@azure/msal-browser 5.10.1 → 5.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (294) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +44 -2
  3. package/dist/app/PublicClientApplication.mjs.map +1 -1
  4. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +3 -3
  5. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +18 -32
  8. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
  9. package/dist/cache/AccountManager.mjs +1 -1
  10. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  11. package/dist/cache/BrowserCacheManager.mjs +12 -1
  12. package/dist/cache/BrowserCacheManager.mjs.map +1 -1
  13. package/dist/cache/CacheHelpers.mjs +1 -1
  14. package/dist/cache/CacheKeys.mjs +2 -3
  15. package/dist/cache/CacheKeys.mjs.map +1 -1
  16. package/dist/cache/CookieStorage.mjs +1 -1
  17. package/dist/cache/DatabaseStorage.mjs +1 -1
  18. package/dist/cache/EncryptedData.mjs +1 -1
  19. package/dist/cache/LocalStorage.mjs +1 -1
  20. package/dist/cache/MemoryStorage.mjs +1 -1
  21. package/dist/cache/SessionStorage.mjs +1 -1
  22. package/dist/cache/TokenCache.mjs +1 -1
  23. package/dist/config/Configuration.mjs +3 -2
  24. package/dist/config/Configuration.mjs.map +1 -1
  25. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  26. package/dist/controllers/StandardController.mjs +4 -4
  27. package/dist/controllers/StandardController.mjs.map +1 -1
  28. package/dist/crypto/BrowserCrypto.mjs +1 -1
  29. package/dist/crypto/CryptoOps.mjs +1 -1
  30. package/dist/crypto/PkceGenerator.mjs +1 -1
  31. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  32. package/dist/custom_auth/CustomAuthConstants.mjs +11 -2
  33. package/dist/custom_auth/CustomAuthConstants.mjs.map +1 -1
  34. package/dist/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  35. package/dist/custom_auth/controller/CustomAuthStandardController.mjs +2 -2
  36. package/dist/custom_auth/controller/CustomAuthStandardController.mjs.map +1 -1
  37. package/dist/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  38. package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  39. package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  40. package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  41. package/dist/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  42. package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  43. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  44. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  45. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  46. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  47. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  48. package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  49. package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  50. package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  51. package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  52. package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  53. package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  54. package/dist/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  55. package/dist/custom_auth/core/error/CustomAuthError.mjs +1 -1
  56. package/dist/custom_auth/core/error/HttpError.mjs +1 -1
  57. package/dist/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  58. package/dist/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  59. package/dist/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  60. package/dist/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  61. package/dist/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  62. package/dist/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  63. package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  64. package/dist/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  65. package/dist/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  66. package/dist/custom_auth/core/error/UnexpectedError.mjs +1 -1
  67. package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  68. package/dist/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  69. package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  70. package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  71. package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  72. package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  73. package/dist/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  74. package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  75. package/dist/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  76. package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +21 -3
  77. package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs.map +1 -1
  78. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +6 -6
  79. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs.map +1 -1
  80. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  81. package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  82. package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +3 -3
  83. package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs.map +1 -1
  84. package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +3 -3
  85. package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs.map +1 -1
  86. package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +3 -3
  87. package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs.map +1 -1
  88. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  89. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  90. package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  91. package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  92. package/dist/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  93. package/dist/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  94. package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs +56 -0
  95. package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs.map +1 -0
  96. package/dist/custom_auth/core/utils/UrlUtils.mjs +1 -1
  97. package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  98. package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  99. package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  100. package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  101. package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  102. package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  103. package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  104. package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  105. package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  106. package/dist/custom_auth/index.mjs +1 -1
  107. package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  108. package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  109. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  110. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  111. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  112. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  113. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  114. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  115. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  116. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  117. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  118. package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  119. package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  120. package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  121. package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  122. package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  123. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  124. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  125. package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  126. package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  127. package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  128. package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  129. package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  130. package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  131. package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  132. package/dist/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  133. package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  134. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  135. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  136. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  137. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  138. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  139. package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  140. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  141. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  142. package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  143. package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  144. package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  145. package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  146. package/dist/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  147. package/dist/encode/Base64Decode.mjs +1 -1
  148. package/dist/encode/Base64Encode.mjs +1 -1
  149. package/dist/error/BrowserAuthError.mjs +1 -1
  150. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  151. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  152. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  153. package/dist/error/NativeAuthError.mjs +4 -4
  154. package/dist/error/NativeAuthError.mjs.map +1 -1
  155. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  156. package/dist/error/NestedAppAuthError.mjs +1 -1
  157. package/dist/event/EventHandler.mjs +1 -1
  158. package/dist/event/EventMessage.mjs +1 -1
  159. package/dist/event/EventType.mjs +1 -1
  160. package/dist/index.mjs +1 -1
  161. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  162. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  163. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +4 -3
  164. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  165. package/dist/interaction_client/PopupClient.mjs +27 -7
  166. package/dist/interaction_client/PopupClient.mjs.map +1 -1
  167. package/dist/interaction_client/RedirectClient.mjs +6 -1
  168. package/dist/interaction_client/RedirectClient.mjs.map +1 -1
  169. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  170. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  171. package/dist/interaction_client/SilentIframeClient.mjs +11 -4
  172. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  173. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  174. package/dist/interaction_client/StandardInteractionClient.mjs +6 -4
  175. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  176. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  177. package/dist/interaction_handler/SilentHandler.mjs +2 -1
  178. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  179. package/dist/log-strings-mapping.json +1203 -1187
  180. package/dist/naa/BridgeError.mjs +1 -1
  181. package/dist/naa/BridgeProxy.mjs +1 -1
  182. package/dist/naa/BridgeStatusCode.mjs +1 -1
  183. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  184. package/dist/navigation/NavigationClient.mjs +1 -1
  185. package/dist/network/FetchClient.mjs +1 -1
  186. package/dist/operatingcontext/BaseOperatingContext.mjs +10 -2
  187. package/dist/operatingcontext/BaseOperatingContext.mjs.map +1 -1
  188. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  189. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  190. package/dist/packageMetadata.mjs +2 -2
  191. package/dist/protocol/Authorize.mjs +1 -1
  192. package/dist/redirect_bridge/index.mjs +4 -5
  193. package/dist/redirect_bridge/index.mjs.map +1 -1
  194. package/dist/request/RequestHelpers.mjs +1 -1
  195. package/dist/response/ResponseHandler.mjs +1 -1
  196. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  197. package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
  198. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  199. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  200. package/dist/utils/BrowserConstants.mjs +1 -1
  201. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  202. package/dist/utils/BrowserUtils.mjs +15 -5
  203. package/dist/utils/BrowserUtils.mjs.map +1 -1
  204. package/dist/utils/Helpers.mjs +1 -1
  205. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  206. package/lib/custom-auth-path/log-strings-mapping.json +33 -17
  207. package/lib/custom-auth-path/msal-custom-auth.cjs +342 -169
  208. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  209. package/lib/custom-auth-path/msal-custom-auth.js +342 -169
  210. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  211. package/lib/log-strings-mapping.json +13 -9
  212. package/lib/msal-browser.cjs +275 -167
  213. package/lib/msal-browser.cjs.map +1 -1
  214. package/lib/msal-browser.js +275 -167
  215. package/lib/msal-browser.js.map +1 -1
  216. package/lib/msal-browser.min.js +2 -2
  217. package/lib/redirect-bridge/msal-redirect-bridge.cjs +59 -50
  218. package/lib/redirect-bridge/msal-redirect-bridge.cjs.map +1 -1
  219. package/lib/redirect-bridge/msal-redirect-bridge.js +59 -50
  220. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
  221. package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
  222. package/package.json +2 -2
  223. package/src/app/PublicClientApplication.ts +85 -1
  224. package/src/broker/nativeBroker/NativeStatusCodes.ts +1 -1
  225. package/src/broker/nativeBroker/PlatformAuthProvider.ts +34 -30
  226. package/src/cache/BrowserCacheManager.ts +17 -0
  227. package/src/config/Configuration.ts +5 -0
  228. package/src/controllers/StandardController.ts +6 -3
  229. package/src/custom_auth/CustomAuthConstants.ts +10 -0
  230. package/src/custom_auth/configuration/CustomAuthConfiguration.ts +2 -0
  231. package/src/custom_auth/configuration/CustomAuthRequestInterceptor.ts +54 -0
  232. package/src/custom_auth/controller/CustomAuthStandardController.ts +3 -1
  233. package/src/custom_auth/core/network_client/custom_auth_api/BaseApiClient.ts +41 -2
  234. package/src/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.ts +17 -5
  235. package/src/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.ts +8 -2
  236. package/src/custom_auth/core/network_client/custom_auth_api/SignInApiClient.ts +8 -3
  237. package/src/custom_auth/core/network_client/custom_auth_api/SignupApiClient.ts +8 -2
  238. package/src/custom_auth/core/utils/CustomHeaderUtils.ts +75 -0
  239. package/src/custom_auth/index.ts +4 -0
  240. package/src/error/NativeAuthError.ts +2 -2
  241. package/src/interaction_client/PlatformAuthInteractionClient.ts +5 -1
  242. package/src/interaction_client/PopupClient.ts +65 -27
  243. package/src/interaction_client/RedirectClient.ts +5 -0
  244. package/src/interaction_client/SilentIframeClient.ts +49 -19
  245. package/src/interaction_client/StandardInteractionClient.ts +11 -5
  246. package/src/interaction_handler/SilentHandler.ts +1 -0
  247. package/src/operatingcontext/BaseOperatingContext.ts +15 -1
  248. package/src/packageMetadata.ts +1 -1
  249. package/src/redirect_bridge/index.ts +3 -7
  250. package/src/utils/BrowserUtils.ts +28 -7
  251. package/types/app/PublicClientApplication.d.ts +37 -1
  252. package/types/app/PublicClientApplication.d.ts.map +1 -1
  253. package/types/broker/nativeBroker/NativeStatusCodes.d.ts +1 -1
  254. package/types/broker/nativeBroker/PlatformAuthProvider.d.ts +7 -12
  255. package/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
  256. package/types/cache/BrowserCacheManager.d.ts.map +1 -1
  257. package/types/config/Configuration.d.ts +4 -0
  258. package/types/config/Configuration.d.ts.map +1 -1
  259. package/types/controllers/StandardController.d.ts.map +1 -1
  260. package/types/custom_auth/CustomAuthConstants.d.ts +5 -1
  261. package/types/custom_auth/CustomAuthConstants.d.ts.map +1 -1
  262. package/types/custom_auth/configuration/CustomAuthConfiguration.d.ts +2 -0
  263. package/types/custom_auth/configuration/CustomAuthConfiguration.d.ts.map +1 -1
  264. package/types/custom_auth/configuration/CustomAuthRequestInterceptor.d.ts +42 -0
  265. package/types/custom_auth/configuration/CustomAuthRequestInterceptor.d.ts.map +1 -0
  266. package/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
  267. package/types/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts +6 -2
  268. package/types/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts.map +1 -1
  269. package/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts +3 -1
  270. package/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts.map +1 -1
  271. package/types/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts +3 -1
  272. package/types/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts.map +1 -1
  273. package/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts +3 -1
  274. package/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts.map +1 -1
  275. package/types/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts +3 -1
  276. package/types/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts.map +1 -1
  277. package/types/custom_auth/core/utils/CustomHeaderUtils.d.ts +21 -0
  278. package/types/custom_auth/core/utils/CustomHeaderUtils.d.ts.map +1 -0
  279. package/types/custom_auth/index.d.ts +1 -0
  280. package/types/custom_auth/index.d.ts.map +1 -1
  281. package/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  282. package/types/interaction_client/PopupClient.d.ts +11 -1
  283. package/types/interaction_client/PopupClient.d.ts.map +1 -1
  284. package/types/interaction_client/RedirectClient.d.ts.map +1 -1
  285. package/types/interaction_client/SilentIframeClient.d.ts +20 -1
  286. package/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  287. package/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  288. package/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  289. package/types/operatingcontext/BaseOperatingContext.d.ts +8 -1
  290. package/types/operatingcontext/BaseOperatingContext.d.ts.map +1 -1
  291. package/types/packageMetadata.d.ts +1 -1
  292. package/types/redirect_bridge/index.d.ts.map +1 -1
  293. package/types/utils/BrowserUtils.d.ts +17 -2
  294. package/types/utils/BrowserUtils.d.ts.map +1 -1
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v5.10.1 2026-05-11 */
1
+ /*! @azure/msal-browser v5.12.0 2026-06-05 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -234,7 +234,7 @@ const JsonWebTokenTypes$1 = {
234
234
  // Token renewal offset default in seconds
235
235
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
236
236
 
