a)&&(this.logger.verbose("1qh4wo",this.correlationId),l=Math.max(0,a/2-Oi/2+i)),(!d||d<0||d>s)&&(this.logger.verbose("1sz3en",this.correlationId),d=Math.max(0,s/2-Ri/2+o)),n.open(e,t,`width=${c}, height=${h}, top=${l}, left=${d}, scrollbars=yes`)}generatePopupName(e,t){return`${Mi}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${Mi}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}class lh extends xc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a}async acquireToken(t){const r=await Un(qc,Ta,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Redirect,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.platformBroker=ch(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);const n=t=>{t.persisted&&(this.logger.verbose("0udvtt",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),this.eventHandler.emitEvent(gc.RESTORE_FROM_BFCACHE,e.InteractionType.Redirect))},o=this.getRedirectStartPage(t.redirectStartPage);this.logger.verbosePii("0zao0a",this.correlationId),this.browserStorage.setTemporaryCache(Xi,o,!0),window.addEventListener("pageshow",n);try{this.config.system.protocolMode===Hr.EAR?await this.executeEarFlow(r):await this.executeCodeFlow(r)}catch(e){throw e instanceof we&&e.setCorrelationId(this.correlationId),window.removeEventListener("pageshow",n),e}}async executeCodeFlow(e){const t=e.correlationId,r=_c(is.acquireTokenRedirect,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),n=await Un(Xc,Ea,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),o={...e,codeChallenge:n.challenge};this.browserStorage.cacheAuthorizeRequest(o,this.correlationId,n.verifier);try{if(o.httpMethod===g)return await this.executeCodeFlowWithPost(o);{const t=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:r,requestAuthority:o.authority,requestAzureCloudOptions:o.azureCloudOptions,requestExtraQueryParameters:o.extraQueryParameters,account:o.account}),n=await Un(jc,Pn,this.logger,this.performanceClient,e.correlationId)(this.config,t.authority,o,this.logger,this.performanceClient);return await this.initiateAuthRequest(n)}}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),r.cacheFailedRequest(e)),e}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Un(Ec,pa,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Un(qs,Oa,this.logger,this.performanceClient,t)(),c=await Un(Xc,Ea,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge};this.browserStorage.cacheAuthorizeRequest(h,this.correlationId,c.verifier);return(await $c(document,this.config,s,h,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Ei(Ti,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async executeCodeFlowWithPost(e){const t=e.correlationId,r=await Un(Ec,pa,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger);this.browserStorage.cacheAuthorizeRequest(e,this.correlationId);return(await Jc(document,this.config,r,e,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Ei(Ti,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async handleRedirectPromise(e,t,r,n){const o=_c(is.handleRedirectPromise,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),i=n?.navigateToLoginRequestUrl??!0;try{const[s,a]=this.getRedirectResponse(n?.hash||"");if(!s)return this.logger.info("1qmv0q",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),"back_forward"!==function(){if("undefined"==typeof window||void 0===window.performance||"function"!=typeof window.performance.getEntriesByType)return;const e=window.performance.getEntriesByType("navigation"),t=e.length?e[0]:void 0;return t?.type}()?r.event.errorCode="no_server_response":this.logger.verbose("1eqegq",this.correlationId),null;const c=this.browserStorage.getTemporaryCache(Xi,this.correlationId,!0)||"",h=sr(c);if(h===sr(window.location.href)&&i){this.logger.verbose("11yred",this.correlationId),c.indexOf("#")>-1&&Qs(c);return await this.handleResponse(s,e,t,o)}if(!i)return this.logger.verbose("0v4sdv",this.correlationId),await this.handleResponse(s,e,t,o);if(!Vs()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(Yi,a,!0);const r={apiId:is.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let n=!0;if(c&&"null"!==c)this.logger.verbose("08jpy1",this.correlationId),n=await this.navigationClient.navigateInternal(c,r);else{const e=ra();this.browserStorage.setTemporaryCache(Xi,e,!0),this.logger.warning("1dutq1",this.correlationId),n=await this.navigationClient.navigateInternal(e,r)}if(!n)return await this.handleResponse(s,e,t,o)}return null}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),o.cacheFailedRequest(e)),e}}getRedirectResponse(t){this.logger.verbose("1c5i8m",this.correlationId);let r=t;r||(r=this.config.auth.OIDCOptions.responseMode===x.QUERY?window.location.search:window.location.hash);let n=or(r);if(n){try{Uc(n,this.browserCrypto,e.InteractionType.Redirect)}catch(e){return e instanceof we&&this.logger.error("0bkq6p",this.correlationId),[null,""]}return Gs(window),this.logger.verbose("00uvho",this.correlationId),[n,r]}const o=this.browserStorage.getTemporaryCache(Yi,this.correlationId,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Yi)),o&&(n=or(o),n)?(this.logger.verbose("001671",this.correlationId),[n,o]):[null,""]}async handleResponse(e,t,r,n){if(!e.state)throw Ei(Lo);const{authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=t;if(e.ear_jwe){const r=await Un(Ec,pa,this.logger,this.performanceClient,t.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a);return Un(Vc,ba,this.logger,this.performanceClient,t.correlationId)(t,e,is.acquireTokenRedirect,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}const c=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority});return Un(Qc,Sa,this.logger,this.performanceClient,t.correlationId)(t,e,r,is.acquireTokenRedirect,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async initiateAuthRequest(e){if(this.logger.verbose("0yaw2e",this.correlationId),e){this.logger.infoPii("1luf83",this.correlationId);const t={apiId:is.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},r=this.config.auth.onRedirectNavigate;if("function"==typeof r){this.logger.verbose("1nehvl",this.correlationId);return!1!==r(e)?(this.logger.verbose("1a0jxh",this.correlationId),void await this.navigationClient.navigateExternal(e,t)):void this.logger.verbose("09k5h5",this.correlationId)}return this.logger.verbose("0klwf7",this.correlationId),void await this.navigationClient.navigateExternal(e,t)}throw this.logger.info("0rlh4e",this.correlationId),Ei(No)}async logout(t){this.logger.verbose("1rkurh",this.correlationId);const r=this.initializeLogoutRequest(t),n=_c(is.logout,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{this.eventHandler.emitEvent(gc.LOGOUT_START,e.InteractionType.Redirect,t),await Pc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,r.account);const o={apiId:is.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t&&t.authority,requestExtraQueryParameters:t?.extraQueryParameters,account:t&&t.account||void 0});if(i.authority.protocolMode===Hr.OIDC)try{i.authority.endSessionEndpoint}catch{if(r.account?.homeAccountId)return void this.eventHandler.emitEvent(gc.LOGOUT_SUCCESS,e.InteractionType.Redirect,r)}const s=i.getLogoutUri(r);r.account?.homeAccountId&&this.eventHandler.emitEvent(gc.LOGOUT_SUCCESS,e.InteractionType.Redirect,r);const a=this.config.auth.onRedirectNavigate;if("function"!=typeof a)return this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Vi),void await this.navigationClient.navigateExternal(s,o);if(!1!==a(s))return this.logger.verbose("06v57e",this.correlationId),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Vi),void await this.navigationClient.navigateExternal(s,o);this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("0xqes1",this.correlationId)}catch(t){throw t instanceof we&&(t.setCorrelationId(this.correlationId),n.cacheFailedRequest(t)),this.eventHandler.emitEvent(gc.LOGOUT_FAILURE,e.InteractionType.Redirect,null,t),this.eventHandler.emitEvent(gc.LOGOUT_END,e.InteractionType.Redirect),t}this.eventHandler.emitEvent(gc.LOGOUT_END,e.InteractionType.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return vr.getAbsoluteUrl(t,ta())}}async function dh(e,t,r,n){if(!e)throw r.info("1l7hyp",n),Ei(No);return Nn(ph,"silentHandlerLoadFrameSync",r,t,n)(e)}async function uh(e,t,r,n,o){const i=mh();if(!i.contentDocument)throw"No document associated with iframe!";return(await Jc(i.contentDocument,e,t,r,n,o)).submit(),i}async function gh(e,t,r,n,o){const i=mh();if(!i.contentDocument)throw"No document associated with iframe!";return(await $c(i.contentDocument,e,t,r,n,o)).submit(),i}function ph(e){const t=mh();return t.src=e,t}function mh(){const e=document.createElement("iframe");return e.className="msalSilentIframe",e.style.visibility="hidden",e.style.position="absolute",e.style.width=e.style.height="0",e.style.border="0",e.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),e.setAttribute("allow","local-network-access *"),document.body.appendChild(e),e}class fh extends xc{constructor(e,t,r,n,o,i,s,a,c,h,l){super(e,t,r,n,o,i,a,h,l),this.apiId=s,this.nativeStorage=c}async acquireToken(t){t.loginHint||t.sid||t.account&&t.account.username||this.logger.warning("1kl318",this.correlationId);const r={...t};r.prompt?r.prompt!==R.NONE&&r.prompt!==R.NO_SESSION&&(this.logger.warning("0bmctg",this.correlationId),r.prompt=R.NONE):r.prompt=R.NONE;const n=await Un(qc,Ta,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);return n.platformBroker=ch(this.config,this.logger,this.correlationId,this.platformAuthProvider,n.authenticationScheme),la(n.authority),this.config.system.protocolMode===Hr.EAR?this.executeEarFlow(n):this.executeCodeFlow(n)}async executeCodeFlow(e){let t;const r=_c(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{return t=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await Un(this.silentTokenHelper.bind(this),wa,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(n){if(n instanceof we&&(n.setCorrelationId(this.correlationId),r.cacheFailedRequest(n)),!(t&&n instanceof we&&n.errorCode===Pi))throw n;return this.performanceClient.addFields({retryError:n.errorCode},this.correlationId),await Un(this.silentTokenHelper.bind(this),wa,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Un(Ec,pa,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Un(qs,Oa,this.logger,this.performanceClient,t)(),c=await Un(Xc,Ea,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge};await Un(gh,Ia,this.logger,this.performanceClient,t)(this.config,s,h,this.logger,this.performanceClient);const l=this.config.auth.OIDCOptions.responseMode,d=await Un(ea,Ca,this.logger,this.performanceClient,t)(this.config.system.iframeBridgeTimeout,this.logger,this.browserCrypto,e),u=Nn(Nc,_a,this.logger,this.performanceClient,t)(d,l,this.logger,this.correlationId);if(!u.ear_jwe&&u.code){const r=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,t)({serverTelemetryManager:_c(this.apiId,this.config.auth.clientId,t,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:s});return Un(Qc,Sa,this.logger,this.performanceClient,t)(h,u,c.verifier,this.apiId,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Un(Vc,ba,this.logger,this.performanceClient,t)(h,u,this.apiId,this.config,s,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}logout(){return Promise.reject(Ei(Vo))}async silentTokenHelper(e,t){const r=t.correlationId,n=await Un(Xc,Ea,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),o={...t,codeChallenge:n.challenge};if(t.httpMethod===g)await Un(uh,Ia,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);else{const t=await Un(jc,Pn,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);await Un(dh,Ia,this.logger,this.performanceClient,r)(t,this.performanceClient,this.logger,r)}const i=this.config.auth.OIDCOptions.responseMode,s=await Un(ea,Ca,this.logger,this.performanceClient,r)(this.config.system.iframeBridgeTimeout,this.logger,this.browserCrypto,t),a=Nn(Nc,_a,this.logger,this.performanceClient,r)(s,i,this.logger,this.correlationId);return Un(Qc,Sa,this.logger,this.performanceClient,r)(t,a,n.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}class yh extends xc{async acquireToken(e){const t=await Un(Rc,ya,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger,this.correlationId),r={...e,...t};e.redirectUri&&(r.redirectUri=Sc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId));const n=_c(is.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),o=await this.createRefreshTokenClient({serverTelemetryManager:n,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return Un(o.acquireTokenByRefreshToken.bind(o),"refreshTokenClientAcquireTokenByRefreshToken",this.logger,this.performanceClient,e.correlationId)(r).catch((e=>{throw e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e),e}))}logout(){return Promise.reject(Ei(Vo))}async createRefreshTokenClient(e){const t=await Un(this.getClientConfiguration.bind(this),ka,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new mo(t,this.performanceClient)}}class wh extends po{constructor(e,t){super(e,t),this.includeRedirectUri=!1}}class Ih extends xc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,a,c,h),this.apiId=s}async acquireToken(t){if(!t.code)throw Ei(ci);const r=await Un(qc,Ta,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),n=_c(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const e={...r,code:t.code},o=await Un(this.getClientConfiguration.bind(this),ka,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:r.authority,requestAzureCloudOptions:r.azureCloudOptions,requestExtraQueryParameters:r.extraQueryParameters,account:r.account}),i=new wh(o,this.performanceClient);this.logger.verbose("1uic5e",this.correlationId);const s=new Lc(i,this.browserStorage,e,this.logger,this.performanceClient);return await Un(s.handleCodeResponseFromServer.bind(s),Rn,this.logger,this.performanceClient,this.correlationId)({code:t.code,msgraph_host:t.msGraphHost,cloud_graph_host_name:t.cloudGraphHostName,cloud_instance_host_name:t.cloudInstanceHostName},r,!1)}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e)),e}}logout(){return Promise.reject(Ei(Vo))}}function Ch(e,t,r){try{ca(e)}catch(e){throw t.end({success:!1},e,r),e}}class vh{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new Na(this.logger,this.performanceClient):ar,this.eventHandler=new bc(this.logger),this.browserStorage=this.isBrowserEnvironment?new yc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,uo(this.config.auth)):Ic(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:Ji.MemoryStorage,cacheRetentionDays:5};this.nativeInternalStorage=new yc(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this)}static async createController(e,t){const r=new vh(e);return await r.initialize(t),r}trackPageVisibility(e){e&&(this.logger.info("16v6hv",e),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e){const t=this.getRequestCorrelationId(e);if(this.logger.trace("1f7joy",t),this.initialized)return void this.logger.info("061m5x",t);if(!this.isBrowserEnvironment)return this.logger.info("19fvpi",t),this.initialized=!0,void this.eventHandler.emitEvent(gc.INITIALIZE_END);const r=e?.correlationId||this.getRequestCorrelationId(),n=this.config.system.allowPlatformBroker,o=this.performanceClient.startMeasurement(za,r);if(this.eventHandler.emitEvent(gc.INITIALIZE_START),this.logMultipleInstances(o,r),await Un(this.browserStorage.initialize.bind(this.browserStorage),"initializeCache",this.logger,this.performanceClient,r)(r),n)try{this.platformAuthProvider=await ah(this.logger,this.performanceClient,r,this.config.system.nativeBrokerHandshakeTimeout)}catch(e){this.logger.verbose(e,r)}this.config.cache.cacheLocation===Ji.LocalStorage&&this.eventHandler.subscribeCrossTab(),!this.config.system.navigatePopups&&await this.preGeneratePkceCodes(r),this.initialized=!0,this.eventHandler.emitEvent(gc.INITIALIZE_END),o.end({allowPlatformBroker:n,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("02l8bm",""),aa(this.initialized),this.isBrowserEnvironment){const t=e?.hash||"";let r=this.redirectResponse.get(t);return void 0===r?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("1wn9kp","")):this.logger.verbose("0w0gm3",""),r}return this.logger.verbose("12xi63",""),null}async handleRedirectPromiseInternal(t){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",""),null;const r=this.browserStorage.getInteractionInProgress()?.type;if(r===Vi)return this.logger.verbose("1ywcv2",""),this.browserStorage.setInteractionInProgress(!1),Promise.resolve(null);const n=this.getAllAccounts(),o=this.browserStorage.getCachedNativeRequest(),i=o&&this.platformAuthProvider&&!t?.hash;let s,a;this.eventHandler.emitEvent(gc.HANDLE_REDIRECT_START,e.InteractionType.Redirect);try{if(i&&this.platformAuthProvider){const e=o?.correlationId||"";s=this.performanceClient.startMeasurement(Ka,e),this.logger.trace("12v7is",e);const t=new Bc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,is.handleRedirectPromise,this.performanceClient,this.platformAuthProvider,o.accountId,this.nativeInternalStorage,o.correlationId);a=Un(t.handleRedirectPromise.bind(t),"handleNativeRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(this.performanceClient,s.event.correlationId)}else{const[e,r]=this.browserStorage.getCachedRequest(""),n=e.correlationId;s=this.performanceClient.startMeasurement(Ka,n),this.logger.trace("0znzs5",n);const o=this.createRedirectClient(n);a=Un(o.handleRedirectPromise.bind(o),"handleRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(e,r,s,t)}}catch(e){throw this.browserStorage.resetRequestCache(""),e}return a.then((t=>{if(t){this.browserStorage.resetRequestCache(t.correlationId),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Redirect,t),this.logger.verbose("0ui8f5",t.correlationId);n.length<this.getAllAccounts().length&&(this.eventHandler.emitEvent(gc.LOGIN_SUCCESS,e.InteractionType.Redirect,t.account),this.logger.verbose("16im3l",t.correlationId)),s.end({success:!0},void 0,t.account)}else s.event.errorCode?s.end({success:!1},void 0):s.discard();return this.eventHandler.emitEvent(gc.HANDLE_REDIRECT_END,e.InteractionType.Redirect),t})).catch((t=>{this.browserStorage.resetRequestCache(s.event.correlationId);const r=t;throw this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Redirect,null,r),this.eventHandler.emitEvent(gc.HANDLE_REDIRECT_END,e.InteractionType.Redirect),s.end({success:!1},r),t}))}async acquireTokenRedirect(t){const r=this.getRequestCorrelationId(t);this.logger.verbose("0os66p",r);const n=this.performanceClient.startMeasurement(Fa,r);n.add({scenarioId:t.scenarioId});const o=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=e=>{const r="function"==typeof o?o(e):void 0;return n.add({navigateCallbackResult:!1!==r}),n.event=n.end({success:!0},void 0,t.account)||n.event,r};try{let o;if(ha(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Qi),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Redirect,t),this.platformAuthProvider&&this.canUsePlatformBroker(t)){o=new Bc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,is.acquireTokenRedirect,this.performanceClient,this.platformAuthProvider,this.getNativeAccountId(t),this.nativeInternalStorage,r).acquireTokenRedirect(t,n).catch((e=>{if(e instanceof Hc&&Dc(e)){this.platformAuthProvider=void 0;return this.createRedirectClient(r).acquireToken(t)}if(e instanceof fn){this.logger.verbose("1ipyz4",r);return this.createRedirectClient(r).acquireToken(t)}throw e}))}else{o=this.createRedirectClient(r).acquireToken(t)}return await o}catch(o){throw this.browserStorage.resetRequestCache(r),2===n.event.status?this.performanceClient.startMeasurement(Ka,r).end({success:!1},o,t.account):n.end({success:!1},o,t.account),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Redirect,null,o),o}}acquireTokenPopup(t){const r=this.getRequestCorrelationId(t),n=this.performanceClient.startMeasurement(Da,r);n.add({scenarioId:t.scenarioId});try{this.logger.verbose("0ch87b",r),Ch(this.initialized,n,t.account),this.browserStorage.setInteractionInProgress(!0,Qi,t.overrideInteractionInProgress,r)}catch(e){return Promise.reject(e)}const o=this.getAllAccounts();let i;this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Popup,t);const s=this.getPreGeneratedPkceCodes(r);if(this.canUsePlatformBroker(t))i=this.acquireTokenNative({...t,correlationId:r},is.acquireTokenPopup).then((e=>(n.end({success:!0,isNativeBroker:!0},void 0,e.account),e))).catch((e=>{if(e instanceof Hc&&Dc(e)){this.platformAuthProvider=void 0;return this.createPopupClient(r).acquireToken(t,s)}if(e instanceof fn){this.logger.verbose("0yy5fw",r);return this.createPopupClient(r).acquireToken(t,s)}throw e}));else{i=this.createPopupClient(r).acquireToken(t,s)}return i.then((t=>{const r=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Popup,t),r&&this.eventHandler.emitEvent(gc.LOGIN_SUCCESS,e.InteractionType.Popup,t.account),n.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t})).catch((r=>(this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Popup,null,r),n.end({success:!1},r,t.account),Promise.reject(r)))).finally((async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.navigatePopups||await this.preGeneratePkceCodes(r)}))}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;e&&e.increment({visibilityChangeCount:1})}async ssoSilent(t){const r=this.getRequestCorrelationId(t),n={...t,prompt:t.prompt,correlationId:r};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(Ba,r),this.ssoSilentMeasurement?.add({scenarioId:t.scenarioId}),Ch(this.initialized,this.ssoSilentMeasurement,t.account),this.ssoSilentMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const o=this.getAllAccounts();let i;if(this.logger.verbose("0w1b45",r),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,n),this.canUsePlatformBroker(n))i=this.acquireTokenNative(n,is.ssoSilent).catch((e=>{if(e instanceof Hc&&Dc(e)){this.platformAuthProvider=void 0;return this.createSilentIframeClient(n.correlationId).acquireToken(n)}throw e}));else{i=this.createSilentIframeClient(n.correlationId).acquireToken(n)}return i.then((t=>{const r=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,t),r&&this.eventHandler.emitEvent(gc.LOGIN_SUCCESS,e.InteractionType.Silent,t.account),this.ssoSilentMeasurement?.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t})).catch((r=>{throw this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,r),this.ssoSilentMeasurement?.end({success:!1},r,t.account),r})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenByCode(t){const r=this.getRequestCorrelationId(t);this.logger.trace("0ch6ga",r);const n=this.performanceClient.startMeasurement(Ha,r);Ch(this.initialized,n),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,t),n.add({scenarioId:t.scenarioId});try{if(t.code&&t.nativeAccountId)throw Ei(li);if(t.code){const o=t.code;let i=this.hybridAuthCodeResponses.get(o);return i?(this.logger.verbose("0qgp28",r),n.discard()):(this.logger.verbose("06eh73",r),i=this.acquireTokenByCodeAsync({...t,correlationId:r}).then((t=>(this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,t),this.hybridAuthCodeResponses.delete(o),n.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((t=>{throw this.hybridAuthCodeResponses.delete(o),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),n.end({success:!1},t),t})),this.hybridAuthCodeResponses.set(o,i)),await i}if(t.nativeAccountId){if(this.canUsePlatformBroker(t,t.nativeAccountId)){const e=await this.acquireTokenNative({...t,correlationId:r},is.acquireTokenByCode,t.nativeAccountId).catch((e=>{throw e instanceof Hc&&Dc(e)&&(this.platformAuthProvider=void 0),e}));return n.end({success:!0},void 0,e.account),e}throw Ei(ui)}throw Ei(hi)}catch(t){throw this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),n.end({success:!1},t),t}}async acquireTokenByCodeAsync(e){const t=this.getRequestCorrelationId(e);this.logger.trace("10d9hy",t),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement("acquireTokenByCodeAsync",t),this.acquireTokenByCodeAsyncMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const r=this.createSilentAuthCodeClient(t);return await r.acquireToken(e).then((e=>(this.acquireTokenByCodeAsyncMeasurement?.end({success:!0,fromCache:e.fromCache,isNativeBroker:e.fromPlatformBroker}),e))).catch((e=>{throw this.acquireTokenByCodeAsyncMeasurement?.end({success:!1},e),e})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenFromCache(e,t){switch(t){case ds.Default:case ds.AccessToken:case ds.AccessTokenAndRefreshToken:const t=this.createSilentCacheClient(e.correlationId);return Un(t.acquireToken.bind(t),"silentCacheClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw be(ft)}}async acquireTokenByRefreshToken(e,t){switch(t){case ds.Default:case ds.AccessTokenAndRefreshToken:case ds.RefreshToken:case ds.RefreshTokenAndNetwork:const t=this.createSilentRefreshClient(e.correlationId);return Un(t.acquireToken.bind(t),"silentRefreshClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw be(ft)}}async acquireTokenBySilentIframe(e){const t=this.createSilentIframeClient(e.correlationId);return Un(t.acquireToken.bind(t),"silentIframeClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e)}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);ha(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Vi);return this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);ca(this.initialized),this.browserStorage.setInteractionInProgress(!0,Vi);return this.createPopupClient(t).logout(e).finally((()=>{this.browserStorage.setInteractionInProgress(!1)}))}catch(e){return Promise.reject(e)}}async clearCache(e){if(!this.isBrowserEnvironment)return;const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return Cc(this.logger,this.browserStorage,this.isBrowserEnvironment,this.getRequestCorrelationId(),e)}getAccount(e){return vc(e,this.logger,this.browserStorage,this.getRequestCorrelationId())}setActiveAccount(e){kc(e,this.browserStorage,this.getRequestCorrelationId())}getActiveAccount(){return Tc(this.browserStorage,this.getRequestCorrelationId())}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=Fr(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,Ir(e.idTokenClaims)),e.fromPlatformBroker?(this.logger.verbose("1fxyu8",e.correlationId),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,r,n){const o=this.getRequestCorrelationId(e);if(this.logger.trace("0b9y3p",o),!this.platformAuthProvider)throw Ei(mi);return new Bc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.platformAuthProvider,r||this.getNativeAccountId(e),this.nativeInternalStorage,o).acquireToken(e,n)}canUsePlatformBroker(e,t){const r=this.getRequestCorrelationId(e);if(this.logger.trace("1n9lbl",r),!this.platformAuthProvider)return this.logger.trace("0vnu11",r),!1;if(!ch(this.config,this.logger,r,this.platformAuthProvider,e.authenticationScheme))return this.logger.trace("1m4bzf",r),!1;if(e.prompt)switch(e.prompt){case R.NONE:case R.CONSENT:case R.LOGIN:this.logger.trace("0vdv8e",r);break;default:return this.logger.trace("0pdzw6",r),!1}return!(!t&&!this.getNativeAccountId(e))||(this.logger.trace("16lbtk",r),!1)}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||this.getActiveAccount();return t&&t.nativeAccountId||""}createPopupClient(e){return new hh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createRedirectClient(e){return new lh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentIframeClient(e){return new fh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,is.ssoSilent,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentCacheClient(e){return new Kc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentRefreshClient(e){return new yh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentAuthCodeClient(e){return new Ih(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,is.acquireTokenByCode,this.performanceClient,e,this.platformAuthProvider)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return sa(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e?.correlationId?e.correlationId:this.isBrowserEnvironment?Ms():""}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0lz9hf",t),this.acquireTokenRedirect({correlationId:t,...e||cs})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0qw7v5",t),this.acquireTokenPopup({correlationId:t,...e||cs})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(La,t);r.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),Ch(this.initialized,r,e.account),this.logger.verbose("0x1c4s",t);const n=e.account||this.getActiveAccount();if(!n)throw Ei(Xo);return this.acquireTokenSilentDeduped(e,n,t).then((n=>(r.end({success:!0,fromCache:n.fromCache,isNativeBroker:n.fromPlatformBroker,accessTokenSize:n.accessToken.length,idTokenSize:n.idToken.length},void 0,n.account),{...n,state:e.state,correlationId:t}))).catch((e=>{throw e instanceof we&&e.setCorrelationId(t),r.end({success:!1},e,n),e}))}async acquireTokenSilentDeduped(e,t,r){const n=to(this.config.auth.clientId,{...e,authority:e.authority||this.config.auth.authority},t.homeAccountId),o=JSON.stringify(n),i=this.activeSilentTokenRequests.get(o);if(void 0===i){this.logger.verbose("0fcjbk",r),this.performanceClient.addFields({deduped:!1},r);const n=Un(this.acquireTokenSilentAsync.bind(this),"acquireTokenSilentAsync",this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(o,n),n.finally((()=>{this.activeSilentTokenRequests.delete(o)}))}return this.logger.verbose("1yq7nb",r),this.performanceClient.addFields({deduped:!0},r),i}async acquireTokenSilentAsync(t,r){const n=()=>this.trackPageVisibility(t.correlationId);this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,t),t.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},t.correlationId),document.addEventListener("visibilitychange",n);const o=await Un(Oc,"initializeSilentRequest",this.logger,this.performanceClient,t.correlationId)(t,r,this.config,this.performanceClient,this.logger),i=t.cacheLookupPolicy||ds.Default;return this.acquireTokenSilentNoIframe(o,i).catch((async e=>{const t=function(e,t){const r=!(e instanceof fn&&e.subError!==un),n=e.errorCode===Pi||e.errorCode===ft,o=r&&n||e.errorCode===on||e.errorCode===an,i=us.includes(t);return o&&i}(e,i);if(t){if(this.activeIframeRequest){if(i!==ds.Skip){const[t,r]=this.activeIframeRequest;this.logger.verbose("1w8fso",o.correlationId);const n=this.performanceClient.startMeasurement("awaitConcurrentIframe",o.correlationId);n.add({awaitIframeCorrelationId:r});const s=await t;if(n.end({success:s}),s)return this.logger.verbose("0ywzzi",o.correlationId),this.acquireTokenSilentNoIframe(o,i);throw this.logger.info("17y14q",o.correlationId),e}return this.logger.warning("1bd4p8",o.correlationId),Un(this.acquireTokenBySilentIframe.bind(this),fa,this.logger,this.performanceClient,o.correlationId)(o)}{let e;return this.activeIframeRequest=[new Promise((t=>{e=t})),o.correlationId],this.logger.verbose("0rh08z",o.correlationId),Un(this.acquireTokenBySilentIframe.bind(this),fa,this.logger,this.performanceClient,o.correlationId)(o).then((t=>(e(!0),t))).catch((t=>{throw e(!1),t})).finally((()=>{this.activeIframeRequest=void 0}))}}throw e})).then((r=>(this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,r),t.correlationId&&this.performanceClient.addFields({fromCache:r.fromCache,isNativeBroker:r.fromPlatformBroker},t.correlationId),r))).catch((t=>{throw this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),t})).finally((()=>{document.removeEventListener("visibilitychange",n)}))}async acquireTokenSilentNoIframe(t,r){return ch(this.config,this.logger,t.correlationId,this.platformAuthProvider,t.authenticationScheme)&&t.account.nativeAccountId?(this.logger.verbose("0sczo4",t.correlationId),this.acquireTokenNative(t,is.acquireTokenSilent_silentFlow,t.account.nativeAccountId,r).catch((async e=>{if(e instanceof Hc&&Dc(e))throw this.logger.verbose("07rkmb",t.correlationId),this.platformAuthProvider=void 0,be(ft);throw e}))):(this.logger.verbose("0ox81t",t.correlationId),r===ds.AccessToken&&this.logger.verbose("0fvwxe",t.correlationId),Un(this.acquireTokenFromCache.bind(this),"acquireTokenFromCache",this.logger,this.performanceClient,t.correlationId)(t,r).catch((n=>{if(r===ds.AccessToken)throw n;return this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_NETWORK_START,e.InteractionType.Silent,t),Un(this.acquireTokenByRefreshToken.bind(this),"acquireTokenByRefreshToken",this.logger,this.performanceClient,t.correlationId)(t,r)})))}async preGeneratePkceCodes(e){return this.logger.verbose("1x6uj6",e),this.pkceCode=await Un(Xc,Ea,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,t?this.logger.verbose("12js1o",e):this.logger.verbose("1oe9ci",e),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}logMultipleInstances(e,t){const r=this.config.auth.clientId;if(!window)return;window.msal=window.msal||{},window.msal.clientIds=window.msal.clientIds||[];window.msal.clientIds.length>0&&this.logger.verbose("1qtz3l",t),window.msal.clientIds.push(r),function(e,t,r,n){const o=window.msal?.clientIds||[],i=o.length,s=o.filter((t=>t===e)).length;s>1&&r.warning("1e88vg",n),t.add({msalInstanceCount:i,sameClientIdInstanceCount:s})}(r,e,this.logger,t)}}class kh{static loggerCallback(t,r){switch(t){case e.LogLevel.Error:return void console.error(r);case e.LogLevel.Info:return void console.info(r);case e.LogLevel.Verbose:return void console.debug(r);case e.LogLevel.Warning:return void console.warn(r);default:return void console.log(r)}}constructor(t){let r;this.browserEnvironment="undefined"!=typeof window,this.config=oh(t,this.browserEnvironment);try{r=window[Ji.SessionStorage]}catch(e){}const n=r?.getItem(Ga),o=r?.getItem(Qa)?.toLowerCase(),i="true"===o||"false"!==o&&void 0,s={...this.config.system.loggerOptions},a=n&&Object.keys(e.LogLevel).includes(n)?e.LogLevel[n]:void 0;a&&(s.loggerCallback=kh.loggerCallback,s.logLevel=a),void 0!