@azure/msal-browser 5.13.0 → 5.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (357) hide show
  1. package/dist/app/IPublicClientApplication.mjs +16 -16
  2. package/dist/app/IPublicClientApplication.mjs.map +1 -1
  3. package/dist/app/PublicClientApplication.mjs +1 -1
  4. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +11 -11
  6. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +21 -21
  8. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs.map +1 -1
  9. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +3 -3
  10. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
  11. package/dist/cache/AccountManager.mjs +1 -1
  12. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  13. package/dist/cache/BrowserCacheManager.mjs +18 -18
  14. package/dist/cache/BrowserCacheManager.mjs.map +1 -1
  15. package/dist/cache/CacheHelpers.mjs +1 -1
  16. package/dist/cache/CacheKeys.mjs +1 -1
  17. package/dist/cache/CookieStorage.mjs +4 -4
  18. package/dist/cache/CookieStorage.mjs.map +1 -1
  19. package/dist/cache/DatabaseStorage.mjs +7 -7
  20. package/dist/cache/DatabaseStorage.mjs.map +1 -1
  21. package/dist/cache/EncryptedData.mjs +1 -1
  22. package/dist/cache/LocalStorage.mjs +6 -6
  23. package/dist/cache/LocalStorage.mjs.map +1 -1
  24. package/dist/cache/MemoryStorage.mjs +1 -1
  25. package/dist/cache/SessionStorage.mjs +2 -2
  26. package/dist/cache/SessionStorage.mjs.map +1 -1
  27. package/dist/cache/TokenCache.mjs +10 -8
  28. package/dist/cache/TokenCache.mjs.map +1 -1
  29. package/dist/config/Configuration.mjs +5 -4
  30. package/dist/config/Configuration.mjs.map +1 -1
  31. package/dist/controllers/NestedAppAuthController.mjs +16 -17
  32. package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
  33. package/dist/controllers/StandardController.mjs +24 -24
  34. package/dist/controllers/StandardController.mjs.map +1 -1
  35. package/dist/crypto/BrowserCrypto.mjs +7 -7
  36. package/dist/crypto/BrowserCrypto.mjs.map +1 -1
  37. package/dist/crypto/CryptoOps.mjs +4 -4
  38. package/dist/crypto/CryptoOps.mjs.map +1 -1
  39. package/dist/crypto/PkceGenerator.mjs +3 -3
  40. package/dist/crypto/PkceGenerator.mjs.map +1 -1
  41. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  42. package/dist/custom_auth/CustomAuthConstants.mjs +1 -1
  43. package/dist/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  44. package/dist/custom_auth/controller/CustomAuthStandardController.mjs +13 -8
  45. package/dist/custom_auth/controller/CustomAuthStandardController.mjs.map +1 -1
  46. package/dist/custom_auth/core/CustomAuthAuthority.mjs +2 -2
  47. package/dist/custom_auth/core/CustomAuthAuthority.mjs.map +1 -1
  48. package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  49. package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  50. package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  51. package/dist/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  52. package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  53. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  54. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  55. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  56. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  57. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +4 -4
  58. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs.map +1 -1
  59. package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  60. package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  61. package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  62. package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  63. package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  64. package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +4 -4
  65. package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs.map +1 -1
  66. package/dist/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  67. package/dist/custom_auth/core/error/CustomAuthError.mjs +1 -1
  68. package/dist/custom_auth/core/error/HttpError.mjs +1 -1
  69. package/dist/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  70. package/dist/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  71. package/dist/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  72. package/dist/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  73. package/dist/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  74. package/dist/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  75. package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  76. package/dist/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  77. package/dist/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  78. package/dist/custom_auth/core/error/UnexpectedError.mjs +1 -1
  79. package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  80. package/dist/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  81. package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  82. package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  83. package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  84. package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  85. package/dist/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  86. package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs +2 -2
  87. package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs.map +1 -1
  88. package/dist/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  89. package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +2 -2
  90. package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs.map +1 -1
  91. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  92. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  93. package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  94. package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  95. package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  96. package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  97. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  98. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  99. package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +4 -4
  100. package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs.map +1 -1
  101. package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  102. package/dist/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  103. package/dist/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  104. package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs +3 -3
  105. package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs.map +1 -1
  106. package/dist/custom_auth/core/utils/UrlUtils.mjs +1 -1
  107. package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +2 -2
  108. package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs.map +1 -1
  109. package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  110. package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  111. package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  112. package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  113. package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  114. package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  115. package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  116. package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +2 -2
  117. package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs.map +1 -1
  118. package/dist/custom_auth/index.mjs +1 -1
