@azure/msal-browser 5.10.1 → 5.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (294) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +44 -2
  3. package/dist/app/PublicClientApplication.mjs.map +1 -1
  4. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +3 -3
  5. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +18 -32
  8. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
  9. package/dist/cache/AccountManager.mjs +1 -1
  10. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  11. package/dist/cache/BrowserCacheManager.mjs +12 -1
  12. package/dist/cache/BrowserCacheManager.mjs.map +1 -1
  13. package/dist/cache/CacheHelpers.mjs +1 -1
  14. package/dist/cache/CacheKeys.mjs +2 -3
  15. package/dist/cache/CacheKeys.mjs.map +1 -1
  16. package/dist/cache/CookieStorage.mjs +1 -1
  17. package/dist/cache/DatabaseStorage.mjs +1 -1
  18. package/dist/cache/EncryptedData.mjs +1 -1
  19. package/dist/cache/LocalStorage.mjs +1 -1
  20. package/dist/cache/MemoryStorage.mjs +1 -1
  21. package/dist/cache/SessionStorage.mjs +1 -1
  22. package/dist/cache/TokenCache.mjs +1 -1
  23. package/dist/config/Configuration.mjs +3 -2
  24. package/dist/config/Configuration.mjs.map +1 -1
  25. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  26. package/dist/controllers/StandardController.mjs +4 -4
  27. package/dist/controllers/StandardController.mjs.map +1 -1
  28. package/dist/crypto/BrowserCrypto.mjs +1 -1
  29. package/dist/crypto/CryptoOps.mjs +1 -1
  30. package/dist/crypto/PkceGenerator.mjs +1 -1
  31. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  32. package/dist/custom_auth/CustomAuthConstants.mjs +11 -2
  33. package/dist/custom_auth/CustomAuthConstants.mjs.map +1 -1
  34. package/dist/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  35. package/dist/custom_auth/controller/CustomAuthStandardController.mjs +2 -2
  36. package/dist/custom_auth/controller/CustomAuthStandardController.mjs.map +1 -1
  37. package/dist/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  38. package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  39. package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  40. package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  41. package/dist/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  42. package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  43. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  44. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  45. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  46. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  47. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  48. package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  49. package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  50. package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  51. package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  52. package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  53. package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  54. package/dist/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  55. package/dist/custom_auth/core/error/CustomAuthError.mjs +1 -1
  56. package/dist/custom_auth/core/error/HttpError.mjs +1 -1
  57. package/dist/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  58. package/dist/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  59. package/dist/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  60. package/dist/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  61. package/dist/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  62. package/dist/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  63. package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  64. package/dist/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  65. package/dist/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  66. package/dist/custom_auth/core/error/UnexpectedError.mjs +1 -1
  67. package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  68. package/dist/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  69. package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  70. package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  71. package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  72. package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  73. package/dist/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  74. package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  75. package/dist/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  76. package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +21 -3
  77. package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs.map +1 -1
  78. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +6 -6
  79. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs.map +1 -1
  80. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  81. package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  82. package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +3 -3
  83. package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs.map +1 -1
  84. package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +3 -3
  85. package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs.map +1 -1
  86. package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +3 -3
  87. package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs.map +1 -1
  88. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  89. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  90. package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  91. package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  92. package/dist/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  93. package/dist/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  94. package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs +56 -0
  95. package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs.map +1 -0
  96. package/dist/custom_auth/core/utils/UrlUtils.mjs +1 -1
  97. package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  98. package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  99. package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  100. package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  101. package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  102. package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  103. package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  104. package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  105. package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  106. package/dist/custom_auth/index.mjs +1 -1
  107. package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  108. package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  109. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  110. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  111. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  112. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  113. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  114. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  115. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  116. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  117. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  118. package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  119. package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  120. package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  121. package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  122. package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  123. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  124. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  125. package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  126. package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  127. package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  128. package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  129. package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  130. package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  131. package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  132. package/dist/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  133. package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  134. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  135. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  136. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  137. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  138. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  139. package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  140. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  141. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  142. package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  143. package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  144. package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  145. package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  146. package/dist/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  147. package/dist/encode/Base64Decode.mjs +1 -1
  148. package/dist/encode/Base64Encode.mjs +1 -1
  149. package/dist/error/BrowserAuthError.mjs +1 -1
  150. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  151. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  152. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  153. package/dist/error/NativeAuthError.mjs +4 -4
  154. package/dist/error/NativeAuthError.mjs.map +1 -1