==i&&(s.piiLoggingEnabled=i),this.logger=new dr(s,pc,mc),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}class Th extends kh{getModuleName(){return Th.MODULE_NAME}getId(){return Th.ID}async initialize(e){return this.available="undefined"!=typeof window,this.available}}Th.MODULE_NAME="",Th.ID="StandardOperatingContext";const bh="USER_INTERACTION_REQUIRED",Ah="USER_CANCEL",Sh="NO_NETWORK",_h="TRANSIENT_ERROR",Eh="PERSISTENT_ERROR",Ph="DISABLED",Rh="ACCOUNT_UNAVAILABLE",Oh="NESTED_APP_AUTH_UNAVAILABLE";class Mh{constructor(e,t,r,n){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=n}toNaaTokenRequest(e){let t;t=void 0===e.extraQueryParameters?new Map:new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId||this.crypto.createNewGuid(),n=Vt(e.claims,this.clientCapabilities),o=e.scopes||p;return{platformBrokerId:e.account?.homeAccountId,clientId:this.clientId,authority:e.authority,scope:o.join(" "),correlationId:r,claims:ke.isEmptyObj(n)?void 0:n,state:e.state,authenticationScheme:e.authenticationScheme||G.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token||!t.token.access_token)throw be(Qe);const n=Tn(r+(t.token.expires_in||0)),o=wr(t.token.id_token,this.crypto.base64Decode),i=this.fromNaaAccountInfo(t.account,t.token.id_token,o),s=t.token.scope||e.scope;return{authority:t.token.authority||i.environment,uniqueId:i.localAccountId,tenantId:i.tenantId,scopes:s.split(" "),account:i,idToken:t.token.id_token,idTokenClaims:o,accessToken:t.token.access_token,fromCache:!1,expiresOn:n,tokenType:e.authenticationScheme||G.BEARER,correlationId:e.correlationId,extExpiresOn:n,state:e.state}}fromNaaAccountInfo(e,t,r){const n=r||e.idTokenClaims,o=e.localAccountId||n?.oid||n?.sub||"",i=e.tenantId||n?.tid||"",s=e.homeAccountId||`${o}.${i}`,a=e.username||n?.preferred_username||"",c=e.name||n?.name,h=e.loginHint||n?.login_hint,l=new Map,d=fr(s,o,i,n);l.set(i,d);return{homeAccountId:s,environment:e.environment,tenantId:i,username:a,localAccountId:o,name:c,loginHint:h,idToken:t,idTokenClaims:n,tenantProfiles:l}}fromBridgeError(e){if(!function(e){return void 0!==e.status}(e))return new we("unknown_error","An unknown error occurred");switch(e.status){case Ah:return new Te(Tt);case Sh:return new Te(kt);case Rh:return new Te(pt);case Ph:return new Te(At);case Oh:return new Te(e.code||At,e.description);case _h:case Eh:return new nn(e.code,e.description);case bh:return new fn(e.code,e.description);default:return new we(e.code,e.description)}}toAuthenticationResultFromCache(e,t,r,n,o){if(!t||!r)throw be(Qe);const i=wr(t.secret,this.crypto.base64Decode),s=r.target||n.scopes.join(" ");return{authority:r.environment||e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:s.split(" "),account:e,idToken:t.secret,idTokenClaims:i||{},accessToken:r.secret,fromCache:!0,expiresOn:Tn(r.expiresOn),extExpiresOn:Tn(r.extendedExpiresOn),tokenType:n.authenticationScheme||G.BEARER,correlationId:o,state:n.state}}}class xh extends we{constructor(e,t){super(e,t),Object.setPrototypeOf(this,xh.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(){return new xh("unsupported_method")}}class qh{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(void 0===t)throw new Error("unexpected: bridgeProxy is undefined");this.bridgeProxy=t,this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new Na(this.logger,this.performanceClient,!0):ar,this.eventHandler=new bc(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new yc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,uo(this.config.auth)):Ic(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new Mh(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r||null}static async createController(e){const t=new qh(e);return Promise.resolve(t)}async initialize(e,t){const r=e?.correlationId||Ms();return await this.browserStorage.initialize(r),Promise.resolve()}ensureValidRequest(e){return e?.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(t){const r=this.ensureValidRequest(t),n=r.correlationId||Ms();this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Popup,r);const o=this.performanceClient.startMeasurement(Da,n);o.add({nestedAppAuthRequest:!0});try{const i=this.nestedAppAuthAdapter.toNaaTokenRequest(r),s=vn(),a=await this.bridgeProxy.getTokenInteractive(i),c={...this.nestedAppAuthAdapter.fromNaaTokenResponse(i,a,s)};try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Popup,c),o.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),o.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const n=r instanceof we?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Popup,null,r),o.end({success:!1},r,t.account),n}}async acquireTokenSilentInternal(t){const r=this.ensureValidRequest(t),n=r.correlationId||Ms();this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,r);const o=await this.acquireTokenFromCache(r);if(o)return this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,o),o;const i=this.performanceClient.startMeasurement(Ba,n);i.increment({visibilityChangeCount:0}),i.add({nestedAppAuthRequest:!0});try{const o=this.nestedAppAuthAdapter.toNaaTokenRequest(r);o.forceRefresh=r.forceRefresh;const s=vn(),a=await this.bridgeProxy.getTokenSilent(o),c=this.nestedAppAuthAdapter.fromNaaTokenResponse(o,a,s);try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,c),i?.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),i?.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const n=r instanceof we?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,r),i?.end({success:!1},r,t.account),n}}async acquireTokenFromCache(t){const r=t.correlationId||Ms(),n=this.performanceClient.startMeasurement(La,r);if(n?.add({nestedAppAuthRequest:!0}),t.claims)return this.logger.verbose("11t57w",r),null;if(t.forceRefresh)return this.logger.verbose("1ovnmo",r),null;let o=null;switch(t.cacheLookupPolicy||(t.cacheLookupPolicy=ds.Default),t.cacheLookupPolicy){case ds.Default:case ds.AccessToken:case ds.AccessTokenAndRefreshToken:o=await this.acquireTokenFromCacheInternal(t);break;default:return null}return o?(this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,o),n.add({accessTokenSize:o.accessToken.length,idTokenSize:o.idToken.length}),n.end({success:!0},void 0,o.account),o):(this.logger.warning("1yb4fi",r),this.eventHandler.emitEvent(gc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null),n.end({success:!1},void 0,t.account),null)}async acquireTokenFromCacheInternal(e){const t=this.bridgeProxy.getAccountContext()||this.currentAccountContext,r=e.correlationId||Ms();let n=null;if(t&&(n=vc(t,this.logger,this.browserStorage,r)),!n)return this.logger.verbose("10qnr0",r),Promise.resolve(null);this.logger.verbose("1u7hux",r);const o={...e,correlationId:r,authority:e.authority||n.environment,scopes:e.scopes?.length?e.scopes:[...p]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(n,o,i,n.tenantId);if(!s)return this.logger.verbose("03vm49",r),Promise.resolve(null);if(Sn(s.cachedAt)||bn(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("18egye",r),Promise.resolve(null);const a=this.browserStorage.getIdToken(n,o.correlationId,i,n.tenantId);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(n,a,s,o,o.correlationId):(this.logger.verbose("0d68kd",r),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw xh.createUnsupportedError()}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw xh.createUnsupportedError()}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw xh.createUnsupportedError()}removePerformanceCallback(e){throw xh.createUnsupportedError()}getAllAccounts(e){return Cc(this.logger,this.browserStorage,this.isBrowserEnv(),Ms(),e)}getAccount(e){return vc(e,this.logger,this.browserStorage,Ms())}setActiveAccount(e){return kc(e,this.browserStorage,Ms())}getActiveAccount(){return Tc(this.browserStorage,Ms())}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e||cs)}loginRedirect(e){throw xh.createUnsupportedError()}logoutRedirect(e){throw xh.createUnsupportedError()}logoutPopup(e){throw xh.createUnsupportedError()}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("1k8729","")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw xh.createUnsupportedError()}getRedirectResponse(){throw xh.createUnsupportedError()}async clearCache(e){throw xh.createUnsupportedError()}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=Fr(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,Ir(e.idTokenClaims)),this.browserStorage.hydrateCache(e,t)}}class Nh{static async initializeNestedAppAuthBridge(){if(void 0===window)throw new Error("window is undefined");if(void 0===window.nestedAppAuthBridge)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",(e=>{const t="string"==typeof e?e:e.data,r=JSON.parse(t),n=Nh.bridgeRequests.find((e=>e.requestId===r.requestId));void 0!==n&&(Nh.bridgeRequests.splice(Nh.bridgeRequests.indexOf(n),1),r.success?n.resolve(r):n.reject(r.error))}));const e=await new Promise(((e,t)=>{const r=Nh.buildRequest("GetInitContext"),n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Nh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}));return Nh.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:Nh.validateBridgeResultOrThrow(r.token),account:Nh.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:Ms(),sendTime:Date.now(),clientLibrary:xi,clientLibraryVersion:mc,...t}}sendRequest(e,t){const r=Nh.buildRequest(e,t);return new Promise(((e,t)=>{const n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Nh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}))}static validateBridgeResultOrThrow(e){if(void 0===e){throw{status:Oh}}return e}constructor(e,t,r,n){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=n}static async create(){const e=await Nh.initializeNestedAppAuthBridge();return new Nh(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}Nh.bridgeRequests=[];class Uh extends kh{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return Uh.MODULE_NAME}getId(){return Uh.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(e){try{if("undefined"!=typeof window){"function"==typeof window.__initializeNestedAppAuth&&await window.__initializeNestedAppAuth();const e=await Nh.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=void 0!==e}}catch(t){this.logger.infoPii("1mdxyj",e)}return this.logger.info("12jy9a",e),this.available}}Uh.MODULE_NAME="",Uh.ID="NestedAppOperatingContext";class Lh{constructor(e,t){this.controller=t||new vh(new Th(e))}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}getAccount(e){return this.controller.getAccount(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function Hh(e){const t=new Lh(e);return await t.initialize(),t}const Dh={initialize:()=>Promise.reject(Js(Bs)),acquireTokenPopup:()=>Promise.reject(Js(Bs)),acquireTokenRedirect:()=>Promise.reject(Js(Bs)),acquireTokenSilent:()=>Promise.reject(Js(Bs)),acquireTokenByCode:()=>Promise.reject(Js(Bs)),getAllAccounts:()=>[],getAccount:()=>null,handleRedirectPromise:()=>Promise.reject(Js(Bs)),loginPopup:()=>Promise.reject(Js(Bs)),loginRedirect:()=>Promise.reject(Js(Bs)),logoutRedirect:()=>Promise.reject(Js(Bs)),logoutPopup:()=>Promise.reject(Js(Bs)),ssoSilent:()=>Promise.reject(Js(Bs)),addEventCallback:()=>null,removeEventCallback:()=>{},addPerformanceCallback:()=>"",removePerformanceCallback:()=>!1,getLogger:()=>{throw Js(Bs)},setLogger:()=>{},setActiveAccount:()=>{},getActiveAccount:()=>null,initializeWrapperLibrary:()=>{},setNavigationClient:()=>{},getConfiguration:()=>{throw Js(Bs)},hydrateCache:()=>Promise.reject(Js(Bs)),clearCache:()=>Promise.reject(Js(Bs))};function Fh(){let e;try{e=window[Ji.SessionStorage];const t=e?.getItem(Va);if(1===Number(t))return Promise.resolve().then((function(){return jh}))}catch(e){}}function Kh(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.now}function Bh(e){if(e&&Kh())return Math.round(window.performance.now()-e)}class zh{constructor(e,t){this.correlationId=t,this.measureName=zh.makeMeasureName(e,t),this.startMark=zh.makeStartMark(e,t),this.endMark=zh.makeEndMark(e,t)}static makeMeasureName(e,t){return`msal.measure.${e}.${t}`}static makeStartMark(e,t){return`msal.start.${e}.${t}`}static makeEndMark(e,t){return`msal.end.${e}.${t}`}static supportsBrowserPerformance(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.mark&&"function"==typeof window.performance.measure&&"function"==typeof window.performance.clearMarks&&"function"==typeof window.performance.clearMeasures&&"function"==typeof window.performance.getEntriesByName}static flushMeasurements(e,t){if(zh.supportsBrowserPerformance())try{t.forEach((t=>{const r=zh.makeMeasureName(t.name,e);window.performance.getEntriesByName(r,"measure").length>0&&(window.performance.clearMeasures(r),window.performance.clearMarks(zh.makeStartMark(r,e)),window.performance.clearMarks(zh.makeEndMark(r,e)))}))}catch(e){}}startMeasurement(){if(zh.supportsBrowserPerformance())try{window.performance.mark(this.startMark)}catch(e){}}endMeasurement(){if(zh.supportsBrowserPerformance())try{window.performance.mark(this.endMark),window.performance.measure(this.measureName,this.startMark,this.endMark)}catch(e){}}flushMeasurement(){if(zh.supportsBrowserPerformance())try{const e=window.performance.getEntriesByName(this.measureName,"measure");if(e.length>0){const t=e[0].duration;return window.performance.clearMeasures(this.measureName),window.performance.clearMarks(this.startMark),window.performance.clearMarks(this.endMark),t}}catch(e){}return null}}var jh=Object.freeze({__proto__:null,BrowserPerformanceMeasurement:zh});const $h=G,Jh=x,Wh=R,Gh=ae,Qh=p;e.ApiId=is,e.AuthError=we,e.AuthErrorCodes=ko,e.AuthenticationHeaderParser=class{constructor(e){this.headers=e}getShrNonce(){const e=this.headers[v];if(e){const t=this.parseChallenges(e);if(t.nextnonce)return t.nextnonce;throw ve(Fe)}const t=this.headers[C];if(t){const e=this.parseChallenges(t);if(e.nonce)return e.nonce;throw ve(Fe)}throw ve(De)}parseChallenges(e){const t=e.indexOf(" "),r=e.substr(t+1).split(","),n={};return r.forEach((e=>{const[t,r]=e.split("=");n[t]=unescape(r.replace(/['"]+/g,""))})),n}},e.AuthenticationScheme=$h,e.AzureCloudInstance=pr,e.BrowserAuthError=_i,e.BrowserAuthErrorCodes=Ai,e.BrowserCacheLocation=Ji,e.BrowserConfigurationAuthError=$s,e.BrowserConfigurationAuthErrorCodes=js,e.BrowserPerformanceClient=class extends Ro{constructor(e,r){super(e.auth.clientId,e.auth.authority||`${t}`,new dr(e.system?.loggerOptions||{},pc,mc),pc,mc,e.telemetry?.application||{appName:"",appVersion:""},r)}generateId(){return Ms()}getPageVisibility(){return document.visibilityState?.toString()||null}deleteIncompleteSubMeasurements(e){Fh()?.then((t=>{const r=this.eventsByCorrelationId.get(e.event.correlationId),n=r&&r.eventId===e.event.eventId,o=[];n&&r?.incompleteSubMeasurements&&r.incompleteSubMeasurements.forEach((e=>{o.push({...e})})),t.BrowserPerformanceMeasurement.flushMeasurements(e.event.correlationId,o)}))}startMeasurement(e,t){const r=this.getPageVisibility(),n=super.startMeasurement(e,t),o=Kh()?window.performance.now():void 0,i=Fh()?.then((t=>new t.BrowserPerformanceMeasurement(e,n.event.correlationId)));return i?.then((e=>e.startMeasurement())),{...n,end:(e,t,s)=>{const a=n.end({...e,startPageVisibility:r,endPageVisibility:this.getPageVisibility(),durationMs:Bh(o)},t,s);return i?.then((e=>e.endMeasurement())),this.deleteIncompleteSubMeasurements(n),a},discard:()=>{n.discard(),i?.then((e=>e.flushMeasurement())),this.deleteIncompleteSubMeasurements(n)}}}},e.BrowserPerformanceMeasurement=zh,e.BrowserRootPerformanceEvents=$a,e.BrowserUtils=ga,e.CacheLookupPolicy=ds,e.ClientAuthError=Te,e.ClientAuthErrorCodes=St,e.ClientConfigurationError=Ce,e.ClientConfigurationErrorCodes=$e,e.DEFAULT_IFRAME_TIMEOUT_MS=1e4,e.EventHandler=bc,e.EventMessageUtils=class{static getInteractionStatusFromEvent(t,r){switch(t.eventType){case gc.ACQUIRE_TOKEN_START:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup)return as.AcquireToken;break;case gc.HANDLE_REDIRECT_START:return as.HandleRedirect;case gc.LOGOUT_START:return as.Logout;case gc.LOGOUT_END:if(r&&r!==as.Logout)break;return as.None;case gc.HANDLE_REDIRECT_END:if(r&&r!==as.HandleRedirect)break;return as.None;case gc.ACQUIRE_TOKEN_SUCCESS:case gc.ACQUIRE_TOKEN_FAILURE:case gc.RESTORE_FROM_BFCACHE:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup){if(r&&r!==as.AcquireToken)break;return as.None}}return null}},e.EventType=gc,e.InteractionRequiredAuthError=fn,e.InteractionRequiredAuthErrorCodes=gn,e.InteractionStatus=as,e.JsonWebTokenTypes=Gh,e.LocalStorage=dc,e.Logger=dr,e.MemoryStorage=xa,e.NavigationClient=eh,e.OIDC_DEFAULT_SCOPES=Qh,e.PromptValue=Wh,e.ProtocolMode=Hr,e.PublicClientApplication=Lh,e.ResponseMode=Jh,e.ServerError=nn,e.SessionStorage=uc,e.SignedHttpRequest=class{constructor(e,t){const r=t&&t.loggerOptions||{};this.logger=new dr(r,pc,mc),this.cryptoOps=new Na(this.logger),this.popTokenGenerator=new Hn(this.cryptoOps,new Wr),this.shrParameters=e}async generatePublicKeyThumbprint(){const{kid:e}=await this.popTokenGenerator.generateKid(this.shrParameters);return e}async signRequest(e,t,r){return this.popTokenGenerator.signPayload(e,t,this.shrParameters,r)}async removeKeys(e,t){return this.cryptoOps.removeTokenBindingKey(e,t)}},e.StubPerformanceClient=Wr,e.WrapperSKU={React:"@azure/msal-react",Angular:"@azure/msal-angular"},e.createNestablePublicClientApplication=async function(e,t,r){const n=t||Ms(),o=new Uh(e);if(await o.initialize(n),o.isAvailable()){const t=new qh(o),i=r?r(e,t):new Lh(e,t);return await i.initialize({correlationId:n}),i}return Hh(e)},e.createStandardPublicClientApplication=Hh,e.isPlatformBrokerAvailable=async function(e,t,r){const n=new dr(e||{},pc,mc),o=r||"";n.trace("07660b",o);const i=t||new Wr;return"undefined"==typeof window?(n.trace("082ed3",o),!1):!!await ah(n,i,o)},e.loadExternalTokens=async function(e,t,r,n){sa();const o=oh(e,!0),i=t.correlationId||Ms(),s=r.id_token?wr(r.id_token,ys):void 0,a=Ir(s||{}),c={protocolMode:o.system.protocolMode,knownAuthorities:o.auth.knownAuthorities,cloudDiscoveryMetadata:o.auth.cloudDiscoveryMetadata,authorityMetadata:o.auth.authorityMetadata},h=new dr(o.system.loggerOptions||{}),l=new Na(h,o.telemetry.client),d=new yc(o.auth.clientId,o.cache,l,h,o.telemetry.client,new bc(h),uo(o.auth)),u=t.authority?new ho(ho.generateAuthority(t.authority,t.azureCloudOptions),o.system.networkClient,d,c,h,t.correlationId||Ms(),o.telemetry.client):void 0,g=await async function(e,t,r,n,o,i,s,a){if(o.verbose("0ke46k",r),e.account){const t=Fr(e.account);return await n.setAccount(t,r,Ir(s||{})),t}if(!a||!t&&!s)throw o.error("1ychpz",r),Ei(si);const c=Kr(t,a.authorityType,o,i,r,s),h=s?.tid,l=Xn(n,a,c,ys,r,s,t,a.hostnameAndPort,h,void 0,void 0,o);return await n.setAccount(l,r,Ir(s||{})),l}(t,n.clientInfo||r.client_info||"",i,d,h,l,s,u),p=await async function(e,t,r,n,o,i,s,a,c){if(!e.id_token)return a.verbose("1pm7g1",i),null;a.verbose("168lyi",i);const h=Fn(t,r,e.id_token,c,n);return await s.setIdTokenCredential(h,i,o),h}(r,g.homeAccountId,g.environment,g.realm,a,i,d,h,e.auth.clientId),m=await async function(e,t,r,n,o,i,s,a,c,h,l){if(!t.access_token)return h.verbose("1ckp9e",a),null;if(!t.expires_in)return h.error("15mzx8",a),null;if(!(t.scope||e.scopes&&e.scopes.length))return h.error("1h7xse",a),null;h.verbose("01kmxb",a);const d=t.scope?_t.fromString(t.scope):new _t(e.scopes),u=s.expiresOn||t.expires_in+vn(),g=s.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+vn(),p=Kn(r,n,t.access_token,l,o,d.printScopes(),u,g,ys);return await c.setAccessTokenCredential(p,a,i),p}(t,r,g.homeAccountId,g.environment,g.realm,a,n,i,d,h,e.auth.clientId),f=await async function(e,t,r,n,o,i,s,a){if(!e.refresh_token)return s.verbose("1l7um5",o),null;s.verbose("0qy8ev",o);const c=Bn(t,r,e.refresh_token,a,e.foci,void 0,e.refresh_token_expires_in);return await i.setRefreshTokenCredential(c,o,n),c}(r,g.homeAccountId,g.environment,a,i,d,h,e.auth.clientId);return function(e,t,r,n){let o,i="",s=[],a=null;t?.accessToken&&(i=t.accessToken.secret,s=_t.fromString(t.accessToken.target).asArray(),a=Tn(t.accessToken.expiresOn),o=Tn(t.accessToken.extendedExpiresOn));const c=t.account;return{authority:n?n.canonicalAuthority:"",uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:Dr(c),idToken:t.idToken?.secret||"",idTokenClaims:r||{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId||"",requestId:"",extExpiresOn:o,familyId:t.refreshToken?.familyId||"",tokenType:t?.accessToken?.tokenType||"",state:e.state||"",cloudGraphHostName:c.cloudGraphHostName||"",msGraphHost:c.msGraphHost||"",fromPlatformBroker:!1}}(t,{account:g,idToken:p,accessToken:m,refreshToken:f},s,u)},e.stubbedPublicClientApplication=Dh,e.version=mc}));
1
+ /*! @azure/msal-browser v5.0.1 2026-01-16 */
2
+ "use strict";!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).msal={})}(this,(function(e){const t="https://login.microsoftonline.com/common/",r="common",n=`${t}discovery/instance?api-version=1.1&authorization_endpoint=`,o=".ciamlogin.com",i="openid",s="profile",a="offline_access",c="S256",h="Not Available",l="http://169.254.169.254/metadata/instance/compute/location",d=["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"],u="GET",g="POST",p=[i,s,a],m=[...p,"email"],f="Content-Type",y="Content-Length",w="Retry-After",I="X-AnchorMailbox",C="WWW-Authenticate",v="Authentication-Info",k="x-ms-request-id",T="x-ms-httpver",b="active-account-filters",A="common",S="organizations",_="consumers",E="access_token",P="xms_cc",R={LOGIN:"login",SELECT_ACCOUNT:"select_account",CONSENT:"consent",NONE:"none",CREATE:"create",NO_SESSION:"no_session"},O="code",M="id_token token refresh_token",x={QUERY:"query",FRAGMENT:"fragment",FORM_POST:"form_post"},q="authorization_code",N="refresh_token",U="Generic",L={ID_TOKEN:"IdToken",ACCESS_TOKEN:"AccessToken",ACCESS_TOKEN_WITH_AUTH_SCHEME:"AccessToken_With_AuthScheme",REFRESH_TOKEN:"RefreshToken"},H="appmetadata",D="1",F="authority-metadata",K="config",B="cache",z="network",j="hardcoded_values",$=5,J="server-telemetry",W=",",G={BEARER:"Bearer",POP:"pop",SSH:"ssh-cert"},Q="throttling",V="1",X="3",Y="4",Z="2",ee="4",te="5",re="0",ne="1",oe="2",ie="3",se="4",ae={Jwt:"JWT",Jwk:"JWK",Pop:"pop"},ce="client_id",he="redirect_uri",le="token_type",de="req_cnf",ue="return_spa_code",ge="x-client-xtra-sku",pe="brk_client_id",me="brk_redirect_uri",fe="instance_aware";function ye(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class we extends Error{constructor(e,t,r){const n=t||(e?ye(e):"");super(n?`${e}: ${n}`:e),Object.setPrototypeOf(this,we.prototype),this.errorCode=e||"",this.errorMessage=n||"",this.subError=r||"",this.name="AuthError"}setCorrelationId(e){this.correlationId=e}}function Ie(e,t){return new we(e,t||ye(e))}class Ce extends we{constructor(e){super(e),this.name="ClientConfigurationError",Object.setPrototypeOf(this,Ce.prototype)}}function ve(e){return new Ce(e)}class ke{static isEmptyObj(e){if(e)try{const t=JSON.parse(e);return 0===Object.keys(t).length}catch(e){}return!0}static startsWith(e,t){return 0===e.indexOf(t)}static endsWith(e,t){return e.length>=t.length&&e.lastIndexOf(t)===e.length-t.length}static queryStringToObject(e){const t={},r=e.split("&"),n=e=>decodeURIComponent(e.replace(/\+/g," "));return r.forEach((e=>{if(e.trim()){const[r,o]=e.split(/=(.+)/g,2);r&&o&&(t[n(r)]=n(o))}})),t}static trimArrayEntries(e){return e.map((e=>e.trim()))}static removeEmptyStringsFromArray(e){return e.filter((e=>!!e))}static jsonParseHelper(e){try{return JSON.parse(e)}catch(e){return null}}static matchPattern(e,t){return new RegExp(e.replace(/\\/g,"\\\\").replace(/\*/g,"[^ ]*").replace(/\?/g,"\\?")).test(t)}}class Te extends we{constructor(e,t){super(e,t),this.name="ClientAuthError",Object.setPrototypeOf(this,Te.prototype)}}function be(e,t){return new Te(e,t)}const Ae="redirect_uri_empty",Se="authority_uri_insecure",_e="url_parse_error",Ee="empty_url_error",Pe="empty_input_scopes_error",Re="invalid_claims",Oe="token_request_empty",Me="logout_request_empty",xe="pkce_params_missing",qe="invalid_cloud_discovery_metadata",Ne="invalid_authority_metadata",Ue="untrusted_authority",Le="missing_ssh_jwk",He="missing_ssh_kid",De="missing_nonce_authentication_header",Fe="invalid_authentication_header",Ke="cannot_set_OIDCOptions",Be="cannot_allow_platform_broker",ze="authority_mismatch",je="invalid_request_method_for_EAR";var $e=Object.freeze({__proto__:null,authorityMismatch:ze,authorityUriInsecure:Se,cannotAllowPlatformBroker:Be,cannotSetOIDCOptions:Ke,claimsRequestParsingError:"claims_request_parsing_error",emptyInputScopesError:Pe,invalidAuthenticationHeader:Fe,invalidAuthorityMetadata:Ne,invalidClaims:Re,invalidCloudDiscoveryMetadata:qe,invalidCodeChallengeMethod:"invalid_code_challenge_method",invalidRequestMethodForEAR:je,logoutRequestEmpty:Me,missingNonceAuthenticationHeader:De,missingSshJwk:Le,missingSshKid:He,pkceParamsMissing:xe,redirectUriEmpty:Ae,tokenRequestEmpty:Oe,untrustedAuthority:Ue,urlEmptyError:Ee,urlParseError:_e});const Je="client_info_decoding_error",We="client_info_empty_error",Ge="token_parsing_error",Qe="null_or_empty_token",Ve="endpoints_resolution_error",Xe="network_error",Ye="openid_config_error",Ze="hash_not_deserialized",et="invalid_state",tt="state_mismatch",rt="state_not_found",nt="nonce_mismatch",ot="auth_time_not_found",it="max_age_transpired",st="multiple_matching_appMetadata",at="request_cannot_be_made",ct="cannot_remove_empty_scope",ht="cannot_append_scopeset",lt="empty_input_scopeset",dt="no_account_in_silent_request",ut="invalid_cache_record",gt="invalid_cache_environment",pt="no_account_found",mt="no_crypto_object",ft="token_refresh_required",yt="token_claims_cnf_required_for_signedjwt",wt="authorization_code_missing_from_server_response",It="binding_key_not_removed",Ct="end_session_endpoint_not_supported",vt="key_id_missing",kt="no_network_connectivity",Tt="user_canceled",bt="method_not_implemented",At="nested_app_auth_bridge_disabled";var St=Object.freeze({__proto__:null,authTimeNotFound:ot,authorizationCodeMissingFromServerResponse:wt,bindingKeyNotRemoved:It,cannotAppendScopeSet:ht,cannotRemoveEmptyScope:ct,clientInfoDecodingError:Je,clientInfoEmptyError:We,emptyInputScopeSet:lt,endSessionEndpointNotSupported:Ct,endpointResolutionError:Ve,hashNotDeserialized:Ze,invalidCacheEnvironment:gt,invalidCacheRecord:ut,invalidState:et,keyIdMissing:vt,maxAgeTranspired:it,methodNotImplemented:bt,multipleMatchingAppMetadata:st,multipleMatchingTokens:"multiple_matching_tokens",nestedAppAuthBridgeDisabled:At,networkError:Xe,noAccountFound:pt,noAccountInSilentRequest:dt,noCryptoObject:mt,noNetworkConnectivity:kt,nonceMismatch:nt,nullOrEmptyToken:Qe,openIdConfigError:Ye,platformBrokerError:"platform_broker_error",requestCannotBeMade:at,stateMismatch:tt,stateNotFound:rt,tokenClaimsCnfRequiredForSignedJwt:yt,tokenParsingError:Ge,tokenRefreshRequired:ft,unexpectedCredentialType:"unexpected_credential_type",userCanceled:Tt});class _t{constructor(e){const t=e?ke.trimArrayEntries([...e]):[],r=t?ke.removeEmptyStringsFromArray(t):[];if(!r||!r.length)throw ve(Pe);this.scopes=new Set,r.forEach((e=>this.scopes.add(e)))}static fromString(e){const t=(e||"").split(" ");return new _t(t)}static createSearchScopes(e){const t=e&&e.length>0?e:[...p],r=new _t(t);return r.containsOnlyOIDCScopes()?r.removeScope(a):r.removeOIDCScopes(),r}containsScope(e){const t=this.printScopesLowerCase().split(" "),r=new _t(t);return!!e&&r.scopes.has(e.toLowerCase())}containsScopeSet(e){return!(!e||e.scopes.size<=0)&&(this.scopes.size>=e.scopes.size&&e.asArray().every((e=>this.containsScope(e))))}containsOnlyOIDCScopes(){let e=0;return m.forEach((t=>{this.containsScope(t)&&(e+=1)})),this.scopes.size===e}appendScope(e){e&&this.scopes.add(e.trim())}appendScopes(e){try{e.forEach((e=>this.appendScope(e)))}catch(e){throw be(ht)}}removeScope(e){if(!e)throw be(ct);this.scopes.delete(e.trim())}removeOIDCScopes(){m.forEach((e=>{this.scopes.delete(e)}))}unionScopeSets(e){if(!e)throw be(lt);const t=new Set;return e.scopes.forEach((e=>t.add(e.toLowerCase()))),this.scopes.forEach((e=>t.add(e.toLowerCase()))),t}intersectingScopeSets(e){if(!e)throw be(lt);e.containsOnlyOIDCScopes()||e.removeOIDCScopes();const t=this.unionScopeSets(e),r=e.getScopeCount(),n=this.getScopeCount();return t.size<n+r}getScopeCount(){return this.scopes.size}asArray(){const e=[];return this.scopes.forEach((t=>e.push(t))),e}printScopes(){if(this.scopes){return this.asArray().join(" ")}return""}printScopesLowerCase(){return this.printScopes().toLowerCase()}}function Et(e,t,r){if(!t)return;const n=e.get(ce);n&&e.has(pe)&&r?.addFields({embeddedClientId:n,embeddedRedirectUri:e.get(he)},t)}function Pt(e,t){e.set("response_type",t)}function Rt(e,t,r=!0,n=p){!r||n.includes("openid")||t.includes("openid")||n.push("openid");const o=r?[...t||[],...n]:t||[],i=new _t(o);e.set("scope",i.printScopes())}function Ot(e,t){e.set(ce,t)}function Mt(e,t){e.set(he,t)}function xt(e,t){e.set("login_hint",t)}function qt(e,t){e.set(I,`UPN:${t}`)}function Nt(e,t){e.set(I,`Oid:${t.uid}@${t.utid}`)}function Ut(e,t){e.set("sid",t)}function Lt(e,t,r){const n=Vt(t,r);try{JSON.parse(n)}catch(e){throw ve(Re)}e.set("claims",n)}function Ht(e,t){e.set("client-request-id",t)}function Dt(e,t){e.set("x-client-SKU",t.sku),e.set("x-client-VER",t.version),t.os&&e.set("x-client-OS",t.os),t.cpu&&e.set("x-client-CPU",t.cpu)}function Ft(e,t){t?.appName&&e.set("x-app-name",t.appName),t?.appVersion&&e.set("x-app-ver",t.appVersion)}function Kt(e,t){t&&e.set("state",t)}function Bt(e,t,r){if(!t||!r)throw ve(xe);e.set("code_challenge",t),e.set("code_challenge_method",r)}function zt(e,t){e.set("client_secret",t)}function jt(e,t){t&&e.set("client_assertion",t)}function $t(e,t){t&&e.set("client_assertion_type",t)}function Jt(e,t){e.set("grant_type",t)}function Wt(e){e.set("client_info","1")}function Gt(e){e.has(fe)||e.set(fe,"true")}function Qt(e,t){Object.entries(t).forEach((([t,r])=>{!e.has(t)&&r&&e.set(t,r)}))}function Vt(e,t){let r;if(e)try{r=JSON.parse(e)}catch(e){throw ve(Re)}else r={};return t&&t.length>0&&(r.hasOwnProperty(E)||(r[E]={}),r[E][P]={values:t}),JSON.stringify(r)}function Xt(e,t){t&&(e.set(le,G.POP),e.set(de,t))}function Yt(e,t){t&&(e.set(le,G.SSH),e.set(de,t))}function Zt(e,t){e.set("x-client-current-telemetry",t.generateCurrentRequestHeaderValue()),e.set("x-client-last-telemetry",t.generateLastRequestHeaderValue())}function er(e){e.set("x-ms-lib-capability","retry-after, h429")}function tr(e,t,r){e.has(pe)||e.set(pe,t),e.has(me)||e.set(me,r)}function rr(e){if(!e)return e;let t=e.toLowerCase();return ke.endsWith(t,"?")?t=t.slice(0,-1):ke.endsWith(t,"?/")&&(t=t.slice(0,-2)),ke.endsWith(t,"/")||(t+="/"),t}function nr(e){return e.startsWith("#/")?e.substring(2):e.startsWith("#")||e.startsWith("?")?e.substring(1):e}function or(e){if(!e||e.indexOf("=")<0)return null;try{const t=nr(e),r=Object.fromEntries(new URLSearchParams(t));if(r.code||r.ear_jwe||r.error||r.error_description||r.state)return r}catch(e){throw be(Ze)}return null}function ir(e){const t=new Array;return e.forEach(((e,r)=>{t.push(`${r}=${encodeURIComponent(e)}`)})),t.join("&")}function sr(e){if(!e)return e;const t=e.split("#")[0];try{const e=new URL(t);return rr(e.origin+e.pathname+e.search)}catch(e){return rr(t)}}const ar={createNewGuid:()=>{throw be(bt)},base64Decode:()=>{throw be(bt)},base64Encode:()=>{throw be(bt)},base64UrlEncode:()=>{throw be(bt)},encodeKid:()=>{throw be(bt)},async getPublicKeyThumbprint(){throw be(bt)},async removeTokenBindingKey(){throw be(bt)},async clearKeystore(){throw be(bt)},async signJwt(){throw be(bt)},async hashString(){throw be(bt)}};var cr;e.LogLevel=void 0,(cr=e.LogLevel||(e.LogLevel={}))[cr.Error=0]="Error",cr[cr.Warning=1]="Warning",cr[cr.Info=2]="Info",cr[cr.Verbose=3]="Verbose",cr[cr.Trace=4]="Trace";const hr=new Map;function lr(e,t){const r=Date.now();let n=hr.get(e);if(n)!function(e,t){hr.delete(e),hr.set(e,t)}(e,n);else if(n={logs:[],firstEventTime:r},hr.set(e,n),hr.size>50){const e=hr.keys().next().value;e&&hr.delete(e)}n.logs.push({...t,milliseconds:r-n.firstEventTime}),n.logs.length>500&&n.logs.shift()}class dr{constructor(t,r,n){this.level=e.LogLevel.Info;const o=t||dr.createDefaultLoggerOptions();this.localCallback=o.loggerCallback||(()=>{}),this.piiLoggingEnabled=o.piiLoggingEnabled||!1,this.level="number"==typeof o.logLevel?o.logLevel:e.LogLevel.Info,this.packageName=r||"",this.packageVersion=n||""}static createDefaultLoggerOptions(){return{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info}}clone(e,t){return new dr({loggerCallback:this.localCallback,piiLoggingEnabled:this.piiLoggingEnabled,logLevel:this.level},e,t)}logMessage(t,r){const n=r.correlationId;if(function(e){if(6!==e.length)return!1;for(let t=0;t<e.length;t++){const r=e[t];if(!(r>="a"&&r<="z"||r>="A"&&r<="Z"||r>="0"&&r<="9"))return!1}return!0}(t)){lr(n,{hash:t,level:r.logLevel,containsPii:r.containsPii||!1,milliseconds:0})}if(r.logLevel>this.level||!this.piiLoggingEnabled&&r.containsPii)return;const o=`${`[${(new Date).toUTCString()}] : [${n}]`} : ${this.packageName}@${this.packageVersion} : ${e.LogLevel[r.logLevel]} - ${t}`;this.executeCallback(r.logLevel,o,r.containsPii||!1)}executeCallback(e,t,r){this.localCallback&&this.localCallback(e,t,r)}error(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!1,correlationId:r})}errorPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!0,correlationId:r})}warning(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!1,correlationId:r})}warningPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!0,correlationId:r})}info(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!1,correlationId:r})}infoPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!0,correlationId:r})}verbose(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!1,correlationId:r})}verbosePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!0,correlationId:r})}trace(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!1,correlationId:r})}tracePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!0,correlationId:r})}isPiiLoggingEnabled(){return this.piiLoggingEnabled||!1}}const ur="@azure/msal-common",gr="16.0.1",pr={None:"none",AzurePublic:"https://login.microsoftonline.com",AzurePpe:"https://login.windows-ppe.net",AzureChina:"https://login.chinacloudapi.cn",AzureGermany:"https://login.microsoftonline.de",AzureUsGovernment:"https://login.microsoftonline.us"};function mr(e,t){return!!e&&!!t&&e===t.split(".")