237
- /*! @azure/msal-common v16.6.1 2026-05-11 */
237
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
238
238
  /*
239
239
  * Copyright (c) Microsoft Corporation. All rights reserved.
240
240
  * Licensed under the MIT License.
@@ -286,7 +286,7 @@ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
286
286
  const RESOURCE = "resource";
287
287
  const CLI_DATA = "clidata";
288
288
 
289
- /*! @azure/msal-common v16.6.1 2026-05-11 */
289
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
290
290
  /*
291
291
  * Copyright (c) Microsoft Corporation. All rights reserved.
292
292
  * Licensed under the MIT License.
@@ -317,7 +317,7 @@ function createAuthError(code, additionalMessage) {
317
317
  return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
318
318
  }
319
319
 
320
- /*! @azure/msal-common v16.6.1 2026-05-11 */
320
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
321
321
 
322
322
  /*
323
323
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -337,7 +337,7 @@ function createClientConfigurationError(errorCode) {
337
337
  return new ClientConfigurationError(errorCode);
338
338
  }
339
339
 
340
- /*! @azure/msal-common v16.6.1 2026-05-11 */
340
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
341
341
  /*
342
342
  * Copyright (c) Microsoft Corporation. All rights reserved.
343
343
  * Licensed under the MIT License.
@@ -417,7 +417,7 @@ class StringUtils {
417
417
  }
418
418
  }
419
419
 
420
- /*! @azure/msal-common v16.6.1 2026-05-11 */
420
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
421
421
 
422
422
  /*
423
423
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -440,7 +440,7 @@ function createClientAuthError(errorCode, additionalMessage) {
440
440
  return new ClientAuthError(errorCode, additionalMessage);
441
441
  }
442
442
 
443
- /*! @azure/msal-common v16.6.1 2026-05-11 */
443
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
444
444
  /*
445
445
  * Copyright (c) Microsoft Corporation. All rights reserved.
446
446
  * Licensed under the MIT License.
@@ -467,6 +467,7 @@ const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
467
467
  const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
468
468
  const authorityMismatch = "authority_mismatch";
469
469
  const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
470
+ const invalidPlatformBrokerConfiguration = "invalid_platform_broker_configuration";
470
471
  const issuerValidationFailed = "issuer_validation_failed";
471
472
 
472
473
  var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
@@ -482,6 +483,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
482
483
  invalidClaims: invalidClaims,
483
484
  invalidCloudDiscoveryMetadata: invalidCloudDiscoveryMetadata,
484
485
  invalidCodeChallengeMethod: invalidCodeChallengeMethod,
486
+ invalidPlatformBrokerConfiguration: invalidPlatformBrokerConfiguration,
485
487
  invalidRequestMethodForEAR: invalidRequestMethodForEAR,
486
488
  issuerValidationFailed: issuerValidationFailed,
487
489
  logoutRequestEmpty: logoutRequestEmpty,
@@ -496,7 +498,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
496
498
  urlParseError: urlParseError
497
499
  });
498
500
 
499
- /*! @azure/msal-common v16.6.1 2026-05-11 */
501
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
500
502
  /*
501
503
  * Copyright (c) Microsoft Corporation. All rights reserved.
502
504
  * Licensed under the MIT License.
@@ -584,7 +586,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
584
586
  userCanceled: userCanceled
585
587
  });
586
588
 
587
- /*! @azure/msal-common v16.6.1 2026-05-11 */
589
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
588
590
 
589
591
  /*
590
592
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -779,7 +781,7 @@ class ScopeSet {
779
781
  }
780
782
  }
781
783
 
782
- /*! @azure/msal-common v16.6.1 2026-05-11 */
784
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
783
785
 
784
786
  /*
785
787
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1168,7 +1170,7 @@ function addResource(parameters, resource) {
1168
1170
  }
1169
1171
  }
1170
1172
 
1171
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1173
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
1172
1174
 
1173
1175
  /*
1174
1176
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1277,7 +1279,7 @@ function normalizeUrlForComparison(url) {
1277
1279
  }
1278
1280
  }
1279
1281
 
1280
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1282
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
1281
1283
 
1282
1284
  /*
1283
1285
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1316,7 +1318,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
1316
1318
  },
1317
1319
  };
1318
1320
 
1319
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1321
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
1320
1322
  /*
1321
1323
  * Copyright (c) Microsoft Corporation. All rights reserved.
1322
1324
  * Licensed under the MIT License.
@@ -1591,12 +1593,12 @@ class Logger {
1591
1593
  }
1592
1594
  }
1593
1595
 
1594
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1596
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
1595
1597
  /* eslint-disable header/header */
1596
1598
  const name$1 = "@azure/msal-common";
1597
- const version$1 = "16.6.1";
1599
+ const version$1 = "16.7.0";
1598
1600
 
1599
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1601
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
1600
1602
  /*
1601
1603
  * Copyright (c) Microsoft Corporation. All rights reserved.
1602
1604
  * Licensed under the MIT License.
@@ -1616,7 +1618,7 @@ const AzureCloudInstance = {
1616
1618
  AzureUsGovernment: "https://login.microsoftonline.us",
1617
1619
  };
1618
1620
 
