@azure/msal-browser 5.13.0 → 5.15.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +16 -16
- package/dist/app/IPublicClientApplication.mjs.map +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +11 -11
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +21 -21
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +3 -3
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +18 -18
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +4 -4
- package/dist/cache/CookieStorage.mjs.map +1 -1
- package/dist/cache/DatabaseStorage.mjs +7 -7
- package/dist/cache/DatabaseStorage.mjs.map +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +6 -6
- package/dist/cache/LocalStorage.mjs.map +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +2 -2
- package/dist/cache/SessionStorage.mjs.map +1 -1
- package/dist/cache/TokenCache.mjs +10 -8
- package/dist/cache/TokenCache.mjs.map +1 -1
- package/dist/config/Configuration.mjs +5 -4
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +16 -17
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.mjs +24 -24
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +7 -7
- package/dist/crypto/BrowserCrypto.mjs.map +1 -1
- package/dist/crypto/CryptoOps.mjs +4 -4
- package/dist/crypto/CryptoOps.mjs.map +1 -1
- package/dist/crypto/PkceGenerator.mjs +3 -3
- package/dist/crypto/PkceGenerator.mjs.map +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom_auth/controller/CustomAuthStandardController.mjs +13 -8
- package/dist/custom_auth/controller/CustomAuthStandardController.mjs.map +1 -1
- package/dist/custom_auth/core/CustomAuthAuthority.mjs +2 -2
- package/dist/custom_auth/core/CustomAuthAuthority.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +4 -4
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +4 -4
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs.map +1 -1
- package/dist/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs +2 -2
- package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs.map +1 -1
- package/dist/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +2 -2
- package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +4 -4
- package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs +3 -3
- package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs.map +1 -1
- package/dist/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +2 -2
- package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +2 -2
- package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs.map +1 -1
- package/dist/custom_auth/index.mjs +1 -1
- package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +3 -3
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +2 -2
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +3 -3
- package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +2 -2
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +2 -2
- package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +2 -2
- package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs +2 -2
- package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs.map +1 -1
- package/dist/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +2 -2
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +3 -3
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +2 -2
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs +5 -5
- package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs.map +1 -1
- package/dist/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/encode/Base64Decode.mjs +2 -2
- package/dist/encode/Base64Decode.mjs.map +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +5 -5
- package/dist/error/BrowserAuthError.mjs.map +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +5 -5
- package/dist/error/BrowserConfigurationAuthError.mjs.map +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +20 -10
- package/dist/error/NativeAuthError.mjs.map +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +9 -5
- package/dist/error/NestedAppAuthError.mjs.map +1 -1
- package/dist/event/EventHandler.mjs +7 -6
- package/dist/event/EventHandler.mjs.map +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +6 -7
- package/dist/interaction_client/BaseInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +24 -20
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +14 -14
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +17 -17
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +4 -4
- package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +5 -5
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +3 -3
- package/dist/interaction_client/SilentRefreshClient.mjs.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +6 -6
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +3 -3
- package/dist/interaction_handler/InteractionHandler.mjs.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +2 -2
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/log-strings-mapping.json +1200 -1200
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +18 -17
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
- package/dist/navigation/NavigationClient.mjs +2 -2
- package/dist/navigation/NavigationClient.mjs.map +1 -1
- package/dist/network/FetchClient.mjs +7 -7
- package/dist/network/FetchClient.mjs.map +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +3 -3
- package/dist/operatingcontext/NestedAppOperatingContext.mjs.map +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +8 -8
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/redirect_bridge/index.mjs +1 -1
- package/dist/request/RequestHelpers.mjs +5 -5
- package/dist/request/RequestHelpers.mjs.map +1 -1
