@azure/msal-browser 5.10.1 → 5.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (255) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  4. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +18 -32
  7. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
  8. package/dist/cache/AccountManager.mjs +1 -1
  9. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  10. package/dist/cache/BrowserCacheManager.mjs +1 -1
  11. package/dist/cache/CacheHelpers.mjs +1 -1
  12. package/dist/cache/CacheKeys.mjs +2 -3
  13. package/dist/cache/CacheKeys.mjs.map +1 -1
  14. package/dist/cache/CookieStorage.mjs +1 -1
  15. package/dist/cache/DatabaseStorage.mjs +1 -1
  16. package/dist/cache/EncryptedData.mjs +1 -1
  17. package/dist/cache/LocalStorage.mjs +1 -1
  18. package/dist/cache/MemoryStorage.mjs +1 -1
  19. package/dist/cache/SessionStorage.mjs +1 -1
  20. package/dist/cache/TokenCache.mjs +1 -1
  21. package/dist/config/Configuration.mjs +2 -1
  22. package/dist/config/Configuration.mjs.map +1 -1
  23. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  24. package/dist/controllers/StandardController.mjs +2 -2
  25. package/dist/controllers/StandardController.mjs.map +1 -1
  26. package/dist/crypto/BrowserCrypto.mjs +1 -1
  27. package/dist/crypto/CryptoOps.mjs +1 -1
  28. package/dist/crypto/PkceGenerator.mjs +1 -1
  29. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  30. package/dist/custom_auth/CustomAuthConstants.mjs +11 -2
  31. package/dist/custom_auth/CustomAuthConstants.mjs.map +1 -1
  32. package/dist/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  33. package/dist/custom_auth/controller/CustomAuthStandardController.mjs +2 -2
  34. package/dist/custom_auth/controller/CustomAuthStandardController.mjs.map +1 -1
  35. package/dist/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  36. package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  37. package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  38. package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  39. package/dist/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  40. package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  41. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  42. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  43. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  44. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  45. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  46. package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  47. package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  48. package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  49. package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  50. package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  51. package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  52. package/dist/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  53. package/dist/custom_auth/core/error/CustomAuthError.mjs +1 -1
  54. package/dist/custom_auth/core/error/HttpError.mjs +1 -1
  55. package/dist/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  56. package/dist/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  57. package/dist/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  58. package/dist/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  59. package/dist/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  60. package/dist/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  61. package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  62. package/dist/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  63. package/dist/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  64. package/dist/custom_auth/core/error/UnexpectedError.mjs +1 -1
  65. package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  66. package/dist/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  67. package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  68. package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  69. package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  70. package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  71. package/dist/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  72. package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  73. package/dist/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  74. package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +21 -3
  75. package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs.map +1 -1
  76. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +6 -6
  77. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs.map +1 -1
  78. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  79. package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  80. package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +3 -3
  81. package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs.map +1 -1
  82. package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +3 -3
  83. package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs.map +1 -1
  84. package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +3 -3
  85. package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs.map +1 -1
  86. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  87. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  88. package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  89. package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  90. package/dist/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  91. package/dist/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  92. package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs +56 -0
  93. package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs.map +1 -0
  94. package/dist/custom_auth/core/utils/UrlUtils.mjs +1 -1
  95. package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  96. package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  97. package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  98. package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  99. package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  100. package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  101. package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  102. package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  103. package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  104. package/dist/custom_auth/index.mjs +1 -1
  105. package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  106. package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  107. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  108. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  109. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  110. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  111. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  112. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  113. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  114. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  115. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  116. package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  117. package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  118. package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  119. package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  120. package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  121. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  122. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  123. package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  124. package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  125. package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  126. package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  127. package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  128. package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  129. package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  130. package/dist/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  131. package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  132. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  133. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  134. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  135. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  136. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  137. package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  138. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  139. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  140. package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  141. package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  142. package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  143. package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  144. package/dist/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  145. package/dist/encode/Base64Decode.mjs +1 -1
  146. package/dist/encode/Base64Encode.mjs +1 -1
  147. package/dist/error/BrowserAuthError.mjs +1 -1
  148. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  149. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  150. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  151. package/dist/error/NativeAuthError.mjs +1 -1
  152. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  153. package/dist/error/NestedAppAuthError.mjs +1 -1
  154. package/dist/event/EventHandler.mjs +1 -1
  155. package/dist/event/EventMessage.mjs +1 -1
  156. package/dist/event/EventType.mjs +1 -1
  157. package/dist/index.mjs +1 -1
  158. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  159. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  160. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  161. package/dist/interaction_client/PopupClient.mjs +1 -1
  162. package/dist/interaction_client/RedirectClient.mjs +1 -1
  163. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  164. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  165. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  166. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  167. package/dist/interaction_client/StandardInteractionClient.mjs +6 -4
  168. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  169. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  170. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  171. package/dist/log-strings-mapping.json +1200 -1188
  172. package/dist/naa/BridgeError.mjs +1 -1
  173. package/dist/naa/BridgeProxy.mjs +1 -1
  174. package/dist/naa/BridgeStatusCode.mjs +1 -1
  175. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  176. package/dist/navigation/NavigationClient.mjs +1 -1
  177. package/dist/network/FetchClient.mjs +1 -1
  178. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  179. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  180. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  181. package/dist/packageMetadata.mjs +2 -2
  182. package/dist/protocol/Authorize.mjs +1 -1
  183. package/dist/redirect_bridge/index.mjs +1 -1
  184. package/dist/request/RequestHelpers.mjs +1 -1
  185. package/dist/response/ResponseHandler.mjs +1 -1
  186. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  187. package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
  188. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  189. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  190. package/dist/utils/BrowserConstants.mjs +1 -1
  191. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  192. package/dist/utils/BrowserUtils.mjs +1 -1
  193. package/dist/utils/Helpers.mjs +1 -1
  194. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  195. package/lib/custom-auth-path/log-strings-mapping.json +21 -9
  196. package/lib/custom-auth-path/msal-custom-auth.cjs +171 -104
  197. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  198. package/lib/custom-auth-path/msal-custom-auth.js +171 -104
  199. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  200. package/lib/log-strings-mapping.json +8 -8
  201. package/lib/msal-browser.cjs +92 -101
  202. package/lib/msal-browser.cjs.map +1 -1
  203. package/lib/msal-browser.js +92 -101
  204. package/lib/msal-browser.js.map +1 -1
  205. package/lib/msal-browser.min.js +2 -2
  206. package/lib/redirect-bridge/msal-redirect-bridge.cjs +10 -10
  207. package/lib/redirect-bridge/msal-redirect-bridge.cjs.map +1 -1
  208. package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
  209. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
  210. package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
  211. package/package.json +2 -2
  212. package/src/broker/nativeBroker/PlatformAuthProvider.ts +34 -30
  213. package/src/config/Configuration.ts +5 -0
  214. package/src/controllers/StandardController.ts +2 -1
  215. package/src/custom_auth/CustomAuthConstants.ts +10 -0
  216. package/src/custom_auth/configuration/CustomAuthConfiguration.ts +2 -0
  217. package/src/custom_auth/configuration/CustomAuthRequestInterceptor.ts +54 -0
  218. package/src/custom_auth/controller/CustomAuthStandardController.ts +3 -1
  219. package/src/custom_auth/core/network_client/custom_auth_api/BaseApiClient.ts +41 -2
  220. package/src/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.ts +17 -5
  221. package/src/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.ts +8 -2
  222. package/src/custom_auth/core/network_client/custom_auth_api/SignInApiClient.ts +8 -3
  223. package/src/custom_auth/core/network_client/custom_auth_api/SignupApiClient.ts +8 -2
  224. package/src/custom_auth/core/utils/CustomHeaderUtils.ts +75 -0
  225. package/src/custom_auth/index.ts +4 -0
  226. package/src/interaction_client/StandardInteractionClient.ts +11 -5
  227. package/src/packageMetadata.ts +1 -1
  228. package/types/broker/nativeBroker/PlatformAuthProvider.d.ts +7 -12
  229. package/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
  230. package/types/config/Configuration.d.ts +4 -0
  231. package/types/config/Configuration.d.ts.map +1 -1
  232. package/types/controllers/StandardController.d.ts.map +1 -1
  233. package/types/custom_auth/CustomAuthConstants.d.ts +5 -1
  234. package/types/custom_auth/CustomAuthConstants.d.ts.map +1 -1
  235. package/types/custom_auth/configuration/CustomAuthConfiguration.d.ts +2 -0
  236. package/types/custom_auth/configuration/CustomAuthConfiguration.d.ts.map +1 -1
  237. package/types/custom_auth/configuration/CustomAuthRequestInterceptor.d.ts +42 -0
  238. package/types/custom_auth/configuration/CustomAuthRequestInterceptor.d.ts.map +1 -0
  239. package/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
  240. package/types/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts +6 -2
  241. package/types/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts.map +1 -1
  242. package/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts +3 -1
  243. package/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts.map +1 -1
  244. package/types/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts +3 -1
  245. package/types/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts.map +1 -1
  246. package/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts +3 -1
  247. package/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts.map +1 -1
  248. package/types/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts +3 -1
  249. package/types/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts.map +1 -1
  250. package/types/custom_auth/core/utils/CustomHeaderUtils.d.ts +21 -0
  251. package/types/custom_auth/core/utils/CustomHeaderUtils.d.ts.map +1 -0
  252. package/types/custom_auth/index.d.ts +1 -0
  253. package/types/custom_auth/index.d.ts.map +1 -1
  254. package/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  255. package/types/packageMetadata.d.ts +1 -1
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v5.10.1 2026-05-11 */
1
+ /*! @azure/msal-browser v5.11.0 2026-05-19 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -229,7 +229,7 @@ const JsonWebTokenTypes = {
229
229
  // Token renewal offset default in seconds
230
230
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
231
231
 