  155. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  156. package/dist/error/NestedAppAuthError.mjs +1 -1
  157. package/dist/event/EventHandler.mjs +1 -1
  158. package/dist/event/EventMessage.mjs +1 -1
  159. package/dist/event/EventType.mjs +1 -1
  160. package/dist/index.mjs +1 -1
  161. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  162. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  163. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +4 -3
  164. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  165. package/dist/interaction_client/PopupClient.mjs +27 -7
  166. package/dist/interaction_client/PopupClient.mjs.map +1 -1
  167. package/dist/interaction_client/RedirectClient.mjs +6 -1
  168. package/dist/interaction_client/RedirectClient.mjs.map +1 -1
  169. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  170. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  171. package/dist/interaction_client/SilentIframeClient.mjs +11 -4
  172. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  173. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  174. package/dist/interaction_client/StandardInteractionClient.mjs +6 -4
  175. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  176. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  177. package/dist/interaction_handler/SilentHandler.mjs +2 -1
  178. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  179. package/dist/log-strings-mapping.json +1203 -1187
  180. package/dist/naa/BridgeError.mjs +1 -1
  181. package/dist/naa/BridgeProxy.mjs +1 -1
  182. package/dist/naa/BridgeStatusCode.mjs +1 -1
  183. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  184. package/dist/navigation/NavigationClient.mjs +1 -1
  185. package/dist/network/FetchClient.mjs +1 -1
  186. package/dist/operatingcontext/BaseOperatingContext.mjs +10 -2
  187. package/dist/operatingcontext/BaseOperatingContext.mjs.map +1 -1
  188. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  189. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  190. package/dist/packageMetadata.mjs +2 -2
  191. package/dist/protocol/Authorize.mjs +1 -1
  192. package/dist/redirect_bridge/index.mjs +4 -5
  193. package/dist/redirect_bridge/index.mjs.map +1 -1
  194. package/dist/request/RequestHelpers.mjs +1 -1
  195. package/dist/response/ResponseHandler.mjs +1 -1
  196. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  197. package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
  198. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  199. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  200. package/dist/utils/BrowserConstants.mjs +1 -1
  201. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  202. package/dist/utils/BrowserUtils.mjs +15 -5
  203. package/dist/utils/BrowserUtils.mjs.map +1 -1
  204. package/dist/utils/Helpers.mjs +1 -1
  205. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  206. package/lib/custom-auth-path/log-strings-mapping.json +33 -17
  207. package/lib/custom-auth-path/msal-custom-auth.cjs +342 -169
  208. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  209. package/lib/custom-auth-path/msal-custom-auth.js +342 -169
  210. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  211. package/lib/log-strings-mapping.json +13 -9
  212. package/lib/msal-browser.cjs +275 -167
  213. package/lib/msal-browser.cjs.map +1 -1
  214. package/lib/msal-browser.js +275 -167
  215. package/lib/msal-browser.js.map +1 -1
  216. package/lib/msal-browser.min.js +2 -2
  217. package/lib/redirect-bridge/msal-redirect-bridge.cjs +59 -50
  218. package/lib/redirect-bridge/msal-redirect-bridge.cjs.map +1 -1
  219. package/lib/redirect-bridge/msal-redirect-bridge.js +59 -50
  220. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
  221. package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
  222. package/package.json +2 -2
  223. package/src/app/PublicClientApplication.ts +85 -1
  224. package/src/broker/nativeBroker/NativeStatusCodes.ts +1 -1
  225. package/src/broker/nativeBroker/PlatformAuthProvider.ts +34 -30
  226. package/src/cache/BrowserCacheManager.ts +17 -0
  227. package/src/config/Configuration.ts +5 -0
  228. package/src/controllers/StandardController.ts +6 -3
  229. package/src/custom_auth/CustomAuthConstants.ts +10 -0
  230. package/src/custom_auth/configuration/CustomAuthConfiguration.ts +2 -0
  231. package/src/custom_auth/configuration/CustomAuthRequestInterceptor.ts +54 -0
  232. package/src/custom_auth/controller/CustomAuthStandardController.ts +3 -1
  233. package/src/custom_auth/core/network_client/custom_auth_api/BaseApiClient.ts +41 -2
  234. package/src/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.ts +17 -5
  235. package/src/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.ts +8 -2
  236. package/src/custom_auth/core/network_client/custom_auth_api/SignInApiClient.ts +8 -3
  237. package/src/custom_auth/core/network_client/custom_auth_api/SignupApiClient.ts +8 -2
  238. package/src/custom_auth/core/utils/CustomHeaderUtils.ts +75 -0
  239. package/src/custom_auth/index.ts +4 -0
  240. package/src/error/NativeAuthError.ts +2 -2
  241. package/src/interaction_client/PlatformAuthInteractionClient.ts +5 -1
  242. package/src/interaction_client/PopupClient.ts +65 -27
  243. package/src/interaction_client/RedirectClient.ts +5 -0
  244. package/src/interaction_client/SilentIframeClient.ts +49 -19
  245. package/src/interaction_client/StandardInteractionClient.ts +11 -5
  246. package/src/interaction_handler/SilentHandler.ts +1 -0
  247. package/src/operatingcontext/BaseOperatingContext.ts +15 -1
  248. package/src/packageMetadata.ts +1 -1
  249. package/src/redirect_bridge/index.ts +3 -7
  250. package/src/utils/BrowserUtils.ts +28 -7
  251. package/types/app/PublicClientApplication.d.ts +37 -1
  252. package/types/app/PublicClientApplication.d.ts.map +1 -1
  253. package/types/broker/nativeBroker/NativeStatusCodes.d.ts +1 -1
  254. package/types/broker/nativeBroker/PlatformAuthProvider.d.ts +7 -12
  255. package/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
  256. package/types/cache/BrowserCacheManager.d.ts.map +1 -1
  257. package/types/config/Configuration.d.ts +4 -0
  258. package/types/config/Configuration.d.ts.map +1 -1
  259. package/types/controllers/StandardController.d.ts.map +1 -1
  260. package/types/custom_auth/CustomAuthConstants.d.ts +5 -1
  261. package/types/custom_auth/CustomAuthConstants.d.ts.map +1 -1
  262. package/types/custom_auth/configuration/CustomAuthConfiguration.d.ts +2 -0
  263. package/types/custom_auth/configuration/CustomAuthConfiguration.d.ts.map +1 -1
  264. package/types/custom_auth/configuration/CustomAuthRequestInterceptor.d.ts +42 -0
  265. package/types/custom_auth/configuration/CustomAuthRequestInterceptor.d.ts.map +1 -0
  266. package/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
  267. package/types/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts +6 -2
  268. package/types/custom_auth/core/network_client/custom_auth_api/BaseApiClient.d.ts.map +1 -1
  269. package/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts +3 -1
  270. package/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts.map +1 -1
  271. package/types/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts +3 -1
  272. package/types/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.d.ts.map +1 -1
  273. package/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts +3 -1
  274. package/types/custom_auth/core/network_client/custom_auth_api/SignInApiClient.d.ts.map +1 -1
  275. package/types/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts +3 -1
  276. package/types/custom_auth/core/network_client/custom_auth_api/SignupApiClient.d.ts.map +1 -1
  277. package/types/custom_auth/core/utils/CustomHeaderUtils.d.ts +21 -0
  278. package/types/custom_auth/core/utils/CustomHeaderUtils.d.ts.map +1 -0
  279. package/types/custom_auth/index.d.ts +1 -0
  280. package/types/custom_auth/index.d.ts.map +1 -1
  281. package/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  282. package/types/interaction_client/PopupClient.d.ts +11 -1
  283. package/types/interaction_client/PopupClient.d.ts.map +1 -1
  284. package/types/interaction_client/RedirectClient.d.ts.map +1 -1
  285. package/types/interaction_client/SilentIframeClient.d.ts +20 -1
  286. package/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  287. package/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  288. package/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  289. package/types/operatingcontext/BaseOperatingContext.d.ts +8 -1
  290. package/types/operatingcontext/BaseOperatingContext.d.ts.map +1 -1
  291. package/types/packageMetadata.d.ts +1 -1
  292. package/types/redirect_bridge/index.d.ts.map +1 -1
  293. package/types/utils/BrowserUtils.d.ts +17 -2
  294. package/types/utils/BrowserUtils.d.ts.map +1 -1
@@ -369,7 +369,8 @@ export class StandardController implements IController {
369
369
  this.logger,
370
370
  this.performanceClient,
371
371
  correlationId,
372
- this.config.system.nativeBrokerHandshakeTimeout
372
+ this.config.system.nativeBrokerHandshakeTimeout,
373
+ this.config.experimental.allowPlatformBrokerWithDOM
373
374
  );
374
375
  } catch (e) {
375
376
  this.logger.verbose(e as string, correlationId);
@@ -1911,7 +1912,8 @@ export class StandardController implements IController {
1911
1912
  this.performanceClient,
1912
1913
  this.nativeInternalStorage,
1913
1914
  correlationId,
1914
- this.platformAuthProvider
1915
+ this.platformAuthProvider,
1916
+ this.operatingContext.getResponseHandlers()?.waitForPopupResponse
1915
1917
  );
1916
1918
  }
1917
1919
 