- package/dist/response/ResponseHandler.mjs +11 -11
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +4 -4
- package/dist/utils/BrowserProtocolUtils.mjs.map +1 -1
- package/dist/utils/BrowserUtils.mjs +26 -20
- package/dist/utils/BrowserUtils.mjs.map +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +2 -2
- package/lib/custom-auth-path/msal-custom-auth.cjs +969 -866
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.js +860 -761
- package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
- package/lib/log-strings-mapping.json +2 -2
- package/lib/msal-browser.cjs +898 -796
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +898 -796
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.cjs +55 -51
- package/lib/redirect-bridge/msal-redirect-bridge.cjs.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.js +55 -51
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
- package/package.json +5 -6
- package/src/app/IPublicClientApplication.ts +30 -15
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +2 -0
- package/src/broker/nativeBroker/PlatformAuthExtensionHandler.ts +8 -2
- package/src/broker/nativeBroker/PlatformAuthProvider.ts +2 -1
- package/src/cache/BrowserCacheManager.ts +19 -7
- package/src/cache/CookieStorage.ts +13 -3
- package/src/cache/DatabaseStorage.ts +12 -6
- package/src/cache/LocalStorage.ts +8 -4
- package/src/cache/SessionStorage.ts +2 -1
- package/src/cache/TokenCache.ts +22 -7
- package/src/config/Configuration.ts +15 -4
- package/src/controllers/NestedAppAuthController.ts +19 -11
- package/src/controllers/StandardController.ts +20 -9
- package/src/crypto/BrowserCrypto.ts +10 -2
- package/src/crypto/CryptoOps.ts +4 -2
- package/src/crypto/PkceGenerator.ts +8 -2
- package/src/custom_auth/controller/CustomAuthStandardController.ts +2 -4
- package/src/custom_auth/core/CustomAuthAuthority.ts +4 -2
- package/src/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.ts +2 -1
- package/src/encode/Base64Decode.ts +2 -1
- package/src/error/BrowserAuthError.ts +9 -3
- package/src/error/BrowserConfigurationAuthError.ts +9 -3
- package/src/error/NativeAuthError.ts +44 -11
- package/src/error/NestedAppAuthError.ts +14 -4
- package/src/event/EventHandler.ts +2 -1
- package/src/interaction_client/BaseInteractionClient.ts +10 -6
- package/src/interaction_client/PlatformAuthInteractionClient.ts +49 -21
- package/src/interaction_client/PopupClient.ts +14 -8
- package/src/interaction_client/RedirectClient.ts +21 -10
- package/src/interaction_client/SilentAuthCodeClient.ts +5 -3
- package/src/interaction_client/SilentIframeClient.ts +5 -3
- package/src/interaction_client/SilentRefreshClient.ts +3 -2
- package/src/interaction_client/StandardInteractionClient.ts +8 -4
- package/src/interaction_handler/InteractionHandler.ts +4 -2
- package/src/interaction_handler/SilentHandler.ts +4 -1
- package/src/naa/mapping/NestedAppAuthAdapter.ts +43 -14
- package/src/navigation/NavigationClient.ts +1 -0
- package/src/network/FetchClient.ts +14 -6
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +23 -7
- package/src/request/RequestHelpers.ts +6 -3
- package/src/response/ResponseHandler.ts +20 -7
- package/src/utils/BrowserProtocolUtils.ts +11 -3
- package/src/utils/BrowserUtils.ts +44 -17
- package/types/app/IPublicClientApplication.d.ts.map +1 -1
- package/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/types/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -1
- package/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
- package/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/types/cache/CookieStorage.d.ts +1 -1
- package/types/cache/CookieStorage.d.ts.map +1 -1
- package/types/cache/DatabaseStorage.d.ts.map +1 -1
- package/types/cache/LocalStorage.d.ts.map +1 -1
- package/types/cache/SessionStorage.d.ts.map +1 -1
- package/types/cache/TokenCache.d.ts.map +1 -1
- package/types/config/Configuration.d.ts +5 -1
- package/types/config/Configuration.d.ts.map +1 -1
- package/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/types/controllers/StandardController.d.ts.map +1 -1
- package/types/crypto/BrowserCrypto.d.ts.map +1 -1
- package/types/crypto/CryptoOps.d.ts.map +1 -1
- package/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
- package/types/custom_auth/core/CustomAuthAuthority.d.ts.map +1 -1
- package/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
- package/types/encode/Base64Decode.d.ts.map +1 -1
- package/types/error/BrowserAuthError.d.ts +2 -2
- package/types/error/BrowserAuthError.d.ts.map +1 -1
- package/types/error/BrowserConfigurationAuthError.d.ts +2 -2
- package/types/error/BrowserConfigurationAuthError.d.ts.map +1 -1
- package/types/error/NativeAuthError.d.ts +2 -2
- package/types/error/NativeAuthError.d.ts.map +1 -1
- package/types/error/NestedAppAuthError.d.ts +2 -2
- package/types/error/NestedAppAuthError.d.ts.map +1 -1
- package/types/event/EventHandler.d.ts.map +1 -1
- package/types/interaction_client/BaseInteractionClient.d.ts.map +1 -1
- package/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/types/interaction_client/SilentRefreshClient.d.ts.map +1 -1
- package/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
- package/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/types/navigation/NavigationClient.d.ts.map +1 -1
- package/types/network/FetchClient.d.ts.map +1 -1
- package/types/packageMetadata.d.ts +1 -1
- package/types/protocol/Authorize.d.ts.map +1 -1
- package/types/request/RequestHelpers.d.ts.map +1 -1
- package/types/response/ResponseHandler.d.ts +1 -1
- package/types/response/ResponseHandler.d.ts.map +1 -1
