@azure/msal-browser 5.11.0 → 5.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (267) hide show
  1. package/README.md +1 -0
  2. package/dist/app/IPublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientApplication.mjs +44 -2
  4. package/dist/app/PublicClientApplication.mjs.map +1 -1
  5. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +3 -3
  6. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  8. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  9. package/dist/cache/AccountManager.mjs +1 -1
  10. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  11. package/dist/cache/BrowserCacheManager.mjs +99 -15
  12. package/dist/cache/BrowserCacheManager.mjs.map +1 -1
  13. package/dist/cache/CacheHelpers.mjs +1 -1
  14. package/dist/cache/CacheKeys.mjs +1 -1
  15. package/dist/cache/CookieStorage.mjs +1 -1
  16. package/dist/cache/DatabaseStorage.mjs +1 -1
  17. package/dist/cache/EncryptedData.mjs +1 -1
  18. package/dist/cache/LocalStorage.mjs +1 -1
  19. package/dist/cache/MemoryStorage.mjs +1 -1
  20. package/dist/cache/SessionStorage.mjs +1 -1
  21. package/dist/cache/TokenCache.mjs +1 -1
  22. package/dist/config/Configuration.mjs +3 -2
  23. package/dist/config/Configuration.mjs.map +1 -1
  24. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  25. package/dist/controllers/StandardController.mjs +5 -5
  26. package/dist/controllers/StandardController.mjs.map +1 -1
  27. package/dist/crypto/BrowserCrypto.mjs +1 -1
  28. package/dist/crypto/CryptoOps.mjs +1 -1
  29. package/dist/crypto/PkceGenerator.mjs +1 -1
  30. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  31. package/dist/custom_auth/CustomAuthConstants.mjs +1 -1
  32. package/dist/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  33. package/dist/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  34. package/dist/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  35. package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  36. package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  37. package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  38. package/dist/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  39. package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  40. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  41. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  42. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  43. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  44. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  45. package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  46. package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  47. package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  48. package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  49. package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  50. package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  51. package/dist/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  52. package/dist/custom_auth/core/error/CustomAuthError.mjs +1 -1
  53. package/dist/custom_auth/core/error/HttpError.mjs +1 -1
  54. package/dist/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  55. package/dist/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  56. package/dist/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  57. package/dist/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  58. package/dist/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  59. package/dist/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  60. package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  61. package/dist/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  62. package/dist/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  63. package/dist/custom_auth/core/error/UnexpectedError.mjs +1 -1
  64. package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  65. package/dist/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  66. package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  67. package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  68. package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  69. package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  70. package/dist/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  71. package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  72. package/dist/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  73. package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  74. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  75. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  76. package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  77. package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  78. package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  79. package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  80. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  81. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  82. package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  83. package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  84. package/dist/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  85. package/dist/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  86. package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs +1 -1
  87. package/dist/custom_auth/core/utils/UrlUtils.mjs +1 -1
  88. package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  89. package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  90. package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  91. package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  92. package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  93. package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  94. package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  95. package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  96. package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  97. package/dist/custom_auth/index.mjs +1 -1
  98. package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  99. package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  100. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  101. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  102. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  103. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  104. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  105. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  106. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  107. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  108. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  109. package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  110. package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  111. package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  112. package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  113. package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  114. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  115. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  116. package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  117. package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  118. package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  119. package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  120. package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  121. package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  122. package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  123. package/dist/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  124. package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  125. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  126. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  127. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  128. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  129. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  130. package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  131. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  132. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  133. package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  134. package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  135. package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  136. package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  137. package/dist/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  138. package/dist/encode/Base64Decode.mjs +1 -1