[1]}function fr(e,t,r,n){if(n){const{oid:t,sub:r,tid:o,name:i,tfp:s,acr:a,preferred_username:c,upn:h,login_hint:l}=n,d=o||s||a||"";return{tenantId:d,localAccountId:t||r||"",name:i,username:c||h||"",loginHint:l,isHomeTenant:mr(d,e)}}return{tenantId:r,localAccountId:t,username:"",isHomeTenant:mr(r,e)}}function yr(e,t,r,n){let o=e;if(t){const{isHomeTenant:r,...n}=t;o={...e,...n}}if(r){const{isHomeTenant:t,...i}=fr(e.homeAccountId,e.localAccountId,e.tenantId,r);return o={...o,...i,idTokenClaims:r,idToken:n},o}return o}function wr(e,t){const r=function(e){if(!e)throw be(Qe);const t=/^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/.exec(e);if(!t||t.length<4)throw be(Ge);return t[2]}(e);try{const e=t(r);return JSON.parse(e)}catch(e){throw be(Ge)}}function Ir(e){if(!e.signin_state)return!1;const t=["kmsi","dvc_dmjd"];return e.signin_state.some((e=>t.includes(e.trim().toLowerCase())))}function Cr(e,t){if(0===t||Date.now()-3e5>e+t)throw be(it)}class vr{get urlString(){return this._urlString}constructor(e){if(this._urlString=e,!this._urlString)throw ve(Ee);e.includes("#")||(this._urlString=vr.canonicalizeUri(e))}static canonicalizeUri(e){if(e){let t=e.toLowerCase();return ke.endsWith(t,"?")?t=t.slice(0,-1):ke.endsWith(t,"?/")&&(t=t.slice(0,-2)),ke.endsWith(t,"/")||(t+="/"),t}return e}validateAsUri(){let e;try{e=this.getUrlComponents()}catch(e){throw ve(_e)}if(!e.HostNameAndPort||!e.PathSegments)throw ve(_e);if(!e.Protocol||"https:"!==e.Protocol.toLowerCase())throw ve(Se)}static appendQueryString(e,t){return t?e.indexOf("?")<0?`${e}?${t}`:`${e}&${t}`:e}static removeHashFromUrl(e){return vr.canonicalizeUri(e.split("#")[0])}replaceTenantPath(e){const t=this.getUrlComponents(),r=t.PathSegments;return!e||0===r.length||r[0]!==A&&r[0]!==S||(r[0]=e),vr.constructAuthorityUriFromObject(t)}getUrlComponents(){const e=RegExp("^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?"),t=this.urlString.match(e);if(!t)throw ve(_e);const r={Protocol:t[1],HostNameAndPort:t[4],AbsolutePath:t[5],QueryString:t[7]};let n=r.AbsolutePath.split("/");return n=n.filter((e=>e&&e.length>0)),r.PathSegments=n,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(e){const t=RegExp("^([^:/?#]+://)?([^/?#]*)"),r=e.match(t);if(!r)throw ve(_e);return r[2]}static getAbsoluteUrl(e,t){if("/"===e[0]){const r=new vr(t).getUrlComponents();return r.Protocol+"//"+r.HostNameAndPort+e}return e}static constructAuthorityUriFromObject(e){return new vr(e.Protocol+"//"+e.HostNameAndPort+"/"+e.PathSegments.join("/"))}}const kr={endpointMetadata:[{host:"login.microsoftonline.com"},{host:"login.chinacloudapi.cn",issuerHost:"login.partner.microsoftonline.cn"},{host:"login.microsoftonline.us"},{host:"login.sovcloud-identity.fr"},{host:"login.sovcloud-identity.de"},{host:"login.sovcloud-identity.sg"}].reduce(((e,{host:t,issuerHost:r})=>(e[t]=function(e,t){return{token_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/token`,jwks_uri:`https://${e}/{tenantid}/discovery/v2.0/keys`,issuer:`https://${t}/{tenantid}/v2.0`,authorization_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/authorize`,end_session_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/logout`}}(t,r||t),e)),{}),instanceDiscoveryMetadata:{metadata:[{preferred_network:"login.microsoftonline.com",preferred_cache:"login.windows.net",aliases:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{preferred_network:"login.partner.microsoftonline.cn",preferred_cache:"login.partner.microsoftonline.cn",aliases:["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{preferred_network:"login.microsoftonline.de",preferred_cache:"login.microsoftonline.de",aliases:["login.microsoftonline.de"]},{preferred_network:"login.microsoftonline.us",preferred_cache:"login.microsoftonline.us",aliases:["login.microsoftonline.us","login.usgovcloudapi.net"]},{preferred_network:"login-us.microsoftonline.com",preferred_cache:"login-us.microsoftonline.com",aliases:["login-us.microsoftonline.com"]}]}},Tr=kr.endpointMetadata,br=kr.instanceDiscoveryMetadata,Ar=new Set;function Sr(e,t,r,n,o){if(e.trace("1bmquz",t),r&&n){const o=_r(n,r);if(o)return e.trace("1fotbt",t),o.aliases;e.trace("14avvj",t)}return null}function _r(e,t){for(let r=0;r<e.length;r++){const n=e[r];if(n.aliases.includes(t))return n}return null}br.metadata.forEach((e=>{e.aliases.forEach((e=>{Ar.add(e)}))}));const Er="cache_quota_exceeded";class Pr extends Error{constructor(e,t){const r=t||ye(e);super(r),Object.setPrototypeOf(this,Pr.prototype),this.name="CacheError",this.errorCode=e,this.errorMessage=r}}function Rr(e){return e instanceof Error?"QuotaExceededError"===e.name||"NS_ERROR_DOM_QUOTA_REACHED"===e.name||e.message.includes("exceeded the quota")?new Pr(Er):new Pr(e.name,e.message):new Pr("cache_error_unknown")}function Or(e,t){if(!e)throw be(We);try{const r=t(e);return JSON.parse(r)}catch(e){throw be(Je)}}function Mr(e){if(!e)throw be(Je);const t=e.split(".",2);return{uid:t[0],utid:t.length<2?"":t[1]}}const xr=0,qr=1,Nr=2,Ur=3;function Lr(e){if(e){return e.tid||e.tfp||e.acr||null}return null}const Hr={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"};function Dr(e){return{homeAccountId:e.homeAccountId,environment:e.environment,tenantId:e.realm,username:e.username,localAccountId:e.localAccountId,loginHint:e.loginHint,name:e.name,nativeAccountId:e.nativeAccountId,authorityType:e.authorityType,tenantProfiles:new Map((e.tenantProfiles||[]).map((e=>[e.tenantId,e]))),dataBoundary:e.dataBoundary}}function Fr(e,t,r){return{authorityType:e.authorityType||U,homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,nativeAccountId:e.nativeAccountId,realm:e.tenantId,environment:e.environment,username:e.username,loginHint:e.loginHint,name:e.name,cloudGraphHostName:t,msGraphHost:r,tenantProfiles:Array.from(e.tenantProfiles?.values()||[]),dataBoundary:e.dataBoundary}}function Kr(e,t,r,n,o,i){if(t!==qr&&t!==Nr){if(e)try{const t=Or(e,n.base64Decode);if(t.uid&&t.utid)return`${t.uid}.${t.utid}`}catch(e){}r.warning("1ub6wv",o)}return i?.sub||""}class Br{constructor(e,t,r,n,o){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(ur,gr),this.staticAuthorityOptions=o,this.performanceClient=n}getAllAccounts(e={},t){return this.buildTenantProfiles(this.getAccountsFilteredBy(e,t),t,e)}getAccountInfoFilteredBy(e,t){const r=this.getAllAccounts(e,t);if(r.length>1){return r.sort((e=>e.idTokenClaims?-1:1))[0]}return 1===r.length?r[0]:null}getBaseAccountInfo(e,t){const r=this.getAccountsFilteredBy(e,t);return r.length>0?Dr(r[0]):null}buildTenantProfiles(e,t,r){return e.flatMap((e=>this.getTenantProfilesFromAccountEntity(e,t,r?.tenantId,r)))}getTenantedAccountInfoByFilter(e,t,r,n,o){let i,s=null;if(o&&!this.tenantProfileMatchesFilter(r,o))return null;const a=this.getIdToken(e,n,t,r.tenantId);return a&&(i=wr(a.secret,this.cryptoImpl.base64Decode),!this.idTokenClaimsMatchTenantProfileFilter(i,o))?null:(s=yr(e,r,i,a?.secret),s)}getTenantProfilesFromAccountEntity(e,t,r,n){const o=Dr(e);let i=o.tenantProfiles||new Map;const s=this.getTokenKeys();if(r){const e=i.get(r);if(!e)return[];i=new Map([[r,e]])}const a=[];return i.forEach((e=>{const r=this.getTenantedAccountInfoByFilter(o,s,e,t,n);r&&a.push(r)})),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId))&&((!t.name||e.name===t.name)&&(void 0===t.isHomeTenant||e.isHomeTenant===t.isHomeTenant))}idTokenClaimsMatchTenantProfileFilter(e,t){if(t){if(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId))return!1;if(t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint))return!1;if(t.username&&!this.matchUsername(e.preferred_username,t.username))return!1;if(t.name&&!this.matchName(e,t.name))return!1;if(t.sid&&!this.matchSid(e,t.sid))return!1}return!0}async saveCacheRecord(e,t,r,n){if(!e)throw be(ut);try{e.account&&await this.setAccount(e.account,t,r),e.idToken&&!1!==n?.idToken&&await this.setIdTokenCredential(e.idToken,t,r),e.accessToken&&!1!==n?.accessToken&&await this.saveAccessToken(e.accessToken,t,r),e.refreshToken&&!1!==n?.refreshToken&&await this.setRefreshTokenCredential(e.refreshToken,t,r),e.appMetadata&&this.setAppMetadata(e.appMetadata,t)}catch(e){throw this.commonLogger?.error("0j476p",t),e instanceof we?e:Rr(e)}}async saveAccessToken(e,t,r){const n={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType},o=this.getTokenKeys(),i=_t.fromString(e.target);o.accessToken.forEach((e=>{if(!this.accessTokenKeyMatchesFilter(e,n,!1))return;const r=this.getAccessTokenCredential(e,t);if(r&&this.credentialMatchesFilter(r,n,t)){_t.fromString(r.target).intersectingScopeSets(i)&&this.removeAccessToken(e,t)}})),await this.setAccessTokenCredential(e,t,r)}getAccountsFilteredBy(e,t){const r=this.getAccountKeys(),n=[];return r.forEach((r=>{const o=this.getAccount(r,t);if(!o)return;if(e.homeAccountId&&!this.matchHomeAccountId(o,e.homeAccountId))return;if(e.username&&!this.matchUsername(o.username,e.username))return;if(e.environment&&!this.matchEnvironment(o,e.environment,t))return;if(e.realm&&!this.matchRealm(o,e.realm))return;if(e.nativeAccountId&&!this.matchNativeAccountId(o,e.nativeAccountId))return;if(e.authorityType&&!this.matchAuthorityType(o,e.authorityType))return;const i={localAccountId:e?.localAccountId,name:e?.name},s=o.tenantProfiles?.filter((e=>this.tenantProfileMatchesFilter(e,i)));s&&0===s.length||n.push(o)})),n}credentialMatchesFilter(e,t,r){if(t.clientId&&!this.matchClientId(e,t.clientId))return!1;if(t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash))return!1;if("string"==typeof t.homeAccountId&&!this.matchHomeAccountId(e,t.homeAccountId))return!1;if(t.environment&&!this.matchEnvironment(e,t.environment,r))return!1;if(t.realm&&!this.matchRealm(e,t.realm))return!1;if(t.credentialType&&!this.matchCredentialType(e,t.credentialType))return!1;if(t.familyId&&!this.matchFamilyId(e,t.familyId))return!1;if(t.target&&!this.matchTarget(e,t.target))return!1;if(e.credentialType===L.ACCESS_TOKEN_WITH_AUTH_SCHEME){if(t.tokenType&&!this.matchTokenType(e,t.tokenType))return!1;if(t.tokenType===G.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId))return!1}return!0}getAppMetadataFilteredBy(e,t){const r=this.getKeys(),n={};return r.forEach((r=>{if(!this.isAppMetadata(r))return;const o=this.getAppMetadata(r,t);o&&(e.environment&&!this.matchEnvironment(o,e.environment,t)||e.clientId&&!this.matchClientId(o,e.clientId)||(n[r]=o))})),n}getAuthorityMetadataByAlias(e,t){const r=this.getAuthorityMetadataKeys();let n=null;return r.forEach((r=>{if(!this.isAuthorityMetadata(r)||-1===r.indexOf(this.clientId))return;const o=this.getAuthorityMetadata(r,t);o&&-1!==o.aliases.indexOf(e)&&(n=o)})),n}removeAllAccounts(e){this.getAllAccounts({},e).forEach((t=>{this.removeAccount(t,e)}))}removeAccount(e,t){this.removeAccountContext(e,t);this.getAccountKeys().filter((t=>t.includes(e.homeAccountId)&&t.includes(e.environment))).forEach((e=>{this.removeItem(e,t),this.performanceClient.incrementFields({accountsRemoved:1},t)}))}removeAccountContext(e,t){const r=this.getTokenKeys(),n=t=>t.includes(e.homeAccountId)&&t.includes(e.environment);r.idToken.filter(n).forEach((e=>{this.removeIdToken(e,t)})),r.accessToken.filter(n).forEach((e=>{this.removeAccessToken(e,t)})),r.refreshToken.filter(n).forEach((e=>{this.removeRefreshToken(e,t)}))}removeAccessToken(e,t){const r=this.getAccessTokenCredential(e,t);if(r&&(this.removeItem(e,t),this.performanceClient.incrementFields({accessTokensRemoved:1},t),r.credentialType.toLowerCase()===L.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()&&r.tokenType===G.POP)){const e=r.keyId;e&&this.cryptoImpl.removeTokenBindingKey(e,t).catch((()=>{this.commonLogger.error("0cx291",t),this.performanceClient?.incrementFields({removeTokenBindingKeyFailure:1},t)}))}}removeAppMetadata(e){return this.getKeys().forEach((t=>{this.isAppMetadata(t)&&this.removeItem(t,e)})),!0}getIdToken(e,t,r,n){this.commonLogger.trace("1drz22",t);const o={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:L.ID_TOKEN,clientId:this.clientId,realm:n},i=this.getIdTokensByFilter(o,t,r),s=i.size;if(s<1)return this.commonLogger.info("1atvtd",t),null;if(s>1){let r=i;if(!n){const n=new Map;i.forEach(((t,r)=>{t.realm===e.tenantId&&n.set(r,t)}));const o=n.size;if(o<1)return this.commonLogger.info("0ooalx",t),i.values().next().value;if(1===o)return this.commonLogger.info("1eq2vc",t),n.values().next().value;r=n}return this.commonLogger.info("1ws328",t),r.forEach(((e,r)=>{this.removeIdToken(r,t)})),this.performanceClient.addFields({multiMatchedID:i.size},t),null}return this.commonLogger.info("1sm769",t),i.values().next().value}getIdTokensByFilter(e,t,r){const n=r&&r.idToken||this.getTokenKeys().idToken,o=new Map;return n.forEach((r=>{if(!this.idTokenKeyMatchesFilter(r,{clientId:this.clientId,...e}))return;const n=this.getIdTokenCredential(r,t);n&&this.credentialMatchesFilter(n,e,t)&&o.set(r,n)})),o}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.clientId||-1!==r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase()))}removeIdToken(e,t){this.removeItem(e,t)}removeRefreshToken(e,t){this.removeItem(e,t)}getAccessToken(e,t,r,n){const o=t.correlationId;this.commonLogger.trace("1t7hz1",o);const i=_t.createSearchScopes(t.scopes),s=t.authenticationScheme||G.BEARER,a=s&&s.toLowerCase()!==G.BEARER.toLowerCase()?L.ACCESS_TOKEN_WITH_AUTH_SCHEME:L.ACCESS_TOKEN,c={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:a,clientId:this.clientId,realm:n||e.tenantId,target:i,tokenType:s,keyId:t.sshKid},h=r&&r.accessToken||this.getTokenKeys().accessToken,l=[];h.forEach((e=>{if(this.accessTokenKeyMatchesFilter(e,c,!0)){const t=this.getAccessTokenCredential(e,o);t&&this.credentialMatchesFilter(t,c,o)&&l.push(t)}}));const d=l.length;return d<1?(this.commonLogger.info("1nckna",o),null):d>1?(this.commonLogger.info("1wkfwp",o),l.forEach((e=>{this.removeAccessToken(this.generateCredentialKey(e),o)})),this.performanceClient.addFields({multiMatchedAT:l.length},o),null):(this.commonLogger.info("06yt98",o),l[0])}accessTokenKeyMatchesFilter(e,t,r){const n=e.toLowerCase();if(t.clientId&&-1===n.indexOf(t.clientId.toLowerCase()))return!1;if(t.homeAccountId&&-1===n.indexOf(t.homeAccountId.toLowerCase()))return!1;if(t.realm&&-1===n.indexOf(t.realm.toLowerCase()))return!1;if(t.target){const e=t.target.asArray();for(let t=0;t<e.length;t++){if(r&&!n.includes(e[t].toLowerCase()))return!1;if(!r&&n.includes(e[t].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e,t){const r=this.getTokenKeys(),n=[];return r.accessToken.forEach((r=>{if(!this.accessTokenKeyMatchesFilter(r,e,!0))return;const o=this.getAccessTokenCredential(r,t);o&&this.credentialMatchesFilter(o,e,t)&&n.push(o)})),n}getRefreshToken(e,t,r,n){this.commonLogger.trace("0x53vi",r);const o=t?D:void 0,i={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:L.REFRESH_TOKEN,clientId:this.clientId,familyId:o},s=n&&n.refreshToken||this.getTokenKeys().refreshToken,a=[];s.forEach((e=>{if(this.refreshTokenKeyMatchesFilter(e,i)){const t=this.getRefreshTokenCredential(e,r);t&&this.credentialMatchesFilter(t,i,r)&&a.push(t)}}));const c=a.length;return c<1?(this.commonLogger.info("0dlw11",r),null):(c>1&&this.performanceClient.addFields({multiMatchedRT:c},r),this.commonLogger.info("0wcnep",r),a[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.familyId||-1!==r.indexOf(t.familyId.toLowerCase()))&&(!(!t.familyId&&t.clientId&&-1===r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase())))}readAppMetadataFromCache(e,t){const r={environment:e,clientId:this.clientId},n=this.getAppMetadataFilteredBy(r,t),o=Object.keys(n).map((e=>n[e])),i=o.length;if(i<1)return null;if(i>1)throw be(st);return o[0]}isAppMetadataFOCI(e,t){const r=this.readAppMetadataFromCache(e,t);return!(!r||r.familyId!==D)}matchHomeAccountId(e,t){return!("string"!=typeof e.homeAccountId||t!==e.homeAccountId)}matchLocalAccountIdFromTokenClaims(e,t){return t===(e.oid||e.sub)}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){return!(t.toLowerCase()!==e.name?.toLowerCase())}matchUsername(e,t){return!(!e||"string"!=typeof e||t?.toLowerCase()!==e.toLowerCase())}matchUserAssertionHash(e,t){return!(!e.userAssertionHash||t!==e.userAssertionHash)}matchEnvironment(e,t,r){if(this.staticAuthorityOptions){const n=function(e,t,r){let n;const o=e.canonicalAuthority;if(o){const i=new vr(o).getUrlComponents().HostNameAndPort;n=Sr(t,r,i,e.cloudDiscoveryMetadata?.metadata)||Sr(t,r,i,br.metadata)||e.knownAuthorities}return n||[]}(this.staticAuthorityOptions,this.commonLogger,r);if(n.includes(t)&&n.includes(e.environment))return!0}const n=this.getAuthorityMetadataByAlias(t,r);return!!(n&&n.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!(!e.clientId||t!==e.clientId)}matchFamilyId(e,t){return!(!e.familyId||t!==e.familyId)}matchRealm(e,t){return!(e.realm?.toLowerCase()!==t.toLowerCase())}matchNativeAccountId(e,t){return!(!e.nativeAccountId||t!==e.nativeAccountId)}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t||(e.preferred_username===t||e.upn===t)}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!(!e.authorityType||t.toLowerCase()!==e.authorityType.toLowerCase())}matchTarget(e,t){if(e.credentialType!==L.ACCESS_TOKEN&&e.credentialType!==L.ACCESS_TOKEN_WITH_AUTH_SCHEME||!e.target)return!1;return _t.fromString(e.target).containsScopeSet(t)}matchTokenType(e,t){return!(!e.tokenType||e.tokenType!==t)}matchKeyId(e,t){return!(!e.keyId||e.keyId!==t)}isAppMetadata(e){return-1!==e.indexOf(H)}isAuthorityMetadata(e){return-1!==e.indexOf(F)}generateAuthorityMetadataCacheKey(e){return`${F}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class zr extends Br{async setAccount(){throw be(bt)}getAccount(){throw be(bt)}async setIdTokenCredential(){throw be(bt)}getIdTokenCredential(){throw be(bt)}async setAccessTokenCredential(){throw be(bt)}getAccessTokenCredential(){throw be(bt)}async setRefreshTokenCredential(){throw be(bt)}getRefreshTokenCredential(){throw be(bt)}setAppMetadata(){throw be(bt)}getAppMetadata(){throw be(bt)}setServerTelemetry(){throw be(bt)}getServerTelemetry(){throw be(bt)}setAuthorityMetadata(){throw be(bt)}getAuthorityMetadata(){throw be(bt)}getAuthorityMetadataKeys(){throw be(bt)}setThrottlingCache(){throw be(bt)}getThrottlingCache(){throw be(bt)}removeItem(){throw be(bt)}getKeys(){throw be(bt)}getAccountKeys(){throw be(bt)}getTokenKeys(){throw be(bt)}generateCredentialKey(){throw be(bt)}generateAccountKey(){throw be(bt)}}const jr=1,$r=2,Jr=new Set(["accessTokenSize","durationMs","idTokenSize","matsSilentStatus","matsHttpStatus","refreshTokenSize","startTimeMs","status","multiMatchedAT","multiMatchedID","multiMatchedRT","unencryptedCacheCount","encryptedCacheExpiredCount","oldAccountCount","oldAccessCount","oldIdCount","oldRefreshCount","currAccountCount","currAccessCount","currIdCount","currRefreshCount","expiredCacheRemovedCount","upgradedCacheCount"]);class Wr{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:jr,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""}}}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}const Gr={tokenRenewalOffsetSeconds:300,preventCorsPreflight:!1},Qr={loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info,correlationId:""},Vr={async sendGetRequestAsync(){throw be(bt)},async sendPostRequestAsync(){throw be(bt)}},Xr={sku:"msal.js.common",version:gr,cpu:"",os:""},Yr={clientSecret:"",clientAssertion:void 0},Zr={azureCloudInstance:pr.None,tenant:`${r}`},en={application:{appName:"",appVersion:""}};function tn({authOptions:e,systemOptions:t,loggerOptions:r,storageInterface:n,networkInterface:o,cryptoInterface:i,clientCredentials:s,libraryInfo:a,telemetry:c,serverTelemetryManager:h,persistencePlugin:l,serializableCache:d}){const u={...Qr,...r};return{authOptions:(g=e,{clientCapabilities:[],azureCloudOptions:Zr,instanceAware:!1,...g}),systemOptions:{...Gr,...t},loggerOptions:u,storageInterface:n||new zr(e.clientId,ar,new dr(u),new Wr),networkInterface:o||Vr,cryptoInterface:i||ar,clientCredentials:s||Yr,libraryInfo:{...Xr,...a},telemetry:{...en,...c},serverTelemetryManager:h||null,persistencePlugin:l||null,serializableCache:d||null};var g}function rn(e){return e.authOptions.authority.options.protocolMode===Hr.OIDC}class nn extends we{constructor(e,t,r,n,o){super(e,t,r),this.name="ServerError",this.errorNo=n,this.status=o,Object.setPrototypeOf(this,nn.prototype)}}const on="no_tokens_found",sn="native_account_unavailable",an="refresh_token_expired",cn="ux_not_allowed",hn="interaction_required",ln="consent_required",dn="login_required",un="bad_token";var gn=Object.freeze({__proto__:null,badToken:un,consentRequired:ln,interactionRequired:hn,loginRequired:dn,nativeAccountUnavailable:sn,noTokensFound:on,refreshTokenExpired:an,uxNotAllowed:cn});const pn=[hn,ln,dn,un,cn],mn=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token","ux_not_allowed"];class fn extends we{constructor(e,t,r,n,o,i,s,a){super(e,t,r),Object.setPrototypeOf(this,fn.prototype),this.timestamp=n||"",this.traceId=o||"",this.correlationId=i||"",this.claims=s||"",this.name="InteractionRequiredAuthError",this.errorNo=a}}function yn(e,t,r){const n=!!e&&pn.indexOf(e)>-1,o=!!r&&mn.indexOf(r)>-1,i=!!t&&pn.some((e=>t.indexOf(e)>-1));return n||i||o}function wn(e,t){return new fn(e,t)}function In(e,t,r){const n=function(e,t){if(!e)throw be(mt);const r={id:e.createNewGuid()};t&&(r.meta=t);const n=JSON.stringify(r);return e.base64Encode(n)}(e,r);return t?`${n}|${t}`:n}function Cn(e,t){if(!e)throw be(mt);if(!t)throw be(et);try{const r=t.split("|"),n=r[0],o=r.length>1?r.slice(1).join("|"):"",i=e(n);return{userRequestState:o||"",libraryState:JSON.parse(i)}}catch(e){throw be(et)}}function vn(){return Math.round((new Date).getTime()/1e3)}function kn(e){return e.getTime()/1e3}function Tn(e){return e?new Date(1e3*Number(e)):new Date}function bn(e,t){const r=Number(e)||0;return vn()+t>r}function An(e,t){const r=Number(e)+24*t*60*60*1e3;return Date.now()>r}function Sn(e){return Number(e)>vn()}const _n="networkClientSendPostRequestAsync",En="refreshTokenClientAcquireTokenWithCachedRefreshToken",Pn="getAuthCodeUrl",Rn="handleCodeResponseFromServer",On="popTokenGenerateCnf",Mn="handleServerTokenResponse",xn="authorityUpdateMetadataWithRegionalInformation",qn="regionDiscoveryGetRegionFromIMDS",Nn=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);if(o){const e=t+"CallCount";n.incrementFields({[e]:1},o)}try{const t=e(...i);return s.end({success:!0}),r.trace("1g8n6a",o),t}catch(e){r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}},Un=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);if(o){const e=t+"CallCount";n.incrementFields({[e]:1},o)}return e(...i).then((e=>(r.trace("1g8n6a",o),s.end({success:!0}),e))).catch((e=>{r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}))},Ln="sw";class Hn{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){const r=await Un(this.generateKid.bind(this),On,t,this.performanceClient,e.correlationId)(e),n=this.cryptoUtils.base64UrlEncode(JSON.stringify(r));return{kid:r.kid,reqCnfString:n}}async generateKid(e){return{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:Ln}}async signPopToken(e,t,r){return this.signPayload(e,t,r)}async signPayload(e,t,r,n){const{resourceRequestMethod:o,resourceRequestUri:i,shrClaims:s,shrNonce:a,shrOptions:c}=r,h=i?new vr(i):void 0,l=h?.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:vn(),m:o?.toUpperCase(),u:l?.HostNameAndPort,nonce:a||this.cryptoUtils.createNewGuid(),p:l?.AbsolutePath,q:l?.QueryString?[[],l.QueryString]:void 0,client_claims:s||void 0,...n},t,c,r.correlationId)}}class Dn{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}function Fn(e,t,r,n,o){return{credentialType:L.ID_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,realm:o,lastUpdatedAt:Date.now().toString()}}function Kn(e,t,r,n,o,i,s,a,c,h,l,d,u){const g={homeAccountId:e,credentialType:L.ACCESS_TOKEN,secret:r,cachedAt:vn().toString(),expiresOn:s.toString(),extendedExpiresOn:a.toString(),environment:t,clientId:n,realm:o,target:i,tokenType:l||G.BEARER,lastUpdatedAt:Date.now().toString()};if(d&&(g.userAssertionHash=d),h&&(g.refreshOn=h.toString()),g.tokenType?.toLowerCase()!==G.BEARER.toLowerCase())switch(g.credentialType=L.ACCESS_TOKEN_WITH_AUTH_SCHEME,g.tokenType){case G.POP:const e=wr(r,c);if(!e?.cnf?.kid)throw be(yt);g.keyId=e.cnf.kid;break;case G.SSH:g.keyId=u}return g}function Bn(e,t,r,n,o,i,s){const a={credentialType:L.REFRESH_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,lastUpdatedAt:Date.now().toString()};return i&&(a.userAssertionHash=i),o&&(a.familyId=o),s&&(a.expiresOn=s.toString()),a}function zn(e){return e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("credentialType")&&e.hasOwnProperty("clientId")&&e.hasOwnProperty("secret")}function jn(e){return!!e&&(zn(e)&&e.hasOwnProperty("realm")&&e.hasOwnProperty("target")&&(e.credentialType===L.ACCESS_TOKEN||e.credentialType===L.ACCESS_TOKEN_WITH_AUTH_SCHEME))}function $n(e){return!!e&&(zn(e)&&e.credentialType===L.REFRESH_TOKEN)}function Jn(){return vn()+86400}function Wn(e,t,r){e.authorization_endpoint=t.authorization_endpoint,e.token_endpoint=t.token_endpoint,e.end_session_endpoint=t.end_session_endpoint,e.issuer=t.issuer,e.endpointsFromNetwork=r,e.jwks_uri=t.jwks_uri}function Gn(e,t,r){e.aliases=t.aliases,e.preferred_cache=t.preferred_cache,e.preferred_network=t.preferred_network,e.aliasesFromNetwork=r}function Qn(e){return e.expiresAt<=vn()}class Vn{constructor(e,t,r,n,o,i,s){this.clientId=e,this.cacheStorage=t,this.cryptoObj=r,this.logger=n,this.performanceClient=o,this.serializableCache=i,this.persistencePlugin=s}validateTokenResponse(e,t,r){if(e.error||e.error_description||e.suberror){const n=`Error(s): ${e.error_codes||h} - Timestamp: ${e.timestamp||h} - Description: ${e.error_description||h} - Correlation ID: ${e.correlation_id||h} - Trace ID: ${e.trace_id||h}`,o=e.error_codes?.length?e.error_codes[0]:void 0,i=new nn(e.error,n,e.suberror,o,e.status);if(r&&e.status&&e.status>=500&&e.status<=599)return void this.logger.warning("16ks7j",t);if(r&&e.status&&e.status>=400&&e.status<=499)return void this.logger.warning("0g61x3",t);if(yn(e.error,e.error_description,e.suberror))throw new fn(e.error,e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",o);throw i}}async handleServerTokenResponse(e,t,r,n,o,i,s,a,c){let h,l;if(e.id_token){if(h=wr(e.id_token||"",this.cryptoObj.base64Decode),o&&o.nonce&&h.nonce!==o.nonce)throw be(nt);if(n.maxAge||0===n.maxAge){const e=h.auth_time;if(!e)throw be(ot);Cr(e,n.maxAge)}}this.homeAccountIdentifier=Kr(e.client_info||"",t.authorityType,this.logger,this.cryptoObj,n.correlationId,h),o&&o.state&&(l=Cn(this.cryptoObj.base64Decode,o.state)),e.key_id=e.key_id||n.sshKid||void 0;const d=this.generateCacheRecord(e,t,r,n,h,i,o);let u;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("0jbz5k",n.correlationId),u=new Dn(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(u)),s&&!a&&d.account){const e=this.cacheStorage.generateAccountKey(Dr(d.account));if(!this.cacheStorage.getAccount(e,n.correlationId))return this.logger.warning("1gmt66",n.correlationId),await Vn.generateAuthenticationResult(this.cryptoObj,t,d,!1,n,this.performanceClient,h,l,void 0,c)}await this.cacheStorage.saveCacheRecord(d,n.correlationId,Ir(h||{}),n.storeInCache)}finally{this.persistencePlugin&&this.serializableCache&&u&&(this.logger.verbose("1bh17u",n.correlationId),await this.persistencePlugin.afterCacheAccess(u))}return Vn.generateAuthenticationResult(this.cryptoObj,t,d,!1,n,this.performanceClient,h,l,e,c)}generateCacheRecord(e,t,r,n,o,i,s){const a=t.getPreferredCache();if(!a)throw be(gt);const c=Lr(o);let h,l;e.id_token&&o&&(h=Fn(this.homeAccountIdentifier,a,e.id_token,this.clientId,c||""),l=Xn(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,n.correlationId,o,e.client_info,a,c,s,void 0,this.logger));let d=null;if(e.access_token){const o=e.scope?_t.fromString(e.scope):new _t(n.scopes||[]),s=("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0,h=("string"==typeof e.ext_expires_in?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,l=("string"==typeof e.refresh_in?parseInt(e.refresh_in,10):e.refresh_in)||void 0,u=r+s,g=u+h,p=l&&l>0?r+l:void 0;d=Kn(this.homeAccountIdentifier,a,e.access_token,this.clientId,c||t.tenant||"",o.printScopes(),u,g,this.cryptoObj.base64Decode,p,e.token_type,i,e.key_id)}let u=null;if(e.refresh_token){let t;if(e.refresh_token_expires_in){t=r+("string"==typeof e.refresh_token_expires_in?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in),this.performanceClient?.addFields({ntwkRtExpiresOnSeconds:t},n.correlationId)}u=Bn(this.homeAccountIdentifier,a,e.refresh_token,this.clientId,e.foci,i,t)}let g=null;return e.foci&&(g={clientId:this.clientId,environment:a,familyId:e.foci}),{account:l,idToken:h,accessToken:d,refreshToken:u,appMetadata:g}}static async generateAuthenticationResult(e,t,r,n,o,i,s,a,c,h){let l,d,u="",g=[],p=null,m="";if(r.accessToken){if(r.accessToken.tokenType!==G.POP||o.popKid)u=r.accessToken.secret;else{const t=new Hn(e,i),{secret:n,keyId:s}=r.accessToken;if(!s)throw be(vt);u=await t.signPopToken(n,s,o)}g=_t.fromString(r.accessToken.target).asArray(),p=Tn(r.accessToken.expiresOn),l=Tn(r.accessToken.extendedExpiresOn),r.accessToken.refreshOn&&(d=Tn(r.accessToken.refreshOn))}r.appMetadata&&(m=r.appMetadata.familyId===D?D:"");const f=s?.oid||s?.sub||"",y=s?.tid||"";c?.spa_accountid&&r.account&&(r.account.nativeAccountId=c?.spa_accountid);const w=r.account?yr(Dr(r.account),void 0,s,r.idToken?.secret):null;return{authority:t.canonicalAuthority,uniqueId:f,tenantId:y,scopes:g,account:w,idToken:r?.idToken?.secret||"",idTokenClaims:s||{},accessToken:u,fromCache:n,expiresOn:p,extExpiresOn:l,refreshOn:d,correlationId:o.correlationId,requestId:h||"",familyId:m,tokenType:r.accessToken?.tokenType||"",state:a?a.userRequestState:"",cloudGraphHostName:r.account?.cloudGraphHostName||"",msGraphHost:r.account?.msGraphHost||"",code:c?.spa_code,fromPlatformBroker:!1}}}function Xn(e,t,r,n,o,i,s,a,c,h,l,d){d?.verbose("09jz0t",o);const u=e.getAccountKeys().find((e=>e.startsWith(r)));let g=null;u&&(g=e.getAccount(u,o));const p=g||function(e,t,r){let n,o,i;n=t.authorityType===qr?"ADFS":t.protocolMode===Hr.OIDC?U:"MSSTS",e.clientInfo&&r&&(o=Or(e.clientInfo,r),o.xms_tdbr&&(i="EU"===o.xms_tdbr?"EU":"None"));const s=e.environment||t&&t.getPreferredCache();if(!s)throw be(gt);const a=e.idTokenClaims?.preferred_username||e.idTokenClaims?.upn,c=e.idTokenClaims?.emails?e.idTokenClaims.emails[0]:null,h=a||c||"",l=e.idTokenClaims?.login_hint,d=o?.utid||Lr(e.idTokenClaims)||"",u=o?.uid||e.idTokenClaims?.oid||e.idTokenClaims?.sub||"";let g;g=e.tenantProfiles?e.tenantProfiles:[fr(e.homeAccountId,u,d,e.idTokenClaims)];return{homeAccountId:e.homeAccountId,environment:s,realm:d,localAccountId:u,username:h,authorityType:n,loginHint:l,clientInfo:e.clientInfo,name:e.idTokenClaims?.name||"",lastModificationTime:void 0,lastModificationApp:void 0,cloudGraphHostName:e.cloudGraphHostName,msGraphHost:e.msGraphHost,nativeAccountId:e.nativeAccountId,tenantProfiles:g,dataBoundary:i}}({homeAccountId:r,idTokenClaims:i,clientInfo:s,environment:a,cloudGraphHostName:h?.cloud_graph_host_name,msGraphHost:h?.msgraph_host,nativeAccountId:l},t,n),m=p.tenantProfiles||[],f=c||p.realm;if(f&&!m.find((e=>e.tenantId===f))){const e=fr(r,p.localAccountId,f,i);m.push(e)}return p.tenantProfiles=m,p}const Yn="home_account_id",Zn="UPN";async function eo(e,t,r){if("string"==typeof e)return e;return e({clientId:t,tokenEndpoint:r})}function to(e,t,r){return{clientId:e,authority:t.authority,scopes:t.scopes,homeAccountIdentifier:r,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid,embeddedClientId:t.embeddedClientId||t.extraParameters?.clientId}}class ro{static generateThrottlingStorageKey(e){return`${Q}.${JSON.stringify(e)}`}static preProcess(e,t,r){const n=ro.generateThrottlingStorageKey(t),o=e.getThrottlingCache(n,r);if(o){if(o.throttleTime<Date.now())return void e.removeItem(n,r);throw new nn(o.errorCodes?.join(" ")||"",o.errorMessage,o.subError)}}static postProcess(e,t,r,n){if(ro.checkResponseStatus(r)||ro.checkResponseForRetryAfter(r)){const o={throttleTime:ro.calculateThrottleTime(parseInt(r.headers[w])),error:r.body.error,errorCodes:r.body.error_codes,errorMessage:r.body.error_description,subError:r.body.suberror};e.setThrottlingCache(ro.generateThrottlingStorageKey(t),o,n)}}static checkResponseStatus(e){return 429===e.status||e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return!!e.headers&&(e.headers.hasOwnProperty(w)&&(e.status<200||e.status>=300))}static calculateThrottleTime(e){const t=e<=0?0:e,r=Date.now()/1e3;return Math.floor(1e3*Math.min(r+(t||60),r+3600))}static removeThrottle(e,t,r,n){const o=to(t,r,n),i=this.generateThrottlingStorageKey(o);e.removeItem(i,r.correlationId)}}class no extends we{constructor(e,t,r){super(e.errorCode,e.errorMessage,e.subError),Object.setPrototypeOf(this,no.