@@ -1950,7 +1952,8 @@ export class StandardController implements IController {
1950
1952
  this.performanceClient,
1951
1953
  this.nativeInternalStorage,
1952
1954
  correlationId,
1953
- this.platformAuthProvider
1955
+ this.platformAuthProvider,
1956
+ this.operatingContext.getResponseHandlers()?.waitForIframeResponse
1954
1957
  );
1955
1958
  }
1956
1959
 
@@ -33,6 +33,16 @@ export const HttpHeaderKeys = {
33
33
  X_MS_REQUEST_ID: "x-ms-request-id",
34
34
  } as const;
35
35
 
36
+ export const CustomHeaderConstants = {
37
+ REQUIRED_PREFIX: "x-",
38
+ RESERVED_PREFIXES: [
39
+ "x-client-",
40
+ "x-ms-",
41
+ "x-broker-",
42
+ "x-app-",
43
+ ] as ReadonlyArray<string>,
44
+ } as const;
45
+
36
46
  export const DefaultPackageInfo = {
37
47
  SKU: "msal.browser",
38
48
  VERSION: version,
@@ -7,12 +7,14 @@ import {
7
7
  BrowserConfiguration,
8
8
  Configuration,
9
9
  } from "../../config/Configuration.js";
10
+ import { CustomAuthRequestInterceptor } from "./CustomAuthRequestInterceptor.js";
10
11
 
11
12
  export type CustomAuthOptions = {
12
13
  challengeTypes?: Array<string>;
13
14
  authApiProxyUrl: string;
14
15
  customAuthApiQueryParams?: Record<string, string>;
15
16
  capabilities?: Array<string>;
17
+ requestInterceptor?: CustomAuthRequestInterceptor;
16
18
  };
17
19
 