232
- /*! @azure/msal-common v16.6.1 2026-05-11 */
232
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
233
233
  /*
234
234
  * Copyright (c) Microsoft Corporation. All rights reserved.
235
235
  * Licensed under the MIT License.
@@ -281,7 +281,7 @@ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
281
281
  const RESOURCE = "resource";
282
282
  const CLI_DATA = "clidata";
283
283
 
284
- /*! @azure/msal-common v16.6.1 2026-05-11 */
284
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
285
285
  /*
286
286
  * Copyright (c) Microsoft Corporation. All rights reserved.
287
287
  * Licensed under the MIT License.
@@ -312,7 +312,7 @@ function createAuthError(code, additionalMessage) {
312
312
  return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
313
313
  }
314
314
 
315
- /*! @azure/msal-common v16.6.1 2026-05-11 */
315
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
316
316
 
317
317
  /*
318
318
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -332,7 +332,7 @@ function createClientConfigurationError(errorCode) {
332
332
  return new ClientConfigurationError(errorCode);
333
333
  }
334
334
 
335
- /*! @azure/msal-common v16.6.1 2026-05-11 */
335
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
336
336
  /*
337
337
  * Copyright (c) Microsoft Corporation. All rights reserved.
338
338
  * Licensed under the MIT License.
@@ -412,7 +412,7 @@ class StringUtils {
412
412
  }
413
413
  }
414
414
 
415
- /*! @azure/msal-common v16.6.1 2026-05-11 */
415
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
416
416
 
417
417
  /*
418
418
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -435,7 +435,7 @@ function createClientAuthError(errorCode, additionalMessage) {
435
435
  return new ClientAuthError(errorCode, additionalMessage);
436
436
  }
437
437
 
