@azure/msal-browser 5.16.0 → 5.17.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/IPublicClientApplication.mjs.map +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs.map +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AccountManager.mjs.map +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs.map +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CacheKeys.mjs.map +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/CookieStorage.mjs.map +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs.map +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/LocalStorage.mjs.map +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs.map +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs.map +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/cache/TokenCache.mjs.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.mjs +2 -2
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs.map +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs.map +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs.map +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom_auth/CustomAuthPublicClientApplication.mjs.map +1 -1
- package/dist/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom_auth/controller/CustomAuthStandardController.mjs.map +1 -1
- package/dist/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom_auth/core/CustomAuthAuthority.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs.map +1 -1
- package/dist/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom_auth/core/error/CustomAuthApiError.mjs.map +1 -1
- package/dist/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom_auth/core/error/CustomAuthError.mjs.map +1 -1
- package/dist/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom_auth/core/error/HttpError.mjs.map +1 -1
- package/dist/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom_auth/core/error/InvalidArgumentError.mjs.map +1 -1
- package/dist/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom_auth/core/error/InvalidConfigurationError.mjs.map +1 -1
- package/dist/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom_auth/core/error/MethodNotImplementedError.mjs.map +1 -1
- package/dist/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom_auth/core/error/MsalCustomAuthError.mjs.map +1 -1
- package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs.map +1 -1
- package/dist/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom_auth/core/error/ParsedUrlError.mjs.map +1 -1
- package/dist/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom_auth/core/error/UnexpectedError.mjs.map +1 -1
- package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs.map +1 -1
- package/dist/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom_auth/core/error/UserAccountAttributeError.mjs.map +1 -1
- package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs.map +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs.map +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs.map +1 -1
- package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs.map +1 -1
- package/dist/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs.map +1 -1
- package/dist/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs.map +1 -1
- package/dist/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom_auth/core/utils/ArgumentValidator.mjs.map +1 -1
- package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs +1 -1
- package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs.map +1 -1
- package/dist/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom_auth/core/utils/UrlUtils.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs.map +1 -1
- package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs.map +1 -1
- package/dist/custom_auth/index.mjs +1 -1
- package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs.map +1 -1
- package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs.map +1 -1
- package/dist/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs.map +1 -1
- package/dist/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs.map +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +3 -2
- package/dist/error/BrowserAuthErrorCodes.mjs.map +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs.map +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthError.mjs.map +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs.map +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventHandler.mjs.map +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventMessage.mjs.map +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/event/EventType.mjs.map +1 -1
- package/dist/index.mjs +1 -1
- package/dist/index.mjs.map +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +77 -10
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/log-strings-mapping.json +7 -3
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +2 -2
- package/dist/naa/BridgeProxy.mjs.map +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs.map +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/network/FetchClient.mjs.map +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs.map +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs.map +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs.map +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/popup_relay/constants.mjs +21 -0
- package/dist/popup_relay/constants.mjs.map +1 -0
- package/dist/popup_relay/index.mjs +163 -0
- package/dist/popup_relay/index.mjs.map +1 -0
- package/dist/popup_relay/relayClient.mjs +114 -0
- package/dist/popup_relay/relayClient.mjs.map +1 -0
- package/dist/protocol/Authorize.mjs +42 -24
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/redirect_bridge/index.mjs +1 -1
- package/dist/redirect_bridge/index.mjs.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/request/RequestHelpers.mjs.map +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs.map +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs.map +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs.map +1 -1
- package/dist/utils/BrowserUtils.mjs +2 -2
- package/dist/utils/BrowserUtils.mjs.map +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/Helpers.mjs.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +7 -3
- package/lib/custom-auth-path/msal-custom-auth.cjs +5973 -5767
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.js +5973 -5767
- package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
- package/lib/log-strings-mapping.json +7 -3
- package/lib/msal-browser.cjs +6814 -6605
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +6814 -6605
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/popup-relay/msal-popup-relay.cjs +278 -0
- package/lib/popup-relay/msal-popup-relay.cjs.map +1 -0
- package/lib/popup-relay/msal-popup-relay.js +284 -0
- package/lib/popup-relay/msal-popup-relay.js.map +1 -0
- package/lib/popup-relay/msal-popup-relay.min.js +2 -0
- package/lib/redirect-bridge/msal-redirect-bridge.cjs +39 -39
- package/lib/redirect-bridge/msal-redirect-bridge.cjs.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.js +39 -39
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
- package/package.json +14 -3
- package/scripts/README.md +112 -0
- package/scripts/decode-logs.cjs +822 -0
- package/src/config/Configuration.ts +18 -0
- package/src/error/BrowserAuthErrorCodes.ts +1 -0
- package/src/interaction_client/PopupClient.ts +137 -23
- package/src/packageMetadata.ts +1 -1
- package/src/popup_relay/constants.ts +17 -0
- package/src/popup_relay/index.ts +221 -0
- package/src/popup_relay/relayClient.ts +178 -0
- package/src/protocol/Authorize.ts +76 -27
- package/types/config/Configuration.d.ts +16 -0
- package/types/config/Configuration.d.ts.map +1 -1
- package/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/types/error/BrowserAuthErrorCodes.d.ts +1 -0
- package/types/error/BrowserAuthErrorCodes.d.ts.map +1 -1
- package/types/interaction_client/PopupClient.d.ts +13 -0
- package/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/types/packageMetadata.d.ts +1 -1
- package/types/popup_relay/constants.d.ts +13 -0
- package/types/popup_relay/constants.d.ts.map +1 -0
- package/types/popup_relay/index.d.cts +1 -0
- package/types/popup_relay/index.d.ts +42 -0
- package/types/popup_relay/index.d.ts.map +1 -0
- package/types/popup_relay/relayClient.d.ts +43 -0
- package/types/popup_relay/relayClient.d.ts.map +1 -0
- package/types/protocol/Authorize.d.ts +25 -0
- package/types/protocol/Authorize.d.ts.map +1 -1
package/lib/msal-browser.min.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.
|
|
2
|
-
"use strict";!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).msal={})}(this,(function(e){const t="https://login.microsoftonline.com/common/",r="common",o=`${t}discovery/instance?api-version=1.1&authorization_endpoint=`,n=".ciamlogin.com",i=".onmicrosoft.com",s="openid",a="profile",c="offline_access",l="S256",h="N/A",d="Not Available",u="http://169.254.169.254/metadata/instance/compute",g=["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"],p="GET",m="POST",f=[s,a,c],y=[...f,"email"],I="Content-Type",w="Content-Length",C="Retry-After",v="X-AnchorMailbox",k="WWW-Authenticate",T="Authentication-Info",b="x-ms-request-id",A="x-ms-httpver",S="active-account-filters",_="common",E="organizations",P="consumers",R="access_token",O="xms_cc",M="id_token",x="signin_state",q="login_hint",N={LOGIN:"login",SELECT_ACCOUNT:"select_account",CONSENT:"consent",NONE:"none",CREATE:"create",NO_SESSION:"no_session"},U="code",L="id_token token refresh_token",F={QUERY:"query",FRAGMENT:"fragment",FORM_POST:"form_post"},H="authorization_code",D="refresh_token",$="Generic",K={ID_TOKEN:"IdToken",ACCESS_TOKEN:"AccessToken",ACCESS_TOKEN_WITH_AUTH_SCHEME:"AccessToken_With_AuthScheme",REFRESH_TOKEN:"RefreshToken"},B="appmetadata",z="1",j="authority-metadata",J="config",W="cache",G="network",Q="hardcoded_values",V=5,Y="server-telemetry",Z=",",X={BEARER:"Bearer",POP:"pop",SSH:"ssh-cert"},ee="throttling",te="1",re="3",oe="4",ne="2",ie="4",se="5",ae="0",ce="1",le="2",he="3",de="4",ue={Jwt:"JWT",Jwk:"JWK",Pop:"pop"},ge="client_id",pe="redirect_uri",me="token_type",fe="req_cnf",ye="return_spa_code",Ie="x-client-xtra-sku",we="brk_client_id",Ce="brk_redirect_uri",ve="instance_aware";function ke(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class Te extends Error{constructor(e,t,r,o){const n=r||(e?ke(e):"");super(n?`${e}: ${n}`:e),Object.setPrototypeOf(this,Te.prototype),this.errorCode=e||"",this.errorMessage=n||"",this.subError=o||"",this.correlationId=t,this.name="AuthError"}}function be(e,t,r){return new Te(e,t,r||ke(e))}class Ae extends Te{constructor(e,t){super(e,t),this.name="ClientConfigurationError",Object.setPrototypeOf(this,Ae.prototype)}}function Se(e,t){return new Ae(e,t)}class _e{static isEmptyObj(e){if(e)try{const t=JSON.parse(e);return 0===Object.keys(t).length}catch(e){}return!0}static startsWith(e,t){return 0===e.indexOf(t)}static endsWith(e,t){return e.length>=t.length&&e.lastIndexOf(t)===e.length-t.length}static queryStringToObject(e){const t={},r=e.split("&"),o=e=>decodeURIComponent(e.replace(/\+/g," "));return r.forEach((e=>{if(e.trim()){const[r,n]=e.split(/=(.+)/g,2);r&&n&&(t[o(r)]=o(n))}})),t}static trimArrayEntries(e){return e.map((e=>e.trim()))}static removeEmptyStringsFromArray(e){return e.filter((e=>!!e))}static jsonParseHelper(e){try{return JSON.parse(e)}catch(e){return null}}}class Ee extends Te{constructor(e,t,r){super(e,t,r),this.name="ClientAuthError",Object.setPrototypeOf(this,Ee.prototype)}}function Pe(e,t,r){return new Ee(e,t,r)}const Re="redirect_uri_empty",Oe="authority_uri_insecure",Me="url_parse_error",xe="empty_url_error",qe="empty_input_scopes_error",Ne="invalid_claims",Ue="token_request_empty",Le="logout_request_empty",Fe="pkce_params_missing",He="invalid_cloud_discovery_metadata",De="invalid_authority_metadata",$e="untrusted_authority",Ke="missing_ssh_jwk",Be="missing_ssh_kid",ze="missing_nonce_authentication_header",je="invalid_authentication_header",Je="cannot_set_OIDCOptions",We="cannot_allow_platform_broker",Ge="authority_mismatch",Qe="invalid_request_method_for_EAR",Ve="invalid_platform_broker_configuration",Ye="issuer_validation_failed";var Ze=Object.freeze({__proto__:null,authorityMismatch:Ge,authorityUriInsecure:Oe,cannotAllowPlatformBroker:We,cannotSetOIDCOptions:Je,claimsRequestParsingError:"claims_request_parsing_error",emptyInputScopesError:qe,invalidAuthenticationHeader:je,invalidAuthorityMetadata:De,invalidClaims:Ne,invalidCloudDiscoveryMetadata:He,invalidCodeChallengeMethod:"invalid_code_challenge_method",invalidPlatformBrokerConfiguration:Ve,invalidRequestMethodForEAR:Qe,issuerValidationFailed:Ye,logoutRequestEmpty:Le,missingNonceAuthenticationHeader:ze,missingSshJwk:Ke,missingSshKid:Be,pkceParamsMissing:Fe,redirectUriEmpty:Re,tokenRequestEmpty:Ue,untrustedAuthority:$e,urlEmptyError:xe,urlParseError:Me});const Xe="client_info_decoding_error",et="client_info_empty_error",tt="token_parsing_error",rt="null_or_empty_token",ot="endpoints_resolution_error",nt="network_error",it="openid_config_error",st="hash_not_deserialized",at="invalid_state",ct="state_mismatch",lt="state_not_found",ht="nonce_mismatch",dt="multiple_matching_appMetadata",ut="request_cannot_be_made",gt="cannot_remove_empty_scope",pt="cannot_append_scopeset",mt="empty_input_scopeset",ft="no_account_in_silent_request",yt="invalid_cache_record",It="invalid_cache_environment",wt="no_account_found",Ct="no_crypto_object",vt="token_refresh_required",kt="token_claims_cnf_required_for_signedjwt",Tt="authorization_code_missing_from_server_response",bt="binding_key_not_removed",At="end_session_endpoint_not_supported",St="key_id_missing",_t="no_network_connectivity",Et="user_canceled",Pt="method_not_implemented",Rt="nested_app_auth_bridge_disabled",Ot="resource_parameter_required",Mt="misplaced_resource_parameter";var xt=Object.freeze({__proto__:null,authorizationCodeMissingFromServerResponse:Tt,bindingKeyNotRemoved:bt,cannotAppendScopeSet:pt,cannotRemoveEmptyScope:gt,clientInfoDecodingError:Xe,clientInfoEmptyError:et,emptyInputScopeSet:mt,endSessionEndpointNotSupported:At,endpointResolutionError:ot,hashNotDeserialized:st,invalidCacheEnvironment:It,invalidCacheRecord:yt,invalidState:at,keyIdMissing:St,methodNotImplemented:Pt,misplacedResourceParam:Mt,multipleMatchingAppMetadata:dt,multipleMatchingTokens:"multiple_matching_tokens",nestedAppAuthBridgeDisabled:Rt,networkError:nt,noAccountFound:wt,noAccountInSilentRequest:ft,noCryptoObject:Ct,noNetworkConnectivity:_t,nonceMismatch:ht,nullOrEmptyToken:rt,openIdConfigError:it,platformBrokerError:"platform_broker_error",requestCannotBeMade:ut,resourceParameterRequired:Ot,stateMismatch:ct,stateNotFound:lt,tokenClaimsCnfRequiredForSignedJwt:kt,tokenParsingError:tt,tokenRefreshRequired:vt,unexpectedCredentialType:"unexpected_credential_type",userCanceled:Et});class qt{constructor(e,t){this.correlationId=t;const r=e?_e.trimArrayEntries([...e]):[],o=r?_e.removeEmptyStringsFromArray(r):[];if(!o||!o.length)throw Se(qe,t);this.scopes=new Set,o.forEach((e=>this.scopes.add(e)))}static fromString(e,t){const r=(e||"").split(" ");return new qt(r,t)}static createSearchScopes(e,t){const r=e&&e.length>0?e:[...f],o=new qt(r,t);return o.containsOnlyOIDCScopes()?o.removeScope(c):o.removeOIDCScopes(),o}containsScope(e){const t=this.printScopesLowerCase().split(" "),r=new qt(t,this.correlationId);return!!e&&r.scopes.has(e.toLowerCase())}containsScopeSet(e){return!(!e||e.scopes.size<=0)&&(this.scopes.size>=e.scopes.size&&e.asArray().every((e=>this.containsScope(e))))}containsOnlyOIDCScopes(){let e=0;return y.forEach((t=>{this.containsScope(t)&&(e+=1)})),this.scopes.size===e}appendScope(e){e&&this.scopes.add(e.trim())}appendScopes(e){try{e.forEach((e=>this.appendScope(e)))}catch(e){throw Pe(pt,this.correlationId)}}removeScope(e){if(!e)throw Pe(gt,this.correlationId);this.scopes.delete(e.trim())}removeOIDCScopes(){y.forEach((e=>{this.scopes.delete(e)}))}unionScopeSets(e){if(!e)throw Pe(mt,this.correlationId);const t=new Set;return e.scopes.forEach((e=>t.add(e.toLowerCase()))),this.scopes.forEach((e=>t.add(e.toLowerCase()))),t}intersectingScopeSets(e){if(!e)throw Pe(mt,this.correlationId);e.containsOnlyOIDCScopes()||e.removeOIDCScopes();const t=this.unionScopeSets(e),r=e.getScopeCount(),o=this.getScopeCount();return t.size<o+r}getScopeCount(){return this.scopes.size}asArray(){const e=[];return this.scopes.forEach((t=>e.push(t))),e}printScopes(){if(this.scopes){return this.asArray().join(" ")}return""}printScopesLowerCase(){return this.printScopes().toLowerCase()}}function Nt(e,t,r){if(!t)return;const o=e.get(ge);o&&e.has(we)&&r?.addFields({embeddedClientId:o,embeddedRedirectUri:e.get(pe)},t)}function Ut(e,t){e.set("response_type",t)}function Lt(e,t,r,o=!0,n=f){!o||n.includes("openid")||t.includes("openid")||n.push("openid");const i=o?[...t||[],...n]:t||[],s=new qt(i,r);e.set("scope",s.printScopes())}function Ft(e,t){e.set(ge,t)}function Ht(e,t){e.set(pe,t)}function Dt(e,t){e.set("login_hint",t)}function $t(e,t){e.set(v,`UPN:${t}`)}function Kt(e,t){e.set(v,`Oid:${t.uid}@${t.utid}`)}function Bt(e,t){e.set("sid",t)}function zt(e,t,r,o,n){const i=nr(r,n&&e.has(we)?void 0:o,t);e.set("claims",i)}function jt(e,t){e.set("client-request-id",t)}function Jt(e,t){e.set("x-client-SKU",t.sku),e.set("x-client-VER",t.version),t.os&&e.set("x-client-OS",t.os),t.cpu&&e.set("x-client-CPU",t.cpu)}function Wt(e,t){t?.appName&&e.set("x-app-name",t.appName),t?.appVersion&&e.set("x-app-ver",t.appVersion)}function Gt(e,t){t&&e.set("state",t)}function Qt(e,t,r){if(!t||!r)throw Se(Fe,"");e.set("code_challenge",t),e.set("code_challenge_method",r)}function Vt(e,t){e.set("client_secret",t)}function Yt(e,t){t&&e.set("client_assertion",t)}function Zt(e,t){t&&e.set("client_assertion_type",t)}function Xt(e,t){e.set("grant_type",t)}function er(e){e.set("client_info","1")}function tr(e){e.has(ve)||e.set(ve,"true")}function rr(e,t){Object.entries(t).forEach((([t,r])=>{!e.has(t)&&r&&e.set(t,r)}))}const or={[x]:{essential:!1},[q]:{essential:!1}};function nr(e,t,r=""){let o;if(e)try{const t=JSON.parse(e);if("object"!