- package/types/utils/BrowserProtocolUtils.d.ts +1 -1
- package/types/utils/BrowserProtocolUtils.d.ts.map +1 -1
- package/types/utils/BrowserUtils.d.ts +5 -3
- package/types/utils/BrowserUtils.d.ts.map +1 -1
|
@@ -266,7 +266,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
266
266
|
return {
|
|
267
267
|
authority: request.authority,
|
|
268
268
|
correlationId: this.correlationId,
|
|
269
|
-
scopes: ScopeSet.fromString(
|
|
269
|
+
scopes: ScopeSet.fromString(
|
|
270
|
+
request.scope,
|
|
271
|
+
this.correlationId
|
|
272
|
+
).asArray(),
|
|
270
273
|
account: cachedAccount,
|
|
271
274
|
forceRefresh: false,
|
|
272
275
|
};
|
|
@@ -287,7 +290,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
287
290
|
"NativeInteractionClient:acquireTokensFromCache - No nativeAccountId provided",
|
|
288
291
|
this.correlationId
|
|
289
292
|
);
|
|
290
|
-
throw createClientAuthError(
|
|
293
|
+
throw createClientAuthError(
|
|
294
|
+
ClientAuthErrorCodes.noAccountFound,
|
|
295
|
+
this.correlationId
|
|
296
|
+
);
|
|
291
297
|
}
|
|
292
298
|
// fetch the account from browser cache
|
|
293
299
|
const account = this.browserStorage.getBaseAccountInfo(
|
|
@@ -298,7 +304,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
298
304
|
);
|
|
299
305
|
|
|
300
306
|
if (!account) {
|
|
301
|
-
throw createClientAuthError(
|
|
307
|
+
throw createClientAuthError(
|
|
308
|
+
ClientAuthErrorCodes.noAccountFound,
|
|
309
|
+
this.correlationId
|
|
310
|
+
);
|
|
302
311
|
}
|
|
303
312
|
|
|
304
313
|
// leverage silent flow for cached tokens retrieval
|
|
@@ -320,7 +329,8 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
320
329
|
|
|
321
330
|
const idTokenClaims = AuthToken.extractTokenClaims(
|
|
322
331
|
idToken?.secret || "",
|
|
323
|
-
base64Decode
|
|
332
|
+
base64Decode,
|
|
333
|
+
this.correlationId
|
|
324
334
|
);
|
|
325
335
|
|
|
326
336
|
const fullAccount = updateAccountTenantProfileData(
|
|
@@ -395,7 +405,8 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
395
405
|
const redirectUri = navigateToLoginRequestUrl
|
|
396
406
|
? UrlString.getAbsoluteUrl(
|
|
397
407
|
request.redirectStartPage || window.location.href,
|
|
398
|
-
getCurrentUri()
|
|
408
|
+
getCurrentUri(),
|
|
409
|
+
this.correlationId
|
|
399
410
|
)
|
|
400
411
|
: getRedirectUri(
|
|
401
412
|
request.redirectUri,
|
|
@@ -522,7 +533,8 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
522
533
|
// generate identifiers
|
|
523
534
|
const idTokenClaims = AuthToken.extractTokenClaims(
|
|
524
535
|
response.id_token,
|
|
525
|
-
base64Decode
|
|
536
|
+
base64Decode,
|
|
537
|
+
this.correlationId
|
|
526
538
|
);
|
|
527
539
|
|
|
528
540
|
const homeAccountIdentifier = this.createHomeAccountIdentifier(
|
|
@@ -552,7 +564,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
552
564
|
response.account.id !== request.accountId
|
|
553
565
|
) {
|
|
554
566
|
// User switch in native broker prompt is not supported. All users must first sign in through web flow to ensure server state is in sync
|
|
555
|
-
throw createNativeAuthError(
|
|
567
|
+
throw createNativeAuthError(
|
|
568
|
+
NativeAuthErrorCodes.userSwitch,
|
|
569
|
+
this.correlationId
|
|
570
|
+
);
|
|
556
571
|
}
|
|
557
572
|
|
|
558
573
|
// Get the preferred_cache domain for the given authority
|
|
@@ -640,8 +655,8 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
640
655
|
*/
|
|
641
656
|
generateScopes(requestScopes: string, responseScopes?: string): ScopeSet {
|
|
642
657
|
return responseScopes
|
|
643
|
-
? ScopeSet.fromString(responseScopes)
|
|
644
|
-
: ScopeSet.fromString(requestScopes);
|
|
658
|
+
? ScopeSet.fromString(responseScopes, this.correlationId)
|
|
659
|
+
: ScopeSet.fromString(requestScopes, this.correlationId);
|
|
645
660
|
}
|
|
646
661
|
|
|
647
662
|
/**
|
|
@@ -689,7 +704,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
689
704
|
* PopTokenGenerator to query the full key for signing
|
|
690
705
|
*/
|
|
691
706
|
if (!request.keyId) {
|
|
692
|
-
throw createClientAuthError(
|
|
707
|
+
throw createClientAuthError(
|
|
708
|
+
ClientAuthErrorCodes.keyIdMissing,
|
|
709
|
+
this.correlationId
|
|
710
|
+
);
|
|
693
711
|
}
|
|
694
712
|
return popTokenGenerator.signPopToken(
|
|
695
713
|
response.access_token,
|
|
@@ -751,6 +769,13 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
751
769
|
*/
|
|
752
770
|
if (accountInfo.nativeAccountId !== response.account.id) {
|
|
753
771
|
accountInfo.nativeAccountId = response.account.id;
|
|
772
|
+
// Also update the matching tenant profile (source of truth)
|
|
773
|
+
const targetTenantId = tid || accountInfo.tenantId;
|
|
774
|
+
const tenantProfile =
|
|
775
|
+
accountInfo.tenantProfiles?.get(targetTenantId);
|
|
776
|
+
if (tenantProfile) {
|
|
777
|
+
tenantProfile.nativeAccountId = response.account.id;
|
|
778
|
+
}
|
|
754
779
|
}
|
|
755
780
|
|
|
756
781
|
// generate PoP token as needed
|
|
@@ -861,6 +886,7 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
861
886
|
tokenExpirationSeconds,
|
|
862
887
|
0,
|
|
863
888
|
base64Decode,
|
|
889
|
+
request.correlationId,
|
|
864
890
|
undefined,
|
|
865
891
|
request.tokenType as Constants.AuthenticationScheme,
|
|
866
892
|
undefined,
|
|
@@ -994,16 +1020,13 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
994
1020
|
|
|
995
1021
|
// scopes are expected to be received by the native broker as "scope" and will be added to the request below. Other properties that should be dropped from the request to the native broker can be included in the object destructuring here.