438
- /*! @azure/msal-common v16.6.1 2026-05-11 */
438
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
439
439
  /*
440
440
  * Copyright (c) Microsoft Corporation. All rights reserved.
441
441
  * Licensed under the MIT License.
@@ -458,9 +458,10 @@ const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
458
458
  const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
459
459
  const authorityMismatch = "authority_mismatch";
460
460
  const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
461
+ const invalidPlatformBrokerConfiguration = "invalid_platform_broker_configuration";
461
462
  const issuerValidationFailed = "issuer_validation_failed";
462
463
 
463
- /*! @azure/msal-common v16.6.1 2026-05-11 */
464
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
464
465
  /*
465
466
  * Copyright (c) Microsoft Corporation. All rights reserved.
466
467
  * Licensed under the MIT License.
@@ -499,7 +500,7 @@ const methodNotImplemented = "method_not_implemented";
499
500
  const resourceParameterRequired = "resource_parameter_required";
500
501
  const misplacedResourceParam = "misplaced_resource_parameter";
501
502
 
502
- /*! @azure/msal-common v16.6.1 2026-05-11 */
503
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
503
504
 
504
505
  /*
505
506
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -694,7 +695,7 @@ class ScopeSet {
694
695
  }
695
696
  }
696
697
 
697
- /*! @azure/msal-common v16.6.1 2026-05-11 */
698
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
698
699
 
699
700
  /*
700
701
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1083,7 +1084,7 @@ function addResource(parameters, resource) {
1083
1084
  }
1084
1085
  }
1085
1086
 
1086
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1087
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
1087
1088
 
1088
1089
  /*
1089
1090
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1192,7 +1193,7 @@ function normalizeUrlForComparison(url) {
1192
1193
  }
1193
1194
  }
1194
1195
 
1195
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1196
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
1196
1197
 
1197
1198
  /*
1198
1199
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1231,7 +1232,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
1231
1232
  },
1232
1233
  };
1233
1234
 
1234
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1235
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
1235
1236
  /*
1236
1237
  * Copyright (c) Microsoft Corporation. All rights reserved.
1237
1238
  * Licensed under the MIT License.
@@ -1492,12 +1493,12 @@ class Logger {
1492
1493
  }
1493
1494
  }
1494
1495
 
1495
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1496
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
1496
1497
  /* eslint-disable header/header */
1497
1498
  const name$1 = "@azure/msal-common";
1498
- const version$1 = "16.6.1";
1499
+ const version$1 = "16.6.2";
1499
1500
 
1500
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1501
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
1501
1502
  /*
1502
1503
  * Copyright (c) Microsoft Corporation. All rights reserved.
1503
1504
  * Licensed under the MIT License.
@@ -1506,7 +1507,7 @@ const AzureCloudInstance = {
1506
1507
  // AzureCloudInstance is not specified.
1507
1508
  None: "none"};
1508
1509
 
1509
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1510
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
1510
1511
  /*
1511
1512
  * Copyright (c) Microsoft Corporation. All rights reserved.
1512
1513
  * Licensed under the MIT License.
@@ -1589,7 +1590,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1589
1590
  return updatedAccountInfo;
1590
1591
  }
1591
1592
 
1592
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1593
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
1593
1594
 
1594
1595
  /*
1595
1596
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1669,7 +1670,7 @@ function checkMaxAge(authTime, maxAge) {
1669
1670
  }
1670
1671
  }
1671
1672
 
1672
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1673
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
1673
1674
 
1674
1675
  /*
1675
1676
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1826,7 +1827,7 @@ class UrlString {
1826
1827
  }
1827
1828
  }
1828
1829
 
1829
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1830
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
1830
1831
 
1831
1832
  /*
1832
1833
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1992,7 +1993,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
1992
1993
  return null;
1993
1994
  }
1994
1995
 
1995
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1996
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
1996
1997
  /*
1997
1998
  * Copyright (c) Microsoft Corporation. All rights reserved.
1998
1999
  * Licensed under the MIT License.
@@ -2000,7 +2001,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2000
2001
  const cacheQuotaExceeded = "cache_quota_exceeded";
2001
2002
  const cacheErrorUnknown = "cache_error_unknown";
2002
2003
 
2003
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2004
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
2004
2005
 
2005
2006
  /*
2006
2007
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2038,7 +2039,7 @@ function createCacheError(e) {
2038
2039
  }
2039
2040
  }
2040
2041
 
2041
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2042
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
2042
2043
 
2043
2044
  /*
2044
2045
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2076,7 +2077,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
2076
2077
  };
2077
2078
  }
2078
2079
 
2079
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2080
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
2080
2081
  /*
2081
2082
  * Copyright (c) Microsoft Corporation. All rights reserved.
2082
2083
  * Licensed under the MIT License.
@@ -2091,7 +2092,7 @@ const AuthorityType = {
2091
2092
  Ciam: 3,
2092
2093
  };
2093
2094
 
2094
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2095
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
2095
2096
  /*
2096
2097
  * Copyright (c) Microsoft Corporation. All rights reserved.
2097
2098
  * Licensed under the MIT License.
@@ -2113,7 +2114,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
2113
2114
  return null;
2114
2115
  }
2115
2116
 
2116
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2117
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
2117
2118
  /*
2118
2119
  * Copyright (c) Microsoft Corporation. All rights reserved.
2119
2120
  * Licensed under the MIT License.
@@ -2137,7 +2138,7 @@ const ProtocolMode = {
2137
2138
  EAR: "EAR",
2138
2139
  };
2139
2140
 
2140
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2141
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
2141
2142
  /**
2142
2143
  * Returns the AccountInfo interface for this account.
2143
2144
  */
@@ -2312,7 +2313,7 @@ function isAccountEntity(entity) {
2312
2313
  entity.hasOwnProperty("authorityType"));
2313
2314
  }
2314
2315
 