=typeof t||null===t||Array.isArray(t))throw new Error("Claims must be a JSON object");o=t}catch(e){throw Se(Ne,r)}else o={};Object.prototype.hasOwnProperty.call(o,M)||(o[M]={});const n=o[M];for(const[e,t]of Object.entries(or))e in n||(n[e]=t);return t&&t.length>0&&(Object.prototype.hasOwnProperty.call(o,R)||(o[R]={}),o[R][O]={values:t}),JSON.stringify(o)}function ir(e,t){t&&(e.set(me,X.POP),e.set(fe,t))}function sr(e,t){t&&(e.set(me,X.SSH),e.set(fe,t))}function ar(e,t){e.set("x-client-current-telemetry",t.generateCurrentRequestHeaderValue()),e.set("x-client-last-telemetry",t.generateLastRequestHeaderValue())}function cr(e){e.set("x-ms-lib-capability","retry-after, h429")}function lr(e,t,r){e.has(we)||e.set(we,t),e.has(Ce)||e.set(Ce,r)}function hr(e,t){t&&e.set("resource",t)}function dr(e){return e.startsWith("#/")?e.substring(2):e.startsWith("#")||e.startsWith("?")?e.substring(1):e}function ur(e){if(!e||e.indexOf("=")<0)return null;try{const t=dr(e),r=Object.fromEntries(new URLSearchParams(t));if(r.code||r.ear_jwe||r.error||r.error_description||r.state)return r}catch(e){throw Pe(st,"")}return null}function gr(e){const t=new Array;return e.forEach(((e,r)=>{t.push(`${r}=${encodeURIComponent(e)}`)})),t.join("&")}function pr(e,t,r){if(!e)return e;const o=e.split("#")[0];if(!o)return o;try{const e=new URL(o);let t;e.search||(e.search="");try{t=decodeURIComponent(e.pathname)}catch(r){t=e.pathname}return t.endsWith("/")||(t+="/"),e.pathname=t,e.href}catch(e){throw t?.error(`15apdm ${e}`,r||""),Se(Me,r||"")}}const mr={createNewGuid:()=>{throw Pe(Pt,"")},base64Decode:()=>{throw Pe(Pt,"")},base64Encode:()=>{throw Pe(Pt,"")},base64UrlEncode:()=>{throw Pe(Pt,"")},encodeKid:()=>{throw Pe(Pt,"")},async getPublicKeyThumbprint(){throw Pe(Pt,"")},async removeTokenBindingKey(){throw Pe(Pt,"")},async clearKeystore(){throw Pe(Pt,"")},async signJwt(){throw Pe(Pt,"")},async hashString(){throw Pe(Pt,"")}};var fr;e.LogLevel=void 0,(fr=e.LogLevel||(e.LogLevel={}))[fr.Error=0]="Error",fr[fr.Warning=1]="Warning",fr[fr.Info=2]="Info",fr[fr.Verbose=3]="Verbose",fr[fr.Trace=4]="Trace";const yr=new Map;function Ir(e,t){const r=Date.now();let o=yr.get(e);if(o)!function(e,t){yr.delete(e),yr.set(e,t)}(e,o);else if(o={logs:[],firstEventTime:r},yr.set(e,o),yr.size>50){const e=yr.keys().next().value;void 0!==e&&yr.delete(e)}o.logs.push({...t,milliseconds:r-o.firstEventTime}),o.logs.length>500&&o.logs.shift()}class wr{constructor(t,r,o){this.level=e.LogLevel.Info;const n=t||wr.createDefaultLoggerOptions();this.localCallback=n.loggerCallback||(()=>{}),this.piiLoggingEnabled=n.piiLoggingEnabled||!1,this.level="number"==typeof n.logLevel?n.logLevel:e.LogLevel.Info,this.packageName=r||"",this.packageVersion=o||""}static createDefaultLoggerOptions(){return{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info}}clone(e,t){return new wr({loggerCallback:this.localCallback,piiLoggingEnabled:this.piiLoggingEnabled,logLevel:this.level},e,t)}logMessage(t,r){const o=r.correlationId,n=function(e){if(e.length<6)return null;if(e.length>6&&" "!==e[6])return null;for(let t=0;t<6;t++){const r=e[t];if(!(r>="a"&&r<="z"||r>="A"&&r<="Z"||r>="0"&&r<="9"))return null}return e.substring(0,6)}(t);if(n){Ir(o,{hash:n,level:r.logLevel,containsPii:r.containsPii||!1,milliseconds:0})}if(r.logLevel>this.level||!this.piiLoggingEnabled&&r.containsPii)return;const i=`${`[${(new Date).toUTCString()}] : [${o}]`} : ${this.packageName}@${this.packageVersion} : ${e.LogLevel[r.logLevel]} - ${t}`;this.executeCallback(r.logLevel,i,r.containsPii||!1)}executeCallback(e,t,r){this.localCallback&&this.localCallback(e,t,r)}error(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!1,correlationId:r})}errorPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!0,correlationId:r})}warning(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!1,correlationId:r})}warningPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!0,correlationId:r})}info(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!1,correlationId:r})}infoPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!0,correlationId:r})}verbose(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!1,correlationId:r})}verbosePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!0,correlationId:r})}trace(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!1,correlationId:r})}tracePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!0,correlationId:r})}isPiiLoggingEnabled(){return this.piiLoggingEnabled||!1}}const Cr="@azure/msal-common",vr="16.11.0",kr={None:"none",AzurePublic:"https://login.microsoftonline.com",AzurePpe:"https://login.windows-ppe.net",AzureChina:"https://login.chinacloudapi.cn",AzureGermany:"https://login.microsoftonline.de",AzureUsGovernment:"https://login.microsoftonline.us"};function Tr(e,t,r){const o=function(e,t){if(!e)throw Pe(rt,t);const r=/^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/.exec(e);if(!r||r.length<4)throw Pe(tt,t);return r[2]}(e,r);try{const e=t(o);return JSON.parse(e)}catch(e){throw Pe(tt,r)}}function br(e){if(!e.signin_state)return!1;const t=["kmsi","dvc_dmjd"];return e.signin_state.some((e=>t.includes(e.trim().toLowerCase())))}function Ar(e,t){return!!e&&!!t&&e===t.split(".")[1]}function Sr(e,t,r,o,n){if(n){const{oid:t,sub:r,tid:i,name:s,tfp:a,acr:c,preferred_username:l,upn:h,login_hint:d}=n,u=i||a||c||"";return{tenantId:u,localAccountId:t||r||"",name:s,username:l||h||"",loginHint:d,isHomeTenant:Ar(u,e),upn:h,...o&&{nativeAccountId:o}}}return{tenantId:r,localAccountId:t,username:"",isHomeTenant:Ar(r,e),...o&&{nativeAccountId:o}}}function _r(e,t,r,o){let n=e;if(t){const{isHomeTenant:r,...o}=t;n={...e,...o}}if(r){const{isHomeTenant:t,...i}=Sr(e.homeAccountId,e.localAccountId,e.tenantId,n.nativeAccountId,r);return n={...n,...i,idTokenClaims:r,idToken:o,kmsi:br(r)},n}return n}class Er{get urlString(){return this._urlString}constructor(e,t){if(this._urlString=e,this.correlationId=t,!this._urlString)throw Se(xe,t);e.includes("#")||(this._urlString=Er.canonicalizeUri(e))}static canonicalizeUri(e){if(e){let t=e.toLowerCase();return _e.endsWith(t,"?")?t=t.slice(0,-1):_e.endsWith(t,"?/")&&(t=t.slice(0,-2)),_e.endsWith(t,"/")||(t+="/"),t}return e}validateAsUri(){let e;try{e=this.getUrlComponents()}catch(e){throw Se(Me,this.correlationId)}if(!e.HostNameAndPort||!e.PathSegments)throw Se(Me,this.correlationId);if(!e.Protocol||"https:"!==e.Protocol.toLowerCase())throw Se(Oe,this.correlationId)}static appendQueryString(e,t){return t?e.indexOf("?")<0?`${e}?${t}`:`${e}&${t}`:e}static removeHashFromUrl(e){return Er.canonicalizeUri(e.split("#")[0])}replaceTenantPath(e){const t=this.getUrlComponents(),r=t.PathSegments;return!e||0===r.length||r[0]!==_&&r[0]!==E||(r[0]=e),Er.constructAuthorityUriFromObject(t,this.correlationId)}getUrlComponents(){const e=RegExp("^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?"),t=this.urlString.match(e);if(!t)throw Se(Me,this.correlationId);const r={Protocol:t[1],HostNameAndPort:t[4],AbsolutePath:t[5],QueryString:t[7]};let o=r.AbsolutePath.split("/");return o=o.filter((e=>e&&e.length>0)),r.PathSegments=o,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(e,t){const r=RegExp("^([^:/?#]+://)?([^/?#]*)"),o=e.match(r);if(!o)throw Se(Me,t);return o[2]}static getAbsoluteUrl(e,t,r){if("/"===e[0]){const o=new Er(t,r).getUrlComponents();return o.Protocol+"//"+o.HostNameAndPort+e}return e}static constructAuthorityUriFromObject(e,t){return new Er(e.Protocol+"//"+e.HostNameAndPort+"/"+e.PathSegments.join("/"),t)}}const Pr={endpointMetadata:[{host:"login.microsoftonline.com"},{host:"login.chinacloudapi.cn",issuerHost:"login.partner.microsoftonline.cn"},{host:"login.microsoftonline.us"},{host:"login.sovcloud-identity.fr"},{host:"login.sovcloud-identity.de"},{host:"login.sovcloud-identity.sg"}].reduce(((e,{host:t,issuerHost:r})=>(e[t]=function(e,t){return{token_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/token`,jwks_uri:`https://${e}/{tenantid}/discovery/v2.0/keys`,issuer:`https://${t}/{tenantid}/v2.0`,authorization_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/authorize`,end_session_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/logout`}}(t,r||t),e)),{}),instanceDiscoveryMetadata:{metadata:[{preferred_network:"login.microsoftonline.com",preferred_cache:"login.windows.net",aliases:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{preferred_network:"login.partner.microsoftonline.cn",preferred_cache:"login.partner.microsoftonline.cn",aliases:["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{preferred_network:"login.microsoftonline.de",preferred_cache:"login.microsoftonline.de",aliases:["login.microsoftonline.de"]},{preferred_network:"login.microsoftonline.us",preferred_cache:"login.microsoftonline.us",aliases:["login.microsoftonline.us","login.usgovcloudapi.net"]},{preferred_network:"login-us.microsoftonline.com",preferred_cache:"login-us.microsoftonline.com",aliases:["login-us.microsoftonline.com"]},{preferred_network:"login.sovcloud-identity.fr",preferred_cache:"login.sovcloud-identity.fr",aliases:["login.sovcloud-identity.fr"]},{preferred_network:"login.sovcloud-identity.de",preferred_cache:"login.sovcloud-identity.de",aliases:["login.sovcloud-identity.de"]},{preferred_network:"login.sovcloud-identity.sg",preferred_cache:"login.sovcloud-identity.sg",aliases:["login.sovcloud-identity.sg"]},{preferred_network:"login.windows-ppe.net",preferred_cache:"login.windows-ppe.net",aliases:["login.windows-ppe.net","sts.windows-ppe.net","login.microsoft-ppe.com"]}]}},Rr=Pr.endpointMetadata,Or=Pr.instanceDiscoveryMetadata,Mr=new Set;function xr(e,t,r,o,n){if(e.trace(`1bmquz ${n}`,t),r&&o){const i=qr(o,r);if(i)return e.trace(`1fotbt ${n}`,t),i.aliases;e.trace(`14avvj ${n}`,t)}return null}function qr(e,t){for(let r=0;r<e.length;r++){const o=e[r];if(o.aliases.includes(t))return o}return null}Or.metadata.forEach((e=>{e.aliases.forEach((e=>{Mr.add(e)}))}));const Nr="cache_quota_exceeded";class Ur extends Error{constructor(e,t){const r=t||ke(e);super(r),Object.setPrototypeOf(this,Ur.prototype),this.name="CacheError",this.errorCode=e,this.errorMessage=r}}function Lr(e){return e instanceof Error?"QuotaExceededError"===e.name||"NS_ERROR_DOM_QUOTA_REACHED"===e.name||e.message.includes("exceeded the quota")?new Ur(Nr):new Ur(e.name,e.message):new Ur("cache_error_unknown")}function Fr(e,t){if(!e)throw Pe(et,"");try{const r=t(e);return JSON.parse(r)}catch(e){throw Pe(Xe,"")}}function Hr(e){if(!e)throw Pe(Xe,"");const t=e.split(".",2);return{uid:t[0],utid:t.length<2?"":t[1]}}const Dr=0,$r=1,Kr=2,Br=3;function zr(e){if(e){return e.tid||e.tfp||e.acr||null}return null}const jr={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"};function Jr(e){const t=e.tenantProfiles||[];0===t.length&&e.realm&&e.localAccountId&&t.push(Sr(e.homeAccountId,e.localAccountId,e.realm,e.nativeAccountId));const r=t.find((t=>t.tenantId===e.realm)),o=r?.nativeAccountId||e.nativeAccountId;return{homeAccountId:e.homeAccountId,environment:e.environment,tenantId:e.realm,username:e.username,localAccountId:e.localAccountId,loginHint:e.loginHint,name:e.name,nativeAccountId:o,authorityType:e.authorityType,tenantProfiles:new Map(t.map((e=>[e.tenantId,e]))),dataBoundary:e.dataBoundary}}function Wr(e,t,r){const o=Array.from(e.tenantProfiles?.values()||[]);if(0===o.length&&e.tenantId&&e.localAccountId)o.push(Sr(e.homeAccountId,e.localAccountId,e.tenantId,e.nativeAccountId,e.idTokenClaims));else if(e.nativeAccountId){const t=o.find((t=>t.tenantId===e.tenantId));t&&!t.nativeAccountId&&(t.nativeAccountId=e.nativeAccountId)}return{authorityType:e.authorityType||$,homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,nativeAccountId:e.nativeAccountId,realm:e.tenantId,environment:e.environment,username:e.username,loginHint:e.loginHint,name:e.name,cloudGraphHostName:t,msGraphHost:r,tenantProfiles:o,dataBoundary:e.dataBoundary}}function Gr(e,t,r,o,n,i){if(t!==$r&&t!==Kr){if(e)try{const t=Fr(e,o.base64Decode);if(t.uid&&t.utid)return`${t.uid}.${t.utid}`}catch(e){}r.warning("1ub6wv",n)}return i?.sub||""}class Qr{constructor(e,t,r,o,n){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(Cr,vr),this.staticAuthorityOptions=n,this.performanceClient=o}getAllAccounts(e={},t){return this.buildTenantProfiles(this.getAccountsFilteredBy(e,t),t,e)}getAccountInfoFilteredBy(e,t){if(0===Object.keys(e).length||Object.values(e).every((e=>null==e||""===e)))return this.commonLogger.warning("1skb02",t),null;const r=this.getAllAccounts(e,t);if(r.length>1){return r.sort(((e,t)=>{const r=e.idTokenClaims?1:0;return(t.idTokenClaims?1:0)-r}))[0]}return 1===r.length?r[0]:null}getBaseAccountInfo(e,t){const r=this.getAccountsFilteredBy(e,t);return r.length>0?Jr(r[0]):null}buildTenantProfiles(e,t,r){return e.flatMap((e=>this.getTenantProfilesFromAccountEntity(e,t,r?.tenantId,r)))}getTenantedAccountInfoByFilter(e,t,r,o,n){let i,s=null;if(n&&!this.tenantProfileMatchesFilter(r,n))return null;const a=this.getIdToken(e,o,t,r.tenantId);return a&&(i=Tr(a.secret,this.cryptoImpl.base64Decode,o),!this.idTokenClaimsMatchTenantProfileFilter(i,n))?null:(s=_r(e,r,i,a?.secret),s)}getTenantProfilesFromAccountEntity(e,t,r,o){const n=Jr(e);let i=n.tenantProfiles||new Map;const s=this.getTokenKeys();if(r){const e=i.get(r);if(!e)return[];i=new Map([[r,e]])}const a=[];return i.forEach((e=>{const r=this.getTenantedAccountInfoByFilter(n,s,e,t,o);r&&a.push(r)})),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId))&&((!t.name||e.name===t.name)&&((void 0===t.isHomeTenant||e.isHomeTenant===t.isHomeTenant)&&(!(t.username&&!this.matchUsername(e.username,t.username)&&!this.matchUsername(e.upn,t.username))&&(!(t.loginHint&&!this.matchLoginHintWithTenantProfile(e,t.loginHint))&&((!t.upn||e.upn===t.upn)&&(!t.nativeAccountId||e.nativeAccountId===t.nativeAccountId))))))}idTokenClaimsMatchTenantProfileFilter(e,t){if(t){if(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId))return!1;if(t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint))return!1;if(t.username&&!this.matchUsername(e.preferred_username,t.username)&&!this.matchUsername(e.upn,t.username))return!1;if(t.name&&!this.matchName(e,t.name))return!1;if(t.sid&&!this.matchSid(e,t.sid))return!1}return!0}async saveCacheRecord(e,t,r,o,n){if(!e)throw Pe(yt,t);try{e.account&&await this.setAccount(e.account,t,r,o),e.idToken&&!1!==n?.idToken&&await this.setIdTokenCredential(e.idToken,t,r),e.accessToken&&!1!==n?.accessToken&&await this.saveAccessToken(e.accessToken,t,r),e.refreshToken&&!1!==n?.refreshToken&&await this.setRefreshTokenCredential(e.refreshToken,t,r),e.appMetadata&&this.setAppMetadata(e.appMetadata,t)}catch(e){throw this.commonLogger?.error("0j476p",t),e instanceof Te?e:Lr(e)}}async saveAccessToken(e,t,r){const o={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType},n=this.getTokenKeys(),i=qt.fromString(e.target,t);n.accessToken.forEach((e=>{if(!this.accessTokenKeyMatchesFilter(e,o,!1))return;const r=this.getAccessTokenCredential(e,t);if(r&&this.credentialMatchesFilter(r,o,t)){qt.fromString(r.target,t).intersectingScopeSets(i)&&this.removeAccessToken(e,t)}})),await this.setAccessTokenCredential(e,t,r)}getAccountsFilteredBy(e,t){const r=this.getAccountKeys(),o=[];return r.forEach((r=>{const n=this.getAccount(r,t);if(!n)return;if(e.homeAccountId&&!this.matchHomeAccountId(n,e.homeAccountId))return;if(e.environment&&!this.matchEnvironment(n,e.environment,t))return;if(e.realm&&!this.matchRealm(n,e.realm))return;if(e.authorityType&&!this.matchAuthorityType(n,e.authorityType))return;const i={localAccountId:e?.localAccountId,name:e?.name,username:e?.username,loginHint:e?.loginHint,upn:e?.upn,nativeAccountId:e?.nativeAccountId},s=n.tenantProfiles?.filter((e=>this.tenantProfileMatchesFilter(e,i)));s&&0===s.length||o.push(n)})),o}credentialMatchesFilter(e,t,r){if(t.clientId&&!this.matchClientId(e,t.clientId))return!1;if(t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash))return!1;if("string"==typeof t.homeAccountId&&!this.matchHomeAccountId(e,t.homeAccountId))return!1;if(t.environment&&!this.matchEnvironment(e,t.environment,r))return!1;if(t.realm&&!this.matchRealm(e,t.realm))return!1;if(t.credentialType&&!this.matchCredentialType(e,t.credentialType))return!1;if(t.familyId&&!this.matchFamilyId(e,t.familyId))return!1;if(t.target&&!this.matchTarget(e,t.target,r))return!1;if(e.credentialType===K.ACCESS_TOKEN_WITH_AUTH_SCHEME){if(t.tokenType&&!this.matchTokenType(e,t.tokenType))return!1;if(t.tokenType===X.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId))return!1}const o=e.additionalCacheKeyComponents,n=t.additionalCacheKeyComponents,i=!!o&&Object.keys(o).length>0,s=!!n&&Object.keys(n).length>0;if(i!==s)return!1;if(i&&s){const e=Object.keys(o).sort(),t=Object.keys(n).sort();if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r]||o[e[r]]!==n[t[r]])return!1}return!0}getAppMetadataFilteredBy(e,t){const r=this.getKeys(),o={};return r.forEach((r=>{if(!this.isAppMetadata(r))return;const n=this.getAppMetadata(r,t);n&&(e.environment&&!this.matchEnvironment(n,e.environment,t)||e.clientId&&!this.matchClientId(n,e.clientId)||(o[r]=n))})),o}getAuthorityMetadataByAlias(e,t){const r=this.getAuthorityMetadataKeys();let o=null;return r.forEach((r=>{if(!this.isAuthorityMetadata(r)||-1===r.indexOf(this.clientId))return;const n=this.getAuthorityMetadata(r,t);n&&-1!