  139. package/dist/encode/Base64Encode.mjs +1 -1
  140. package/dist/error/BrowserAuthError.mjs +1 -1
  141. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  142. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  143. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  144. package/dist/error/NativeAuthError.mjs +4 -4
  145. package/dist/error/NativeAuthError.mjs.map +1 -1
  146. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  147. package/dist/error/NestedAppAuthError.mjs +1 -1
  148. package/dist/event/EventHandler.mjs +1 -1
  149. package/dist/event/EventMessage.mjs +1 -1
  150. package/dist/event/EventType.mjs +1 -1
  151. package/dist/index.mjs +1 -1
  152. package/dist/interaction_client/BaseInteractionClient.mjs +8 -3
  153. package/dist/interaction_client/BaseInteractionClient.mjs.map +1 -1
  154. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  155. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +7 -6
  156. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  157. package/dist/interaction_client/PopupClient.mjs +30 -10
  158. package/dist/interaction_client/PopupClient.mjs.map +1 -1
  159. package/dist/interaction_client/RedirectClient.mjs +17 -9
  160. package/dist/interaction_client/RedirectClient.mjs.map +1 -1
  161. package/dist/interaction_client/SilentAuthCodeClient.mjs +2 -2
  162. package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
  163. package/dist/interaction_client/SilentCacheClient.mjs +2 -2
  164. package/dist/interaction_client/SilentCacheClient.mjs.map +1 -1
  165. package/dist/interaction_client/SilentIframeClient.mjs +49 -20
  166. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  167. package/dist/interaction_client/SilentRefreshClient.mjs +2 -2
  168. package/dist/interaction_client/SilentRefreshClient.mjs.map +1 -1
  169. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  170. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  171. package/dist/interaction_handler/SilentHandler.mjs +13 -26
  172. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  173. package/dist/log-strings-mapping.json +1202 -1194
  174. package/dist/naa/BridgeError.mjs +1 -1
  175. package/dist/naa/BridgeProxy.mjs +1 -1
  176. package/dist/naa/BridgeStatusCode.mjs +1 -1
  177. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  178. package/dist/navigation/NavigationClient.mjs +1 -1
  179. package/dist/network/FetchClient.mjs +1 -1
  180. package/dist/operatingcontext/BaseOperatingContext.mjs +10 -2
  181. package/dist/operatingcontext/BaseOperatingContext.mjs.map +1 -1
  182. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  183. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  184. package/dist/packageMetadata.mjs +2 -2
  185. package/dist/protocol/Authorize.mjs +1 -1
  186. package/dist/redirect_bridge/index.mjs +4 -5
  187. package/dist/redirect_bridge/index.mjs.map +1 -1
  188. package/dist/request/RequestHelpers.mjs +1 -1
  189. package/dist/response/ResponseHandler.mjs +1 -1
  190. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  191. package/dist/telemetry/BrowserPerformanceEvents.mjs +2 -3
  192. package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
  193. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  194. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  195. package/dist/utils/BrowserConstants.mjs +1 -1
  196. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  197. package/dist/utils/BrowserUtils.mjs +15 -5
  198. package/dist/utils/BrowserUtils.mjs.map +1 -1
  199. package/dist/utils/Helpers.mjs +1 -1
  200. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  201. package/lib/custom-auth-path/log-strings-mapping.json +19 -11
  202. package/lib/custom-auth-path/msal-custom-auth.cjs +511 -263
  203. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  204. package/lib/custom-auth-path/msal-custom-auth.js +511 -263
  205. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  206. package/lib/log-strings-mapping.json +11 -3
  207. package/lib/msal-browser.cjs +539 -267
  208. package/lib/msal-browser.cjs.map +1 -1
  209. package/lib/msal-browser.js +539 -267
  210. package/lib/msal-browser.js.map +1 -1
  211. package/lib/msal-browser.min.js +2 -2
  212. package/lib/redirect-bridge/msal-redirect-bridge.cjs +59 -50
  213. package/lib/redirect-bridge/msal-redirect-bridge.cjs.map +1 -1
  214. package/lib/redirect-bridge/msal-redirect-bridge.js +59 -50
  215. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
  216. package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
  217. package/package.json +2 -2
  218. package/src/app/PublicClientApplication.ts +85 -1
  219. package/src/broker/nativeBroker/NativeStatusCodes.ts +1 -1
  220. package/src/cache/BrowserCacheManager.ts +157 -33
  221. package/src/config/Configuration.ts +6 -0
  222. package/src/controllers/StandardController.ts +10 -8
  223. package/src/error/NativeAuthError.ts +2 -2
  224. package/src/interaction_client/BaseInteractionClient.ts +12 -1
  225. package/src/interaction_client/PlatformAuthInteractionClient.ts +14 -4
  226. package/src/interaction_client/PopupClient.ts +74 -30
  227. package/src/interaction_client/RedirectClient.ts +32 -8
  228. package/src/interaction_client/SilentAuthCodeClient.ts +3 -1
  229. package/src/interaction_client/SilentCacheClient.ts +3 -1
  230. package/src/interaction_client/SilentIframeClient.ts +140 -74
  231. package/src/interaction_client/SilentRefreshClient.ts +3 -1
  232. package/src/interaction_handler/SilentHandler.ts +12 -32
  233. package/src/operatingcontext/BaseOperatingContext.ts +15 -1
  234. package/src/packageMetadata.ts +1 -1
  235. package/src/redirect_bridge/index.ts +3 -7
  236. package/src/telemetry/BrowserPerformanceEvents.ts +0 -1
  237. package/src/utils/BrowserUtils.ts +28 -7
  238. package/types/app/PublicClientApplication.d.ts +37 -1
  239. package/types/app/PublicClientApplication.d.ts.map +1 -1
  240. package/types/broker/nativeBroker/NativeStatusCodes.d.ts +1 -1
  241. package/types/cache/BrowserCacheManager.d.ts +18 -1
  242. package/types/cache/BrowserCacheManager.d.ts.map +1 -1
  243. package/types/config/Configuration.d.ts +5 -0
  244. package/types/config/Configuration.d.ts.map +1 -1
  245. package/types/controllers/StandardController.d.ts.map +1 -1
  246. package/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  247. package/types/interaction_client/BaseInteractionClient.d.ts +2 -1
  248. package/types/interaction_client/BaseInteractionClient.d.ts.map +1 -1
  249. package/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  250. package/types/interaction_client/PopupClient.d.ts +11 -1
  251. package/types/interaction_client/PopupClient.d.ts.map +1 -1
  252. package/types/interaction_client/RedirectClient.d.ts.map +1 -1
  253. package/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  254. package/types/interaction_client/SilentCacheClient.d.ts.map +1 -1
  255. package/types/interaction_client/SilentIframeClient.d.ts +20 -1
  256. package/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  257. package/types/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  258. package/types/interaction_handler/SilentHandler.d.ts +13 -6
  259. package/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  260. package/types/operatingcontext/BaseOperatingContext.d.ts +8 -1
  261. package/types/operatingcontext/BaseOperatingContext.d.ts.map +1 -1
  262. package/types/packageMetadata.d.ts +1 -1
  263. package/types/redirect_bridge/index.d.ts.map +1 -1
  264. package/types/telemetry/BrowserPerformanceEvents.d.ts +0 -1
  265. package/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  266. package/types/utils/BrowserUtils.d.ts +17 -2
  267. package/types/utils/BrowserUtils.d.ts.map +1 -1
@@ -197,7 +197,9 @@ export class RedirectClient extends StandardInteractionClient {
197
197
  this.config.auth.clientId,
198
198
  this.correlationId,
199
199
  this.browserStorage,
200
- this.logger
200
+ this.logger,
201
+ undefined,
202
+ this.config.system.serverTelemetryEnabled
201
203
  );
202
204
 