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=r}}function oo(e,t,r,n){return e.errorMessage=`${e.errorMessage}, additionalErrorInfo: error.name:${n?.name}, error.message:${n?.message}`,new no(e,t,r)}function io(e,t,r){const n={};if(n[f]="application/x-www-form-urlencoded;charset=utf-8",!t&&r)switch(r.type){case Yn:try{const e=Mr(r.credential);n[I]=`Oid:${e.uid}@${e.utid}`}catch(t){e.verbose("1qhtee","")}break;case Zn:n[I]=`UPN: ${r.credential}`}return n}function so(e,t,r,n){const o=new Map;return e.embeddedClientId&&tr(o,t,r),e.extraQueryParameters&&Qt(o,e.extraQueryParameters),Ht(o,e.correlationId),Et(o,e.correlationId,n),ir(o)}async function ao(e,t,r,n,o,i,s,a,c,h){const l=await async function(e,t,r,n,o,i,s,a){let c;ro.preProcess(o,e,n);try{c=await Un(i.sendPostRequestAsync.bind(i),_n,s,a,n)(t,r);const e=c.headers||{};a?.addFields({refreshTokenSize:c.body.refresh_token?.length||0,httpVerToken:e[T]||"",requestId:e[k]||""},n)}catch(e){if(e instanceof no){const t=e.responseHeaders;throw t&&a?.addFields({httpVerToken:t[T]||"",requestId:t[k]||"",contentTypeHeader:t[f]||void 0,contentLengthHeader:t[y]||void 0,httpStatus:e.httpStatus},n),e.error}throw e instanceof we?e:be(Xe)}return ro.postProcess(o,e,c,n),c}(n,e,{body:t,headers:r},o,i,s,a,c);return h&&l.status<500&&429!==l.status&&h.clearTelemetryCache(),l}class co{constructor(e,t,r,n){this.networkInterface=e,this.logger=t,this.performanceClient=r,this.correlationId=n}async detectRegion(e,t){let r=e;if(r)t.region_source=X;else{const e=co.IMDS_OPTIONS;try{const n=await Un(this.getRegionFromIMDS.bind(this),qn,this.logger,this.performanceClient,this.correlationId)("2020-06-01",e);if(200===n.status&&(r=n.body,t.region_source=Y),400===n.status){const n=await Un(this.getCurrentVersion.bind(this),"regionDiscoveryGetCurrentVersion",this.logger,this.performanceClient,this.correlationId)(e);if(!n)return t.region_source=V,null;const o=await Un(this.getRegionFromIMDS.bind(this),qn,this.logger,this.performanceClient,this.correlationId)(n,e);200===o.status&&(r=o.body,t.region_source=Y)}}catch(e){return t.region_source=V,null}}return r||(t.region_source=V),r||null}async getRegionFromIMDS(e,t){return this.networkInterface.sendGetRequestAsync(`${l}?api-version=${e}&format=text`,t,2e3)}async getCurrentVersion(e){try{const t=await this.networkInterface.sendGetRequestAsync(`${l}?format=json`,e);return 400===t.status&&t.body&&t.body["newest-versions"]&&t.body["newest-versions"].length>0?t.body["newest-versions"][0]:null}catch(e){return null}}}co.IMDS_OPTIONS={headers:{Metadata:"true"}};class ho{constructor(e,t,r,n,o,i,s,a){this.canonicalAuthority=e,this._canonicalAuthority.validateAsUri(),this.networkInterface=t,this.cacheManager=r,this.authorityOptions=n,this.regionDiscoveryMetadata={region_used:void 0,region_source:void 0,region_outcome:void 0},this.logger=o,this.performanceClient=s,this.correlationId=i,this.managedIdentity=a||!1,this.regionDiscovery=new co(t,this.logger,this.performanceClient,this.correlationId)}getAuthorityType(e){if(e.HostNameAndPort.endsWith(o))return Ur;const t=e.PathSegments;if(t.length)switch(t[0].toLowerCase()){case"adfs":return qr;case"dstsv2":return Nr}return xr}get authorityType(){return this.getAuthorityType(this.canonicalAuthorityUrlComponents)}get protocolMode(){return this.authorityOptions.protocolMode}get options(){return this.authorityOptions}get canonicalAuthority(){return this._canonicalAuthority.urlString}set canonicalAuthority(e){this._canonicalAuthority=new vr(e),this._canonicalAuthority.validateAsUri(),this._canonicalAuthorityUrlComponents=null}get canonicalAuthorityUrlComponents(){return this._canonicalAuthorityUrlComponents||(this._canonicalAuthorityUrlComponents=this._canonicalAuthority.getUrlComponents()),this._canonicalAuthorityUrlComponents}get hostnameAndPort(){return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()}get tenant(){return this.canonicalAuthorityUrlComponents.PathSegments[0]}get authorizationEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.authorization_endpoint);throw be(Ve)}get tokenEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint);throw be(Ve)}get deviceCodeEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint.replace("/token","/devicecode"));throw be(Ve)}get endSessionEndpoint(){if(this.discoveryComplete()){if(!this.metadata.end_session_endpoint)throw be(Ct);return this.replacePath(this.metadata.end_session_endpoint)}throw be(Ve)}get selfSignedJwtAudience(){if(this.discoveryComplete())return this.replacePath(this.metadata.issuer);throw be(Ve)}get jwksUri(){if(this.discoveryComplete())return this.replacePath(this.metadata.jwks_uri);throw be(Ve)}canReplaceTenant(e){return 1===e.PathSegments.length&&!ho.reservedTenantDomains.has(e.PathSegments[0])&&this.getAuthorityType(e)===xr&&this.protocolMode!==Hr.OIDC}replaceTenant(e){return e.replace(/{tenant}|{tenantid}/g,this.tenant)}replacePath(e){let t=e;const r=new vr(this.metadata.canonical_authority).getUrlComponents(),n=r.PathSegments;return this.canonicalAuthorityUrlComponents.PathSegments.forEach(((e,o)=>{let i=n[o];if(0===o&&this.canReplaceTenant(r)){const e=new vr(this.metadata.authorization_endpoint).getUrlComponents().PathSegments[0];i!==e&&(this.logger.verbose("1q3g2x",this.correlationId),i=e)}e!==i&&(t=t.replace(`/${i}/`,`/${e}/`))})),this.replaceTenant(t)}get defaultOpenIdConfigurationEndpoint(){const e=this.hostnameAndPort;return this.canonicalAuthority.endsWith("v2.0/")||this.authorityType===qr||this.protocolMode===Hr.OIDC&&!this.isAliasOfKnownMicrosoftAuthority(e)?`${this.canonicalAuthority}.well-known/openid-configuration`:`${this.canonicalAuthority}v2.0/.well-known/openid-configuration`}discoveryComplete(){return!!this.metadata}async resolveEndpointsAsync(){const e=this.getCurrentMetadataEntity(),t=await Un(this.updateCloudDiscoveryMetadata.bind(this),"authorityUpdateCloudDiscoveryMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.canonicalAuthority=this.canonicalAuthority.replace(this.hostnameAndPort,e.preferred_network);const r=await Un(this.updateEndpointMetadata.bind(this),"authorityUpdateEndpointMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.updateCachedMetadata(e,t,{source:r}),this.performanceClient?.addFields({cloudDiscoverySource:t,authorityEndpointSource:r},this.correlationId)}getCurrentMetadataEntity(){let e=this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort,this.correlationId);return e||(e={aliases:[],preferred_cache:this.hostnameAndPort,preferred_network:this.hostnameAndPort,canonical_authority:this.canonicalAuthority,authorization_endpoint:"",token_endpoint:"",end_session_endpoint:"",issuer:"",aliasesFromNetwork:!1,endpointsFromNetwork:!1,expiresAt:Jn(),jwks_uri:""}),e}updateCachedMetadata(e,t,r){t!==B&&r?.source!==B&&(e.expiresAt=Jn(),e.canonical_authority=this.canonicalAuthority);const n=this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache,this.correlationId);this.cacheManager.setAuthorityMetadata(n,e,this.correlationId),this.metadata=e}async updateEndpointMetadata(e){const t=this.updateEndpointMetadataFromLocalSources(e);if(t){if(t.source===j&&this.authorityOptions.azureRegionConfiguration?.azureRegion&&t.metadata){Wn(e,await Un(this.updateMetadataWithRegionalInformation.bind(this),xn,this.logger,this.performanceClient,this.correlationId)(t.metadata),!1),e.canonical_authority=this.canonicalAuthority}return t.source}let r=await Un(this.getEndpointMetadataFromNetwork.bind(this),"authorityGetEndpointMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return this.authorityOptions.azureRegionConfiguration?.azureRegion&&(r=await Un(this.updateMetadataWithRegionalInformation.bind(this),xn,this.logger,this.performanceClient,this.correlationId)(r)),Wn(e,r,!0),z;throw be(Ye,this.defaultOpenIdConfigurationEndpoint)}updateEndpointMetadataFromLocalSources(e){this.logger.verbose("1fi0kc",this.correlationId);const t=this.getEndpointMetadataFromConfig();if(t)return this.logger.verbose("06t0uj",this.correlationId),Wn(e,t,!1),{source:K};this.logger.verbose("151k0p",this.correlationId);const r=this.getEndpointMetadataFromHardcodedValues();if(r)return Wn(e,r,!1),{source:j,metadata:r};this.logger.verbose("1imop5",this.correlationId);const n=Qn(e);return this.isAuthoritySameType(e)&&e.endpointsFromNetwork&&!n?(this.logger.verbose("16uq31",""),{source:B}):(n&&this.logger.verbose("0uoibc",""),null)}isAuthoritySameType(e){return new vr(e.canonical_authority).getUrlComponents().PathSegments.length===this.canonicalAuthorityUrlComponents.PathSegments.length}getEndpointMetadataFromConfig(){if(this.authorityOptions.authorityMetadata)try{return JSON.parse(this.authorityOptions.authorityMetadata)}catch(e){throw ve(Ne)}return null}async getEndpointMetadataFromNetwork(){const e={},t=this.defaultOpenIdConfigurationEndpoint;this.logger.verbose("1y65x6",this.correlationId);try{const r=await this.networkInterface.sendGetRequestAsync(t,e),n=function(e){return e.hasOwnProperty("authorization_endpoint")&&e.hasOwnProperty("token_endpoint")&&e.hasOwnProperty("issuer")&&e.hasOwnProperty("jwks_uri")}(r.body);return n?r.body:(this.logger.verbose("1koyv8",this.correlationId),null)}catch(e){return this.logger.verbose("0a9wik",this.correlationId),null}}getEndpointMetadataFromHardcodedValues(){return this.hostnameAndPort in Tr?Tr[this.hostnameAndPort]:null}async updateMetadataWithRegionalInformation(e){const t=this.authorityOptions.azureRegionConfiguration?.azureRegion;if(t){if("TryAutoDetect"!==t)return this.regionDiscoveryMetadata.region_outcome=Z,this.regionDiscoveryMetadata.region_used=t,ho.replaceWithRegionalInformation(e,t);const r=await Un(this.regionDiscovery.detectRegion.bind(this.regionDiscovery),"regionDiscoveryDetectRegion",this.logger,this.performanceClient,this.correlationId)(this.authorityOptions.azureRegionConfiguration?.environmentRegion,this.regionDiscoveryMetadata);if(r)return this.regionDiscoveryMetadata.region_outcome=ee,this.regionDiscoveryMetadata.region_used=r,ho.replaceWithRegionalInformation(e,r);this.regionDiscoveryMetadata.region_outcome=te}return e}async updateCloudDiscoveryMetadata(e){const t=this.updateCloudDiscoveryMetadataFromLocalSources(e);if(t)return t;const r=await Un(this.getCloudDiscoveryMetadataFromNetwork.bind(this),"authorityGetCloudDiscoveryMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return Gn(e,r,!0),z;throw ve(Ue)}updateCloudDiscoveryMetadataFromLocalSources(e){this.logger.verbose("0jhlgt",this.correlationId),this.logger.verbosePii("1fy7uz",this.correlationId),this.logger.verbosePii("08zabj",this.correlationId),this.logger.verbosePii("1o1kv3",this.correlationId);const t=this.getCloudDiscoveryMetadataFromConfig();if(t)return this.logger.verbose("1nakio",this.correlationId),Gn(e,t,!1),K;this.logger.verbose("1x74aj",this.correlationId);const r=(n=this.hostnameAndPort,_r(br.metadata,n));var n;if(r)return this.logger.verbose("0by47c",this.correlationId),Gn(e,r,!1),j;this.logger.verbose("0r2fzy",this.correlationId);const o=Qn(e);return this.isAuthoritySameType(e)&&e.aliasesFromNetwork&&!o?(this.logger.verbose("1uffgh",""),B):(o&&this.logger.verbose("0uoibc",""),null)}getCloudDiscoveryMetadataFromConfig(){if(this.authorityType===Ur)return this.logger.verbose("04y84h",this.correlationId),ho.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);if(this.authorityOptions.cloudDiscoveryMetadata){this.logger.verbose("0gszr3",this.correlationId);try{this.logger.verbose("1iifkx",this.correlationId);const e=_r(JSON.parse(this.authorityOptions.cloudDiscoveryMetadata).metadata,this.hostnameAndPort);if(this.logger.verbose("0q67e3",""),e)return this.logger.verbose("0hzfao",this.correlationId),e;this.logger.verbose("1ajz3u",this.correlationId)}catch(e){throw this.logger.verbose("1wq5tu",this.correlationId),ve(qe)}}return this.isInKnownAuthorities()?(this.logger.verbose("0mt9al",this.correlationId),ho.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)):null}async getCloudDiscoveryMetadataFromNetwork(){const e=`${n}${this.canonicalAuthority}oauth2/v2.0/authorize`,t={};let r=null;try{const n=await this.networkInterface.sendGetRequestAsync(e,t);let o,i;if(function(e){return e.hasOwnProperty("tenant_discovery_endpoint")&&e.hasOwnProperty("metadata")}(n.body))o=n.body,i=o.metadata,this.logger.verbosePii("1vglyt",this.correlationId);else{if(!function(e){return e.hasOwnProperty("error")&&e.hasOwnProperty("error_description")}(n.body))return this.logger.error("0768g0",this.correlationId),null;if(this.logger.warning("062uto",this.correlationId),o=n.body,"invalid_instance"===o.error)return this.logger.error("1x90tm",this.correlationId),null;this.logger.warning("0wchdm",this.correlationId),this.logger.warning("1s5mpv",this.correlationId),this.logger.warning("1yhqpw",this.correlationId),i=[]}this.logger.verbose("1lrobr",this.correlationId),r=_r(i,this.hostnameAndPort)}catch(e){return e instanceof we?this.logger.error("0vwhc7",this.correlationId):this.logger.error("0s2z41",this.correlationId),null}return r||(this.logger.warning("0jp28q",this.correlationId),this.logger.verbose("130sd8",this.correlationId),r=ho.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),r}isInKnownAuthorities(){return this.authorityOptions.knownAuthorities.filter((e=>e&&vr.getDomainFromUrl(e).toLowerCase()===this.hostnameAndPort)).length>0}static generateAuthority(e,t){let n;if(t&&t.azureCloudInstance!==pr.None){const e=t.tenant?t.tenant:r;n=`${t.azureCloudInstance}/${e}/`}return n||e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return"login.microsoftonline.com";if(this.discoveryComplete())return this.metadata.preferred_cache;throw be(Ve)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return Ar.has(e)}static isPublicCloudAuthority(e){return d.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,r){const n=new vr(e);n.validateAsUri();const o=n.getUrlComponents();let i=`${t}.${o.HostNameAndPort}`;this.isPublicCloudAuthority(o.HostNameAndPort)&&(i=`${t}.login.microsoft.com`);const s=vr.constructAuthorityUriFromObject({...n.getUrlComponents(),HostNameAndPort:i}).urlString;return r?`${s}?${r}`:s}static replaceWithRegionalInformation(e,t){const r={...e};return r.authorization_endpoint=ho.buildRegionalAuthorityString(r.authorization_endpoint,t),r.token_endpoint=ho.buildRegionalAuthorityString(r.token_endpoint,t),r.end_session_endpoint&&(r.end_session_endpoint=ho.buildRegionalAuthorityString(r.end_session_endpoint,t)),r}static transformCIAMAuthority(e){let t=e;const r=new vr(e).getUrlComponents();if(0===r.PathSegments.length&&r.HostNameAndPort.endsWith(o)){t=`${t}${r.HostNameAndPort.split(".")[0]}.onmicrosoft.com`}return t}}function lo(e){return e.endsWith("/")?e:`${e}/`}function uo(e){const t=e.cloudDiscoveryMetadata;let r;if(t)try{r=JSON.parse(t)}catch(e){throw ve(qe)}return{canonicalAuthority:e.authority?lo(e.authority):void 0,knownAuthorities:e.knownAuthorities,cloudDiscoveryMetadata:r}}async function go(e,t,r,n,o,i,s){const a=ho.transformCIAMAuthority(lo(e)),c=new ho(a,t,r,n,o,i,s);try{return await Un(c.resolveEndpointsAsync.bind(c),"authorityResolveEndpointsAsync",o,s,i)(),c}catch(e){throw be(Ve)}}ho.reservedTenantDomains=new Set(["{tenant}","{tenantid}",A,_,S]);class po{constructor(e,t){this.includeRedirectUri=!0,this.config=tn(e),this.logger=new dr(this.config.loggerOptions,ur,gr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t,this.oidcDefaultScopes=this.config.authOptions.authority.options.OIDCOptions?.defaultScopes}async acquireToken(e,t){if(!e.code)throw be(at);t&&t.cloud_instance_host_name&&await Un(this.updateTokenEndpointAuthority.bind(this),"updateTokenEndpointAuthority",this.logger,this.performanceClient,e.correlationId)(t.cloud_instance_host_name,e.correlationId);const r=vn(),n=await Un(this.executeTokenRequest.bind(this),"authClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(this.authority,e,this.serverTelemetryManager),o=n.headers?.[k],i=new Vn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return i.validateTokenResponse(n.body,e.correlationId),Un(i.handleServerTokenResponse.bind(i),Mn,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,r,e,t,void 0,void 0,void 0,o)}getLogoutUri(e){if(!e)throw ve(Me);const t=this.createLogoutUrlQueryString(e);return vr.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t,r){const n=so(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),o=vr.appendQueryString(e.tokenEndpoint,n),i=await Un(this.createTokenRequestBody.bind(this),"authClientCreateTokenRequestBody",this.logger,this.performanceClient,t.correlationId)(t);let s;if(t.clientInfo)try{const e=Or(t.clientInfo,this.cryptoUtils.base64Decode);s={credential:`${e.uid}.${e.utid}`,type:Yn}}catch(e){this.logger.verbose("0wznt3",t.correlationId)}const a=io(this.logger,this.config.systemOptions.preventCorsPreflight,s||t.ccsCredential),c=to(this.config.authOptions.clientId,t);return Un(ao,"authorizationCodeClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,t.correlationId)(o,i,a,c,t.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,r)}async createTokenRequestBody(e){const t=new Map;if(Ot(t,e.embeddedClientId||e.extraParameters?.[ce]||this.config.authOptions.clientId),this.includeRedirectUri)Mt(t,e.redirectUri);else if(!e.redirectUri)throw ve(Ae);if(Rt(t,e.scopes,!0,this.oidcDefaultScopes),function(e,t){e.set("code",t)}(t,e.code),Dt(t,this.config.libraryInfo),Ft(t,this.config.telemetry.application),er(t),this.serverTelemetryManager&&!rn(this.config)&&Zt(t,this.serverTelemetryManager),e.codeVerifier&&function(e,t){e.set("code_verifier",t)}(t,e.codeVerifier),this.config.clientCredentials.clientSecret&&zt(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;jt(t,await eo(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),$t(t,r.assertionType)}if(Jt(t,q),Wt(t),e.authenticationScheme===G.POP){const r=new Hn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Un(r.generateCnf.bind(r),On,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}Xt(t,n)}else if(e.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);Yt(t,e.sshJwk)}let r;if((!ke.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Lt(t,e.claims,this.config.authOptions.clientCapabilities),e.clientInfo)try{const t=Or(e.clientInfo,this.cryptoUtils.base64Decode);r={credential:`${t.uid}.${t.utid}`,type:Yn}}catch(t){this.logger.verbose("0wznt3",e.correlationId)}else r=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&r)switch(r.type){case Yn:try{Nt(t,Mr(r.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case Zn:qt(t,r.credential)}return e.embeddedClientId&&tr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&Qt(t,e.extraParameters),!e.enableSpaAuthorizationCode||e.extraParameters&&e.extraParameters[ue]||Qt(t,{[ue]:"1"}),Et(t,e.correlationId,this.performanceClient),ir(t)}createLogoutUrlQueryString(e){const t=new Map;return e.postLogoutRedirectUri&&function(e,t){e.set("post_logout_redirect_uri",t)}(t,e.postLogoutRedirectUri),e.correlationId&&Ht(t,e.correlationId),e.idTokenHint&&function(e,t){e.set("id_token_hint",t)}(t,e.idTokenHint),e.state&&Kt(t,e.state),e.logoutHint&&function(e,t){e.set("logout_hint",t)}(t,e.logoutHint),e.extraQueryParameters&&Qt(t,e.extraQueryParameters),this.config.authOptions.instanceAware&&Gt(t),ir(t)}async updateTokenEndpointAuthority(e,t){const r=`https://${e}/${this.authority.tenant}/`,n=await go(r,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=n}}class mo{constructor(e,t){this.config=tn(e),this.logger=new dr(this.config.loggerOptions,ur,gr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireToken(e){const t=vn(),r=await Un(this.executeTokenRequest.bind(this),"refreshTokenClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(e,this.authority),n=r.headers?.[k],o=new Vn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return o.validateTokenResponse(r.body,e.correlationId),Un(o.handleServerTokenResponse.bind(o),Mn,this.logger,this.performanceClient,e.correlationId)(r.body,this.authority,t,e,void 0,void 0,!0,e.forceCache,n)}async acquireTokenByRefreshToken(e){if(!e)throw ve(Oe);if(!e.account)throw be(dt);if(this.cacheManager.isAppMetadataFOCI(e.account.environment,e.correlationId))try{return await Un(this.acquireTokenWithCachedRefreshToken.bind(this),En,this.logger,this.performanceClient,e.correlationId)(e,!0)}catch(t){const r=t instanceof fn&&t.errorCode===on,n=t instanceof nn&&"invalid_grant"===t.errorCode&&"client_mismatch"===t.subError;if(r||n)return Un(this.acquireTokenWithCachedRefreshToken.bind(this),En,this.logger,this.performanceClient,e.correlationId)(e,!1);throw t}return Un(this.acquireTokenWithCachedRefreshToken.bind(this),En,this.logger,this.performanceClient,e.correlationId)(e,!1)}async acquireTokenWithCachedRefreshToken(e,t){const r=Nn(this.cacheManager.getRefreshToken.bind(this.cacheManager),"cacheManagerGetRefreshToken",this.logger,this.performanceClient,e.correlationId)(e.account,t,e.correlationId,void 0);if(!r)throw wn(on);if(r.expiresOn){const t=e.refreshTokenExpirationOffsetSeconds||300;if(this.performanceClient?.addFields({cacheRtExpiresOnSeconds:Number(r.expiresOn),rtOffsetSeconds:t},e.correlationId),bn(r.expiresOn,t))throw wn(an)}const n={...e,refreshToken:r.secret,authenticationScheme:e.authenticationScheme||G.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:Yn}};try{return await Un(this.acquireToken.bind(this),"refreshTokenClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(n)}catch(t){if(t instanceof fn&&t.subError===un){this.logger.verbose("1pg3ap",e.correlationId);const t=this.cacheManager.generateCredentialKey(r);this.cacheManager.removeRefreshToken(t,e.correlationId)}throw t}}async executeTokenRequest(e,t){const r=so(e,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),n=vr.appendQueryString(t.tokenEndpoint,r),o=await Un(this.createTokenRequestBody.bind(this),"refreshTokenClientCreateTokenRequestBody",this.logger,this.performanceClient,e.correlationId)(e),i=io(this.logger,this.config.systemOptions.preventCorsPreflight,e.ccsCredential),s=to(this.config.authOptions.clientId,e);return Un(ao,"refreshTokenClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,e.correlationId)(n,o,i,s,e.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,this.serverTelemetryManager)}async createTokenRequestBody(e){const t=new Map;if(Ot(t,e.embeddedClientId||e.extraParameters?.[ce]||this.config.authOptions.clientId),e.redirectUri&&Mt(t,e.redirectUri),Rt(t,e.scopes,!0,this.config.authOptions.authority.options.OIDCOptions?.defaultScopes),Jt(t,N),Wt(t),Dt(t,this.config.libraryInfo),Ft(t,this.config.telemetry.application),er(t),this.serverTelemetryManager&&!rn(this.config)&&Zt(t,this.serverTelemetryManager),function(e,t){e.set("refresh_token",t)}(t,e.refreshToken),this.config.clientCredentials.clientSecret&&zt(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;jt(t,await eo(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),$t(t,r.assertionType)}if(e.authenticationScheme===G.POP){const r=new Hn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Un(r.generateCnf.bind(r),On,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}Xt(t,n)}else if(e.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);Yt(t,e.sshJwk)}if((!ke.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Lt(t,e.claims,this.config.authOptions.clientCapabilities),this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case Yn:try{Nt(t,Mr(e.ccsCredential.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case Zn:qt(t,e.ccsCredential.credential)}return e.embeddedClientId&&tr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&Qt(t,{...e.extraParameters}),Et(t,e.correlationId,this.performanceClient),ir(t)}}class fo{constructor(e,t){this.config=tn(e),this.logger=new dr(this.config.loggerOptions,ur,gr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireCachedToken(e){let t=re;if(e.forceRefresh||!ke.isEmptyObj(e.claims))throw this.setCacheOutcome(ne,e.correlationId),be(ft);if(!e.account)throw be(dt);const r=e.account.tenantId||function(e){const t=new vr(e).getUrlComponents(),r=t.PathSegments.slice(-1)[0]?.toLowerCase();switch(r){case A:case S:case _:return;default:return r}}(e.authority),n=this.cacheManager.getTokenKeys(),o=this.cacheManager.getAccessToken(e.account,e,n,r);if(!o)throw this.setCacheOutcome(oe,e.correlationId),be(ft);if(Sn(o.cachedAt)||bn(o.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(ie,e.correlationId),be(ft);o.refreshOn&&bn(o.refreshOn,0)&&(t=se);const i=e.authority||this.authority.getPreferredCache(),s={account:this.cacheManager.getAccount(this.cacheManager.generateAccountKey(e.account),e.correlationId),accessToken:o,idToken:this.cacheManager.getIdToken(e.account,e.correlationId,n,r),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(i,e.correlationId)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await Un(this.generateResultFromCacheRecord.bind(this),"silentFlowClientGenerateResultFromCacheRecord",this.logger,this.performanceClient,e.correlationId)(s,e),t]}setCacheOutcome(e,t){this.serverTelemetryManager?.setCacheOutcome(e),this.performanceClient?.addFields({cacheOutcome:e},t),e!==re&&this.logger.info("09ingz",t)}async generateResultFromCacheRecord(e,t){let r;if(e.idToken&&(r=wr(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge||0===t.maxAge){const e=r?.auth_time;if(!e)throw be(ot);Cr(e,t.maxAge)}return Vn.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,this.performanceClient,r)}}const yo={sendGetRequestAsync:()=>Promise.reject(be(bt)),sendPostRequestAsync:()=>Promise.reject(be(bt))};function wo(e,t,r,n){const o=t.correlationId,i=new Map;Ot(i,t.embeddedClientId||t.extraQueryParameters?.[ce]||e.clientId);if(Rt(i,[...t.scopes||[],...t.extraScopesToConsent||[]],!0,e.authority.options.OIDCOptions?.defaultScopes),Mt(i,t.redirectUri),Ht(i,o),function(e,t){e.set("response_mode",t||x.QUERY)}(i,t.responseMode),Wt(i),t.prompt&&(!function(e,t){e.set("prompt",t)}(i,t.prompt),n?.addFields({prompt:t.prompt},o)),t.domainHint&&(!function(e,t){e.set("domain_hint",t)}(i,t.domainHint),n?.addFields({domainHintFromRequest:!0},o)),t.prompt!==R.SELECT_ACCOUNT)if(t.sid&&t.prompt===R.NONE)r.verbose("1tvqyx",t.correlationId),Ut(i,t.sid),n?.addFields({sidFromRequest:!0},o);else if(t.account){const e=(s=t.account,s.idTokenClaims?.sid||null);let a=function(e){return e.loginHint||e.idTokenClaims?.login_hint||null}(t.account);if(a&&t.domainHint&&(r.warning("0wkg3v",t.correlationId),a=null),a){r.verbose("1eyfsw",t.correlationId),xt(i,a),n?.addFields({loginHintFromClaim:!0},o);try{Nt(i,Mr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(e&&t.prompt===R.NONE){r.verbose("1rmd8s",t.correlationId),Ut(i,e),n?.addFields({sidFromClaim:!0},o);try{Nt(i,Mr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(t.loginHint)r.verbose("0y3007",t.correlationId),xt(i,t.loginHint),qt(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o);else if(t.account.username){r.verbose("02f507",t.correlationId),xt(i,t.account.username),n?.addFields({loginHintFromUpn:!0},o);try{Nt(i,Mr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}}else t.loginHint&&(r.verbose("0g01ey",t.correlationId),xt(i,t.loginHint),qt(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o));else r.verbose("169k9v",t.correlationId);var s;return t.nonce&&function(e,t){e.set("nonce",t)}(i,t.nonce),t.state&&Kt(i,t.state),(t.claims||e.clientCapabilities&&e.clientCapabilities.length>0)&&Lt(i,t.claims,e.clientCapabilities),t.embeddedClientId&&tr(i,e.clientId,e.redirectUri),!e.instanceAware||t.extraQueryParameters&&Object.keys(t.extraQueryParameters).includes(fe)||Gt(i),i}function Io(e,t){const r=ir(t);return vr.appendQueryString(e.authorizationEndpoint,r)}function Co(e,t){if(!e.state||!t)throw e.state?be(rt,"Cached State"):be(rt,"Server State");let r,n;try{r=decodeURIComponent(e.state)}catch(t){throw be(et,e.state)}try{n=decodeURIComponent(t)}catch(t){throw be(et,e.state)}if(r!==n)throw be(tt);if(e.error||e.error_description||e.suberror){const t=function(e){const t="code=",r=e.error_uri?.lastIndexOf(t);return r&&r>=0?e.error_uri?.substring(r+t.length):void 0}(e);if(yn(e.error,e.error_description,e.suberror))throw new fn(e.error||"",e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",t);throw new nn(e.error||"",e.error_description,e.suberror,t)}}const vo="unexpected_error";var ko=Object.freeze({__proto__:null,postRequestFailed:"post_request_failed",unexpectedError:vo});function To(e){const{skus:t,libraryName:r,libraryVersion:n,extensionName:o,extensionVersion:i}=e,s=new Map([[0,[r,n]],[2,[o,i]]]);let a=[];if(t?.length){if(a=t.split(","),a.length<4)return t}else a=Array.from({length:4},(()=>"|"));return s.forEach(((e,t)=>{2===e.length&&e[0]?.length&&e[1]?.length&&function(e){const{skuArr:t,index:r,skuName:n,skuVersion:o}=e;if(r>=t.length)return;t[r]=[n,o].join("|")}({skuArr:a,index:t,skuName:e[0],skuVersion:e[1]})})),a.join(",")}class bo{constructor(e,t){this.cacheOutcome=re,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||"",this.wrapperVer=e.wrapperVer||"",this.telemetryCacheKey=J+"-"+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${W}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],r=this.getNativeBrokerErrorCode();r?.length&&t.push(`broker_error=${r}`);const n=t.join(W),o=[e,this.getRegionDiscoveryFields()].join(W);return[$,o,n].join("|")}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=bo.maxErrorsToSend(e),r=e.failedRequests.slice(0,2*t).join(W),n=e.errors.slice(0,t).join(W),o=e.errors.length,i=[o,t<o?"1":"0"].join(W);return[$,e.cacheHits,r,n,i].join("|")}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=50&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof we?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push("unknown_error"),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId),e.cacheHits}getLastRequests(){return this.cacheManager.getServerTelemetry(this.telemetryCacheKey,this.correlationId)||{failedRequests:[],errors:[],cacheHits:0}}clearTelemetryCache(){const e=this.getLastRequests(),t=bo.maxErrorsToSend(e);if(t===e.errors.length)this.cacheManager.removeItem(this.telemetryCacheKey,this.correlationId);else{const r={failedRequests:e.failedRequests.slice(2*t),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,r,this.correlationId)}}static maxErrorsToSend(e){let t,r=0,n=0;const o=e.errors.length;for(t=0;t<o;t++){const o=e.failedRequests[2*t]||"",i=e.failedRequests[2*t+1]||"",s=e.errors[t]||"";if(n+=o.toString().length+i.toString().length+s.length+3,!(n<330))break;r+=1}return r}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||""),e.push(this.regionSource||""),e.push(this.regionOutcome||""),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId)}static makeExtraSkuString(e){return To(e)}}class Ao extends we{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,Ao.prototype)}}function So(e){return new Ao(e)}class _o{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw So("missing_kid_error");if(!e.alg)throw So("missing_alg_error");const t=new _o({typ:e.typ||ae.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}function Eo(e,t,r,n=5){if(e instanceof Error)return e instanceof we?(r.errorCode=e.errorCode,r.subErrorCode=e.subError,void((e instanceof nn||e instanceof fn)&&(r.serverErrorNo=e.errorNo))):void(e instanceof Pr?r.errorCode=e.errorCode:r.errorStack?.length?t.trace("0lmqrh",r.correlationId):e.stack?.length?(e.stack&&(r.errorStack=function(e,t){if(t<0)return[];const r=e.split("\n")||[],n=[],o=r[0];o.startsWith("TypeError: Cannot read property")||o.startsWith("TypeError: Cannot read properties of")||o.startsWith("TypeError: Cannot set property")||o.startsWith("TypeError: Cannot set properties of")||o.endsWith("is not a function")?n.push(Po(o)):(o.startsWith("SyntaxError")||o.startsWith("TypeError"))&&n.push(Po(o.replace(/['].*[']|["].*["]/g,"<redacted>")));for(let e=1;e<r.length&&!(n.length>=t);e++){const t=r[e];n.push(Po(t))}return n}(e.stack,n)),r.errorName=e.name):t.trace("1cnpwa",r.correlationId));t.trace("0gcyox",r.correlationId)}function Po(e){const t=e.lastIndexOf(" ")+1;if(t<1)return e;const r=e.substring(t);let n=r.lastIndexOf("/");return n=n<0?r.lastIndexOf("\\"):n,n>=0?(e.substring(0,t)+"("+r.substring(n+1)+(")"===r.charAt(r.length-1)?"":")")).trimStart():e.trimStart()}class Ro{constructor(e,t,r,n,o,i,s){this.authority=t,this.libraryName=n,this.libraryVersion=o,this.applicationTelemetry=i,this.clientId=e,this.logger=r,this.callbacks=new Map,this.eventsByCorrelationId=new Map,this.eventStack=new Map,this.intFields=s||new Set;for(const e of Jr)this.intFields.add(e)}startMeasurement(e,t){const r=t||this.generateId(),n={eventId:this.generateId(),status:jr,authority:this.authority,libraryName:this.libraryName,libraryVersion:this.libraryVersion,clientId:this.clientId,name:e,startTimeMs:Date.now(),correlationId:r,appName:this.applicationTelemetry?.appName,appVersion:this.applicationTelemetry?.appVersion};var o,i;return this.cacheEventByCorrelationId(n),o=n,(i=this.eventStack.get(r))&&i.push({name:o.name}),{end:(e,t,r)=>this.endMeasurement({...n,...e},t,r),discard:()=>this.discardMeasurements(n.correlationId),add:e=>this.addFields(e,n.correlationId),increment:e=>this.incrementFields(e,n.correlationId),event:n}}endMeasurement(e,t,r){const n=this.eventsByCorrelationId.get(e.correlationId);if(!n)return this.logger.trace("0k9ti8",e.correlationId),null;const o=e.eventId===n.eventId;e.durationMs=Math.round(e.durationMs||this.getDurationMs(e.startTimeMs));const i=JSON.stringify(function(e,t,r){if(!t?.length)return;const n=e=>e.length?e[e.length-1]:void 0,o=e.name,i=n(t);if(i?.name!==o)return;const s=t?.pop();if(!s)return;const a=r instanceof we?r.errorCode:r instanceof Error?r.name:void 0,c=r instanceof we?r.subError:void 0;a&&s.childErr!==a&&(s.err=a,c&&(s.subErr=c)),delete s.name,delete s.childErr;const h={...s,dur:e.durationMs};e.success||(h.fail=1);const l=n(t);if(!l)return{[o]:h};let d;if(a&&(l.childErr=a),l[o]){const e=Object.keys(l).filter((e=>e.startsWith(o))).length;d=`${o}_${e+1}`}else d=o;return l[d]=h,l}(e,this.eventStack.get(n.correlationId),t));if(o?this.discardMeasurements(n.correlationId):n.incompleteSubMeasurements?.delete(e.eventId),t&&Eo(t,this.logger,n),!o)return n[e.name+"DurationMs"]=Math.floor(e.durationMs),{...n};o&&!t&&(n.errorCode||n.subErrorCode)&&(this.logger.trace("1fm1tm",e.correlationId),n.errorCode=void 0,n.subErrorCode=void 0);let s={...n,...e},a=0;s.incompleteSubMeasurements?.forEach((e=>{this.logger.trace("0nxk52",s.correlationId),a++})),s.incompleteSubMeasurements=void 0;const c=function(e){const t=[];for(const r of["",e]){const e=hr.get(r);t.push(...e?.logs??