==n.aliases.indexOf(e)&&(o=n)})),o}removeAllAccounts(e){this.getAllAccounts({},e).forEach((t=>{this.removeAccount(t,e)}))}removeAccount(e,t){this.removeAccountContext(e,t);this.getAccountKeys().filter((t=>t.includes(e.homeAccountId)&&t.includes(e.environment))).forEach((e=>{this.removeItem(e,t),this.performanceClient.incrementFields({accountsRemoved:1},t)}))}removeAccountContext(e,t){const r=this.getTokenKeys(),o=t=>t.includes(e.homeAccountId)&&t.includes(e.environment);r.idToken.filter(o).forEach((e=>{this.removeIdToken(e,t)})),r.accessToken.filter(o).forEach((e=>{this.removeAccessToken(e,t)})),r.refreshToken.filter(o).forEach((e=>{this.removeRefreshToken(e,t)}))}removeAccessToken(e,t){const r=this.getAccessTokenCredential(e,t);if(r&&(this.removeItem(e,t),this.performanceClient.incrementFields({accessTokensRemoved:1},t),r.credentialType.toLowerCase()===K.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()&&r.tokenType===X.POP)){const e=r.keyId;e&&this.cryptoImpl.removeTokenBindingKey(e,t).catch((()=>{this.commonLogger.error(`0cx291 ${e}`,t),this.performanceClient?.incrementFields({removeTokenBindingKeyFailure:1},t)}))}}removeAppMetadata(e){return this.getKeys().forEach((t=>{this.isAppMetadata(t)&&this.removeItem(t,e)})),!0}getIdToken(e,t,r,o){this.commonLogger.trace("1drz22",t);const n={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:K.ID_TOKEN,clientId:this.clientId,realm:o},i=this.getIdTokensByFilter(n,t,r),s=i.size;if(s<1)return this.commonLogger.info("1atvtd",t),null;if(s>1){let r=i;if(!o){const o=new Map;i.forEach(((t,r)=>{t.realm===e.tenantId&&o.set(r,t)}));const n=o.size;if(n<1)return this.commonLogger.info("0ooalx",t),i.values().next().value??null;if(1===n)return this.commonLogger.info("1eq2vc",t),o.values().next().value??null;r=o}return this.commonLogger.info("1ws328",t),r.forEach(((e,r)=>{this.removeIdToken(r,t)})),this.performanceClient.addFields({multiMatchedID:i.size},t),null}return this.commonLogger.info("1sm769",t),i.values().next().value??null}getIdTokensByFilter(e,t,r){const o=r&&r.idToken||this.getTokenKeys().idToken,n=new Map;return o.forEach((r=>{if(!this.idTokenKeyMatchesFilter(r,{clientId:this.clientId,...e}))return;const o=this.getIdTokenCredential(r,t);o&&this.credentialMatchesFilter(o,e,t)&&n.set(r,o)})),n}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.clientId||-1!==r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase()))}removeIdToken(e,t){this.removeItem(e,t)}removeRefreshToken(e,t){this.removeItem(e,t)}getAccessToken(e,t,r,o){const n=t.correlationId;this.commonLogger.trace("1t7hz1",n);const i=qt.createSearchScopes(t.scopes,n),s=t.authenticationScheme||X.BEARER,a=s&&s.toLowerCase()!==X.BEARER.toLowerCase()?K.ACCESS_TOKEN_WITH_AUTH_SCHEME:K.ACCESS_TOKEN,c={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:a,clientId:this.clientId,realm:o||e.tenantId,target:i,tokenType:s,keyId:t.sshKid},l=r&&r.accessToken||this.getTokenKeys().accessToken,h=[];l.forEach((e=>{if(this.accessTokenKeyMatchesFilter(e,c,!0)){const t=this.getAccessTokenCredential(e,n);t&&this.credentialMatchesFilter(t,c,n)&&h.push(t)}}));const d=h.length;return d<1?(this.commonLogger.info("1nckna",n),null):d>1?(this.commonLogger.info("1wkfwp",n),h.forEach((e=>{this.removeAccessToken(this.generateCredentialKey(e),n)})),this.performanceClient.addFields({multiMatchedAT:h.length},n),null):(this.commonLogger.info("06yt98",n),h[0])}accessTokenKeyMatchesFilter(e,t,r){const o=e.toLowerCase();if(t.clientId&&-1===o.indexOf(t.clientId.toLowerCase()))return!1;if(t.homeAccountId&&-1===o.indexOf(t.homeAccountId.toLowerCase()))return!1;if(t.realm&&-1===o.indexOf(t.realm.toLowerCase()))return!1;if(t.target){const e=t.target.asArray();for(let t=0;t<e.length;t++){if(r&&!o.includes(e[t].toLowerCase()))return!1;if(!r&&o.includes(e[t].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e,t){const r=this.getTokenKeys(),o=[];return r.accessToken.forEach((r=>{if(!this.accessTokenKeyMatchesFilter(r,e,!0))return;const n=this.getAccessTokenCredential(r,t);n&&this.credentialMatchesFilter(n,e,t)&&o.push(n)})),o}getRefreshToken(e,t,r,o){this.commonLogger.trace("0x53vi",r);const n=t?z:void 0,i={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:K.REFRESH_TOKEN,clientId:this.clientId,familyId:n},s=o&&o.refreshToken||this.getTokenKeys().refreshToken,a=[];s.forEach((e=>{if(this.refreshTokenKeyMatchesFilter(e,i)){const t=this.getRefreshTokenCredential(e,r);t&&this.credentialMatchesFilter(t,i,r)&&a.push(t)}}));const c=a.length;return c<1?(this.commonLogger.info("0dlw11",r),null):(c>1&&this.performanceClient.addFields({multiMatchedRT:c},r),this.commonLogger.info("0wcnep",r),a[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.familyId||-1!==r.indexOf(t.familyId.toLowerCase()))&&(!(!t.familyId&&t.clientId&&-1===r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase())))}readAppMetadataFromCache(e,t){const r={environment:e,clientId:this.clientId},o=this.getAppMetadataFilteredBy(r,t),n=Object.keys(o).map((e=>o[e])),i=n.length;if(i<1)return null;if(i>1)throw Pe(dt,t);return n[0]}isAppMetadataFOCI(e,t){const r=this.readAppMetadataFromCache(e,t);return!(!r||r.familyId!==z)}matchHomeAccountId(e,t){return!("string"!=typeof e.homeAccountId||t!==e.homeAccountId)}matchLocalAccountIdFromTokenClaims(e,t){return t===(e.oid||e.sub)}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){return!(t.toLowerCase()!==e.name?.toLowerCase())}matchUsername(e,t){return!(!e||"string"!=typeof e||t?.toLowerCase()!==e.toLowerCase())}matchLoginHintWithTenantProfile(e,t){return e.loginHint===t||e.username===t||e.upn===t}matchUserAssertionHash(e,t){return!(!e.userAssertionHash||t!==e.userAssertionHash)}matchEnvironment(e,t,r){if(this.staticAuthorityOptions){const o=function(e,t,r){let o;const n=e.canonicalAuthority;if(n){const i=new Er(n,r).getUrlComponents().HostNameAndPort;o=xr(t,r,i,e.cloudDiscoveryMetadata?.metadata,J)||xr(t,r,i,Or.metadata,Q)||e.knownAuthorities}return o||[]}(this.staticAuthorityOptions,this.commonLogger,r);if(o.includes(t)&&o.includes(e.environment))return!0}const o=this.getAuthorityMetadataByAlias(t,r);return!!(o&&o.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!(!e.clientId||t!==e.clientId)}matchFamilyId(e,t){return!(!e.familyId||t!==e.familyId)}matchRealm(e,t){return!(e.realm?.toLowerCase()!==t.toLowerCase())}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t||(e.preferred_username===t||(e.upn===t||!(!e.emails||!e.emails.includes(t))))}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!(!e.authorityType||t.toLowerCase()!==e.authorityType.toLowerCase())}matchTarget(e,t,r){if(e.credentialType!==K.ACCESS_TOKEN&&e.credentialType!==K.ACCESS_TOKEN_WITH_AUTH_SCHEME||!e.target)return!1;return qt.fromString(e.target,r).containsScopeSet(t)}matchTokenType(e,t){return!(!e.tokenType||e.tokenType!==t)}matchKeyId(e,t){return!(!e.keyId||e.keyId!==t)}isAppMetadata(e){return-1!==e.indexOf(B)}isAuthorityMetadata(e){return-1!==e.indexOf(j)}generateAuthorityMetadataCacheKey(e){return`${j}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class Vr extends Qr{async setAccount(){throw Pe(Pt,"")}getAccount(){throw Pe(Pt,"")}async setIdTokenCredential(){throw Pe(Pt,"")}getIdTokenCredential(){throw Pe(Pt,"")}async setAccessTokenCredential(){throw Pe(Pt,"")}getAccessTokenCredential(){throw Pe(Pt,"")}async setRefreshTokenCredential(){throw Pe(Pt,"")}getRefreshTokenCredential(){throw Pe(Pt,"")}setAppMetadata(){throw Pe(Pt,"")}getAppMetadata(){throw Pe(Pt,"")}setServerTelemetry(){throw Pe(Pt,"")}getServerTelemetry(){throw Pe(Pt,"")}setAuthorityMetadata(){throw Pe(Pt,"")}getAuthorityMetadata(){throw Pe(Pt,"")}getAuthorityMetadataKeys(){throw Pe(Pt,"")}setThrottlingCache(){throw Pe(Pt,"")}getThrottlingCache(){throw Pe(Pt,"")}removeItem(){throw Pe(Pt,"")}getKeys(){throw Pe(Pt,"")}getAccountKeys(){throw Pe(Pt,"")}getTokenKeys(){throw Pe(Pt,"")}generateCredentialKey(){throw Pe(Pt,"")}generateAccountKey(){throw Pe(Pt,"")}}const Yr=1,Zr=2,Xr="ext.",eo=new Set(["accessTokenSize","durationMs","idTokenSize","matsSilentStatus","matsHttpStatus","refreshTokenSize","startTimeMs","status","multiMatchedAT","multiMatchedID","multiMatchedRT","unencryptedCacheCount","encryptedCacheExpiredCount","oldAccountCount","oldAccessCount","oldIdCount","oldRefreshCount","currAccountCount","currAccessCount","currIdCount","currRefreshCount","ttlExpiredAcntCount","ttlExpiredITCount","ttlExpiredATCount","ttlExpiredRTCount","decryptFailedAcntCount","decryptFailedITCount","decryptFailedATCount","decryptFailedRTCount","invalidAcntCount","invalidITCount","invalidATCount","invalidRTCount","expiredATCount","expiredRTCount","upgradedCacheCount","cacheMatchedAccounts","networkRtt","redirectBridgeTimeoutMs","redirectBridgeMessageVersion"]);class to{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:Yr,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""}}}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}addGlobalFields(){}incrementFields(){}cacheEventByCorrelationId(){}}const ro={tokenRenewalOffsetSeconds:300,preventCorsPreflight:!1},oo={loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info,correlationId:""},no={async sendGetRequestAsync(){throw Pe(Pt,"")},async sendPostRequestAsync(){throw Pe(Pt,"")}},io={sku:"msal.js.common",version:vr,cpu:"",os:""},so={clientSecret:"",clientAssertion:void 0},ao={azureCloudInstance:kr.None,tenant:`${r}`},co={application:{appName:"",appVersion:""}};function lo({authOptions:e,systemOptions:t,loggerOptions:r,storageInterface:o,networkInterface:n,cryptoInterface:i,clientCredentials:s,libraryInfo:a,telemetry:c,serverTelemetryManager:l,persistencePlugin:h,serializableCache:d}){const u={...oo,...r};return{authOptions:(g=e,{clientCapabilities:[],azureCloudOptions:ao,instanceAware:!1,isMcp:!1,...g}),systemOptions:{...ro,...t},loggerOptions:u,storageInterface:o||new Vr(e.clientId,mr,new wr(u,Cr,vr),new to),networkInterface:n||no,cryptoInterface:i||mr,clientCredentials:s||so,libraryInfo:{...io,...a},telemetry:{...co,...c},serverTelemetryManager:l||null,persistencePlugin:h||null,serializableCache:d||null};var g}function ho(e){return e.authOptions.authority.options.protocolMode===jr.OIDC}class uo{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}function go(){return Math.round((new Date).getTime()/1e3)}function po(e){return e.getTime()/1e3}function mo(e){return e?new Date(1e3*Number(e)):new Date}function fo(e,t){const r=Number(e)||0;return go()+t>r}function yo(e,t){const r=Number(e)+24*t*60*60*1e3;return Date.now()>r}function Io(e){return Number(e)>go()}function wo(e,t,r,o,n){return{credentialType:K.ID_TOKEN,homeAccountId:e,environment:t,clientId:o,secret:r,realm:n,lastUpdatedAt:Date.now().toString()}}function Co(e,t,r,o,n,i,s,a,c,l,h,d,u,g,p){const m={homeAccountId:e,credentialType:K.ACCESS_TOKEN,secret:r,cachedAt:go().toString(),expiresOn:s.toString(),extendedExpiresOn:a.toString(),environment:t,clientId:o,realm:n,target:i,tokenType:d||X.BEARER,lastUpdatedAt:Date.now().toString()};if(u&&(m.userAssertionHash=u),h&&(m.refreshOn=h.toString()),m.tokenType?.toLowerCase()!==X.BEARER.toLowerCase())switch(m.credentialType=K.ACCESS_TOKEN_WITH_AUTH_SCHEME,m.tokenType){case X.POP:const e=Tr(r,c,l);if(!e?.cnf?.kid)throw Pe(kt,l);m.keyId=e.cnf.kid;break;case X.SSH:m.keyId=g}return p&&Object.keys(p).length>0&&(m.additionalCacheKeyComponents=p),m}function vo(e,t,r,o,n,i,s){const a={credentialType:K.REFRESH_TOKEN,homeAccountId:e,environment:t,clientId:o,secret:r,lastUpdatedAt:Date.now().toString()};return i&&(a.userAssertionHash=i),n&&(a.familyId=n),s&&(a.expiresOn=s.toString()),a}function ko(e){return e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("credentialType")&&e.hasOwnProperty("clientId")&&e.hasOwnProperty("secret")}function To(e){return!!e&&(ko(e)&&e.hasOwnProperty("realm")&&e.hasOwnProperty("target")&&(e.credentialType===K.ACCESS_TOKEN||e.credentialType===K.ACCESS_TOKEN_WITH_AUTH_SCHEME))}function bo(e){return!!e&&(ko(e)&&e.credentialType===K.REFRESH_TOKEN)}function Ao(){return go()+86400}function So(e,t,r){e.authorization_endpoint=t.authorization_endpoint,e.token_endpoint=t.token_endpoint,e.end_session_endpoint=t.end_session_endpoint,e.issuer=t.issuer,e.endpointsFromNetwork=r,e.jwks_uri=t.jwks_uri}function _o(e,t,r){e.aliases=t.aliases,e.preferred_cache=t.preferred_cache,e.preferred_network=t.preferred_network,e.aliasesFromNetwork=r}function Eo(e){return e.expiresAt<=go()}const Po="networkClientSendPostRequestAsync",Ro="refreshTokenClientAcquireTokenWithCachedRefreshToken",Oo="getAuthCodeUrl",Mo="handleCodeResponseFromServer",xo="popTokenGenerateCnf",qo="handleServerTokenResponse",No="authorityUpdateMetadataWithRegionalInformation",Uo="regionDiscoveryGetRegionFromIMDS",Lo=(e,t,r,o,n)=>(...i)=>{r.trace(`1plfzx ${t}`,n);const s=o.startMeasurement(t,n);n&&o.incrementFields({[`ext.${t}CallCount`]:1},n);try{const o=e(...i);return s.end({success:!0}),r.trace(`1g8n6a ${t}`,n),o}catch(e){r.trace(`0cfd8i ${t}`,n);try{r.trace(JSON.stringify(e),n)}catch(e){r.trace("00dty7",n)}throw s.end({success:!1},e),e}},Fo=(e,t,r,o,n)=>(...i)=>{r.trace(`1plfzx ${t}`,n);const s=o.startMeasurement(t,n);return n&&o.incrementFields({[`ext.${t}CallCount`]:1},n),e(...i).then((e=>(r.trace(`1g8n6a ${t}`,n),s.end({success:!0}),e))).catch((e=>{r.trace(`0cfd8i ${t}`,n);try{r.trace(JSON.stringify(e),n)}catch(e){r.trace("00dty7",n)}throw s.end({success:!1},e),e}))},Ho="sw";class Do{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){const r=await Fo(this.generateKid.bind(this),xo,t,this.performanceClient,e.correlationId)(e),o=this.cryptoUtils.base64UrlEncode(JSON.stringify(r));return{kid:r.kid,reqCnfString:o}}async generateKid(e){return{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:Ho}}async signPopToken(e,t,r){return this.signPayload(e,t,r)}async signPayload(e,t,r,o){const{resourceRequestMethod:n,resourceRequestUri:i,shrClaims:s,shrNonce:a,shrOptions:c}=r,l=i?new Er(i,r.correlationId):void 0,h=l?.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:go(),m:n?.toUpperCase(),u:h?.HostNameAndPort,nonce:a||this.cryptoUtils.createNewGuid(),p:h?.AbsolutePath,q:h?.QueryString?[[],h.QueryString]:void 0,client_claims:s||void 0,...o},t,c,r.correlationId)}}const $o="no_tokens_found",Ko="native_account_unavailable",Bo="refresh_token_expired",zo="ui_not_allowed",jo="interaction_required",Jo="consent_required",Wo="login_required",Go="bad_token",Qo="interrupted_user";var Vo=Object.freeze({__proto__:null,badToken:Go,consentRequired:Jo,interactionRequired:jo,interruptedUser:Qo,loginRequired:Wo,nativeAccountUnavailable:Ko,noTokensFound:$o,refreshTokenExpired:Bo,uiNotAllowed:zo});const Yo=[jo,Jo,Wo,Go,zo,Qo],Zo=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token","ui_not_allowed","interrupted_user"];class Xo extends Te{constructor(e,t,r,o,n,i,s,a){super(e,t,r,o),Object.setPrototypeOf(this,Xo.prototype),this.timestamp=n||"",this.traceId=i||"",this.claims=s||"",this.name="InteractionRequiredAuthError",this.errorNo=a}}function en(e,t,r){const o=!!e&&Yo.indexOf(e)>-1,n=!!r&&Zo.indexOf(r)>-1,i=!!t&&Yo.some((e=>t.indexOf(e)>-1));return o||i||n}function tn(e,t,r){return new Xo(e,t,r)}class rn extends Te{constructor(e,t,r,o,n,i){super(e,t,r,o),this.name="ServerError",this.errorNo=n,this.status=i,Object.setPrototypeOf(this,rn.prototype)}}function on(e,t,r,o){const n=function(e,t,r){if(!e)throw Pe(Ct,t);const o={id:e.createNewGuid()};r&&(o.meta=r);const n=JSON.stringify(o);return e.base64Encode(n)}(e,o,r);return t?`${n}|${t}`:n}function nn(e,t,r){if(!e)throw Pe(Ct,r);if(!t)throw Pe(at,r);try{const r=t.split("|"),o=r[0],n=r.length>1?r.slice(1).join("|"):"",i=e(o);return{userRequestState:n||"",libraryState:JSON.parse(i)}}catch(e){throw Pe(at,r)}}class sn{constructor(e,t,r,o,n,i,s){this.clientId=e,this.cacheStorage=t,this.cryptoObj=r,this.logger=o,this.performanceClient=n,this.serializableCache=i,this.persistencePlugin=s}validateTokenResponse(e,t,r){if(e.error||e.error_description||e.suberror){const o=`Error(s): ${e.error_codes||d} - Timestamp: ${e.timestamp||d} - Description: ${e.error_description||d} - Correlation ID: ${e.correlation_id||d} - Trace ID: ${e.trace_id||d}`,n=e.error_codes?.length?e.error_codes[0]:void 0,i=new rn(e.error||"",e.correlation_id||"",o,e.suberror,n,e.status);if(r&&e.status&&e.status>=500&&e.status<=599)return void this.logger.warning(`16ks7j ${i}`,t);if(r&&e.status&&e.status>=400&&e.status<=499)return void this.logger.warning(`0g61x3 ${i}`,t);if(en(e.error,e.error_description,e.suberror))throw new Xo(e.error||"",e.correlation_id||"",e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.claims||"",n);throw i}}async handleServerTokenResponse(e,t,r,o,n,i,s,a,c,l,h){let d,u;if(e.id_token&&(d=Tr(e.id_token||"",this.cryptoObj.base64Decode,o.correlationId),i&&i.nonce&&d.nonce!