203
205
  const pkceCodes = await invokeAsync(
@@ -409,12 +411,17 @@ export class RedirectClient extends StandardInteractionClient {
409
411
  parentMeasurement: InProgressPerformanceEvent,
410
412
  options?: HandleRedirectPromiseOptions
411
413
  ): Promise<AuthenticationResult | null> {
414
+ const originalTitle = document.title;
415
+ document.title = "Microsoft Authentication";
416
+
412
417
  const serverTelemetryManager = initializeServerTelemetryManager(
413
418
  ApiId.handleRedirectPromise,
414
419
  this.config.auth.clientId,
415
420
  this.correlationId,
416
421
  this.browserStorage,
417
- this.logger
422
+ this.logger,
423
+ undefined,
424
+ this.config.system.serverTelemetryEnabled
418
425
  );
419
426
 
420
427
  const navigateToLoginRequestUrl =
@@ -452,9 +459,15 @@ export class RedirectClient extends StandardInteractionClient {
452
459
  true
453
460
  ) || "";
454
461
  const loginRequestUrlNormalized =
455
- UrlUtils.normalizeUrlForComparison(loginRequestUrl);
462
+ UrlUtils.normalizeUrlForComparison(
463
+ loginRequestUrl,
464
+ this.logger,
465
+ this.correlationId
466
+ );
456
467
  const currentUrlNormalized = UrlUtils.normalizeUrlForComparison(
457
- window.location.href
468
+ window.location.href,
469
+ this.logger,
470
+ this.correlationId
458
471
  );
459
472
 
460
473
  if (
@@ -515,8 +528,8 @@ export class RedirectClient extends StandardInteractionClient {
515
528
  * The start page is expected to also call handleRedirectPromise which will process the hash in one of the checks above.
516
529
  */
517
530
  let processHashOnRedirect: boolean = true;
518
- if (!loginRequestUrl || loginRequestUrl === "null") {
519
- // Redirect to home page if login request url is null (real null or the string null)
531
+ if (!loginRequestUrl) {
532
+ // Redirect to home page if login request url is empty
520
533
  const homepage = BrowserUtils.getHomepage();
521
534
  // Cache the homepage under ORIGIN_URI to ensure cached hash is processed on homepage
522
535
  this.browserStorage.setTemporaryCache(
@@ -564,6 +577,8 @@ export class RedirectClient extends StandardInteractionClient {
564
577
  serverTelemetryManager.cacheFailedRequest(e);
565
578
  }
566
579
  throw e;
580
+ } finally {
581
+ document.title = originalTitle;
567
582
  }
568
583
  }
569
584
 