2315
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2316
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
2316
2317
 
2317
2318
  /*
2318
2319
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3443,7 +3444,7 @@ class DefaultStorageClass extends CacheManager {
3443
3444
  }
3444
3445
  }
3445
3446
 
3446
- /*! @azure/msal-common v16.6.1 2026-05-11 */
3447
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
3447
3448
  /*
3448
3449
  * Copyright (c) Microsoft Corporation. All rights reserved.
3449
3450
  * Licensed under the MIT License.
@@ -3457,7 +3458,7 @@ class DefaultStorageClass extends CacheManager {
3457
3458
  const PerformanceEventStatus = {
3458
3459
  InProgress: 1};
3459
3460
 
3460
- /*! @azure/msal-common v16.6.1 2026-05-11 */
3461
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
3461
3462
 
3462
3463
  /*
3463
3464
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3512,7 +3513,7 @@ class StubPerformanceClient {
3512
3513
  }
3513
3514
  }
3514
3515
 
3515
- /*! @azure/msal-common v16.6.1 2026-05-11 */
3516
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
3516
3517
 
3517
3518
  /*
3518
3519
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3607,7 +3608,7 @@ function isOidcProtocolMode(config) {
3607
3608
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3608
3609
  }
3609
3610
 
3610
- /*! @azure/msal-common v16.6.1 2026-05-11 */
3611
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
3611
3612
  /*
3612
3613
  * Copyright (c) Microsoft Corporation. All rights reserved.
3613
3614
  * Licensed under the MIT License.
@@ -3634,7 +3635,7 @@ function isOidcProtocolMode(config) {
3634
3635
  }
3635
3636
  }
3636
3637
 
3637
- /*! @azure/msal-common v16.6.1 2026-05-11 */
3638
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
3638
3639
  /*
3639
3640
  * Copyright (c) Microsoft Corporation. All rights reserved.
3640
3641
  * Licensed under the MIT License.
@@ -3699,7 +3700,7 @@ function wasClockTurnedBack(cachedAt) {
3699
3700
  return cachedAtSec > nowSeconds();
3700
3701
  }
3701
3702
 
3702
- /*! @azure/msal-common v16.6.1 2026-05-11 */
3703
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
3703
3704
 
3704
3705
  /*
3705
3706
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3958,7 +3959,7 @@ function isAuthorityMetadataExpired(metadata) {
3958
3959
  return metadata.expiresAt <= nowSeconds();
3959
3960
  }
3960
3961
 
3961
- /*! @azure/msal-common v16.6.1 2026-05-11 */
3962
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
3962
3963
  /*
3963
3964
  * Copyright (c) Microsoft Corporation. All rights reserved.
3964
3965
  * Licensed under the MIT License.
@@ -4029,7 +4030,7 @@ const RegionDiscoveryGetCurrentVersion = "regionDiscoveryGetCurrentVersion";
4029
4030
  const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
4030
4031
  const SetUserData = "setUserData";
4031
4032
 
4032
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4033
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
4033
4034
  /*
4034
4035
  * Copyright (c) Microsoft Corporation. All rights reserved.
4035
4036
  * Licensed under the MIT License.
@@ -4122,7 +4123,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
4122
4123
  };
4123
4124
  };
4124
4125
 
4125
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4126
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
4126
4127
 
4127
4128
  /*
4128
4129
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4202,7 +4203,7 @@ class PopTokenGenerator {
4202
4203
  }
4203
4204
  }
4204
4205
 
4205
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4206
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
4206
4207
  /*
4207
4208
  * Copyright (c) Microsoft Corporation. All rights reserved.
4208
4209
  * Licensed under the MIT License.
@@ -4253,7 +4254,7 @@ const badToken = "bad_token";
4253
4254
  */
4254
4255
  const interruptedUser = "interrupted_user";
4255
4256
 
4256
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4257
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
4257
4258
 
4258
4259
  /*
4259
4260
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4321,7 +4322,7 @@ function createInteractionRequiredAuthError(errorCode, errorMessage) {
4321
4322
  return new InteractionRequiredAuthError(errorCode, errorMessage);
4322
4323
  }
4323
4324
 
4324
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4325
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
4325
4326
 
4326
4327
  /*
4327
4328
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4340,7 +4341,7 @@ class ServerError extends AuthError {
4340
4341
  }
4341
4342
  }
4342
4343
 
4343
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4344
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
4344
4345
 
4345
4346
  /*
4346
4347
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4408,7 +4409,7 @@ function parseRequestState(base64Decode, state) {
4408
4409
  }
4409
4410
  }
4410
4411
 
4411
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4412
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
4412
4413
 
4413
4414
  /*
4414
4415
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4756,7 +4757,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
4756
4757
  return baseAccount;
4757
4758
  }
4758
4759
 
4759
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4760
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
4760
4761
  /*
4761
4762
  * Copyright (c) Microsoft Corporation. All rights reserved.
4762
4763
  * Licensed under the MIT License.
@@ -4766,7 +4767,7 @@ const CcsCredentialType = {
4766
4767
  UPN: "UPN",
4767
4768
  };
4768
4769
 
4769
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4770
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
4770
4771
  /*
4771
4772
  * Copyright (c) Microsoft Corporation. All rights reserved.
4772
4773
  * Licensed under the MIT License.
@@ -4784,7 +4785,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
4784
4785
  }
4785
4786
  }
4786
4787
 
4787
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4788
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
4788
4789
  /*
4789
4790
  * Copyright (c) Microsoft Corporation. All rights reserved.
4790
4791
  * Licensed under the MIT License.
@@ -4805,7 +4806,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
4805
4806
  };
4806
4807
  }
4807
4808
 
4808
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4809
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
4809
4810
 