==i.nonce))throw Pe(ht,o.correlationId);this.homeAccountIdentifier=Gr(e.client_info||"",t.authorityType,this.logger,this.cryptoObj,o.correlationId,d),i&&i.state&&(u=nn(this.cryptoObj.base64Decode,i.state,o.correlationId)),e.key_id=e.key_id||o.sshKid||void 0;const g=this.generateCacheRecord(e,t,r,o,d,s,i,h);let p;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("0jbz5k",o.correlationId),p=new uo(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(p)),a&&!c&&g.account){if(this.cacheStorage.getAllAccounts({homeAccountId:g.account.homeAccountId,environment:g.account.environment},o.correlationId).length<1)return this.logger.warning("1gmt66",o.correlationId),this.performanceClient?.addFields({acntLoggedOut:!0},o.correlationId),await sn.generateAuthenticationResult(this.cryptoObj,t,g,!1,o,this.performanceClient,d,u,void 0,l)}await this.cacheStorage.saveCacheRecord(g,o.correlationId,br(d||{}),n,o.storeInCache)}finally{this.persistencePlugin&&this.serializableCache&&p&&(this.logger.verbose("1bh17u",o.correlationId),await this.persistencePlugin.afterCacheAccess(p))}return sn.generateAuthenticationResult(this.cryptoObj,t,g,!1,o,this.performanceClient,d,u,e,l)}generateCacheRecord(e,t,r,o,n,i,s,a){const c=t.getPreferredCache();if(!c)throw Pe(It,o.correlationId);const l=zr(n);let h,d;e.id_token&&n&&(h=wo(this.homeAccountIdentifier,c,e.id_token,this.clientId,l||""),d=an(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,o.correlationId,n,e.client_info,c,l,s,void 0,this.logger,this.performanceClient));let u=null;if(e.access_token){const n=e.scope?qt.fromString(e.scope,o.correlationId):new qt(o.scopes||[],o.correlationId),s=("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0,h=("string"==typeof e.ext_expires_in?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,d=("string"==typeof e.refresh_in?parseInt(e.refresh_in,10):e.refresh_in)||void 0,g=r+s,p=g+h,m=d&&d>0?r+d:void 0;u=Co(this.homeAccountIdentifier,c,e.access_token,this.clientId,l||t.tenant||"",n.printScopes(),g,p,this.cryptoObj.base64Decode,o.correlationId,m,e.token_type,i,e.key_id,a);const f=o.resource||null;f&&(u.resource=f)}let g=null;if(e.refresh_token){let t;if(e.refresh_token_expires_in){t=r+("string"==typeof e.refresh_token_expires_in?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in),this.performanceClient?.addFields({ntwkRtExpiresOnSeconds:t},o.correlationId)}g=vo(this.homeAccountIdentifier,c,e.refresh_token,this.clientId,e.foci,i,t)}let p=null;return e.foci&&(p={clientId:this.clientId,environment:c,familyId:e.foci}),{account:d,idToken:h,accessToken:u,refreshToken:g,appMetadata:p}}static async generateAuthenticationResult(e,t,r,o,n,i,s,a,c,l){let h,d,u="",g=[],p=null,m="";if(r.accessToken){if(r.accessToken.tokenType!==X.POP||n.popKid)u=r.accessToken.secret;else{const t=new Do(e,i),{secret:o,keyId:s}=r.accessToken;if(!s)throw Pe(St,n.correlationId);u=await t.signPopToken(o,s,n)}g=qt.fromString(r.accessToken.target,n.correlationId).asArray(),p=mo(r.accessToken.expiresOn),h=mo(r.accessToken.extendedExpiresOn),r.accessToken.refreshOn&&(d=mo(r.accessToken.refreshOn))}r.appMetadata&&(m=r.appMetadata.familyId===z?z:"");const f=s?.oid||s?.sub||"",y=s?.tid||"";if(c?.spa_accountid&&r.account){r.account.nativeAccountId=c?.spa_accountid;const e=y||r.account.realm;if(r.account.tenantProfiles){const t=r.account.tenantProfiles.find((t=>t.tenantId===e));t&&(t.nativeAccountId=c.spa_accountid)}}const I=r.account?_r(Jr(r.account),void 0,s,r.idToken?.secret):null;return{authority:t.canonicalAuthority,uniqueId:f,tenantId:y,scopes:g,account:I,idToken:r?.idToken?.secret||"",idTokenClaims:s||{},accessToken:u,fromCache:o,expiresOn:p,extExpiresOn:h,refreshOn:d,correlationId:n.correlationId,requestId:l||"",familyId:m,tokenType:r.accessToken?.tokenType||"",state:a?a.userRequestState:"",cloudGraphHostName:r.account?.cloudGraphHostName||"",msGraphHost:r.account?.msGraphHost||"",code:c?.spa_code,fromPlatformBroker:!1}}}function an(e,t,r,o,n,i,s,a,c,l,h,d,u){d?.verbose("09jz0t",n);const g=a||t.getPreferredCache(),p=e.getAccountsFilteredBy({homeAccountId:r,environment:g},n);u?.addFields({cacheMatchedAccounts:p.length},n),p.length>1&&d?.warning("0x7ad1",n);const m=(1===p.length?p[0]:null)||function(e,t,r,o){let n,i,s;n=t.authorityType===$r?"ADFS":t.protocolMode===jr.OIDC?$:"MSSTS",e.clientInfo&&o&&(i=Fr(e.clientInfo,o),i.xms_tdbr&&(s="EU"===i.xms_tdbr?"EU":"None"));const a=e.environment||t&&t.getPreferredCache();if(!a)throw Pe(It,r);const c=e.idTokenClaims?.preferred_username||e.idTokenClaims?.upn,l=e.idTokenClaims?.emails?e.idTokenClaims.emails[0]:null,h=c||l||"",d=e.idTokenClaims?.login_hint,u=i?.utid||zr(e.idTokenClaims)||"",g=i?.uid||e.idTokenClaims?.oid||e.idTokenClaims?.sub||"";let p;p=e.tenantProfiles?e.tenantProfiles:[Sr(e.homeAccountId,g,u,e.nativeAccountId,e.idTokenClaims)];return{homeAccountId:e.homeAccountId,environment:a,realm:u,localAccountId:g,username:h,authorityType:n,loginHint:d,clientInfo:e.clientInfo,name:e.idTokenClaims?.name||"",lastModificationTime:void 0,lastModificationApp:void 0,cloudGraphHostName:e.cloudGraphHostName,msGraphHost:e.msGraphHost,nativeAccountId:e.nativeAccountId,tenantProfiles:p,dataBoundary:s}}({homeAccountId:r,idTokenClaims:i,clientInfo:s,environment:a,cloudGraphHostName:l?.cloud_graph_host_name,msGraphHost:l?.msgraph_host,nativeAccountId:h},t,n,o),f=m.tenantProfiles||[],y=c||m.realm;if(y&&!f.find((e=>e.tenantId===y))){const e=Sr(r,m.localAccountId,y,h,i);f.push(e)}return m.tenantProfiles=f,m}const cn="home_account_id",ln="UPN";async function hn(e,t,r,o){if("string"==typeof e)return e;return e({clientId:t,tokenEndpoint:r,fmiPath:o})}function dn(e,t,r){return{clientId:e,authority:t.authority,scopes:t.scopes,homeAccountIdentifier:r,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid,embeddedClientId:t.embeddedClientId||t.extraParameters?.clientId,resource:t.resource}}class un{static generateThrottlingStorageKey(e){return`${ee}.${JSON.stringify(e)}`}static preProcess(e,t,r){const o=un.generateThrottlingStorageKey(t),n=e.getThrottlingCache(o,r);if(n){if(n.throttleTime<Date.now())return void e.removeItem(o,r);throw new rn(n.errorCodes?.join(" ")||"",r,n.errorMessage,n.subError)}}static postProcess(e,t,r,o){if(un.checkResponseStatus(r)||un.checkResponseForRetryAfter(r)){const n={throttleTime:un.calculateThrottleTime(parseInt(r.headers[C])),error:r.body.error,errorCodes:r.body.error_codes,errorMessage:r.body.error_description,subError:r.body.suberror};e.setThrottlingCache(un.generateThrottlingStorageKey(t),n,o)}}static checkResponseStatus(e){return 429===e.status||e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return!!e.headers&&(e.headers.hasOwnProperty(C)&&(e.status<200||e.status>=300))}static calculateThrottleTime(e){const t=e<=0?0:e,r=Date.now()/1e3;return Math.floor(1e3*Math.min(r+(t||60),r+3600))}static removeThrottle(e,t,r,o){const n=dn(t,r,o),i=this.generateThrottlingStorageKey(n);e.removeItem(i,r.correlationId)}}class gn extends Te{constructor(e,t,r){super(e.errorCode,e.correlationId,e.errorMessage,e.subError),Object.setPrototypeOf(this,gn.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=r}}function pn(e,t,r,o){return e.errorMessage=`${e.errorMessage}, additionalErrorInfo: error.name:${o?.name}, error.message:${o?.message}`,new gn(e,t,r)}function mn(e,t,r){const o={};if(o[I]="application/x-www-form-urlencoded;charset=utf-8",!t&&r)switch(r.type){case cn:try{const e=Hr(r.credential);o[v]=`Oid:${e.uid}@${e.utid}`}catch(t){e.verbose(`1qhtee ${t}`,"")}break;case ln:o[v]=`UPN: ${r.credential}`}return o}function fn(e,t,r,o){const n=new Map;return e.embeddedClientId&&lr(n,t,r),e.extraQueryParameters&&rr(n,e.extraQueryParameters),jt(n,e.correlationId),Nt(n,e.correlationId,o),gr(n)}async function yn(e,t,r,o,n,i,s,a,c,l){const h=await async function(e,t,r,o,n,i,s,a){let c;un.preProcess(n,e,o);try{c=await Fo(i.sendPostRequestAsync.bind(i),Po,s,a,o)(t,r);const e=c.headers||{};a?.addFields({refreshTokenSize:c.body.refresh_token?.length||0,httpVerToken:e[A]||"",requestId:e[b]||""},o)}catch(e){if(e instanceof gn){const t=e.responseHeaders;throw t&&a?.addFields({httpVerToken:t[A]||"",requestId:t[b]||"",contentTypeHeader:t[I]||void 0,contentLengthHeader:t[w]||void 0,httpStatus:e.httpStatus},o),e.error}throw e instanceof Te?e:Pe(nt,o)}return un.postProcess(n,e,c,o),c}(o,e,{body:t,headers:r},n,i,s,a,c);return l&&h.status<500&&429!==h.status&&l.clearTelemetryCache(),h}class In{constructor(e,t,r,o){this.networkInterface=e,this.logger=t,this.performanceClient=r,this.correlationId=o}async detectRegion(e,t){let r=e;if(r)t.region_source=re;else{const e=In.IMDS_OPTIONS;try{const o=await Fo(this.getRegionFromIMDS.bind(this),Uo,this.logger,this.performanceClient,this.correlationId)("2021-02-01",e);if(200===o.status&&(r=o.body?.location,r&&(t.region_source=oe)),400===o.status){const o=await Fo(this.getCurrentVersion.bind(this),"regionDiscoveryGetCurrentVersion",this.logger,this.performanceClient,this.correlationId)(e);if(!o)return t.region_source=te,null;const n=await Fo(this.getRegionFromIMDS.bind(this),Uo,this.logger,this.performanceClient,this.correlationId)(o,e);200===n.status&&(r=n.body?.location,r&&(t.region_source=oe))}}catch(e){return t.region_source=te,null}}return r||(t.region_source=te),r||null}async getRegionFromIMDS(e,t){return this.networkInterface.sendGetRequestAsync(`${u}?api-version=${e}`,t,2e3)}async getCurrentVersion(e){try{const t=await this.networkInterface.sendGetRequestAsync(`${u}?format=json`,e);return 400===t.status&&t.body&&t.body["newest-versions"]&&t.body["newest-versions"].length>0?t.body["newest-versions"][0]:null}catch(e){return null}}}In.IMDS_OPTIONS={headers:{Metadata:"true"}};class wn{constructor(e,t,r,o,n,i,s,a){this.canonicalAuthority=e,this._canonicalAuthority.validateAsUri(),this.networkInterface=t,this.cacheManager=r,this.authorityOptions=o,this.regionDiscoveryMetadata={region_used:void 0,region_source:void 0,region_outcome:void 0},this.logger=n,this.performanceClient=s,this.correlationId=i,this.managedIdentity=a||!1,this.regionDiscovery=new In(t,this.logger,this.performanceClient,this.correlationId)}getAuthorityType(e){if(e.HostNameAndPort.endsWith(n))return Br;const t=e.PathSegments;if(t.length)switch(t[0].toLowerCase()){case"adfs":return $r;case"dstsv2":return Kr}return Dr}get authorityType(){return this.getAuthorityType(this.canonicalAuthorityUrlComponents)}get protocolMode(){return this.authorityOptions.protocolMode}get options(){return this.authorityOptions}get canonicalAuthority(){return this._canonicalAuthority.urlString}set canonicalAuthority(e){this._canonicalAuthority=new Er(e,this.correlationId),this._canonicalAuthority.validateAsUri(),this._canonicalAuthorityUrlComponents=null}get canonicalAuthorityUrlComponents(){return this._canonicalAuthorityUrlComponents||(this._canonicalAuthorityUrlComponents=this._canonicalAuthority.getUrlComponents()),this._canonicalAuthorityUrlComponents}get hostnameAndPort(){return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()}get tenant(){return this.canonicalAuthorityUrlComponents.PathSegments[0]}get authorizationEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.authorization_endpoint);throw Pe(ot,this.correlationId)}get tokenEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint);throw Pe(ot,this.correlationId)}get deviceCodeEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint.replace("/token","/devicecode"));throw Pe(ot,this.correlationId)}get endSessionEndpoint(){if(this.discoveryComplete()){if(!this.metadata.end_session_endpoint)throw Pe(At,this.correlationId);return this.replacePath(this.metadata.end_session_endpoint)}throw Pe(ot,this.correlationId)}get selfSignedJwtAudience(){if(this.discoveryComplete())return this.replacePath(this.metadata.issuer);throw Pe(ot,this.correlationId)}get jwksUri(){if(this.discoveryComplete())return this.replacePath(this.metadata.jwks_uri);throw Pe(ot,this.correlationId)}canReplaceTenant(e){return 1===e.PathSegments.length&&!wn.reservedTenantDomains.has(e.PathSegments[0])&&this.getAuthorityType(e)===Dr&&this.protocolMode!==jr.OIDC}replaceTenant(e){return e.replace(/{tenant}|{tenantid}/g,this.tenant)}replacePath(e){let t=e;const r=new Er(this.metadata.canonical_authority,this.correlationId).getUrlComponents(),o=r.PathSegments;return this.canonicalAuthorityUrlComponents.PathSegments.forEach(((e,n)=>{let i=o[n];if(0===n&&this.canReplaceTenant(r)){const e=new Er(this.metadata.authorization_endpoint,this.correlationId).getUrlComponents().PathSegments[0];i!==e&&(this.logger.verbose(`1q3g2x ${i} ${e}`,this.correlationId),i=e)}e!==i&&(t=t.replace(`/${i}/`,`/${e}/`))})),this.replaceTenant(t)}get defaultOpenIdConfigurationEndpoint(){const e=this.hostnameAndPort;return this.canonicalAuthority.endsWith("v2.0/")||this.authorityType===$r||this.protocolMode===jr.OIDC&&!this.isAliasOfKnownMicrosoftAuthority(e)?`${this.canonicalAuthority}.well-known/openid-configuration`:`${this.canonicalAuthority}v2.0/.well-known/openid-configuration`}discoveryComplete(){return!!this.metadata}async resolveEndpointsAsync(){const e=this.getCurrentMetadataEntity(),t=await Fo(this.updateCloudDiscoveryMetadata.bind(this),"authorityUpdateCloudDiscoveryMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.canonicalAuthority=this.canonicalAuthority.replace(this.hostnameAndPort,e.preferred_network);const r=await Fo(this.updateEndpointMetadata.bind(this),"authorityUpdateEndpointMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.updateCachedMetadata(e,t,{source:r}),this.performanceClient?.addFields({cloudDiscoverySource:t,authorityEndpointSource:r},this.correlationId)}getCurrentMetadataEntity(){let e=this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort,this.correlationId);return e||(e={aliases:[],preferred_cache:this.hostnameAndPort,preferred_network:this.hostnameAndPort,canonical_authority:this.canonicalAuthority,authorization_endpoint:"",token_endpoint:"",end_session_endpoint:"",issuer:"",aliasesFromNetwork:!1,endpointsFromNetwork:!1,expiresAt:Ao(),jwks_uri:""}),e}updateCachedMetadata(e,t,r){t!==W&&r?.source!==W&&(e.expiresAt=Ao(),e.canonical_authority=this.canonicalAuthority);const o=this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache,this.correlationId);this.cacheManager.setAuthorityMetadata(o,e,this.correlationId),this.metadata=e}async updateEndpointMetadata(e){const t=this.updateEndpointMetadataFromLocalSources(e);if(t){if(t.source===Q&&this.authorityOptions.azureRegionConfiguration?.azureRegion&&t.metadata){So(e,await Fo(this.updateMetadataWithRegionalInformation.bind(this),No,this.logger,this.performanceClient,this.correlationId)(t.metadata),!1),e.canonical_authority=this.canonicalAuthority}return t.source}let r=await Fo(this.getEndpointMetadataFromNetwork.bind(this),"authorityGetEndpointMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return this.validateIssuer(r.issuer),this.authorityOptions.azureRegionConfiguration?.azureRegion&&(r=await Fo(this.updateMetadataWithRegionalInformation.bind(this),No,this.logger,this.performanceClient,this.correlationId)(r)),So(e,r,!0),G;throw Pe(it,this.defaultOpenIdConfigurationEndpoint,this.correlationId)}updateEndpointMetadataFromLocalSources(e){this.logger.verbose("1fi0kc",this.correlationId);const t=this.getEndpointMetadataFromConfig();if(t)return this.logger.verbose("06t0uj",this.correlationId),So(e,t,!1),{source:J};this.logger.verbose("151k0p",this.correlationId);const r=this.getEndpointMetadataFromHardcodedValues();if(r)return So(e,r,!1),{source:Q,metadata:r};this.logger.verbose("1imop5",this.correlationId);const o=Eo(e);return this.isAuthoritySameType(e)&&e.endpointsFromNetwork&&!o?(this.logger.verbose("16uq31",""),{source:W}):(o&&this.logger.verbose("0uoibc",""),null)}isAuthoritySameType(e){return new Er(e.canonical_authority,this.correlationId).getUrlComponents().PathSegments.length===this.canonicalAuthorityUrlComponents.PathSegments.length}getEndpointMetadataFromConfig(){if(this.authorityOptions.authorityMetadata)try{return JSON.parse(this.authorityOptions.authorityMetadata)}catch(e){throw Se(De,this.correlationId)}return null}async getEndpointMetadataFromNetwork(){const e={},t=this.defaultOpenIdConfigurationEndpoint;this.logger.verbose(`1y65x6 ${t}`,this.correlationId);try{const r=await this.networkInterface.sendGetRequestAsync(t,e),o=function(e){return e.hasOwnProperty("authorization_endpoint")&&e.hasOwnProperty("token_endpoint")&&e.hasOwnProperty("issuer")&&e.hasOwnProperty("jwks_uri")}(r.body);return o?r.body:(this.logger.verbose("1koyv8",this.correlationId),null)}catch(e){return this.logger.verbose(`0a9wik ${e}`,this.correlationId),null}}getEndpointMetadataFromHardcodedValues(){return this.hostnameAndPort in Rr?Rr[this.hostnameAndPort]:null}async updateMetadataWithRegionalInformation(e){const t=this.authorityOptions.azureRegionConfiguration?.azureRegion;if(t){if("TryAutoDetect"!==t)return this.regionDiscoveryMetadata.region_outcome=ne,this.regionDiscoveryMetadata.region_used=t,wn.replaceWithRegionalInformation(e,t,this.correlationId);const r=await Fo(this.regionDiscovery.detectRegion.bind(this.regionDiscovery),"regionDiscoveryDetectRegion",this.logger,this.performanceClient,this.correlationId)(this.authorityOptions.azureRegionConfiguration?.environmentRegion,this.regionDiscoveryMetadata);if(r)return this.regionDiscoveryMetadata.region_outcome=ie,this.regionDiscoveryMetadata.region_used=r,wn.replaceWithRegionalInformation(e,r,this.correlationId);this.regionDiscoveryMetadata.region_outcome=se}return e}async updateCloudDiscoveryMetadata(e){const t=this.updateCloudDiscoveryMetadataFromLocalSources(e);if(t)return t;const r=await Fo(this.getCloudDiscoveryMetadataFromNetwork.bind(this),"authorityGetCloudDiscoveryMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return _o(e,r,!0),G;throw Se($e,this.correlationId)}updateCloudDiscoveryMetadataFromLocalSources(e){this.logger.verbose("1tpqlr",this.correlationId),this.logger.verbosePii(`1fy7uz ${this.authorityOptions.knownAuthorities||h}`,this.correlationId),this.logger.verbosePii(`08zabj ${this.authorityOptions.authorityMetadata||h}`,this.correlationId),this.logger.verbosePii(`1o1kv3 ${e.canonical_authority||h}`,this.correlationId);const t=this.getCloudDiscoveryMetadataFromConfig();if(t)return this.logger.verbose("1nakio",this.correlationId),_o(e,t,!1),J;this.logger.verbose("1x74aj",this.correlationId);const r=(o=this.hostnameAndPort,qr(Or.metadata,o));var o;if(r)return this.logger.verbose("0by47c",this.correlationId),_o(e,r,!1),Q;this.logger.verbose("0r2fzy",this.correlationId);const n=Eo(e);return this.isAuthoritySameType(e)&&e.aliasesFromNetwork&&!n?