  119. package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  120. package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  121. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  122. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  123. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  124. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  125. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +3 -3
  126. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs.map +1 -1
  127. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  128. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  129. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +2 -2
  130. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs.map +1 -1
  131. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  132. package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +3 -3
  133. package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs.map +1 -1
  134. package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  135. package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  136. package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  137. package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  138. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  139. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  140. package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +2 -2
  141. package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs.map +1 -1
  142. package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  143. package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +2 -2
  144. package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs.map +1 -1
  145. package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  146. package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +2 -2
  147. package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs.map +1 -1
  148. package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  149. package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs +2 -2
  150. package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs.map +1 -1
  151. package/dist/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  152. package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  153. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  154. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  155. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  156. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  157. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  158. package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +2 -2
  159. package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs.map +1 -1
  160. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +3 -3
  161. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs.map +1 -1
  162. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  163. package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  164. package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +2 -2
  165. package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs.map +1 -1
  166. package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  167. package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs +5 -5
  168. package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs.map +1 -1
  169. package/dist/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  170. package/dist/encode/Base64Decode.mjs +2 -2
  171. package/dist/encode/Base64Decode.mjs.map +1 -1
  172. package/dist/encode/Base64Encode.mjs +1 -1
  173. package/dist/error/BrowserAuthError.mjs +5 -5
  174. package/dist/error/BrowserAuthError.mjs.map +1 -1
  175. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  176. package/dist/error/BrowserConfigurationAuthError.mjs +5 -5
  177. package/dist/error/BrowserConfigurationAuthError.mjs.map +1 -1
  178. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  179. package/dist/error/NativeAuthError.mjs +20 -10
  180. package/dist/error/NativeAuthError.mjs.map +1 -1
  181. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  182. package/dist/error/NestedAppAuthError.mjs +9 -5
  183. package/dist/error/NestedAppAuthError.mjs.map +1 -1
  184. package/dist/event/EventHandler.mjs +7 -6
  185. package/dist/event/EventHandler.mjs.map +1 -1
  186. package/dist/event/EventMessage.mjs +1 -1
  187. package/dist/event/EventType.mjs +1 -1
  188. package/dist/index.mjs +1 -1
  189. package/dist/interaction_client/BaseInteractionClient.mjs +6 -7
  190. package/dist/interaction_client/BaseInteractionClient.mjs.map +1 -1
  191. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  192. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +24 -20
  193. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  194. package/dist/interaction_client/PopupClient.mjs +14 -14
  195. package/dist/interaction_client/PopupClient.mjs.map +1 -1
  196. package/dist/interaction_client/RedirectClient.mjs +17 -17
  197. package/dist/interaction_client/RedirectClient.mjs.map +1 -1
  198. package/dist/interaction_client/SilentAuthCodeClient.mjs +4 -4
  199. package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
  200. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  201. package/dist/interaction_client/SilentIframeClient.mjs +5 -5
  202. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  203. package/dist/interaction_client/SilentRefreshClient.mjs +3 -3
  204. package/dist/interaction_client/SilentRefreshClient.mjs.map +1 -1
  205. package/dist/interaction_client/StandardInteractionClient.mjs +6 -6
  206. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  207. package/dist/interaction_handler/InteractionHandler.mjs +3 -3
  208. package/dist/interaction_handler/InteractionHandler.mjs.map +1 -1
  209. package/dist/interaction_handler/SilentHandler.mjs +2 -2
  210. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  211. package/dist/log-strings-mapping.json +1200 -1200
  212. package/dist/naa/BridgeError.mjs +1 -1
  213. package/dist/naa/BridgeProxy.mjs +1 -1
  214. package/dist/naa/BridgeStatusCode.mjs +1 -1
  215. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +18 -17
  216. package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
  217. package/dist/navigation/NavigationClient.mjs +2 -2
  218. package/dist/navigation/NavigationClient.mjs.map +1 -1
  219. package/dist/network/FetchClient.mjs +7 -7
  220. package/dist/network/FetchClient.mjs.map +1 -1
  221. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  222. package/dist/operatingcontext/NestedAppOperatingContext.mjs +3 -3
  223. package/dist/operatingcontext/NestedAppOperatingContext.mjs.map +1 -1
  224. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  225. package/dist/packageMetadata.mjs +2 -2
  226. package/dist/protocol/Authorize.mjs +8 -8
  227. package/dist/protocol/Authorize.mjs.map +1 -1
  228. package/dist/redirect_bridge/index.mjs +1 -1
  229. package/dist/request/RequestHelpers.mjs +5 -5
  230. package/dist/request/RequestHelpers.mjs.map +1 -1
  231. package/dist/response/ResponseHandler.mjs +11 -11
  232. package/dist/response/ResponseHandler.mjs.map +1 -1
  233. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  234. package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
  235. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  236. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  237. package/dist/utils/BrowserConstants.mjs +1 -1
  238. package/dist/utils/BrowserProtocolUtils.mjs +4 -4
  239. package/dist/utils/BrowserProtocolUtils.mjs.map +1 -1
  240. package/dist/utils/BrowserUtils.mjs +26 -20
  241. package/dist/utils/BrowserUtils.mjs.map +1 -1
  242. package/dist/utils/Helpers.mjs +1 -1
  243. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  244. package/lib/custom-auth-path/log-strings-mapping.json +2 -2
  245. package/lib/custom-auth-path/msal-custom-auth.cjs +969 -866