@@ -815,7 +830,9 @@ export class RedirectClient extends StandardInteractionClient {
815
830
  this.config.auth.clientId,
816
831
  this.correlationId,
817
832
  this.browserStorage,
818
- this.logger
833
+ this.logger,
834
+ undefined,
835
+ this.config.system.serverTelemetryEnabled
819
836
  );
820
837
 
821
838
  try {
@@ -969,9 +986,16 @@ export class RedirectClient extends StandardInteractionClient {
969
986
  */
970
987
  protected getRedirectStartPage(requestStartPage?: string): string {
971
988
  const redirectStartPage = requestStartPage || window.location.href;
972
- return UrlString.getAbsoluteUrl(
989
+ const absoluteRedirectStartPage = UrlString.getAbsoluteUrl(
973
990
  redirectStartPage,
974
991
  BrowserUtils.getCurrentUri()
975
992
  );
993
+ // Sanity check the URL before it is cached so we never persist a malformed value (e.g. the literal string "null")
994
+ UrlUtils.validateUrl(
995
+ absoluteRedirectStartPage,
996
+ this.logger,
997
+ this.correlationId
998
+ );
999
+ return absoluteRedirectStartPage;
976
1000
  }
977
1001
  }
@@ -104,7 +104,9 @@ export class SilentAuthCodeClient extends StandardInteractionClient {
104
104
  this.config.auth.clientId,
105
105
  this.correlationId,
106
106
  this.browserStorage,
107
- this.logger
107
+ this.logger,
108
+ undefined,
109
+ this.config.system.serverTelemetryEnabled
108
110
  );
109
111
 
110
112
  try {
@@ -36,7 +36,9 @@ export class SilentCacheClient extends StandardInteractionClient {
36
36
  this.config.auth.clientId,
37
37
  this.correlationId,
38
38
  this.browserStorage,
39
- this.logger
39
+ this.logger,
40
+ undefined,
41
+ this.config.system.serverTelemetryEnabled
40
42
  );
41
43
 
42
44
  const clientConfig = await invokeAsync(
@@ -37,6 +37,7 @@ import {
37
37
  BrowserConstants,
38
38
  } from "../utils/BrowserConstants.js";
39
39
  import {
40
+ createHiddenIframe,
40
41
  initiateCodeRequest,
41
42
  initiateCodeFlowWithPost,
42
43
  initiateEarRequest,
@@ -56,9 +57,35 @@ import {
56
57
  initializeServerTelemetryManager,
57
58
  } from "./BaseInteractionClient.js";
58
59
 
60
+ import type { WaitForBridgeRequest } from "../utils/BrowserUtils.js";
61
+
62
+ /**
63
+ * Minimal request shape accepted by the iframe-response hook.
64
+ * Intentionally narrow so subclasses can override without needing
65
+ * access to internal resolved-request types.
66
+ *
67
+ * @internal
68
+ */
69
+ export type WaitForIframeRequest = WaitForBridgeRequest;
70
+
71
+ /**
72
+ * Signature of the iframe-response handler supplied by
73
+ * {@link PublicClientApplication} to {@link SilentIframeClient} via the
74
+ * operating context.
75
+ *
76
+ * @internal
77
+ */
78
+ export type WaitForIframeResponseFn = (
79
+ iframe: HTMLIFrameElement,
80
+ request: WaitForIframeRequest
81
+ ) => Promise<string>;
82
+
59
83
  export class SilentIframeClient extends StandardInteractionClient {
60
84
  protected apiId: ApiId;
61
85
  protected nativeStorage: BrowserCacheManager;
86
+ private readonly waitForIframeResponseHook:
87
+ | WaitForIframeResponseFn
88
+ | undefined;
62
89
 