(this.logger.verbose("1uffgh",""),W):(n&&this.logger.verbose("0uoibc",""),null)}getCloudDiscoveryMetadataFromConfig(){if(this.authorityType===Br)return this.logger.verbose("04y84h",this.correlationId),wn.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);if(this.authorityOptions.cloudDiscoveryMetadata){this.logger.verbose("0gszr3",this.correlationId);try{this.logger.verbose("1iifkx",this.correlationId);const e=qr(JSON.parse(this.authorityOptions.cloudDiscoveryMetadata).metadata,this.hostnameAndPort);if(this.logger.verbose("0q67e3",""),e)return this.logger.verbose("0hzfao",this.correlationId),e;this.logger.verbose("1ajz3u",this.correlationId)}catch(e){throw this.logger.verbose("1wq5tu",this.correlationId),Se(He,this.correlationId)}}return this.isInKnownAuthorities(this.hostnameAndPort)?(this.logger.verbose("0mt9al",this.correlationId),wn.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)):null}async getCloudDiscoveryMetadataFromNetwork(){const e=`${o}${this.canonicalAuthority}oauth2/v2.0/authorize`,t={};let r=null;try{const o=await this.networkInterface.sendGetRequestAsync(e,t);let n,i;if(function(e){return e.hasOwnProperty("tenant_discovery_endpoint")&&e.hasOwnProperty("metadata")}(o.body))n=o.body,i=n.metadata,this.logger.verbosePii(`1vglyt ${n.tenant_discovery_endpoint}`,this.correlationId);else{if(!function(e){return e.hasOwnProperty("error")&&e.hasOwnProperty("error_description")}(o.body))return this.logger.error("0768g0",this.correlationId),null;if(this.logger.warning(`062uto ${o.status}`,this.correlationId),n=o.body,"invalid_instance"===n.error)return this.logger.error("1x90tm",this.correlationId),null;this.logger.warning(`0wchdm ${n.error}`,this.correlationId),this.logger.warning(`1s5mpv ${n.error_description}`,this.correlationId),this.logger.warning("1yhqpw",this.correlationId),i=[]}this.logger.verbose("1lrobr",this.correlationId),r=qr(i,this.hostnameAndPort)}catch(e){if(e instanceof Te)this.logger.error(`0vwhc7 ${e.errorCode} ${e.errorMessage}`,this.correlationId);else{const t=e;this.logger.error(`0s2z41 ${t.name} ${t.message}`,this.correlationId)}return null}return r||(this.logger.warning("0jp28q",this.correlationId),this.logger.verbose("130sd8",this.correlationId),r=wn.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),r}isInKnownAuthorities(e){const t=e.toLowerCase();return this.authorityOptions.knownAuthorities.filter((e=>e&&Er.getDomainFromUrl(e,this.correlationId).toLowerCase()===t)).length>0}static generateAuthority(e,t){let o;if(t&&t.azureCloudInstance!==kr.None){const e=t.tenant?t.tenant:r;o=`${t.azureCloudInstance}/${e}/`}return o||e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return"login.microsoftonline.com";if(this.discoveryComplete())return this.metadata.preferred_cache;throw Pe(ot,this.correlationId)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return Mr.has(e)}validateIssuer(e){if(!e)throw Se(Ye,this.correlationId);let t;try{t=new URL(e)}catch{throw Se(Ye,this.correlationId)}const r=t.protocol,o=t.host,n=(this.canonicalAuthorityUrlComponents.Protocol||"").toLowerCase(),i=(this.canonicalAuthorityUrlComponents.HostNameAndPort||"").toLowerCase(),s=this.matchesAuthorityOrigin(r,o,n,i),a="https:"===r&&this.isAliasOfKnownMicrosoftAuthority(o),c="https:"===r&&this.matchesRegionalMicrosoftHost(o),l=this.matchesCiamTenantPattern(t,i,this.canonicalAuthorityUrlComponents.PathSegments),h="https:"===r&&this.isInKnownAuthorities(o);if(!(s||a||c||l||h))throw Se(Ye,this.correlationId)}matchesAuthorityOrigin(e,t,r,o){return e===r&&t===o}matchesRegionalMicrosoftHost(e){const t=e.indexOf(".");if(t>0&&t<e.length-1){const r=e.substring(t+1);return this.isAliasOfKnownMicrosoftAuthority(r)}return!1}matchesCiamTenantPattern(e,t,r){const o=r[0],s=o?o.endsWith(i)?o.slice(0,-16):o:t.split(".")[0];if(!s)return!1;const a=`https://${s}${n}`,c=[a,`${a}/${s}`,`${a}/${s}/v2.0`,`${a}/${s}${i}`,`${a}/${s}${i}/v2.0`],l=e.pathname.replace(/\/+$/,""),h=`${e.protocol}//${e.host}${l}`;return c.some((e=>e===h))}static isPublicCloudAuthority(e){return g.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,r,o){const n=new Er(e,r);n.validateAsUri();const i=n.getUrlComponents();let s=`${t}.${i.HostNameAndPort}`;this.isPublicCloudAuthority(i.HostNameAndPort)&&(s=`${t}.login.microsoft.com`);const a=Er.constructAuthorityUriFromObject({...n.getUrlComponents(),HostNameAndPort:s},r).urlString;return o?`${a}?${o}`:a}static replaceWithRegionalInformation(e,t,r){const o={...e};return o.authorization_endpoint=wn.buildRegionalAuthorityString(o.authorization_endpoint,t,r),o.token_endpoint=wn.buildRegionalAuthorityString(o.token_endpoint,t,r),o.end_session_endpoint&&(o.end_session_endpoint=wn.buildRegionalAuthorityString(o.end_session_endpoint,t,r)),o}static transformCIAMAuthority(e,t){let r=e;const o=new Er(e,t).getUrlComponents();if(0===o.PathSegments.length&&o.HostNameAndPort.endsWith(n)){r=`${r}${o.HostNameAndPort.split(".")[0]}${i}`}return r}}function Cn(e){return e.endsWith("/")?e:`${e}/`}function vn(e){const t=e.cloudDiscoveryMetadata;let r;if(t)try{r=JSON.parse(t)}catch(e){throw Se(He,"")}return{canonicalAuthority:e.authority?Cn(e.authority):void 0,knownAuthorities:e.knownAuthorities,cloudDiscoveryMetadata:r}}async function kn(e,t,r,o,n,i,s){const a=wn.transformCIAMAuthority(Cn(e),i),c=new wn(a,t,r,o,n,i,s);try{return await Fo(c.resolveEndpointsAsync.bind(c),"authorityResolveEndpointsAsync",n,s,i)(),c}catch(e){throw Pe(ot,i)}}wn.reservedTenantDomains=new Set(["{tenant}","{tenantid}",_,P,E]);class Tn{constructor(e,t){this.includeRedirectUri=!0,this.config=lo(e),this.logger=new wr(this.config.loggerOptions,Cr,vr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t,this.oidcDefaultScopes=this.config.authOptions.authority.options.OIDCOptions?.defaultScopes}async acquireToken(e,t,r){if(!e.code)throw Pe(ut,e.correlationId);r&&r.cloud_instance_host_name&&await Fo(this.updateTokenEndpointAuthority.bind(this),"updateTokenEndpointAuthority",this.logger,this.performanceClient,e.correlationId)(r.cloud_instance_host_name,e.correlationId);const o=go(),n=await Fo(this.executeTokenRequest.bind(this),"authClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(this.authority,e,this.serverTelemetryManager),i=n.headers?.[b],s=new sn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return s.validateTokenResponse(n.body,e.correlationId),Fo(s.handleServerTokenResponse.bind(s),qo,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,o,e,t,r,void 0,void 0,void 0,i)}getLogoutUri(e){if(!e)throw Se(Le,"");const t=this.createLogoutUrlQueryString(e);return Er.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t,r){const o=fn(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),n=Er.appendQueryString(e.tokenEndpoint,o),i=await Fo(this.createTokenRequestBody.bind(this),"authClientCreateTokenRequestBody",this.logger,this.performanceClient,t.correlationId)(t);let s;if(t.clientInfo)try{const e=Fr(t.clientInfo,this.cryptoUtils.base64Decode);s={credential:`${e.uid}.${e.utid}`,type:cn}}catch(e){this.logger.verbose(`0wznt3 ${e}`,t.correlationId)}const a=mn(this.logger,this.config.systemOptions.preventCorsPreflight,s||t.ccsCredential),c=dn(this.config.authOptions.clientId,t);return Fo(yn,"authorizationCodeClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,t.correlationId)(n,i,a,c,t.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,r)}async createTokenRequestBody(e){const t=new Map;if(Ft(t,e.embeddedClientId||e.extraParameters?.[ge]||this.config.authOptions.clientId),this.includeRedirectUri)Ht(t,e.redirectUri);else if(!e.redirectUri)throw Se(Re,e.correlationId);if(Lt(t,e.scopes,e.correlationId,!0,this.oidcDefaultScopes),hr(t,e.resource),function(e,t){e.set("code",t)}(t,e.code),Jt(t,this.config.libraryInfo),Wt(t,this.config.telemetry.application),cr(t),this.serverTelemetryManager&&!ho(this.config)&&ar(t,this.serverTelemetryManager),e.codeVerifier&&function(e,t){e.set("code_verifier",t)}(t,e.codeVerifier),this.config.clientCredentials.clientSecret&&Vt(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Yt(t,await hn(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),Zt(t,r.assertionType)}if(Xt(t,H),er(t),e.authenticationScheme===X.POP){const r=new Do(this.cryptoUtils,this.performanceClient);let o;if(e.popKid)o=this.cryptoUtils.encodeKid(e.popKid);else{o=(await Fo(r.generateCnf.bind(r),xo,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}ir(t,o)}else if(e.authenticationScheme===X.SSH){if(!e.sshJwk)throw Se(Ke,e.correlationId);sr(t,e.sshJwk)}let r;if(e.clientInfo)try{const t=Fr(e.clientInfo,this.cryptoUtils.base64Decode);r={credential:`${t.uid}.${t.utid}`,type:cn}}catch(t){this.logger.verbose(`0wznt3 ${t}`,e.correlationId)}else r=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&r)switch(r.type){case cn:try{Kt(t,Hr(r.credential))}catch(t){this.logger.verbose(`1qhtee ${t}`,e.correlationId)}break;case ln:$t(t,r.credential)}return e.embeddedClientId&&lr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&rr(t,e.extraParameters),!e.enableSpaAuthorizationCode||e.extraParameters&&e.extraParameters[ye]||rr(t,{[ye]:"1"}),Nt(t,e.correlationId,this.performanceClient),zt(t,e.correlationId,e.claims,this.config.authOptions.clientCapabilities,e.skipBrokerClaims),gr(t)}createLogoutUrlQueryString(e){const t=new Map;return e.postLogoutRedirectUri&&function(e,t){e.set("post_logout_redirect_uri",t)}(t,e.postLogoutRedirectUri),e.correlationId&&jt(t,e.correlationId),e.idTokenHint&&function(e,t){e.set("id_token_hint",t)}(t,e.idTokenHint),e.state&&Gt(t,e.state),e.logoutHint&&function(e,t){e.set("logout_hint",t)}(t,e.logoutHint),e.extraQueryParameters&&rr(t,e.extraQueryParameters),this.config.authOptions.instanceAware&&tr(t),gr(t)}async updateTokenEndpointAuthority(e,t){const r=`https://${e}/${this.authority.tenant}/`,o=await kn(r,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=o}}class bn{constructor(e,t){this.config=lo(e),this.logger=new wr(this.config.loggerOptions,Cr,vr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireToken(e,t){const r=go(),o=await Fo(this.executeTokenRequest.bind(this),"refreshTokenClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(e,this.authority),n=o.headers?.[b],i=new sn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return i.validateTokenResponse(o.body,e.correlationId),Fo(i.handleServerTokenResponse.bind(i),qo,this.logger,this.performanceClient,e.correlationId)(o.body,this.authority,r,e,t,void 0,void 0,!0,e.forceCache,n)}async acquireTokenByRefreshToken(e,t){if(!e)throw Se(Ue,"");if(!e.account)throw Pe(ft,e.correlationId);if(this.cacheManager.isAppMetadataFOCI(e.account.environment,e.correlationId))try{return await Fo(this.acquireTokenWithCachedRefreshToken.bind(this),Ro,this.logger,this.performanceClient,e.correlationId)(e,!0,t)}catch(r){const o=r instanceof Xo&&r.errorCode===$o,n=r instanceof rn&&"invalid_grant"===r.errorCode&&"client_mismatch"===r.subError;if(o||n)return Fo(this.acquireTokenWithCachedRefreshToken.bind(this),Ro,this.logger,this.performanceClient,e.correlationId)(e,!1,t);throw r}return Fo(this.acquireTokenWithCachedRefreshToken.bind(this),Ro,this.logger,this.performanceClient,e.correlationId)(e,!1,t)}async acquireTokenWithCachedRefreshToken(e,t,r){const o=Lo(this.cacheManager.getRefreshToken.bind(this.cacheManager),"cacheManagerGetRefreshToken",this.logger,this.performanceClient,e.correlationId)(e.account,t,e.correlationId,void 0);if(!o)throw tn($o,e.correlationId);if(o.expiresOn){const t=e.refreshTokenExpirationOffsetSeconds||300;if(this.performanceClient?.addFields({cacheRtExpiresOnSeconds:Number(o.expiresOn),rtOffsetSeconds:t},e.correlationId),fo(o.expiresOn,t))throw tn(Bo,e.correlationId)}const n={...e,refreshToken:o.secret,authenticationScheme:e.authenticationScheme||X.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:cn}};try{return await Fo(this.acquireToken.bind(this),"refreshTokenClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(n,r)}catch(t){if(t instanceof Xo&&t.subError===Go){this.logger.verbose("1pg3ap",e.correlationId);const t=this.cacheManager.generateCredentialKey(o);this.cacheManager.removeRefreshToken(t,e.correlationId)}throw t}}async executeTokenRequest(e,t){const r=fn(e,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),o=Er.appendQueryString(t.tokenEndpoint,r),n=await Fo(this.createTokenRequestBody.bind(this),"refreshTokenClientCreateTokenRequestBody",this.logger,this.performanceClient,e.correlationId)(e),i=mn(this.logger,this.config.systemOptions.preventCorsPreflight,e.ccsCredential),s=dn(this.config.authOptions.clientId,e);return Fo(yn,"refreshTokenClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,e.correlationId)(o,n,i,s,e.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,this.serverTelemetryManager)}async createTokenRequestBody(e){const t=new Map;if(Ft(t,e.embeddedClientId||e.extraParameters?.[ge]||this.config.authOptions.clientId),e.redirectUri&&Ht(t,e.redirectUri),Lt(t,e.scopes,e.correlationId,!0,this.config.authOptions.authority.options.OIDCOptions?.defaultScopes),Xt(t,D),er(t),Jt(t,this.config.libraryInfo),Wt(t,this.config.telemetry.application),cr(t),this.serverTelemetryManager&&!ho(this.config)&&ar(t,this.serverTelemetryManager),function(e,t){e.set("refresh_token",t)}(t,e.refreshToken),this.config.clientCredentials.clientSecret&&Vt(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Yt(t,await hn(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),Zt(t,r.assertionType)}if(e.authenticationScheme===X.POP){const r=new Do(this.cryptoUtils,this.performanceClient);let o;if(e.popKid)o=this.cryptoUtils.encodeKid(e.popKid);else{o=(await Fo(r.generateCnf.bind(r),xo,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}ir(t,o)}else if(e.authenticationScheme===X.SSH){if(!e.sshJwk)throw Se(Ke,e.correlationId);sr(t,e.sshJwk)}if(this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case cn:try{Kt(t,Hr(e.ccsCredential.credential))}catch(t){this.logger.verbose(`1qhtee ${t}`,e.correlationId)}break;case ln:$t(t,e.ccsCredential.credential)}return e.embeddedClientId&&lr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&rr(t,{...e.extraParameters}),Nt(t,e.correlationId,this.performanceClient),zt(t,e.correlationId,e.claims,this.config.authOptions.clientCapabilities,e.skipBrokerClaims),gr(t)}}class An{constructor(e,t){this.config=lo(e),this.logger=new wr(this.config.loggerOptions,Cr,vr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireCachedToken(e){let t=ae;if(e.forceRefresh||!_e.isEmptyObj(e.claims))throw this.setCacheOutcome(ce,e.correlationId),Pe(vt,e.correlationId);if(!e.account)throw Pe(ft,e.correlationId);const r=e.account.tenantId||function(e,t){const r=new Er(e,t).getUrlComponents(),o=r.PathSegments.slice(-1)[0]?.toLowerCase();switch(o){case _:case E:case P:return;default:return o}}(e.authority,e.correlationId),o=this.cacheManager.getTokenKeys(),n=this.cacheManager.getAccessToken(e.account,e,o,r);if(!n)throw this.setCacheOutcome(le,e.correlationId),Pe(vt,e.correlationId);if(Io(n.cachedAt)||fo(n.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(he,e.correlationId),Pe(vt,e.correlationId);if(e.resource){if(n.resource!==e.resource)throw this.setCacheOutcome(le,e.correlationId),Pe(vt,e.correlationId)}else n.refreshOn&&fo(n.refreshOn,0)&&(t=de);const i=e.authority||this.authority.getPreferredCache(),s={account:this.cacheManager.getAccount(this.cacheManager.generateAccountKey(e.account),e.correlationId),accessToken:n,idToken:this.cacheManager.getIdToken(e.account,e.correlationId,o,r),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(i,e.correlationId)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await Fo(this.generateResultFromCacheRecord.bind(this),"silentFlowClientGenerateResultFromCacheRecord",this.logger,this.performanceClient,e.correlationId)(s,e),t]}setCacheOutcome(e,t){this.serverTelemetryManager?.setCacheOutcome(e),this.performanceClient?.addFields({cacheOutcome:e},t),e!==ae&&this.logger.info(`09ingz ${e}`,t)}async generateResultFromCacheRecord(e,t){let r;return e.idToken&&(r=Tr(e.idToken.secret,this.config.cryptoInterface.base64Decode,t.correlationId)),sn.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,this.performanceClient,r)}}const Sn={sendGetRequestAsync:()=>Promise.reject(Pe(Pt,"")),sendPostRequestAsync:()=>Promise.reject(Pe(Pt,""))};function _n(e,t,r,o){const n=t.correlationId,i=new Map;Ft(i,t.embeddedClientId||t.extraQueryParameters?.[ge]||e.clientId);if(Lt(i,[...t.scopes||[],...t.extraScopesToConsent||[]],t.correlationId,!0,e.authority.options.OIDCOptions?.defaultScopes),hr(i,t.resource),Ht(i,t.redirectUri),jt(i,n),function(e,t){e.set("response_mode",t||F.QUERY)}(i,t.responseMode),er(i),function(e){e.set("clidata","1")}(i),t.prompt&&(!function(e,t){e.set("prompt",t)}(i,t.prompt),o?.addFields({prompt:t.prompt},n)),t.domainHint&&(!function(e,t){e.set("domain_hint",t)}(i,t.domainHint),o?.addFields({domainHintFromRequest:!0},n)),t.prompt!