  246. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  247. package/lib/custom-auth-path/msal-custom-auth.js +860 -761
  248. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  249. package/lib/log-strings-mapping.json +2 -2
  250. package/lib/msal-browser.cjs +898 -796
  251. package/lib/msal-browser.cjs.map +1 -1
  252. package/lib/msal-browser.js +898 -796
  253. package/lib/msal-browser.js.map +1 -1
  254. package/lib/msal-browser.min.js +2 -2
  255. package/lib/redirect-bridge/msal-redirect-bridge.cjs +55 -51
  256. package/lib/redirect-bridge/msal-redirect-bridge.cjs.map +1 -1
  257. package/lib/redirect-bridge/msal-redirect-bridge.js +55 -51
  258. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
  259. package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
  260. package/package.json +5 -6
  261. package/src/app/IPublicClientApplication.ts +30 -15
  262. package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +2 -0
  263. package/src/broker/nativeBroker/PlatformAuthExtensionHandler.ts +8 -2
  264. package/src/broker/nativeBroker/PlatformAuthProvider.ts +2 -1
  265. package/src/cache/BrowserCacheManager.ts +19 -7
  266. package/src/cache/CookieStorage.ts +13 -3
  267. package/src/cache/DatabaseStorage.ts +12 -6
  268. package/src/cache/LocalStorage.ts +8 -4
  269. package/src/cache/SessionStorage.ts +2 -1
  270. package/src/cache/TokenCache.ts +22 -7
  271. package/src/config/Configuration.ts +15 -4
  272. package/src/controllers/NestedAppAuthController.ts +19 -11
  273. package/src/controllers/StandardController.ts +20 -9
  274. package/src/crypto/BrowserCrypto.ts +10 -2
  275. package/src/crypto/CryptoOps.ts +4 -2
  276. package/src/crypto/PkceGenerator.ts +8 -2
  277. package/src/custom_auth/controller/CustomAuthStandardController.ts +2 -4
  278. package/src/custom_auth/core/CustomAuthAuthority.ts +4 -2
  279. package/src/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.ts +2 -1
  280. package/src/encode/Base64Decode.ts +2 -1
  281. package/src/error/BrowserAuthError.ts +9 -3
  282. package/src/error/BrowserConfigurationAuthError.ts +9 -3
  283. package/src/error/NativeAuthError.ts +44 -11
  284. package/src/error/NestedAppAuthError.ts +14 -4
  285. package/src/event/EventHandler.ts +2 -1
  286. package/src/interaction_client/BaseInteractionClient.ts +10 -6
  287. package/src/interaction_client/PlatformAuthInteractionClient.ts +49 -21
  288. package/src/interaction_client/PopupClient.ts +14 -8
  289. package/src/interaction_client/RedirectClient.ts +21 -10
  290. package/src/interaction_client/SilentAuthCodeClient.ts +5 -3
  291. package/src/interaction_client/SilentIframeClient.ts +5 -3
  292. package/src/interaction_client/SilentRefreshClient.ts +3 -2
  293. package/src/interaction_client/StandardInteractionClient.ts +8 -4
  294. package/src/interaction_handler/InteractionHandler.ts +4 -2
  295. package/src/interaction_handler/SilentHandler.ts +4 -1
  296. package/src/naa/mapping/NestedAppAuthAdapter.ts +43 -14
  297. package/src/navigation/NavigationClient.ts +1 -0
  298. package/src/network/FetchClient.ts +14 -6
  299. package/src/packageMetadata.ts +1 -1
  300. package/src/protocol/Authorize.ts +23 -7
  301. package/src/request/RequestHelpers.ts +6 -3
  302. package/src/response/ResponseHandler.ts +20 -7
  303. package/src/utils/BrowserProtocolUtils.ts +11 -3
  304. package/src/utils/BrowserUtils.ts +44 -17
  305. package/types/app/IPublicClientApplication.d.ts.map +1 -1
  306. package/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  307. package/types/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -1
  308. package/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -1
  309. package/types/cache/BrowserCacheManager.d.ts.map +1 -1
  310. package/types/cache/CookieStorage.d.ts +1 -1
  311. package/types/cache/CookieStorage.d.ts.map +1 -1
  312. package/types/cache/DatabaseStorage.d.ts.map +1 -1
  313. package/types/cache/LocalStorage.d.ts.map +1 -1
  314. package/types/cache/SessionStorage.d.ts.map +1 -1
  315. package/types/cache/TokenCache.d.ts.map +1 -1
  316. package/types/config/Configuration.d.ts +5 -1
  317. package/types/config/Configuration.d.ts.map +1 -1
  318. package/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  319. package/types/controllers/StandardController.d.ts.map +1 -1
  320. package/types/crypto/BrowserCrypto.d.ts.map +1 -1
  321. package/types/crypto/CryptoOps.d.ts.map +1 -1
  322. package/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  323. package/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
  324. package/types/custom_auth/core/CustomAuthAuthority.d.ts.map +1 -1
  325. package/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
  326. package/types/encode/Base64Decode.d.ts.map +1 -1
  327. package/types/error/BrowserAuthError.d.ts +2 -2
  328. package/types/error/BrowserAuthError.d.ts.map +1 -1
  329. package/types/error/BrowserConfigurationAuthError.d.ts +2 -2
  330. package/types/error/BrowserConfigurationAuthError.d.ts.map +1 -1
  331. package/types/error/NativeAuthError.d.ts +2 -2
  332. package/types/error/NativeAuthError.d.ts.map +1 -1
  333. package/types/error/NestedAppAuthError.d.ts +2 -2
  334. package/types/error/NestedAppAuthError.d.ts.map +1 -1
  335. package/types/event/EventHandler.d.ts.map +1 -1
  336. package/types/interaction_client/BaseInteractionClient.d.ts.map +1 -1
  337. package/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  338. package/types/interaction_client/PopupClient.d.ts.map +1 -1
  339. package/types/interaction_client/RedirectClient.d.ts.map +1 -1
  340. package/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  341. package/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  342. package/types/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  343. package/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  344. package/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
  345. package/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  346. package/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  347. package/types/navigation/NavigationClient.d.ts.map +1 -1
  348. package/types/network/FetchClient.d.ts.map +1 -1
  349. package/types/packageMetadata.d.ts +1 -1
  350. package/types/protocol/Authorize.d.ts.map +1 -1
  351. package/types/request/RequestHelpers.d.ts.map +1 -1
  352. package/types/response/ResponseHandler.d.ts +1 -1
  353. package/types/response/ResponseHandler.d.ts.map +1 -1
  354. package/types/utils/BrowserProtocolUtils.d.ts +1 -1
  355. package/types/utils/BrowserProtocolUtils.d.ts.map +1 -1
  356. package/types/utils/BrowserUtils.d.ts +5 -3
  357. package/types/utils/BrowserUtils.d.ts.map +1 -1
@@ -266,7 +266,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
266
266
  return {
267
267
  authority: request.authority,
268
268
  correlationId: this.correlationId,
269
- scopes: ScopeSet.fromString(request.scope).asArray(),
269
+ scopes: ScopeSet.fromString(
270
+ request.scope,
271
+ this.correlationId
272
+ ).asArray(),
270
273
  account: cachedAccount,
271
274
  forceRefresh: false,
272
275
  };
@@ -287,7 +290,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
287
290
  "NativeInteractionClient:acquireTokensFromCache - No nativeAccountId provided",
288
291
  this.correlationId
289
292
  );
290
- throw createClientAuthError(ClientAuthErrorCodes.noAccountFound);
293
+ throw createClientAuthError(
294
+ ClientAuthErrorCodes.noAccountFound,
295
+ this.correlationId
296
+ );
291
297
  }
292
298
  // fetch the account from browser cache
293
299
  const account = this.browserStorage.getBaseAccountInfo(
@@ -298,7 +304,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
298
304
  );
299
305
 