4810
4811
  /*
4811
4812
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4891,7 +4892,7 @@ class ThrottlingUtils {
4891
4892
  }
4892
4893
  }
4893
4894
 
4894
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4895
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
4895
4896
 
4896
4897
  /*
4897
4898
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4922,7 +4923,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
4922
4923
  return new NetworkError(error, httpStatus, responseHeaders);
4923
4924
  }
4924
4925
 
4925
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4926
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
4926
4927
 
4927
4928
  /*
4928
4929
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5036,7 +5037,7 @@ async function sendPostRequest(thumbprint, tokenEndpoint, options, correlationId
5036
5037
  return response;
5037
5038
  }
5038
5039
 
5039
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5040
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
5040
5041
  /*
5041
5042
  * Copyright (c) Microsoft Corporation. All rights reserved.
5042
5043
  * Licensed under the MIT License.
@@ -5048,7 +5049,7 @@ function isOpenIdConfigResponse(response) {
5048
5049
  response.hasOwnProperty("jwks_uri"));
5049
5050
  }
5050
5051
 
5051
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5052
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
5052
5053
  /*
5053
5054
  * Copyright (c) Microsoft Corporation. All rights reserved.
5054
5055
  * Licensed under the MIT License.
@@ -5058,7 +5059,7 @@ function isCloudInstanceDiscoveryResponse(response) {
5058
5059
  response.hasOwnProperty("metadata"));
5059
5060
  }
5060
5061
 
5061
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5062
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
5062
5063
  /*
5063
5064
  * Copyright (c) Microsoft Corporation. All rights reserved.
5064
5065
  * Licensed under the MIT License.
@@ -5068,7 +5069,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
5068
5069
  response.hasOwnProperty("error_description"));
5069
5070
  }
5070
5071
 
5071
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5072
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
5072
5073
 
5073
5074
  /*
5074
5075
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5173,7 +5174,7 @@ RegionDiscovery.IMDS_OPTIONS = {
5173
5174
  },
5174
5175
  };
5175
5176
 
5176
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5177
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
5177
5178
 
5178
5179
  /*
5179
5180
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6128,7 +6129,7 @@ function buildStaticAuthorityOptions(authOptions) {
6128
6129
  };
6129
6130
  }
6130
6131
 
6131
- /*! @azure/msal-common v16.6.1 2026-05-11 */
6132
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
6132
6133
 
6133
6134
  /*
6134
6135
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6162,7 +6163,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
6162
6163
  }
6163
6164
  }
6164
6165
 
6165
- /*! @azure/msal-common v16.6.1 2026-05-11 */
6166
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
6166
6167
 
6167
6168
  /*
6168
6169
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6419,7 +6420,7 @@ class AuthorizationCodeClient {
6419
6420
  }
6420
6421
  }
6421
6422
 
6422
- /*! @azure/msal-common v16.6.1 2026-05-11 */
6423
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
6423
6424
 
6424
6425
  /*
6425
6426
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6640,7 +6641,7 @@ class RefreshTokenClient {
6640
6641
  }
6641
6642
  }
6642
6643
 
6643
- /*! @azure/msal-common v16.6.1 2026-05-11 */
6644
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
6644
6645
 
6645
6646
  /*
6646
6647
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6756,7 +6757,7 @@ class SilentFlowClient {
6756
6757
  }
6757
6758
  }
6758
6759
 
6759
- /*! @azure/msal-common v16.6.1 2026-05-11 */
6760
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
6760
6761
 
6761
6762
  /*
6762
6763
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6771,7 +6772,7 @@ const StubbedNetworkModule = {
6771
6772
  },
6772
6773
  };
6773
6774
 
6774
- /*! @azure/msal-common v16.6.1 2026-05-11 */
6775
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
6775
6776
 
6776
6777
  /*
6777
6778
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6994,7 +6995,7 @@ function extractLoginHint(account) {
6994
6995
  return account.loginHint || account.idTokenClaims?.login_hint || null;
6995
6996
  }
6996
6997
 
6997
- /*! @azure/msal-common v16.6.1 2026-05-11 */
6998
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
6998
6999
 
6999
7000
  /*
7000
7001
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7027,7 +7028,7 @@ function containsResourceParam(params) {
7027
7028
  return Object.prototype.hasOwnProperty.call(params, "resource");
7028
7029
  }
7029
7030
 
7030
- /*! @azure/msal-common v16.6.1 2026-05-11 */
7031
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
7031
7032
  /*
7032
7033
  * Copyright (c) Microsoft Corporation. All rights reserved.
7033
7034
  * Licensed under the MIT License.
@@ -7037,7 +7038,7 @@ function containsResourceParam(params) {
7037
7038
  */
7038
7039
  const unexpectedError = "unexpected_error";
7039
7040
 
7040
- /*! @azure/msal-common v16.6.1 2026-05-11 */
7041
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
7041
7042
 
7042
7043
  /*
7043
7044
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7298,7 +7299,7 @@ class ServerTelemetryManager {
7298
7299
  }
7299
7300
  }
7300
7301
 
7301
- /*! @azure/msal-common v16.6.1 2026-05-11 */
7302
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
7302
7303
 
7303
7304
  /*
7304
7305
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7319,7 +7320,7 @@ function createJoseHeaderError(code) {
7319
7320
  return new JoseHeaderError(code);
7320
7321
  }
7321
7322
 
7322
- /*! @azure/msal-common v16.6.1 2026-05-11 */
7323
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
7323
7324
  /*
7324
7325
  * Copyright (c) Microsoft Corporation. All rights reserved.
7325
7326
  * Licensed under the MIT License.
@@ -7327,7 +7328,7 @@ function createJoseHeaderError(code) {
7327
7328
  const missingKidError = "missing_kid_error";
7328
7329
  const missingAlgError = "missing_alg_error";
7329
7330
 