==N.SELECT_ACCOUNT)if(t.sid&&t.prompt===N.NONE)r.verbose("1tvqyx",t.correlationId),Bt(i,t.sid),o?.addFields({sidFromRequest:!0},n);else if(t.account){const e=(s=t.account,s.idTokenClaims?.sid||null);let a=function(e){return e.loginHint||e.idTokenClaims?.login_hint||null}(t.account);if(a&&t.domainHint&&(r.warning("0wkg3v",t.correlationId),a=null),a){r.verbose("1eyfsw",t.correlationId),Dt(i,a),o?.addFields({loginHintFromClaim:!0},n);try{Kt(i,Hr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(e&&t.prompt===N.NONE){r.verbose("1rmd8s",t.correlationId),Bt(i,e),o?.addFields({sidFromClaim:!0},n);try{Kt(i,Hr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(t.loginHint)r.verbose("0y3007",t.correlationId),Dt(i,t.loginHint),$t(i,t.loginHint),o?.addFields({loginHintFromRequest:!0},n);else if(t.account.username){r.verbose("02f507",t.correlationId),Dt(i,t.account.username),o?.addFields({loginHintFromUpn:!0},n);try{Kt(i,Hr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}}else t.loginHint&&(r.verbose("0g01ey",t.correlationId),Dt(i,t.loginHint),$t(i,t.loginHint),o?.addFields({loginHintFromRequest:!0},n));else r.verbose("169k9v",t.correlationId);var s;return t.nonce&&function(e,t){e.set("nonce",t)}(i,t.nonce),t.state&&Gt(i,t.state),t.embeddedClientId&&lr(i,e.clientId,e.redirectUri),zt(i,t.correlationId,t.claims,e.clientCapabilities,t.skipBrokerClaims),!e.instanceAware||t.extraQueryParameters&&Object.keys(t.extraQueryParameters).includes(ve)||tr(i),i}function En(e,t){const r=gr(t);return Er.appendQueryString(e.authorizationEndpoint,r)}function Pn(e,t,r){if(!e.state||!t)throw e.state?Pe(lt,r,"Cached State"):Pe(lt,r,"Server State");let o,n;try{o=decodeURIComponent(e.state)}catch(t){throw Pe(at,r,e.state)}try{n=decodeURIComponent(t)}catch(t){throw Pe(at,r,e.state)}if(o!==n)throw Pe(ct,r);if(e.error||e.error_description||e.suberror){const t=function(e){const t="code=",r=e.error_uri?.lastIndexOf(t);return r&&r>=0?e.error_uri?.substring(r+t.length):void 0}(e);if(en(e.error,e.error_description,e.suberror))throw new Xo(e.error||"",e.correlation_id||r,e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.claims||"",t);throw new rn(e.error||"",e.correlation_id||r,e.error_description,e.suberror,t)}}function Rn(e,t){if(e){if(t.resource&&(On(t.extraParameters)||On(t.extraQueryParameters)))throw Pe(Mt,t.correlationId||"");if(!t.resource)throw Pe(Ot,t.correlationId||"")}}function On(e){return!!e&&Object.prototype.hasOwnProperty.call(e,"resource")}const Mn="unexpected_error";var xn=Object.freeze({__proto__:null,postRequestFailed:"post_request_failed",unexpectedError:Mn});function qn(e){const{skus:t,libraryName:r,libraryVersion:o,extensionName:n,extensionVersion:i}=e,s=new Map([[0,[r,o]],[2,[n,i]]]);let a=[];if(t?.length){if(a=t.split(","),a.length<4)return t}else a=Array.from({length:4},(()=>"|"));return s.forEach(((e,t)=>{2===e.length&&e[0]?.length&&e[1]?.length&&function(e){const{skuArr:t,index:r,skuName:o,skuVersion:n}=e;if(r>=t.length)return;t[r]=[o,n].join("|")}({skuArr:a,index:t,skuName:e[0],skuVersion:e[1]})})),a.join(",")}class Nn{constructor(e,t){this.cacheOutcome=ae,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||"",this.wrapperVer=e.wrapperVer||"",this.telemetryCacheKey=Y+"-"+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${Z}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],r=this.getNativeBrokerErrorCode();r?.length&&t.push(`broker_error=${r}`);const o=t.join(Z),n=[e,this.getRegionDiscoveryFields()].join(Z);return[V,n,o].join("|")}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=Nn.maxErrorsToSend(e),r=e.failedRequests.slice(0,2*t).join(Z),o=e.errors.slice(0,t).join(Z),n=e.errors.length,i=[n,t<n?"1":"0"].join(Z);return[V,e.cacheHits,r,o,i].join("|")}cacheFailedRequest(e){try{const t=this.getLastRequests();t.errors.length>=50&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof Te?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push("unknown_error"),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}catch{}}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId),e.cacheHits}getLastRequests(){return this.cacheManager.getServerTelemetry(this.telemetryCacheKey,this.correlationId)||{failedRequests:[],errors:[],cacheHits:0}}clearTelemetryCache(){const e=this.getLastRequests(),t=Nn.maxErrorsToSend(e);if(t===e.errors.length)this.cacheManager.removeItem(this.telemetryCacheKey,this.correlationId);else{const r={failedRequests:e.failedRequests.slice(2*t),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,r,this.correlationId)}}static maxErrorsToSend(e){let t,r=0,o=0;const n=e.errors.length;for(t=0;t<n;t++){const n=e.failedRequests[2*t]||"",i=e.failedRequests[2*t+1]||"",s=e.errors[t]||"";if(o+=n.toString().length+i.toString().length+s.length+3,!(o<330))break;r+=1}return r}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||""),e.push(this.regionSource||""),e.push(this.regionOutcome||""),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId)}static makeExtraSkuString(e){return qn(e)}}class Un extends Nn{constructor(){super({clientId:"",apiId:0,correlationId:"",forceRefresh:!1},{})}generateCurrentRequestHeaderValue(){return""}generateLastRequestHeaderValue(){return""}cacheFailedRequest(){}incrementCacheHits(){return 0}clearTelemetryCache(){}getRegionDiscoveryFields(){return""}updateRegionDiscoveryMetadata(){}setCacheOutcome(){}setNativeBrokerErrorCode(){}getNativeBrokerErrorCode(){}clearNativeBrokerErrorCode(){}}class Ln extends Te{constructor(e,t,r){super(e,t,r),this.name="JoseHeaderError",Object.setPrototypeOf(this,Ln.prototype)}}function Fn(e,t){return new Ln(e,t)}class Hn{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw Fn("missing_kid_error","");if(!e.alg)throw Fn("missing_alg_error","");const t=new Hn({typ:e.typ||ue.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}function Dn(e,t,r,o=5){if(e instanceof Error)return e instanceof Te?(r.errorCode=e.errorCode,r.subErrorCode=e.subError,void(!r.serverErrorNo&&(e instanceof rn||e instanceof Xo)&&e.errorNo&&(r.serverErrorNo=e.errorNo))):void(e instanceof Ur?r.errorCode=e.errorCode:r.errorStack?.length?t.trace("0lmqrh",r.correlationId):e.stack?.length?(e.stack&&(r.errorStack=function(e,t){if(t<0)return[];const r=e.split("\n")||[],o=[],n=r[0];n.startsWith("TypeError: Cannot read property")||n.startsWith("TypeError: Cannot read properties of")||n.startsWith("TypeError: Cannot set property")||n.startsWith("TypeError: Cannot set properties of")||n.endsWith("is not a function")?o.push($n(n)):(n.startsWith("SyntaxError")||n.startsWith("TypeError"))&&o.push($n(n.replace(/['].*[']|["].*["]/g,"<redacted>")));for(let e=1;e<r.length&&!(o.length>=t);e++){const t=r[e];o.push($n(t))}return o}(e.stack,o)),r.errorName=e.name):t.trace("1cnpwa",r.correlationId));t.trace("0gcyox",r.correlationId)}function $n(e){const t=e.lastIndexOf(" ")+1;if(t<1)return e;const r=e.substring(t);let o=r.lastIndexOf("/");return o=o<0?r.lastIndexOf("\\"):o,o>=0?(e.substring(0,t)+"("+r.substring(o+1)+(")"===r.charAt(r.length-1)?"":")")).trimStart():e.trimStart()}class Kn{constructor(e,t,r,o,n,i,s){this.authority=t,this.libraryName=o,this.libraryVersion=n,this.globalFields={},this.applicationTelemetry=i,this.clientId=e,this.logger=r,this.callbacks=new Map,this.eventsByCorrelationId=new Map,this.eventStack=new Map,this.intFields=s||new Set;for(const e of eo)this.intFields.add(e)}startMeasurement(e,t){const r=t||this.generateId(),o={eventId:this.generateId(),status:Yr,authority:this.authority,libraryName:this.libraryName,libraryVersion:this.libraryVersion,clientId:this.clientId,name:e,startTimeMs:Date.now(),correlationId:r,appName:this.applicationTelemetry?.appName,appVersion:this.applicationTelemetry?.appVersion};var n,i;return this.cacheEventByCorrelationId(o),n=o,(i=this.eventStack.get(r))&&i.push({name:n.name}),{end:(e,t,r)=>this.endMeasurement({...o,...e},t,r),discard:()=>this.discardMeasurements(o.correlationId),add:e=>this.addFields(e,o.correlationId),increment:e=>this.incrementFields(e,o.correlationId),event:o}}endMeasurement(e,t,r){const o=this.eventsByCorrelationId.get(e.correlationId);if(!o)return this.logger.trace(`0k9ti8 ${e.eventId}`,e.correlationId),null;const n=e.eventId===o.eventId;e.durationMs=Math.round(e.durationMs||this.getDurationMs(e.startTimeMs));const i=JSON.stringify(function(e,t,r){if(!t?.length)return;const o=e=>e.length?e[e.length-1]:void 0,n=e.name,i=o(t);if(i?.name!==n)return;const s=t?.pop();if(!s)return;const a=r instanceof Te?r.errorCode:r instanceof Error?r.name:void 0,c=r instanceof Te?r.subError:void 0;a&&s.childErr!==a&&(s.err=a,c&&(s.subErr=c)),delete s.name,delete s.childErr;const l={...s,dur:e.durationMs};e.success||(l.fail=1);const h=o(t);if(!h)return{[n]:l};let d;if(a&&(h.childErr=a),h[n]){const e=Object.keys(h).filter((e=>e.startsWith(n))).length;d=`${n}_${e+1}`}else d=n;return h[d]=l,h}(e,this.eventStack.get(o.correlationId),t));if(n?this.discardMeasurements(o.correlationId):o.incompleteSubMeasurements?.delete(e.eventId),t&&Dn(t,this.logger,o),!n)return o.ext={...o.ext,...e.ext},o.ext[e.name+"DurationMs"]=Math.floor(e.durationMs),{...o};n&&!t&&(o.errorCode||o.subErrorCode)&&(this.logger.trace(`1fm1tm ${e.name}`,e.correlationId),o.errorCode=void 0,o.subErrorCode=void 0);let s={...o,...e},a=0;s.incompleteSubMeasurements?.forEach((t=>{this.logger.trace(`0nxk52 ${t.name} ${e.name}`,s.correlationId),a++})),s.incompleteSubMeasurements=void 0;const c=function(e){const t=[];for(const r of["",e]){const e=yr.get(r);t.push(...e?.logs??[]),yr.delete(r)}return t}(e.correlationId).map((e=>`${e.milliseconds},${e.hash}`)).join(";");return s={...s,status:Zr,incompleteSubsCount:a,context:i,logs:c,...this.globalFields},r&&(s.accountType=function(e){const t=e?.idTokenClaims;return t?.tfp||t?.acr?"B2C":t?.tid?"9188040d-6c67-4c5b-b112-36a304b66dad"===t?.tid?"MSA":"AAD":void 0}(r),s.dataBoundary=r.dataBoundary),this.truncateIntegralFields(s),this.emitEvents([s],e.correlationId),s}addFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r){const o={},n={};for(const t in e)if(t.startsWith(Xr)){const r=t.slice(4),o=e[t];"string"!=typeof o&&"number"!=typeof o||(n[r]=o)}else o[t]=e[t];const i={...r,...o};Object.keys(n).length&&(i.ext={...i.ext,...n}),this.eventsByCorrelationId.set(t,i)}else this.logger.trace("0thl6s",t)}addGlobalFields(e){this.globalFields={...this.globalFields,...e}}incrementFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r)for(const t in e)if(t.startsWith(Xr)){r.ext=r.ext||{};const o=t.slice(4),n=r.ext[o];if(void 0===n)r.ext[o]=0;else if(isNaN(Number(n)))return;r.ext[o]=(Number(r.ext[o])||0)+(e[t]??0)}else{if(r.hasOwnProperty(t)){if(isNaN(Number(r[t])))return}else r[t]=0;r[t]+=e[t]}else this.logger.trace("0thl6s",t)}cacheEventByCorrelationId(e){const t=this.eventsByCorrelationId.get(e.correlationId);t?(t.incompleteSubMeasurements=t.incompleteSubMeasurements||new Map,t.incompleteSubMeasurements.set(e.eventId,{name:e.name,startTimeMs:e.startTimeMs})):(this.eventsByCorrelationId.set(e.correlationId,{...e}),this.eventStack.set(e.correlationId,[]))}discardMeasurements(e){this.eventsByCorrelationId.delete(e),this.eventStack.delete(e)}addPerformanceCallback(e){for(const[t,r]of this.callbacks)if(r.toString()===e.toString())return this.logger.warning(`1eap5p ${t}`,""),t;const t=this.generateId();return this.callbacks.set(t,e),this.logger.verbose(`0c9ujz ${t}`,""),t}removePerformanceCallback(e){const t=this.callbacks.delete(e);return t?this.logger.verbose(`0253if ${e}`,""):this.logger.verbose(`0iqk07 ${e}`,""),t}emitEvents(e,t){this.logger.verbose("11jb1y",t),this.callbacks.forEach(((r,o)=>{this.logger.trace(`0p2pjl ${o}`,t),r.apply(null,[e])}))}truncateIntegralFields(e){this.intFields.forEach((t=>{t in e&&"number"==typeof e[t]&&(e[t]=Math.floor(e[t]))}))}getDurationMs(e){const t=Date.now()-e;return t<0?t:0}}const Bn="standardInteractionClientGetDiscoveredAuthority",zn="nativeInteractionClientAcquireToken",jn="acquireTokenBySilentIframe",Jn="initializeBaseRequest",Wn="silentIframeClientTokenHelper",Gn="silentHandlerInitiateAuthRequest",Qn="silentHandlerMonitorIframeForHash",Vn="standardInteractionClientCreateAuthCodeClient",Yn="standardInteractionClientGetClientConfiguration",Zn="standardInteractionClientInitializeAuthorizationRequest",Xn="handleResponseEar",ei="handleResponsePlatformBroker",ti="handleResponseCode",ri="deserializeResponse",oi="removeHiddenIframe",ni="generatePkceCodes",ii="generateHKDF",si="decrypt",ai="generateEarKey",ci="pkce_not_created",li="ear_jwk_empty",hi="ear_jwe_empty",di="crypto_nonexistent",ui="empty_navigate_uri",gi="hash_empty_error",pi="no_state_in_hash",mi="hash_does_not_contain_known_properties",fi="unable_to_parse_state",yi="state_interaction_type_mismatch",Ii="interaction_in_progress",wi="interaction_in_progress_cancelled",Ci="popup_window_error",vi="empty_window_error",ki="user_cancelled",Ti="redirect_bridge_empty_response",bi="redirect_in_iframe",Ai="block_iframe_reload",Si="block_nested_popups",_i="silent_logout_unsupported",Ei="no_account_error",Pi="no_token_request_cache_error",Ri="unable_to_parse_token_request_cache_error",Oi="non_browser_environment",Mi="database_not_open",xi="no_network_connectivity",qi="post_request_failed",Ni="get_request_failed",Ui="failed_to_parse_response",Li="unable_to_load_token",Fi="crypto_key_not_found",Hi="auth_code_required",Di="auth_code_or_nativeAccountId_required",$i="spa_code_and_nativeAccountId_present",Ki="database_unavailable",Bi="unable_to_acquire_token_from_native_platform",zi="native_handshake_timeout",ji="native_extension_not_installed",Ji="native_connection_not_established",Wi="uninitialized_public_client_application",Gi="native_prompt_not_supported",Qi="invalid_base64_string",Vi="invalid_pop_token_request",Yi="failed_to_build_headers",Zi="failed_to_parse_headers",Xi="failed_to_decrypt_ear_response",es="timed_out",ts="empty_response";var rs=Object.freeze({__proto__:null,authCodeOrNativeAccountIdRequired:Di,authCodeRequired:Hi,authRequestNotSetError:"auth_request_not_set_error",blockIframeReload:Ai,blockNestedPopups:Si,cryptoKeyNotFound:Fi,cryptoNonExistent:di,databaseNotOpen:Mi,databaseUnavailable:Ki,earJweEmpty:hi,earJwkEmpty:li,emptyNavigateUri:ui,emptyResponse:ts,emptyWindowError:vi,failedToBuildHeaders:Yi,failedToDecryptEarResponse:Xi,failedToParseHeaders:Zi,failedToParseResponse:Ui,getRequestFailed:Ni,hashDoesNotContainKnownProperties:mi,hashEmptyError:gi,iframeClosedPrematurely:"iframe_closed_prematurely",interactionInProgress:Ii,interactionInProgressCancelled:wi,invalidBase64String:Qi,invalidCacheType:"invalid_cache_type",invalidPopTokenRequest:Vi,nativeConnectionNotEstablished:Ji,nativeExtensionNotInstalled:ji,nativeHandshakeTimeout:zi,nativePromptNotSupported:Gi,noAccountError:Ei,noNetworkConnectivity:xi,noStateInHash:pi,noTokenRequestCacheError:Pi,nonBrowserEnvironment:Oi,pkceNotCreated:ci,popupWindowError:Ci,postRequestFailed:qi,redirectBridgeEmptyResponse:Ti,redirectInIframe:bi,silentLogoutUnsupported:_i,silentPromptValueError:"silent_prompt_value_error",spaCodeAndNativeAccountIdPresent:$i,stateInteractionTypeMismatch:yi,timedOut:es,unableToAcquireTokenFromNativePlatform:Bi,unableToLoadToken:Li,unableToParseState:fi,unableToParseTokenRequestCacheError:Ri,uninitializedPublicClientApplication:Wi,userCancelled:ki});function os(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class ns extends Te{constructor(e,t,r){super(e,t,os(e),r),Object.setPrototypeOf(this,ns.prototype),this.name="BrowserAuthError"}}function is(e,t,r){return new ns(e,t,r)}function ss(e){return(new TextDecoder).decode(as(e))}function as(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw is(Qi,"")}const r=atob(t);return Uint8Array.from(r,(e=>e.codePointAt(0)||0))}const cs="invalid_grant",ls=483,hs=600,ds="msal",us="msal.js.browser",gs="53ee284d-920a-4b59-9d30-a60315b26836",ps="ppnbnpeolgkicgegkbkbjmhlideopiji",ms="MATS",fs="MicrosoftEntra",ys="DOM API",Is="get-token-and-sign-out",ws="PlatformAuthDOMHandler",Cs="PlatformAuthExtensionHandler",vs="Handshake",ks="HandshakeResponse",Ts="GetToken",bs="Response",As={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},Ss="GET",_s="POST",Es="signin",Ps="signout",Rs="request.origin",Os="urlHash",Ms="request.params",xs="code.verifier",qs="interaction.status",Ns="request.native",Us="wrapper.sku",Ls="wrapper.version",Fs={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962,hydrateCache:963,loadExternalTokens:964},Hs={861:"acquireTokenRedirect",862:"acquireTokenPopup",863:"ssoSilent",864:"acquireTokenSilent_authCode",865:"handleRedirectPromise",866:"acquireTokenByCode",61:"acquireTokenSilent_silentFlow",961:"logout",962:"logoutPopup",963:"hydrateCache",964:"loadExternalTokens"};var Ds;e.InteractionType=void 0,(Ds=e.InteractionType||(e.InteractionType={})).Redirect="redirect",Ds.Popup="popup",Ds.Silent="silent",Ds.None="none";const $s={Startup:"startup",Logout:"logout",AcquireToken:"acquireToken",HandleRedirect:"handleRedirect",None:"none"},Ks={scopes:f},Bs="msal.db",zs=`${Bs}.keys`,js={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},Js=[js.Default,js.Skip,js.RefreshTokenAndNetwork];function Ws(e){return encodeURIComponent(Qs(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function Gs(e){return Vs(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function Qs(e){return Vs((new TextEncoder).encode(e))}function Vs(e){const t=Array.from(e,(e=>String.fromCodePoint(e))).join("");return btoa(t)}const Ys="AES-GCM",Zs="HKDF",Xs="SHA-256",ea=new Uint8Array([1,0,1]),ta="0123456789abcdef",ra=new Uint32Array(1),oa="raw",na="encrypt",ia="decrypt",sa={name:"RSASSA-PKCS1-v1_5",hash:Xs,modulusLength:2048,publicExponent:ea};async function aa(e){const t=(new TextEncoder).encode(e);return window.crypto.subtle.digest(Xs,t)}function ca(e){return window.crypto.getRandomValues(e)}function la(){return window.crypto.getRandomValues(ra),ra[0]}function ha(){const e=Date.now(),t=1024*la()+(1023&la()),r=new Uint8Array(16),o=Math.trunc(t/2**30),n=t&2**30-1,i=la();r[0]=e/2**40,r[1]=e/2**32,r[2]=e/2**24,r[3]=e/65536,r[4]=e/256,r[5]=e,r[6]=112|o>>>8,r[7]=o,r[8]=128|n>>>24,r[9]=n>>>16,r[10]=n>>>8,r[11]=n,r[12]=i>>>24,r[13]=i>>>16,r[14]=i>>>8,r[15]=i;let s="";for(let e=0;e<r.length;e++)s+=ta.charAt(r[e]>>>4),s+=ta.charAt(15&r[e]),3!