[]),hr.delete(r)}return t}(e.correlationId).map((e=>`${e.milliseconds},${e.hash}`)).join(";");return s={...s,status:$r,incompleteSubsCount:a,context:i,logs:c},r&&(s.accountType=function(e){const t=e?.idTokenClaims;return t?.tfp||t?.acr?"B2C":t?.tid?"9188040d-6c67-4c5b-b112-36a304b66dad"===t?.tid?"MSA":"AAD":void 0}(r),s.dataBoundary=r.dataBoundary),this.truncateIntegralFields(s),this.emitEvents([s],e.correlationId),s}addFields(e,t){const r=this.eventsByCorrelationId.get(t);r?this.eventsByCorrelationId.set(t,{...r,...e}):this.logger.trace("0thl6s",t)}incrementFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r)for(const t in e){if(r.hasOwnProperty(t)){if(isNaN(Number(r[t])))return}else r[t]=0;r[t]+=e[t]}else this.logger.trace("0thl6s",t)}cacheEventByCorrelationId(e){const t=this.eventsByCorrelationId.get(e.correlationId);t?(t.incompleteSubMeasurements=t.incompleteSubMeasurements||new Map,t.incompleteSubMeasurements.set(e.eventId,{name:e.name,startTimeMs:e.startTimeMs})):(this.eventsByCorrelationId.set(e.correlationId,{...e}),this.eventStack.set(e.correlationId,[]))}discardMeasurements(e){this.eventsByCorrelationId.delete(e),this.eventStack.delete(e)}addPerformanceCallback(e){for(const[t,r]of this.callbacks)if(r.toString()===e.toString())return this.logger.warning("1eap5p",""),t;const t=this.generateId();return this.callbacks.set(t,e),this.logger.verbose("0c9ujz",""),t}removePerformanceCallback(e){const t=this.callbacks.delete(e);return t?this.logger.verbose("0253if",""):this.logger.verbose("0iqk07",""),t}emitEvents(e,t){this.logger.verbose("11jb1y",t),this.callbacks.forEach(((r,n)=>{this.logger.trace("0p2pjl",t),r.apply(null,[e])}))}truncateIntegralFields(e){this.intFields.forEach((t=>{t in e&&"number"==typeof e[t]&&(e[t]=Math.floor(e[t]))}))}getDurationMs(e){const t=Date.now()-e;return t<0?t:0}}const Oo="pkce_not_created",Mo="ear_jwk_empty",xo="ear_jwe_empty",qo="crypto_nonexistent",No="empty_navigate_uri",Uo="hash_empty_error",Lo="no_state_in_hash",Ho="hash_does_not_contain_known_properties",Do="unable_to_parse_state",Fo="state_interaction_type_mismatch",Ko="interaction_in_progress",Bo="interaction_in_progress_cancelled",zo="popup_window_error",jo="empty_window_error",$o="user_cancelled",Jo="redirect_bridge_empty_response",Wo="redirect_in_iframe",Go="block_iframe_reload",Qo="block_nested_popups",Vo="silent_logout_unsupported",Xo="no_account_error",Yo="no_token_request_cache_error",Zo="unable_to_parse_token_request_cache_error",ei="non_browser_environment",ti="database_not_open",ri="no_network_connectivity",ni="post_request_failed",oi="get_request_failed",ii="failed_to_parse_response",si="unable_to_load_token",ai="crypto_key_not_found",ci="auth_code_required",hi="auth_code_or_nativeAccountId_required",li="spa_code_and_nativeAccountId_present",di="database_unavailable",ui="unable_to_acquire_token_from_native_platform",gi="native_handshake_timeout",pi="native_extension_not_installed",mi="native_connection_not_established",fi="uninitialized_public_client_application",yi="native_prompt_not_supported",wi="invalid_base64_string",Ii="invalid_pop_token_request",Ci="failed_to_build_headers",vi="failed_to_parse_headers",ki="failed_to_decrypt_ear_response",Ti="timed_out",bi="empty_response";var Ai=Object.freeze({__proto__:null,authCodeOrNativeAccountIdRequired:hi,authCodeRequired:ci,authRequestNotSetError:"auth_request_not_set_error",blockIframeReload:Go,blockNestedPopups:Qo,cryptoKeyNotFound:ai,cryptoNonExistent:qo,databaseNotOpen:ti,databaseUnavailable:di,earJweEmpty:xo,earJwkEmpty:Mo,emptyNavigateUri:No,emptyResponse:bi,emptyWindowError:jo,failedToBuildHeaders:Ci,failedToDecryptEarResponse:ki,failedToParseHeaders:vi,failedToParseResponse:ii,getRequestFailed:oi,hashDoesNotContainKnownProperties:Ho,hashEmptyError:Uo,iframeClosedPrematurely:"iframe_closed_prematurely",interactionInProgress:Ko,interactionInProgressCancelled:Bo,invalidBase64String:wi,invalidCacheType:"invalid_cache_type",invalidPopTokenRequest:Ii,nativeConnectionNotEstablished:mi,nativeExtensionNotInstalled:pi,nativeHandshakeTimeout:gi,nativePromptNotSupported:yi,noAccountError:Xo,noNetworkConnectivity:ri,noStateInHash:Lo,noTokenRequestCacheError:Yo,nonBrowserEnvironment:ei,pkceNotCreated:Oo,popupWindowError:zo,postRequestFailed:ni,redirectBridgeEmptyResponse:Jo,redirectInIframe:Wo,silentLogoutUnsupported:Vo,silentPromptValueError:"silent_prompt_value_error",spaCodeAndNativeAccountIdPresent:li,stateInteractionTypeMismatch:Fo,timedOut:Ti,unableToAcquireTokenFromNativePlatform:ui,unableToLoadToken:si,unableToParseState:Do,unableToParseTokenRequestCacheError:Zo,uninitializedPublicClientApplication:fi,userCancelled:$o});function Si(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class _i extends we{constructor(e,t){super(e,Si(e),t),Object.setPrototypeOf(this,_i.prototype),this.name="BrowserAuthError"}}function Ei(e,t){return new _i(e,t)}const Pi="invalid_grant",Ri=483,Oi=600,Mi="msal",xi="msal.js.browser",qi="53ee284d-920a-4b59-9d30-a60315b26836",Ni="ppnbnpeolgkicgegkbkbjmhlideopiji",Ui="MATS",Li="MicrosoftEntra",Hi="DOM API",Di="get-token-and-sign-out",Fi="PlatformAuthDOMHandler",Ki="PlatformAuthExtensionHandler",Bi="Handshake",zi="HandshakeResponse",ji="GetToken",$i="Response",Ji={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},Wi="GET",Gi="POST",Qi="signin",Vi="signout",Xi="request.origin",Yi="urlHash",Zi="request.params",es="code.verifier",ts="interaction.status",rs="request.native",ns="wrapper.sku",os="wrapper.version",is={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962};var ss;e.InteractionType=void 0,(ss=e.InteractionType||(e.InteractionType={})).Redirect="redirect",ss.Popup="popup",ss.Silent="silent",ss.None="none";const as={Startup:"startup",Logout:"logout",AcquireToken:"acquireToken",HandleRedirect:"handleRedirect",None:"none"},cs={scopes:p},hs="msal.db",ls=`${hs}.keys`,ds={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},us=[ds.Default,ds.Skip,ds.RefreshTokenAndNetwork];function gs(e){return encodeURIComponent(ms(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function ps(e){return fs(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function ms(e){return fs((new TextEncoder).encode(e))}function fs(e){const t=Array.from(e,(e=>String.fromCodePoint(e))).join("");return btoa(t)}function ys(e){return(new TextDecoder).decode(ws(e))}function ws(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw Ei(wi)}const r=atob(t);return Uint8Array.from(r,(e=>e.codePointAt(0)||0))}const Is="AES-GCM",Cs="HKDF",vs="SHA-256",ks=new Uint8Array([1,0,1]),Ts="0123456789abcdef",bs=new Uint32Array(1),As="raw",Ss="encrypt",_s="decrypt",Es={name:"RSASSA-PKCS1-v1_5",hash:vs,modulusLength:2048,publicExponent:ks};async function Ps(e){const t=(new TextEncoder).encode(e);return window.crypto.subtle.digest(vs,t)}function Rs(e){return window.crypto.getRandomValues(e)}function Os(){return window.crypto.getRandomValues(bs),bs[0]}function Ms(){const e=Date.now(),t=1024*Os()+(1023&Os()),r=new Uint8Array(16),n=Math.trunc(t/2**30),o=t&2**30-1,i=Os();r[0]=e/2**40,r[1]=e/2**32,r[2]=e/2**24,r[3]=e/65536,r[4]=e/256,r[5]=e,r[6]=112|n>>>8,r[7]=n,r[8]=128|o>>>24,r[9]=o>>>16,r[10]=o>>>8,r[11]=o,r[12]=i>>>24,r[13]=i>>>16,r[14]=i>>>8,r[15]=i;let s="";for(let e=0;e<r.length;e++)s+=Ts.charAt(r[e]>>>4),s+=Ts.charAt(15&r[e]),3!==e&&5!==e&&7!==e&&9!==e||(s+="-");return s}async function xs(e){return window.crypto.subtle.exportKey("jwk",e)}async function qs(){const e=await Us(),t={alg:"dir",kty:"oct",k:ps(new Uint8Array(e))};return ms(JSON.stringify(t))}async function Ns(e,t){const r=t.split(".");if(5!==r.length)throw Ei(ki,"jwe_length");const n=await async function(e){const t=ys(e),r=ws(JSON.parse(t).k);return window.crypto.subtle.importKey(As,r,Is,!1,[_s])}(e).catch((()=>{throw Ei(ki,"import_key")}));try{const e=(new TextEncoder).encode(r[0]),t=ws(r[2]),o=ws(r[3]),i=ws(r[4]),s=8*i.byteLength,a=new Uint8Array(o.length+i.length);a.set(o),a.set(i,o.length);const c=await window.crypto.subtle.decrypt({name:Is,iv:t,tagLength:s,additionalData:e},n,a);return(new TextDecoder).decode(c)}catch(e){throw Ei(ki,"decrypt")}}async function Us(){const e=await window.crypto.subtle.generateKey({name:Is,length:256},!0,[Ss,_s]);return window.crypto.subtle.exportKey(As,e)}async function Ls(e){return window.crypto.subtle.importKey(As,e,Cs,!1,["deriveKey"])}async function Hs(e,t,r){return window.crypto.subtle.deriveKey({name:Cs,salt:t,hash:vs,info:(new TextEncoder).encode(r)},e,{name:Is,length:256},!1,[Ss,_s])}async function Ds(e,t,r){const n=(new TextEncoder).encode(t),o=window.crypto.getRandomValues(new Uint8Array(16)),i=await Hs(e,o,r),s=await window.crypto.subtle.encrypt({name:Is,iv:new Uint8Array(12)},i,n);return{data:ps(new Uint8Array(s)),nonce:ps(o)}}async function Fs(e,t,r,n){const o=ws(n),i=await Hs(e,ws(t),r),s=await window.crypto.subtle.decrypt({name:Is,iv:new Uint8Array(12)},i,o);return(new TextDecoder).decode(s)}const Ks="storage_not_supported",Bs="stubbed_public_client_application_called",zs="in_mem_redirect_unavailable";var js=Object.freeze({__proto__:null,inMemRedirectUnavailable:zs,storageNotSupported:Ks,stubbedPublicClientApplicationCalled:Bs});class $s extends we{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,$s.prototype)}}function Js(e){return new $s(e,Si(e))}function Ws(){const e=window.location.hash,t=window.location.search;let r,n=!1,o=!1,i="";if(e&&e.length>1){const t="#"===e.charAt(0)?e.substring(1):e,o=new URLSearchParams(t);o.has("state")&&(n=!0,i=t,r=o)}if(t&&t.length>1){const e="?"===t.charAt(0)?t.substring(1):t,n=new URLSearchParams(e);n.has("state")&&(o=!0,i=e,r=n)}if(n&&o){i=`${"?"===t.charAt(0)?t.substring(1):t}${"#"===e.charAt(0)?e.substring(1):e}`,r=new URLSearchParams(i)}if(!i||!r)throw Ei(bi);const s=r.get("state");if(!s)throw Ei(Lo);const{libraryState:a}=Cn(ys,s),{id:c,meta:h}=a;if(!c||!h)throw Ei(Do,"missing_library_state");return{params:r,payload:i,urlHash:e,urlQuery:t,hasResponseInHash:n,hasResponseInQuery:o,libraryState:{id:c,meta:h}}}function Gs(e){e.location.hash="","function"==typeof e.history.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}${e.location.search}`)}function Qs(e){const t=e.split("#");t.shift(),window.location.hash=t.length>0?t.join("#"):""}function Vs(){return window.parent!==window}function Xs(){if(Vs())return!1;try{const{libraryState:t}=Ws(),{meta:r}=t;return r.interactionType===e.InteractionType.Popup}catch(e){return!1}}let Ys=null;function Zs(e,t){Ys&&(e.verbose("18y01k",t),clearTimeout(Ys.timeoutId),Ys.channel.close(),Ys.reject(Ei(Bo)),Ys=null)}async function ea(e,t,r,n){return new Promise(((o,i)=>{t.verbose("1rf6em",n.correlationId);const{libraryState:s}=Cn(r.base64Decode,n.state||""),a=new BroadcastChannel(s.id);let c;const h=window.setTimeout((()=>{Ys=null,a.close(),i(Ei(Ti,"redirect_bridge_timeout"))}),e);Ys={timeoutId:h,channel:a,reject:i},a.onmessage=e=>{c=e.data.payload,Ys=null,clearTimeout(h),a.close(),c?o(c):i(Ei(Jo))}}))}function ta(){return"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function ra(){const e=new vr(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function na(){if(or(window.location.hash)&&Vs())throw Ei(Go)}function oa(e){if(Vs()&&!e)throw Ei(Wo)}function ia(){if(Xs())throw Ei(Qo)}function sa(){if("undefined"==typeof window)throw Ei(ei)}function aa(e){if(!e)throw Ei(fi)}function ca(e){sa(),na(),ia(),aa(e)}function ha(e,t){if(ca(e),oa(t.system.allowRedirectInIframe),t.cache.cacheLocation===Ji.MemoryStorage)throw Js(zs)}function la(e){const t=document.createElement("link");t.rel="preconnect",t.href=new URL(e).origin,t.crossOrigin="anonymous",document.head.appendChild(t),window.setTimeout((()=>{try{document.head.removeChild(t)}catch{}}),1e4)}function da(){return Ms()}const ua=Vt;var ga=Object.freeze({__proto__:null,addClientCapabilitiesToClaims:ua,blockAPICallsBeforeInitialize:aa,blockAcquireTokenInPopups:ia,blockNonBrowserEnvironment:sa,blockRedirectInIframe:oa,blockReloadInHiddenIframes:na,cancelPendingBridgeResponse:Zs,clearHash:Gs,createGuid:da,getCurrentUri:ta,getHomepage:ra,invoke:Nn,invokeAsync:Un,isInIframe:Vs,isInPopup:Xs,parseAuthResponseFromUrl:Ws,preconnect:la,preflightCheck:ca,redirectPreflightCheck:ha,replaceHash:Qs,waitForBridgeResponse:ea});const pa="standardInteractionClientGetDiscoveredAuthority",ma="nativeInteractionClientAcquireToken",fa="acquireTokenBySilentIframe",ya="initializeBaseRequest",wa="silentIframeClientTokenHelper",Ia="silentHandlerInitiateAuthRequest",Ca="silentHandlerMonitorIframeForHash",va="standardInteractionClientCreateAuthCodeClient",ka="standardInteractionClientGetClientConfiguration",Ta="standardInteractionClientInitializeAuthorizationRequest",ba="handleResponseEar",Aa="handleResponsePlatformBroker",Sa="handleResponseCode",_a="deserializeResponse",Ea="generatePkceCodes",Pa="generateHKDF",Ra="decrypt",Oa="generateEarKey";class Ma{constructor(){this.dbName=hs,this.version=1,this.tableName=ls,this.dbOpen=!1}async open(){return new Promise(((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",(e=>{e.target.result.createObjectStore(this.tableName)})),r.addEventListener("success",(t=>{const r=t;this.db=r.target.result,this.dbOpen=!0,e()})),r.addEventListener("error",(()=>t(Ei(di))))}))}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ei(ti));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async setItem(e,t){return await this.validateDbIsOpen(),new Promise(((r,n)=>{if(!this.db)return n(Ei(ti));const o=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);o.addEventListener("success",(()=>{this.closeConnection(),r()})),o.addEventListener("error",(e=>{this.closeConnection(),n(e)}))}))}async removeItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ei(ti));const n=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);n.addEventListener("success",(()=>{this.closeConnection(),t()})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async getKeys(){return await this.validateDbIsOpen(),new Promise(((e,t)=>{if(!this.db)return t(Ei(ti));const r=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();r.addEventListener("success",(t=>{const r=t;this.closeConnection(),e(r.target.result)})),r.addEventListener("error",(e=>{this.closeConnection(),t(e)}))}))}async containsKey(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ei(ti));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(1===r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise(((e,t)=>{const r=window.indexedDB.deleteDatabase(hs),n=setTimeout((()=>t(!1)),200);r.addEventListener("success",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("blocked",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("error",(()=>(clearTimeout(n),t(!1))))}))}}class xa{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)||null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach(((t,r)=>{e.push(r)})),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}decryptData(){return Promise.resolve(null)}}class qa{constructor(e){this.inMemoryCache=new xa,this.indexedDBCache=new Ma,this.logger=e}handleDatabaseAccessError(e,t){if(!(e instanceof _i&&e.errorCode===di))throw e;this.logger.error("1wx7zz",t)}async getItem(e,t){const r=this.inMemoryCache.getItem(e);if(!r)try{return this.logger.verbose("0naxpl",t),await this.indexedDBCache.getItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}async setItem(e,t,r){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(e){this.handleDatabaseAccessError(e,r)}}async removeItem(e,t){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}}async getKeys(e){const t=this.inMemoryCache.getKeys();if(0===t.length)try{return this.logger.verbose("1iqrbq",e),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t,e)}return t}async containsKey(e,t){const r=this.inMemoryCache.containsKey(e);if(!r)try{return this.logger.verbose("03zl2j",t),await this.indexedDBCache.containsKey(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}clearInMemory(e){this.logger.verbose("03r21p",e),this.inMemoryCache.clear(),this.logger.verbose("0uksk1",e)}async clearPersistent(e){try{this.logger.verbose("0rdqut",e);const t=await this.indexedDBCache.deleteDatabase();return t&&this.logger.verbose("149ouc",e),t}catch(t){return this.handleDatabaseAccessError(t,e),!1}}}class Na{constructor(e,t,r){this.logger=e,function(e){if(!window)throw Ei(ei);if(!window.crypto)throw Ei(qo);if(!e&&!window.crypto.subtle)throw Ei(qo,"crypto_subtle_undefined")}(r??!1),this.cache=new qa(this.logger),this.performanceClient=t}createNewGuid(){return Ms()}base64Encode(e){return ms(e)}base64Decode(e){return ys(e)}base64UrlEncode(e){return gs(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){const t=this.performanceClient?.startMeasurement("cryptoOptsGetPublicKeyThumbprint",e.correlationId),r=await async function(e,t){return window.crypto.subtle.generateKey(Es,e,t)}(Na.EXTRACTABLE,Na.POP_KEY_USAGES),n=await xs(r.publicKey),o=Ua({e:n.e,kty:n.kty,n:n.n}),i=await this.hashString(o),s=await xs(r.privateKey),a=await async function(e,t,r){return window.crypto.subtle.importKey("jwk",e,Es,t,r)}(s,!1,["sign"]);return await this.cache.setItem(i,{privateKey:a,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri},e.correlationId),t&&t.end({success:!0}),i}async removeTokenBindingKey(e,t){await this.cache.removeItem(e,t);if(await this.cache.containsKey(e,t))throw be(It)}async clearKeystore(e){this.cache.clearInMemory(e);try{return await this.cache.clearPersistent(e),!0}catch(t){return t instanceof Error?this.logger.error("1owpn8",e):this.logger.error("0yrmwo",e),!1}}async signJwt(e,t,r,n){const o=this.performanceClient?.startMeasurement("cryptoOptsSignJwt",n),i=await this.cache.getItem(t,n||"");if(!i)throw Ei(ai);const s=await xs(i.publicKey),a=Ua(s),c=gs(JSON.stringify({kid:t})),h=gs(_o.getShrHeaderString({...r?.header,alg:s.alg,kid:c}));e.cnf={jwk:JSON.parse(a)};const l=`${h}.${gs(JSON.stringify(e))}`,d=(new TextEncoder).encode(l),u=await async function(e,t){return window.crypto.subtle.sign(Es,e,t)}(i.privateKey,d),g=`${l}.${ps(new Uint8Array(u))}`;return o&&o.end({success:!0}),g}async hashString(e){return async function(e){const t=await Ps(e);return ps(new Uint8Array(t))}(e)}}function Ua(e){return JSON.stringify(e,Object.keys(e).sort())}Na.POP_KEY_USAGES=["sign","verify"],Na.EXTRACTABLE=!0;const La="acquireTokenSilent",Ha="acquireTokenByCode",Da="acquireTokenPopup",Fa="acquireTokenPreRedirect",Ka="acquireTokenRedirect",Ba="ssoSilent",za="initializeClientApplication",ja="localStorageUpdated",$a="loadExternalTokens";var Ja=Object.freeze({__proto__:null,AcquireTokenByCode:Ha,AcquireTokenPopup:Da,AcquireTokenPreRedirect:Fa,AcquireTokenRedirect:Ka,AcquireTokenSilent:La,InitializeClientApplication:za,LoadExternalTokens:$a,LocalStorageUpdated:ja,SsoSilent:Ba});const Wa="msal",Ga="browser",Qa=`${Wa}.${Ga}.log.level`,Va=`${Wa}.${Ga}.log.pii`,Xa=`${Wa}.${Ga}.performance.enabled`,Ya=`${Wa}.${Ga}.platform.auth.dom`,Za=`${Wa}.version`,ec="account.keys",tc="token.keys";function rc(e=2){return e<1?`${Wa}.${ec}`:`${Wa}.${e}.${ec}`}function nc(e,t=2){return t<1?`${Wa}.${tc}.${e}`:`${Wa}.${t}.${tc}.${e}`}const oc=864e5,ic="Lax",sc="None";class ac{initialize(){return Promise.resolve()}getItem(e){const t=`${encodeURIComponent(e)}`,r=document.cookie.split(";");for(let e=0;e<r.length;e++){const n=r[e],[o,...i]=decodeURIComponent(n).trim().split("="),s=i.join("=");if(o===t)return s}return""}getUserData(){throw be(bt)}setItem(e,t,r,n=!0,o=ic){let i=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${o};`;if(r){const e=function(e){const t=new Date,r=new Date(t.getTime()+e*oc);return r.toUTCString()}(r);i+=`expires=${e};`}(n||o===sc)&&(i+="Secure;"),document.cookie=i}async setUserData(){return Promise.reject(be(bt))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach((e=>{const r=decodeURIComponent(e).trim().split("=");t.push(r[0])})),t}containsKey(e){return this.getKeys().includes(e)}decryptData(){return Promise.resolve(null)}}function cc(e,t){const r=e.getItem(rc(t));return r?JSON.parse(r):[]}function hc(e,t,r){const n=t.getItem(nc(e,r));if(n){const e=JSON.parse(n);if(e&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("accessToken")&&e.hasOwnProperty("refreshToken"))return e}return{idToken:[],accessToken:[],refreshToken:[]}}function lc(e){return e.hasOwnProperty("id")&&e.hasOwnProperty("nonce")&&e.hasOwnProperty("data")}const dc="msal.cache.encryption";class uc{constructor(e,t,r){if(!window.localStorage)throw Js(Ks);this.memoryStorage=new xa,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel("msal.broadcast.cache")}async initialize(e){const t=new ac,r=t.getItem(dc);let n={key:"",id:""};if(r)try{n=JSON.parse(r)}catch(e){}if(n.key&&n.id){const t=Nn(ws,"base64Decode",this.logger,this.performanceClient,e)(n.key);this.encryptionCookie={id:n.id,key:await Un(Ls,Pa,this.logger,this.performanceClient,e)(t)}}else{const r=Ms(),n=await Un(Us,"generateBaseKey",this.logger,this.performanceClient,e)(),o=Nn(ps,"urlEncodeArr",this.logger,this.performanceClient,e)(new Uint8Array(n));this.encryptionCookie={id:r,key:await Un(Ls,Pa,this.logger,this.performanceClient,e)(n)};const i={id:r,key:o};t.setItem(dc,JSON.stringify(i),0,!0,sc)}await Un(this.importExistingCache.bind(this),"importExistingCache",this.logger,this.performanceClient,e)(e),this.broadcast.addEventListener("message",(t=>{this.updateCache(t,e)})),this.initialized=!0}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw Ei(fi);return this.memoryStorage.getItem(e)}async decryptData(e,t,r){if(!this.initialized||!this.encryptionCookie)throw Ei(fi);if(t.id!==this.encryptionCookie.id)return this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},r),null;const n=await Un(Fs,Ra,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t.nonce,this.getContext(e),t.data);if(!n)return null;try{return{...JSON.parse(n),lastUpdatedAt:t.lastUpdatedAt}}catch(e){return this.performanceClient.incrementFields({encryptedCacheCorruptionCount:1},r),null}}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r,n,o){if(!this.initialized||!this.encryptionCookie)throw Ei(fi);if(o)this.setItem(e,t);else{const{data:o,nonce:i}=await Un(Ds,"encrypt",this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:o,lastUpdatedAt:n};this.setItem(e,JSON.stringify(s))}this.memoryStorage.setItem(e,t),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear();cc(this).forEach((e=>this.removeItem(e)));const e=hc(this.clientId,this);e.idToken.forEach((e=>this.removeItem(e))),e.accessToken.forEach((e=>this.removeItem(e))),e.refreshToken.forEach((e=>this.removeItem(e))),this.getKeys().forEach((e=>{(e.startsWith(Wa)||-1!==e.indexOf(this.clientId))&&this.removeItem(e)}))}async importExistingCache(e){if(!this.encryptionCookie)return;let t=cc(this);t=await this.importArray(t,e),t.length?this.setItem(rc(),JSON.stringify(t)):this.removeItem(rc());const r=hc(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),r.idToken.length||r.accessToken.length||r.refreshToken.length?this.setItem(nc(this.clientId),JSON.stringify(r)):this.removeItem(nc(this.clientId))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let n;try{n=JSON.parse(r)}catch(e){return null}return lc(n)?n.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):(this.performanceClient.incrementFields({encryptedCacheCount:1},t),Un(Fs,Ra,this.logger,this.performanceClient,t)(this.encryptionCookie.key,n.nonce,this.getContext(e),n.data)):(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),r)}async importArray(e,t){const r=[],n=[];return e.forEach((e=>{const o=this.getItemFromEncryptedCache(e,t).then((t=>{t?(this.memoryStorage.setItem(e,t),r.push(e)):this.removeItem(e)}));n.push(o)})),await Promise.all(n),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e,t){this.logger.trace("17cxcm",t);const r=this.performanceClient.startMeasurement(ja);r.add({isBackground:!0});const{key:n,value:o,context:i}=e.data;return n?i&&i!==this.clientId?(this.logger.trace("04rtdy",t),void r.end({success:!1,errorCode:"contextMismatch"})):(o?(this.memoryStorage.setItem(n,o),this.logger.verbose("1vzsgt",t)):(this.memoryStorage.removeItem(n),this.logger.verbose("04ypih",t)),void r.end({success:!0})):(this.logger.error("0e10qr",t),void r.end({success:!1,errorCode:"noKey"}))}}class gc{constructor(){if(!window.sessionStorage)throw Js(Ks)}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}decryptData(){return Promise.resolve(null)}}const pc={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_SUCCESS:"msal:loginSuccess",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",BROKERED_REQUEST_START:"msal:brokeredRequestStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",BROKERED_REQUEST_SUCCESS:"msal:brokeredRequestSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",BROKERED_REQUEST_FAILURE:"msal:brokeredRequestFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache",BROKER_CONNECTION_ESTABLISHED:"msal:brokerConnectionEstablished"},mc="@azure/msal-browser",fc="5.0.1";function yc(e,t){const r=e.indexOf(t);r>-1&&e.splice(r,1)}class wc extends Br{constructor(e,t,r,n,o,i,s){super(e,r,n,o,s),this.cacheConfig=t,this.logger=n,this.internalStorage=new xa,this.browserStorage=Ic(e,t.cacheLocation,n,o),this.temporaryCacheStorage=Ic(e,Ji.SessionStorage,n,o),this.cookieStorage=new ac,this.eventHandler=i}async initialize(e){this.performanceClient.addFields({cacheLocation:this.cacheConfig.cacheLocation,cacheRetentionDays:this.cacheConfig.cacheRetentionDays},e),await this.browserStorage.initialize(e),await this.migrateExistingCache(e),this.trackVersionChanges(e)}async migrateExistingCache(e){let t=cc(this.browserStorage),r=hc(this.clientId,this.browserStorage);this.performanceClient.addFields({preMigrateAcntCount:t.length,preMigrateATCount:r.accessToken.length,preMigrateITCount:r.idToken.length,preMigrateRTCount:r.refreshToken.length},e);for(let t=0;t<2;t++){const r=t;await this.removeStaleAccounts(t,r,e)}for(let t=0;t<2;t++){const r=t;await this.migrateIdTokens(t,r,e)}const n=this.getKMSIValues();for(let t=0;t<2;t++)await this.migrateAccessTokens(t,n,e),await this.migrateRefreshTokens(t,n,e);t=cc(this.browserStorage),r=hc(this.clientId,this.browserStorage),this.performanceClient.addFields({postMigrateAcntCount:t.length,postMigrateATCount:r.accessToken.length,postMigrateITCount:r.idToken.length,postMigrateRTCount:r.refreshToken.length},e)}async updateOldEntry(e,t){const r=this.browserStorage.getItem(e),n=this.validateAndParseJson(r||"");if(!n)return this.browserStorage.removeItem(e),null;if(n.lastUpdatedAt){if(An(n.lastUpdatedAt,this.cacheConfig.cacheRetentionDays))return this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null}else n.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(n),t);const o=lc(n)?await this.browserStorage.decryptData(e,n,t):n;return o&&zn(o)?(jn(o)||$n(o))&&o.expiresOn&&bn(o.expiresOn,300)?(this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null):o:(this.performanceClient.incrementFields({invalidCacheCount:1},t),null)}async removeStaleAccounts(e,t,r){const n=cc(this.browserStorage,e);if(0!==n.length){for(const e of[...n]){this.performanceClient.incrementFields({oldAcntCount:1},r);const o=this.browserStorage.getItem(e),i=this.validateAndParseJson(o||"");i?i.lastUpdatedAt?An(i.lastUpdatedAt,this.cacheConfig.cacheRetentionDays)&&(await this.removeAccountOldSchema(e,i,t,r),yc(n,e)):(i.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(i),r)):yc(n,e)}this.setAccountKeys(n,r,e)}}async removeAccountOldSchema(e,t,r,n){const o=lc(t)?await this.browserStorage.decryptData(e,t,n):t,i=o?.homeAccountId;if(i){const e=this.getTokenKeys(r);[...e.idToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),yc(e.idToken,t)})),[...e.accessToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),yc(e.accessToken,t)})),[...e.refreshToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),yc(e.refreshToken,t)})),this.setTokenKeys(e,n,r)}this.performanceClient.incrementFields({expiredAcntRemovedCount:1},n),this.browserStorage.removeItem(e)}getKMSIValues(){const e={},t=this.getTokenKeys().idToken;for(const r of t){const t=this.browserStorage.getUserData(r);if(t){const r=JSON.parse(t),n=wr(r.secret,ys);n&&(e[r.homeAccountId]=Ir(n))}}return e}async migrateIdTokens(e,t,r){const n=hc(this.clientId,this.browserStorage,e);if(0===n.idToken.length)return;const o=hc(this.clientId,this.browserStorage,2),i=cc(this.browserStorage),s=cc(this.browserStorage,t);for(const e of[...n.idToken]){this.performanceClient.incrementFields({oldITCount:1},r);const t=await this.updateOldEntry(e,r);if(!t){yc(n.idToken,e);continue}const a=i.find((e=>e.includes(t.homeAccountId))),c=s.find((e=>e.includes(t.homeAccountId)));let h=null;if(a)h=this.getAccount(a,r);else if(c){const e=this.browserStorage.getItem(c),t=this.validateAndParseJson(e||"");h=t&&lc(t)?await this.browserStorage.decryptData(c,t,r):t}if(!h){this.performanceClient.incrementFields({skipITMigrateCount:1},r);continue}const l=wr(t.secret,ys),d=this.generateCredentialKey(t),u=this.getIdTokenCredential(d,r),g=Object.keys(l).includes("signin_state"),p=u&&Object.keys(wr(u.secret,ys)||{}).includes("signin_state");if(!u||t.lastUpdatedAt>u.lastUpdatedAt&&(g||!p)){const e=h.tenantProfiles||[],n=Lr(l)||h.realm;if(n&&!e.find((e=>e.tenantId===n))){const t=fr(h.homeAccountId,h.localAccountId,n,l);e.push(t)}h.tenantProfiles=e;const s=this.generateAccountKey(Dr(h)),a=Ir(l);await this.setUserData(s,JSON.stringify(h),r,h.lastUpdatedAt,a),i.includes(s)||i.push(s),await this.setUserData(d,JSON.stringify(t),r,t.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedITCount:1},r),o.idToken.push(d)}}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r),this.setAccountKeys(i,r)}async migrateAccessTokens(e,t,r){const n=hc(this.clientId,this.browserStorage,e);if(0===n.accessToken.length)return;const o=hc(this.clientId,this.browserStorage,2);for(const e of[...n.accessToken]){this.performanceClient.incrementFields({oldATCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){yc(n.accessToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipATMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.accessToken.includes(s)){const e=this.getAccessTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r),o.accessToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}async migrateRefreshTokens(e,t,r){const n=hc(this.clientId,this.browserStorage,e);if(0===n.refreshToken.length)return;const o=hc(this.clientId,this.browserStorage,2);for(const e of[...n.refreshToken]){this.performanceClient.incrementFields({oldRTCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){yc(n.refreshToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipRTMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.refreshToken.includes(s)){const e=this.getRefreshTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r),o.refreshToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}trackVersionChanges(e){const t=this.browserStorage.getItem(Za);t&&(this.logger.info("1wuc87",e),this.performanceClient.addFields({previousLibraryVersion:t},e)),t!==fc&&this.setItem(Za,fc,e)}validateAndParseJson(e){if(!e)return null;try{const t=JSON.parse(e);return t&&"object"==typeof t?t:null}catch(e){return null}}setItem(e,t,r){const n=new Array(3).fill(0),o=[];for(let i=0;i<=20;i++)try{if(this.browserStorage.setItem(e,t),i>0)for(let e=0;e<=2;e++){const t=n.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=i)break;const s=i>t+n[e]?t+n[e]:i;i>t&&n[e]>0&&this.removeAccessTokenKeys(o.slice(t,s),r,e)}break}catch(s){const a=Rr(s);if(!(a.errorCode===Er&&i<20))throw a;if(!o.length)for(let r=0;r<=2;r++)if(e===nc(this.clientId,r)){const e=JSON.parse(t).accessToken;o.push(...e),n[r]=e.length}else{const e=this.getTokenKeys(r).accessToken;o.push(...e),n[r]=e.length}if(o.length<=i)throw a;this.removeAccessToken(o[i],r,!1)}}async setUserData(e,t,r,n,o){const i=new Array(3).fill(0),s=[];for(let a=0;a<=20;a++)try{if(await Un(this.browserStorage.setUserData.bind(this.browserStorage),"setUserData",this.logger,this.performanceClient,r)(e,t,r,n,o),a>0)for(let e=0;e<=2;e++){const t=i.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=a)break;const n=a>t+i[e]?t+i[e]:a;a>t&&i[e]>0&&this.removeAccessTokenKeys(s.slice(t,n),r,e)}break}catch(e){const t=Rr(e);if(!(t.errorCode===Er&&a<20))throw t;if(!s.length)for(let e=0;e<=2;e++){const t=this.getTokenKeys(e).accessToken;s.push(...t),i[e]=t.length}if(s.length<=a)throw t;this.removeAccessToken(s[a],r,!1)}}getAccount(e,t){this.logger.trace("1lfvm6",t);const r=this.browserStorage.getUserData(e);if(!r)return this.removeAccountKeyFromMap(e,t),null;const n=this.validateAndParseJson(r);return n&&((o=n)&&o.hasOwnProperty("homeAccountId")&&o.hasOwnProperty("environment")&&o.hasOwnProperty("realm")&&o.hasOwnProperty("localAccountId")&&o.hasOwnProperty("username")&&o.hasOwnProperty("authorityType"))?Br.toObject({},n):null;var o}async setAccount(e,t,r){this.logger.trace("1bz3wr",t);const n=this.generateAccountKey(Dr(e)),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r),this.addAccountKeyToMap(n,t),this.performanceClient.addFields({kmsi:r},t)}setAccountKeys(e,t,r=2){0===e.length?this.removeItem(rc(r)):this.setItem(rc(r),JSON.stringify(e),t)}getAccountKeys(){return cc(this.browserStorage)}addAccountKeyToMap(e,t){this.logger.trace("0rb85k",t),this.logger.tracePii("1l9bdo",t);const r=this.getAccountKeys();return-1===r.indexOf(e)?(r.push(e),this.setItem(rc(),JSON.stringify(r),t),this.logger.verbose("0xia39",t),!0):(this.logger.verbose("0161kk",t),!1)}removeAccountKeyFromMap(e,t){this.logger.trace("1jpigu",t),this.logger.tracePii("1xzspl",t);const r=this.getAccountKeys(),n=r.indexOf(e);n>-1?