300
306
  if (!account) {
301
- throw createClientAuthError(ClientAuthErrorCodes.noAccountFound);
307
+ throw createClientAuthError(
308
+ ClientAuthErrorCodes.noAccountFound,
309
+ this.correlationId
310
+ );
302
311
  }
303
312
 
304
313
  // leverage silent flow for cached tokens retrieval
@@ -320,7 +329,8 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
320
329
 
321
330
  const idTokenClaims = AuthToken.extractTokenClaims(
322
331
  idToken?.secret || "",
323
- base64Decode
332
+ base64Decode,
333
+ this.correlationId
324
334
  );
325
335
 
326
336
  const fullAccount = updateAccountTenantProfileData(
@@ -395,7 +405,8 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
395
405
  const redirectUri = navigateToLoginRequestUrl
396
406
  ? UrlString.getAbsoluteUrl(
397
407
  request.redirectStartPage || window.location.href,
398
- getCurrentUri()
408
+ getCurrentUri(),
409
+ this.correlationId
399
410
  )
400
411
  : getRedirectUri(
401
412
  request.redirectUri,
@@ -522,7 +533,8 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
522
533
  // generate identifiers
523
534
  const idTokenClaims = AuthToken.extractTokenClaims(
524
535
  response.id_token,
525
- base64Decode
536
+ base64Decode,
537
+ this.correlationId
526
538
  );
527
539
 
528
540
  const homeAccountIdentifier = this.createHomeAccountIdentifier(
@@ -552,7 +564,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
552
564
  response.account.id !== request.accountId
553
565
  ) {
554
566
  // User switch in native broker prompt is not supported. All users must first sign in through web flow to ensure server state is in sync
555
- throw createNativeAuthError(NativeAuthErrorCodes.userSwitch);
567
+ throw createNativeAuthError(
568
+ NativeAuthErrorCodes.userSwitch,
569
+ this.correlationId
570
+ );
556
571
  }
557
572
 
558
573
  // Get the preferred_cache domain for the given authority
@@ -640,8 +655,8 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
640
655
  */
641
656
  generateScopes(requestScopes: string, responseScopes?: string): ScopeSet {
642
657
  return responseScopes
643
- ? ScopeSet.fromString(responseScopes)
644
- : ScopeSet.fromString(requestScopes);
658
+ ? ScopeSet.fromString(responseScopes, this.correlationId)
659
+ : ScopeSet.fromString(requestScopes, this.correlationId);
645
660
  }
646
661
 
647
662
  /**
@@ -689,7 +704,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
689
704
  * PopTokenGenerator to query the full key for signing
690
705
  */
691
706
  if (!request.keyId) {
692
- throw createClientAuthError(ClientAuthErrorCodes.keyIdMissing);
707
+ throw createClientAuthError(
708
+ ClientAuthErrorCodes.keyIdMissing,
709
+ this.correlationId
710
+ );
693
711
  }
694
712
  return popTokenGenerator.signPopToken(
695
713
  response.access_token,
@@ -751,6 +769,13 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
751
769
  */
752
770
  if (accountInfo.nativeAccountId !== response.account.id) {
753
771
  accountInfo.nativeAccountId = response.account.id;
772
+ // Also update the matching tenant profile (source of truth)
773
+ const targetTenantId = tid || accountInfo.tenantId;
774
+ const tenantProfile =
775
+ accountInfo.tenantProfiles?.get(targetTenantId);
776
+ if (tenantProfile) {
777
+ tenantProfile.nativeAccountId = response.account.id;
778
+ }
754
779
  }
755
780
 
756
781
  // generate PoP token as needed
@@ -861,6 +886,7 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
861
886
  tokenExpirationSeconds,
862
887
  0,
863
888
  base64Decode,
889
+ request.correlationId,
864
890
  undefined,
865
891
  request.tokenType as Constants.AuthenticationScheme,
866
892
  undefined,
@@ -994,16 +1020,13 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
994
1020
 
995
1021
  // scopes are expected to be received by the native broker as "scope" and will be added to the request below. Other properties that should be dropped from the request to the native broker can be included in the object destructuring here.
996
1022
  const { scopes, claims, ...remainingProperties } = request;
997
- const scopeSet = new ScopeSet(scopes || []);
1023
+ const scopeSet = new ScopeSet(scopes || [], this.correlationId);
998
1024
  scopeSet.appendScopes(Constants.OIDC_DEFAULT_SCOPES);
999
1025
 
1000
- const mergedClaims =
1001
- configClaims && configClaims.length
1002
- ? RequestParameterBuilder.addClientCapabilitiesToClaims(
1003
- claims,
1004
- configClaims
1005
- )
1006
- : claims;
1026
+ const mergedClaims = RequestParameterBuilder.buildMergedClaims(
1027
+ claims,
1028
+ configClaims?.length ? configClaims : undefined
1029
+ );
1007
1030
 