1619
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1621
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
1620
1622
  /*
1621
1623
  * Copyright (c) Microsoft Corporation. All rights reserved.
1622
1624
  * Licensed under the MIT License.
@@ -1699,7 +1701,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1699
1701
  return updatedAccountInfo;
1700
1702
  }
1701
1703
 
1702
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1704
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
1703
1705
 
1704
1706
  /*
1705
1707
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1779,7 +1781,7 @@ function checkMaxAge(authTime, maxAge) {
1779
1781
  }
1780
1782
  }
1781
1783
 
1782
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1784
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
1783
1785
 
1784
1786
  /*
1785
1787
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1936,7 +1938,7 @@ class UrlString {
1936
1938
  }
1937
1939
  }
1938
1940
 
1939
- /*! @azure/msal-common v16.6.1 2026-05-11 */
1941
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
1940
1942
 
1941
1943
  /*
1942
1944
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2102,7 +2104,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2102
2104
  return null;
2103
2105
  }
2104
2106
 
2105
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2107
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
2106
2108
  /*
2107
2109
  * Copyright (c) Microsoft Corporation. All rights reserved.
2108
2110
  * Licensed under the MIT License.
@@ -2110,7 +2112,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2110
2112
  const cacheQuotaExceeded = "cache_quota_exceeded";
2111
2113
  const cacheErrorUnknown = "cache_error_unknown";
2112
2114
 
2113
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2115
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
2114
2116
 
2115
2117
  /*
2116
2118
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2148,7 +2150,7 @@ function createCacheError(e) {
2148
2150
  }
2149
2151
  }
2150
2152
 
2151
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2153
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
2152
2154
 
2153
2155
  /*
2154
2156
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2186,7 +2188,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
2186
2188
  };
2187
2189
  }
2188
2190
 
2189
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2191
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
2190
2192
  /*
2191
2193
  * Copyright (c) Microsoft Corporation. All rights reserved.
2192
2194
  * Licensed under the MIT License.
@@ -2201,7 +2203,7 @@ const AuthorityType = {
2201
2203
  Ciam: 3,
2202
2204
  };
2203
2205
 
2204
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2206
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
2205
2207
  /*
2206
2208
  * Copyright (c) Microsoft Corporation. All rights reserved.
2207
2209
  * Licensed under the MIT License.
@@ -2223,7 +2225,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
2223
2225
  return null;
2224
2226
  }
2225
2227
 
2226
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2228
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
2227
2229
  /*
2228
2230
  * Copyright (c) Microsoft Corporation. All rights reserved.
2229
2231
  * Licensed under the MIT License.
@@ -2247,7 +2249,7 @@ const ProtocolMode = {
2247
2249
  EAR: "EAR",
2248
2250
  };
2249
2251
 
2250
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2252
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
2251
2253
  /**
2252
2254
  * Returns the AccountInfo interface for this account.
2253
2255
  */
@@ -2422,7 +2424,7 @@ function isAccountEntity(entity) {
2422
2424
  entity.hasOwnProperty("authorityType"));
2423
2425
  }
2424
2426
 
2425
- /*! @azure/msal-common v16.6.1 2026-05-11 */
2427
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
2426
2428
 
2427
2429
  /*
2428
2430
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2562,8 +2564,8 @@ class CacheManager {
2562
2564
  return false;
2563
2565
  }
2564
2566
  if (!!tenantProfileFilter.username &&
2565
- !(this.matchUsername(tenantProfile.username, tenantProfileFilter.username) ||
2566
- !this.matchUsername(tenantProfile.upn, tenantProfileFilter.username))) {
2567
+ !this.matchUsername(tenantProfile.username, tenantProfileFilter.username) &&
2568
+ !this.matchUsername(tenantProfile.upn, tenantProfileFilter.username)) {
2567
2569
  return false;
2568
2570
  }
2569
2571
  if (!!tenantProfileFilter.loginHint &&
@@ -3554,7 +3556,7 @@ class DefaultStorageClass extends CacheManager {
3554
3556
  }
3555
3557
  }
3556
3558
 
3557
- /*! @azure/msal-common v16.6.1 2026-05-11 */
3559
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
3558
3560
  /*
3559
3561
  * Copyright (c) Microsoft Corporation. All rights reserved.
3560
3562
  * Licensed under the MIT License.
@@ -3605,7 +3607,7 @@ const IntFields = new Set([
3605
3607
  "redirectBridgeMessageVersion",
3606
3608
  ]);
3607
3609
 
3608
- /*! @azure/msal-common v16.6.1 2026-05-11 */
3610
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
3609
3611
 
3610
3612
  /*
3611
3613
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3660,7 +3662,7 @@ class StubPerformanceClient {
3660
3662
  }
3661
3663
  }
3662
3664
 
3663
- /*! @azure/msal-common v16.6.1 2026-05-11 */
3665
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
3664
3666
 
3665
3667
  /*
3666
3668
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3755,7 +3757,7 @@ function isOidcProtocolMode(config) {
3755
3757
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3756
3758
  }
3757
3759
 
3758
- /*! @azure/msal-common v16.6.1 2026-05-11 */
3760
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
3759
3761
  /*
3760
3762
  * Copyright (c) Microsoft Corporation. All rights reserved.
3761
3763
  * Licensed under the MIT License.
@@ -3782,7 +3784,7 @@ function isOidcProtocolMode(config) {
3782
3784
  }
3783
3785
  }
3784
3786
 
3785
- /*! @azure/msal-common v16.6.1 2026-05-11 */
3787
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
3786
3788
  /*
3787
3789
  * Copyright (c) Microsoft Corporation. All rights reserved.
3788
3790
  * Licensed under the MIT License.
@@ -3847,7 +3849,7 @@ function wasClockTurnedBack(cachedAt) {
3847
3849
  return cachedAtSec > nowSeconds();
3848
3850
  }
3849
3851
 
3850
- /*! @azure/msal-common v16.6.1 2026-05-11 */
3852
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
3851
3853
 
3852
3854
  /*
3853
3855
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4106,7 +4108,7 @@ function isAuthorityMetadataExpired(metadata) {
4106
4108
  return metadata.expiresAt <= nowSeconds();
4107
4109
  }
4108
4110
 
4109
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4111
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
4110
4112
  /*
4111
4113
  * Copyright (c) Microsoft Corporation. All rights reserved.
4112
4114
  * Licensed under the MIT License.
@@ -4177,7 +4179,7 @@ const RegionDiscoveryGetCurrentVersion = "regionDiscoveryGetCurrentVersion";
4177
4179
  const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
4178
4180
  const SetUserData = "setUserData";
4179
4181
 
4180
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4182
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
4181
4183
  /*
4182
4184
  * Copyright (c) Microsoft Corporation. All rights reserved.
4183
4185
  * Licensed under the MIT License.
@@ -4270,7 +4272,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
4270
4272
  };
4271
4273
  };
4272
4274
 
4273
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4275
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
4274
4276
 
4275
4277
  /*
4276
4278
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4350,7 +4352,7 @@ class PopTokenGenerator {
4350
4352
  }
4351
4353
  }
4352
4354
 
4353
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4355
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
4354
4356
  /*
4355
4357
  * Copyright (c) Microsoft Corporation. All rights reserved.
4356
4358
  * Licensed under the MIT License.
@@ -4374,7 +4376,7 @@ const refreshTokenExpired = "refresh_token_expired";
4374
4376
  * MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
4375
4377
  * @public
4376
4378
  */
4377
- const uxNotAllowed = "ux_not_allowed";
4379
+ const uiNotAllowed = "ui_not_allowed";
4378
4380
  /**
4379
4381
  * Server-originated error code indicating interaction is required to complete the request.
4380
4382
  * @public
@@ -4411,10 +4413,10 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
4411
4413
  nativeAccountUnavailable: nativeAccountUnavailable,
4412
4414
  noTokensFound: noTokensFound,
4413
4415
  refreshTokenExpired: refreshTokenExpired,
4414
- uxNotAllowed: uxNotAllowed
4416
+ uiNotAllowed: uiNotAllowed
4415
4417
  });
4416
4418
 
4417
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4419
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
4418
4420
 
4419
4421
  /*
4420
4422
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4428,7 +4430,7 @@ const InteractionRequiredServerErrorMessage = [
4428
4430
  consentRequired,
4429
4431
  loginRequired,
4430
4432
  badToken,
4431
- uxNotAllowed,
4433
+ uiNotAllowed,
4432
4434
  interruptedUser,
4433
4435
  ];
4434
4436
  const InteractionRequiredAuthSubErrorMessage = [
@@ -4438,7 +4440,7 @@ const InteractionRequiredAuthSubErrorMessage = [
4438
4440
  "user_password_expired",
4439
4441
  "consent_required",
4440
4442
  "bad_token",
4441
- "ux_not_allowed",
4443
+ "ui_not_allowed",
4442
4444
  "interrupted_user",
4443
4445
  ];
4444
4446
  /**
@@ -4482,7 +4484,7 @@ function createInteractionRequiredAuthError(errorCode, errorMessage) {
4482
4484
  return new InteractionRequiredAuthError(errorCode, errorMessage);
4483
4485
  }
4484
4486
 