|
|
996
1022
|
const { scopes, claims, ...remainingProperties } = request;
|
|
997
|
-
const scopeSet = new ScopeSet(scopes || []);
|
|
1023
|
+
const scopeSet = new ScopeSet(scopes || [], this.correlationId);
|
|
998
1024
|
scopeSet.appendScopes(Constants.OIDC_DEFAULT_SCOPES);
|
|
999
1025
|
|
|
1000
|
-
const mergedClaims =
|
|
1001
|
-
|
|
1002
|
-
|
|
1003
|
-
|
|
1004
|
-
configClaims
|
|
1005
|
-
)
|
|
1006
|
-
: claims;
|
|
1026
|
+
const mergedClaims = RequestParameterBuilder.buildMergedClaims(
|
|
1027
|
+
claims,
|
|
1028
|
+
configClaims?.length ? configClaims : undefined
|
|
1029
|
+
);
|
|
1007
1030
|
|
|
1008
1031
|
const validatedRequest: PlatformAuthRequest = {
|
|
1009
1032
|
...remainingProperties,
|
|
@@ -1032,7 +1055,8 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
1032
1055
|
// Check for PoP token requests: signPopToken should only be set to true if popKid is not set
|
|
1033
1056
|
if (validatedRequest.signPopToken && !!request.popKid) {
|
|
1034
1057
|
throw createBrowserAuthError(
|
|
1035
|
-
BrowserAuthErrorCodes.invalidPopTokenRequest
|
|
1058
|
+
BrowserAuthErrorCodes.invalidPopTokenRequest,
|
|
1059
|
+
this.correlationId
|
|
1036
1060
|
);
|
|
1037
1061
|
}
|
|
1038
1062
|
|
|
@@ -1110,7 +1134,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
1110
1134
|
);
|
|
1111
1135
|
}
|
|
1112
1136
|
|
|
1113
|
-
const canonicalAuthority = new UrlString(
|
|
1137
|
+
const canonicalAuthority = new UrlString(
|
|
1138
|
+
requestAuthority,
|
|
1139
|
+
this.correlationId
|
|
1140
|
+
);
|
|
1114
1141
|
canonicalAuthority.validateAsUri();
|
|
1115
1142
|
return canonicalAuthority;
|
|
1116
1143
|
}
|
|
@@ -1154,7 +1181,8 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
1154
1181
|
this.correlationId
|
|
1155
1182
|
);
|
|
1156
1183
|
throw createBrowserAuthError(
|
|
1157
|
-
BrowserAuthErrorCodes.nativePromptNotSupported
|
|
1184
|
+
BrowserAuthErrorCodes.nativePromptNotSupported,
|
|
1185
|
+
this.correlationId
|
|
1158
1186
|
);
|
|
1159
1187
|
}
|
|
1160
1188
|
}
|
|
@@ -434,7 +434,7 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
434
434
|
popupParams.popup?.close();
|
|
435
435
|
|
|
436
436
|
if (e instanceof AuthError) {
|
|
437
|
-
(e as AuthError).
|
|
437
|
+
(e as AuthError).correlationId = this.correlationId;
|
|
438
438
|
serverTelemetryManager.cacheFailedRequest(e);
|
|
439
439
|
}
|
|
440
440
|
throw e;
|
|
@@ -759,7 +759,8 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
759
759
|
};
|
|
760
760
|
const absoluteUrl = UrlString.getAbsoluteUrl(
|
|
761
761
|
mainWindowRedirectUri,
|
|
762
|
-
BrowserUtils.getCurrentUri()
|
|
762
|
+
BrowserUtils.getCurrentUri(),
|
|
763
|
+
this.correlationId
|
|
763
764
|
);
|
|
764
765
|
await this.navigationClient.navigateInternal(
|
|
765
766
|
absoluteUrl,
|
|
@@ -779,7 +780,8 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
779
780
|
validRequest.state || "",
|
|
780
781
|
{
|
|
781
782
|
interactionType: InteractionType.Popup,
|
|
782
|
-
}
|
|
783
|
+
},
|
|
784
|
+
validRequest.correlationId
|
|
783
785
|
);
|
|
784
786
|
|
|
785
787
|
// Create logout string and navigate user window to logout.
|
|
@@ -818,7 +820,8 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
818
820
|
};
|
|
819
821
|
const absoluteUrl = UrlString.getAbsoluteUrl(
|
|
820
822
|
mainWindowRedirectUri,
|
|
821
|
-
BrowserUtils.getCurrentUri()
|
|
823
|
+
BrowserUtils.getCurrentUri(),
|
|
824
|
+
this.correlationId
|
|
822
825
|
);
|
|
823
826
|
|
|
824
827
|
this.logger.verbose(
|
|
@@ -844,7 +847,7 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
844
847
|
popupParams.popup?.close();
|
|
845
848
|
|
|
846
849
|
if (e instanceof AuthError) {
|
|
847
|
-
(e as AuthError).
|
|
850
|
+
(e as AuthError).correlationId = this.correlationId;
|
|
848
851
|
serverTelemetryManager.cacheFailedRequest(e);
|
|
849
852
|
}
|
|
850
853
|
this.eventHandler.emitEvent(
|
|
@@ -886,7 +889,8 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
886
889
|
// Throw error if request URL is empty.
|
|
887
890
|
this.logger.error("Navigate url is empty", this.correlationId);
|
|
888
891
|
throw createBrowserAuthError(
|
|
889
|
-
BrowserAuthErrorCodes.emptyNavigateUri
|
|
892
|
+
BrowserAuthErrorCodes.emptyNavigateUri,
|
|
893
|
+
this.correlationId
|
|
890
894
|
);
|
|
891
895
|
}
|
|
892
896
|
}
|
|
@@ -927,7 +931,8 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
927
931
|
// Popup will be null if popups are blocked
|
|
928
932
|
if (!popupWindow) {
|
|
929
933
|
throw createBrowserAuthError(
|
|
930
|
-
BrowserAuthErrorCodes.emptyWindowError
|
|
934
|
+
BrowserAuthErrorCodes.emptyWindowError,
|
|
935
|
+
this.correlationId
|
|
931
936
|
);
|
|
932
937
|
}
|
|
933
938
|
try {
|
|
@@ -958,7 +963,8 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
958
963
|
this.correlationId
|
|
959
964
|
);
|
|
960
965
|
throw createBrowserAuthError(
|
|
961
|
-
BrowserAuthErrorCodes.popupWindowError
|
|
966
|
+
BrowserAuthErrorCodes.popupWindowError,
|
|
967
|
+
this.correlationId
|
|
962
968
|
);
|
|
963
969
|
}
|
|
964
970
|
}
|
|
@@ -176,7 +176,7 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
176
176
|
}
|
|
177
177
|
} catch (e) {
|
|
178
178
|
if (e instanceof AuthError) {
|
|
179
|
-
e.