18
20
  export type CustomAuthConfiguration = Configuration & {
@@ -0,0 +1,54 @@
1
+ /*
2
+ * Copyright (c) Microsoft Corporation. All rights reserved.
3
+ * Licensed under the MIT License.
4
+ */
5
+
6
+ /**
7
+ * Result type returned by {@link CustomAuthRequestInterceptor.addAdditionalHeaderFields}.
8
+ *
9
+ * Implementations may return either a synchronous value or a `Promise` resolving to one of
10
+ * the following:
11
+ * - A `Record<string, string>` of additional headers to add to the outgoing request.
12
+ * - `null` (or `undefined`) when no additional headers should be added for the request.
13
+ */
14
+ export type CustomAuthAdditionalHeaderFieldsResult =
15
+ | Record<string, string>
16
+ | null
17
+ | undefined;
18
+
19
+ /**
20
+ * Interface for intercepting custom auth network requests in order to attach additional
21
+ * headers to outgoing requests.
22
+ *
23
+ * Implementations are invoked by MSAL before each backend request used by custom auth
24
+ * (sign-in, sign-up, reset-password, and register endpoints). Use this hook to integrate
25
+ * with third-party fraud and bot-detection SDKs that require custom `x-*` headers.
26
+ *
27
+ * MSAL applies the following rules when evaluating the headers you provide:
28
+ * - Headers must start with `x-` (case-insensitive). Headers that don't start with `x-`
29
+ * are ignored.
30
+ * - Headers that start with any of the following reserved prefixes are ignored:
31
+ * `x-client-`, `x-ms-`, `x-broker-`, `x-app-`.
32
+ * - Headers that pass both rules are added to the network request. If a header you
33
+ * provide has the same name as one of MSAL's own internal headers, your value takes
34
+ * precedence.
35
+ */
36
+ export interface CustomAuthRequestInterceptor {
37
+ /**
38
+ * Returns additional headers to add to a custom-auth network request.
39
+ *
40
+ * Scope your headers to specific endpoints by inspecting `requestUrl`. Sending
41
+ * headers to unrelated endpoints can degrade signal quality and increase false
42
+ * positives for fraud/bot-detection vendors.
43
+ *
44
+ * @param requestUrl - The full URL of the outgoing custom-auth request.
45
+ * @returns A record of headers to add (or `null`/`undefined` if no extra headers
46
+ * are needed for the request). May be returned synchronously or as a
47
+ * `Promise`.
48
+ */
49
+ addAdditionalHeaderFields(
50
+ requestUrl: URL
51
+ ):
52
+ | CustomAuthAdditionalHeaderFieldsResult
53
+ | Promise<CustomAuthAdditionalHeaderFieldsResult>;
54
+ }
@@ -125,7 +125,9 @@ export class CustomAuthStandardController
125
125
  this.customAuthConfig.auth.clientId,
126
126
  new FetchHttpClient(this.logger),
127
127
  this.customAuthConfig.customAuth?.capabilities?.join(" "),
128
- this.customAuthConfig.customAuth?.customAuthApiQueryParams
128
+ this.customAuthConfig.customAuth?.customAuthApiQueryParams,
129
+ this.customAuthConfig.customAuth?.requestInterceptor,
130
+ this.logger
129
131
  ),
130
132
  this.authority
131
133
  );
@@ -17,9 +17,12 @@ import {
17
17
  } from "../../error/CustomAuthApiError.js";
18
18
  import {
19
19
  AADServerParamKeys,
20
+ Logger,
20
21
  ServerTelemetryManager,
21
22
  } from "@azure/msal-common/browser";
22
23
  import { ApiErrorResponse } from "./types/ApiErrorResponseTypes.js";
24
+ import { CustomAuthRequestInterceptor } from "../../../configuration/CustomAuthRequestInterceptor.js";
25
+ import { filterCustomHeaders } from "../../utils/CustomHeaderUtils.js";
23
26
 
24
27
  export abstract class BaseApiClient {
25
28
  private readonly baseRequestUrl: URL;
@@ -28,7 +31,9 @@ export abstract class BaseApiClient {
28
31
  baseUrl: string,
29
32
  private readonly clientId: string,
30
33
  private httpClient: IHttpClient,
31
- private customAuthApiQueryParams?: Record<string, string>
34
+ private customAuthApiQueryParams?: Record<string, string>,
35
+ private requestInterceptor?: CustomAuthRequestInterceptor,
36
+ private logger?: Logger
32
37
  ) {
33
38
  this.baseRequestUrl = parseUrl(
34
39
  !baseUrl.endsWith("/") ? `${baseUrl}/` : baseUrl
@@ -45,13 +50,23 @@ export abstract class BaseApiClient {
45
50
  client_id: this.clientId,
46
51
  ...data,
47
52
  });
48
- const headers = this.getCommonHeaders(correlationId, telemetryManager);
53
+ const commonHeaders = this.getCommonHeaders(
54
+ correlationId,
55
+ telemetryManager
56
+ );
49
57
  const url = buildUrl(
50
58
  this.baseRequestUrl.href,
51
59
  endpoint,
52
60
  this.customAuthApiQueryParams
53
61
  );
54
62
 
