@azure/msal-browser 5.10.0 → 5.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +18 -32
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +2 -3
- package/dist/cache/CacheKeys.mjs.map +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.mjs +2 -2
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.mjs +11 -2
- package/dist/custom_auth/CustomAuthConstants.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom_auth/controller/CustomAuthStandardController.mjs +2 -2
- package/dist/custom_auth/controller/CustomAuthStandardController.mjs.map +1 -1
- package/dist/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +21 -3
- package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +6 -6
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +3 -3
- package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +3 -3
- package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +3 -3
- package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs +56 -0
- package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs.map +1 -0
- package/dist/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom_auth/index.mjs +1 -1
- package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +6 -4
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +21 -9
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/redirect_bridge/index.mjs +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +21 -9
- package/lib/custom-auth-path/msal-custom-auth.cjs +319 -107
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.js +319 -107
- package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
- package/lib/log-strings-mapping.json +8 -8
- package/lib/msal-browser.cjs +241 -104
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +241 -104
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.cjs +10 -10
- package/lib/redirect-bridge/msal-redirect-bridge.cjs.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthProvider.ts +34 -30
- package/src/config/Configuration.ts +5 -0
- package/src/controllers/StandardController.ts +2 -1
- package/src/custom_auth/CustomAuthConstants.ts +10 -0
- package/src/custom_auth/configuration/CustomAuthConfiguration.ts +2 -0
- package/src/custom_auth/configuration/CustomAuthRequestInterceptor.ts +54 -0
- package/src/custom_auth/controller/CustomAuthStandardController.ts +3 -1
- package/src/custom_auth/core/network_client/custom_auth_api/BaseApiClient.ts +41 -2
- package/src/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.ts +17 -5
- package/src/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.ts +8 -2
- package/src/custom_auth/core/network_client/custom_auth_api/SignInApiClient.ts +8 -3
- package/src/custom_auth/core/network_client/custom_auth_api/SignupApiClient.ts +8 -2
- package/src/custom_auth/core/utils/CustomHeaderUtils.ts +75 -0
- package/src/custom_auth/index.ts +4 -0
- package/src/interaction_client/StandardInteractionClient.ts +11 -5
- package/src/packageMetadata.ts +1 -1
- package/types/broker/nativeBroker/PlatformAuthProvider.d.ts +7 -12
- package/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/types/config/Configuration.d.ts +4 -0
- package/types/config/Configuration.d.ts.map +1 -1
- package/types/controllers/StandardController.d.ts.map +1 -1
- package/types/custom_auth/CustomAuthConstants.d.ts +5 -1
- package/types/custom_auth/CustomAuthConstants.d.ts.map +1 -1
- package/types/custom_auth/configuration/CustomAuthConfiguration.d.ts +2 -0
- package/types/custom_auth/configuration/CustomAuthConfiguration.d.ts.map +1 -1
- package/types/custom_auth/configuration/CustomAuthRequestInterceptor.d.ts +42 -0
- package/types/custom_auth/configuration/CustomAuthRequestInterceptor.d.ts.map +1 -0
- package/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
- package/types/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts +6 -2
- package/types/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts.map +1 -1
- package/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts +3 -1
- package/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts.map +1 -1
- package/types/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts +3 -1
- package/types/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts.map +1 -1
- package/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts +3 -1
- package/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts.map +1 -1
- package/types/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts +3 -1
- package/types/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts.map +1 -1
- package/types/custom_auth/core/utils/CustomHeaderUtils.d.ts +21 -0
- package/types/custom_auth/core/utils/CustomHeaderUtils.d.ts.map +1 -0
- package/types/custom_auth/index.d.ts +1 -0
- package/types/custom_auth/index.d.ts.map +1 -1
- package/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/types/packageMetadata.d.ts +1 -1
package/lib/msal-browser.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.
|
|
1
|
+
/*! @azure/msal-browser v5.11.0 2026-05-19 */
|
|
2
2
|
'use strict';
|
|
3
3
|
(function (global, factory) {
|
|
4
4
|
typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
(global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
|
|
7
7
|
})(this, (function (exports) { 'use strict';
|
|
8
8
|
|
|
9
|
-
/*! @azure/msal-common v16.6.
|
|
9
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
10
10
|
/*
|
|
11
11
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
12
12
|
* Licensed under the MIT License.
|
|
@@ -238,7 +238,7 @@
|
|
|
238
238
|
// Token renewal offset default in seconds
|
|
239
239
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
240
240
|
|
|
241
|
-
/*! @azure/msal-common v16.6.
|
|
241
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
242
242
|
/*
|
|
243
243
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
244
244
|
* Licensed under the MIT License.
|
|
@@ -290,7 +290,7 @@
|
|
|
290
290
|
const RESOURCE = "resource";
|
|
291
291
|
const CLI_DATA = "clidata";
|
|
292
292
|
|
|
293
|
-
/*! @azure/msal-common v16.6.
|
|
293
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
294
294
|
/*
|
|
295
295
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
296
296
|
* Licensed under the MIT License.
|
|
@@ -321,7 +321,7 @@
|
|
|
321
321
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
322
322
|
}
|
|
323
323
|
|
|
324
|
-
/*! @azure/msal-common v16.6.
|
|
324
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
325
325
|
|
|
326
326
|
/*
|
|
327
327
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -341,7 +341,7 @@
|
|
|
341
341
|
return new ClientConfigurationError(errorCode);
|
|
342
342
|
}
|
|
343
343
|
|
|
344
|
-
/*! @azure/msal-common v16.6.
|
|
344
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
345
345
|
/*
|
|
346
346
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
347
347
|
* Licensed under the MIT License.
|
|
@@ -421,7 +421,7 @@
|
|
|
421
421
|
}
|
|
422
422
|
}
|
|
423
423
|
|
|
424
|
-
/*! @azure/msal-common v16.6.
|
|
424
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
425
425
|
|
|
426
426
|
/*
|
|
427
427
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -444,7 +444,7 @@
|
|
|
444
444
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
445
445
|
}
|
|
446
446
|
|
|
447
|
-
/*! @azure/msal-common v16.6.
|
|
447
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
448
448
|
/*
|
|
449
449
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
450
450
|
* Licensed under the MIT License.