(r.splice(n,1),this.setAccountKeys(r,t)):this.logger.trace("1dytu2",t)}removeAccount(e,t){const r=this.getActiveAccount(t);r?.homeAccountId===e.homeAccountId&&r?.environment===e.environment&&this.setActiveAccount(null,t),super.removeAccount(e,t),this.removeAccountKeyFromMap(this.generateAccountKey(e),t),this.browserStorage.getKeys().forEach((t=>{t.includes(e.homeAccountId)&&t.includes(e.environment)&&this.browserStorage.removeItem(t)}))}removeIdToken(e,t){super.removeIdToken(e,t);const r=this.getTokenKeys(),n=r.idToken.indexOf(e);n>-1&&(this.logger.info("05udv9",t),r.idToken.splice(n,1),this.setTokenKeys(r,t))}removeAccessToken(e,t,r=!0){super.removeAccessToken(e,t),r&&this.removeAccessTokenKeys([e],t)}removeAccessTokenKeys(e,t,r=2){this.logger.trace("17o18n",t);const n=this.getTokenKeys(r);let o=0;if(e.forEach((e=>{const t=n.accessToken.indexOf(e);t>-1&&(n.accessToken.splice(t,1),o++)})),o>0)return this.logger.info("15i5d5",t),void this.setTokenKeys(n,t,r)}removeRefreshToken(e,t){super.removeRefreshToken(e,t);const r=this.getTokenKeys(),n=r.refreshToken.indexOf(e);n>-1&&(this.logger.info("1f4fq3",t),r.refreshToken.splice(n,1),this.setTokenKeys(r,t))}getTokenKeys(e=2){return hc(this.clientId,this.browserStorage,e)}setTokenKeys(e,t,r=2){0!==e.idToken.length||0!==e.accessToken.length||0!==e.refreshToken.length?this.setItem(nc(this.clientId,r),JSON.stringify(e),t):this.removeItem(nc(this.clientId,r))}getIdTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("1jukz6",t),this.removeIdToken(e,t),null;const n=this.validateAndParseJson(r);return n&&((o=n)&&zn(o)&&o.hasOwnProperty("realm")&&o.credentialType===L.ID_TOKEN)?(this.logger.trace("01ju66",t),n):(this.logger.trace("1jukz6",t),null);var o}async setIdTokenCredential(e,t,r){this.logger.trace("13hjll",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.idToken.indexOf(n)&&(this.logger.info("07jy92",t),i.idToken.push(n),this.setTokenKeys(i,t))}getAccessTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0bqvx8",t),this.removeAccessTokenKeys([e],t),null;const n=this.validateAndParseJson(r);return n&&jn(n)?(this.logger.trace("1o81rl",t),n):(this.logger.trace("0bqvx8",t),null)}async setAccessTokenCredential(e,t,r){this.logger.trace("1pondb",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys(),s=i.accessToken.indexOf(n);-1!==s&&i.accessToken.splice(s,1),this.logger.trace("1onhey",t),i.accessToken.push(n),this.setTokenKeys(i,t)}getRefreshTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0jlizt",t),this.removeRefreshToken(e,t),null;const n=this.validateAndParseJson(r);return n&&$n(n)?(this.logger.trace("0nokxi",t),n):(this.logger.trace("0jlizt",t),null)}async setRefreshTokenCredential(e,t,r){this.logger.trace("0tcg8d",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.refreshToken.indexOf(n)&&(this.logger.info("0eckjs",t),i.refreshToken.push(n),this.setTokenKeys(i,t))}getAppMetadata(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1q101h",t),null;const n=this.validateAndParseJson(r);return n&&(o=e,(i=n)&&0===o.indexOf(H)&&i.hasOwnProperty("clientId")&&i.hasOwnProperty("environment"))?(this.logger.trace("19pvg2",t),n):(this.logger.trace("1q101h",t),null);var o,i}setAppMetadata(e,t){this.logger.trace("0cyma6",t);const r=function({environment:e,clientId:t}){return[H,e,t].join("-").toLowerCase()}(e);this.setItem(r,JSON.stringify(e),t)}getServerTelemetry(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("0jk19c",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){const r=0===e.indexOf(J);let n=!0;return t&&(n=t.hasOwnProperty("failedRequests")&&t.hasOwnProperty("errors")&&t.hasOwnProperty("cacheHits")),r&&n}(e,n)?(this.logger.trace("12jguk",t),n):(this.logger.trace("0jk19c",t),null)}setServerTelemetry(e,t,r){this.logger.trace("1poh61",r),this.setItem(e,JSON.stringify(t),r)}getAuthorityMetadata(e,t){const r=this.internalStorage.getItem(e);if(!r)return this.logger.trace("1r39oe",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){return!!t&&0===e.indexOf(F)&&t.hasOwnProperty("aliases")&&t.hasOwnProperty("preferred_cache")&&t.hasOwnProperty("preferred_network")&&t.hasOwnProperty("canonical_authority")&&t.hasOwnProperty("authorization_endpoint")&&t.hasOwnProperty("token_endpoint")&&t.hasOwnProperty("issuer")&&t.hasOwnProperty("aliasesFromNetwork")&&t.hasOwnProperty("endpointsFromNetwork")&&t.hasOwnProperty("expiresAt")&&t.hasOwnProperty("jwks_uri")}(e,n)?(this.logger.trace("1ohvk3",t),n):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter((e=>this.isAuthorityMetadata(e)))}setWrapperMetadata(e,t){this.internalStorage.setItem(ns,e),this.internalStorage.setItem(os,t)}getWrapperMetadata(){return[this.internalStorage.getItem(ns)||"",this.internalStorage.getItem(os)||""]}setAuthorityMetadata(e,t,r){this.logger.trace("07w8n2",r),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(e){const t=this.generateCacheKey(b),r=this.browserStorage.getItem(t);if(!r)return this.logger.trace("08gw0e",e),null;const n=this.validateAndParseJson(r);return n?(this.logger.trace("1t3ch7",e),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId},e)):(this.logger.trace("0me1up",e),null)}setActiveAccount(e,t){const r=this.generateCacheKey(b);if(e){this.logger.verbose("0rsj80",t);const n={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.setItem(r,JSON.stringify(n),t)}else this.logger.verbose("1bp5z5",t),this.browserStorage.removeItem(r);this.eventHandler.emitEvent(pc.ACTIVE_ACCOUNT_CHANGED)}getThrottlingCache(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1h4wa6",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){let r=!1;e&&(r=0===e.indexOf(Q));let n=!0;return t&&(n=t.hasOwnProperty("throttleTime")),r&&n}(e,n)?(this.logger.trace("0of6n8",t),n):(this.logger.trace("1h4wa6",t),null)}setThrottlingCache(e,t,r){this.logger.trace("0wfgh6",r),this.setItem(e,JSON.stringify(t),r)}getTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e,o=this.temporaryCacheStorage.getItem(n);if(!o){if(this.cacheConfig.cacheLocation===Ji.LocalStorage){const e=this.browserStorage.getItem(n);if(e)return this.logger.trace("1yt61y",t),e}return this.logger.trace("1qhy81",t),null}return o}setTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(n,t)}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e)}getKeys(){return this.browserStorage.getKeys()}clear(e){this.removeAllAccounts(e),this.removeAppMetadata(e),this.temporaryCacheStorage.getKeys().forEach((e=>{-1===e.indexOf(Wa)&&-1===e.indexOf(this.clientId)||this.removeTemporaryItem(e)})),this.browserStorage.getKeys().forEach((e=>{-1===e.indexOf(Wa)&&-1===e.indexOf(this.clientId)||this.browserStorage.removeItem(e)})),this.internalStorage.clear()}generateCacheKey(e){return ke.startsWith(e,Wa)?e:`${Wa}.${this.clientId}.${e}`}generateCredentialKey(e){const t=e.credentialType===L.REFRESH_TOKEN&&e.familyId||e.clientId,r=e.tokenType&&e.tokenType.toLowerCase()!==G.BEARER.toLowerCase()?e.tokenType.toLowerCase():"";return[`${Wa}.2`,e.homeAccountId,e.environment,e.credentialType,t,e.realm||"",e.target||"",r].join("|").toLowerCase()}generateAccountKey(e){const t=e.homeAccountId.split(".")[1];return[`${Wa}.2`,e.homeAccountId,e.environment,t||e.tenantId||""].join("|").toLowerCase()}resetRequestCache(e){this.logger.trace("0h0ynu",e),this.removeTemporaryItem(this.generateCacheKey(Zi)),this.removeTemporaryItem(this.generateCacheKey(es)),this.removeTemporaryItem(this.generateCacheKey(Xi)),this.removeTemporaryItem(this.generateCacheKey(Yi)),this.removeTemporaryItem(this.generateCacheKey(rs)),this.setInteractionInProgress(!1,void 0)}cacheAuthorizeRequest(e,t,r){this.logger.trace("1tzef5",t);const n=ms(JSON.stringify(e));if(this.setTemporaryCache(Zi,n,!0),r){const e=ms(r);this.setTemporaryCache(es,e,!0)}}getCachedRequest(e){this.logger.trace("0uen20",e);const t=this.getTemporaryCache(Zi,e,!0);if(!t)throw Ei(Yo);const r=this.getTemporaryCache(es,e,!0);let n,o="";try{n=JSON.parse(ys(t)),r&&(o=ys(r))}catch(t){throw this.logger.errorPii("0ewsey",e),this.logger.error("0tvdic",e),Ei(Zo)}return[n,o]}getCachedNativeRequest(){this.logger.trace("1yxcdm","");const e=this.getTemporaryCache(rs,"",!0);if(!e)return this.logger.trace("0mnxd4",""),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("0rrkip",""),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress()?.clientId;return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${Wa}.${ts}`,t=this.getTemporaryCache(e,"",!1);try{return t?JSON.parse(t):null}catch(t){return this.logger.error("0jjyys",""),this.removeTemporaryItem(e),this.resetRequestCache(""),Gs(window),null}}setInteractionInProgress(e,t=Qi,r=!1,n=""){const o=`${Wa}.${ts}`;if(e){if(this.getInteractionInProgress()){if(!r)throw Ei(Ko);this.logger.warning("1pmscr",n),Zs(this.logger,n),this.removeTemporaryItem(o)}this.setTemporaryCache(o,JSON.stringify({clientId:this.clientId,type:t}),!1)}else e||this.getInteractionInProgress()?.clientId!==this.clientId||this.removeTemporaryItem(o)}async hydrateCache(e,t){const r={idToken:Fn(e.account?.homeAccountId,e.account?.environment,e.idToken,this.clientId,e.tenantId),accessToken:Kn(e.account?.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?kn(e.expiresOn):0,e.extExpiresOn?kn(e.extExpiresOn):0,ys,void 0,e.tokenType,void 0,t.sshKid)};return this.saveCacheRecord(r,e.correlationId,Ir(wr(e.idToken,ys)))}async saveCacheRecord(e,t,r,n){try{await super.saveCacheRecord(e,t,r,n)}catch(e){if(e instanceof Pr&&this.performanceClient&&t)try{const e=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:e.refreshToken.length,cacheIdCount:e.idToken.length,cacheAtCount:e.accessToken.length},t)}catch(e){}throw e}}}function Ic(e,t,r,n){try{switch(t){case Ji.LocalStorage:return new uc(e,r,n);case Ji.SessionStorage:return new gc}}catch(e){r.error(e,"")}return new xa}const Cc=(e,t,r,n)=>new wc(e,{cacheLocation:Ji.MemoryStorage,cacheRetentionDays:5},ar,t,r,n);function vc(e,t,r,n,o){return e.verbose("1yd030",n),r?t.getAllAccounts(o,n):[]}function kc(e,t,r,n){if(t.trace("0u7b90",n),0===Object.keys(e).length)return t.warning("1kz0cu",n),null;const o=r.getAccountInfoFilteredBy(e,n);return o?(t.verbose("0btgll",n),o):(t.verbose("0ltaj5",n),null)}function Tc(e,t,r){t.setActiveAccount(e,r)}function bc(e,t){return e.getActiveAccount(t)}class Ac{constructor(e){this.eventCallbacks=new Map,this.logger=e||new dr({}),"undefined"!=typeof BroadcastChannel&&(this.broadcastChannel=new BroadcastChannel("msal.broadcast.event")),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if("undefined"!=typeof window){const n=r||da();return this.eventCallbacks.has(n)?(this.logger.error("1578i0",""),null):(this.eventCallbacks.set(n,[e,t||[]]),this.logger.verbose("1cnec4",""),n)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose("12zotd","")}emitEvent(e,t,r,n){const o={eventType:e,interactionType:t||null,payload:r||null,error:n||null,timestamp:Date.now()};switch(e){case pc.LOGIN_SUCCESS:case pc.LOGOUT_SUCCESS:case pc.ACTIVE_ACCOUNT_CHANGED:this.broadcastChannel?.postMessage(o)}this.invokeCallbacks(o)}invokeCallbacks(e){this.eventCallbacks.forEach((([t,r],n)=>{(0===r.length||r.includes(e.eventType))&&(this.logger.verbose("15jpwk",""),t.apply(null,[e]))}))}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){this.broadcastChannel?.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){this.broadcastChannel?.removeEventListener("message",this.invokeCrossTabCallbacks)}}class Sc{constructor(e,t,r,n,o,i,s,a,c){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=o,this.navigationClient=i,this.platformAuthProvider=c,this.correlationId=a,this.logger=n.clone(xi,fc),this.performanceClient=s}}function _c(e,t,r,n){r.verbose("0bd1la",n);const o=e||t||"";return vr.getAbsoluteUrl(o,ta())}function Ec(e,t,r,n,o,i){o.verbose("1p12tq",r);const s={clientId:t,correlationId:r,apiId:e,forceRefresh:!1,wrapperSKU:n.getWrapperMetadata()[0],wrapperVer:n.getWrapperMetadata()[1]};return new bo(s,n)}async function Pc(e,t,r,n,o,i,s,a,c){const h=a&&a.hasOwnProperty("instance_aware")?a.instance_aware:void 0,l={protocolMode:e.system.protocolMode,OIDCOptions:e.auth.OIDCOptions,knownAuthorities:e.auth.knownAuthorities,cloudDiscoveryMetadata:e.auth.cloudDiscoveryMetadata,authorityMetadata:e.auth.authorityMetadata},d=i||e.auth.authority,u=h?.length?"true"===h:e.auth.instanceAware,g=c&&u?e.auth.authority.replace(vr.getDomainFromUrl(d),c.environment):d,p=ho.generateAuthority(g,s||e.auth.azureCloudOptions),m=await Un(go,"authorityFactoryCreateDiscoveredInstance",o,r,t)(p,e.system.networkClient,n,l,o,t,r);if(c&&!m.isAlias(c.environment))throw ve(ze);return m}async function Rc(e,t,r,n,o){if(o)try{e.removeAccount(o,n),r.verbose("0s4z6h",n)}catch(e){r.error("0mgg1d",n)}else try{r.verbose("0zj631",n),e.clear(n),await t.clearKeystore(n)}catch(e){r.error("12ih0c",n)}}async function Oc(e,t,r,n,o){const i=e.authority||t.auth.authority,s=[...e&&e.scopes||[]],a={...e,correlationId:e.correlationId,authority:i,scopes:s};if(a.authenticationScheme){if(a.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);if(!e.sshKid)throw ve(He)}n.verbose("1ecmns",o)}else a.authenticationScheme=G.BEARER,n.verbose("1l4fwv",o);return a}async function Mc(e,t,r,n,o){const i=await Un(Oc,ya,o,n,e.correlationId)(e,r,n,o,e.correlationId);return{...e,...i,account:t,forceRefresh:e.forceRefresh||!1}}function xc(e,t){let r;const n=e.httpMethod;if(t===Hr.EAR){if(n&&n!==g)throw ve(je);r=g}else r=n||u;return r}class qc extends Sc{initializeLogoutRequest(e){this.logger.verbose("0546u4",this.correlationId);const t={correlationId:this.correlationId,...e};if(e)if(e.logoutHint)this.logger.verbose("12k4l4",this.correlationId);else if(e.account){const r=this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("0st5di",this.correlationId),t.logoutHint=r)}else this.logger.verbose("0pdtc3",this.correlationId);else this.logger.verbose("07ndze",this.correlationId);return e&&null===e.postLogoutRedirectUri?this.logger.verbose("0ljv63",t.correlationId):e&&e.postLogoutRedirectUri?(this.logger.verbose("1vamm6",t.correlationId),t.postLogoutRedirectUri=vr.getAbsoluteUrl(e.postLogoutRedirectUri,ta())):null===this.config.auth.postLogoutRedirectUri?this.logger.verbose("15m5g7",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("1f4xlz",t.correlationId),t.postLogoutRedirectUri=vr.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,ta())):(this.logger.verbose("17s5rf",t.correlationId),t.postLogoutRedirectUri=vr.getAbsoluteUrl(ta(),ta())),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("0mvp54",this.correlationId)}else this.logger.verbose("1e7bdp",this.correlationId);return null}async createAuthCodeClient(e){const t=await Un(this.getClientConfiguration.bind(this),ka,this.logger,this.performanceClient,this.correlationId)(e);return new po(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:r,requestAzureCloudOptions:n,requestExtraQueryParameters:o,account:i}=e,s=e.authority||await Un(Pc,pa,this.logger,this.performanceClient,this.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:s,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:a.loggerCallback,piiLoggingEnabled:a.piiLoggingEnabled,logLevel:a.logLevel,correlationId:this.correlationId},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:xi,version:fc,cpu:"",os:""},telemetry:this.config.telemetry}}}async function Nc(e,t,r,n,o,i,s,a){const c=_c(e.redirectUri,r.auth.redirectUri,i,a),h={interactionType:t},l=In(n,e&&e.state||"",h),d={...await Un(Oc,ya,i,s,a)({...e,correlationId:a},r,s,i,a),redirectUri:c,state:l,nonce:e.nonce||Ms(),responseMode:r.auth.OIDCOptions.responseMode},u={...d,httpMethod:xc(d,r.system.protocolMode)};if(e.loginHint||e.sid)return u;const g=e.account||o.getActiveAccount(a);return g&&(i.verbose("1eqlb3",a),i.verbosePii("0tf99t",a),u.account=g),u}function Uc(e,t,r,n){const o=or(e);if(!o)throw nr(e)?(r.error("13pl0s",n),r.errorPii("1097vx",n),Ei(Ho)):(r.error("18h0l1",n),Ei(Uo));return o}function Lc(e,t,r){if(!e.state)throw Ei(Lo);const n=function(e,t){if(!t)return null;try{return Cn(e.base64Decode,t).libraryState.meta}catch(e){throw be(et)}}(t,e.state);if(!n)throw Ei(Do);if(n.interactionType!==r)throw Ei(Fo)}class Hc{constructor(e,t,r,n,o){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=n,this.performanceClient=o}async handleCodeResponse(e,t){let r;try{r=function(e,t){if(Co(e,t),!e.code)throw be(wt);return e}(e,t.state)}catch(e){throw e instanceof nn&&e.subError===$o?Ei($o):e}return Un(this.handleCodeResponseFromServer.bind(this),Rn,this.logger,this.performanceClient,t.correlationId)(r,t)}async handleCodeResponseFromServer(e,t,r=!0){if(this.logger.trace("0mf2hb",t.correlationId),this.authCodeRequest.code=e.code,r&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const e=this.createCcsCredentials(t);e&&(this.authCodeRequest.ccsCredential=e)}return await Un(this.authModule.acquireToken.bind(this.authModule),"authClientAcquireToken",this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:Yn}:e.loginHint?{credential:e.loginHint,type:Zn}:null}}class Dc extends we{constructor(e,t,r){super(e,t||Si(e)),Object.setPrototypeOf(this,Dc.prototype),this.name="NativeAuthError",this.ext=r}}function Fc(e){if(e.ext&&e.ext.status&&("PERSISTENT_ERROR"===e.ext.status||"DISABLED"===e.ext.status))return!0;if(e.ext&&e.ext.error&&-2147186943===e.ext.error)return!0;switch(e.errorCode){case"ContentError":case"PageException":return!0;default:return!1}}function Kc(e,t,r){if(r&&r.status)switch(r.status){case"ACCOUNT_UNAVAILABLE":return wn(sn,Si(e));case"USER_INTERACTION_REQUIRED":return new fn(e,t);case"USER_CANCEL":return Ei($o);case"NO_NETWORK":return Ei(ri);case"UX_NOT_ALLOWED":return wn(cn)}return new Dc(e,t,r)}class Bc extends qc{async acquireToken(e){const t=Ec(is.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),r=await Un(this.getClientConfiguration.bind(this),ka,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),n=new fo(r,this.performanceClient);this.logger.verbose("0wa871",this.correlationId);try{const t=(await Un(n.acquireCachedToken.bind(n),"silentFlowClientAcquireCachedToken",this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),t}catch(e){throw e instanceof _i&&e.errorCode===ai&&this.logger.verbose("06wena",this.correlationId),e}}logout(e){this.logger.verbose("1rkurh",this.correlationId);const t=this.initializeLogoutRequest(e);return Rc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account)}}class zc extends Sc{constructor(e,t,r,n,o,i,s,a,c,h,l,d){super(e,t,r,n,o,i,a,d,c),this.apiId=s,this.accountId=h,this.platformAuthProvider=c,this.nativeStorageManager=l,this.silentCacheClient=new Bc(e,this.nativeStorageManager,r,n,o,i,a,d,c);const u=this.platformAuthProvider.getExtensionName();this.skus=bo.makeExtraSkuString({libraryName:xi,libraryVersion:fc,extensionName:u,extensionVersion:this.platformAuthProvider.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[ge]:this.skus}}async acquireToken(e,t){this.logger.trace("03qeos",this.correlationId);const r=this.performanceClient.startMeasurement(ma,e.correlationId),n=vn(),o=Ec(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const i=await this.initializeNativeRequest(e);try{const e=await this.acquireTokensFromCache(this.accountId,i);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),e}catch(e){if(t===ds.AccessToken)throw this.logger.info("0eitbc",this.correlationId),e;this.logger.info("0957j1",this.correlationId)}const s=await this.platformAuthProvider.sendMessage(i);return await this.handleNativeResponse(s,i,n).then((e=>(r.end({success:!0,isNativeBroker:!0,requestId:e.requestId}),o.clearNativeBrokerErrorCode(),e))).catch((e=>{throw r.end({success:!1,errorCode:e.errorCode,subErrorCode:e.subError,isNativeBroker:!0}),e}))}catch(e){throw e instanceof Dc&&o.setNativeBrokerErrorCode(e.errorCode),e}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:_t.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("1ndf3e",this.correlationId),be(pt);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e},t.correlationId);if(!r)throw be(pt);try{const e=this.createSilentCacheRequest(t,r),n=await this.silentCacheClient.acquireToken(e),o={...r,idTokenClaims:n?.idTokenClaims,idToken:n?.idToken};return{...n,account:o}}catch(e){throw e}}async acquireTokenRedirect(e,t,r){this.logger.trace("0luikq",this.correlationId);const n=await this.initializeNativeRequest(e),o=r?.navigateToLoginRequestUrl??!0;try{await this.platformAuthProvider.sendMessage(n)}catch(e){if(e instanceof Dc){if(Ec(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).setNativeBrokerErrorCode(e.errorCode),Fc(e))throw e}}this.browserStorage.setTemporaryCache(rs,JSON.stringify(n),!0);const i={apiId:is.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},s=o?window.location.href:_c(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId);t.end({success:!0}),await this.navigationClient.navigateExternal(s,i)}async handleRedirectPromise(e,t){if(this.logger.trace("1c5lhw",this.correlationId),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",this.correlationId),null;const r=this.browserStorage.getCachedNativeRequest();if(!r)return this.logger.verbose("0a6zjb",this.correlationId),e&&t&&e?.addFields({errorCode:"no_cached_request"},t),null;const{prompt:n,...o}=r;n&&this.logger.verbose("0ac34v",this.correlationId),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(rs));const i=vn();try{this.logger.verbose("003x5a",this.correlationId);const e=await this.platformAuthProvider.sendMessage(o),t=await this.handleNativeResponse(e,o,i);return Ec(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).clearNativeBrokerErrorCode(),t}catch(e){throw e}}logout(){return this.logger.trace("0u2sjm",this.correlationId),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){this.logger.trace("1bojln",this.correlationId);const n=wr(e.id_token,ys),o=this.createHomeAccountIdentifier(e,n),i=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId},this.correlationId)?.homeAccountId;if(t.extraParameters?.child_client_id&&e.account.id!==t.accountId)this.logger.info("1ub1in",this.correlationId);else if(o!==i&&e.account.id!==t.accountId)throw Kc("user_switch");const s=await Pc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t.authority),a=Xn(this.browserStorage,s,o,ys,this.correlationId,n,e.client_info,void 0,n.tid,void 0,e.account.id);e.expires_in=Number(e.expires_in);const c=await this.generateAuthenticationResult(e,t,n,a,s.canonicalAuthority,r);return await this.cacheAccount(a,Ir(n)),await this.cacheNativeTokens(e,t,o,n,e.access_token,c.tenantId,r),c}createHomeAccountIdentifier(e,t){return Kr(e.client_info||"",xr,this.logger,this.browserCrypto,this.correlationId,t)}generateScopes(e,t){return t?_t.fromString(t):_t.fromString(e)}async generatePopAccessToken(e,t){if(t.tokenType===G.POP&&t.signPopToken){if(e.shr)return this.logger.trace("0coqhu",this.correlationId),e.shr;const r=new Hn(this.browserCrypto,this.performanceClient),n={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce,correlationId:this.correlationId};if(!t.keyId)throw be(vt);return r.signPopToken(e.access_token,t.keyId,n)}return e.access_token}async generateAuthenticationResult(e,t,r,n,o,i){const s=this.addTelemetryFromNativeResponse(e.properties.MATS),a=this.generateScopes(t.scope,e.scope),c=e.account.properties||{},h=c.UID||r.oid||r.sub||"",l=c.TenantId||r.tid||"",d=yr(Dr(n),void 0,r,e.id_token);d.nativeAccountId!==e.account.id&&(d.nativeAccountId=e.account.id);const u=await this.generatePopAccessToken(e,t),g=t.tokenType===G.POP?G.POP:G.BEARER;return{authority:o,uniqueId:h,tenantId:l,scopes:a.asArray(),account:d,idToken:e.id_token,idTokenClaims:r,accessToken:u,fromCache:!!s&&this.isResponseFromCache(s),expiresOn:Tn(i+e.expires_in),tokenType:g,correlationId:this.correlationId,state:e.state,fromPlatformBroker:!0}}async cacheAccount(e,t){await this.browserStorage.setAccount(e,this.correlationId,t),this.browserStorage.removeAccountContext(Dr(e),this.correlationId)}cacheNativeTokens(e,t,r,n,o,i,s){const a=Fn(r,t.authority,e.id_token||"",t.clientId,n.tid||""),c=s+(t.tokenType===G.POP?240:("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0),h=this.generateScopes(e.scope,t.scope),l={idToken:a,accessToken:Kn(r,t.authority,o,t.clientId,n.tid||i,h.printScopes(),c,0,ys,void 0,t.tokenType,void 0,t.keyId)};return this.nativeStorageManager.saveCacheRecord(l,this.correlationId,Ir(n),t.storeInCache)}getExpiresInValue(e,t){return e===G.POP?240:("string"==typeof t?parseInt(t,10):t)||0}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.platformAuthProvider.getExtensionId(),extensionVersion:this.platformAuthProvider.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}getMATSFromResponse(e){if(e)try{return JSON.parse(e)}catch(e){this.logger.error("0b3l57",this.correlationId)}return null}isResponseFromCache(e){return void 0===e.is_cached?(this.logger.verbose("1okqev",this.correlationId),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("04j6wj",this.correlationId);const t=await this.getCanonicalAuthority(e),{scopes:r,...n}=e,o=new _t(r||[]);o.appendScopes(p);const i={...n,accountId:this.accountId,clientId:this.config.auth.clientId,authority:t.urlString,scope:o.printScopes(),redirectUri:_c(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId),prompt:this.getPrompt(e.prompt),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraParameters},extendedExpiryToken:!1,keyId:e.popKid};if(i.signPopToken&&e.popKid)throw Ei(Ii);if(this.handleExtraBrokerParams(i),i.extraParameters=i.extraParameters||{},i.extraParameters.telemetry=Ui,e.authenticationScheme===G.POP){const t={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce,correlationId:this.correlationId},r=new Hn(this.browserCrypto,this.performanceClient);let n;if(i.keyId)n=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:i.keyId})),i.signPopToken=!1;else{const e=await Un(r.generateCnf.bind(r),On,this.logger,this.performanceClient,this.correlationId)(t,this.logger);n=e.reqCnfString,i.keyId=e.kid,i.signPopToken=!0}i.reqCnf=n}return this.addRequestSKUs(i),i}async getCanonicalAuthority(e){const t=e.authority||this.config.auth.authority,{azureCloudOptions:r,account:n}=e;n&&await Pc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t,r,void 0,n);const o=new vr(t);return o.validateAsUri(),o}getPrompt(e){switch(this.apiId){case is.ssoSilent:case is.acquireTokenSilent_silentFlow:return this.logger.trace("1hiwaz",this.correlationId),R.NONE}if(e)switch(e){case R.NONE:case R.CONSENT:case R.LOGIN:return this.logger.trace("1ynje4",this.correlationId),e;default:throw this.logger.trace("0nkr6q",this.correlationId),Ei(yi)}else this.logger.trace("1qlu04",this.correlationId)}handleExtraBrokerParams(e){const t=e.extraParameters&&e.extraParameters.hasOwnProperty(pe)&&e.extraParameters.hasOwnProperty(me)&&e.extraParameters.hasOwnProperty(ce);if(!e.embeddedClientId&&!t)return;let r="";const n=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,r=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[me],r=e.extraParameters[ce]),e.extraParameters={child_client_id:r,child_redirect_uri:n},this.performanceClient?.addFields({embeddedClientId:r,embeddedRedirectUri:n},e.correlationId)}}async function jc(e,t,r,n,o){const i=wo({...e.auth,authority:t},r,n,o);if(Dt(i,{sku:xi,version:fc,os:"",cpu:""}),e.system.protocolMode!==Hr.OIDC&&Ft(i,e.telemetry.application),r.platformBroker&&(function(e){e.set("nativebroker","1")}(i),r.authenticationScheme===G.POP)){const e=new Na(n,o),t=new Hn(e,o);let s;if(r.popKid)s=e.encodeKid(r.popKid);else{s=(await Un(t.generateCnf.bind(t),On,n,o,r.correlationId)(r,n)).reqCnfString}Xt(i,s)}return Et(i,r.correlationId,o),i}async function $c(e,t,r,n,o){if(!r.codeChallenge)throw ve(xe);const i=await Un(jc,"getStandardParams",n,o,r.correlationId)(e,t,r,n,o);return Pt(i,O),Bt(i,r.codeChallenge,c),Qt(i,{...r.extraQueryParameters,...r.extraParameters}),Io(t,i)}async function Jc(e,t,r,n,o,i){if(!n.earJwk)throw Ei(Mo);const s=await jc(t,r,n,o,i);Pt(s,M),function(e,t){e.set("ear_jwk",encodeURIComponent(t)),e.set("ear_jwe_crypto","eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}(s,n.earJwk),Bt(s,n.codeChallenge,c),Qt(s,{...n.extraParameters});const a=new Map;Qt(a,n.extraQueryParameters||{});return Gc(e,Io(r,a),s)}async function Wc(e,t,r,n,o,i){const s=await jc(t,r,n,o,i);Pt(s,O),Bt(s,n.codeChallenge,n.codeChallengeMethod||c),Qt(s,{...n.extraParameters});const a=new Map;Qt(a,n.extraQueryParameters||{});return Gc(e,Io(r,a),s)}function Gc(e,t,r){const n=e.createElement("form");return n.method="post",n.action=t,r.forEach(((t,r)=>{const o=e.createElement("input");o.hidden=!0,o.name=r,o.value=t,n.appendChild(o)})),e.body.appendChild(n),n}async function Qc(e,t,r,n,o,i,s,a,c,h){if(a.verbose("11qcow",e.correlationId),!h)throw Ei(mi);const l=new Na(a,c),d=new zc(n,o,l,a,s,n.system.navigationClient,r,c,h,t,i,e.correlationId),{userRequestState:u}=Cn(l.base64Decode,e.state);return Un(d.acquireToken.bind(d),ma,a,c,e.correlationId)({...e,state:u,prompt:void 0})}async function Vc(e,t,r,n,o,i,s,a,c,h,l,d){if(ro.removeThrottle(s,o.auth.clientId,e),t.accountId)return Un(Qc,Aa,h,l,e.correlationId)(e,t.accountId,n,o,s,a,c,h,l,d);const u={...e,code:t.code||"",codeVerifier:r},g=new Hc(i,s,u,h,l);return await Un(g.handleCodeResponse.bind(g),"handleCodeResponse",h,l,e.correlationId)(t,e)}async function Xc(e,t,r,n,o,i,s,a,c,h,l){if(ro.removeThrottle(i,n.auth.clientId,e),Co(t,e.state),!t.ear_jwe)throw Ei(xo);if(!e.earJwk)throw Ei(Mo);const d=JSON.parse(await Un(Ns,"decryptEarResponse",c,h,e.correlationId)(e.earJwk,t.ear_jwe));if(d.accountId)return Un(Qc,Aa,c,h,e.correlationId)(e,d.accountId,r,n,i,s,a,c,h,l);const u=new Vn(n.auth.clientId,i,new Na(c,h),c,h,null,null);u.validateTokenResponse(d,e.correlationId);const g={code:"",state:e.state,nonce:e.nonce,client_info:d.client_info,cloud_graph_host_name:d.cloud_graph_host_name,cloud_instance_host_name:d.cloud_instance_host_name,cloud_instance_name:d.cloud_instance_name,msgraph_host:d.msgraph_host};return await Un(u.handleServerTokenResponse.bind(u),Mn,c,h,e.correlationId)(d,o,vn(),e,g,void 0,void 0,void 0,void 0)}async function Yc(e,t,r){const n=Nn(Zc,"generateCodeVerifier",t,e,r)(e,t,r);return{verifier:n,challenge:await Un(eh,"generateCodeChallengeFromVerifier",t,e,r)(n,e,t,r)}}function Zc(e,t,r){try{const n=new Uint8Array(32);Nn(Rs,"getRandomValues",t,e,r)(n);return ps(n)}catch(e){throw Ei(Oo)}}async function eh(e,t,r,n){try{const o=await Un(Ps,"sha256Digest",r,t,n)(e);return ps(new Uint8Array(o))}catch(e){throw Ei(Oo)}}class th{navigateInternal(e,t){return th.defaultNavigateWindow(e,t)}navigateExternal(e,t){return th.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(((e,r)=>{setTimeout((()=>{r(Ei(Ti,"failed_to_redirect"))}),t.timeout)}))}}class rh{async sendGetRequestAsync(e,t){let r,n={},o=0;const i=nh(t);try{r=await fetch(e,{method:Wi,headers:i})}catch(e){throw oo(Ei(window.navigator.onLine?oi:ri),void 0,void 0,e)}n=oh(r.headers);try{return o=r.status,{headers:n,body:await r.json(),status:o}}catch(e){throw oo(Ei(ii),o,n,e)}}async sendPostRequestAsync(e,t){const r=t&&t.body||"",n=nh(t);let o,i=0,s={};try{o=await fetch(e,{method:Gi,headers:n,body:r})}catch(e){throw oo(Ei(window.navigator.onLine?ni:ri),void 0,void 0,e)}s=oh(o.headers);try{return i=o.status,{headers:s,body:await o.json(),status:i}}catch(e){throw oo(Ei(ii),i,s,e)}}}function nh(e){try{const t=new Headers;if(!e||!e.headers)return t;const r=e.headers;return Object.entries(r).forEach((([e,r])=>{t.append(e,r)})),t}catch(e){throw oo(Ei(Ci),void 0,void 0,e)}}function oh(e){try{const t={};return e.forEach(((e,r)=>{t[r]=e})),t}catch(e){throw Ei(vi)}}function ih({auth:r,cache:n,system:o,telemetry:c},h){const l={clientId:"",authority:`${t}`,knownAuthorities:[],cloudDiscoveryMetadata:"",authorityMetadata:"",redirectUri:"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:"",postLogoutRedirectUri:"",clientCapabilities:[],OIDCOptions:{responseMode:x.FRAGMENT,defaultScopes:[i,s,a]},azureCloudOptions:{azureCloudInstance:pr.None,tenant:""},instanceAware:!1},d={cacheLocation:Ji.SessionStorage,cacheRetentionDays:5},u={loggerCallback:()=>{},logLevel:e.LogLevel.Info,piiLoggingEnabled:!1},g={...{...Gr,loggerOptions:u,networkClient:h?new rh:yo,navigationClient:new th,popupBridgeTimeout:o?.popupBridgeTimeout||6e4,iframeBridgeTimeout:o?.iframeBridgeTimeout||1e4,redirectNavigationTimeout:3e4,allowRedirectInIframe:!1,navigatePopups:!0,allowPlatformBroker:!1,nativeBrokerHandshakeTimeout:o?.nativeBrokerHandshakeTimeout||2e3,protocolMode:Hr.AAD},...o,loggerOptions:o?.loggerOptions||u},p={application:{appName:"",appVersion:""},client:new Wr};if(o?.protocolMode!==Hr.OIDC&&r?.OIDCOptions){new dr(g.loggerOptions).warning(JSON.stringify(ve(Ke)),"")}if(o?.protocolMode&&o.protocolMode===Hr.OIDC&&g?.allowPlatformBroker)throw ve(Be);return{auth:{...l,...r,OIDCOptions:{...l.OIDCOptions,...r?.OIDCOptions}},cache:{...d,...n},system:g,telemetry:{...p,...c}}}class sh{constructor(e,t,r,n){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=n,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=r.startMeasurement("nativeMessageHandlerHandshake"),this.platformAuthType=Ki}async sendMessage(e){this.logger.trace("0on4p2",e.correlationId);const t={method:ji,request:e},r={channel:qi,extensionId:this.extensionId,responseId:Ms(),body:t};this.logger.trace("1qadfi",e.correlationId),this.logger.tracePii("1xm533",e.correlationId),this.messageChannel.port1.postMessage(r);const n=await new Promise(((e,t)=>{this.resolvers.set(r.responseId,{resolve:e,reject:t})}));return this.validatePlatformBrokerResponse(n)}static async createProvider(e,t,r,n){e.trace("15zfnw",n);try{const o=new sh(e,t,r,Ni);return await o.sendHandshakeRequest(n),o}catch(o){const i=new sh(e,t,r);return await i.sendHandshakeRequest(n),i}}async sendHandshakeRequest(e){this.logger.trace("1dpg9o",e),window.addEventListener("message",this.windowListener,!1);const t={channel:qi,extensionId:this.extensionId,responseId:Ms(),body:{method:Bi}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=e=>{this.onChannelMessage(e)},window.postMessage(t,window.origin,[this.messageChannel.port2]),new Promise(((e,r)=>{this.handshakeResolvers.set(t.responseId,{resolve:e,reject:r}),this.timeoutId=window.setTimeout((()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(Ei(gi)),this.handshakeResolvers.delete(t.responseId)}),this.handshakeTimeoutMs)}))}onWindowMessage(e){const t=da();if(this.logger.trace("0jpn5u",t),e.source!