63
+ const additionalHeaders = await this.getAdditionalHeaders(
64
+ url,
65
+ correlationId
66
+ );
67
+
68
+ const headers = { ...commonHeaders, ...additionalHeaders };
69
+
55
70
  let response: Response;
56
71
 
57
72
  try {
@@ -173,4 +188,28 @@ export abstract class BaseApiClient {
173
188
  responseError.timestamp
174
189
  );
175
190
  }
191
+
192
+ private async getAdditionalHeaders(
193
+ url: URL,
194
+ correlationId: string
195
+ ): Promise<Record<string, string>> {
196
+ if (!this.requestInterceptor) {
197
+ return {};
198
+ }
199
+
200
+ try {
201
+ const result = await Promise.resolve(
202
+ this.requestInterceptor.addAdditionalHeaderFields(url)
203
+ );
204
+
205
+ return filterCustomHeaders(result, this.logger, correlationId);
206
+ } catch (e) {
207
+ this.logger?.warningPii(
208
+ `CustomAuthRequestInterceptor.addAdditionalHeaderFields threw an error; continuing without additional headers: ${e}`,
209
+ correlationId
210
+ );
211
+
212
+ return {};
213
+ }
214
+ }
176
215
  }
@@ -9,6 +9,8 @@ import { SignInApiClient } from "./SignInApiClient.js";
9
9
  import { RegisterApiClient } from "./RegisterApiClient.js";
10
10
  import { ICustomAuthApiClient } from "./ICustomAuthApiClient.js";
11
11
  import { IHttpClient } from "../http_client/IHttpClient.js";
12
+ import { Logger } from "@azure/msal-common/browser";
13
+ import { CustomAuthRequestInterceptor } from "../../../configuration/CustomAuthRequestInterceptor.js";
12
14
 
13
15
  export class CustomAuthApiClient implements ICustomAuthApiClient {
14
16
  signInApi: SignInApiClient;
@@ -21,34 +23,44 @@ export class CustomAuthApiClient implements ICustomAuthApiClient {
21
23
  clientId: string,
22
24
  httpClient: IHttpClient,
23
25
  capabilities?: string,
24
- customAuthApiQueryParams?: Record<string, string>
26
+ customAuthApiQueryParams?: Record<string, string>,
27
+ requestInterceptor?: CustomAuthRequestInterceptor,
28
+ logger?: Logger
25
29
  ) {
26
30
  this.signInApi = new SignInApiClient(
27
31
  customAuthApiBaseUrl,
28
32
  clientId,
29
33
  httpClient,
30
34
  capabilities,
31
- customAuthApiQueryParams
35
+ customAuthApiQueryParams,
36
+ requestInterceptor,
37
+ logger
32
38
  );
33
39
  this.signUpApi = new SignupApiClient(
34
40
  customAuthApiBaseUrl,
35
41
  clientId,
36
42
  httpClient,
37
43
  capabilities,
38
- customAuthApiQueryParams
44
+ customAuthApiQueryParams,
45
+ requestInterceptor,
46
+ logger
39
47
  );
40
48
  this.resetPasswordApi = new ResetPasswordApiClient(
41
49
  customAuthApiBaseUrl,
42
50
  clientId,
43
51
  httpClient,
44
52
  capabilities,
45
- customAuthApiQueryParams
53
+ customAuthApiQueryParams,
54
+ requestInterceptor,
55
+ logger
46
56
  );
47
57
  this.registerApi = new RegisterApiClient(
48
58
  customAuthApiBaseUrl,
49
59
  clientId,
50
60
  httpClient,
51
- customAuthApiQueryParams
61
+ customAuthApiQueryParams,
62
+ requestInterceptor,
63
+ logger
52
64
  );
53
65
  }
54
66
  }
@@ -10,6 +10,7 @@ import {
10
10
  import { CustomAuthApiError } from "../../error/CustomAuthApiError.js";
11
11
  import { BaseApiClient } from "./BaseApiClient.js";
12
12
  import { IHttpClient } from "../http_client/IHttpClient.js";
13
+ import { Logger } from "@azure/msal-common/browser";
13
14
  import * as CustomAuthApiEndpoint from "./CustomAuthApiEndpoint.js";
14
15
  import * as CustomAuthApiErrorCode from "./types/ApiErrorCodes.js";
15
16
  import {
@@ -26,6 +27,7 @@ import {
26
27
  ResetPasswordStartResponse,
27
28
  ResetPasswordSubmitResponse,
28
29
  } from "./types/ApiResponseTypes.js";
30
+ import { CustomAuthRequestInterceptor } from "../../../configuration/CustomAuthRequestInterceptor.js";
29
31
 
30
32
  export class ResetPasswordApiClient extends BaseApiClient {
31
33
  private readonly capabilities?: string;
@@ -35,13 +37,17 @@ export class ResetPasswordApiClient extends BaseApiClient {
35
37
  clientId: string,
36
38
  httpClient: IHttpClient,
37
39
  capabilities?: string,
38
- customAuthApiQueryParams?: Record<string, string>
40
+ customAuthApiQueryParams?: Record<string, string>,
41
+ requestInterceptor?: CustomAuthRequestInterceptor,
42
+ logger?: Logger
39
43
  ) {
40
44
  super(
41
45
  customAuthApiBaseUrl,
42
46
  clientId,
43
47
  httpClient,
44
- customAuthApiQueryParams
48
+ customAuthApiQueryParams,
49
+ requestInterceptor,
50
+ logger
45
51
  );
46
52
  this.capabilities = capabilities;
47
53
  }
@@ -3,7 +3,7 @@
3
3
  * Licensed under the MIT License.
4
4
  */
5
5
 