7330
- /*! @azure/msal-common v16.6.1 2026-05-11 */
7331
+ /*! @azure/msal-common v16.6.2 2026-05-19 */
7331
7332
 
7332
7333
  /*
7333
7334
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7762,7 +7763,7 @@ function ensureArgumentIsJSONString(argName, argValue, correlationId) {
7762
7763
 
7763
7764
  /* eslint-disable header/header */
7764
7765
  const name = "@azure/msal-browser";
7765
- const version = "5.10.1";
7766
+ const version = "5.11.0";
7766
7767
 
7767
7768
  /*
7768
7769
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7791,6 +7792,15 @@ const HttpHeaderKeys = {
7791
7792
  CONTENT_TYPE: "Content-Type",
7792
7793
  X_MS_REQUEST_ID: "x-ms-request-id",
7793
7794
  };
7795
+ const CustomHeaderConstants = {
7796
+ REQUIRED_PREFIX: "x-",
7797
+ RESERVED_PREFIXES: [
7798
+ "x-client-",
7799
+ "x-ms-",
7800
+ "x-broker-",
7801
+ "x-app-",
7802
+ ],
7803
+ };
7794
7804
  const DefaultPackageInfo = {
7795
7805
  SKU: "msal.browser",
7796
7806
  VERSION: version,
@@ -9614,12 +9624,13 @@ class StandardInteractionClient extends BaseInteractionClient {
9614
9624
  * and logoutHint attribute wasn't manually set in logout request
9615
9625
  */
9616
9626
  if (logoutRequest) {
9617
- // If logoutHint isn't set and an account was passed in, try to extract logoutHint from ID Token Claims
9627
+ // If logoutHint isn't set and an account was passed in, try to extract logoutHint from account loginHint or ID Token Claims
9618
9628
  if (!logoutRequest.logoutHint) {
9619
9629
  if (logoutRequest.account) {
9620
- const logoutHint = this.getLogoutHintFromIdTokenClaims(logoutRequest.account);
9630
+ const logoutHint = logoutRequest.account.loginHint ||
9631
+ this.getLogoutHintFromIdTokenClaims(logoutRequest.account);
9621
9632
  if (logoutHint) {
9622
- this.logger.verbose("0st5di", this.correlationId);
9633
+ this.logger.verbose("0d7s8p", this.correlationId);
9623
9634
  validLogoutRequest.logoutHint = logoutHint;
9624
9635
  }
9625
9636
  }
@@ -9672,6 +9683,7 @@ class StandardInteractionClient extends BaseInteractionClient {
9672
9683
  const idTokenClaims = account.idTokenClaims;
9673
9684
  if (idTokenClaims) {
9674
9685
  if (idTokenClaims.login_hint) {
9686
+ this.logger.verbose("0u5bmc", this.correlationId);
9675
9687
  return idTokenClaims.login_hint;
9676
9688
  }
9677
9689
  else {
@@ -10963,15 +10975,67 @@ class CustomAuthInterationClientFactory {
10963
10975
  }
10964
10976
  }
10965
10977
 
10978
+ /*
10979
+ * Copyright (c) Microsoft Corporation. All rights reserved.
10980
+ * Licensed under the MIT License.
10981
+ */
10982
+ /**
10983
+ * Filters the headers returned by a {@link CustomAuthRequestInterceptor},
10984
+ * keeping only those that conform to the custom-auth header naming rules.
10985
+ *
10986
+ * Rules (mirrors the iOS / Android native auth implementations):
10987
+ * - Header names must start with `x-` (case-insensitive); others are dropped.
10988
+ * - Header names that start with any reserved prefix (`x-client-`, `x-ms-`,
10989
+ * `x-broker-`, `x-app-`) are dropped.
10990
+ * - Headers with empty/whitespace-only names or null/undefined values are dropped.
10991
+ *
10992
+ * Dropped headers are logged as warnings (PII-safe) when a logger is provided.
10993
+ *
10994
+ * @param headers - Raw headers returned by the interceptor.
10995
+ * @param logger - Optional logger used to emit warnings for dropped headers.
10996
+ * @param correlationId - Optional correlation id forwarded to the logger.
10997
+ * @returns A new record containing only the headers that pass the filter,
10998
+ * preserving the original casing of header names.
10999
+ */
11000
+ function filterCustomHeaders(headers, logger, correlationId) {
11001
+ const filtered = {};
11002
+ if (!headers) {
11003
+ return filtered;
11004
+ }
11005
+ for (const [name, value] of Object.entries(headers)) {
11006
+ if (!name || value === undefined || value === null) {
11007
+ continue;
11008
+ }
11009
+ const trimmedName = name.trim();
11010
+ if (!trimmedName) {
11011
+ continue;
11012
+ }
11013
+ const lowerName = trimmedName.toLowerCase();
11014
+ if (!lowerName.startsWith(CustomHeaderConstants.REQUIRED_PREFIX)) {
11015
+ logger?.warningPii("0vzpop", correlationId ?? "");
11016
+ continue;
11017
+ }
11018
+ const reservedPrefix = CustomHeaderConstants.RESERVED_PREFIXES.find((prefix) => lowerName.startsWith(prefix));
11019
+ if (reservedPrefix) {
11020
+ logger?.warningPii("1m3lhk", correlationId ?? "");
11021
+ continue;
11022
+ }
11023
+ filtered[trimmedName] = value;
11024
+ }
11025
+ return filtered;
11026
+ }
11027
+
10966
11028
  /*
10967
11029
  * Copyright (c) Microsoft Corporation. All rights reserved.
10968
11030
  * Licensed under the MIT License.
10969
11031
  */
10970
11032
  class BaseApiClient {
10971
- constructor(baseUrl, clientId, httpClient, customAuthApiQueryParams) {
11033
+ constructor(baseUrl, clientId, httpClient, customAuthApiQueryParams, requestInterceptor, logger) {
10972
11034
  this.clientId = clientId;
10973
11035
  this.httpClient = httpClient;
10974
11036
  this.customAuthApiQueryParams = customAuthApiQueryParams;
11037
+ this.requestInterceptor = requestInterceptor;
11038
+ this.logger = logger;
10975
11039
  this.baseRequestUrl = parseUrl(!baseUrl.endsWith("/") ? `${baseUrl}/` : baseUrl);
10976
11040
  }
10977
11041
  async request(endpoint, data, telemetryManager, correlationId) {
@@ -10979,8 +11043,10 @@ class BaseApiClient {
10979
11043
  client_id: this.clientId,
10980
11044
  ...data,
10981
11045
  });
10982
- const headers = this.getCommonHeaders(correlationId, telemetryManager);
11046
+ const commonHeaders = this.getCommonHeaders(correlationId, telemetryManager);
10983
11047
  const url = buildUrl(this.baseRequestUrl.href, endpoint, this.customAuthApiQueryParams);
11048
+ const additionalHeaders = await this.getAdditionalHeaders(url, correlationId);
11049
+ const headers = { ...commonHeaders, ...additionalHeaders };
10984
11050
  let response;
10985
11051
  try {
10986
11052
  response = await this.httpClient.post(url, formData, headers);
@@ -11038,6 +11104,19 @@ class BaseApiClient {
11038
11104
  : responseError.invalid_attributes ?? [];
11039
11105
  throw new CustomAuthApiError(responseError.error, responseError.error_description, responseError.correlation_id, responseError.error_codes, responseError.suberror, attributes, responseError.continuation_token, responseError.trace_id, responseError.timestamp);
11040
11106
  }
11107
+ async getAdditionalHeaders(url, correlationId) {
11108
+ if (!this.requestInterceptor) {
11109
+ return {};
11110
+ }
11111
+ try {
11112
+ const result = await Promise.resolve(this.requestInterceptor.addAdditionalHeaderFields(url));
11113
+ return filterCustomHeaders(result, this.logger, correlationId);
11114
+ }
11115
+ catch (e) {
11116
+ this.logger?.warningPii("1ptwx4", correlationId);
11117
+ return {};
11118
+ }
11119
+ }
11041
11120
  }
11042
11121
 