==window)return;const r=e.data;if(r.channel&&r.channel===qi&&(!r.extensionId||r.extensionId===this.extensionId)&&r.body.method===Bi){const e=this.handshakeResolvers.get(r.responseId);if(!e)return void this.logger.trace("07buhm",t);this.logger.verbose(r.extensionId?"0xrkug":"No extension installed",t),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),e.reject(Ei(pi))}}onChannelMessage(e){const t=da();this.logger.trace("1py8yf",t);const r=e.data,n=this.resolvers.get(r.responseId),o=this.handshakeResolvers.get(r.responseId);try{const e=r.body.method;if(e===$i){if(!n)return;const e=r.body.response;if(this.logger.trace("19hpgm",t),this.logger.tracePii("179a24",t),"Success"!==e.status)n.reject(Kc(e.code,e.description,e.ext));else{if(!e.result)throw Ie(vo,"Event does not contain result.");e.result.code&&e.result.description?n.reject(Kc(e.result.code,e.result.description,e.result.ext)):n.resolve(e.result)}this.resolvers.delete(r.responseId)}else if(e===zi){if(!o)return void this.logger.trace("082qnt",t);clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=r.extensionId,this.extensionVersion=r.body.version,this.logger.verbose("0yf5ib",t),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),o.resolve(),this.handshakeResolvers.delete(r.responseId)}}catch(e){this.logger.error("0xf978",t),this.logger.errorPii("04i99o",t),this.logger.errorPii("0xdvsy",t),n?n.reject(e):o&&o.reject(e)}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw Ie(vo,"Response missing expected properties.")}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}getExtensionName(){return this.getExtensionId()===Ni?"chrome":this.getExtensionId()?.length?"unknown":void 0}}class ah{constructor(e,t,r){this.logger=e,this.performanceClient=t,this.correlationId=r,this.platformAuthType=Fi}static async createProvider(e,t,r){if(e.trace("12mj4a",r),window.navigator?.platformAuthentication){const n=await window.navigator.platformAuthentication.getSupportedContracts(Li);if(n?.includes(Di))return e.trace("1h5q1r",r),new ah(e,t,r)}}getExtensionId(){return Li}getExtensionVersion(){return""}getExtensionName(){return Hi}async sendMessage(e){this.logger.trace("02bcil",e.correlationId);try{const t=this.initializePlatformDOMRequest(e),r=await window.navigator.platformAuthentication.executeGetToken(t);return this.validatePlatformBrokerResponse(r,e.correlationId)}catch(t){throw this.logger.error("11im7g",e.correlationId),t}}initializePlatformDOMRequest(e){this.logger.trace("15d6yv",e.correlationId);const{accountId:t,clientId:r,authority:n,scope:o,redirectUri:i,correlationId:s,state:a,storeInCache:c,embeddedClientId:h,extraParameters:l,...d}=e,u=this.getDOMExtraParams(d);return{accountId:t,brokerId:this.getExtensionId(),authority:n,clientId:r,correlationId:s||this.correlationId,extraParameters:{...l,...u},isSecurityTokenService:!1,redirectUri:i,scope:o,state:a,storeInCache:c,embeddedClientId:h}}validatePlatformBrokerResponse(e,t){if(e.hasOwnProperty("isSuccess")){if(e.hasOwnProperty("accessToken")&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("clientInfo")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scopes")&&e.hasOwnProperty("expiresIn"))return this.logger.trace("0h4vei",t),this.convertToPlatformBrokerResponse(e,t);if(e.hasOwnProperty("error")){const r=e;if(!1===r.isSuccess&&r.error&&r.error.code)throw this.logger.trace("0g92vm",t),Kc(r.error.code,r.error.description,{error:parseInt(r.error.errorCode),protocol_error:r.error.protocolError,status:r.error.status,properties:r.error.properties})}}throw Ie(vo,"Response missing expected properties.")}convertToPlatformBrokerResponse(e,t){this.logger.trace("14913t",t);return{access_token:e.accessToken,id_token:e.idToken,client_info:e.clientInfo,account:e.account,expires_in:e.expiresIn,scope:e.scopes,state:e.state||"",properties:e.properties||{},extendedLifetimeToken:e.extendedLifetimeToken??!1,shr:e.proofOfPossessionPayload}}getDOMExtraParams(e){return{...Object.entries(e).reduce(((e,[t,r])=>(e[t]=String(r),e)),{})}}}async function ch(e,t,r,n){e.trace("134j0v",r);const o=function(){let e;try{return e=window[Ji.SessionStorage],"true"===e?.getItem(Ya)}catch(e){return!1}}();let i;e.trace("04c81g",r);try{o&&(i=await ah.createProvider(e,t,r)),i||(e.trace("0l3na8",r),i=await sh.createProvider(e,n||2e3,t,r))}catch(t){e.trace("0icbd7",t)}return i}function hh(e,t,r,n,o){if(t.trace("0uko3r",r),!e.system.allowPlatformBroker)return t.trace("04hozs",r),!1;if(!n)return t.trace("0kvv1r",r),!1;if(o)switch(o){case G.BEARER:case G.POP:return t.trace("18tev1",r),!0;default:return t.trace("1dd2nh",r),!1}return!0}class lh extends qc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a,this.eventHandler=o}acquireToken(e,t){let r;try{if(r={popupName:this.generatePopupName(e.scopes||p,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window},this.performanceClient.addFields({isAsyncPopup:!this.config.system.navigatePopups},this.correlationId),this.config.system.navigatePopups){const n={...e,httpMethod:xc(e,this.config.system.protocolMode)};return this.logger.verbose("1f9ok3",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.acquireTokenPopupAsync(n,r,t)}return this.logger.verbose("162h4u",this.correlationId),this.acquireTokenPopupAsync(e,r,t)}catch(e){return Promise.reject(e)}}logout(e){try{this.logger.verbose("068rup",this.correlationId);const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:e?.popupWindowAttributes||{},popupWindowParent:e?.popupWindowParent??window},n=e&&e.authority,o=e&&e.mainWindowRedirectUri;return this.config.system.navigatePopups?(this.logger.verbose("1a28da",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,n,o)):(this.logger.verbose("1phd8u",this.correlationId),this.logoutPopupAsync(t,r,n,o))}catch(e){return Promise.reject(e)}}async acquireTokenPopupAsync(t,r,n){this.logger.verbose("1g77pg",this.correlationId);const o=await Un(Nc,Ta,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Popup,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.popup&&la(o.authority);const i=hh(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);return o.platformBroker=i,this.config.system.protocolMode===Hr.EAR?this.executeEarFlow(o,r,n):this.executeCodeFlow(o,r,n)}async executeCodeFlow(t,r,n){const o=t.correlationId,i=Ec(is.acquireTokenPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),s=n||await Un(Yc,Ea,this.logger,this.performanceClient,o)(this.performanceClient,this.logger,o),a={...t,codeChallenge:s.challenge};try{const n=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,o)({serverTelemetryManager:i,requestAuthority:a.authority,requestAzureCloudOptions:a.azureCloudOptions,requestExtraQueryParameters:a.extraQueryParameters,account:a.account});if(a.httpMethod===g)return await this.executeCodeFlowWithPost(a,r,n,s.verifier);{const i=await Un($c,Pn,this.logger,this.performanceClient,o)(this.config,n.authority,a,this.logger,this.performanceClient),c=this.initiateAuthRequest(i,r);this.eventHandler.emitEvent(pc.POPUP_OPENED,e.InteractionType.Popup,{popupWindow:c},null);const h=await ea(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,t),l=Nn(Uc,_a,this.logger,this.performanceClient,this.correlationId)(h,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return await Un(Vc,Sa,this.logger,this.performanceClient,o)(t,l,s.verifier,is.acquireTokenPopup,this.config,n,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}catch(e){throw r.popup?.close(),e instanceof we&&(e.setCorrelationId(this.correlationId),i.cacheFailedRequest(e)),e}}async executeEarFlow(e,t,r){const{correlationId:n,authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=e,c=await Un(Pc,pa,this.logger,this.performanceClient,n)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a),h=await Un(qs,Oa,this.logger,this.performanceClient,n)(),l=r||await Un(Yc,Ea,this.logger,this.performanceClient,n)(this.performanceClient,this.logger,n),d={...e,earJwk:h,codeChallenge:l.challenge},u=t.popup||this.openPopup("about:blank",t);(await Jc(u.document,this.config,c,d,this.logger,this.performanceClient)).submit();const g=await Un(ea,Ca,this.logger,this.performanceClient,n)(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,d),p=Nn(Uc,_a,this.logger,this.performanceClient,this.correlationId)(g,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);if(!p.ear_jwe&&p.code){const t=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,n)({serverTelemetryManager:Ec(is.acquireTokenPopup,this.config.auth.clientId,n,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:c});return Un(Vc,Sa,this.logger,this.performanceClient,n)(d,p,l.verifier,is.acquireTokenPopup,this.config,t,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Un(Xc,ba,this.logger,this.performanceClient,n)(d,p,is.acquireTokenPopup,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async executeCodeFlowWithPost(e,t,r,n){const o=e.correlationId,i=await Un(Pc,pa,this.logger,this.performanceClient,o)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger),s=t.popup||this.openPopup("about:blank",t);(await Wc(s.document,this.config,i,e,this.logger,this.performanceClient)).submit();const a=await Un(ea,Ca,this.logger,this.performanceClient,o)(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,e),c=Nn(Uc,_a,this.logger,this.performanceClient,this.correlationId)(a,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return Un(Vc,Sa,this.logger,this.performanceClient,o)(e,c,n,is.acquireTokenPopup,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async logoutPopupAsync(t,r,n,o){this.logger.verbose("0b7yrk",this.correlationId),this.eventHandler.emitEvent(pc.LOGOUT_START,e.InteractionType.Popup,t);const i=Ec(is.logoutPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{await Rc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account);const s=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:i,requestAuthority:n,account:t.account||void 0});try{s.authority.endSessionEndpoint}catch{if(t.account?.homeAccountId&&t.postLogoutRedirectUri&&s.authority.protocolMode===Hr.OIDC){if(this.eventHandler.emitEvent(pc.LOGOUT_SUCCESS,e.InteractionType.Popup,t),o){const e={apiId:is.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=vr.getAbsoluteUrl(o,ta());await this.navigationClient.navigateInternal(t,e)}return void r.popup?.close()}}const a=s.getLogoutUri(t);this.eventHandler.emitEvent(pc.LOGOUT_SUCCESS,e.InteractionType.Popup,t);const c=this.openPopup(a,r);if(this.eventHandler.emitEvent(pc.POPUP_OPENED,e.InteractionType.Popup,{popupWindow:c},null),await ea(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,t).catch((()=>{})),o){const e={apiId:is.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=vr.getAbsoluteUrl(o,ta());this.logger.verbose("0qcur2",this.correlationId),this.logger.verbosePii("0oj7lk",this.correlationId),await this.navigationClient.navigateInternal(t,e)}else this.logger.verbose("03zgcf",this.correlationId)}catch(t){throw r.popup?.close(),t instanceof we&&(t.setCorrelationId(this.correlationId),i.cacheFailedRequest(t)),this.eventHandler.emitEvent(pc.LOGOUT_FAILURE,e.InteractionType.Popup,null,t),this.eventHandler.emitEvent(pc.LOGOUT_END,e.InteractionType.Popup),t}this.eventHandler.emitEvent(pc.LOGOUT_END,e.InteractionType.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii("1kcr9k",this.correlationId),this.openPopup(e,t);throw this.logger.error("1l7hyp",this.correlationId),Ei(No)}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii("0cgeo7",this.correlationId),r.location.assign(e)):void 0===t.popup&&(this.logger.verbosePii("0c2awd",this.correlationId),r=this.openSizedPopup(e,t)),!r)throw Ei(jo);return r.focus&&r.focus(),this.currentWindow=r,r}catch(e){throw this.logger.error("0dxfb9",this.correlationId),Ei(zo)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:n}){const o=n.screenLeft?n.screenLeft:n.screenX,i=n.screenTop?n.screenTop:n.screenY,s=n.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,a=n.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let c=r.popupSize?.width,h=r.popupSize?.height,l=r.popupPosition?.top,d=r.popupPosition?.left;return(!c||c<0||c>s)&&(this.logger.verbose("08vfmo",this.correlationId),c=Ri),(!h||h<0||h>a)&&(this.logger.verbose("09cxa0",this.correlationId),h=Oi),(!l||l<0||l>a)&&(this.logger.verbose("1qh4wo",this.correlationId),l=Math.max(0,a/2-Oi/2+i)),(!d||d<0||d>s)&&(this.logger.verbose("1sz3en",this.correlationId),d=Math.max(0,s/2-Ri/2+o)),n.open(e,t,`width=${c}, height=${h}, top=${l}, left=${d}, scrollbars=yes`)}generatePopupName(e,t){return`${Mi}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${Mi}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}class dh extends qc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a}async acquireToken(t){const r=await Un(Nc,Ta,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Redirect,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.platformBroker=hh(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);const n=t=>{t.persisted&&(this.logger.verbose("0udvtt",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),this.eventHandler.emitEvent(pc.RESTORE_FROM_BFCACHE,e.InteractionType.Redirect))},o=this.getRedirectStartPage(t.redirectStartPage);this.logger.verbosePii("0zao0a",this.correlationId),this.browserStorage.setTemporaryCache(Xi,o,!0),window.addEventListener("pageshow",n);try{this.config.system.protocolMode===Hr.EAR?await this.executeEarFlow(r):await this.executeCodeFlow(r)}catch(e){throw e instanceof we&&e.setCorrelationId(this.correlationId),window.removeEventListener("pageshow",n),e}}async executeCodeFlow(e){const t=e.correlationId,r=Ec(is.acquireTokenRedirect,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),n=await Un(Yc,Ea,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),o={...e,codeChallenge:n.challenge};this.browserStorage.cacheAuthorizeRequest(o,this.correlationId,n.verifier);try{if(o.httpMethod===g)return await this.executeCodeFlowWithPost(o);{const t=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:r,requestAuthority:o.authority,requestAzureCloudOptions:o.azureCloudOptions,requestExtraQueryParameters:o.extraQueryParameters,account:o.account}),n=await Un($c,Pn,this.logger,this.performanceClient,e.correlationId)(this.config,t.authority,o,this.logger,this.performanceClient);return await this.initiateAuthRequest(n)}}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),r.cacheFailedRequest(e)),e}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Un(Pc,pa,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Un(qs,Oa,this.logger,this.performanceClient,t)(),c=await Un(Yc,Ea,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge};this.browserStorage.cacheAuthorizeRequest(h,this.correlationId,c.verifier);return(await Jc(document,this.config,s,h,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Ei(Ti,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async executeCodeFlowWithPost(e){const t=e.correlationId,r=await Un(Pc,pa,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger);this.browserStorage.cacheAuthorizeRequest(e,this.correlationId);return(await Wc(document,this.config,r,e,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Ei(Ti,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async handleRedirectPromise(e,t,r,n){const o=Ec(is.handleRedirectPromise,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),i=n?.navigateToLoginRequestUrl??!0;try{const[s,a]=this.getRedirectResponse(n?.hash||"");if(!s)return this.logger.info("1qmv0q",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),"back_forward"!==function(){if("undefined"==typeof window||void 0===window.performance||"function"!=typeof window.performance.getEntriesByType)return;const e=window.performance.getEntriesByType("navigation"),t=e.length?e[0]:void 0;return t?.type}()?r.event.errorCode="no_server_response":this.logger.verbose("1eqegq",this.correlationId),null;const c=this.browserStorage.getTemporaryCache(Xi,this.correlationId,!0)||"",h=sr(c);if(h===sr(window.location.href)&&i){this.logger.verbose("11yred",this.correlationId),c.indexOf("#")>-1&&Qs(c);return await this.handleResponse(s,e,t,o)}if(!i)return this.logger.verbose("0v4sdv",this.correlationId),await this.handleResponse(s,e,t,o);if(!Vs()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(Yi,a,!0);const r={apiId:is.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let n=!0;if(c&&"null"!==c)this.logger.verbose("08jpy1",this.correlationId),n=await this.navigationClient.navigateInternal(c,r);else{const e=ra();this.browserStorage.setTemporaryCache(Xi,e,!0),this.logger.warning("1dutq1",this.correlationId),n=await this.navigationClient.navigateInternal(e,r)}if(!n)return await this.handleResponse(s,e,t,o)}return null}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),o.cacheFailedRequest(e)),e}}getRedirectResponse(t){this.logger.verbose("1c5i8m",this.correlationId);let r=t;r||(r=this.config.auth.OIDCOptions.responseMode===x.QUERY?window.location.search:window.location.hash);let n=or(r);if(n){try{Lc(n,this.browserCrypto,e.InteractionType.Redirect)}catch(e){return e instanceof we&&this.logger.error("0bkq6p",this.correlationId),[null,""]}return Gs(window),this.logger.verbose("00uvho",this.correlationId),[n,r]}const o=this.browserStorage.getTemporaryCache(Yi,this.correlationId,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Yi)),o&&(n=or(o),n)?(this.logger.verbose("001671",this.correlationId),[n,o]):[null,""]}async handleResponse(e,t,r,n){if(!e.state)throw Ei(Lo);const{authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=t;if(e.ear_jwe){const r=await Un(Pc,pa,this.logger,this.performanceClient,t.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a);return Un(Xc,ba,this.logger,this.performanceClient,t.correlationId)(t,e,is.acquireTokenRedirect,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}const c=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority});return Un(Vc,Sa,this.logger,this.performanceClient,t.correlationId)(t,e,r,is.acquireTokenRedirect,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async initiateAuthRequest(e){if(this.logger.verbose("0yaw2e",this.correlationId),e){this.logger.infoPii("1luf83",this.correlationId);const t={apiId:is.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},r=this.config.auth.onRedirectNavigate;if("function"==typeof r){this.logger.verbose("1nehvl",this.correlationId);return!1!==r(e)?(this.logger.verbose("1a0jxh",this.correlationId),void await this.navigationClient.navigateExternal(e,t)):void this.logger.verbose("09k5h5",this.correlationId)}return this.logger.verbose("0klwf7",this.correlationId),void await this.navigationClient.navigateExternal(e,t)}throw this.logger.info("0rlh4e",this.correlationId),Ei(No)}async logout(t){this.logger.verbose("1rkurh",this.correlationId);const r=this.initializeLogoutRequest(t),n=Ec(is.logout,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{this.eventHandler.emitEvent(pc.LOGOUT_START,e.InteractionType.Redirect,t),await Rc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,r.account);const o={apiId:is.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t&&t.authority,requestExtraQueryParameters:t?.extraQueryParameters,account:t&&t.account||void 0});if(i.authority.protocolMode===Hr.OIDC)try{i.authority.endSessionEndpoint}catch{if(r.account?.homeAccountId)return void this.eventHandler.emitEvent(pc.LOGOUT_SUCCESS,e.InteractionType.Redirect,r)}const s=i.getLogoutUri(r);r.account?.homeAccountId&&this.eventHandler.emitEvent(pc.LOGOUT_SUCCESS,e.InteractionType.Redirect,r);const a=this.config.auth.onRedirectNavigate;if("function"!=typeof a)return this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Vi),void await this.navigationClient.navigateExternal(s,o);if(!1!==a(s))return this.logger.verbose("06v57e",this.correlationId),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Vi),void await this.navigationClient.navigateExternal(s,o);this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("0xqes1",this.correlationId)}catch(t){throw t instanceof we&&(t.setCorrelationId(this.correlationId),n.cacheFailedRequest(t)),this.eventHandler.emitEvent(pc.LOGOUT_FAILURE,e.InteractionType.Redirect,null,t),this.eventHandler.emitEvent(pc.LOGOUT_END,e.InteractionType.Redirect),t}this.eventHandler.emitEvent(pc.LOGOUT_END,e.InteractionType.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return vr.getAbsoluteUrl(t,ta())}}async function uh(e,t,r,n){if(!e)throw r.info("1l7hyp",n),Ei(No);return Nn(mh,"silentHandlerLoadFrameSync",r,t,n)(e)}async function gh(e,t,r,n,o){const i=fh();if(!i.contentDocument)throw"No document associated with iframe!";return(await Wc(i.contentDocument,e,t,r,n,o)).submit(),i}async function ph(e,t,r,n,o){const i=fh();if(!i.contentDocument)throw"No document associated with iframe!";return(await Jc(i.contentDocument,e,t,r,n,o)).submit(),i}function mh(e){const t=fh();return t.src=e,t}function fh(){const e=document.createElement("iframe");return e.className="msalSilentIframe",e.style.visibility="hidden",e.style.position="absolute",e.style.width=e.style.height="0",e.style.border="0",e.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),e.setAttribute("allow","local-network-access *"),document.body.appendChild(e),e}class yh extends qc{constructor(e,t,r,n,o,i,s,a,c,h,l){super(e,t,r,n,o,i,a,h,l),this.apiId=s,this.nativeStorage=c}async acquireToken(t){t.loginHint||t.sid||t.account&&t.account.username||this.logger.warning("1kl318",this.correlationId);const r={...t};r.prompt?r.prompt!==R.NONE&&r.prompt!==R.NO_SESSION&&(this.logger.warning("0bmctg",this.correlationId),r.prompt=R.NONE):r.prompt=R.NONE;const n=await Un(Nc,Ta,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);return n.platformBroker=hh(this.config,this.logger,this.correlationId,this.platformAuthProvider,n.authenticationScheme),la(n.authority),this.config.system.protocolMode===Hr.EAR?this.executeEarFlow(n):this.executeCodeFlow(n)}async executeCodeFlow(e){let t;const r=Ec(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{return t=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await Un(this.silentTokenHelper.bind(this),wa,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(n){if(n instanceof we&&(n.setCorrelationId(this.correlationId),r.cacheFailedRequest(n)),!(t&&n instanceof we&&n.errorCode===Pi))throw n;return this.performanceClient.addFields({retryError:n.errorCode},this.correlationId),await Un(this.silentTokenHelper.bind(this),wa,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Un(Pc,pa,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Un(qs,Oa,this.logger,this.performanceClient,t)(),c=await Un(Yc,Ea,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge};await Un(ph,Ia,this.logger,this.performanceClient,t)(this.config,s,h,this.logger,this.performanceClient);const l=this.config.auth.OIDCOptions.responseMode,d=await Un(ea,Ca,this.logger,this.performanceClient,t)(this.config.system.iframeBridgeTimeout,this.logger,this.browserCrypto,e),u=Nn(Uc,_a,this.logger,this.performanceClient,t)(d,l,this.logger,this.correlationId);if(!u.ear_jwe&&u.code){const r=await Un(this.createAuthCodeClient.bind(this),va,this.logger,this.performanceClient,t)({serverTelemetryManager:Ec(this.apiId,this.config.auth.clientId,t,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:s});return Un(Vc,Sa,this.logger,this.performanceClient,t)(h,u,c.verifier,this.apiId,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Un(Xc,ba,this.logger,this.performanceClient,t)(h,u,this.apiId,this.config,s,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}logout(){return Promise.reject(Ei(Vo))}async silentTokenHelper(e,t){const r=t.correlationId,n=await Un(Yc,Ea,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),o={...t,codeChallenge:n.challenge};if(t.httpMethod===g)await Un(gh,Ia,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);else{const t=await Un($c,Pn,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);await Un(uh,Ia,this.logger,this.performanceClient,r)(t,this.performanceClient,this.logger,r)}const i=this.config.auth.OIDCOptions.responseMode,s=await Un(ea,Ca,this.logger,this.performanceClient,r)(this.config.system.iframeBridgeTimeout,this.logger,this.browserCrypto,t),a=Nn(Uc,_a,this.logger,this.performanceClient,r)(s,i,this.logger,this.correlationId);return Un(Vc,Sa,this.logger,this.performanceClient,r)(t,a,n.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}class wh extends qc{async acquireToken(e){const t=await Un(Oc,ya,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger,this.correlationId),r={...e,...t};e.redirectUri&&(r.redirectUri=_c(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId));const n=Ec(is.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),o=await this.createRefreshTokenClient({serverTelemetryManager:n,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return Un(o.acquireTokenByRefreshToken.bind(o),"refreshTokenClientAcquireTokenByRefreshToken",this.logger,this.performanceClient,e.correlationId)(r).catch((e=>{throw e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e),e}))}logout(){return Promise.reject(Ei(Vo))}async createRefreshTokenClient(e){const t=await Un(this.getClientConfiguration.bind(this),ka,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new mo(t,this.performanceClient)}}class Ih extends po{constructor(e,t){super(e,t),this.includeRedirectUri=!1}}class Ch extends qc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,a,c,h),this.apiId=s}async acquireToken(t){if(!t.code)throw Ei(ci);const r=await Un(Nc,Ta,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),n=Ec(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const e={...r,code:t.code},o=await Un(this.getClientConfiguration.bind(this),ka,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:r.authority,requestAzureCloudOptions:r.azureCloudOptions,requestExtraQueryParameters:r.extraQueryParameters,account:r.account}),i=new Ih(o,this.performanceClient);this.logger.verbose("1uic5e",this.correlationId);const s=new Hc(i,this.browserStorage,e,this.logger,this.performanceClient);return await Un(s.handleCodeResponseFromServer.bind(s),Rn,this.logger,this.performanceClient,this.correlationId)({code:t.code,msgraph_host:t.msGraphHost,cloud_graph_host_name:t.cloudGraphHostName,cloud_instance_host_name:t.cloudInstanceHostName},r,!1)}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e)),e}}logout(){return Promise.reject(Ei(Vo))}}function vh(e,t,r){try{ca(e)}catch(e){throw t.end({success:!1},e,r),e}}class kh{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new Na(this.logger,this.performanceClient):ar,this.eventHandler=new Ac(this.logger),this.browserStorage=this.isBrowserEnvironment?new wc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,uo(this.config.auth)):Cc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:Ji.MemoryStorage,cacheRetentionDays:5};this.nativeInternalStorage=new wc(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this)}static async createController(e,t){const r=new kh(e);return await r.initialize(t),r}trackPageVisibility(e){e&&(this.logger.info("16v6hv",e),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e){const t=this.getRequestCorrelationId(e);if(this.logger.trace("1f7joy",t),this.initialized)return void this.logger.info("061m5x",t);if(!this.isBrowserEnvironment)return this.logger.info("19fvpi",t),this.initialized=!0,void this.eventHandler.emitEvent(pc.INITIALIZE_END);const r=e?.correlationId||this.getRequestCorrelationId(),n=this.config.system.allowPlatformBroker,o=this.performanceClient.startMeasurement(za,r);if(this.eventHandler.emitEvent(pc.INITIALIZE_START),this.logMultipleInstances(o,r),await Un(this.browserStorage.initialize.bind(this.browserStorage),"initializeCache",this.logger,this.performanceClient,r)(r),n)try{this.platformAuthProvider=await ch(this.logger,this.performanceClient,r,this.config.system.nativeBrokerHandshakeTimeout)}catch(e){this.logger.verbose(e,r)}this.config.cache.cacheLocation===Ji.LocalStorage&&this.eventHandler.subscribeCrossTab(),!this.config.system.navigatePopups&&await this.preGeneratePkceCodes(r),this.initialized=!0,this.eventHandler.emitEvent(pc.INITIALIZE_END),o.end({allowPlatformBroker:n,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("02l8bm",""),aa(this.initialized),this.isBrowserEnvironment){const t=e?.hash||"";let r=this.redirectResponse.get(t);return void 0===r?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("1wn9kp","")):this.logger.verbose("0w0gm3",""),r}return this.logger.verbose("12xi63",""),null}async handleRedirectPromiseInternal(t){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",""),null;const r=this.browserStorage.getInteractionInProgress()?.type;if(r===Vi)return this.logger.verbose("1ywcv2",""),this.browserStorage.setInteractionInProgress(!1),Promise.resolve(null);const n=this.getAllAccounts(),o=this.browserStorage.getCachedNativeRequest(),i=o&&this.platformAuthProvider&&!t?.hash;let s,a;this.eventHandler.emitEvent(pc.HANDLE_REDIRECT_START,e.InteractionType.Redirect);try{if(i&&this.platformAuthProvider){const e=o?.correlationId||"";s=this.performanceClient.startMeasurement(Ka,e),this.logger.trace("12v7is",e);const t=new zc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,is.handleRedirectPromise,this.performanceClient,this.platformAuthProvider,o.accountId,this.nativeInternalStorage,o.correlationId);a=Un(t.handleRedirectPromise.bind(t),"handleNativeRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(this.performanceClient,s.event.correlationId)}else{const[e,r]=this.browserStorage.getCachedRequest(""),n=e.correlationId;s=this.performanceClient.startMeasurement(Ka,n),this.logger.trace("0znzs5",n);const o=this.createRedirectClient(n);a=Un(o.handleRedirectPromise.bind(o),"handleRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(e,r,s,t)}}catch(e){throw this.browserStorage.resetRequestCache(""),e}return a.then((t=>{if(t){this.browserStorage.resetRequestCache(t.correlationId),this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Redirect,t),this.logger.verbose("0ui8f5",t.correlationId);n.length<this.getAllAccounts().length&&(this.eventHandler.emitEvent(pc.LOGIN_SUCCESS,e.InteractionType.Redirect,t.account),this.logger.verbose("16im3l",t.correlationId)),s.end({success:!0},void 0,t.account)}else s.event.errorCode?s.end({success:!1},void 0):s.discard();return this.eventHandler.emitEvent(pc.HANDLE_REDIRECT_END,e.InteractionType.Redirect),t})).catch((t=>{this.browserStorage.resetRequestCache(s.event.correlationId);const r=t;throw this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Redirect,null,r),this.eventHandler.emitEvent(pc.HANDLE_REDIRECT_END,e.InteractionType.Redirect),s.end({success:!1},r),t}))}async acquireTokenRedirect(t){const r=this.getRequestCorrelationId(t);this.logger.verbose("0os66p",r);const n=this.performanceClient.startMeasurement(Fa,r);n.add({scenarioId:t.scenarioId});const o=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=e=>{const r="function"==typeof o?o(e):void 0;return n.add({navigateCallbackResult:!1!==r}),n.event=n.end({success:!0},void 0,t.account)||n.event,r};try{let o;if(ha(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Qi),this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_START,e.InteractionType.Redirect,t),this.platformAuthProvider&&this.canUsePlatformBroker(t)){o=new zc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,is.acquireTokenRedirect,this.performanceClient,this.platformAuthProvider,this.getNativeAccountId(t),this.nativeInternalStorage,r).acquireTokenRedirect(t,n).catch((e=>{if(e instanceof Dc&&Fc(e)){this.platformAuthProvider=void 0;return this.createRedirectClient(r).acquireToken(t)}if(e instanceof fn){this.logger.verbose("1ipyz4",r);return this.createRedirectClient(r).acquireToken(t)}throw e}))}else{o=this.createRedirectClient(r).acquireToken(t)}return await o}catch(o){throw this.browserStorage.resetRequestCache(r),2===n.event.status?this.performanceClient.startMeasurement(Ka,r).end({success:!1},o,t.account):n.end({success:!1},o,t.account),this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Redirect,null,o),o}}acquireTokenPopup(t){const r=this.getRequestCorrelationId(t),n=this.performanceClient.startMeasurement(Da,r);n.add({scenarioId:t.scenarioId});try{this.logger.verbose("0ch87b",r),vh(this.initialized,n,t.account),this.browserStorage.setInteractionInProgress(!0,Qi,t.overrideInteractionInProgress,r)}catch(e){return Promise.reject(e)}const o=this.getAllAccounts();let i;this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_START,e.InteractionType.Popup,t);const s=this.getPreGeneratedPkceCodes(r);if(this.canUsePlatformBroker(t))i=this.acquireTokenNative({...t,correlationId:r},is.acquireTokenPopup).then((e=>(n.end({success:!0,isNativeBroker:!0},void 0,e.account),e))).catch((e=>{if(e instanceof Dc&&Fc(e)){this.platformAuthProvider=void 0;return this.createPopupClient(r).acquireToken(t,s)}if(e instanceof fn){this.logger.verbose("0yy5fw",r);return this.createPopupClient(r).acquireToken(t,s)}throw e}));else{i=this.createPopupClient(r).acquireToken(t,s)}return i.then((t=>{const r=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Popup,t),r&&this.eventHandler.emitEvent(pc.LOGIN_SUCCESS,e.InteractionType.Popup,t.account),n.