==e&&5!==e&&7!==e&&9!==e||(s+="-");return s}async function da(e){return window.crypto.subtle.exportKey("jwk",e)}async function ua(){const e=await pa(),t={alg:"dir",kty:"oct",k:Gs(new Uint8Array(e))};return Qs(JSON.stringify(t))}async function ga(e,t){const r=t.split(".");if(5!==r.length)throw is(Xi,"","jwe_length");const o=await async function(e){const t=ss(e),r=as(JSON.parse(t).k);return window.crypto.subtle.importKey(oa,r,Ys,!1,[ia])}(e).catch((()=>{throw is(Xi,"","import_key")}));try{const e=(new TextEncoder).encode(r[0]),t=as(r[2]),n=as(r[3]),i=as(r[4]),s=8*i.byteLength,a=new Uint8Array(n.length+i.length);a.set(n),a.set(i,n.length);const c=await window.crypto.subtle.decrypt({name:Ys,iv:t,tagLength:s,additionalData:e},o,a);return(new TextDecoder).decode(c)}catch(e){throw is(Xi,"","decrypt")}}async function pa(){const e=await window.crypto.subtle.generateKey({name:Ys,length:256},!0,[na,ia]);return window.crypto.subtle.exportKey(oa,e)}async function ma(e){return window.crypto.subtle.importKey(oa,e,Zs,!1,["deriveKey"])}async function fa(e,t,r){return window.crypto.subtle.deriveKey({name:Zs,salt:t,hash:Xs,info:(new TextEncoder).encode(r)},e,{name:Ys,length:256},!1,[na,ia])}async function ya(e,t,r){const o=(new TextEncoder).encode(t),n=window.crypto.getRandomValues(new Uint8Array(16)),i=await fa(e,n,r),s=await window.crypto.subtle.encrypt({name:Ys,iv:new Uint8Array(12)},i,o);return{data:Gs(new Uint8Array(s)),nonce:Gs(n)}}async function Ia(e,t,r,o){const n=as(o),i=await fa(e,as(t),r),s=await window.crypto.subtle.decrypt({name:Ys,iv:new Uint8Array(12)},i,n);return(new TextDecoder).decode(s)}const wa="storage_not_supported",Ca="stubbed_public_client_application_called",va="in_mem_redirect_unavailable";var ka=Object.freeze({__proto__:null,inMemRedirectUnavailable:va,storageNotSupported:wa,stubbedPublicClientApplicationCalled:Ca});class Ta extends Te{constructor(e,t,r){super(e,t,r),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,Ta.prototype)}}function ba(e,t){return new Ta(e,t,os(e))}function Aa(){const e=window.location.hash,t=window.location.search;let r,o=!1,n=!1,i="";if(e&&e.length>1){const t="#"===e.charAt(0)?e.substring(1):e,n=new URLSearchParams(t);n.has("state")&&(o=!0,i=t,r=n)}if(t&&t.length>1){const e="?"===t.charAt(0)?t.substring(1):t,o=new URLSearchParams(e);o.has("state")&&(n=!0,i=e,r=o)}if(o&&n){i=`${"?"===t.charAt(0)?t.substring(1):t}${"#"===e.charAt(0)?e.substring(1):e}`,r=new URLSearchParams(i)}if(!i||!r)throw is(ts,"");const s=r.get("state");if(!s)throw is(pi,"");const{libraryState:a}=nn(ss,s,""),{id:c,meta:l}=a;if(!c||!l)throw is(fi,"","missing_library_state");return{params:r,payload:i,urlHash:e,urlQuery:t,hasResponseInHash:o,hasResponseInQuery:n,libraryState:{id:c,meta:l}}}function Sa(e){e.location.hash="","function"==typeof e.history.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}${e.location.search}`)}function _a(e){const t=e.split("#");t.shift(),window.location.hash=t.length>0?t.join("#"):""}function Ea(){return window.parent!==window}function Pa(){if(Ea())return!1;try{const{libraryState:t}=Aa(),{meta:r}=t;return r.interactionType===e.InteractionType.Popup}catch(e){return!1}}let Ra=null;function Oa(e,t){Ra&&(e.verbose("18y01k",t),clearTimeout(Ra.timeoutId),Ra.channel.close(),Ra.reject(is(wi,"")),Ra=null)}async function Ma(e,t,r,o,n){return new Promise(((i,s)=>{t.verbose("1rf6em",r.correlationId);const a=r.correlationId;o.addFields({redirectBridgeTimeoutMs:e,lateResponseExperimentEnabled:n?.iframeTimeoutTelemetry||!1},a);const{libraryState:c}=nn(ss,r.state||"",r.correlationId),l=new BroadcastChannel(c.id);let h,d,u,g=!1;const p=window.setTimeout((()=>{Ra=null,n?.iframeTimeoutTelemetry?(u=o.startMeasurement("waitForBridgeLateResponse",a),g=!0,d=window.setTimeout((()=>{u?.end({success:!1}),clearTimeout(d),l.close()}),6e4)):l.close(),s(is(es,"","redirect_bridge_timeout"))}),e);Ra={timeoutId:p,channel:l,reject:s},l.onmessage=e=>{h=e.data.payload;const t=e?.data&&"number"==typeof e.data.v?e.data.v:void 0;if(g)return u?.end({success:!!h}),clearTimeout(d),void l.close();o.addFields({redirectBridgeMessageVersion:t},a),Ra=null,clearTimeout(p),l.close(),h?i(h):s(is(Ti,a))}}))}function xa(){return"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function qa(e){const t=new Er(window.location.href,e||"").getUrlComponents();return`${t.Protocol}//${t.HostNameAndPort}/`}function Na(){if(ur(window.location.hash)&&Ea())throw is(Ai,"")}function Ua(e){if(Ea()&&!e)throw is(bi,"")}function La(){if(Pa())throw is(Si,"")}function Fa(){if("undefined"==typeof window)throw is(Oi,"")}function Ha(e){if(!e)throw is(Wi,"")}function Da(e){Fa(),Na(),La(),Ha(e)}function $a(e,t){if(Da(e),Ua(t.system.allowRedirectInIframe),t.cache.cacheLocation===As.MemoryStorage)throw ba(va,"")}function Ka(e){const t=document.createElement("link");t.rel="preconnect",t.href=new URL(e).origin,t.crossOrigin="anonymous",document.head.appendChild(t),window.setTimeout((()=>{try{document.head.removeChild(t)}catch{}}),1e4)}function Ba(){return ha()}const za=nr;var ja=Object.freeze({__proto__:null,blockAPICallsBeforeInitialize:Ha,blockAcquireTokenInPopups:La,blockNonBrowserEnvironment:Fa,blockRedirectInIframe:Ua,blockReloadInHiddenIframes:Na,buildMergedClaims:za,cancelPendingBridgeResponse:Oa,clearAuthResponseFromUrl:function(e){"function"==typeof e.history?.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}`)},clearHash:Sa,createGuid:Ba,getCurrentUri:xa,getHomepage:qa,invoke:Lo,invokeAsync:Fo,isInIframe:Ea,isInPopup:Pa,parseAuthResponseFromUrl:Aa,preconnect:Ka,preflightCheck:Da,redirectPreflightCheck:$a,replaceHash:_a,waitForBridgeResponse:Ma});class Ja{constructor(){this.dbName=Bs,this.version=1,this.tableName=zs,this.dbOpen=!1}async open(){return new Promise(((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",(e=>{e.target.result.createObjectStore(this.tableName)})),r.addEventListener("success",(t=>{const r=t;this.db=r.target.result,this.dbOpen=!0,e()})),r.addEventListener("error",(()=>t(is(Ki,""))))}))}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(is(Mi,""));const o=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);o.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(r.target.result)})),o.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async setItem(e,t){return await this.validateDbIsOpen(),new Promise(((r,o)=>{if(!this.db)return o(is(Mi,""));const n=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);n.addEventListener("success",(()=>{this.closeConnection(),r()})),n.addEventListener("error",(e=>{this.closeConnection(),o(e)}))}))}async removeItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(is(Mi,""));const o=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);o.addEventListener("success",(()=>{this.closeConnection(),t()})),o.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async getKeys(){return await this.validateDbIsOpen(),new Promise(((e,t)=>{if(!this.db)return t(is(Mi,""));const r=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();r.addEventListener("success",(t=>{const r=t;this.closeConnection(),e(r.target.result)})),r.addEventListener("error",(e=>{this.closeConnection(),t(e)}))}))}async containsKey(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(is(Mi,""));const o=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);o.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(1===r.target.result)})),o.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise(((e,t)=>{const r=window.indexedDB.deleteDatabase(Bs),o=setTimeout((()=>t(!1)),200);r.addEventListener("success",(()=>(clearTimeout(o),e(!0)))),r.addEventListener("blocked",(()=>(clearTimeout(o),e(!0)))),r.addEventListener("error",(()=>(clearTimeout(o),t(!1))))}))}}class Wa{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)||null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach(((t,r)=>{e.push(r)})),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}decryptData(){return Promise.resolve(null)}}class Ga{constructor(e){this.inMemoryCache=new Wa,this.indexedDBCache=new Ja,this.logger=e}handleDatabaseAccessError(e,t){if(!(e instanceof ns&&e.errorCode===Ki))throw e;this.logger.error("1wx7zz",t)}async getItem(e,t){const r=this.inMemoryCache.getItem(e);if(!r)try{return this.logger.verbose("0naxpl",t),await this.indexedDBCache.getItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}async setItem(e,t,r){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(e){this.handleDatabaseAccessError(e,r)}}async removeItem(e,t){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}}async getKeys(e){const t=this.inMemoryCache.getKeys();if(0===t.length)try{return this.logger.verbose("1iqrbq",e),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t,e)}return t}async containsKey(e,t){const r=this.inMemoryCache.containsKey(e);if(!r)try{return this.logger.verbose("03zl2j",t),await this.indexedDBCache.containsKey(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}clearInMemory(e){this.logger.verbose("03r21p",e),this.inMemoryCache.clear(),this.logger.verbose("0uksk1",e)}async clearPersistent(e){try{this.logger.verbose("0rdqut",e);const t=await this.indexedDBCache.deleteDatabase();return t&&this.logger.verbose("149ouc",e),t}catch(t){return this.handleDatabaseAccessError(t,e),!1}}}class Qa{constructor(e,t,r){this.logger=e,function(e){if(!window)throw is(Oi,"");if(!window.crypto)throw is(di,"");if(!e&&!window.crypto.subtle)throw is(di,"","crypto_subtle_undefined")}(r??!1),this.cache=new Ga(this.logger),this.performanceClient=t}createNewGuid(){return ha()}base64Encode(e){return Qs(e)}base64Decode(e){return ss(e)}base64UrlEncode(e){return Ws(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){const t=this.performanceClient?.startMeasurement("cryptoOptsGetPublicKeyThumbprint",e.correlationId),r=await async function(e,t){return window.crypto.subtle.generateKey(sa,e,t)}(Qa.EXTRACTABLE,Qa.POP_KEY_USAGES),o=await da(r.publicKey),n=Va({e:o.e,kty:o.kty,n:o.n}),i=await this.hashString(n),s=await da(r.privateKey),a=await async function(e,t,r){return window.crypto.subtle.importKey("jwk",e,sa,t,r)}(s,!1,["sign"]);return await this.cache.setItem(i,{privateKey:a,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri},e.correlationId),t&&t.end({success:!0}),i}async removeTokenBindingKey(e,t){await this.cache.removeItem(e,t);if(await this.cache.containsKey(e,t))throw Pe(bt,t)}async clearKeystore(e){this.cache.clearInMemory(e);try{return await this.cache.clearPersistent(e),!0}catch(t){return t instanceof Error?this.logger.error(`1owpn8 ${t.message}`,e):this.logger.error("0yrmwo",e),!1}}async signJwt(e,t,r,o){const n=this.performanceClient?.startMeasurement("cryptoOptsSignJwt",o),i=await this.cache.getItem(t,o||"");if(!i)throw is(Fi,o||"");const s=await da(i.publicKey),a=Va(s),c=Ws(JSON.stringify({kid:t})),l=Ws(Hn.getShrHeaderString({...r?.header,alg:s.alg,kid:c}));e.cnf={jwk:JSON.parse(a)};const h=`${l}.${Ws(JSON.stringify(e))}`,d=(new TextEncoder).encode(h),u=await async function(e,t){return window.crypto.subtle.sign(sa,e,t)}(i.privateKey,d),g=`${h}.${Gs(new Uint8Array(u))}`;return n&&n.end({success:!0}),g}async hashString(e){return async function(e){const t=await aa(e);return Gs(new Uint8Array(t))}(e)}}function Va(e){return JSON.stringify(e,Object.keys(e).sort())}Qa.POP_KEY_USAGES=["sign","verify"],Qa.EXTRACTABLE=!0;const Ya="acquireTokenSilent",Za="acquireTokenByCode",Xa="acquireTokenPopup",ec="acquireTokenPreRedirect",tc="acquireTokenRedirect",rc="ssoSilent",oc="initializeClientApplication",nc="localStorageUpdated",ic="loadExternalTokens",sc="ssoCapable";var ac=Object.freeze({__proto__:null,AcquireTokenByCode:Za,AcquireTokenPopup:Xa,AcquireTokenPreRedirect:ec,AcquireTokenRedirect:tc,AcquireTokenSilent:Ya,InitializeClientApplication:oc,LoadExternalTokens:ic,LocalStorageUpdated:nc,SsoCapable:sc,SsoSilent:rc,WaitForBridgeLateResponse:"waitForBridgeLateResponse"});const cc="msal",lc="browser",hc=`${cc}.${lc}.log.level`,dc=`${cc}.${lc}.log.pii`,uc=`${cc}.${lc}.performance.enabled`,gc=`${cc}.version`,pc="account.keys",mc="token.keys",fc=`${cc}.${lc}.sso.capable`;function yc(e=3){return e<1?`${cc}.${pc}`:`${cc}.${e}.${pc}`}function Ic(e,t=3){return t<1?`${cc}.${mc}.${e}`:`${cc}.${t}.${mc}.${e}`}const wc=864e5,Cc="Lax",vc="None";class kc{initialize(){return Promise.resolve()}getItem(e){const t=encodeURIComponent(e),r=document.cookie.split(";");for(let e=0;e<r.length;e++){const o=r[e].trim(),n=o.indexOf("=");if((-1===n?o:o.substring(0,n))===t){const e=-1===n?"":o.substring(n+1);try{return decodeURIComponent(e)}catch{return e}}}return""}getUserData(){throw Pe(Pt,"")}setItem(e,t,r,o=!0,n=Cc){let i=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${n};`;if(r){const e=function(e){const t=new Date,r=new Date(t.getTime()+e*wc);return r.toUTCString()}(r);i+=`expires=${e};`}(o||n===vc)&&(i+="Secure;"),document.cookie=i}async setUserData(e,t,r){return Promise.reject(Pe(Pt,r))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach((e=>{const r=e.trim(),o=r.indexOf("="),n=-1===o?r:r.substring(0,o);try{t.push(decodeURIComponent(n))}catch{}})),t}containsKey(e){return this.getKeys().includes(e)}decryptData(){return Promise.resolve(null)}}function Tc(e,t){const r=e.getItem(yc(t));return r?JSON.parse(r):[]}function bc(e,t,r){const o=t.getItem(Ic(e,r));if(o){const e=JSON.parse(o);if(e&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("accessToken")&&e.hasOwnProperty("refreshToken"))return e}return{idToken:[],accessToken:[],refreshToken:[]}}function Ac(e){return e.hasOwnProperty("id")&&e.hasOwnProperty("nonce")&&e.hasOwnProperty("data")}const Sc="msal.cache.encryption";class _c{constructor(e,t,r){if(!window.localStorage)throw ba(wa,"");this.memoryStorage=new Wa,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel("msal.broadcast.cache")}async initialize(e){const t=new kc,r=t.getItem(Sc);let o={key:"",id:""};if(r)try{o=JSON.parse(r)}catch(e){}if(o.key&&o.id){const t=Lo(as,"base64Decode",this.logger,this.performanceClient,e)(o.key);this.encryptionCookie={id:o.id,key:await Fo(ma,ii,this.logger,this.performanceClient,e)(t)}}else{const r=ha(),o=await Fo(pa,"generateBaseKey",this.logger,this.performanceClient,e)(),n=Lo(Gs,"urlEncodeArr",this.logger,this.performanceClient,e)(new Uint8Array(o));this.encryptionCookie={id:r,key:await Fo(ma,ii,this.logger,this.performanceClient,e)(o)};const i={id:r,key:n};t.setItem(Sc,JSON.stringify(i),0,!0,vc)}await Fo(this.importExistingCache.bind(this),"importExistingCache",this.logger,this.performanceClient,e)(e),this.broadcast.addEventListener("message",(t=>{this.updateCache(t,e)})),this.initialized=!0}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw is(Wi,"");return this.memoryStorage.getItem(e)}async decryptData(e,t,r){if(!this.initialized||!this.encryptionCookie)throw is(Wi,"");if(t.id!==this.encryptionCookie.id)return this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},r),null;const o=await Fo(Ia,si,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t.nonce,this.getContext(e),t.data);if(!o)return null;try{return{...JSON.parse(o),lastUpdatedAt:t.lastUpdatedAt}}catch(e){return this.performanceClient.incrementFields({encryptedCacheCorruptionCount:1},r),null}}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r,o,n){if(!this.initialized||!this.encryptionCookie)throw is(Wi,"");if(n)this.setItem(e,t);else{const{data:n,nonce:i}=await Fo(ya,"encrypt",this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:n,lastUpdatedAt:o};this.setItem(e,JSON.stringify(s))}this.memoryStorage.setItem(e,t),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear();Tc(this).forEach((e=>this.removeItem(e)));const e=bc(this.clientId,this);e.idToken.forEach((e=>this.removeItem(e))),e.accessToken.forEach((e=>this.removeItem(e))),e.refreshToken.forEach((e=>this.removeItem(e))),this.getKeys().forEach((e=>{(e.startsWith(cc)||-1!==e.indexOf(this.clientId))&&this.removeItem(e)}))}async importExistingCache(e){if(!this.encryptionCookie)return;let t=Tc(this);t=await this.importArray(t,e),t.length?this.setItem(yc(),JSON.stringify(t)):this.removeItem(yc());const r=bc(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),r.idToken.length||r.accessToken.length||r.refreshToken.length?this.setItem(Ic(this.clientId),JSON.stringify(r)):this.removeItem(Ic(this.clientId))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let o;try{o=JSON.parse(r)}catch(e){return null}return Ac(o)?o.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):(this.performanceClient.incrementFields({encryptedCacheCount:1},t),Fo(Ia,si,this.logger,this.performanceClient,t)(this.encryptionCookie.key,o.nonce,this.getContext(e),o.data)):(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),r)}async importArray(e,t){const r=[],o=[];return e.forEach((e=>{const n=this.getItemFromEncryptedCache(e,t).then((t=>{t?(this.memoryStorage.setItem(e,t),r.push(e)):this.removeItem(e)}));o.push(n)})),await Promise.all(o),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e,t){this.logger.trace("17cxcm",t);const r=this.performanceClient.startMeasurement(nc);r.add({isBackground:!0});const{key:o,value:n,context:i}=e.data;return o?i&&i!==this.clientId?(this.logger.trace(`04rtdy ${i}`,t),void r.end({success:!1,errorCode:"contextMismatch"})):(n?