1008
1031
  const validatedRequest: PlatformAuthRequest = {
1009
1032
  ...remainingProperties,
@@ -1032,7 +1055,8 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
1032
1055
  // Check for PoP token requests: signPopToken should only be set to true if popKid is not set
1033
1056
  if (validatedRequest.signPopToken && !!request.popKid) {
1034
1057
  throw createBrowserAuthError(
1035
- BrowserAuthErrorCodes.invalidPopTokenRequest
1058
+ BrowserAuthErrorCodes.invalidPopTokenRequest,
1059
+ this.correlationId
1036
1060
  );
1037
1061
  }
1038
1062
 
@@ -1110,7 +1134,10 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
1110
1134
  );
1111
1135
  }
1112
1136
 
1113
- const canonicalAuthority = new UrlString(requestAuthority);
1137
+ const canonicalAuthority = new UrlString(
1138
+ requestAuthority,
1139
+ this.correlationId
1140
+ );
1114
1141
  canonicalAuthority.validateAsUri();
1115
1142
  return canonicalAuthority;
1116
1143
  }
@@ -1154,7 +1181,8 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
1154
1181
  this.correlationId
1155
1182
  );
1156
1183
  throw createBrowserAuthError(
1157
- BrowserAuthErrorCodes.nativePromptNotSupported
1184
+ BrowserAuthErrorCodes.nativePromptNotSupported,
1185
+ this.correlationId
1158
1186
  );
1159
1187
  }
1160
1188
  }
@@ -434,7 +434,7 @@ export class PopupClient extends StandardInteractionClient {
434
434
  popupParams.popup?.close();
435
435
 
436
436
  if (e instanceof AuthError) {
437
- (e as AuthError).setCorrelationId(this.correlationId);
437
+ (e as AuthError).correlationId = this.correlationId;
438
438
  serverTelemetryManager.cacheFailedRequest(e);
439
439
  }
440
440
  throw e;
@@ -759,7 +759,8 @@ export class PopupClient extends StandardInteractionClient {
759
759
  };
760
760
  const absoluteUrl = UrlString.getAbsoluteUrl(
761
761
  mainWindowRedirectUri,
762
- BrowserUtils.getCurrentUri()
762
+ BrowserUtils.getCurrentUri(),
763
+ this.correlationId
763
764
  );
764
765
  await this.navigationClient.navigateInternal(
765
766
  absoluteUrl,
@@ -779,7 +780,8 @@ export class PopupClient extends StandardInteractionClient {
779
780
  validRequest.state || "",
780
781
  {
781
782
  interactionType: InteractionType.Popup,
782
- }
783
+ },
784
+ validRequest.correlationId
783
785
  );
784
786
 
785
787
  // Create logout string and navigate user window to logout.
@@ -818,7 +820,8 @@ export class PopupClient extends StandardInteractionClient {
818
820
  };
819
821
  const absoluteUrl = UrlString.getAbsoluteUrl(
820
822
  mainWindowRedirectUri,
821
- BrowserUtils.getCurrentUri()
823
+ BrowserUtils.getCurrentUri(),
824
+ this.correlationId
822
825
  );
823
826
 
824
827
  this.logger.verbose(
@@ -844,7 +847,7 @@ export class PopupClient extends StandardInteractionClient {
844
847
  popupParams.popup?.close();
845
848
 
846
849
  if (e instanceof AuthError) {
847
- (e as AuthError).setCorrelationId(this.correlationId);
850
+ (e as AuthError).correlationId = this.correlationId;
848
851
  serverTelemetryManager.cacheFailedRequest(e);
849
852
  }
850
853
  this.eventHandler.emitEvent(
@@ -886,7 +889,8 @@ export class PopupClient extends StandardInteractionClient {
886
889
  // Throw error if request URL is empty.
887
890
  this.logger.error("Navigate url is empty", this.correlationId);
888
891
  throw createBrowserAuthError(
889
- BrowserAuthErrorCodes.emptyNavigateUri
892
+ BrowserAuthErrorCodes.emptyNavigateUri,
893
+ this.correlationId
890
894
  );
891
895
  }
892
896
  }
@@ -927,7 +931,8 @@ export class PopupClient extends StandardInteractionClient {
927
931
  // Popup will be null if popups are blocked
928
932
  if (!popupWindow) {
929
933
  throw createBrowserAuthError(
930
- BrowserAuthErrorCodes.emptyWindowError
934
+ BrowserAuthErrorCodes.emptyWindowError,
935
+ this.correlationId
931
936
  );
932
937
  }
933
938
  try {
@@ -958,7 +963,8 @@ export class PopupClient extends StandardInteractionClient {
958
963
  this.correlationId
959
964
  );
960
965
  throw createBrowserAuthError(
961
- BrowserAuthErrorCodes.popupWindowError
966
+ BrowserAuthErrorCodes.popupWindowError,
967
+ this.correlationId
962
968
  );
963
969
  }
964
970
  }
@@ -176,7 +176,7 @@ export class RedirectClient extends StandardInteractionClient {
176
176
  }
177
177
  } catch (e) {
178
178
  if (e instanceof AuthError) {
179
- e.setCorrelationId(this.correlationId);
179
+ e.correlationId = this.correlationId;
180
180
  }
181
181
  window.removeEventListener("pageshow", handleBackButton);
182
182
  throw e;
@@ -260,7 +260,7 @@ export class RedirectClient extends StandardInteractionClient {
260
260
  }
261
261
  } catch (e) {
262
262
  if (e instanceof AuthError) {
263
- e.setCorrelationId(this.correlationId);
263
+ e.correlationId = this.correlationId;
264
264
  serverTelemetryManager.cacheFailedRequest(e);
265
265
  }
266
266
  throw e;
@@ -341,6 +341,7 @@ export class RedirectClient extends StandardInteractionClient {
341
341
  reject(
342
342
  createBrowserAuthError(
343
343
  BrowserAuthErrorCodes.timedOut,
344
+ "",
344
345
  "failed_to_redirect"
345
346
  )
346
347
  );
@@ -388,6 +389,7 @@ export class RedirectClient extends StandardInteractionClient {
388
389
  reject(
389
390
  createBrowserAuthError(
390
391
  BrowserAuthErrorCodes.timedOut,
392
+ "",
391
393
  "failed_to_redirect"
392
394
  )
393
395
  );
@@ -530,7 +532,9 @@ export class RedirectClient extends StandardInteractionClient {
530
532
  let processHashOnRedirect: boolean = true;
531
533
  if (!loginRequestUrl) {
532
534
  // Redirect to home page if login request url is empty
533
- const homepage = BrowserUtils.getHomepage();
535
+ const homepage = BrowserUtils.getHomepage(
536
+ this.correlationId
537
+ );
534
538
  // Cache the homepage under ORIGIN_URI to ensure cached hash is processed on homepage
535
539
  this.browserStorage.setTemporaryCache(
536
540
  TemporaryCacheKeys.ORIGIN_URI,
@@ -573,7 +577,7 @@ export class RedirectClient extends StandardInteractionClient {
573
577
  return null;
574
578
  } catch (e) {
575
579
  if (e instanceof AuthError) {
576
- (e as AuthError).setCorrelationId(this.correlationId);
580
+ (e as AuthError).correlationId = this.correlationId;
577
581
  serverTelemetryManager.cacheFailedRequest(e);
578
582
  }
579
583
  throw e;
@@ -613,7 +617,8 @@ export class RedirectClient extends StandardInteractionClient {
613
617
  ResponseHandler.validateInteractionType(
614
618
  response,
615
619
  this.browserCrypto,
616
- InteractionType.Redirect
620
+ InteractionType.Redirect,
621
+ this.correlationId
617
622
  );
618
623
  } catch (e) {
619
624
  if (e instanceof AuthError) {
@@ -669,7 +674,10 @@ export class RedirectClient extends StandardInteractionClient {
669
674
  ): Promise<AuthenticationResult> {
670
675
  const state = serverParams.state;
671
676
  if (!state) {
672
- throw createBrowserAuthError(BrowserAuthErrorCodes.noStateInHash);
677
+ throw createBrowserAuthError(
678
+ BrowserAuthErrorCodes.noStateInHash,
679
+ request.correlationId
680
+ );
673
681
  }
674
682
 