|
|
@@ -470,7 +470,9 @@
|
|
|
470
470
|
const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
|
|
471
471
|
const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
472
472
|
const authorityMismatch = "authority_mismatch";
|
|
473
|
-
const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
473
|
+
const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
474
|
+
const invalidPlatformBrokerConfiguration = "invalid_platform_broker_configuration";
|
|
475
|
+
const issuerValidationFailed = "issuer_validation_failed";
|
|
474
476
|
|
|
475
477
|
var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
476
478
|
__proto__: null,
|
|
@@ -485,7 +487,9 @@
|
|
|
485
487
|
invalidClaims: invalidClaims,
|
|
486
488
|
invalidCloudDiscoveryMetadata: invalidCloudDiscoveryMetadata,
|
|
487
489
|
invalidCodeChallengeMethod: invalidCodeChallengeMethod,
|
|
490
|
+
invalidPlatformBrokerConfiguration: invalidPlatformBrokerConfiguration,
|
|
488
491
|
invalidRequestMethodForEAR: invalidRequestMethodForEAR,
|
|
492
|
+
issuerValidationFailed: issuerValidationFailed,
|
|
489
493
|
logoutRequestEmpty: logoutRequestEmpty,
|
|
490
494
|
missingNonceAuthenticationHeader: missingNonceAuthenticationHeader,
|
|
491
495
|
missingSshJwk: missingSshJwk,
|
|
@@ -498,7 +502,7 @@
|
|
|
498
502
|
urlParseError: urlParseError
|
|
499
503
|
});
|
|
500
504
|
|
|
501
|
-
/*! @azure/msal-common v16.6.
|
|
505
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
502
506
|
/*
|
|
503
507
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
504
508
|
* Licensed under the MIT License.
|
|
@@ -586,7 +590,7 @@
|
|
|
586
590
|
userCanceled: userCanceled
|
|
587
591
|
});
|
|
588
592
|
|
|
589
|
-
/*! @azure/msal-common v16.6.
|
|
593
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
590
594
|
|
|
591
595
|
/*
|
|
592
596
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -781,7 +785,7 @@
|
|
|
781
785
|
}
|
|
782
786
|
}
|
|
783
787
|
|
|
784
|
-
/*! @azure/msal-common v16.6.
|
|
788
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
785
789
|
|
|
786
790
|
/*
|
|
787
791
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1170,7 +1174,7 @@
|
|
|
1170
1174
|
}
|
|
1171
1175
|
}
|
|
1172
1176
|
|
|
1173
|
-
/*! @azure/msal-common v16.6.
|
|
1177
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
1174
1178
|
|
|
1175
1179
|
/*
|
|
1176
1180
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1279,7 +1283,7 @@
|
|
|
1279
1283
|
}
|
|
1280
1284
|
}
|
|
1281
1285
|
|
|
1282
|
-
/*! @azure/msal-common v16.6.
|
|
1286
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
1283
1287
|
|
|
1284
1288
|
/*
|
|
1285
1289
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1318,7 +1322,7 @@
|
|
|
1318
1322
|
},
|
|
1319
1323
|
};
|
|
1320
1324
|
|
|
1321
|
-
/*! @azure/msal-common v16.6.
|
|
1325
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
1322
1326
|
/*
|
|
1323
1327
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1324
1328
|
* Licensed under the MIT License.
|
|
@@ -1593,12 +1597,12 @@
|
|
|
1593
1597
|
}
|
|
1594
1598
|
}
|
|
1595
1599
|
|
|
1596
|
-
/*! @azure/msal-common v16.6.
|
|
1600
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
1597
1601
|
/* eslint-disable header/header */
|
|
1598
1602
|
const name$1 = "@azure/msal-common";
|
|
1599
|
-
const version$1 = "16.6.
|
|
1603
|
+
const version$1 = "16.6.2";
|
|
1600
1604
|
|
|
1601
|
-
/*! @azure/msal-common v16.6.
|
|
1605
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
1602
1606
|
/*
|
|
1603
1607
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1604
1608
|
* Licensed under the MIT License.
|
|
@@ -1618,7 +1622,7 @@
|
|
|
1618
1622
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
1619
1623
|
};
|
|
1620
1624
|
|
|
1621
|
-
/*! @azure/msal-common v16.6.
|
|
1625
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
1622
1626
|
/*
|
|
1623
1627
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1624
1628
|
* Licensed under the MIT License.
|
|
@@ -1701,7 +1705,7 @@
|
|
|
1701
1705
|
return updatedAccountInfo;
|
|
1702
1706
|
}
|
|
1703
1707
|
|
|
1704
|
-
/*! @azure/msal-common v16.6.
|
|
1708
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
1705
1709
|
|
|
1706
1710
|
/*
|
|
1707
1711
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1781,7 +1785,7 @@
|
|
|
1781
1785
|
}
|
|
1782
1786
|
}
|
|
1783
1787
|
|
|
1784
|
-
/*! @azure/msal-common v16.6.
|
|
1788
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
1785
1789
|
|
|
1786
1790
|
/*
|
|
1787
1791
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1938,7 +1942,7 @@
|
|
|
1938
1942
|
}
|
|
1939
1943
|
}
|
|
1940
1944
|
|
|
1941
|
-
/*! @azure/msal-common v16.6.
|
|
1945
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
1942
1946
|
|
|
1943
1947
|
/*
|
|
1944
1948
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2024,6 +2028,15 @@
|
|
|
2024
2028
|
preferred_cache: "login.sovcloud-identity.sg",
|
|
2025
2029
|
aliases: ["login.sovcloud-identity.sg"],
|
|
2026
2030
|
},
|
|
2031
|
+
{
|
|
2032
|
+
preferred_network: "login.windows-ppe.net",
|
|
2033
|
+
preferred_cache: "login.windows-ppe.net",
|
|
2034
|
+
aliases: [
|
|
2035
|
+
"login.windows-ppe.net",
|
|
2036
|
+
"sts.windows-ppe.net",
|
|
2037
|
+
"login.microsoft-ppe.com",
|
|
2038
|
+
],
|
|
2039
|
+
},
|
|
2027
2040
|
],
|
|
2028
2041
|
},
|
|
2029
2042
|
};
|
|
@@ -2095,7 +2108,7 @@
|
|
|
2095
2108
|
return null;
|
|
2096
2109
|
}
|
|
2097
2110
|
|
|
2098
|
-
/*! @azure/msal-common v16.6.