4485
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4487
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
4486
4488
 
4487
4489
  /*
4488
4490
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4501,7 +4503,7 @@ class ServerError extends AuthError {
4501
4503
  }
4502
4504
  }
4503
4505
 
4504
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4506
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
4505
4507
 
4506
4508
  /*
4507
4509
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4569,7 +4571,7 @@ function parseRequestState(base64Decode, state) {
4569
4571
  }
4570
4572
  }
4571
4573
 
4572
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4574
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
4573
4575
 
4574
4576
  /*
4575
4577
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4917,7 +4919,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
4917
4919
  return baseAccount;
4918
4920
  }
4919
4921
 
4920
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4922
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
4921
4923
  /*
4922
4924
  * Copyright (c) Microsoft Corporation. All rights reserved.
4923
4925
  * Licensed under the MIT License.
@@ -4927,7 +4929,7 @@ const CcsCredentialType = {
4927
4929
  UPN: "UPN",
4928
4930
  };
4929
4931
 
4930
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4932
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
4931
4933
  /*
4932
4934
  * Copyright (c) Microsoft Corporation. All rights reserved.
4933
4935
  * Licensed under the MIT License.
@@ -4945,7 +4947,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
4945
4947
  }
4946
4948
  }
4947
4949
 
4948
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4950
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
4949
4951
  /*
4950
4952
  * Copyright (c) Microsoft Corporation. All rights reserved.
4951
4953
  * Licensed under the MIT License.
@@ -4966,7 +4968,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
4966
4968
  };
4967
4969
  }
4968
4970
 
4969
- /*! @azure/msal-common v16.6.1 2026-05-11 */
4971
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
4970
4972
 
4971
4973
  /*
4972
4974
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5052,7 +5054,7 @@ class ThrottlingUtils {
5052
5054
  }
5053
5055
  }
5054
5056
 
5055
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5057
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
5056
5058
 
5057
5059
  /*
5058
5060
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5083,7 +5085,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
5083
5085
  return new NetworkError(error, httpStatus, responseHeaders);
5084
5086
  }
5085
5087
 
5086
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5088
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
5087
5089
 
5088
5090
  /*
5089
5091
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5197,7 +5199,7 @@ async function sendPostRequest(thumbprint, tokenEndpoint, options, correlationId
5197
5199
  return response;
5198
5200
  }
5199
5201
 
5200
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5202
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
5201
5203
  /*
5202
5204
  * Copyright (c) Microsoft Corporation. All rights reserved.
5203
5205
  * Licensed under the MIT License.
@@ -5209,7 +5211,7 @@ function isOpenIdConfigResponse(response) {
5209
5211
  response.hasOwnProperty("jwks_uri"));
5210
5212
  }
5211
5213
 
5212
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5214
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
5213
5215
  /*
5214
5216
  * Copyright (c) Microsoft Corporation. All rights reserved.
5215
5217
  * Licensed under the MIT License.
@@ -5219,7 +5221,7 @@ function isCloudInstanceDiscoveryResponse(response) {
5219
5221
  response.hasOwnProperty("metadata"));
5220
5222
  }
5221
5223
 
5222
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5224
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
5223
5225
  /*
5224
5226
  * Copyright (c) Microsoft Corporation. All rights reserved.
5225
5227
  * Licensed under the MIT License.
@@ -5229,7 +5231,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
5229
5231
  response.hasOwnProperty("error_description"));
5230
5232
  }
5231
5233
 
5232
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5234
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
5233
5235
 
5234
5236
  /*
5235
5237
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5334,7 +5336,7 @@ RegionDiscovery.IMDS_OPTIONS = {
5334
5336
  },
5335
5337
  };
5336
5338
 
5337
- /*! @azure/msal-common v16.6.1 2026-05-11 */
5339
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
5338
5340
 
5339
5341
  /*
5340
5342
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5891,7 +5893,7 @@ class Authority {
5891
5893
  }
5892
5894
  }
5893
5895
  // If cloudDiscoveryMetadata is empty or does not contain the host, check knownAuthorities
5894
- if (this.isInKnownAuthorities()) {
5896
+ if (this.isInKnownAuthorities(this.hostnameAndPort)) {
5895
5897
  this.logger.verbose("0mt9al", this.correlationId);
5896
5898
  return Authority.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);
5897
5899
  }
@@ -5958,13 +5960,14 @@ class Authority {
5958
5960
  return match;
5959
5961
  }
5960
5962
  /**
5961
- * Helper function to determine if this host is included in the knownAuthorities config option
5963
+ * Helper function to determine if a host is included in the knownAuthorities config option.
5962
5964
  */
5963
- isInKnownAuthorities() {
5965
+ isInKnownAuthorities(host) {
5966
+ const normalizedHost = host.toLowerCase();
5964
5967
  const matches = this.authorityOptions.knownAuthorities.filter((authority) => {
5965
5968
  return (authority &&
5966
5969
  UrlString.getDomainFromUrl(authority).toLowerCase() ===
5967
- this.hostnameAndPort);
5970
+ normalizedHost);
5968
5971
  });
5969
5972
  return matches.length > 0;
5970
5973
  }
@@ -6041,6 +6044,10 @@ class Authority {
6041
6044
  * 4. Same as (2), but the issuer host matches the CIAM tenant pattern
6042
6045
  * `{tenant}.ciamlogin.com` with an optional `/{tenant}[.onmicrosoft.com][/v2.0]`
6043
6046
  * path.
6047
+ * 5. The issuer host is HTTPS and is explicitly listed in the
6048
+ * developer-configured `knownAuthorities`. This covers scenarios where
6049
+ * the OIDC discovery document returns an issuer host that differs from
6050
+ * the authority (e.g., a GUID-based issuer for a name-based CIAM authority).
6044
6051
  *
6045
6052
  * @param issuer The `issuer` value returned in the OIDC discovery document.
6046
6053
  * @throws ClientConfigurationError("issuer_validation_failed") on failure.
@@ -6077,11 +6084,19 @@ class Authority {
6077
6084
  * have "{tenant}.ciamlogin.com" as the host, even when using a custom domain.
6078
6085
  */
6079
6086
  const matchesCiamTenantPattern = this.matchesCiamTenantPattern(issuerUrl, authorityHost, this.canonicalAuthorityUrlComponents.PathSegments);
6087
+ /*
6088
+ * Rule 5: The issuer host is explicitly listed in the developer-configured
6089
+ * knownAuthorities. This covers scenarios where the OIDC discovery document
6090
+ * returns an issuer with a different host than the authority
6091
+ * (e.g., a GUID-based issuer for a name-based authority).
6092
+ */
6093
+ const matchesKnownAuthority = issuerScheme === "https:" && this.isInKnownAuthorities(issuerHost);
6080
6094
  // Each rule is an independent boolean; the issuer is valid if ANY rule matches.
6081
6095
  if (matchesAuthorityOrigin ||
6082
6096
  matchesKnownMicrosoftHost ||
6083
6097
  matchesRegionalMicrosoftHost ||
6084
- matchesCiamTenantPattern) {
6098
+ matchesCiamTenantPattern ||
6099
+ matchesKnownAuthority) {
6085
6100
  return;
6086
6101
  }
6087
6102
  // issuer validation fails if none of the above rules are satisfied
@@ -6289,7 +6304,7 @@ function buildStaticAuthorityOptions(authOptions) {
6289
6304
  };
6290
6305
  }
6291
6306
 
6292
- /*! @azure/msal-common v16.6.1 2026-05-11 */
6307
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
6293
6308
 
6294
6309
  /*
6295
6310
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6323,7 +6338,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
6323
6338
  }
6324
6339
  }
6325
6340
 
6326
- /*! @azure/msal-common v16.6.1 2026-05-11 */
6341
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
6327
6342
 
6328
6343
  /*
6329
6344
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6580,7 +6595,7 @@ class AuthorizationCodeClient {
6580
6595
  }
6581
6596
  }
6582
6597
 
6583
- /*! @azure/msal-common v16.6.1 2026-05-11 */
6598
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
6584
6599
 
6585
6600
  /*
6586
6601
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6801,7 +6816,7 @@ class RefreshTokenClient {
6801
6816
  }
6802
6817
  }
6803
6818
 
6804
- /*! @azure/msal-common v16.6.1 2026-05-11 */
6819
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
6805
6820
 
6806
6821
  /*
6807
6822
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6917,7 +6932,7 @@ class SilentFlowClient {
6917
6932
  }
6918
6933
  }
6919
6934
 