675
683
  const { authority, azureCloudOptions, extraQueryParameters, account } =
@@ -812,7 +820,8 @@ export class RedirectClient extends StandardInteractionClient {
812
820
  this.correlationId
813
821
  );
814
822
  throw createBrowserAuthError(
815
- BrowserAuthErrorCodes.emptyNavigateUri
823
+ BrowserAuthErrorCodes.emptyNavigateUri,
824
+ this.correlationId
816
825
  );
817
826
  }
818
827
  }
@@ -894,7 +903,8 @@ export class RedirectClient extends StandardInteractionClient {
894
903
  validLogoutRequest.state || "",
895
904
  {
896
905
  interactionType: InteractionType.Redirect,
897
- }
906
+ },
907
+ validLogoutRequest.correlationId
898
908
  );
899
909
 
900
910
  // Create logout string and navigate user window to logout.
@@ -955,7 +965,7 @@ export class RedirectClient extends StandardInteractionClient {
955
965
  }
956
966
  } catch (e) {
957
967
  if (e instanceof AuthError) {
958
- (e as AuthError).setCorrelationId(this.correlationId);
968
+ (e as AuthError).correlationId = this.correlationId;
959
969
  serverTelemetryManager.cacheFailedRequest(e);
960
970
  }
961
971
  this.eventHandler.emitEvent(
@@ -988,7 +998,8 @@ export class RedirectClient extends StandardInteractionClient {
988
998
  const redirectStartPage = requestStartPage || window.location.href;
989
999
  const absoluteRedirectStartPage = UrlString.getAbsoluteUrl(
990
1000
  redirectStartPage,
991
- BrowserUtils.getCurrentUri()
1001
+ BrowserUtils.getCurrentUri(),
1002
+ this.correlationId
992
1003
  );
993
1004
  // Sanity check the URL before it is cached so we never persist a malformed value (e.g. the literal string "null")
994
1005
  UrlUtils.validateUrl(
@@ -73,7 +73,8 @@ export class SilentAuthCodeClient extends StandardInteractionClient {
73
73
  // Auth code payload is required
74
74
  if (!request.code) {
75
75
  throw createBrowserAuthError(
76
- BrowserAuthErrorCodes.authCodeRequired
76
+ BrowserAuthErrorCodes.authCodeRequired,
77
+ this.correlationId
77
78
  );
78
79
  }
79
80
 
@@ -168,7 +169,7 @@ export class SilentAuthCodeClient extends StandardInteractionClient {
168
169
  );
169
170
  } catch (e) {
170
171
  if (e instanceof AuthError) {
171
- (e as AuthError).setCorrelationId(this.correlationId);
172
+ (e as AuthError).correlationId = this.correlationId;
172
173
  serverTelemetryManager.cacheFailedRequest(e);
173
174
  }
174
175
  throw e;
@@ -182,7 +183,8 @@ export class SilentAuthCodeClient extends StandardInteractionClient {
182
183
  // Synchronous so we must reject
183
184
  return Promise.reject(
184
185
  createBrowserAuthError(
185
- BrowserAuthErrorCodes.silentLogoutUnsupported
186
+ BrowserAuthErrorCodes.silentLogoutUnsupported,
187
+ ""
186
188
  )
187
189
  );
188
190
  }
@@ -230,7 +230,7 @@ export class SilentIframeClient extends StandardInteractionClient {
230
230
  )(authClient, request);
231
231
  } catch (e) {
232
232
  if (e instanceof AuthError) {
233
- (e as AuthError).setCorrelationId(this.correlationId);
233
+ (e as AuthError).correlationId = this.correlationId;
234
234
  serverTelemetryManager.cacheFailedRequest(e);
235
235
  }
236
236
 