|
|
179
|
+
e.correlationId = this.correlationId;
|
|
180
180
|
}
|
|
181
181
|
window.removeEventListener("pageshow", handleBackButton);
|
|
182
182
|
throw e;
|
|
@@ -260,7 +260,7 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
260
260
|
}
|
|
261
261
|
} catch (e) {
|
|
262
262
|
if (e instanceof AuthError) {
|
|
263
|
-
e.
|
|
263
|
+
e.correlationId = this.correlationId;
|
|
264
264
|
serverTelemetryManager.cacheFailedRequest(e);
|
|
265
265
|
}
|
|
266
266
|
throw e;
|
|
@@ -341,6 +341,7 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
341
341
|
reject(
|
|
342
342
|
createBrowserAuthError(
|
|
343
343
|
BrowserAuthErrorCodes.timedOut,
|
|
344
|
+
"",
|
|
344
345
|
"failed_to_redirect"
|
|
345
346
|
)
|
|
346
347
|
);
|
|
@@ -388,6 +389,7 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
388
389
|
reject(
|
|
389
390
|
createBrowserAuthError(
|
|
390
391
|
BrowserAuthErrorCodes.timedOut,
|
|
392
|
+
"",
|
|
391
393
|
"failed_to_redirect"
|
|
392
394
|
)
|
|
393
395
|
);
|
|
@@ -530,7 +532,9 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
530
532
|
let processHashOnRedirect: boolean = true;
|
|
531
533
|
if (!loginRequestUrl) {
|
|
532
534
|
// Redirect to home page if login request url is empty
|
|
533
|
-
const homepage = BrowserUtils.getHomepage(
|
|
535
|
+
const homepage = BrowserUtils.getHomepage(
|
|
536
|
+
this.correlationId
|
|
537
|
+
);
|
|
534
538
|
// Cache the homepage under ORIGIN_URI to ensure cached hash is processed on homepage
|
|
535
539
|
this.browserStorage.setTemporaryCache(
|
|
536
540
|
TemporaryCacheKeys.ORIGIN_URI,
|
|
@@ -573,7 +577,7 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
573
577
|
return null;
|
|
574
578
|
} catch (e) {
|
|
575
579
|
if (e instanceof AuthError) {
|
|
576
|
-
(e as AuthError).
|
|
580
|
+
(e as AuthError).correlationId = this.correlationId;
|
|
577
581
|
serverTelemetryManager.cacheFailedRequest(e);
|
|
578
582
|
}
|
|
579
583
|
throw e;
|
|
@@ -613,7 +617,8 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
613
617
|
ResponseHandler.validateInteractionType(
|
|
614
618
|
response,
|
|
615
619
|
this.browserCrypto,
|
|
616
|
-
InteractionType.Redirect
|
|
620
|
+
InteractionType.Redirect,
|
|
621
|
+
this.correlationId
|
|
617
622
|
);
|
|
618
623
|
} catch (e) {
|
|
619
624
|
if (e instanceof AuthError) {
|
|
@@ -669,7 +674,10 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
669
674
|
): Promise<AuthenticationResult> {
|
|
670
675
|
const state = serverParams.state;
|
|
671
676
|
if (!state) {
|
|
672
|
-
throw createBrowserAuthError(
|
|
677
|
+
throw createBrowserAuthError(
|
|
678
|
+
BrowserAuthErrorCodes.noStateInHash,
|
|
679
|
+
request.correlationId
|
|
680
|
+
);
|
|
673
681
|
}
|
|
674
682
|
|
|
675
683
|
const { authority, azureCloudOptions, extraQueryParameters, account } =
|
|
@@ -812,7 +820,8 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
812
820
|
this.correlationId
|
|
813
821
|
);
|
|
814
822
|
throw createBrowserAuthError(
|
|
815
|
-
BrowserAuthErrorCodes.emptyNavigateUri
|
|
823
|
+
BrowserAuthErrorCodes.emptyNavigateUri,
|
|
824
|
+
this.correlationId
|
|
816
825
|
);
|
|
817
826
|
}
|
|
818
827
|
}
|
|
@@ -894,7 +903,8 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
894
903
|
validLogoutRequest.state || "",
|
|
895
904
|
{
|
|
896
905
|
interactionType: InteractionType.Redirect,
|
|
897
|
-
}
|
|
906
|
+
},
|
|
907
|
+
validLogoutRequest.correlationId
|
|
898
908
|
);
|
|
899
909
|
|
|
900
910
|
// Create logout string and navigate user window to logout.
|
|
@@ -955,7 +965,7 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
955
965
|
}
|
|
956
966
|
} catch (e) {
|
|
957
967
|
if (e instanceof AuthError) {
|
|
958
|
-
(e as AuthError).