6920
- /*! @azure/msal-common v16.6.1 2026-05-11 */
6935
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
6921
6936
 
6922
6937
  /*
6923
6938
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6932,7 +6947,7 @@ const StubbedNetworkModule = {
6932
6947
  },
6933
6948
  };
6934
6949
 
6935
- /*! @azure/msal-common v16.6.1 2026-05-11 */
6950
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
6936
6951
 
6937
6952
  /*
6938
6953
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7155,7 +7170,7 @@ function extractLoginHint(account) {
7155
7170
  return account.loginHint || account.idTokenClaims?.login_hint || null;
7156
7171
  }
7157
7172
 
7158
- /*! @azure/msal-common v16.6.1 2026-05-11 */
7173
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
7159
7174
 
7160
7175
  /*
7161
7176
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7188,7 +7203,7 @@ function containsResourceParam(params) {
7188
7203
  return Object.prototype.hasOwnProperty.call(params, "resource");
7189
7204
  }
7190
7205
 
7191
- /*! @azure/msal-common v16.6.1 2026-05-11 */
7206
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
7192
7207
 
7193
7208
  /*
7194
7209
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7246,7 +7261,7 @@ class AuthenticationHeaderParser {
7246
7261
  }
7247
7262
  }
7248
7263
 
7249
- /*! @azure/msal-common v16.6.1 2026-05-11 */
7264
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
7250
7265
  /*
7251
7266
  * Copyright (c) Microsoft Corporation. All rights reserved.
7252
7267
  * Licensed under the MIT License.
@@ -7263,7 +7278,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
7263
7278
  unexpectedError: unexpectedError
7264
7279
  });
7265
7280
 
7266
- /*! @azure/msal-common v16.6.1 2026-05-11 */
7281
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
7267
7282
 
7268
7283
  /*
7269
7284
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7524,7 +7539,7 @@ class ServerTelemetryManager {
7524
7539
  }
7525
7540
  }
7526
7541
 
7527
- /*! @azure/msal-common v16.6.1 2026-05-11 */
7542
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
7528
7543
 
7529
7544
  /*
7530
7545
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7545,7 +7560,7 @@ function createJoseHeaderError(code) {
7545
7560
  return new JoseHeaderError(code);
7546
7561
  }
7547
7562
 
7548
- /*! @azure/msal-common v16.6.1 2026-05-11 */
7563
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
7549
7564
  /*
7550
7565
  * Copyright (c) Microsoft Corporation. All rights reserved.
7551
7566
  * Licensed under the MIT License.
@@ -7553,7 +7568,7 @@ function createJoseHeaderError(code) {
7553
7568
  const missingKidError = "missing_kid_error";
7554
7569
  const missingAlgError = "missing_alg_error";
7555
7570
 
7556
- /*! @azure/msal-common v16.6.1 2026-05-11 */
7571
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
7557
7572
 
7558
7573
  /*
7559
7574
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7593,7 +7608,7 @@ class JoseHeader {
7593
7608
  }
7594
7609
  }
7595
7610
 
7596
- /*! @azure/msal-common v16.6.1 2026-05-11 */
7611
+ /*! @azure/msal-common v16.7.0 2026-06-05 */
7597
7612
 
7598
7613
  /*
7599
7614
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8388,6 +8403,43 @@ function createBrowserAuthError(errorCode, subError) {
8388
8403
  return new BrowserAuthError(errorCode, subError);
8389
8404
  }
8390
8405
 
8406
+ /*
8407
+ * Copyright (c) Microsoft Corporation. All rights reserved.
8408
+ * Licensed under the MIT License.
8409
+ */
8410
+ /**
8411
+ * Class which exposes APIs to decode base64 strings to plaintext. See here for implementation details:
8412
+ * https://developer.mozilla.org/en-US/docs/Glossary/Base64#the_unicode_problem
8413
+ */
8414
+ /**
8415
+ * Returns a URL-safe plaintext decoded string from b64 encoded input.
8416
+ * @param input
8417
+ */
8418
+ function base64Decode(input) {
8419
+ return new TextDecoder().decode(base64DecToArr(input));
8420
+ }
8421
+ /**
8422
+ * Decodes base64 into Uint8Array
8423
+ * @param base64String
8424
+ */
8425
+ function base64DecToArr(base64String) {
8426
+ let encodedString = base64String.replace(/-/g, "+").replace(/_/g, "/");
8427
+ switch (encodedString.length % 4) {
8428
+ case 0:
8429
+ break;
8430
+ case 2:
8431
+ encodedString += "==";
8432
+ break;
8433
+ case 3:
8434
+ encodedString += "=";
8435
+ break;
8436
+ default:
8437
+ throw createBrowserAuthError(invalidBase64String);
8438
+ }
8439
+ const binString = atob(encodedString);
8440
+ return Uint8Array.from(binString, (m) => m.codePointAt(0) || 0);
8441
+ }
8442
+
8391
8443
  /*
8392
8444
  * Copyright (c) Microsoft Corporation. All rights reserved.
8393
8445
  * Licensed under the MIT License.
@@ -8647,43 +8699,6 @@ function base64EncArr(aBytes) {
8647
8699
  return btoa(binString);
8648
8700
  }
8649
8701
 
8650
- /*
8651
- * Copyright (c) Microsoft Corporation. All rights reserved.
8652
- * Licensed under the MIT License.
8653
- */
8654
- /**
8655
- * Class which exposes APIs to decode base64 strings to plaintext. See here for implementation details:
8656
- * https://developer.mozilla.org/en-US/docs/Glossary/Base64#the_unicode_problem
8657
- */
8658
- /**
8659
- * Returns a URL-safe plaintext decoded string from b64 encoded input.
8660
- * @param input
8661
- */
8662
- function base64Decode(input) {
8663
- return new TextDecoder().decode(base64DecToArr(input));
8664
- }
8665
- /**
8666
- * Decodes base64 into Uint8Array
8667
- * @param base64String
8668
- */
8669
- function base64DecToArr(base64String) {
8670
- let encodedString = base64String.replace(/-/g, "+").replace(/_/g, "/");
8671
- switch (encodedString.length % 4) {
8672
- case 0:
8673
- break;
8674
- case 2:
8675
- encodedString += "==";
8676
- break;
8677
- case 3:
8678
- encodedString += "=";
8679
- break;
8680
- default:
8681
- throw createBrowserAuthError(invalidBase64String);
8682
- }
8683
- const binString = atob(encodedString);
8684
- return Uint8Array.from(binString, (m) => m.codePointAt(0) || 0);
8685
- }
8686
-
8687
8702
  /*
8688
8703
  * Copyright (c) Microsoft Corporation. All rights reserved.
8689
8704
  * Licensed under the MIT License.
@@ -9102,6 +9117,16 @@ function clearHash(contentWindow) {
9102
9117
  contentWindow.history.replaceState(null, "", `${contentWindow.location.origin}${contentWindow.location.pathname}${contentWindow.location.search}`);
9103
9118
  }
9104
9119
  }
9120
+ /**
9121
+ * Strips both hash and query string from the given window's URL by replacing
9122
+ * with origin + pathname only. Used to remove auth response parameters
9123
+ * (auth code, state, etc.) before the window is closed or navigated away.
9124
+ */
9125
+ function clearAuthResponseFromUrl(contentWindow) {
9126
+ if (typeof contentWindow.history?.replaceState === "function") {
9127
+ contentWindow.history.replaceState(null, "", `${contentWindow.location.origin}${contentWindow.location.pathname}`);
9128
+ }
9129
+ }
9105
9130
  /**
9106
9131
  * Replaces current hash with hash from provided url
9107
9132
  */
@@ -9160,7 +9185,7 @@ function cancelPendingBridgeResponse(logger, correlationId) {
9160
9185
  activeBridgeMonitor = null;
9161
9186
  }
9162
9187
  }
9163
- async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient, experimentalConfig) {
9188
+ async function waitForBridgeResponse(timeoutMs, logger, request, performanceClient, experimentalConfig) {
9164
9189
  return new Promise((resolve, reject) => {
9165
9190
  logger.verbose("1rf6em", request.correlationId);
9166
9191
  const correlationId = request.correlationId;
@@ -9168,7 +9193,7 @@ async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request,
9168
9193
  redirectBridgeTimeoutMs: timeoutMs,
9169
9194
  lateResponseExperimentEnabled: experimentalConfig?.iframeTimeoutTelemetry || false,
9170
9195
  }, correlationId);
9171
- const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
9196
+ const { libraryState } = parseRequestState(base64Decode, request.state || "");
9172
9197
  const channel = new BroadcastChannel(libraryState.id);
9173
9198
  let responseString = undefined;
9174
9199
  let timedOut$1 = false;
@@ -9356,6 +9381,7 @@ var BrowserUtils = /*#__PURE__*/Object.freeze({
9356
9381
  blockRedirectInIframe: blockRedirectInIframe,
9357
9382
  blockReloadInHiddenIframes: blockReloadInHiddenIframes,
9358
9383
  cancelPendingBridgeResponse: cancelPendingBridgeResponse,
9384
+ clearAuthResponseFromUrl: clearAuthResponseFromUrl,
9359
9385
  clearHash: clearHash,
9360
9386
  createGuid: createGuid,
9361
9387
  getCurrentUri: getCurrentUri,
@@ -10015,7 +10041,6 @@ const ACCOUNT_SCHEMA_VERSION = 3;
10015
10041
  const LOG_LEVEL_CACHE_KEY = `${PREFIX}.${BROWSER_PREFIX}.log.level`;
10016
10042
  const LOG_PII_CACHE_KEY = `${PREFIX}.${BROWSER_PREFIX}.log.pii`;
10017
10043
  const BROWSER_PERF_ENABLED_KEY = `${PREFIX}.${BROWSER_PREFIX}.performance.enabled`;
10018
- const PLATFORM_AUTH_DOM_SUPPORT = `${PREFIX}.${BROWSER_PREFIX}.platform.auth.dom`;
10019
10044
  const VERSION_CACHE_KEY = `${PREFIX}.version`;
10020
10045
  const ACCOUNT_KEYS = "account.keys";
10021
10046
  const TOKEN_KEYS = "token.keys";
@@ -10531,7 +10556,7 @@ const EventType = {
10531
10556
 