|
|
2111
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
2099
2112
|
/*
|
|
2100
2113
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2101
2114
|
* Licensed under the MIT License.
|
|
@@ -2103,7 +2116,7 @@
|
|
|
2103
2116
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2104
2117
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2105
2118
|
|
|
2106
|
-
/*! @azure/msal-common v16.6.
|
|
2119
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
2107
2120
|
|
|
2108
2121
|
/*
|
|
2109
2122
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2141,7 +2154,7 @@
|
|
|
2141
2154
|
}
|
|
2142
2155
|
}
|
|
2143
2156
|
|
|
2144
|
-
/*! @azure/msal-common v16.6.
|
|
2157
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
2145
2158
|
|
|
2146
2159
|
/*
|
|
2147
2160
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2179,7 +2192,7 @@
|
|
|
2179
2192
|
};
|
|
2180
2193
|
}
|
|
2181
2194
|
|
|
2182
|
-
/*! @azure/msal-common v16.6.
|
|
2195
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
2183
2196
|
/*
|
|
2184
2197
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2185
2198
|
* Licensed under the MIT License.
|
|
@@ -2194,7 +2207,7 @@
|
|
|
2194
2207
|
Ciam: 3,
|
|
2195
2208
|
};
|
|
2196
2209
|
|
|
2197
|
-
/*! @azure/msal-common v16.6.
|
|
2210
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
2198
2211
|
/*
|
|
2199
2212
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2200
2213
|
* Licensed under the MIT License.
|
|
@@ -2216,7 +2229,7 @@
|
|
|
2216
2229
|
return null;
|
|
2217
2230
|
}
|
|
2218
2231
|
|
|
2219
|
-
/*! @azure/msal-common v16.6.
|
|
2232
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
2220
2233
|
/*
|
|
2221
2234
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2222
2235
|
* Licensed under the MIT License.
|
|
@@ -2240,7 +2253,7 @@
|
|
|
2240
2253
|
EAR: "EAR",
|
|
2241
2254
|
};
|
|
2242
2255
|
|
|
2243
|
-
/*! @azure/msal-common v16.6.
|
|
2256
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
2244
2257
|
/**
|
|
2245
2258
|
* Returns the AccountInfo interface for this account.
|
|
2246
2259
|
*/
|
|
@@ -2415,7 +2428,7 @@
|
|
|
2415
2428
|
entity.hasOwnProperty("authorityType"));
|
|
2416
2429
|
}
|
|
2417
2430
|
|
|
2418
|
-
/*! @azure/msal-common v16.6.
|
|
2431
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
2419
2432
|
|
|
2420
2433
|
/*
|
|
2421
2434
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3547,7 +3560,7 @@
|
|
|
3547
3560
|
}
|
|
3548
3561
|
}
|
|
3549
3562
|
|
|
3550
|
-
/*! @azure/msal-common v16.6.
|
|
3563
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
3551
3564
|
/*
|
|
3552
3565
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3553
3566
|
* Licensed under the MIT License.
|
|
@@ -3598,7 +3611,7 @@
|
|
|
3598
3611
|
"redirectBridgeMessageVersion",
|
|
3599
3612
|
]);
|
|
3600
3613
|
|
|
3601
|
-
/*! @azure/msal-common v16.6.
|
|
3614
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
3602
3615
|
|
|
3603
3616
|
/*
|
|
3604
3617
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3653,7 +3666,7 @@
|
|
|
3653
3666
|
}
|
|
3654
3667
|
}
|
|
3655
3668
|
|
|
3656
|
-
/*! @azure/msal-common v16.6.
|
|
3669
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
3657
3670
|
|
|
3658
3671
|
/*
|
|
3659
3672
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3748,7 +3761,7 @@
|
|
|
3748
3761
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3749
3762
|
}
|
|
3750
3763
|
|
|
3751
|
-
/*! @azure/msal-common v16.6.
|
|
3764
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
3752
3765
|
/*
|
|
3753
3766
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3754
3767
|
* Licensed under the MIT License.
|
|
@@ -3775,7 +3788,7 @@
|
|
|
3775
3788
|
}
|
|
3776
3789
|
}
|
|
3777
3790
|
|
|
3778
|
-
/*! @azure/msal-common v16.6.
|
|
3791
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
3779
3792
|
/*
|
|
3780
3793
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3781
3794
|
* Licensed under the MIT License.
|
|
@@ -3840,7 +3853,7 @@
|
|
|
3840
3853
|
return cachedAtSec > nowSeconds();
|
|
3841
3854
|
}
|
|
3842
3855
|
|
|
3843
|
-
/*! @azure/msal-common v16.6.
|
|
3856
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
3844
3857
|
|
|
3845
3858
|
/*
|
|
3846
3859
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4099,7 +4112,7 @@
|
|
|
4099
4112
|
return metadata.expiresAt <= nowSeconds();
|
|
4100
4113
|
}
|
|
4101
4114
|
|
|
4102
|
-
/*! @azure/msal-common v16.6.
|
|
4115
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
4103
4116
|
/*
|
|
4104
4117
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4105
4118
|
* Licensed under the MIT License.
|
|
@@ -4170,7 +4183,7 @@
|
|
|
4170
4183
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
4171
4184
|
const SetUserData = "setUserData";
|
|
4172
4185
|
|
|
4173
|
-
/*! @azure/msal-common v16.6.
|
|
4186
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
4174
4187
|
/*
|
|
4175
4188
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4176
4189
|
* Licensed under the MIT License.
|
|
@@ -4263,7 +4276,7 @@
|
|
|
4263
4276
|
};
|
|
4264
4277
|
};
|
|
4265
4278
|
|
|
4266
|
-
/*! @azure/msal-common v16.6.
|
|
4279
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
4267
4280
|
|
|
4268
4281
|
/*
|
|
4269
4282
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4343,7 +4356,7 @@
|
|
|
4343
4356
|
}
|
|
4344
4357
|
}
|
|
4345
4358
|
|
|
4346
|
-
/*! @azure/msal-common v16.6.
|
|
4359
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
4347
4360
|
/*
|
|
4348
4361
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4349
4362
|
* Licensed under the MIT License.
|
|
@@ -4407,7 +4420,7 @@
|
|
|
4407
4420
|
uxNotAllowed: uxNotAllowed
|
|
4408
4421
|
});
|
|
4409
4422
|
|
|
4410
|
-
/*! @azure/msal-common v16.6.