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t})).catch((r=>(this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Popup,null,r),n.end({success:!1},r,t.account),Promise.reject(r)))).finally((async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.navigatePopups||await this.preGeneratePkceCodes(r)}))}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;e&&e.increment({visibilityChangeCount:1})}async ssoSilent(t){const r=this.getRequestCorrelationId(t),n={...t,prompt:t.prompt,correlationId:r};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(Ba,r),this.ssoSilentMeasurement?.add({scenarioId:t.scenarioId}),vh(this.initialized,this.ssoSilentMeasurement,t.account),this.ssoSilentMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const o=this.getAllAccounts();let i;if(this.logger.verbose("0w1b45",r),this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,n),this.canUsePlatformBroker(n))i=this.acquireTokenNative(n,is.ssoSilent).catch((e=>{if(e instanceof Dc&&Fc(e)){this.platformAuthProvider=void 0;return this.createSilentIframeClient(n.correlationId).acquireToken(n)}throw e}));else{i=this.createSilentIframeClient(n.correlationId).acquireToken(n)}return i.then((t=>{const r=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,t),r&&this.eventHandler.emitEvent(pc.LOGIN_SUCCESS,e.InteractionType.Silent,t.account),this.ssoSilentMeasurement?.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t})).catch((r=>{throw this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,r),this.ssoSilentMeasurement?.end({success:!1},r,t.account),r})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenByCode(t){const r=this.getRequestCorrelationId(t);this.logger.trace("0ch6ga",r);const n=this.performanceClient.startMeasurement(Ha,r);vh(this.initialized,n),this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,t),n.add({scenarioId:t.scenarioId});try{if(t.code&&t.nativeAccountId)throw Ei(li);if(t.code){const o=t.code;let i=this.hybridAuthCodeResponses.get(o);return i?(this.logger.verbose("0qgp28",r),n.discard()):(this.logger.verbose("06eh73",r),i=this.acquireTokenByCodeAsync({...t,correlationId:r}).then((t=>(this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,t),this.hybridAuthCodeResponses.delete(o),n.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((t=>{throw this.hybridAuthCodeResponses.delete(o),this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),n.end({success:!1},t),t})),this.hybridAuthCodeResponses.set(o,i)),await i}if(t.nativeAccountId){if(this.canUsePlatformBroker(t,t.nativeAccountId)){const e=await this.acquireTokenNative({...t,correlationId:r},is.acquireTokenByCode,t.nativeAccountId).catch((e=>{throw e instanceof Dc&&Fc(e)&&(this.platformAuthProvider=void 0),e}));return n.end({success:!0},void 0,e.account),e}throw Ei(ui)}throw Ei(hi)}catch(t){throw this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),n.end({success:!1},t),t}}async acquireTokenByCodeAsync(e){const t=this.getRequestCorrelationId(e);this.logger.trace("10d9hy",t),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement("acquireTokenByCodeAsync",t),this.acquireTokenByCodeAsyncMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const r=this.createSilentAuthCodeClient(t);return await r.acquireToken(e).then((e=>(this.acquireTokenByCodeAsyncMeasurement?.end({success:!0,fromCache:e.fromCache,isNativeBroker:e.fromPlatformBroker}),e))).catch((e=>{throw this.acquireTokenByCodeAsyncMeasurement?.end({success:!1},e),e})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenFromCache(e,t){switch(t){case ds.Default:case ds.AccessToken:case ds.AccessTokenAndRefreshToken:const t=this.createSilentCacheClient(e.correlationId);return Un(t.acquireToken.bind(t),"silentCacheClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw be(ft)}}async acquireTokenByRefreshToken(e,t){switch(t){case ds.Default:case ds.AccessTokenAndRefreshToken:case ds.RefreshToken:case ds.RefreshTokenAndNetwork:const t=this.createSilentRefreshClient(e.correlationId);return Un(t.acquireToken.bind(t),"silentRefreshClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw be(ft)}}async acquireTokenBySilentIframe(e){const t=this.createSilentIframeClient(e.correlationId);return Un(t.acquireToken.bind(t),"silentIframeClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e)}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);ha(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Vi);return this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);ca(this.initialized),this.browserStorage.setInteractionInProgress(!0,Vi);return this.createPopupClient(t).logout(e).finally((()=>{this.browserStorage.setInteractionInProgress(!1)}))}catch(e){return Promise.reject(e)}}async clearCache(e){if(!this.isBrowserEnvironment)return;const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return vc(this.logger,this.browserStorage,this.isBrowserEnvironment,this.getRequestCorrelationId(),e)}getAccount(e){return kc(e,this.logger,this.browserStorage,this.getRequestCorrelationId())}setActiveAccount(e){Tc(e,this.browserStorage,this.getRequestCorrelationId())}getActiveAccount(){return bc(this.browserStorage,this.getRequestCorrelationId())}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=Fr(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,Ir(e.idTokenClaims)),e.fromPlatformBroker?(this.logger.verbose("1fxyu8",e.correlationId),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,r,n){const o=this.getRequestCorrelationId(e);if(this.logger.trace("0b9y3p",o),!this.platformAuthProvider)throw Ei(mi);return new zc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.platformAuthProvider,r||this.getNativeAccountId(e),this.nativeInternalStorage,o).acquireToken(e,n)}canUsePlatformBroker(e,t){const r=this.getRequestCorrelationId(e);if(this.logger.trace("1n9lbl",r),!this.platformAuthProvider)return this.logger.trace("0vnu11",r),!1;if(!hh(this.config,this.logger,r,this.platformAuthProvider,e.authenticationScheme))return this.logger.trace("1m4bzf",r),!1;if(e.prompt)switch(e.prompt){case R.NONE:case R.CONSENT:case R.LOGIN:this.logger.trace("0vdv8e",r);break;default:return this.logger.trace("0pdzw6",r),!1}return!(!t&&!this.getNativeAccountId(e))||(this.logger.trace("16lbtk",r),!1)}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||this.getActiveAccount();return t&&t.nativeAccountId||""}createPopupClient(e){return new lh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createRedirectClient(e){return new dh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentIframeClient(e){return new yh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,is.ssoSilent,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentCacheClient(e){return new Bc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentRefreshClient(e){return new wh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentAuthCodeClient(e){return new Ch(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,is.acquireTokenByCode,this.performanceClient,e,this.platformAuthProvider)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return sa(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e?.correlationId?e.correlationId:this.isBrowserEnvironment?Ms():""}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0lz9hf",t),this.acquireTokenRedirect({correlationId:t,...e||cs})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0qw7v5",t),this.acquireTokenPopup({correlationId:t,...e||cs})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(La,t);r.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),vh(this.initialized,r,e.account),this.logger.verbose("0x1c4s",t);const n=e.account||this.getActiveAccount();if(!n)throw Ei(Xo);return this.acquireTokenSilentDeduped(e,n,t).then((n=>(r.end({success:!0,fromCache:n.fromCache,isNativeBroker:n.fromPlatformBroker,accessTokenSize:n.accessToken.length,idTokenSize:n.idToken.length},void 0,n.account),{...n,state:e.state,correlationId:t}))).catch((e=>{throw e instanceof we&&e.setCorrelationId(t),r.end({success:!1},e,n),e}))}async acquireTokenSilentDeduped(e,t,r){const n=to(this.config.auth.clientId,{...e,authority:e.authority||this.config.auth.authority},t.homeAccountId),o=JSON.stringify(n),i=this.activeSilentTokenRequests.get(o);if(void 0===i){this.logger.verbose("0fcjbk",r),this.performanceClient.addFields({deduped:!1},r);const n=Un(this.acquireTokenSilentAsync.bind(this),"acquireTokenSilentAsync",this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(o,n),n.finally((()=>{this.activeSilentTokenRequests.delete(o)}))}return this.logger.verbose("1yq7nb",r),this.performanceClient.addFields({deduped:!0},r),i}async acquireTokenSilentAsync(t,r){const n=()=>this.trackPageVisibility(t.correlationId);this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,t),t.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},t.correlationId),document.addEventListener("visibilitychange",n);const o=await Un(Mc,"initializeSilentRequest",this.logger,this.performanceClient,t.correlationId)(t,r,this.config,this.performanceClient,this.logger),i=t.cacheLookupPolicy||ds.Default;return this.acquireTokenSilentNoIframe(o,i).catch((async e=>{const t=function(e,t){const r=!(e instanceof fn&&e.subError!==un),n=e.errorCode===Pi||e.errorCode===ft,o=r&&n||e.errorCode===on||e.errorCode===an,i=us.includes(t);return o&&i}(e,i);if(t){if(this.activeIframeRequest){if(i!==ds.Skip){const[t,r]=this.activeIframeRequest;this.logger.verbose("1w8fso",o.correlationId);const n=this.performanceClient.startMeasurement("awaitConcurrentIframe",o.correlationId);n.add({awaitIframeCorrelationId:r});const s=await t;if(n.end({success:s}),s)return this.logger.verbose("0ywzzi",o.correlationId),this.acquireTokenSilentNoIframe(o,i);throw this.logger.info("17y14q",o.correlationId),e}return this.logger.warning("1bd4p8",o.correlationId),Un(this.acquireTokenBySilentIframe.bind(this),fa,this.logger,this.performanceClient,o.correlationId)(o)}{let e;return this.activeIframeRequest=[new Promise((t=>{e=t})),o.correlationId],this.logger.verbose("0rh08z",o.correlationId),Un(this.acquireTokenBySilentIframe.bind(this),fa,this.logger,this.performanceClient,o.correlationId)(o).then((t=>(e(!0),t))).catch((t=>{throw e(!1),t})).finally((()=>{this.activeIframeRequest=void 0}))}}throw e})).then((r=>(this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,r),t.correlationId&&this.performanceClient.addFields({fromCache:r.fromCache,isNativeBroker:r.fromPlatformBroker},t.correlationId),r))).catch((t=>{throw this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,t),t})).finally((()=>{document.removeEventListener("visibilitychange",n)}))}async acquireTokenSilentNoIframe(t,r){return hh(this.config,this.logger,t.correlationId,this.platformAuthProvider,t.authenticationScheme)&&t.account.nativeAccountId?(this.logger.verbose("0sczo4",t.correlationId),this.acquireTokenNative(t,is.acquireTokenSilent_silentFlow,t.account.nativeAccountId,r).catch((async e=>{if(e instanceof Dc&&Fc(e))throw this.logger.verbose("07rkmb",t.correlationId),this.platformAuthProvider=void 0,be(ft);throw e}))):(this.logger.verbose("0ox81t",t.correlationId),r===ds.AccessToken&&this.logger.verbose("0fvwxe",t.correlationId),Un(this.acquireTokenFromCache.bind(this),"acquireTokenFromCache",this.logger,this.performanceClient,t.correlationId)(t,r).catch((n=>{if(r===ds.AccessToken)throw n;return this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_NETWORK_START,e.InteractionType.Silent,t),Un(this.acquireTokenByRefreshToken.bind(this),"acquireTokenByRefreshToken",this.logger,this.performanceClient,t.correlationId)(t,r)})))}async preGeneratePkceCodes(e){return this.logger.verbose("1x6uj6",e),this.pkceCode=await Un(Yc,Ea,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,t?this.logger.verbose("12js1o",e):this.logger.verbose("1oe9ci",e),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}logMultipleInstances(e,t){const r=this.config.auth.clientId;if(!window)return;window.msal=window.msal||{},window.msal.clientIds=window.msal.clientIds||[];window.msal.clientIds.length>0&&this.logger.verbose("1qtz3l",t),window.msal.clientIds.push(r),function(e,t,r,n){const o=window.msal?.clientIds||[],i=o.length,s=o.filter((t=>t===e)).length;s>1&&r.warning("1e88vg",n),t.add({msalInstanceCount:i,sameClientIdInstanceCount:s})}(r,e,this.logger,t)}}class Th{static loggerCallback(t,r){switch(t){case e.LogLevel.Error:return void console.error(r);case e.LogLevel.Info:return void console.info(r);case e.LogLevel.Verbose:return void console.debug(r);case e.LogLevel.Warning:return void console.warn(r);default:return void console.log(r)}}constructor(t){let r;this.browserEnvironment="undefined"!=typeof window,this.config=ih(t,this.browserEnvironment);try{r=window[Ji.SessionStorage]}catch(e){}const n=r?.getItem(Qa),o=r?.getItem(Va)?.toLowerCase(),i="true"===o||"false"!==o&&void 0,s={...this.config.system.loggerOptions},a=n&&Object.keys(e.LogLevel).includes(n)?e.LogLevel[n]:void 0;a&&(s.loggerCallback=Th.loggerCallback,s.logLevel=a),void 0!==i&&(s.piiLoggingEnabled=i),this.logger=new dr(s,mc,fc),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}class bh extends Th{getModuleName(){return bh.MODULE_NAME}getId(){return bh.ID}async initialize(e){return this.available="undefined"!=typeof window,this.available}}bh.MODULE_NAME="",bh.ID="StandardOperatingContext";const Ah="USER_INTERACTION_REQUIRED",Sh="USER_CANCEL",_h="NO_NETWORK",Eh="TRANSIENT_ERROR",Ph="PERSISTENT_ERROR",Rh="DISABLED",Oh="ACCOUNT_UNAVAILABLE",Mh="NESTED_APP_AUTH_UNAVAILABLE";class xh{constructor(e,t,r,n){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=n}toNaaTokenRequest(e){let t;t=void 0===e.extraQueryParameters?new Map:new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId||this.crypto.createNewGuid(),n=Vt(e.claims,this.clientCapabilities),o=e.scopes||p;return{platformBrokerId:e.account?.homeAccountId,clientId:this.clientId,authority:e.authority,scope:o.join(" "),correlationId:r,claims:ke.isEmptyObj(n)?void 0:n,state:e.state,authenticationScheme:e.authenticationScheme||G.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token||!t.token.access_token)throw be(Qe);const n=Tn(r+(t.token.expires_in||0)),o=wr(t.token.id_token,this.crypto.base64Decode),i=this.fromNaaAccountInfo(t.account,t.token.id_token,o),s=t.token.scope||e.scope;return{authority:t.token.authority||i.environment,uniqueId:i.localAccountId,tenantId:i.tenantId,scopes:s.split(" "),account:i,idToken:t.token.id_token,idTokenClaims:o,accessToken:t.token.access_token,fromCache:!1,expiresOn:n,tokenType:e.authenticationScheme||G.BEARER,correlationId:e.correlationId,extExpiresOn:n,state:e.state}}fromNaaAccountInfo(e,t,r){const n=r||e.idTokenClaims,o=e.localAccountId||n?.oid||n?.sub||"",i=e.tenantId||n?.tid||"",s=e.homeAccountId||`${o}.${i}`,a=e.username||n?.preferred_username||"",c=e.name||n?.name,h=e.loginHint||n?.login_hint,l=new Map,d=fr(s,o,i,n);l.set(i,d);return{homeAccountId:s,environment:e.environment,tenantId:i,username:a,localAccountId:o,name:c,loginHint:h,idToken:t,idTokenClaims:n,tenantProfiles:l}}fromBridgeError(e){if(!function(e){return void 0!==e.status}(e))return new we("unknown_error","An unknown error occurred");switch(e.status){case Sh:return new Te(Tt);case _h:return new Te(kt);case Oh:return new Te(pt);case Rh:return new Te(At);case Mh:return new Te(e.code||At,e.description);case Eh:case Ph:return new nn(e.code,e.description);case Ah:return new fn(e.code,e.description);default:return new we(e.code,e.description)}}toAuthenticationResultFromCache(e,t,r,n,o){if(!t||!r)throw be(Qe);const i=wr(t.secret,this.crypto.base64Decode),s=r.target||n.scopes.join(" ");return{authority:r.environment||e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:s.split(" "),account:e,idToken:t.secret,idTokenClaims:i||{},accessToken:r.secret,fromCache:!0,expiresOn:Tn(r.expiresOn),extExpiresOn:Tn(r.extendedExpiresOn),tokenType:n.authenticationScheme||G.BEARER,correlationId:o,state:n.state}}}class qh extends we{constructor(e,t){super(e,t),Object.setPrototypeOf(this,qh.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(){return new qh("unsupported_method")}}class Nh{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(void 0===t)throw new Error("unexpected: bridgeProxy is undefined");this.bridgeProxy=t,this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new Na(this.logger,this.performanceClient,!0):ar,this.eventHandler=new Ac(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new wc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,uo(this.config.auth)):Cc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new xh(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r||null}static async createController(e){const t=new Nh(e);return Promise.resolve(t)}async initialize(e,t){const r=e?.correlationId||Ms();return await this.browserStorage.initialize(r),Promise.resolve()}ensureValidRequest(e){return e?.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(t){const r=this.ensureValidRequest(t),n=r.correlationId||Ms();this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_START,e.InteractionType.Popup,r);const o=this.performanceClient.startMeasurement(Da,n);o.add({nestedAppAuthRequest:!0});try{const i=this.nestedAppAuthAdapter.toNaaTokenRequest(r),s=vn(),a=await this.bridgeProxy.getTokenInteractive(i),c={...this.nestedAppAuthAdapter.fromNaaTokenResponse(i,a,s)};try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Popup,c),o.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),o.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const n=r instanceof we?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Popup,null,r),o.end({success:!1},r,t.account),n}}async acquireTokenSilentInternal(t){const r=this.ensureValidRequest(t),n=r.correlationId||Ms();this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_START,e.InteractionType.Silent,r);const o=await this.acquireTokenFromCache(r);if(o)return this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,o),o;const i=this.performanceClient.startMeasurement(Ba,n);i.increment({visibilityChangeCount:0}),i.add({nestedAppAuthRequest:!0});try{const o=this.nestedAppAuthAdapter.toNaaTokenRequest(r);o.forceRefresh=r.forceRefresh;const s=vn(),a=await this.bridgeProxy.getTokenSilent(o),c=this.nestedAppAuthAdapter.fromNaaTokenResponse(o,a,s);try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,c),i?.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),i?.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const n=r instanceof we?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null,r),i?.end({success:!1},r,t.account),n}}async acquireTokenFromCache(t){const r=t.correlationId||Ms(),n=this.performanceClient.startMeasurement(La,r);if(n?.add({nestedAppAuthRequest:!0}),t.claims)return this.logger.verbose("11t57w",r),null;if(t.forceRefresh)return this.logger.verbose("1ovnmo",r),null;let o=null;switch(t.cacheLookupPolicy||(t.cacheLookupPolicy=ds.Default),t.cacheLookupPolicy){case ds.Default:case ds.AccessToken:case ds.AccessTokenAndRefreshToken:o=await this.acquireTokenFromCacheInternal(t);break;default:return null}return o?(this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_SUCCESS,e.InteractionType.Silent,o),n.add({accessTokenSize:o.accessToken.length,idTokenSize:o.idToken.length}),n.end({success:!0},void 0,o.account),o):(this.logger.warning("1yb4fi",r),this.eventHandler.emitEvent(pc.ACQUIRE_TOKEN_FAILURE,e.InteractionType.Silent,null),n.end({success:!1},void 0,t.account),null)}async acquireTokenFromCacheInternal(e){const t=this.bridgeProxy.getAccountContext()||this.currentAccountContext,r=e.correlationId||Ms();let n=null;if(t&&(n=kc(t,this.logger,this.browserStorage,r)),!n)return this.logger.verbose("10qnr0",r),Promise.resolve(null);this.logger.verbose("1u7hux",r);const o={...e,correlationId:r,authority:e.authority||n.environment,scopes:e.scopes?.length?e.scopes:[...p]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(n,o,i,n.tenantId);if(!s)return this.logger.verbose("03vm49",r),Promise.resolve(null);if(Sn(s.cachedAt)||bn(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("18egye",r),Promise.resolve(null);const a=this.browserStorage.getIdToken(n,o.correlationId,i,n.tenantId);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(n,a,s,o,o.correlationId):(this.logger.verbose("0d68kd",r),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw qh.createUnsupportedError()}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw qh.createUnsupportedError()}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw qh.createUnsupportedError()}removePerformanceCallback(e){throw qh.createUnsupportedError()}getAllAccounts(e){return vc(this.logger,this.browserStorage,this.isBrowserEnv(),Ms(),e)}getAccount(e){return kc(e,this.logger,this.browserStorage,Ms())}setActiveAccount(e){return Tc(e,this.browserStorage,Ms())}getActiveAccount(){return bc(this.browserStorage,Ms())}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e||cs)}loginRedirect(e){throw qh.createUnsupportedError()}logoutRedirect(e){throw qh.createUnsupportedError()}logoutPopup(e){throw qh.createUnsupportedError()}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("1k8729","")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw qh.createUnsupportedError()}getRedirectResponse(){throw qh.createUnsupportedError()}async clearCache(e){throw qh.createUnsupportedError()}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=Fr(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,Ir(e.idTokenClaims)),this.browserStorage.hydrateCache(e,t)}}class Uh{static async initializeNestedAppAuthBridge(){if(void 0===window)throw new Error("window is undefined");if(void 0===window.nestedAppAuthBridge)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",(e=>{const t="string"==typeof e?e:e.data,r=JSON.parse(t),n=Uh.bridgeRequests.find((e=>e.requestId===r.requestId));void 0!==n&&(Uh.bridgeRequests.splice(Uh.bridgeRequests.indexOf(n),1),r.success?n.resolve(r):n.reject(r.error))}));const e=await new Promise(((e,t)=>{const r=Uh.buildRequest("GetInitContext"),n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Uh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}));return Uh.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:Uh.validateBridgeResultOrThrow(r.token),account:Uh.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:Ms(),sendTime:Date.now(),clientLibrary:xi,clientLibraryVersion:fc,...t}}sendRequest(e,t){const r=Uh.buildRequest(e,t);return new Promise(((e,t)=>{const n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Uh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}))}static validateBridgeResultOrThrow(e){if(void 0===e){throw{status:Mh}}return e}constructor(e,t,r,n){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=n}static async create(){const e=await Uh.initializeNestedAppAuthBridge();return new Uh(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}Uh.bridgeRequests=[];class Lh extends Th{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return Lh.MODULE_NAME}getId(){return Lh.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(e){try{if("undefined"!=typeof window){"function"==typeof window.__initializeNestedAppAuth&&await window.__initializeNestedAppAuth();const e=await Uh.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=void 0!==e}}catch(t){this.logger.infoPii("1mdxyj",e)}return this.logger.info("12jy9a",e),this.available}}Lh.MODULE_NAME="",Lh.ID="NestedAppOperatingContext";class Hh{constructor(e,t){this.controller=t||new kh(new bh(e))}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}getAccount(e){return this.controller.getAccount(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function Dh(e){const t=new Hh(e);return await t.initialize(),t}const Fh={initialize:()=>Promise.reject(Js(Bs)),acquireTokenPopup:()=>Promise.reject(Js(Bs)),acquireTokenRedirect:()=>Promise.reject(Js(Bs)),acquireTokenSilent:()=>Promise.reject(Js(Bs)),acquireTokenByCode:()=>Promise.reject(Js(Bs)),getAllAccounts:()=>[],getAccount:()=>null,handleRedirectPromise:()=>Promise.reject(Js(Bs)),loginPopup:()=>Promise.reject(Js(Bs)),loginRedirect:()=>Promise.reject(Js(Bs)),logoutRedirect:()=>Promise.reject(Js(Bs)),logoutPopup:()=>Promise.reject(Js(Bs)),ssoSilent:()=>Promise.reject(Js(Bs)),addEventCallback:()=>null,removeEventCallback:()=>{},addPerformanceCallback:()=>"",removePerformanceCallback:()=>!1,getLogger:()=>{throw Js(Bs)},setLogger:()=>{},setActiveAccount:()=>{},getActiveAccount:()=>null,initializeWrapperLibrary:()=>{},setNavigationClient:()=>{},getConfiguration:()=>{throw Js(Bs)},hydrateCache:()=>Promise.reject(Js(Bs)),clearCache:()=>Promise.reject(Js(Bs))};async function Kh(e,t,r,n,o,i,s,a){if(o.verbose("0ke46k",r),e.account){const t=Fr(e.account);return await n.setAccount(t,r,Ir(s||{})),t}if(!a||!t&&!s)throw o.error("1ychpz",r),Ei(si);const c=Kr(t,a.authorityType,o,i,r,s),h=s?.tid,l=Xn(n,a,c,ys,r,s,t,a.hostnameAndPort,h,void 0,void 0,o);return await n.setAccount(l,r,Ir(s||{})),l}async function Bh(e,t,r,n,o,i,s,a,c){if(!e.id_token)return a.verbose("1pm7g1",i),null;a.verbose("168lyi",i);const h=Fn(t,r,e.id_token,c,n);return await s.setIdTokenCredential(h,i,o),h}async function zh(e,t,r,n,o,i,s,a,c,h,l){if(!t.access_token)return h.verbose("1ckp9e",a),null;if(!t.expires_in)return h.error("15mzx8",a),null;if(!(t.scope||e.scopes&&e.scopes.length))return h.error("1h7xse",a),null;h.verbose("01kmxb",a);const d=t.scope?_t.fromString(t.scope):new _t(e.scopes),u=s.expiresOn||t.expires_in+vn(),g=s.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+vn(),p=Kn(r,n,t.access_token,l,o,d.printScopes(),u,g,ys);return await c.setAccessTokenCredential(p,a,i),p}async function jh(e,t,r,n,o,i,s,a){if(!e.refresh_token)return s.verbose("1l7um5",o),null;s.verbose("0qy8ev",o);const c=Bn(t,r,e.refresh_token,a,e.foci,void 0,e.refresh_token_expires_in);return await i.setRefreshTokenCredential(c,o,n),c}function $h(){let e;try{e=window[Ji.SessionStorage];const t=e?.getItem(Xa);if(1===Number(t))return Promise.resolve().then((function(){return Qh}))}catch(e){}}function Jh(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.now}function Wh(e){if(e&&Jh())return Math.round(window.performance.now()-e)}class Gh{constructor(e,t){this.correlationId=t,this.measureName=Gh.makeMeasureName(e,t),this.startMark=Gh.makeStartMark(e,t),this.endMark=Gh.makeEndMark(e,t)}static makeMeasureName(e,t){return`msal.measure.${e}.${t}`}static makeStartMark(e,t){return`msal.start.${e}.${t}`}static makeEndMark(e,t){return`msal.end.${e}.${t}`}static supportsBrowserPerformance(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.mark&&"function"==typeof window.performance.measure&&"function"==typeof window.performance.clearMarks&&"function"==typeof window.performance.clearMeasures&&"function"==typeof window.performance.getEntriesByName}static flushMeasurements(e,t){if(Gh.supportsBrowserPerformance())try{t.forEach((t=>{const r=Gh.makeMeasureName(t.name,e);window.performance.getEntriesByName(r,"measure").length>0&&(window.performance.clearMeasures(r),window.performance.clearMarks(Gh.makeStartMark(r,e)),window.performance.clearMarks(Gh.makeEndMark(r,e)))}))}catch(e){}}startMeasurement(){if(Gh.supportsBrowserPerformance())try{window.performance.mark(this.startMark)}catch(e){}}endMeasurement(){if(Gh.supportsBrowserPerformance())try{window.performance.mark(this.endMark),window.performance.measure(this.measureName,this.startMark,this.endMark)}catch(e){}}flushMeasurement(){if(Gh.supportsBrowserPerformance())try{const e=window.performance.getEntriesByName(this.measureName,"measure");if(e.length>0){const t=e[0].duration;return window.performance.clearMeasures(this.measureName),window.performance.clearMarks(this.startMark),window.performance.clearMarks(this.endMark),t}}catch(e){}return null}}var Qh=Object.freeze({__proto__:null,BrowserPerformanceMeasurement:Gh});const Vh=G,Xh=x,Yh=R,Zh=ae,el=p;e.ApiId=is,e.AuthError=we,e.AuthErrorCodes=ko,e.AuthenticationHeaderParser=class{constructor(e){this.headers=e}getShrNonce(){const e=this.headers[v];if(e){const t=this.parseChallenges(e);if(t.nextnonce)return t.nextnonce;throw ve(Fe)}const t=this.headers[C];if(t){const e=this.parseChallenges(t);if(e.nonce)return e.nonce;throw ve(Fe)}throw ve(De)}parseChallenges(e){const t=e.indexOf(" "),r=e.substr(t+1).split(","),n={};return r.forEach((e=>{const[t,r]=e.split("=");n[t]=unescape(r.replace(/['"]+/g,""))})),n}},e.AuthenticationScheme=Vh,e.AzureCloudInstance=pr,e.BrowserAuthError=_i,e.BrowserAuthErrorCodes=Ai,e.BrowserCacheLocation=Ji,e.BrowserConfigurationAuthError=$s,e.BrowserConfigurationAuthErrorCodes=js,e.BrowserPerformanceClient=class extends Ro{constructor(e,r){super(e.auth.clientId,e.auth.authority||`${t}`,new dr(e.system?.loggerOptions||{},mc,fc),mc,fc,e.telemetry?.application||{appName:"",appVersion:""},r)}generateId(){return Ms()}getPageVisibility(){return document.visibilityState?.toString()||null}deleteIncompleteSubMeasurements(e){$h()?.then((t=>{const r=this.eventsByCorrelationId.get(e.event.correlationId),n=r&&r.eventId===e.event.eventId,o=[];n&&r?.incompleteSubMeasurements&&r.incompleteSubMeasurements.forEach((e=>{o.push({...e})})),t.BrowserPerformanceMeasurement.flushMeasurements(e.event.correlationId,o)}))}startMeasurement(e,t){const r=this.getPageVisibility(),n=super.startMeasurement(e,t),o=Jh()?window.performance.now():void 0,i=$h()?.then((t=>new t.BrowserPerformanceMeasurement(e,n.event.correlationId)));return i?.then((e=>e.startMeasurement())),{...n,end:(e,t,s)=>{const a=n.end({...e,startPageVisibility:r,endPageVisibility:this.getPageVisibility(),durationMs:Wh(o)},t,s);return i?.then((e=>e.endMeasurement())),this.deleteIncompleteSubMeasurements(n),a},discard:()=>{n.discard(),i?.then((e=>e.flushMeasurement())),this.deleteIncompleteSubMeasurements(n)}}}},e.BrowserPerformanceMeasurement=Gh,e.BrowserRootPerformanceEvents=Ja,e.BrowserUtils=ga,e.CacheLookupPolicy=ds,e.ClientAuthError=Te,e.ClientAuthErrorCodes=St,e.ClientConfigurationError=Ce,e.ClientConfigurationErrorCodes=$e,e.DEFAULT_IFRAME_TIMEOUT_MS=1e4,e.EventHandler=Ac,e.EventMessageUtils=class{static getInteractionStatusFromEvent(t,r){switch(t.eventType){case pc.ACQUIRE_TOKEN_START:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup)return as.AcquireToken;break;case pc.HANDLE_REDIRECT_START:return as.HandleRedirect;case pc.LOGOUT_START:return as.Logout;case pc.LOGOUT_END:if(r&&r!==as.Logout)break;return as.None;case pc.HANDLE_REDIRECT_END:if(r&&r!==as.HandleRedirect)break;return as.None;case pc.ACQUIRE_TOKEN_SUCCESS:case pc.ACQUIRE_TOKEN_FAILURE:case pc.RESTORE_FROM_BFCACHE:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup){if(r&&r!==as.AcquireToken)break;return as.None}}return null}},e.EventType=pc,e.InteractionRequiredAuthError=fn,e.InteractionRequiredAuthErrorCodes=gn,e.InteractionStatus=as,e.JsonWebTokenTypes=Zh,e.LocalStorage=uc,e.Logger=dr,e.MemoryStorage=xa,e.NavigationClient=th,e.OIDC_DEFAULT_SCOPES=el,e.PromptValue=Yh,e.ProtocolMode=Hr,e.PublicClientApplication=Hh,e.ResponseMode=Xh,e.ServerError=nn,e.SessionStorage=gc,e.SignedHttpRequest=class{constructor(e,t){const r=t&&t.loggerOptions||{};this.logger=new dr(r,mc,fc),this.cryptoOps=new Na(this.logger),this.popTokenGenerator=new Hn(this.cryptoOps,new Wr),this.shrParameters=e}async generatePublicKeyThumbprint(){const{kid:e}=await this.popTokenGenerator.generateKid(this.shrParameters);return e}async signRequest(e,t,r){return this.popTokenGenerator.signPayload(e,t,this.shrParameters,r)}async removeKeys(e,t){return this.cryptoOps.removeTokenBindingKey(e,t)}},e.StubPerformanceClient=Wr,e.WrapperSKU={React:"@azure/msal-react",Angular:"@azure/msal-angular"},e.createNestablePublicClientApplication=async function(e,t,r){const n=t||Ms(),o=new Lh(e);if(await o.initialize(n),o.isAvailable()){const t=new Nh(o),i=r?r(e,t):new Hh(e,t);return await i.initialize({correlationId:n}),i}return Dh(e)},e.createStandardPublicClientApplication=Dh,e.isPlatformBrokerAvailable=async function(e,t,r){const n=new dr(e||{},mc,fc),o=r||"";n.trace("07660b",o);const i=t||new Wr;return"undefined"==typeof window?(n.trace("082ed3",o),!1):!!await ch(n,i,o)},e.loadExternalTokens=async function(e,t,r,n,o=new Wr){sa();const i=ih(e,!0),s=t.correlationId||Ms(),a=o.startMeasurement($a,s);try{const c=r.id_token?wr(r.id_token,ys):void 0,h=Ir(c||{}),l={protocolMode:i.system.protocolMode,knownAuthorities:i.auth.knownAuthorities,cloudDiscoveryMetadata:i.auth.cloudDiscoveryMetadata,authorityMetadata:i.auth.authorityMetadata},d=new dr(i.system.loggerOptions||{}),u=new Na(d,i.telemetry.client),g=new wc(i.auth.clientId,i.cache,u,d,i.telemetry.client,new Ac(d),uo(i.auth)),p=t.authority?new ho(ho.generateAuthority(t.authority,t.azureCloudOptions),i.system.networkClient,g,l,d,t.correlationId||Ms(),i.telemetry.client):void 0,m=await Un(Kh,"loadAccount",d,o,s)(t,n.clientInfo||r.client_info||"",s,g,d,u,c,p),f=await Un(Bh,"loadIdToken",d,o,s)(r,m.homeAccountId,m.environment,m.realm,h,s,g,d,e.auth.clientId),y=await Un(zh,"loadAccessToken",d,o,s)(t,r,m.homeAccountId,m.environment,m.realm,h,n,s,g,d,e.auth.clientId),w=await Un(jh,"loadRefreshToken",d,o,s)(r,m.homeAccountId,m.environment,h,s,g,d,e.auth.clientId);return a.end({success:!0},void 0,Dr(m)),function(e,t,r,n){let o,i="",s=[],a=null;t?.accessToken&&(i=t.accessToken.secret,s=_t.fromString(t.accessToken.target).asArray(),a=Tn(t.accessToken.expiresOn),o=Tn(t.accessToken.extendedExpiresOn));const c=t.account;return{authority:n?n.canonicalAuthority:"",uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:Dr(c),idToken:t.idToken?.secret||"",idTokenClaims:r||{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId||"",requestId:"",extExpiresOn:o,familyId:t.refreshToken?.familyId||"",tokenType:t?.accessToken?.tokenType||"",state:e.state||"",cloudGraphHostName:c.cloudGraphHostName||"",msGraphHost:c.msGraphHost||"",fromPlatformBroker:!1}}(t,{account:m,idToken:f,accessToken:y,refreshToken:w},c,p)}catch(e){throw a.end({success:!1},e),e}},e.stubbedPublicClientApplication=Fh,e.version=fc}));