10532
10557
  /* eslint-disable header/header */
10533
10558
  const name = "@azure/msal-browser";
10534
- const version = "5.10.1";
10559
+ const version = "5.12.0";
10535
10560
 
10536
10561
  /*
10537
10562
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -10638,6 +10663,7 @@ class BrowserCacheManager extends CacheManager {
10638
10663
  ? await this.browserStorage.decryptData(key, parsedValue, correlationId)
10639
10664
  : parsedValue;
10640
10665
  if (!decryptedData || !isCredentialEntity(decryptedData)) {
10666
+ this.browserStorage.removeItem(key);
10641
10667
  this.performanceClient.incrementFields({ invalidCacheCount: 1 }, correlationId);
10642
10668
  return null;
10643
10669
  }
@@ -10668,6 +10694,7 @@ class BrowserCacheManager extends CacheManager {
10668
10694
  const rawValue = this.browserStorage.getItem(accountKey);
10669
10695
  const parsedValue = this.validateAndParseJson(rawValue || "");
10670
10696
  if (!parsedValue) {
10697
+ this.browserStorage.removeItem(accountKey);
10671
10698
  removeElementFromArray(accountKeysToCheck, accountKey);
10672
10699
  continue;
10673
10700
  }
@@ -10682,6 +10709,15 @@ class BrowserCacheManager extends CacheManager {
10682
10709
  await this.removeAccountOldSchema(accountKey, parsedValue, credentialSchema, correlationId);
10683
10710
  removeElementFromArray(accountKeysToCheck, accountKey);
10684
10711
  }
10712
+ else if (isEncrypted(parsedValue)) {
10713
+ // Remove accounts encrypted with a different key (session cookie expired/changed)
10714
+ const decrypted = await this.browserStorage.decryptData(accountKey, parsedValue, correlationId);
10715
+ if (!decrypted) {
10716
+ this.browserStorage.removeItem(accountKey);
10717
+ this.performanceClient.incrementFields({ expiredAcntRemovedCount: 1 }, correlationId);
10718
+ removeElementFromArray(accountKeysToCheck, accountKey);
10719
+ }
10720
+ }
10685
10721
  }
10686
10722
  this.setAccountKeys(accountKeysToCheck, correlationId, accountSchema);
10687
10723
  }
@@ -12279,12 +12315,13 @@ class StandardInteractionClient extends BaseInteractionClient {
12279
12315
  * and logoutHint attribute wasn't manually set in logout request
12280
12316
  */
12281
12317
  if (logoutRequest) {
12282
- // If logoutHint isn't set and an account was passed in, try to extract logoutHint from ID Token Claims
12318
+ // If logoutHint isn't set and an account was passed in, try to extract logoutHint from account loginHint or ID Token Claims
12283
12319
  if (!logoutRequest.logoutHint) {
12284
12320
  if (logoutRequest.account) {
12285
- const logoutHint = this.getLogoutHintFromIdTokenClaims(logoutRequest.account);
12321
+ const logoutHint = logoutRequest.account.loginHint ||
12322
+ this.getLogoutHintFromIdTokenClaims(logoutRequest.account);
12286
12323
  if (logoutHint) {
12287
- this.logger.verbose("0st5di", this.correlationId);
12324
+ this.logger.verbose("0d7s8p", this.correlationId);
12288
12325
  validLogoutRequest.logoutHint = logoutHint;
12289
12326
  }
12290
12327
  }
@@ -12337,6 +12374,7 @@ class StandardInteractionClient extends BaseInteractionClient {
12337
12374
  const idTokenClaims = account.idTokenClaims;
12338
12375
  if (idTokenClaims) {
12339
12376
  if (idTokenClaims.login_hint) {
12377
+ this.logger.verbose("0u5bmc", this.correlationId);
12340
12378
  return idTokenClaims.login_hint;
12341
12379
  }
12342
12380
  else {
@@ -12623,7 +12661,7 @@ const USER_CANCEL = "USER_CANCEL";
12623
12661
  const NO_NETWORK = "NO_NETWORK";
12624
12662
  const DISABLED = "DISABLED";
12625
12663
  const ACCOUNT_UNAVAILABLE = "ACCOUNT_UNAVAILABLE";
12626
- const UX_NOT_ALLOWED = "UX_NOT_ALLOWED";
12664
+ const UI_NOT_ALLOWED = "UI_NOT_ALLOWED";
12627
12665
 