|
|
968
|
+
(e as AuthError).correlationId = this.correlationId;
|
|
959
969
|
serverTelemetryManager.cacheFailedRequest(e);
|
|
960
970
|
}
|
|
961
971
|
this.eventHandler.emitEvent(
|
|
@@ -988,7 +998,8 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
988
998
|
const redirectStartPage = requestStartPage || window.location.href;
|
|
989
999
|
const absoluteRedirectStartPage = UrlString.getAbsoluteUrl(
|
|
990
1000
|
redirectStartPage,
|
|
991
|
-
BrowserUtils.getCurrentUri()
|
|
1001
|
+
BrowserUtils.getCurrentUri(),
|
|
1002
|
+
this.correlationId
|
|
992
1003
|
);
|
|
993
1004
|
// Sanity check the URL before it is cached so we never persist a malformed value (e.g. the literal string "null")
|
|
994
1005
|
UrlUtils.validateUrl(
|
|
@@ -73,7 +73,8 @@ export class SilentAuthCodeClient extends StandardInteractionClient {
|
|
|
73
73
|
// Auth code payload is required
|
|
74
74
|
if (!request.code) {
|
|
75
75
|
throw createBrowserAuthError(
|
|
76
|
-
BrowserAuthErrorCodes.authCodeRequired
|
|
76
|
+
BrowserAuthErrorCodes.authCodeRequired,
|
|
77
|
+
this.correlationId
|
|
77
78
|
);
|
|
78
79
|
}
|
|
79
80
|
|
|
@@ -168,7 +169,7 @@ export class SilentAuthCodeClient extends StandardInteractionClient {
|
|
|
168
169
|
);
|
|
169
170
|
} catch (e) {
|
|
170
171
|
if (e instanceof AuthError) {
|
|
171
|
-
(e as AuthError).
|
|
172
|
+
(e as AuthError).correlationId = this.correlationId;
|
|
172
173
|
serverTelemetryManager.cacheFailedRequest(e);
|
|
173
174
|
}
|
|
174
175
|
throw e;
|
|
@@ -182,7 +183,8 @@ export class SilentAuthCodeClient extends StandardInteractionClient {
|
|
|
182
183
|
// Synchronous so we must reject
|
|
183
184
|
return Promise.reject(
|
|
184
185
|
createBrowserAuthError(
|
|
185
|
-
BrowserAuthErrorCodes.silentLogoutUnsupported
|
|
186
|
+
BrowserAuthErrorCodes.silentLogoutUnsupported,
|
|
187
|
+
""
|
|
186
188
|
)
|
|
187
189
|
);
|
|
188
190
|
}
|
|
@@ -230,7 +230,7 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
230
230
|
)(authClient, request);
|
|
231
231
|
} catch (e) {
|
|
232
232
|
if (e instanceof AuthError) {
|
|
233
|
-
(e as AuthError).
|
|
233
|
+
(e as AuthError).correlationId = this.correlationId;
|
|
234
234
|
serverTelemetryManager.cacheFailedRequest(e);
|
|
235
235
|
}
|
|
236
236
|
|
|
@@ -497,7 +497,8 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
497
497
|
// Validate the response - this checks for errors and validates state
|
|
498
498
|
AuthorizeProtocol.validateAuthorizationResponse(
|
|
499
499
|
serverParams,
|
|
500
|
-
silentRequest.state
|
|
500
|
+
silentRequest.state,
|
|
501
|
+
correlationId
|
|
501
502
|
);
|
|
502
503
|
|
|
503
504
|
// Verify a valid authorization code is present
|
|
@@ -523,7 +524,8 @@ export class SilentIframeClient extends StandardInteractionClient {
|
|
|
523
524
|
// Synchronous so we must reject
|
|
524
525
|
return Promise.reject(
|
|
525
526
|
createBrowserAuthError(
|
|
526
|
-
BrowserAuthErrorCodes.silentLogoutUnsupported
|
|
527
|
+
BrowserAuthErrorCodes.silentLogoutUnsupported,
|
|
528
|
+
""
|
|
527
529
|
)
|
|
528
530
|
);
|
|
529
531
|
}
|
|
@@ -90,7 +90,7 @@ export class SilentRefreshClient extends StandardInteractionClient {
|
|
|
90
90
|
request.correlationId
|
|
91
91
|
)(silentRequest, ApiId.acquireTokenSilent_silentFlow).catch(
|
|
92
92
|
(e: AuthError) => {
|
|
93
|
-
(e as AuthError).