63
90
  constructor(
64
91
  config: BrowserConfiguration,
@@ -71,7 +98,8 @@ export class SilentIframeClient extends StandardInteractionClient {
71
98
  performanceClient: IPerformanceClient,
72
99
  nativeStorageImpl: BrowserCacheManager,
73
100
  correlationId: string,
74
- platformAuthProvider?: IPlatformAuthHandler
101
+ platformAuthProvider?: IPlatformAuthHandler,
102
+ waitForIframeResponseHook?: WaitForIframeResponseFn
75
103
  ) {
76
104
  super(
77
105
  config,
@@ -86,6 +114,7 @@ export class SilentIframeClient extends StandardInteractionClient {
86
114
  );
87
115
  this.apiId = apiId;
88
116
  this.nativeStorage = nativeStorageImpl;
117
+ this.waitForIframeResponseHook = waitForIframeResponseHook;
89
118
  }
90
119
 
91
120
  /**
@@ -171,7 +200,9 @@ export class SilentIframeClient extends StandardInteractionClient {
171
200
  this.config.auth.clientId,
172
201
  this.correlationId,
173
202
  this.browserStorage,
174
- this.logger
203
+ this.logger,
204
+ undefined,
205
+ this.config.system.serverTelemetryEnabled
175
206
  );
176
207
 
177
208
  try {
@@ -279,37 +310,45 @@ export class SilentIframeClient extends StandardInteractionClient {
279
310
  earJwk: earJwk,
280
311
  codeChallenge: pkceCodes.challenge,
281
312
  };
282
- const iframe = await invokeAsync(
283
- initiateEarRequest,
284
- BrowserPerformanceEvents.SilentHandlerInitiateAuthRequest,
285
- this.logger,
286
- this.performanceClient,
287
- correlationId
288
- )(
289
- this.config,
290
- discoveredAuthority,
291
- silentRequest,
292
- this.logger,
293
- this.performanceClient
294
- );
313
+
314
+ // Create the iframe, register the response listener, then navigate, so the listener is active before the iframe can respond.
315
+ const iframe = createHiddenIframe();
295
316
 
296
317
  const responseType = this.config.auth.OIDCOptions.responseMode;
297
318
  let responseString: string;
298
319
  try {
299
- responseString = await invokeAsync(
300
- BrowserUtils.waitForBridgeResponse,
320
+ const responsePromise = invokeAsync(
321
+ this.waitForIframeResponse.bind(this),
301
322
  BrowserPerformanceEvents.SilentHandlerMonitorIframeForHash,
302
323
  this.logger,
303
324
  this.performanceClient,
304
325
  correlationId
305
- )(
306
- this.config.system.iframeBridgeTimeout,
326
+ )(iframe, request);
327
+ responsePromise.catch(() => {
328
+ /*
329
+ * If navigation below throws before responsePromise is awaited,
330
+ * the listener still rejects on timeout. Swallow it here so it
331
+ * does not surface as an unhandled rejection; the navigation
332
+ * error is propagated instead.
333
+ */
334
+ });
335
+
336
+ await invokeAsync(
337
+ initiateEarRequest,
338
+ BrowserPerformanceEvents.SilentHandlerInitiateAuthRequest,
307
339
  this.logger,
308
- this.browserCrypto,
309
- request,
310
340
  this.performanceClient,
311
- this.config.experimental
341
+ correlationId
342
+ )(
343
+ iframe,
344
+ this.config,
345
+ discoveredAuthority,
346
+ silentRequest,
347
+ this.logger,
348
+ this.performanceClient
312
349
  );
350
+
351
+ responseString = await responsePromise;
313
352
  } finally {
314
353
  invoke(
315
354
  removeHiddenIframe,
@@ -342,7 +381,9 @@ export class SilentIframeClient extends StandardInteractionClient {
342
381
  this.config.auth.clientId,
343
382
  correlationId,
344
383
  this.browserStorage,
345
- this.logger
384
+ this.logger,
385
+ undefined,
386
+ this.config.system.serverTelemetryEnabled
346
387
  ),
347
388
  requestAuthority: request.authority,
348
389
  requestAzureCloudOptions: request.azureCloudOptions,
@@ -436,7 +477,9 @@ export class SilentIframeClient extends StandardInteractionClient {
436
477
  this.config.auth.clientId,
437
478
  this.correlationId,
438
479
  this.browserStorage,
439
- this.logger
480
+ this.logger,
481
+ undefined,
482
+ this.config.system.serverTelemetryEnabled
440
483
  ),
441
484
  requestAuthority: silentRequest.authority,
442
485
  requestAzureCloudOptions: silentRequest.azureCloudOptions,
@@ -550,65 +593,72 @@ export class SilentIframeClient extends StandardInteractionClient {
550
593
  codeChallenge: pkceCodes.challenge,
551
594
  };
552
595
 