12628
12666
  /*
12629
12667
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -12678,8 +12716,8 @@ function createNativeAuthError(code, description, ext) {
12678
12716
  return createBrowserAuthError(userCancelled);
12679
12717
  case NO_NETWORK:
12680
12718
  return createBrowserAuthError(noNetworkConnectivity);
12681
- case UX_NOT_ALLOWED:
12682
- return createInteractionRequiredAuthError(uxNotAllowed);
12719
+ case UI_NOT_ALLOWED:
12720
+ return createInteractionRequiredAuthError(uiNotAllowed);
12683
12721
  }
12684
12722
  }
12685
12723
  return new NativeAuthError(code, description, ext);
@@ -12910,7 +12948,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
12910
12948
  noHistory: false,
12911
12949
  };
12912
12950
  const redirectUri = navigateToLoginRequestUrl
12913
- ? window.location.href
12951
+ ? UrlString.getAbsoluteUrl(request.redirectStartPage || window.location.href, getCurrentUri())
12914
12952
  : getRedirectUri(request.redirectUri, this.config.auth.redirectUri, this.logger, this.correlationId);
12915
12953
  rootMeasurement.end({ success: true });
12916
12954
  await this.navigationClient.navigateExternal(redirectUri, navigationOptions); // Need to treat this as external to ensure handleRedirectPromise is run again
@@ -13965,6 +14003,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
13965
14003
  };
13966
14004
  const DEFAULT_EXPERIMENTAL_OPTIONS = {
13967
14005
  iframeTimeoutTelemetry: false,
14006
+ allowPlatformBrokerWithDOM: false,
13968
14007
  };
13969
14008
  // Throw an error if user has set OIDCOptions without being in OIDC protocol mode
13970
14009
  if (userInputSystem?.protocolMode !== ProtocolMode.OIDC &&
@@ -14411,25 +14450,23 @@ class PlatformAuthDOMHandler {
14411
14450
  */
14412
14451
  /**
14413
14452
  * Checks if the platform broker is available in the current environment.
14414
- * @param loggerOptions
14415
- * @param perfClient
14416
- * @param correlationId
14417
- * @returns
14453
+ * @param domConfig - Whether to enable platform broker DOM API support (required)
14454
+ * @param loggerOptions - Optional logger options
14455
+ * @param perfClient - Optional performance client
14456
+ * @param correlationId - Optional correlation ID
14457
+ * @returns Promise<boolean> indicating if platform broker is available
14418
14458
  */
14419
- async function isPlatformBrokerAvailable(loggerOptions, perfClient, correlationId) {
14459
+ async function isPlatformBrokerAvailable(domConfig, loggerOptions, perfClient, correlationId) {
14420
14460
  const logger = new Logger(loggerOptions || {}, name, version);
14421
- const cid = correlationId || "";
14422
- logger.trace("07660b", cid);
14423
14461
  const performanceClient = perfClient || new StubPerformanceClient();
14424
14462
  if (typeof window === "undefined") {
14425
- logger.trace("082ed3", cid);
14463
+ logger.trace("082ed3", correlationId || createNewGuid());
14426
14464
  return false;
14427
14465
  }
14428
- return !!(await getPlatformAuthProvider(logger, performanceClient, cid));
14466
+ return !!(await getPlatformAuthProvider(logger, performanceClient, correlationId || createNewGuid(), undefined, domConfig));
14429
14467
  }
14430
- async function getPlatformAuthProvider(logger, performanceClient, correlationId, nativeBrokerHandshakeTimeout) {
14468
+ async function getPlatformAuthProvider(logger, performanceClient, correlationId, nativeBrokerHandshakeTimeout, enablePlatformBrokerDOMSupport) {
14431
14469
  logger.trace("134j0v", correlationId);
14432
- const enablePlatformBrokerDOMSupport = isDomEnabledForPlatformAuth();
14433
14470
  logger.trace("04c81g", correlationId);
14434
14471
  let platformAuthProvider;
14435
14472
  try {
@@ -14453,22 +14490,6 @@ async function getPlatformAuthProvider(logger, performanceClient, correlationId,
14453
14490
  }
14454
14491
  return platformAuthProvider;
14455
14492
  }
14456
- /**
14457
- * Returns true if the DOM API support for platform auth is enabled in session storage
14458
- * @returns boolean
14459
- * @deprecated
14460
- */
14461
- function isDomEnabledForPlatformAuth() {
14462
- let sessionStorage;
14463
- try {
14464
- sessionStorage = window[BrowserCacheLocation.SessionStorage];
14465
- // Mute errors if it's a non-browser environment or cookies are blocked.
14466
- return sessionStorage?.getItem(PLATFORM_AUTH_DOM_SUPPORT) === "true";
14467
- }
14468
- catch (e) {
14469
- return false;
14470
- }
14471
- }
14472
14493
  /**
14473
14494
  * Returns boolean indicating whether or not the request should attempt to use platform broker
14474
14495
  * @param logger
@@ -14479,6 +14500,11 @@ function isDomEnabledForPlatformAuth() {
14479
14500
  */
14480
14501
  function isPlatformAuthAllowed(config, logger, correlationId, platformAuthProvider, authenticationScheme) {
14481
14502
  logger.trace("0uko3r", correlationId);
14503
+ // throw an error if allowPlatformBroker is not enabled and allowPlatformBrokerWithDOM is enabled
14504
+ if (!config.system.allowPlatformBroker &&
14505
+ config.experimental.allowPlatformBrokerWithDOM) {
14506
+ throw createClientConfigurationError(invalidPlatformBrokerConfiguration);
14507
+ }
14482
14508
  if (!config.system.allowPlatformBroker) {
14483
14509
  logger.trace("04hozs", correlationId);
14484
14510
  // Developer disabled WAM
@@ -14508,10 +14534,11 @@ function isPlatformAuthAllowed(config, logger, correlationId, platformAuthProvid
14508
14534
  * Licensed under the MIT License.
14509
14535
  */
14510
14536
  class PopupClient extends StandardInteractionClient {
14511
- constructor(config, storageImpl, browserCrypto, logger, eventHandler, navigationClient, performanceClient, nativeStorageImpl, correlationId, platformAuthHandler) {
14537
+ constructor(config, storageImpl, browserCrypto, logger, eventHandler, navigationClient, performanceClient, nativeStorageImpl, correlationId, platformAuthHandler, waitForPopupResponseHook) {
14512
14538
  super(config, storageImpl, browserCrypto, logger, eventHandler, navigationClient, performanceClient, correlationId, platformAuthHandler);
14513
14539
  this.nativeStorage = nativeStorageImpl;
14514
14540
  this.eventHandler = eventHandler;
14541
+ this.waitForPopupResponseHook = waitForPopupResponseHook;
14515
14542
  }
14516
14543
  /**
14517
14544
  * Acquires tokens by opening a popup window to the /authorize endpoint of the authority
@@ -14645,7 +14672,7 @@ class PopupClient extends StandardInteractionClient {
14645
14672
  const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
14646
14673
  this.eventHandler.emitEvent(EventType.POPUP_OPENED, correlationId, exports.InteractionType.Popup, { popupWindow }, null);
14647
14674
  // Wait for the redirect bridge response
14648
- const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
14675
+ const responseString = await this.waitForPopupResponse(request, popupWindow, popupParams.popupWindowParent);
14649
14676
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
14650
14677
  return await invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
14651
14678
  }
@@ -14680,7 +14707,7 @@ class PopupClient extends StandardInteractionClient {
14680
14707
  const form = await getEARForm(popupWindow.document, this.config, discoveredAuthority, popupRequest, this.logger, this.performanceClient);
14681
14708
  form.submit();
14682
14709
  // Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
14683
- const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest, this.performanceClient);
14710
+ const responseString = await invokeAsync(this.waitForPopupResponse.bind(this), SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(popupRequest, popupWindow, popupParams.popupWindowParent);
14684
14711
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
14685
14712
  if (!serverParams.ear_jwe && serverParams.code) {
14686
14713
  const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, correlationId)({
@@ -14705,7 +14732,7 @@ class PopupClient extends StandardInteractionClient {
14705
14732
  const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
14706
14733
  form.submit();
14707
14734
  // Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
14708
- const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
14735
+ const responseString = await invokeAsync(this.waitForPopupResponse.bind(this), SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(request, popupWindow, popupParams.popupWindowParent);
14709
14736
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
14710
14737
  return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
14711
14738
  }
@@ -14762,7 +14789,7 @@ class PopupClient extends StandardInteractionClient {
14762
14789
  // Open the popup window to requestUrl.
14763
14790
  const popupWindow = this.openPopup(logoutUri, popupParams);
14764
14791
  this.eventHandler.emitEvent(EventType.POPUP_OPENED, validRequest.correlationId, exports.InteractionType.Popup, { popupWindow }, null);
14765
- await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest, this.performanceClient).catch(() => {
14792
+ await this.waitForPopupResponse(validRequest, popupWindow, popupParams.popupWindowParent).catch(() => {
14766
14793
  // Swallow any errors related to monitoring the window. Server logout is best effort
14767
14794
  });
14768
14795
  if (mainWindowRedirectUri) {
@@ -14841,6 +14868,19 @@ class PopupClient extends StandardInteractionClient {
14841
14868
  if (!popupWindow) {
14842
14869
  throw createBrowserAuthError(emptyWindowError);
14843
14870
  }
14871
+ try {
14872
+ popupWindow.document.title = "Microsoft Authentication";
14873
+ }
14874
+ catch (e) {
14875
+ if (typeof DOMException !== "undefined" &&
14876
+ e instanceof DOMException &&
14877
+ e.name === "SecurityError") {
14878
+ // Cross-origin - title cannot be set
14879
+ }
14880
+ else {
14881
+ this.logger.verbose("1s1yfs", this.correlationId);
14882
+ }
14883
+ }
14844
14884
  if (popupWindow.focus) {
14845
14885
  popupWindow.focus();
14846
14886
  }
@@ -14919,6 +14959,12 @@ class PopupClient extends StandardInteractionClient {
14919
14959
  const homeAccountId = request.account && request.account.homeAccountId;
14920
14960
  return `${BrowserConstants.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${homeAccountId}.${this.correlationId}`;
14921
14961
  }
14962
+ async waitForPopupResponse(request, popupWindow, popupWindowParent) {
14963
+ if (this.waitForPopupResponseHook) {
14964
+ return this.waitForPopupResponseHook(request, popupWindow, popupWindowParent);
14965
+ }
14966
+ return waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, request, this.performanceClient);
14967
+ }
14922
14968
  }
14923
14969
 