6
- import { ServerTelemetryManager } from "@azure/msal-common/browser";
6
+ import { Logger, ServerTelemetryManager } from "@azure/msal-common/browser";
7
7
  import { GrantType } from "../../../CustomAuthConstants.js";
8
8
  import { CustomAuthApiError } from "../../error/CustomAuthApiError.js";
9
9
  import { BaseApiClient } from "./BaseApiClient.js";
@@ -24,6 +24,7 @@ import {
24
24
  SignInIntrospectResponse,
25
25
  SignInTokenResponse,
26
26
  } from "./types/ApiResponseTypes.js";
27
+ import { CustomAuthRequestInterceptor } from "../../../configuration/CustomAuthRequestInterceptor.js";
27
28
 
28
29
  export class SignInApiClient extends BaseApiClient {
29
30
  private readonly capabilities?: string;
@@ -33,13 +34,17 @@ export class SignInApiClient extends BaseApiClient {
33
34
  clientId: string,
34
35
  httpClient: IHttpClient,
35
36
  capabilities?: string,
36
- customAuthApiQueryParams?: Record<string, string>
37
+ customAuthApiQueryParams?: Record<string, string>,
38
+ requestInterceptor?: CustomAuthRequestInterceptor,
39
+ logger?: Logger
37
40
  ) {
38
41
  super(
39
42
  customAuthApiBaseUrl,
40
43
  clientId,
41
44
  httpClient,
42
- customAuthApiQueryParams
45
+ customAuthApiQueryParams,
46
+ requestInterceptor,
47
+ logger
43
48
  );
44
49
  this.capabilities = capabilities;
45
50
  }
@@ -6,6 +6,7 @@
6
6
  import { GrantType } from "../../../CustomAuthConstants.js";
7
7
  import { BaseApiClient } from "./BaseApiClient.js";
8
8
  import { IHttpClient } from "../http_client/IHttpClient.js";
9
+ import { Logger } from "@azure/msal-common/browser";
9
10
  import * as CustomAuthApiEndpoint from "./CustomAuthApiEndpoint.js";
10
11
  import {
11
12
  SignUpChallengeRequest,
@@ -19,6 +20,7 @@ import {
19
20
  SignUpContinueResponse,
20
21
  SignUpStartResponse,
21
22
  } from "./types/ApiResponseTypes.js";
23
+ import { CustomAuthRequestInterceptor } from "../../../configuration/CustomAuthRequestInterceptor.js";
22
24
 
23
25
  export class SignupApiClient extends BaseApiClient {
24
26
  private readonly capabilities?: string;
@@ -28,13 +30,17 @@ export class SignupApiClient extends BaseApiClient {
28
30
  clientId: string,
29
31
  httpClient: IHttpClient,
30
32
  capabilities?: string,
31
- customAuthApiQueryParams?: Record<string, string>
33
+ customAuthApiQueryParams?: Record<string, string>,
34
+ requestInterceptor?: CustomAuthRequestInterceptor,
35
+ logger?: Logger
32
36
  ) {
33
37
  super(
34
38
  customAuthApiBaseUrl,
35
39
  clientId,
36
40
  httpClient,
37
- customAuthApiQueryParams
41
+ customAuthApiQueryParams,
42
+ requestInterceptor,
43
+ logger
38
44
  );
39
45
  this.capabilities = capabilities;
40
46
  }
@@ -0,0 +1,75 @@
1
+ /*
2
+ * Copyright (c) Microsoft Corporation. All rights reserved.
3
+ * Licensed under the MIT License.
4
+ */
5
+
6
+ import { Logger } from "@azure/msal-common/browser";
7
+ import { CustomHeaderConstants } from "../../CustomAuthConstants.js";
8
+
9
+ /**
10
+ * Filters the headers returned by a {@link CustomAuthRequestInterceptor},
11
+ * keeping only those that conform to the custom-auth header naming rules.
12
+ *
13
+ * Rules (mirrors the iOS / Android native auth implementations):
14
+ * - Header names must start with `x-` (case-insensitive); others are dropped.
15
+ * - Header names that start with any reserved prefix (`x-client-`, `x-ms-`,
16
+ * `x-broker-`, `x-app-`) are dropped.
17
+ * - Headers with empty/whitespace-only names or null/undefined values are dropped.
18
+ *
19
+ * Dropped headers are logged as warnings (PII-safe) when a logger is provided.
20
+ *
21
+ * @param headers - Raw headers returned by the interceptor.
22
+ * @param logger - Optional logger used to emit warnings for dropped headers.
23
+ * @param correlationId - Optional correlation id forwarded to the logger.
24
+ * @returns A new record containing only the headers that pass the filter,
25
+ * preserving the original casing of header names.
26
+ */
27
+ export function filterCustomHeaders(
28
+ headers: Record<string, string> | null | undefined,
29
+ logger?: Logger,
30
+ correlationId?: string
31
+ ): Record<string, string> {
32
+ const filtered: Record<string, string> = {};
33
+
34
+ if (!headers) {
35
+ return filtered;
36
+ }
37
+
38
+ for (const [name, value] of Object.entries(headers)) {
39
+ if (!name || value === undefined || value === null) {
40
+ continue;
41
+ }
42
+
43
+ const trimmedName = name.trim();
44
+
45
+ if (!trimmedName) {
46
+ continue;
47
+ }
48
+
49
+ const lowerName = trimmedName.toLowerCase();
50
+
51
+ if (!lowerName.startsWith(CustomHeaderConstants.REQUIRED_PREFIX)) {
52
+ logger?.warningPii(
53
+ `Additional header field "${trimmedName}" must start with the "${CustomHeaderConstants.REQUIRED_PREFIX}" prefix. Ignoring.`,
54
+ correlationId ?? ""
55
+ );
56
+ continue;
57
+ }
58
+
59
+ const reservedPrefix = CustomHeaderConstants.RESERVED_PREFIXES.find(
60
+ (prefix) => lowerName.startsWith(prefix)
61
+ );
62
+
63
+ if (reservedPrefix) {
64
+ logger?.warningPii(
65
+ `Additional header field "${trimmedName}" uses reserved prefix "${reservedPrefix}". Ignoring.`,
66
+ correlationId ?? ""
67
+ );
68
+ continue;
69
+ }
70
+
71
+ filtered[trimmedName] = value;
72
+ }
73
+
74
+ return filtered;
75
+ }
@@ -19,6 +19,10 @@ export { ICustomAuthPublicClientApplication } from "./ICustomAuthPublicClientApp
19
19
 