|
|
4423
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
4411
4424
|
|
|
4412
4425
|
/*
|
|
4413
4426
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4475,7 +4488,7 @@
|
|
|
4475
4488
|
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
4476
4489
|
}
|
|
4477
4490
|
|
|
4478
|
-
/*! @azure/msal-common v16.6.
|
|
4491
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
4479
4492
|
|
|
4480
4493
|
/*
|
|
4481
4494
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4494,7 +4507,7 @@
|
|
|
4494
4507
|
}
|
|
4495
4508
|
}
|
|
4496
4509
|
|
|
4497
|
-
/*! @azure/msal-common v16.6.
|
|
4510
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
4498
4511
|
|
|
4499
4512
|
/*
|
|
4500
4513
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4562,7 +4575,7 @@
|
|
|
4562
4575
|
}
|
|
4563
4576
|
}
|
|
4564
4577
|
|
|
4565
|
-
/*! @azure/msal-common v16.6.
|
|
4578
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
4566
4579
|
|
|
4567
4580
|
/*
|
|
4568
4581
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4910,7 +4923,7 @@
|
|
|
4910
4923
|
return baseAccount;
|
|
4911
4924
|
}
|
|
4912
4925
|
|
|
4913
|
-
/*! @azure/msal-common v16.6.
|
|
4926
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
4914
4927
|
/*
|
|
4915
4928
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4916
4929
|
* Licensed under the MIT License.
|
|
@@ -4920,7 +4933,7 @@
|
|
|
4920
4933
|
UPN: "UPN",
|
|
4921
4934
|
};
|
|
4922
4935
|
|
|
4923
|
-
/*! @azure/msal-common v16.6.
|
|
4936
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
4924
4937
|
/*
|
|
4925
4938
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4926
4939
|
* Licensed under the MIT License.
|
|
@@ -4938,7 +4951,7 @@
|
|
|
4938
4951
|
}
|
|
4939
4952
|
}
|
|
4940
4953
|
|
|
4941
|
-
/*! @azure/msal-common v16.6.
|
|
4954
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
4942
4955
|
/*
|
|
4943
4956
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4944
4957
|
* Licensed under the MIT License.
|
|
@@ -4959,7 +4972,7 @@
|
|
|
4959
4972
|
};
|
|
4960
4973
|
}
|
|
4961
4974
|
|
|
4962
|
-
/*! @azure/msal-common v16.6.
|
|
4975
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
4963
4976
|
|
|
4964
4977
|
/*
|
|
4965
4978
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5045,7 +5058,7 @@
|
|
|
5045
5058
|
}
|
|
5046
5059
|
}
|
|
5047
5060
|
|
|
5048
|
-
/*! @azure/msal-common v16.6.
|
|
5061
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
5049
5062
|
|
|
5050
5063
|
/*
|
|
5051
5064
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5076,7 +5089,7 @@
|
|
|
5076
5089
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
5077
5090
|
}
|
|
5078
5091
|
|
|
5079
|
-
/*! @azure/msal-common v16.6.
|
|
5092
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
5080
5093
|
|
|
5081
5094
|
/*
|
|
5082
5095
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5190,7 +5203,7 @@
|
|
|
5190
5203
|
return response;
|
|
5191
5204
|
}
|
|
5192
5205
|
|
|
5193
|
-
/*! @azure/msal-common v16.6.
|
|
5206
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
5194
5207
|
/*
|
|
5195
5208
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5196
5209
|
* Licensed under the MIT License.
|
|
@@ -5202,7 +5215,7 @@
|
|
|
5202
5215
|
response.hasOwnProperty("jwks_uri"));
|
|
5203
5216
|
}
|
|
5204
5217
|
|
|
5205
|
-
/*! @azure/msal-common v16.6.
|
|
5218
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
5206
5219
|
/*
|
|
5207
5220
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5208
5221
|
* Licensed under the MIT License.
|
|
@@ -5212,7 +5225,7 @@
|
|
|
5212
5225
|
response.hasOwnProperty("metadata"));
|
|
5213
5226
|
}
|
|
5214
5227
|
|
|
5215
|
-
/*! @azure/msal-common v16.6.
|
|
5228
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
5216
5229
|
/*
|
|
5217
5230
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5218
5231
|
* Licensed under the MIT License.
|
|
@@ -5222,7 +5235,7 @@
|
|
|
5222
5235
|
response.hasOwnProperty("error_description"));
|
|
5223
5236
|
}
|
|
5224
5237
|
|
|
5225
|
-
/*! @azure/msal-common v16.6.
|
|
5238
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
5226
5239
|
|
|
5227
5240
|
/*
|
|
5228
5241
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5327,7 +5340,7 @@
|
|
|
5327
5340
|
},
|
|
5328
5341
|
};
|
|
5329
5342
|
|
|
5330
|
-
/*! @azure/msal-common v16.6.
|
|
5343
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
5331
5344
|
|
|
5332
5345
|
/*
|
|
5333
5346
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5582,7 +5595,7 @@
|
|
|
5582
5595
|
}, this.correlationId);
|
|
5583
5596
|
}
|
|
5584
5597
|
/**
|
|
5585
|
-
* Returns metadata entity from cache if it exists,
|
|
5598
|
+
* Returns metadata entity from cache if it exists, otherwise returns a new metadata entity built
|
|
5586
5599
|
* from the configured canonical authority
|
|
5587
5600
|
* @returns
|
|
5588
5601
|
*/
|
|
@@ -5651,6 +5664,8 @@
|
|
|
5651
5664
|
// Get metadata from network if local sources aren't available
|
|
5652
5665
|
let metadata = await invokeAsync(this.getEndpointMetadataFromNetwork.bind(this), AuthorityGetEndpointMetadataFromNetwork, this.logger, this.performanceClient, this.correlationId)();
|
|
5653
5666
|
if (metadata) {
|
|
5667
|
+
// Validate the issuer returned by the OIDC discovery document.
|
|
5668
|
+
this.validateIssuer(metadata.issuer);
|
|
5654
5669
|
// If the user prefers to use an azure region replace the global endpoints with regional information.