553
- let iframe: HTMLIFrameElement;
554
- if (request.httpMethod === Constants.HttpMethod.POST) {
555
- iframe = await invokeAsync(
556
- initiateCodeFlowWithPost,
557
- BrowserPerformanceEvents.SilentHandlerInitiateAuthRequest,
558
- this.logger,
559
- this.performanceClient,
560
- correlationId
561
- )(
562
- this.config,
563
- authClient.authority,
564
- silentRequest,
565
- this.logger,
566
- this.performanceClient
567
- );
568
- } else {
569
- // Create authorize request url
570
- const navigateUrl = await invokeAsync(
571
- Authorize.getAuthCodeRequestUrl,
572
- PerformanceEvents.GetAuthCodeUrl,
573
- this.logger,
574
- this.performanceClient,
575
- correlationId
576
- )(
577
- this.config,
578
- authClient.authority,
579
- silentRequest,
580
- this.logger,
581
- this.performanceClient
582
- );
583
-
584
- // Get the frame handle for the silent request
585
- iframe = await invokeAsync(
586
- initiateCodeRequest,
587
- BrowserPerformanceEvents.SilentHandlerInitiateAuthRequest,
588
- this.logger,
589
- this.performanceClient,
590
- correlationId
591
- )(navigateUrl, this.performanceClient, this.logger, correlationId);
592
- }
596
+ // Create the iframe, register the response listener, then navigate, so the listener is active before the iframe can respond.
597
+ const iframe = createHiddenIframe();
593
598
 
594
599
  const responseType = this.config.auth.OIDCOptions.responseMode;
595
600
  // Wait for response from the redirect bridge.
596
601
  let responseString: string;
597
602
  try {
598
- responseString = await invokeAsync(
599
- BrowserUtils.waitForBridgeResponse,
603
+ const responsePromise = invokeAsync(
604
+ this.waitForIframeResponse.bind(this),
600
605
  BrowserPerformanceEvents.SilentHandlerMonitorIframeForHash,
601
606
  this.logger,
602
607
  this.performanceClient,
603
608
  correlationId
604
- )(
605
- this.config.system.iframeBridgeTimeout,
606
- this.logger,
607
- this.browserCrypto,
608
- request,
609
- this.performanceClient,
610
- this.config.experimental
611
- );
609
+ )(iframe, request);
610
+ responsePromise.catch(() => {
611
+ /*
612
+ * If URL creation or navigation below throws before
613
+ * responsePromise is awaited, the listener still rejects on
614
+ * timeout. Swallow it here so it does not surface as an
615
+ * unhandled rejection; the navigation error is propagated
616
+ * instead.
617
+ */
618
+ });
619
+
620
+ if (request.httpMethod === Constants.HttpMethod.POST) {
621
+ await invokeAsync(
622
+ initiateCodeFlowWithPost,
623
+ BrowserPerformanceEvents.SilentHandlerInitiateAuthRequest,
624
+ this.logger,
625
+ this.performanceClient,
626
+ correlationId
627
+ )(
628
+ iframe,
629
+ this.config,
630
+ authClient.authority,
631
+ silentRequest,
632
+ this.logger,
633
+ this.performanceClient
634
+ );
635
+ } else {
636
+ // Create authorize request url
637
+ const navigateUrl = await invokeAsync(
638
+ Authorize.getAuthCodeRequestUrl,
639
+ PerformanceEvents.GetAuthCodeUrl,
640
+ this.logger,
641
+ this.performanceClient,
642
+ correlationId
643
+ )(
644
+ this.config,
645
+ authClient.authority,
646
+ silentRequest,
647
+ this.logger,
648
+ this.performanceClient
649
+ );
650
+
651
+ // Navigate the iframe to the authorize request url
652
+ await invokeAsync(
653
+ initiateCodeRequest,
654
+ BrowserPerformanceEvents.SilentHandlerInitiateAuthRequest,
655
+ this.logger,
656
+ this.performanceClient,
657
+ correlationId
658
+ )(iframe, navigateUrl, this.logger, correlationId);
659
+ }
660
+
661
+ responseString = await responsePromise;
612
662
  } finally {
613
663
  invoke(
614
664
  removeHiddenIframe,
@@ -629,4 +679,20 @@ export class SilentIframeClient extends StandardInteractionClient {
629
679
 