20
20
  // Configuration
21
21
  export { CustomAuthConfiguration } from "./configuration/CustomAuthConfiguration.js";
22
+ export {
23
+ CustomAuthRequestInterceptor,
24
+ CustomAuthAdditionalHeaderFieldsResult,
25
+ } from "./configuration/CustomAuthRequestInterceptor.js";
22
26
 
23
27
  // Models
24
28
  export { CustomAuthAccountData } from "./get_account/auth_flow/CustomAuthAccountData.js";
@@ -99,9 +99,9 @@ export function createNativeAuthError(
99
99
  return createBrowserAuthError(
100
100
  BrowserAuthErrorCodes.noNetworkConnectivity
101
101
  );
102
- case NativeStatusCodes.UX_NOT_ALLOWED:
102
+ case NativeStatusCodes.UI_NOT_ALLOWED:
103
103
  return createInteractionRequiredAuthError(
104
- InteractionRequiredAuthErrorCodes.uxNotAllowed
104
+ InteractionRequiredAuthErrorCodes.uiNotAllowed
105
105
  );
106
106
  }
107
107
  }
@@ -72,6 +72,7 @@ import {
72
72
  PlatformAuthConstants,
73
73
  TemporaryCacheKeys,
74
74
  } from "../utils/BrowserConstants.js";
75
+ import { getCurrentUri } from "../utils/BrowserUtils.js";
75
76
  import {
76
77
  BaseInteractionClient,
77
78
  getDiscoveredAuthority,
@@ -388,7 +389,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
388
389
  noHistory: false,
389
390
  };
390
391
  const redirectUri = navigateToLoginRequestUrl
391
- ? window.location.href
392
+ ? UrlString.getAbsoluteUrl(
393
+ request.redirectStartPage || window.location.href,
394
+ getCurrentUri()
395
+ )
392
396
  : getRedirectUri(
393
397
  request.redirectUri,
394
398
  this.config.auth.redirectUri,
@@ -59,6 +59,19 @@ import {
59
59
  } from "./BaseInteractionClient.js";
60
60
  import { validateRequestMethod } from "../request/RequestHelpers.js";
61
61
 
62
+ /**
63
+ * Signature of the popup-response handler supplied by
64
+ * {@link PublicClientApplication} to {@link PopupClient} via the operating
65
+ * context.
66
+ *
67
+ * @internal
68
+ */
69
+ export type WaitForPopupResponseFn = (
70
+ request: CommonAuthorizationUrlRequest | CommonEndSessionRequest,
71
+ popupWindow: Window,
72
+ popupWindowParent: Window
73
+ ) => Promise<string>;
74
+
62
75
  export type PopupParams = {
63
76
  popup?: Window | null;
64
77
  popupName: string;
@@ -69,6 +82,9 @@ export type PopupParams = {
69
82
  export class PopupClient extends StandardInteractionClient {
70
83
  private currentWindow: Window | undefined;
71
84
  protected nativeStorage: BrowserCacheManager;
85
+ private readonly waitForPopupResponseHook:
86
+ | WaitForPopupResponseFn
87
+ | undefined;
72
88
 