|
|
93
|
+
(e as AuthError).correlationId = this.correlationId;
|
|
94
94
|
serverTelemetryManager.cacheFailedRequest(e);
|
|
95
95
|
throw e;
|
|
96
96
|
}
|
|
@@ -104,7 +104,8 @@ export class SilentRefreshClient extends StandardInteractionClient {
|
|
|
104
104
|
// Synchronous so we must reject
|
|
105
105
|
return Promise.reject(
|
|
106
106
|
createBrowserAuthError(
|
|
107
|
-
BrowserAuthErrorCodes.silentLogoutUnsupported
|
|
107
|
+
BrowserAuthErrorCodes.silentLogoutUnsupported,
|
|
108
|
+
""
|
|
108
109
|
)
|
|
109
110
|
);
|
|
110
111
|
}
|
|
@@ -120,7 +120,8 @@ export abstract class StandardInteractionClient extends BaseInteractionClient {
|
|
|
120
120
|
validLogoutRequest.postLogoutRedirectUri =
|
|
121
121
|
UrlString.getAbsoluteUrl(
|
|
122
122
|
logoutRequest.postLogoutRedirectUri,
|
|
123
|
-
BrowserUtils.getCurrentUri()
|
|
123
|
+
BrowserUtils.getCurrentUri(),
|
|
124
|
+
validLogoutRequest.correlationId
|
|
124
125
|
);
|
|
125
126
|
} else if (this.config.auth.postLogoutRedirectUri === null) {
|
|
126
127
|
this.logger.verbose(
|
|
@@ -135,7 +136,8 @@ export abstract class StandardInteractionClient extends BaseInteractionClient {
|
|
|
135
136
|
validLogoutRequest.postLogoutRedirectUri =
|
|
136
137
|
UrlString.getAbsoluteUrl(
|
|
137
138
|
this.config.auth.postLogoutRedirectUri,
|
|
138
|
-
BrowserUtils.getCurrentUri()
|
|
139
|
+
BrowserUtils.getCurrentUri(),
|
|
140
|
+
validLogoutRequest.correlationId
|
|
139
141
|
);
|
|
140
142
|
} else {
|
|
141
143
|
this.logger.verbose(
|
|
@@ -145,7 +147,8 @@ export abstract class StandardInteractionClient extends BaseInteractionClient {
|
|
|
145
147
|
validLogoutRequest.postLogoutRedirectUri =
|
|
146
148
|
UrlString.getAbsoluteUrl(
|
|
147
149
|
BrowserUtils.getCurrentUri(),
|
|
148
|
-
BrowserUtils.getCurrentUri()
|
|
150
|
+
BrowserUtils.getCurrentUri(),
|
|
151
|
+
validLogoutRequest.correlationId
|
|
149
152
|
);
|
|
150
153
|
}
|
|
151
154
|
} else {
|
|
@@ -349,7 +352,8 @@ export async function initializeAuthorizationRequest(
|
|
|
349
352
|
const state = ProtocolUtils.setRequestState(
|
|
350
353
|
browserCrypto,
|
|
351
354
|
(request && request.state) || "",
|
|
352
|
-
browserState
|
|
355
|
+
browserState,
|
|
356
|
+
correlationId
|
|
353
357
|
);
|
|
354
358
|
|
|
355
359
|
const baseRequest: BaseAuthRequest = await invokeAsync(
|
|
@@ -64,7 +64,8 @@ export class InteractionHandler {
|
|
|
64
64
|
try {
|
|
65
65
|
authCodeResponse = AuthorizeProtocol.getAuthorizationCodePayload(
|
|
66
66
|
response,
|
|
67
|
-
request.state
|
|
67
|
+
request.state,
|
|
68
|
+
request.correlationId
|
|
68
69
|
);
|
|
69
70
|
} catch (e) {
|
|
70
71
|
if (
|
|
@@ -73,7 +74,8 @@ export class InteractionHandler {
|
|
|
73
74
|
) {
|
|
74
75
|
// Translate server error caused by user closing native prompt to corresponding first class MSAL error
|
|
75
76
|
throw createBrowserAuthError(
|
|
76
|
-
BrowserAuthErrorCodes.userCancelled
|
|
77
|
+
BrowserAuthErrorCodes.userCancelled,
|
|
78
|
+
request.correlationId
|
|
77
79
|
);
|
|
78
80
|
} else {
|
|
79
81
|
throw e;
|
|
@@ -30,7 +30,10 @@ export async function initiateCodeRequest(
|
|
|
30
30
|
if (!requestUrl) {
|
|
31
31
|
// Throw error if request URL is empty.
|
|
32
32
|
logger.info("Navigate url is empty", correlationId);
|
|
33
|
-
throw createBrowserAuthError(
|
|
33
|
+
throw createBrowserAuthError(
|
|
34
|
+
BrowserAuthErrorCodes.emptyNavigateUri,
|
|
35
|
+
correlationId
|
|
36
|
+
);
|
|
34
37
|
}
|
|
35
38
|
|
|
36
39
|
frame.src = requestUrl;
|
|
@@ -75,7 +75,7 @@ export class NestedAppAuthAdapter {
|
|
|
75
75
|
|
|
76
76
|
const correlationId =
|
|
77
77
|
request.correlationId || this.crypto.createNewGuid();
|
|
78
|
-
const claims = RequestParameterBuilder.