11043
11122
  /*
@@ -11045,8 +11124,8 @@ class BaseApiClient {
11045
11124
  * Licensed under the MIT License.
11046
11125
  */
11047
11126
  class ResetPasswordApiClient extends BaseApiClient {
11048
- constructor(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams) {
11049
- super(customAuthApiBaseUrl, clientId, httpClient, customAuthApiQueryParams);
11127
+ constructor(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams, requestInterceptor, logger) {
11128
+ super(customAuthApiBaseUrl, clientId, httpClient, customAuthApiQueryParams, requestInterceptor, logger);
11050
11129
  this.capabilities = capabilities;
11051
11130
  }
11052
11131
  /**
@@ -11129,8 +11208,8 @@ class ResetPasswordApiClient extends BaseApiClient {
11129
11208
  * Licensed under the MIT License.
11130
11209
  */
11131
11210
  class SignupApiClient extends BaseApiClient {
11132
- constructor(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams) {
11133
- super(customAuthApiBaseUrl, clientId, httpClient, customAuthApiQueryParams);
11211
+ constructor(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams, requestInterceptor, logger) {
11212
+ super(customAuthApiBaseUrl, clientId, httpClient, customAuthApiQueryParams, requestInterceptor, logger);
11134
11213
  this.capabilities = capabilities;
11135
11214
  }
11136
11215
  /**
@@ -11199,8 +11278,8 @@ class SignupApiClient extends BaseApiClient {
11199
11278
  * Licensed under the MIT License.
11200
11279
  */
11201
11280
  class SignInApiClient extends BaseApiClient {
11202
- constructor(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams) {
11203
- super(customAuthApiBaseUrl, clientId, httpClient, customAuthApiQueryParams);
11281
+ constructor(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams, requestInterceptor, logger) {
11282
+ super(customAuthApiBaseUrl, clientId, httpClient, customAuthApiQueryParams, requestInterceptor, logger);
11204
11283
  this.capabilities = capabilities;
11205
11284
  }
11206
11285
  /**
@@ -11367,11 +11446,11 @@ class RegisterApiClient extends BaseApiClient {
11367
11446
  * Licensed under the MIT License.
11368
11447
  */
11369
11448
  class CustomAuthApiClient {
11370
- constructor(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams) {
11371
- this.signInApi = new SignInApiClient(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams);
11372
- this.signUpApi = new SignupApiClient(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams);
11373
- this.resetPasswordApi = new ResetPasswordApiClient(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams);
11374
- this.registerApi = new RegisterApiClient(customAuthApiBaseUrl, clientId, httpClient, customAuthApiQueryParams);
11449
+ constructor(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams, requestInterceptor, logger) {
11450
+ this.signInApi = new SignInApiClient(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams, requestInterceptor, logger);
11451
+ this.signUpApi = new SignupApiClient(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams, requestInterceptor, logger);
11452
+ this.resetPasswordApi = new ResetPasswordApiClient(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams, requestInterceptor, logger);
11453
+ this.registerApi = new RegisterApiClient(customAuthApiBaseUrl, clientId, httpClient, customAuthApiQueryParams, requestInterceptor, logger);
11375
11454
  }
11376
11455
  }
11377
11456
 