@@ -497,7 +497,8 @@ export class SilentIframeClient extends StandardInteractionClient {
497
497
  // Validate the response - this checks for errors and validates state
498
498
  AuthorizeProtocol.validateAuthorizationResponse(
499
499
  serverParams,
500
- silentRequest.state
500
+ silentRequest.state,
501
+ correlationId
501
502
  );
502
503
 
503
504
  // Verify a valid authorization code is present
@@ -523,7 +524,8 @@ export class SilentIframeClient extends StandardInteractionClient {
523
524
  // Synchronous so we must reject
524
525
  return Promise.reject(
525
526
  createBrowserAuthError(
526
- BrowserAuthErrorCodes.silentLogoutUnsupported
527
+ BrowserAuthErrorCodes.silentLogoutUnsupported,
528
+ ""
527
529
  )
528
530
  );
529
531
  }
@@ -90,7 +90,7 @@ export class SilentRefreshClient extends StandardInteractionClient {
90
90
  request.correlationId
91
91
  )(silentRequest, ApiId.acquireTokenSilent_silentFlow).catch(
92
92
  (e: AuthError) => {
93
- (e as AuthError).setCorrelationId(this.correlationId);
93
+ (e as AuthError).correlationId = this.correlationId;
94
94
  serverTelemetryManager.cacheFailedRequest(e);
95
95
  throw e;
96
96
  }
@@ -104,7 +104,8 @@ export class SilentRefreshClient extends StandardInteractionClient {
104
104
  // Synchronous so we must reject
105
105
  return Promise.reject(
106
106
  createBrowserAuthError(
107
- BrowserAuthErrorCodes.silentLogoutUnsupported
107
+ BrowserAuthErrorCodes.silentLogoutUnsupported,
108
+ ""
108
109
  )
109
110
  );
110
111
  }
@@ -120,7 +120,8 @@ export abstract class StandardInteractionClient extends BaseInteractionClient {
120
120
  validLogoutRequest.postLogoutRedirectUri =
121
121
  UrlString.getAbsoluteUrl(
122
122
  logoutRequest.postLogoutRedirectUri,
123
- BrowserUtils.getCurrentUri()
123
+ BrowserUtils.getCurrentUri(),
124
+ validLogoutRequest.correlationId
124
125
  );
125
126
  } else if (this.config.auth.postLogoutRedirectUri === null) {
126
127
  this.logger.verbose(
@@ -135,7 +136,8 @@ export abstract class StandardInteractionClient extends BaseInteractionClient {
135
136
  validLogoutRequest.postLogoutRedirectUri =
136
137
  UrlString.getAbsoluteUrl(
137
138
  this.config.auth.postLogoutRedirectUri,
138
- BrowserUtils.getCurrentUri()
139
+ BrowserUtils.getCurrentUri(),
140
+ validLogoutRequest.correlationId
139
141
  );
140
142
  } else {
141
143
  this.logger.verbose(
@@ -145,7 +147,8 @@ export abstract class StandardInteractionClient extends BaseInteractionClient {
145
147
  validLogoutRequest.postLogoutRedirectUri =
146
148
  UrlString.getAbsoluteUrl(
147
149
  BrowserUtils.getCurrentUri(),
148
- BrowserUtils.getCurrentUri()
150
+ BrowserUtils.getCurrentUri(),
151
+ validLogoutRequest.correlationId
149
152
  );
150
153
  }
151
154
  } else {
@@ -349,7 +352,8 @@ export async function initializeAuthorizationRequest(
349
352
  const state = ProtocolUtils.setRequestState(
350
353
  browserCrypto,
351
354
  (request && request.state) || "",
352
- browserState
355
+ browserState,
356
+ correlationId
353
357
  );
354
358
 
355
359
  const baseRequest: BaseAuthRequest = await invokeAsync(
@@ -64,7 +64,8 @@ export class InteractionHandler {
64
64
  try {
65
65
  authCodeResponse = AuthorizeProtocol.getAuthorizationCodePayload(
66
66
  response,
67
- request.state
67
+ request.state,
68
+ request.correlationId
68
69
  );
69
70
  } catch (e) {
70
71
  if (
@@ -73,7 +74,8 @@ export class InteractionHandler {
73
74
  ) {
74
75
  // Translate server error caused by user closing native prompt to corresponding first class MSAL error
75
76
  throw createBrowserAuthError(
76
- BrowserAuthErrorCodes.userCancelled
77
+ BrowserAuthErrorCodes.userCancelled,
78
+ request.correlationId
77
79
  );
78
80
  } else {
79
81
  throw e;
@@ -30,7 +30,10 @@ export async function initiateCodeRequest(
30
30
  if (!requestUrl) {
31
31
  // Throw error if request URL is empty.
32
32
  logger.info("Navigate url is empty", correlationId);
33
- throw createBrowserAuthError(BrowserAuthErrorCodes.emptyNavigateUri);
33
+ throw createBrowserAuthError(
34
+ BrowserAuthErrorCodes.emptyNavigateUri,
35
+ correlationId
36
+ );
34
37
  }
35
38
 
36
39
  frame.src = requestUrl;
@@ -75,7 +75,7 @@ export class NestedAppAuthAdapter {
75
75
 