|
|
78
|
+
const claims = RequestParameterBuilder.buildMergedClaims(
|
|
79
79
|
request.claims,
|
|
80
80
|
this.clientCapabilities
|
|
81
81
|
);
|
|
@@ -104,7 +104,10 @@ export class NestedAppAuthAdapter {
|
|
|
104
104
|
reqTimestamp: number
|
|
105
105
|
): AuthenticationResult {
|
|
106
106
|
if (!response.token.id_token || !response.token.access_token) {
|
|
107
|
-
throw createClientAuthError(
|
|
107
|
+
throw createClientAuthError(
|
|
108
|
+
ClientAuthErrorCodes.nullOrEmptyToken,
|
|
109
|
+
request.correlationId
|
|
110
|
+
);
|
|
108
111
|
}
|
|
109
112
|
|
|
110
113
|
// Request timestamp and AuthResult expires_in are in seconds, converting to Date for AuthenticationResult
|
|
@@ -113,7 +116,8 @@ export class NestedAppAuthAdapter {
|
|
|
113
116
|
);
|
|
114
117
|
const idTokenClaims = AuthToken.extractTokenClaims(
|
|
115
118
|
response.token.id_token,
|
|
116
|
-
this.crypto.base64Decode
|
|
119
|
+
this.crypto.base64Decode,
|
|
120
|
+
request.correlationId
|
|
117
121
|
);
|
|
118
122
|
const account = this.fromNaaAccountInfo(
|
|
119
123
|
response.account,
|
|
@@ -196,7 +200,8 @@ export class NestedAppAuthAdapter {
|
|
|
196
200
|
const environment = fromAccount.environment;
|
|
197
201
|
if (!environment) {
|
|
198
202
|
throw createClientAuthError(
|
|
199
|
-
ClientAuthErrorCodes.invalidCacheEnvironment
|
|
203
|
+
ClientAuthErrorCodes.invalidCacheEnvironment,
|
|
204
|
+
""
|
|
200
205
|
);
|
|
201
206
|
}
|
|
202
207
|
|
|
@@ -225,6 +230,7 @@ export class NestedAppAuthAdapter {
|
|
|
225
230
|
homeAccountId,
|
|
226
231
|
localAccountId,
|
|
227
232
|
tenantId,
|
|
233
|
+
fromAccount.platformBrokerId,
|
|
228
234
|
effectiveIdTokenClaims
|
|
229
235
|
);
|
|
230
236
|
tenantProfiles.set(tenantId, tenantProfile);
|
|
@@ -239,6 +245,7 @@ export class NestedAppAuthAdapter {
|
|
|
239
245
|
loginHint,
|
|
240
246
|
idToken: idToken,
|
|
241
247
|
idTokenClaims: effectiveIdTokenClaims,
|
|
248
|
+
nativeAccountId: fromAccount.platformBrokerId,
|
|
242
249
|
tenantProfiles,
|
|
243
250
|
};
|
|
244
251
|
|
|
@@ -262,39 +269,57 @@ export class NestedAppAuthAdapter {
|
|
|
262
269
|
switch (error.status) {
|
|
263
270
|
case BridgeStatusCode.UserCancel:
|
|
264
271
|
return new ClientAuthError(
|
|
265
|
-
ClientAuthErrorCodes.userCanceled
|
|
272
|
+
ClientAuthErrorCodes.userCanceled,
|
|
273
|
+
""
|
|
266
274
|
);
|
|
267
275
|
case BridgeStatusCode.NoNetwork:
|
|
268
276
|
return new ClientAuthError(
|
|
269
|
-
ClientAuthErrorCodes.noNetworkConnectivity
|
|
277
|
+
ClientAuthErrorCodes.noNetworkConnectivity,
|
|
278
|
+
""
|
|
270
279
|
);
|
|
271
280
|
case BridgeStatusCode.AccountUnavailable:
|
|
272
281
|
return new ClientAuthError(
|
|
273
|
-
ClientAuthErrorCodes.noAccountFound
|
|
282
|
+
ClientAuthErrorCodes.noAccountFound,
|
|
283
|
+
""
|
|
274
284
|
);
|
|
275
285
|
case BridgeStatusCode.Disabled:
|
|
276
286
|
return new ClientAuthError(
|
|
277
|
-
ClientAuthErrorCodes.nestedAppAuthBridgeDisabled
|
|
287
|
+
ClientAuthErrorCodes.nestedAppAuthBridgeDisabled,
|
|
288
|
+
""
|
|
278
289
|
);
|
|
279
290
|
case BridgeStatusCode.NestedAppAuthUnavailable:
|
|
280
291
|
return new ClientAuthError(
|
|
281
292
|
error.code ||
|
|
282
293
|
ClientAuthErrorCodes.nestedAppAuthBridgeDisabled,
|
|
294
|
+
"",
|
|
283
295
|
error.description
|
|
284
296
|
);
|
|
285
297
|
case BridgeStatusCode.TransientError:
|
|
286
298
|
case BridgeStatusCode.PersistentError:
|
|
287
|
-
return new ServerError(
|
|
299
|
+
return new ServerError(
|
|
300
|
+
error.code || "",
|
|
301
|
+
"",
|
|
302
|
+
error.description
|
|
303
|
+
);
|
|
288
304
|
case BridgeStatusCode.UserInteractionRequired:
|
|
289
305
|
return new InteractionRequiredAuthError(
|
|
290
|
-
error.code,
|
|
306
|
+
error.code || "",
|
|
307
|
+
"",
|
|
291
308
|
error.description
|
|
292
309
|
);
|
|
293
310
|
default:
|
|
294
|
-
return new AuthError(
|
|
311
|
+
return new AuthError(
|
|
312
|
+
error.code || "",
|
|
313
|
+
"",
|
|
314
|
+
error.description
|
|
315
|
+
);
|
|
295
316
|
}
|
|
296
317
|
} else {
|
|
297
|
-
return new AuthError(
|
|
318
|
+
return new AuthError(
|
|
319
|
+
"unknown_error",
|
|
320
|
+
"",
|
|
321
|
+
"An unknown error occurred"
|
|
322
|
+
);
|
|
298
323
|
}
|
|
299
324
|
}
|
|
300
325
|
|
|
@@ -315,12 +340,16 @@ export class NestedAppAuthAdapter {
|
|
|
315
340
|
correlationId: string
|
|
316
341
|
): AuthenticationResult {
|
|
317
342
|
if (!idToken || !accessToken) {
|
|
318
|
-
throw createClientAuthError(
|
|
343
|
+
throw createClientAuthError(
|
|
344
|
+
ClientAuthErrorCodes.nullOrEmptyToken,
|
|
345
|
+
correlationId
|
|
346
|
+
);
|
|
319
347
|
}
|
|
320
348
|
|
|
321
349
|
const idTokenClaims = AuthToken.extractTokenClaims(
|
|
322
350
|
idToken.secret,
|
|
323
|
-
this.crypto.base64Decode
|
|
351
|
+
this.crypto.base64Decode,
|
|
352
|
+
correlationId
|
|
324
353
|
);
|
|
325
354
|
|
|
326
355
|
const scopes = accessToken.target || request.scopes.join(" ");
|