|
|
5655
5670
|
if (this.authorityOptions.azureRegionConfiguration?.azureRegion) {
|
|
5656
5671
|
metadata = await invokeAsync(this.updateMetadataWithRegionalInformation.bind(this), AuthorityUpdateMetadataWithRegionalInformation, this.logger, this.performanceClient, this.correlationId)(metadata);
|
|
@@ -5819,7 +5834,7 @@
|
|
|
5819
5834
|
throw createClientConfigurationError(untrustedAuthority);
|
|
5820
5835
|
}
|
|
5821
5836
|
updateCloudDiscoveryMetadataFromLocalSources(metadataEntity) {
|
|
5822
|
-
this.logger.verbose("
|
|
5837
|
+
this.logger.verbose("1tpqlr", this.correlationId);
|
|
5823
5838
|
this.logger.verbosePii("1fy7uz", this.correlationId);
|
|
5824
5839
|
this.logger.verbosePii("08zabj", this.correlationId);
|
|
5825
5840
|
this.logger.verbosePii("1o1kv3", this.correlationId);
|
|
@@ -6016,6 +6031,139 @@
|
|
|
6016
6031
|
isAliasOfKnownMicrosoftAuthority(host) {
|
|
6017
6032
|
return InstanceDiscoveryMetadataAliases.has(host);
|
|
6018
6033
|
}
|
|
6034
|
+
/**
|
|
6035
|
+
* Validates the `issuer` returned by an OIDC discovery document against
|
|
6036
|
+
* this authority, per
|
|
6037
|
+
* https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationValidation
|
|
6038
|
+
*
|
|
6039
|
+
* The issuer is accepted when ANY of the following holds:
|
|
6040
|
+
* 1. The issuer scheme + host + port match the authority's (path may
|
|
6041
|
+
* differ). Applies to all authorities.
|
|
6042
|
+
* 2. The authority is a Microsoft cloud authority (public, sovereign,
|
|
6043
|
+
* or CIAM), the issuer is HTTPS, and the issuer host is in the known
|
|
6044
|
+
* Microsoft authority host set.
|
|
6045
|
+
* 3. Same as (2), but the issuer host is a single-label regional variant
|
|
6046
|
+
* of a known Microsoft host (e.g. `westus.login.microsoftonline.com`).
|
|
6047
|
+
* 4. Same as (2), but the issuer host matches the CIAM tenant pattern
|
|
6048
|
+
* `{tenant}.ciamlogin.com` with an optional `/{tenant}[.onmicrosoft.com][/v2.0]`
|
|
6049
|
+
* path.
|
|
6050
|
+
*
|
|
6051
|
+
* @param issuer The `issuer` value returned in the OIDC discovery document.
|
|
6052
|
+
* @throws ClientConfigurationError("issuer_validation_failed") on failure.
|
|
6053
|
+
*/
|
|
6054
|
+
validateIssuer(issuer) {
|
|
6055
|
+
if (!issuer) {
|
|
6056
|
+
throw createClientConfigurationError(issuerValidationFailed);
|
|
6057
|
+
}
|
|
6058
|
+
// Parse with the WHATWG URL API. URL normalizes scheme + host to lowercase per RFC 3986.
|
|
6059
|
+
let issuerUrl;
|
|
6060
|
+
try {
|
|
6061
|
+
issuerUrl = new URL(issuer);
|
|
6062
|
+
}
|
|
6063
|
+
catch {
|
|
6064
|
+
throw createClientConfigurationError(issuerValidationFailed);
|
|
6065
|
+
}
|
|
6066
|
+
const issuerScheme = issuerUrl.protocol;
|
|
6067
|
+
const issuerHost = issuerUrl.host;
|
|
6068
|
+
const authorityScheme = (this.canonicalAuthorityUrlComponents.Protocol || "").toLowerCase();
|
|
6069
|
+
const authorityHost = (this.canonicalAuthorityUrlComponents.HostNameAndPort || "").toLowerCase();
|
|
6070
|
+
// Rule 1: Same scheme and host
|
|
6071
|
+
const matchesAuthorityOrigin = this.matchesAuthorityOrigin(issuerScheme, issuerHost, authorityScheme, authorityHost);
|
|
6072
|
+
// Rule 2: The issuer host is a well-known Microsoft authority host (HTTPS only)
|
|
6073
|
+
const matchesKnownMicrosoftHost = issuerScheme === "https:" &&
|
|
6074
|
+
this.isAliasOfKnownMicrosoftAuthority(issuerHost);
|
|
6075
|
+
/*
|
|
6076
|
+
* Rule 3: The issuer host is a regional variant ({region}.{host}) of a well-known host
|
|
6077
|
+
* (HTTPS only). E.g. westus2.login.microsoft.com
|
|
6078
|
+
*/
|
|
6079
|
+
const matchesRegionalMicrosoftHost = issuerScheme === "https:" &&
|
|
6080
|
+
this.matchesRegionalMicrosoftHost(issuerHost);
|
|
6081
|
+
/*
|
|
6082
|
+
* Rule 4: CIAM-specific validation. In a CIAM scenario the issuer is expected to
|
|
6083
|
+
* have "{tenant}.ciamlogin.com" as the host, even when using a custom domain.
|
|
6084
|
+
*/
|
|
6085
|
+
const matchesCiamTenantPattern = this.matchesCiamTenantPattern(issuerUrl, authorityHost, this.canonicalAuthorityUrlComponents.PathSegments);
|
|
6086
|
+
// Each rule is an independent boolean; the issuer is valid if ANY rule matches.
|
|
6087
|
+
if (matchesAuthorityOrigin ||
|
|
6088
|
+
matchesKnownMicrosoftHost ||
|
|
6089
|
+
matchesRegionalMicrosoftHost ||
|
|
6090
|
+
matchesCiamTenantPattern) {
|
|
6091
|
+
return;
|
|
6092
|
+
}
|
|
6093
|
+
// issuer validation fails if none of the above rules are satisfied
|
|
6094
|
+
throw createClientConfigurationError(issuerValidationFailed);
|
|
6095
|
+
}
|
|
6096
|
+
/**
|
|
6097
|
+
* Rule 1: The issuer scheme + host (and port) match the authority's. Path
|
|
6098
|
+
* may differ. Applies to all authorities.
|
|
6099
|
+
*/
|
|
6100
|
+
matchesAuthorityOrigin(issuerScheme, issuerHost, authorityScheme, authorityHost) {
|
|
6101
|
+
return issuerScheme === authorityScheme && issuerHost === authorityHost;
|
|
6102
|
+
}
|
|
6103
|
+
/**
|
|
6104
|
+
* Rule 3: The issuer host is a regional variant
|
|
6105
|
+
* (`{region}.{host}`) of a known Microsoft authority host.