630
680
  return { serverParams, pkceCodes, silentRequest };
631
681
  }
682
+
683
+ protected async waitForIframeResponse(
684
+ iframe: HTMLIFrameElement,
685
+ request: WaitForIframeRequest
686
+ ): Promise<string> {
687
+ if (this.waitForIframeResponseHook) {
688
+ return this.waitForIframeResponseHook(iframe, request);
689
+ }
690
+ return BrowserUtils.waitForBridgeResponse(
691
+ this.config.system.iframeBridgeTimeout,
692
+ this.logger,
693
+ request,
694
+ this.performanceClient,
695
+ this.config.experimental
696
+ );
697
+ }
632
698
  }
@@ -68,7 +68,9 @@ export class SilentRefreshClient extends StandardInteractionClient {
68
68
  this.config.auth.clientId,
69
69
  this.correlationId,
70
70
  this.browserStorage,
71
- this.logger
71
+ this.logger,
72
+ undefined,
73
+ this.config.system.serverTelemetryEnabled
72
74
  );
73
75
 
74
76
  const refreshTokenClient = await this.createRefreshTokenClient({
@@ -6,11 +6,9 @@
6
6
  import {
7
7
  Logger,
8
8
  IPerformanceClient,
9
- invoke,
10
9
  Authority,
11
10
  CommonAuthorizationUrlRequest,
12
11
  } from "@azure/msal-common/browser";
13
- import * as BrowserPerformanceEvents from "../telemetry/BrowserPerformanceEvents.js";
14
12
  import {
15
13
  createBrowserAuthError,
16
14
  BrowserAuthErrorCodes,
@@ -19,13 +17,13 @@ import { BrowserConfiguration } from "../config/Configuration.js";
19
17
  import { getCodeForm, getEARForm } from "../protocol/Authorize.js";
20
18
 
21
19
  /**
22
- * Creates a hidden iframe to given URL using user-requested scopes as an id.
23
- * @param urlNavigate
24
- * @param userRequestScopes
20
+ * Navigates the given hidden iframe to the provided URL.
21
+ * @param frame
22
+ * @param requestUrl
25
23
  */
26
24
  export async function initiateCodeRequest(
25
+ frame: HTMLIFrameElement,
27
26
  requestUrl: string,
28
- performanceClient: IPerformanceClient,
29
27
  logger: Logger,
30
28
  correlationId: string
31
29
  ): Promise<HTMLIFrameElement> {
@@ -35,23 +33,18 @@ export async function initiateCodeRequest(
35
33
  throw createBrowserAuthError(BrowserAuthErrorCodes.emptyNavigateUri);
36
34
  }
37
35
 
38
- return invoke(
39
- loadFrameSync,
40
- BrowserPerformanceEvents.SilentHandlerLoadFrameSync,
41
- logger,
42
- performanceClient,
43
- correlationId
44
- )(requestUrl);
36
+ frame.src = requestUrl;
37
+ return frame;
45
38
  }
46
39
 
47
40
  export async function initiateCodeFlowWithPost(
41
+ frame: HTMLIFrameElement,
48
42
  config: BrowserConfiguration,
49
43
  authority: Authority,
50
44
  request: CommonAuthorizationUrlRequest,
51
45
  logger: Logger,
52
46
  performanceClient: IPerformanceClient
53
47
  ): Promise<HTMLIFrameElement> {
54
- const frame = createHiddenIframe();
55
48
  if (!frame.contentDocument) {
56
49
  throw "No document associated with iframe!";
57
50
  }
@@ -68,13 +61,13 @@ export async function initiateCodeFlowWithPost(
68
61
  }
69
62
 
70
63
  export async function initiateEarRequest(
64
+ frame: HTMLIFrameElement,
71
65
  config: BrowserConfiguration,
72
66
  authority: Authority,
73
67
  request: CommonAuthorizationUrlRequest,
74
68
  logger: Logger,
75
69
  performanceClient: IPerformanceClient
76
70
  ): Promise<HTMLIFrameElement> {
77
- const frame = createHiddenIframe();
78
71
  if (!frame.contentDocument) {
79
72
  throw "No document associated with iframe!";
80
73
  }
@@ -92,28 +85,15 @@ export async function initiateEarRequest(
92
85
 
93
86
  /**
94
87
  * @hidden
95
- * Loads the iframe synchronously when the navigateTimeFrame is set to `0`
96
- * @param urlNavigate
97
- * @param frameName
98
- * @param logger
99
- */
100
- function loadFrameSync(urlNavigate: string): HTMLIFrameElement {
101
- const frameHandle = createHiddenIframe();
102
-
103
- frameHandle.src = urlNavigate;
104
-
105
- return frameHandle;
106
- }
107
-
108
- /**
109
- * @hidden
110
- * Creates a new hidden iframe or gets an existing one for silent token renewal.
88
+ * Creates a new hidden iframe for silent token renewal. Callers navigate it
89
+ * (set `src` or submit a form) after registering the response listener.
111
90
  * @ignore
112
91
  */
113
- function createHiddenIframe(): HTMLIFrameElement {
92
+ export function createHiddenIframe(): HTMLIFrameElement {
114
93
  const authFrame = document.createElement("iframe");
115
94
 