76
76
  const correlationId =
77
77
  request.correlationId || this.crypto.createNewGuid();
78
- const claims = RequestParameterBuilder.addClientCapabilitiesToClaims(
78
+ const claims = RequestParameterBuilder.buildMergedClaims(
79
79
  request.claims,
80
80
  this.clientCapabilities
81
81
  );
@@ -104,7 +104,10 @@ export class NestedAppAuthAdapter {
104
104
  reqTimestamp: number
105
105
  ): AuthenticationResult {
106
106
  if (!response.token.id_token || !response.token.access_token) {
107
- throw createClientAuthError(ClientAuthErrorCodes.nullOrEmptyToken);
107
+ throw createClientAuthError(
108
+ ClientAuthErrorCodes.nullOrEmptyToken,
109
+ request.correlationId
110
+ );
108
111
  }
109
112
 
110
113
  // Request timestamp and AuthResult expires_in are in seconds, converting to Date for AuthenticationResult
@@ -113,7 +116,8 @@ export class NestedAppAuthAdapter {
113
116
  );
114
117
  const idTokenClaims = AuthToken.extractTokenClaims(
115
118
  response.token.id_token,
116
- this.crypto.base64Decode
119
+ this.crypto.base64Decode,
120
+ request.correlationId
117
121
  );
118
122
  const account = this.fromNaaAccountInfo(
119
123
  response.account,
@@ -196,7 +200,8 @@ export class NestedAppAuthAdapter {
196
200
  const environment = fromAccount.environment;
197
201
  if (!environment) {
198
202
  throw createClientAuthError(
199
- ClientAuthErrorCodes.invalidCacheEnvironment
203
+ ClientAuthErrorCodes.invalidCacheEnvironment,
204
+ ""
200
205
  );
201
206
  }
202
207
 
@@ -225,6 +230,7 @@ export class NestedAppAuthAdapter {
225
230
  homeAccountId,
226
231
  localAccountId,
227
232
  tenantId,
233
+ fromAccount.platformBrokerId,
228
234
  effectiveIdTokenClaims
229
235
  );
230
236
  tenantProfiles.set(tenantId, tenantProfile);
@@ -239,6 +245,7 @@ export class NestedAppAuthAdapter {
239
245
  loginHint,
240
246
  idToken: idToken,
241
247
  idTokenClaims: effectiveIdTokenClaims,
248
+ nativeAccountId: fromAccount.platformBrokerId,
242
249
  tenantProfiles,
243
250
  };
244
251
 
@@ -262,39 +269,57 @@ export class NestedAppAuthAdapter {
262
269
  switch (error.status) {
263
270
  case BridgeStatusCode.UserCancel:
264
271
  return new ClientAuthError(
265
- ClientAuthErrorCodes.userCanceled
272
+ ClientAuthErrorCodes.userCanceled,
273
+ ""
266
274
  );
267
275
  case BridgeStatusCode.NoNetwork:
268
276
  return new ClientAuthError(
269
- ClientAuthErrorCodes.noNetworkConnectivity
277
+ ClientAuthErrorCodes.noNetworkConnectivity,
278
+ ""
270
279
  );
271
280
  case BridgeStatusCode.AccountUnavailable:
272
281
  return new ClientAuthError(
273
- ClientAuthErrorCodes.noAccountFound
282
+ ClientAuthErrorCodes.noAccountFound,
283
+ ""
274
284
  );
275
285
  case BridgeStatusCode.Disabled:
276
286
  return new ClientAuthError(
277
- ClientAuthErrorCodes.nestedAppAuthBridgeDisabled
287
+ ClientAuthErrorCodes.nestedAppAuthBridgeDisabled,
288
+ ""
278
289
  );
279
290
  case BridgeStatusCode.NestedAppAuthUnavailable:
280
291
  return new ClientAuthError(
281
292
  error.code ||
282
293
  ClientAuthErrorCodes.nestedAppAuthBridgeDisabled,
294
+ "",
283
295
  error.description
284
296
  );
285
297
  case BridgeStatusCode.TransientError:
286
298
  case BridgeStatusCode.PersistentError:
287
- return new ServerError(error.code, error.description);
299
+ return new ServerError(
300
+ error.code || "",
301
+ "",
302
+ error.description
303
+ );
288
304
  case BridgeStatusCode.UserInteractionRequired:
289
305
  return new InteractionRequiredAuthError(
290
- error.code,
306
+ error.code || "",
307
+ "",
291
308
  error.description
292
309
  );
293
310
  default:
294
- return new AuthError(error.code, error.description);
311
+ return new AuthError(
312
+ error.code || "",
313
+ "",
314
+ error.description
315
+ );
295
316
  }
296
317
  } else {
297
- return new AuthError("unknown_error", "An unknown error occurred");
318
+ return new AuthError(
319
+ "unknown_error",
320
+ "",
321
+ "An unknown error occurred"
322
+ );
298
323
  }
299
324
  }
300
325
 
@@ -315,12 +340,16 @@ export class NestedAppAuthAdapter {
315
340
  correlationId: string
316
341
  ): AuthenticationResult {
317
342
  if (!idToken || !accessToken) {
318
- throw createClientAuthError(ClientAuthErrorCodes.nullOrEmptyToken);
343
+ throw createClientAuthError(
344
+ ClientAuthErrorCodes.nullOrEmptyToken,
345
+ correlationId
346
+ );
319
347
  }
320
348
 
321
349
  const idTokenClaims = AuthToken.extractTokenClaims(
322
350
  idToken.secret,
323
- this.crypto.base64Decode
351
+ this.crypto.base64Decode,
352
+ correlationId
324
353
  );
325
354
 
326
355
  const scopes = accessToken.target || request.scopes.join(" ");
@@ -55,6 +55,7 @@ export class NavigationClient implements INavigationClient {
55
55
  reject(
56
56
  createBrowserAuthError(
57
57
  BrowserAuthErrorCodes.timedOut,
58
+ "",
58
59
  "failed_to_redirect"
59
60
  )
60
61
  );