|
|
6106
|
+
* E.g. `westus2.login.microsoft.com`.
|
|
6107
|
+
*/
|
|
6108
|
+
matchesRegionalMicrosoftHost(issuerHost) {
|
|
6109
|
+
const firstDot = issuerHost.indexOf(".");
|
|
6110
|
+
if (firstDot > 0 && firstDot < issuerHost.length - 1) {
|
|
6111
|
+
const hostWithoutRegion = issuerHost.substring(firstDot + 1);
|
|
6112
|
+
return this.isAliasOfKnownMicrosoftAuthority(hostWithoutRegion);
|
|
6113
|
+
}
|
|
6114
|
+
return false;
|
|
6115
|
+
}
|
|
6116
|
+
/**
|
|
6117
|
+
* Rule 4: The issuer matches one of the well-known CIAM tenant patterns
|
|
6118
|
+
* (`https://{tenant}.ciamlogin.com[/{tenant}[.onmicrosoft.com][/v2.0]]`).
|
|
6119
|
+
*
|
|
6120
|
+
* The bare tenant name is extracted from the authority's first path segment
|
|
6121
|
+
* when available (stripping the `.onmicrosoft.com` suffix that
|
|
6122
|
+
* `transformCIAMAuthority` adds), or otherwise from the leftmost label of
|
|
6123
|
+
* the authority host (to support CIAM custom domain scenarios).
|
|
6124
|
+
*
|
|
6125
|
+
* Both `/{tenant}` and `/{tenant}.onmicrosoft.com` path forms are accepted
|
|
6126
|
+
* because the OIDC issuer may use either form depending on the authority URL
|
|
6127
|
+
* that was used to trigger discovery.
|
|
6128
|
+
*/
|
|
6129
|
+
matchesCiamTenantPattern(issuerUrl, authorityHost, authorityPathSegments) {
|
|
6130
|
+
/*
|
|
6131
|
+
* authorityPathSegments[0] is the first path segment of the *authority
|
|
6132
|
+
* URL* after transformCIAMAuthority runs (e.g. "contoso.onmicrosoft.com").
|
|
6133
|
+
* Additional CIAM issuer path segments such as "/v2.0" are part of the
|
|
6134
|
+
* issuer string, not the authority URL's PathSegments.
|
|
6135
|
+
*/
|
|
6136
|
+
const pathSegment = authorityPathSegments[0];
|
|
6137
|
+
/*
|
|
6138
|
+
* Extract the bare tenant name: strip the .onmicrosoft.com suffix when
|
|
6139
|
+
* present (introduced by transformCIAMAuthority), or fall back to the
|
|
6140
|
+
* first label of the authority hostname for non-transformed/custom-domain
|
|
6141
|
+
* CIAM authorities.
|
|
6142
|
+
*/
|
|
6143
|
+
const tenantName = pathSegment
|
|
6144
|
+
? pathSegment.endsWith(AAD_TENANT_DOMAIN_SUFFIX)
|
|
6145
|
+
? pathSegment.slice(0, -AAD_TENANT_DOMAIN_SUFFIX.length)
|
|
6146
|
+
: pathSegment
|
|
6147
|
+
: authorityHost.split(".")[0];
|
|
6148
|
+
if (!tenantName) {
|
|
6149
|
+
return false;
|
|
6150
|
+
}
|
|
6151
|
+
const ciamBaseURL = `https://${tenantName}${CIAM_AUTH_URL}`;
|
|
6152
|
+
const validCiamPatterns = [
|
|
6153
|
+
ciamBaseURL,
|
|
6154
|
+
`${ciamBaseURL}/${tenantName}`,
|
|
6155
|
+
`${ciamBaseURL}/${tenantName}/v2.0`,
|
|
6156
|
+
`${ciamBaseURL}/${tenantName}${AAD_TENANT_DOMAIN_SUFFIX}`,
|
|
6157
|
+
`${ciamBaseURL}/${tenantName}${AAD_TENANT_DOMAIN_SUFFIX}/v2.0`, // https://{tenant}.ciamlogin.com/{tenant}.onmicrosoft.com/v2.0
|
|
6158
|
+
];
|
|
6159
|
+
/*
|
|
6160
|
+
* Compose the canonical issuer string from URL components and strip any
|
|
6161
|
+
* trailing slashes from the path so it can be compared to the pattern set.
|
|
6162
|
+
*/
|
|
6163
|
+
const issuerPath = issuerUrl.pathname.replace(/\/+$/, "");
|
|
6164
|
+
const normalizedIssuer = `${issuerUrl.protocol}//${issuerUrl.host}${issuerPath}`;
|
|
6165
|
+
return validCiamPatterns.some((pattern) => pattern === normalizedIssuer);
|
|
6166
|
+
}
|
|
6019
6167
|
/**
|
|
6020
6168
|
* Checks whether the provided host is that of a public cloud authority
|
|
6021
6169
|
*
|
|
@@ -6147,7 +6295,7 @@
|
|
|
6147
6295
|
};
|
|
6148
6296
|
}
|
|
6149
6297
|
|
|
6150
|
-
/*! @azure/msal-common v16.6.
|
|
6298
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
6151
6299
|
|
|
6152
6300
|
/*
|
|
6153
6301
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6181,7 +6329,7 @@
|
|
|
6181
6329
|
}
|
|
6182
6330
|
}
|
|
6183
6331
|
|
|
6184
|
-
/*! @azure/msal-common v16.6.
|
|
6332
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
6185
6333
|
|
|
6186
6334
|
/*
|
|
6187
6335
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6438,7 +6586,7 @@
|
|
|
6438
6586
|
}
|
|
6439
6587
|
}
|
|
6440
6588
|
|
|
6441
|
-
/*! @azure/msal-common v16.6.
|
|
6589
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
6442
6590
|
|
|
6443
6591
|
/*
|
|
6444
6592
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6659,7 +6807,7 @@
|
|
|
6659
6807
|
}
|
|
6660
6808
|
}
|
|
6661
6809
|
|
|
6662
|
-
/*! @azure/msal-common v16.6.
|
|
6810
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
6663
6811
|
|
|
6664
6812
|
/*
|
|
6665
6813
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6775,7 +6923,7 @@
|
|
|
6775
6923
|
}
|
|
6776
6924
|
}
|
|
6777
6925
|
|
|
6778
|
-
/*! @azure/msal-common v16.6.