14924
14970
  /*
@@ -15072,6 +15118,8 @@ class RedirectClient extends StandardInteractionClient {
15072
15118
  * @param options {HandleRedirectPromiseOptions} options for handling redirect promise
15073
15119
  */
15074
15120
  async handleRedirectPromise(request, pkceVerifier, parentMeasurement, options) {
15121
+ const originalTitle = document.title;
15122
+ document.title = "Microsoft Authentication";
15075
15123
  const serverTelemetryManager = initializeServerTelemetryManager(ApiId.handleRedirectPromise, this.config.auth.clientId, this.correlationId, this.browserStorage, this.logger);
15076
15124
  const navigateToLoginRequestUrl = options?.navigateToLoginRequestUrl ?? true;
15077
15125
  try {
@@ -15154,6 +15202,9 @@ class RedirectClient extends StandardInteractionClient {
15154
15202
  }
15155
15203
  throw e;
15156
15204
  }
15205
+ finally {
15206
+ document.title = originalTitle;
15207
+ }
15157
15208
  }
15158
15209
  /**
15159
15210
  * Gets the response hash for a redirect request
@@ -15409,6 +15460,7 @@ function loadFrameSync(urlNavigate) {
15409
15460
  function createHiddenIframe() {
15410
15461
  const authFrame = document.createElement("iframe");
15411
15462
  authFrame.className = "msalSilentIframe";
15463
+ authFrame.title = "Microsoft Authentication";
15412
15464
  authFrame.style.visibility = "hidden";
15413
15465
  authFrame.style.position = "absolute";
15414
15466
  authFrame.style.width = authFrame.style.height = "0";
@@ -15434,10 +15486,11 @@ function removeHiddenIframe(iframe) {
15434
15486
  * Licensed under the MIT License.
15435
15487
  */
15436
15488
  class SilentIframeClient extends StandardInteractionClient {
15437
- constructor(config, storageImpl, browserCrypto, logger, eventHandler, navigationClient, apiId, performanceClient, nativeStorageImpl, correlationId, platformAuthProvider) {
15489
+ constructor(config, storageImpl, browserCrypto, logger, eventHandler, navigationClient, apiId, performanceClient, nativeStorageImpl, correlationId, platformAuthProvider, waitForIframeResponseHook) {
15438
15490
  super(config, storageImpl, browserCrypto, logger, eventHandler, navigationClient, performanceClient, correlationId, platformAuthProvider);
15439
15491
  this.apiId = apiId;
15440
15492
  this.nativeStorage = nativeStorageImpl;
15493
+ this.waitForIframeResponseHook = waitForIframeResponseHook;
15441
15494
  }
15442
15495
  /**
15443
15496
  * Acquires a token silently by opening a hidden iframe to the /authorize endpoint with prompt=none or prompt=no_session
@@ -15526,7 +15579,7 @@ class SilentIframeClient extends StandardInteractionClient {
15526
15579
  const responseType = this.config.auth.OIDCOptions.responseMode;
15527
15580
  let responseString;
15528
15581
  try {
15529
- responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient, this.config.experimental);
15582
+ responseString = await invokeAsync(this.waitForIframeResponse.bind(this), SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(iframe, request);
15530
15583
  }
15531
15584
  finally {
15532
15585
  invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
@@ -15624,7 +15677,7 @@ class SilentIframeClient extends StandardInteractionClient {
15624
15677
  // Wait for response from the redirect bridge.
15625
15678
  let responseString;
15626
15679
  try {
15627
- responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient, this.config.experimental);
15680
+ responseString = await invokeAsync(this.waitForIframeResponse.bind(this), SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(iframe, request);
15628
15681
  }
15629
15682
  finally {
15630
15683
  invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
@@ -15632,6 +15685,12 @@ class SilentIframeClient extends StandardInteractionClient {
15632
15685
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
15633
15686
  return { serverParams, pkceCodes, silentRequest };
15634
15687
  }
15688
+ async waitForIframeResponse(iframe, request) {
15689
+ if (this.waitForIframeResponseHook) {
15690
+ return this.waitForIframeResponseHook(iframe, request);
15691
+ }
15692
+ return waitForBridgeResponse(this.config.system.iframeBridgeTimeout, this.logger, request, this.performanceClient, this.config.experimental);
15693
+ }
15635
15694
  }
15636
15695
 
15637
15696
  /*
@@ -15938,7 +15997,7 @@ class StandardController {
15938
15997
  if (allowPlatformBroker) {
15939
15998
  try {
15940
15999
  // check if platform authentication is available via DOM or browser extension and create relevant handlers
15941
- this.platformAuthProvider = await getPlatformAuthProvider(this.logger, this.performanceClient, correlationId, this.config.system.nativeBrokerHandshakeTimeout);
16000
+ this.platformAuthProvider = await getPlatformAuthProvider(this.logger, this.performanceClient, correlationId, this.config.system.nativeBrokerHandshakeTimeout, this.config.experimental.allowPlatformBrokerWithDOM);
15942
16001
  }
15943
16002
  catch (e) {
15944
16003
  this.logger.verbose(e, correlationId);
@@ -16845,7 +16904,7 @@ class StandardController {
16845
16904
  * @param correlationId
16846
16905
  */
16847
16906
  createPopupClient(correlationId) {
16848
- return new PopupClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, this.performanceClient, this.nativeInternalStorage, correlationId, this.platformAuthProvider);
16907
+ return new PopupClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, this.performanceClient, this.nativeInternalStorage, correlationId, this.platformAuthProvider, this.operatingContext.getResponseHandlers()?.waitForPopupResponse);
16849
16908
  }
16850
16909
  /**
16851
16910
  * Returns new instance of the Redirect Interaction Client
@@ -16859,7 +16918,7 @@ class StandardController {
16859
16918
  * @param correlationId
16860
16919
  */
16861
16920
  createSilentIframeClient(correlationId) {
16862
- return new SilentIframeClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.ssoSilent, this.performanceClient, this.nativeInternalStorage, correlationId, this.platformAuthProvider);
16921
+ return new SilentIframeClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.ssoSilent, this.performanceClient, this.nativeInternalStorage, correlationId, this.platformAuthProvider, this.operatingContext.getResponseHandlers()?.waitForIframeResponse);
16863
16922
  }
16864
16923
  /**
16865
16924
  * Returns new instance of the Silent Cache Interaction Client
@@ -17333,7 +17392,7 @@ class BaseOperatingContext {
17333
17392
  return;
17334
17393
  }
17335
17394
  }
17336
- constructor(config) {
17395
+ constructor(config, responseHandlers) {
17337
17396
  /*
17338
17397
  * If loaded in an environment where window is not available,
17339
17398
  * set internal flag to false so that further requests fail.
@@ -17341,6 +17400,7 @@ class BaseOperatingContext {
17341
17400
  */
17342
17401
  this.browserEnvironment = typeof window !== "undefined";
17343
17402
  this.config = buildConfiguration(config, this.browserEnvironment);
17403
+ this.responseHandlers = responseHandlers;
17344
17404
  let sessionStorage;
17345
17405
  try {
17346
17406
  sessionStorage = window[BrowserCacheLocation.SessionStorage];
@@ -17377,6 +17437,13 @@ class BaseOperatingContext {
17377
17437
  getConfig() {
17378
17438
  return this.config;
17379
17439
  }
17440
+ /**
17441
+ * Returns the internal response handlers supplied by PublicClientApplication, if any.
17442
+ * @returns AuthResponseHandlers | undefined
17443
+ */
17444
+ getResponseHandlers() {
17445
+ return this.responseHandlers;
17446
+ }
17380
17447
  /**
17381
17448
  * Returns the MSAL Logger
17382
17449
  * @returns Logger
@@ -18398,7 +18465,48 @@ class PublicClientApplication {
18398
18465
  constructor(configuration, controller) {
18399
18466
  this.controller =
18400
18467
  controller ||
18401
- new StandardController(new StandardOperatingContext(configuration));
18468
+ new StandardController(new StandardOperatingContext(configuration, {
18469
+ waitForPopupResponse: this.waitForPopupResponse.bind(this),
18470
+ waitForIframeResponse: this.waitForIframeResponse.bind(this),
18471
+ }));
18472
+ }
18473
+ /**
18474
+ * Waits for the auth response from a popup window opened by MSAL.
18475
+ *
18476
+ * The default implementation delegates to MSAL's `BroadcastChannel`-based bridge.
18477
+ * Subclasses must return the raw response string (hash/query/fragment), or reject
18478
+ * with an `AuthError` on failure.
18479
+ *
18480
+ * @internal
18481
+ * @param request The in-flight authorization or end-session request.
18482
+ * @param popupWindow The popup window opened by MSAL.
18483
+ * @param popupWindowParent The parent window that opened the popup.
18484
+ */
18485
+ async waitForPopupResponse(request,
18486
+ // eslint-disable-next-line @typescript-eslint/no-unused-vars
18487
+ popupWindow,
18488
+ // eslint-disable-next-line @typescript-eslint/no-unused-vars
18489
+ popupWindowParent) {
18490
+ const controller = this.controller;
18491
+ return waitForBridgeResponse(controller.getConfiguration().system.popupBridgeTimeout, controller.getLogger(), request, controller.getPerformanceClient());
18492
+ }
18493
+ /**
18494
+ * Waits for the auth response from a hidden iframe used by MSAL silent flows.
18495
+ *
18496
+ * The default implementation delegates to MSAL's `BroadcastChannel`-based bridge.
18497
+ * Subclasses must return the raw response string (hash/query/fragment), or reject
18498
+ * with an `AuthError` on failure.
18499
+ *
18500
+ * @internal
18501
+ * @param iframe The hidden iframe MSAL attached to the document.
18502
+ * @param request The in-flight authorization request.
18503
+ */
18504
+ async waitForIframeResponse(
18505
+ // eslint-disable-next-line @typescript-eslint/no-unused-vars
18506
+ iframe, request) {
18507
+ const controller = this.controller;
18508
+ const config = controller.getConfiguration();
18509
+ return waitForBridgeResponse(config.system.iframeBridgeTimeout, controller.getLogger(), request, controller.getPerformanceClient(), config.experimental);
18402
18510
  }
18403
18511
  /**
18404
18512
  * Initializer function to perform async startup tasks such as connecting to WAM extension