@@ -14382,7 +14461,6 @@ const CREDENTIAL_SCHEMA_VERSION = 3;
14382
14461
  const ACCOUNT_SCHEMA_VERSION = 3;
14383
14462
  const LOG_LEVEL_CACHE_KEY = `${PREFIX}.${BROWSER_PREFIX}.log.level`;
14384
14463
  const LOG_PII_CACHE_KEY = `${PREFIX}.${BROWSER_PREFIX}.log.pii`;
14385
- const PLATFORM_AUTH_DOM_SUPPORT = `${PREFIX}.${BROWSER_PREFIX}.platform.auth.dom`;
14386
14464
  const VERSION_CACHE_KEY = `${PREFIX}.version`;
14387
14465
  const ACCOUNT_KEYS = "account.keys";
14388
14466
  const TOKEN_KEYS = "token.keys";
@@ -17916,6 +17994,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
17916
17994
  };
17917
17995
  const DEFAULT_EXPERIMENTAL_OPTIONS = {
17918
17996
  iframeTimeoutTelemetry: false,
17997
+ allowPlatformBrokerWithDOM: false,
17919
17998
  };
17920
17999
  // Throw an error if user has set OIDCOptions without being in OIDC protocol mode
17921
18000
  if (userInputSystem?.protocolMode !== ProtocolMode.OIDC &&
@@ -18360,9 +18439,8 @@ class PlatformAuthDOMHandler {
18360
18439
  * Copyright (c) Microsoft Corporation. All rights reserved.
18361
18440
  * Licensed under the MIT License.
18362
18441
  */
18363
- async function getPlatformAuthProvider(logger, performanceClient, correlationId, nativeBrokerHandshakeTimeout) {
18442
+ async function getPlatformAuthProvider(logger, performanceClient, correlationId, nativeBrokerHandshakeTimeout, enablePlatformBrokerDOMSupport) {
18364
18443
  logger.trace("134j0v", correlationId);
18365
- const enablePlatformBrokerDOMSupport = isDomEnabledForPlatformAuth();
18366
18444
  logger.trace("04c81g", correlationId);
18367
18445
  let platformAuthProvider;
18368
18446
  try {
@@ -18386,22 +18464,6 @@ async function getPlatformAuthProvider(logger, performanceClient, correlationId,
18386
18464
  }
18387
18465
  return platformAuthProvider;
18388
18466
  }
18389
- /**
18390
- * Returns true if the DOM API support for platform auth is enabled in session storage
18391
- * @returns boolean
18392
- * @deprecated
18393
- */
18394
- function isDomEnabledForPlatformAuth() {
18395
- let sessionStorage;
18396
- try {
18397
- sessionStorage = window[BrowserCacheLocation.SessionStorage];
18398
- // Mute errors if it's a non-browser environment or cookies are blocked.
18399
- return sessionStorage?.getItem(PLATFORM_AUTH_DOM_SUPPORT) === "true";
18400
- }
18401
- catch (e) {
18402
- return false;
18403
- }
18404
- }
18405
18467
  /**
18406
18468
  * Returns boolean indicating whether or not the request should attempt to use platform broker
18407
18469
  * @param logger
@@ -18412,6 +18474,11 @@ function isDomEnabledForPlatformAuth() {
18412
18474
  */
18413
18475
  function isPlatformAuthAllowed(config, logger, correlationId, platformAuthProvider, authenticationScheme) {
18414
18476
  logger.trace("0uko3r", correlationId);
18477
+ // throw an error if allowPlatformBroker is not enabled and allowPlatformBrokerWithDOM is enabled
18478
+ if (!config.system.allowPlatformBroker &&
18479
+ config.experimental.allowPlatformBrokerWithDOM) {
18480
+ throw createClientConfigurationError(invalidPlatformBrokerConfiguration);
18481
+ }
18415
18482
  if (!config.system.allowPlatformBroker) {
18416
18483
  logger.trace("04hozs", correlationId);
18417
18484
  // Developer disabled WAM
@@ -19859,7 +19926,7 @@ class StandardController {
19859
19926
  if (allowPlatformBroker) {
19860
19927
  try {
19861
19928
  // check if platform authentication is available via DOM or browser extension and create relevant handlers
19862
- this.platformAuthProvider = await getPlatformAuthProvider(this.logger, this.performanceClient, correlationId, this.config.system.nativeBrokerHandshakeTimeout);
19929
+ this.platformAuthProvider = await getPlatformAuthProvider(this.logger, this.performanceClient, correlationId, this.config.system.nativeBrokerHandshakeTimeout, this.config.experimental.allowPlatformBrokerWithDOM);
19863
19930
  }
19864
19931
  catch (e) {
19865
19932
  this.logger.verbose(e, correlationId);
@@ -21241,7 +21308,7 @@ class CustomAuthStandardController extends StandardController {
21241
21308
  this.customAuthConfig = operatingContext.getCustomAuthConfig();
21242
21309
  this.authority = new CustomAuthAuthority(this.customAuthConfig.auth.authority, this.customAuthConfig, this.networkClient, this.browserStorage, this.logger, this.performanceClient, this.customAuthConfig.customAuth?.authApiProxyUrl);
21243
21310
  const interactionClientFactory = new CustomAuthInterationClientFactory(this.customAuthConfig, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, this.performanceClient, customAuthApiClient ??
21244
- new CustomAuthApiClient(this.authority.getCustomAuthApiDomain(), this.customAuthConfig.auth.clientId, new FetchHttpClient(this.logger), this.customAuthConfig.customAuth?.capabilities?.join(" "), this.customAuthConfig.customAuth?.customAuthApiQueryParams), this.authority);
21311
+ new CustomAuthApiClient(this.authority.getCustomAuthApiDomain(), this.customAuthConfig.auth.clientId, new FetchHttpClient(this.logger), this.customAuthConfig.customAuth?.capabilities?.join(" "), this.customAuthConfig.customAuth?.customAuthApiQueryParams, this.customAuthConfig.customAuth?.requestInterceptor, this.logger), this.authority);
21245
21312
  this.signInClient = interactionClientFactory.create(SignInClient);
21246
21313
  this.signUpClient = interactionClientFactory.create(SignUpClient);
21247
21314
  this.resetPasswordClient =