|
|
6926
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
6779
6927
|
|
|
6780
6928
|
/*
|
|
6781
6929
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6790,7 +6938,7 @@
|
|
|
6790
6938
|
},
|
|
6791
6939
|
};
|
|
6792
6940
|
|
|
6793
|
-
/*! @azure/msal-common v16.6.
|
|
6941
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
6794
6942
|
|
|
6795
6943
|
/*
|
|
6796
6944
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7013,7 +7161,7 @@
|
|
|
7013
7161
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
7014
7162
|
}
|
|
7015
7163
|
|
|
7016
|
-
/*! @azure/msal-common v16.6.
|
|
7164
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
7017
7165
|
|
|
7018
7166
|
/*
|
|
7019
7167
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7046,7 +7194,7 @@
|
|
|
7046
7194
|
return Object.prototype.hasOwnProperty.call(params, "resource");
|
|
7047
7195
|
}
|
|
7048
7196
|
|
|
7049
|
-
/*! @azure/msal-common v16.6.
|
|
7197
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
7050
7198
|
|
|
7051
7199
|
/*
|
|
7052
7200
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7104,7 +7252,7 @@
|
|
|
7104
7252
|
}
|
|
7105
7253
|
}
|
|
7106
7254
|
|
|
7107
|
-
/*! @azure/msal-common v16.6.
|
|
7255
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
7108
7256
|
/*
|
|
7109
7257
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7110
7258
|
* Licensed under the MIT License.
|
|
@@ -7121,7 +7269,7 @@
|
|
|
7121
7269
|
unexpectedError: unexpectedError
|
|
7122
7270
|
});
|
|
7123
7271
|
|
|
7124
|
-
/*! @azure/msal-common v16.6.
|
|
7272
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
7125
7273
|
|
|
7126
7274
|
/*
|
|
7127
7275
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7382,7 +7530,7 @@
|
|
|
7382
7530
|
}
|
|
7383
7531
|
}
|
|
7384
7532
|
|
|
7385
|
-
/*! @azure/msal-common v16.6.
|
|
7533
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
7386
7534
|
|
|
7387
7535
|
/*
|
|
7388
7536
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7403,7 +7551,7 @@
|
|
|
7403
7551
|
return new JoseHeaderError(code);
|
|
7404
7552
|
}
|
|
7405
7553
|
|
|
7406
|
-
/*! @azure/msal-common v16.6.
|
|
7554
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
7407
7555
|
/*
|
|
7408
7556
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7409
7557
|
* Licensed under the MIT License.
|
|
@@ -7411,7 +7559,7 @@
|
|
|
7411
7559
|
const missingKidError = "missing_kid_error";
|
|
7412
7560
|
const missingAlgError = "missing_alg_error";
|
|
7413
7561
|
|
|
7414
|
-
/*! @azure/msal-common v16.6.
|
|
7562
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
7415
7563
|
|
|
7416
7564
|
/*
|
|
7417
7565
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7451,7 +7599,7 @@
|
|
|
7451
7599
|
}
|
|
7452
7600
|
}
|
|
7453
7601
|
|
|
7454
|
-
/*! @azure/msal-common v16.6.
|
|
7602
|
+
/*! @azure/msal-common v16.6.2 2026-05-19 */
|
|
7455
7603
|
|
|
7456
7604
|
/*
|
|
7457
7605
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -9873,7 +10021,6 @@
|
|
|
9873
10021
|
const LOG_LEVEL_CACHE_KEY = `${PREFIX}.${BROWSER_PREFIX}.log.level`;
|
|
9874
10022
|
const LOG_PII_CACHE_KEY = `${PREFIX}.${BROWSER_PREFIX}.log.pii`;
|
|
9875
10023
|
const BROWSER_PERF_ENABLED_KEY = `${PREFIX}.${BROWSER_PREFIX}.performance.enabled`;
|
|
9876
|
-
const PLATFORM_AUTH_DOM_SUPPORT = `${PREFIX}.${BROWSER_PREFIX}.platform.auth.dom`;
|
|
9877
10024
|
const VERSION_CACHE_KEY = `${PREFIX}.version`;
|
|
9878
10025
|
const ACCOUNT_KEYS = "account.keys";
|
|
9879
10026
|
const TOKEN_KEYS = "token.keys";
|
|
@@ -10389,7 +10536,7 @@
|
|
|
10389
10536
|
|
|
10390
10537
|
/* eslint-disable header/header */
|
|
10391
10538
|
const name = "@azure/msal-browser";
|
|
10392
|
-
const version = "5.
|
|
10539
|
+
const version = "5.11.0";
|
|
10393
10540
|
|
|
10394
10541
|
/*
|
|
10395
10542
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -12137,12 +12284,13 @@
|
|
|
12137
12284
|
* and logoutHint attribute wasn't manually set in logout request
|
|
12138
12285
|
*/
|
|
12139
12286
|
if (logoutRequest) {
|
|
12140
|
-
// If logoutHint isn't set and an account was passed in, try to extract logoutHint from ID Token Claims
|
|
12287
|
+
// If logoutHint isn't set and an account was passed in, try to extract logoutHint from account loginHint or ID Token Claims
|
|
12141
12288
|
if (!logoutRequest.logoutHint) {
|
|
12142
12289
|
if (logoutRequest.account) {
|
|
12143
|
-
const logoutHint =
|
|
12290
|
+
const logoutHint = logoutRequest.account.loginHint ||
|
|
12291
|
+
this.getLogoutHintFromIdTokenClaims(logoutRequest.account);
|
|
12144
12292
|
if (logoutHint) {
|
|
12145
|
-
this.logger.verbose("
|
|
12293
|
+
this.logger.verbose("0d7s8p", this.correlationId);
|
|
12146
12294
|
validLogoutRequest.logoutHint = logoutHint;
|
|
12147
12295
|
}
|
|
12148
12296
|
}
|
|
@@ -12195,6 +12343,7 @@
|
|
|
12195
12343
|
const idTokenClaims = account.idTokenClaims;
|
|
12196
12344
|
if (idTokenClaims) {
|
|
12197
12345
|
if (idTokenClaims.login_hint) {
|
|
12346
|
+
this.logger.verbose("0u5bmc", this.correlationId);
|
|
12198
12347
|
return idTokenClaims.login_hint;
|
|
12199
12348
|
}
|
|
12200
12349
|
else {
|
|
@@ -13823,6 +13972,7 @@
|
|
|
13823
13972
|
};
|
|
13824
13973
|
const DEFAULT_EXPERIMENTAL_OPTIONS = {
|
|
13825
13974
|
iframeTimeoutTelemetry: false,
|
|
13975
|
+
allowPlatformBrokerWithDOM: false,
|
|
13826
13976
|
};
|
|
13827
13977
|
// Throw an error if user has set OIDCOptions without being in OIDC protocol mode
|
|
13828
13978
|
if (userInputSystem?.protocolMode !== ProtocolMode.OIDC &&
|
|
@@ -14269,25 +14419,23 @@
|
|
|
14269
14419
|
*/
|
|
14270
14420
|
/**
|
|
14271
14421
|
* Checks if the platform broker is available in the current environment.