116
95
  authFrame.className = "msalSilentIframe";
96
+ authFrame.title = "Microsoft Authentication";
117
97
  authFrame.style.visibility = "hidden";
118
98
  authFrame.style.position = "absolute";
119
99
  authFrame.style.width = authFrame.style.height = "0";
@@ -9,6 +9,7 @@ import {
9
9
  buildConfiguration,
10
10
  Configuration,
11
11
  } from "../config/Configuration.js";
12
+ import type { AuthResponseHandlers } from "../app/PublicClientApplication.js";
12
13
  import { version, name } from "../packageMetadata.js";
13
14
  import { BrowserCacheLocation } from "../utils/BrowserConstants.js";
14
15
  import { LOG_LEVEL_CACHE_KEY, LOG_PII_CACHE_KEY } from "../cache/CacheKeys.js";
@@ -25,6 +26,7 @@ export abstract class BaseOperatingContext {
25
26
  protected config: BrowserConfiguration;
26
27
  protected available: boolean;
27
28
  protected browserEnvironment: boolean;
29
+ protected responseHandlers: AuthResponseHandlers | undefined;
28
30
 
29
31
  protected static loggerCallback(level: LogLevel, message: string): void {
30
32
  switch (level) {
@@ -51,7 +53,10 @@ export abstract class BaseOperatingContext {
51
53
  }
52
54
  }
53
55
 
54
- constructor(config: Configuration) {
56
+ constructor(
57
+ config: Configuration,
58
+ responseHandlers?: AuthResponseHandlers
59
+ ) {
55
60
  /*
56
61
  * If loaded in an environment where window is not available,
57
62
  * set internal flag to false so that further requests fail.
@@ -59,6 +64,7 @@ export abstract class BaseOperatingContext {
59
64
  */
60
65
  this.browserEnvironment = typeof window !== "undefined";
61
66
  this.config = buildConfiguration(config, this.browserEnvironment);
67
+ this.responseHandlers = responseHandlers;
62
68
 
63
69
  let sessionStorage: Storage | undefined;
64
70
  try {
@@ -119,6 +125,14 @@ export abstract class BaseOperatingContext {
119
125
  return this.config;
120
126
  }
121
127
 
128
+ /**
129
+ * Returns the internal response handlers supplied by PublicClientApplication, if any.
130
+ * @returns AuthResponseHandlers | undefined
131
+ */
132
+ getResponseHandlers(): AuthResponseHandlers | undefined {
133
+ return this.responseHandlers;
134
+ }
135
+
122
136
  /**
123
137
  * Returns the MSAL Logger
124
138
  * @returns Logger
@@ -1,3 +1,3 @@
1
1
  /* eslint-disable header/header */
2
2
  export const name = "@azure/msal-browser";
3
- export const version = "5.11.0";
3
+ export const version = "5.13.0";
@@ -32,18 +32,14 @@ import { PREFIX } from "../cache/CacheKeys.js";
32
32
  export async function broadcastResponseToMainFrame(
33
33
  navigationClient?: NavigationClient
34
34
  ): Promise<void> {
35
+ document.title = "Microsoft Authentication";
36
+
35
37
  let parsedResponse;
36
38
  try {
37
39
  parsedResponse = parseAuthResponseFromUrl();
38
40
  } catch (error) {
39
41
  // Clear hash and query string before re-throwing parse errors
40
- if (typeof window.history.replaceState === "function") {
41
- window.history.replaceState(
42
- null,
43
- "",
44
- `${window.location.origin}${window.location.pathname}`
45
- );
46
- }
42
+ BrowserUtils.clearAuthResponseFromUrl(window);
47
43
  throw error;
48
44
  }
49
45
 
@@ -121,7 +121,6 @@ export const SilentHandlerInitiateAuthRequest =
121
121
  export const SilentHandlerMonitorIframeForHash =
122
122
  "silentHandlerMonitorIframeForHash";
123
123
  export const SilentHandlerLoadFrame = "silentHandlerLoadFrame";
124
- export const SilentHandlerLoadFrameSync = "silentHandlerLoadFrameSync";
125
124
 
126
125
  /**
127
126
  * Helper functions in StandardInteractionClient class (msal-browser)