73
89
  constructor(
74
90
  config: BrowserConfiguration,
@@ -80,7 +96,8 @@ export class PopupClient extends StandardInteractionClient {
80
96
  performanceClient: IPerformanceClient,
81
97
  nativeStorageImpl: BrowserCacheManager,
82
98
  correlationId: string,
83
- platformAuthHandler?: IPlatformAuthHandler
99
+ platformAuthHandler?: IPlatformAuthHandler,
100
+ waitForPopupResponseHook?: WaitForPopupResponseFn
84
101
  ) {
85
102
  super(
86
103
  config,
@@ -95,6 +112,7 @@ export class PopupClient extends StandardInteractionClient {
95
112
  );
96
113
  this.nativeStorage = nativeStorageImpl;
97
114
  this.eventHandler = eventHandler;
115
+ this.waitForPopupResponseHook = waitForPopupResponseHook;
98
116
  }
99
117
 
100
118
  /**
@@ -369,12 +387,10 @@ export class PopupClient extends StandardInteractionClient {
369
387
  );
370
388
 
371
389
  // Wait for the redirect bridge response
372
- const responseString = await BrowserUtils.waitForBridgeResponse(
373
- this.config.system.popupBridgeTimeout,
374
- this.logger,
375
- this.browserCrypto,
390
+ const responseString = await this.waitForPopupResponse(
376
391
  request,
377
- this.performanceClient
392
+ popupWindow,
393
+ popupParams.popupWindowParent
378
394
  );
379
395
 
380
396
  const serverParams = invoke(
@@ -494,18 +510,12 @@ export class PopupClient extends StandardInteractionClient {
494
510
 
495
511
  // Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
496
512
  const responseString = await invokeAsync(
497
- BrowserUtils.waitForBridgeResponse,
513
+ this.waitForPopupResponse.bind(this),
498
514
  BrowserPerformanceEvents.SilentHandlerMonitorIframeForHash,
499
515
  this.logger,
500
516
  this.performanceClient,
501
517
  correlationId
502
- )(
503
- this.config.system.popupBridgeTimeout,
504
- this.logger,
505
- this.browserCrypto,
506
- popupRequest,
507
- this.performanceClient
508
- );
518
+ )(popupRequest, popupWindow, popupParams.popupWindowParent);
509
519
 
510
520
  const serverParams = invoke(
511
521
  ResponseHandler.deserializeResponse,
@@ -623,18 +633,12 @@ export class PopupClient extends StandardInteractionClient {
623
633
 
624
634
  // Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
625
635
  const responseString = await invokeAsync(
626
- BrowserUtils.waitForBridgeResponse,
636
+ this.waitForPopupResponse.bind(this),
627
637
  BrowserPerformanceEvents.SilentHandlerMonitorIframeForHash,
628
638
  this.logger,
629
639
  this.performanceClient,
630
640
  correlationId
631
- )(
632
- this.config.system.popupBridgeTimeout,
633
- this.logger,
634
- this.browserCrypto,
635
- request,
636
- this.performanceClient
637
- );
641
+ )(request, popupWindow, popupParams.popupWindowParent);
638
642
 
639
643
  const serverParams = invoke(
640
644
  ResponseHandler.deserializeResponse,
@@ -792,12 +796,10 @@ export class PopupClient extends StandardInteractionClient {
792
796
  null
793
797
  );
794
798
 
795
- await BrowserUtils.waitForBridgeResponse(
796
- this.config.system.popupBridgeTimeout,
797
- this.logger,
798
- this.browserCrypto,
799
+ await this.waitForPopupResponse(
799
800
  validRequest,
800
- this.performanceClient
801
+ popupWindow,
802
+ popupParams.popupWindowParent
801
803
  ).catch(() => {
802
804
  // Swallow any errors related to monitoring the window. Server logout is best effort
803
805
  });
@@ -922,6 +924,22 @@ export class PopupClient extends StandardInteractionClient {
922
924
  BrowserAuthErrorCodes.emptyWindowError
923
925
  );
924
926
  }
927
+ try {
928
+ popupWindow.document.title = "Microsoft Authentication";
929
+ } catch (e) {
930
+ if (
931
+ typeof DOMException !== "undefined" &&
932
+ e instanceof DOMException &&
933
+ e.name === "SecurityError"
934
+ ) {
935
+ // Cross-origin - title cannot be set
936
+ } else {
937
+ this.logger.verbose(
938
+ "Could not set document.title on popup window",
939
+ this.correlationId
940
+ );
941
+ }
942
+ }
925
943
  if (popupWindow.focus) {
926
944
  popupWindow.focus();
927
945
  }
@@ -1043,4 +1061,24 @@ export class PopupClient extends StandardInteractionClient {
1043
1061
  const homeAccountId = request.account && request.account.homeAccountId;
1044
1062
  return `${BrowserConstants.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${homeAccountId}.${this.correlationId}`;
1045
1063
  }
1064
+
1065
+ protected async waitForPopupResponse(
1066
+ request: CommonAuthorizationUrlRequest | CommonEndSessionRequest,
1067
+ popupWindow: Window,
1068
+ popupWindowParent: Window
1069
+ ): Promise<string> {
1070
+ if (this.waitForPopupResponseHook) {
1071
+ return this.waitForPopupResponseHook(
1072
+ request,
1073
+ popupWindow,
1074
+ popupWindowParent
1075
+ );
1076
+ }
1077
+ return BrowserUtils.waitForBridgeResponse(
1078
+ this.config.system.popupBridgeTimeout,
1079
+ this.logger,
1080
+ request,
1081
+ this.performanceClient
1082
+ );
1083
+ }
1046
1084
  }