|
|
14272
|
-
* @param
|
|
14273
|
-
* @param
|
|
14274
|
-
* @param
|
|
14275
|
-
* @
|
|
14422
|
+
* @param domConfig - Whether to enable platform broker DOM API support (required)
|
|
14423
|
+
* @param loggerOptions - Optional logger options
|
|
14424
|
+
* @param perfClient - Optional performance client
|
|
14425
|
+
* @param correlationId - Optional correlation ID
|
|
14426
|
+
* @returns Promise<boolean> indicating if platform broker is available
|
|
14276
14427
|
*/
|
|
14277
|
-
async function isPlatformBrokerAvailable(loggerOptions, perfClient, correlationId) {
|
|
14428
|
+
async function isPlatformBrokerAvailable(domConfig, loggerOptions, perfClient, correlationId) {
|
|
14278
14429
|
const logger = new Logger(loggerOptions || {}, name, version);
|
|
14279
|
-
const cid = correlationId || "";
|
|
14280
|
-
logger.trace("07660b", cid);
|
|
14281
14430
|
const performanceClient = perfClient || new StubPerformanceClient();
|
|
14282
14431
|
if (typeof window === "undefined") {
|
|
14283
|
-
logger.trace("082ed3",
|
|
14432
|
+
logger.trace("082ed3", correlationId || createNewGuid());
|
|
14284
14433
|
return false;
|
|
14285
14434
|
}
|
|
14286
|
-
return !!(await getPlatformAuthProvider(logger, performanceClient,
|
|
14435
|
+
return !!(await getPlatformAuthProvider(logger, performanceClient, correlationId || createNewGuid(), undefined, domConfig));
|
|
14287
14436
|
}
|
|
14288
|
-
async function getPlatformAuthProvider(logger, performanceClient, correlationId, nativeBrokerHandshakeTimeout) {
|
|
14437
|
+
async function getPlatformAuthProvider(logger, performanceClient, correlationId, nativeBrokerHandshakeTimeout, enablePlatformBrokerDOMSupport) {
|
|
14289
14438
|
logger.trace("134j0v", correlationId);
|
|
14290
|
-
const enablePlatformBrokerDOMSupport = isDomEnabledForPlatformAuth();
|
|
14291
14439
|
logger.trace("04c81g", correlationId);
|
|
14292
14440
|
let platformAuthProvider;
|
|
14293
14441
|
try {
|
|
@@ -14311,22 +14459,6 @@
|
|
|
14311
14459
|
}
|
|
14312
14460
|
return platformAuthProvider;
|
|
14313
14461
|
}
|
|
14314
|
-
/**
|
|
14315
|
-
* Returns true if the DOM API support for platform auth is enabled in session storage
|
|
14316
|
-
* @returns boolean
|
|
14317
|
-
* @deprecated
|
|
14318
|
-
*/
|
|
14319
|
-
function isDomEnabledForPlatformAuth() {
|
|
14320
|
-
let sessionStorage;
|
|
14321
|
-
try {
|
|
14322
|
-
sessionStorage = window[BrowserCacheLocation.SessionStorage];
|
|
14323
|
-
// Mute errors if it's a non-browser environment or cookies are blocked.
|
|
14324
|
-
return sessionStorage?.getItem(PLATFORM_AUTH_DOM_SUPPORT) === "true";
|
|
14325
|
-
}
|
|
14326
|
-
catch (e) {
|
|
14327
|
-
return false;
|
|
14328
|
-
}
|
|
14329
|
-
}
|
|
14330
14462
|
/**
|
|
14331
14463
|
* Returns boolean indicating whether or not the request should attempt to use platform broker
|
|
14332
14464
|
* @param logger
|
|
@@ -14337,6 +14469,11 @@
|
|
|
14337
14469
|
*/
|
|
14338
14470
|
function isPlatformAuthAllowed(config, logger, correlationId, platformAuthProvider, authenticationScheme) {
|
|
14339
14471
|
logger.trace("0uko3r", correlationId);
|
|
14472
|
+
// throw an error if allowPlatformBroker is not enabled and allowPlatformBrokerWithDOM is enabled
|
|
14473
|
+
if (!config.system.allowPlatformBroker &&
|
|
14474
|
+
config.experimental.allowPlatformBrokerWithDOM) {
|
|
14475
|
+
throw createClientConfigurationError(invalidPlatformBrokerConfiguration);
|
|
14476
|
+
}
|
|
14340
14477
|
if (!config.system.allowPlatformBroker) {
|
|
14341
14478
|
logger.trace("04hozs", correlationId);
|
|
14342
14479
|
// Developer disabled WAM
|
|
@@ -15796,7 +15933,7 @@
|
|
|
15796
15933
|
if (allowPlatformBroker) {
|
|
15797
15934
|
try {
|
|
15798
15935
|
// check if platform authentication is available via DOM or browser extension and create relevant handlers
|
|
15799
|
-
this.platformAuthProvider = await getPlatformAuthProvider(this.logger, this.performanceClient, correlationId, this.config.system.nativeBrokerHandshakeTimeout);
|
|
15936
|
+
this.platformAuthProvider = await getPlatformAuthProvider(this.logger, this.performanceClient, correlationId, this.config.system.nativeBrokerHandshakeTimeout, this.config.experimental.allowPlatformBrokerWithDOM);
|
|
15800
15937
|
}
|
|
15801
15938
|
catch (e) {
|
|
15802
15939
|
this.logger.verbose(e, correlationId);
|