(this.memoryStorage.setItem(o,n),this.logger.verbose("1vzsgt",t)):(this.memoryStorage.removeItem(o),this.logger.verbose("04ypih",t)),void r.end({success:!0})):(this.logger.error("0e10qr",t),void r.end({success:!1,errorCode:"noKey"}))}}class Ec{constructor(){if(!window.sessionStorage)throw ba(wa,"")}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}decryptData(){return Promise.resolve(null)}}const Pc={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_SUCCESS:"msal:loginSuccess",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",BROKERED_REQUEST_START:"msal:brokeredRequestStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",BROKERED_REQUEST_SUCCESS:"msal:brokeredRequestSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",BROKERED_REQUEST_FAILURE:"msal:brokeredRequestFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache",BROKER_CONNECTION_ESTABLISHED:"msal:brokerConnectionEstablished"},Rc="@azure/msal-browser",Oc="5.16.0";function Mc(e,t){const r=e.indexOf(t);r>-1&&e.splice(r,1)}const xc="invalid",qc="ttlExpired",Nc="decryptFailed",Uc="expired";class Lc extends Qr{constructor(e,t,r,o,n,i,s){super(e,r,o,n,s),this.cacheConfig=t,this.logger=o,this.internalStorage=new Wa,this.browserStorage=Fc(e,t.cacheLocation,o,n),this.temporaryCacheStorage=Fc(e,As.SessionStorage,o,n),this.cookieStorage=new kc,this.eventHandler=i}async initialize(e){this.performanceClient.addFields({cacheLocation:this.cacheConfig.cacheLocation,cacheRetentionDays:this.cacheConfig.cacheRetentionDays},e),await this.browserStorage.initialize(e),await this.migrateExistingCache(e),this.trackVersionChanges(e)}async migrateExistingCache(e){let t=Tc(this.browserStorage),r=bc(this.clientId,this.browserStorage);this.performanceClient.addFields({preMigrateAcntCount:t.length,preMigrateATCount:r.accessToken.length,preMigrateITCount:r.idToken.length,preMigrateRTCount:r.refreshToken.length},e);for(let t=0;t<3;t++){const r=t;await this.removeStaleAccounts(t,r,e)}for(let t=0;t<3;t++){const r=t;await this.migrateIdTokens(t,r,e)}const o=this.getKMSIValues();for(let t=0;t<3;t++)await this.migrateAccessTokens(t,o,e),await this.migrateRefreshTokens(t,o,e);t=Tc(this.browserStorage),r=bc(this.clientId,this.browserStorage),this.performanceClient.addFields({postMigrateAcntCount:t.length,postMigrateATCount:r.accessToken.length,postMigrateITCount:r.idToken.length,postMigrateRTCount:r.refreshToken.length},e)}async updateOldEntry(e,t){const r=this.browserStorage.getItem(e),o=this.validateAndParseJson(r||"");if(!o)return this.browserStorage.removeItem(e),{entry:null,removalReason:xc};if(o.lastUpdatedAt){if(yo(o.lastUpdatedAt,this.cacheConfig.cacheRetentionDays))return this.browserStorage.removeItem(e),{entry:null,removalReason:qc}}else o.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(o),t);const n=Ac(o),i=n?await this.browserStorage.decryptData(e,o,t):o;return i?ko(i)?(To(i)||bo(i))&&i.expiresOn&&fo(i.expiresOn,300)?(this.browserStorage.removeItem(e),{entry:null,removalReason:Uc}):{entry:i}:(this.browserStorage.removeItem(e),{entry:null,removalReason:xc}):(this.browserStorage.removeItem(e),{entry:null,removalReason:n?Nc:xc})}async removeStaleAccounts(e,t,r){const o=Tc(this.browserStorage,e);if(0!==o.length){for(const e of[...o]){this.performanceClient.incrementFields({oldAcntCount:1},r);const n=this.browserStorage.getItem(e),i=this.validateAndParseJson(n||"");if(i)if(i.lastUpdatedAt){if(yo(i.lastUpdatedAt,this.cacheConfig.cacheRetentionDays))await this.removeAccountOldSchema(e,i,t,r),this.performanceClient.incrementFields({ttlExpiredAcntCount:1},r),Mc(o,e);else if(Ac(i)){await this.browserStorage.decryptData(e,i,r)||(this.browserStorage.removeItem(e),this.performanceClient.incrementFields({decryptFailedAcntCount:1},r),Mc(o,e))}}else i.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(i),r);else this.browserStorage.removeItem(e),this.performanceClient.incrementFields({invalidAcntCount:1},r),Mc(o,e)}this.setAccountKeys(o,r,e)}}async removeAccountOldSchema(e,t,r,o){const n=Ac(t)?await this.browserStorage.decryptData(e,t,o):t,i=n?.homeAccountId;if(i){const e=this.getTokenKeys(r);[...e.idToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Mc(e.idToken,t)})),[...e.accessToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Mc(e.accessToken,t)})),[...e.refreshToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Mc(e.refreshToken,t)})),this.setTokenKeys(e,o,r)}this.browserStorage.removeItem(e)}getKMSIValues(){const e={},t=this.getTokenKeys().idToken;for(const r of t){const t=this.browserStorage.getUserData(r);if(t){const r=JSON.parse(t),o=Tr(r.secret,ss,"");o&&(e[r.homeAccountId]=br(o))}}return e}async migrateIdTokens(e,t,r){const o=bc(this.clientId,this.browserStorage,e);if(0===o.idToken.length)return;const n=bc(this.clientId,this.browserStorage,3),i=Tc(this.browserStorage),s=Tc(this.browserStorage,t);for(const e of[...o.idToken]){this.performanceClient.incrementFields({oldITCount:1},r);const t=await this.updateOldEntry(e,r),a=t.entry;if(!a){switch(t.removalReason){case qc:this.performanceClient.incrementFields({ttlExpiredITCount:1},r);break;case Nc:this.performanceClient.incrementFields({decryptFailedITCount:1},r);break;case xc:this.performanceClient.incrementFields({invalidITCount:1},r)}Mc(o.idToken,e);continue}const c=i.find((e=>e.includes(a.homeAccountId))),l=s.find((e=>e.includes(a.homeAccountId)));let h=null;if(c)h=this.getAccount(c,r);else if(l){const e=this.browserStorage.getItem(l),t=this.validateAndParseJson(e||"");h=t&&Ac(t)?await this.browserStorage.decryptData(l,t,r):t}if(!h){this.performanceClient.incrementFields({skipITMigrateCount:1},r);continue}const d=Tr(a.secret,ss,r),u=this.generateCredentialKey(a),g=this.getIdTokenCredential(u,r),p=Object.keys(d).includes("signin_state"),m=g&&Object.keys(Tr(g.secret,ss,r)||{}).includes("signin_state");if(!g||a.lastUpdatedAt>g.lastUpdatedAt&&(p||!m)){const e=h.tenantProfiles||[],t=zr(d)||h.realm;if(t&&!e.find((e=>e.tenantId===t))){const r=Sr(h.homeAccountId,h.localAccountId,t,h.nativeAccountId,d);e.push(r)}h.tenantProfiles=e;const o=this.generateAccountKey(Jr(h)),s=br(d);await this.setUserData(o,JSON.stringify(h),r,h.lastUpdatedAt,s),i.includes(o)||i.push(o),await this.setUserData(u,JSON.stringify(a),r,a.lastUpdatedAt,s),this.performanceClient.incrementFields({migratedITCount:1},r),n.idToken.includes(u)||n.idToken.push(u)}}this.setTokenKeys(o,r,e),this.setTokenKeys(n,r),this.setAccountKeys(i,r)}async migrateAccessTokens(e,t,r){const o=bc(this.clientId,this.browserStorage,e);if(0===o.accessToken.length)return;const n=bc(this.clientId,this.browserStorage,3);for(const e of[...o.accessToken]){this.performanceClient.incrementFields({oldATCount:1},r);const i=await this.updateOldEntry(e,r),s=i.entry;if(!s){switch(i.removalReason){case qc:this.performanceClient.incrementFields({ttlExpiredATCount:1},r);break;case Nc:this.performanceClient.incrementFields({decryptFailedATCount:1},r);break;case Uc:this.performanceClient.incrementFields({expiredATCount:1},r);break;case xc:this.performanceClient.incrementFields({invalidATCount:1},r)}Mc(o.accessToken,e);continue}if(!(s.homeAccountId in t)){this.performanceClient.incrementFields({skipATMigrateCount:1},r);continue}const a=this.generateCredentialKey(s),c=t[s.homeAccountId];if(n.accessToken.includes(a)){const e=this.getAccessTokenCredential(a,r);(!e||s.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(a,JSON.stringify(s),r,s.lastUpdatedAt,c),this.performanceClient.incrementFields({migratedATCount:1},r))}else await this.setUserData(a,JSON.stringify(s),r,s.lastUpdatedAt,c),this.performanceClient.incrementFields({migratedATCount:1},r),n.accessToken.push(a)}this.setTokenKeys(o,r,e),this.setTokenKeys(n,r)}async migrateRefreshTokens(e,t,r){const o=bc(this.clientId,this.browserStorage,e);if(0===o.refreshToken.length)return;const n=bc(this.clientId,this.browserStorage,3);for(const e of[...o.refreshToken]){this.performanceClient.incrementFields({oldRTCount:1},r);const i=await this.updateOldEntry(e,r),s=i.entry;if(!s){switch(i.removalReason){case qc:this.performanceClient.incrementFields({ttlExpiredRTCount:1},r);break;case Nc:this.performanceClient.incrementFields({decryptFailedRTCount:1},r);break;case Uc:this.performanceClient.incrementFields({expiredRTCount:1},r);break;case xc:this.performanceClient.incrementFields({invalidRTCount:1},r)}Mc(o.refreshToken,e);continue}if(!(s.homeAccountId in t)){this.performanceClient.incrementFields({skipRTMigrateCount:1},r);continue}const a=this.generateCredentialKey(s),c=t[s.homeAccountId];if(n.refreshToken.includes(a)){const e=this.getRefreshTokenCredential(a,r);(!e||s.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(a,JSON.stringify(s),r,s.lastUpdatedAt,c),this.performanceClient.incrementFields({migratedRTCount:1},r))}else await this.setUserData(a,JSON.stringify(s),r,s.lastUpdatedAt,c),this.performanceClient.incrementFields({migratedRTCount:1},r),n.refreshToken.push(a)}this.setTokenKeys(o,r,e),this.setTokenKeys(n,r)}trackVersionChanges(e){const t=this.browserStorage.getItem(gc);t&&(this.logger.info(`1wuc87 ${t}`,e),this.performanceClient.addGlobalFields({previousLibraryVersion:t})),t!==Oc&&this.setItem(gc,Oc,e)}validateAndParseJson(e){if(!e)return null;try{const t=JSON.parse(e);return t&&"object"==typeof t?t:null}catch(e){return null}}setItem(e,t,r){const o=new Array(4).fill(0),n=[];for(let i=0;i<=20;i++)try{if(this.browserStorage.setItem(e,t),i>0)for(let e=0;e<=3;e++){const t=o.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=i)break;const s=i>t+o[e]?t+o[e]:i;i>t&&o[e]>0&&this.removeAccessTokenKeys(n.slice(t,s),r,e)}break}catch(s){const a=Lr(s);if(!(a.errorCode===Nr&&i<20))throw a;if(!n.length)for(let r=0;r<=3;r++)if(e===Ic(this.clientId,r)){const e=JSON.parse(t).accessToken;n.push(...e),o[r]=e.length}else{const e=this.getTokenKeys(r).accessToken;n.push(...e),o[r]=e.length}if(n.length<=i)throw a;this.removeAccessToken(n[i],r,!1)}}async setUserData(e,t,r,o,n){const i=new Array(4).fill(0),s=[];for(let a=0;a<=20;a++)try{if(await Fo(this.browserStorage.setUserData.bind(this.browserStorage),"setUserData",this.logger,this.performanceClient,r)(e,t,r,o,n),a>0)for(let e=0;e<=3;e++){const t=i.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=a)break;const o=a>t+i[e]?t+i[e]:a;a>t&&i[e]>0&&this.removeAccessTokenKeys(s.slice(t,o),r,e)}break}catch(e){const t=Lr(e);if(!(t.errorCode===Nr&&a<20))throw t;if(!s.length)for(let e=0;e<=3;e++){const t=this.getTokenKeys(e).accessToken;s.push(...t),i[e]=t.length}if(s.length<=a)throw t;this.removeAccessToken(s[a],r,!1)}}getAccount(e,t){this.logger.trace("1lfvm6",t);const r=this.browserStorage.getUserData(e);if(!r)return this.removeAccountKeyFromMap(e,t),null;const o=this.validateAndParseJson(r);if(!(o&&(n=o,n&&n.hasOwnProperty("homeAccountId")&&n.hasOwnProperty("environment")&&n.hasOwnProperty("realm")&&n.hasOwnProperty("localAccountId")&&n.hasOwnProperty("username")&&n.hasOwnProperty("authorityType"))))return null;var n;const i=Qr.toObject({},o);var s;return this.performanceClient.addFields({accountCachedBy:(s=i.cachedByApiId,"number"==typeof s&&s in Hs?Hs[s]:"unknown")},t),i}async setAccount(e,t,r,o){this.logger.trace("1bz3wr",t);const n=this.generateAccountKey(Jr(e)),i=Date.now().toString();e.lastUpdatedAt=i,e.cachedByApiId=o,await this.setUserData(n,JSON.stringify(e),t,i,r),this.addAccountKeyToMap(n,t),this.performanceClient.addFields({kmsi:r},t)}setAccountKeys(e,t,r=3){0===e.length?this.removeItem(yc(r)):this.setItem(yc(r),JSON.stringify(e),t)}getAccountKeys(){return Tc(this.browserStorage)}addAccountKeyToMap(e,t){this.logger.trace("0rb85k",t),this.logger.tracePii(`1l9bdo ${e}`,t);const r=this.getAccountKeys();return-1===r.indexOf(e)?(r.push(e),this.setItem(yc(),JSON.stringify(r),t),this.logger.verbose("0xia39",t),!0):(this.logger.verbose("0161kk",t),!1)}removeAccountKeyFromMap(e,t){this.logger.trace("1jpigu",t),this.logger.tracePii(`1xzspl ${e}`,t);const r=this.getAccountKeys(),o=r.indexOf(e);o>-1?(r.splice(o,1),this.setAccountKeys(r,t)):this.logger.trace("1dytu2",t)}removeAccount(e,t){const r=this.getActiveAccount(t);r?.homeAccountId===e.homeAccountId&&r?.environment===e.environment&&this.setActiveAccount(null,t),super.removeAccount(e,t),this.removeAccountKeyFromMap(this.generateAccountKey(e),t),this.browserStorage.getKeys().forEach((t=>{t.includes(e.homeAccountId)&&t.includes(e.environment)&&this.browserStorage.removeItem(t)}))}removeIdToken(e,t){super.removeIdToken(e,t);const r=this.getTokenKeys(),o=r.idToken.indexOf(e);o>-1&&(this.logger.info("05udv9",t),r.idToken.splice(o,1),this.setTokenKeys(r,t))}removeAccessToken(e,t,r=!0){super.removeAccessToken(e,t),r&&this.removeAccessTokenKeys([e],t)}removeAccessTokenKeys(e,t,r=3){this.logger.trace("17o18n",t);const o=this.getTokenKeys(r);let n=0;if(e.forEach((e=>{const t=o.accessToken.indexOf(e);t>-1&&(o.accessToken.splice(t,1),n++)})),n>0)return this.logger.info(`15i5d5 ${n}`,t),void this.setTokenKeys(o,t,r)}removeRefreshToken(e,t){super.removeRefreshToken(e,t);const r=this.getTokenKeys(),o=r.refreshToken.indexOf(e);o>-1&&(this.logger.info("1f4fq3",t),r.refreshToken.splice(o,1),this.setTokenKeys(r,t))}getTokenKeys(e=3){return bc(this.clientId,this.browserStorage,e)}setTokenKeys(e,t,r=3){0!==e.idToken.length||0!==e.accessToken.length||0!==e.refreshToken.length?this.setItem(Ic(this.clientId,r),JSON.stringify(e),t):this.removeItem(Ic(this.clientId,r))}getIdTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("1jukz6",t),this.removeIdToken(e,t),null;const o=this.validateAndParseJson(r);return o&&((n=o)&&ko(n)&&n.hasOwnProperty("realm")&&n.credentialType===K.ID_TOKEN)?(this.logger.trace("01ju66",t),o):(this.logger.trace("1jukz6",t),null);var n}async setIdTokenCredential(e,t,r){this.logger.trace("13hjll",t);const o=this.generateCredentialKey(e),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(o,JSON.stringify(e),t,n,r);const i=this.getTokenKeys();-1===i.idToken.indexOf(o)&&(this.logger.info("07jy92",t),i.idToken.push(o),this.setTokenKeys(i,t))}getAccessTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0bqvx8",t),this.removeAccessTokenKeys([e],t),null;const o=this.validateAndParseJson(r);return o&&To(o)?(this.logger.trace("1o81rl",t),o):(this.logger.trace("0bqvx8",t),null)}async setAccessTokenCredential(e,t,r){this.logger.trace("1pondb",t);const o=this.generateCredentialKey(e),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(o,JSON.stringify(e),t,n,r);const i=this.getTokenKeys(),s=i.accessToken.indexOf(o);-1!==s&&i.accessToken.splice(s,1),this.logger.trace("1onhey "+(-1===s?"added to":"updated in"),t),i.accessToken.push(o),this.setTokenKeys(i,t)}getRefreshTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0jlizt",t),this.removeRefreshToken(e,t),null;const o=this.validateAndParseJson(r);return o&&bo(o)?(this.logger.trace("0nokxi",t),o):(this.logger.trace("0jlizt",t),null)}async setRefreshTokenCredential(e,t,r){this.logger.trace("0tcg8d",t);const o=this.generateCredentialKey(e),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(o,JSON.stringify(e),t,n,r);const i=this.getTokenKeys();-1===i.refreshToken.indexOf(o)&&(this.logger.info("0eckjs",t),i.refreshToken.push(o),this.setTokenKeys(i,t))}getAppMetadata(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1q101h",t),null;const o=this.validateAndParseJson(r);return o&&(n=e,(i=o)&&0===n.indexOf(B)&&i.hasOwnProperty("clientId")&&i.hasOwnProperty("environment"))?(this.logger.trace("19pvg2",t),o):(this.logger.trace("1q101h",t),null);var n,i}setAppMetadata(e,t){this.logger.trace("0cyma6",t);const r=function({environment:e,clientId:t}){return[B,e,t].join("-").toLowerCase()}(e);this.setItem(r,JSON.stringify(e),t)}getServerTelemetry(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("0jk19c",t),null;const o=this.validateAndParseJson(r);return o&&function(e,t){const r=0===e.indexOf(Y);let o=!0;return t&&(o=t.hasOwnProperty("failedRequests")&&t.hasOwnProperty("errors")&&t.hasOwnProperty("cacheHits")),r&&o}(e,o)?(this.logger.trace("12jguk",t),o):(this.logger.trace("0jk19c",t),null)}setServerTelemetry(e,t,r){this.logger.trace("1poh61",r),this.setItem(e,JSON.stringify(t),r)}getAuthorityMetadata(e,t){const r=this.internalStorage.getItem(e);if(!r)return this.logger.trace("1r39oe",t),null;const o=this.validateAndParseJson(r);return o&&function(e,t){return!!t&&0===e.indexOf(j)&&t.hasOwnProperty("aliases")&&t.hasOwnProperty("preferred_cache")&&t.hasOwnProperty("preferred_network")&&t.hasOwnProperty("canonical_authority")&&t.hasOwnProperty("authorization_endpoint")&&t.hasOwnProperty("token_endpoint")&&t.hasOwnProperty("issuer")&&t.hasOwnProperty("aliasesFromNetwork")&&t.hasOwnProperty("endpointsFromNetwork")&&t.hasOwnProperty("expiresAt")&&t.hasOwnProperty("jwks_uri")}(e,o)?(this.logger.trace("1ohvk3",t),o):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter((e=>this.isAuthorityMetadata(e)))}setWrapperMetadata(e,t){this.internalStorage.setItem(Us,e),this.internalStorage.setItem(Ls,t)}getWrapperMetadata(){return[this.internalStorage.getItem(Us)||"",this.internalStorage.getItem(Ls)||""]}setAuthorityMetadata(e,t,r){this.logger.trace("07w8n2",r),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(e){const t=this.generateCacheKey(S),r=this.browserStorage.getItem(t);if(!r)return this.logger.trace("08gw0e",e),null;const o=this.validateAndParseJson(r);return o?(this.logger.trace("1t3ch7",e),this.getAccountInfoFilteredBy({homeAccountId:o.homeAccountId,localAccountId:o.localAccountId,tenantId:o.tenantId},e)):(this.logger.trace("0me1up",e),null)}setActiveAccount(e,t){const r=this.generateCacheKey(S);if(e){this.logger.verbose("0rsj80",t);const o={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.setItem(r,JSON.stringify(o),t)}else this.logger.verbose("1bp5z5",t),this.browserStorage.removeItem(r);this.eventHandler.emitEvent(Pc.ACTIVE_ACCOUNT_CHANGED,t)}getThrottlingCache(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1h4wa6",t),null;const o=this.validateAndParseJson(r);return o&&function(e,t){let r=!1;e&&(r=0===e.indexOf(ee));let o=!0;return t&&(o=t.hasOwnProperty("throttleTime")),r&&o}(e,o)?(this.logger.trace("0of6n8",t),o):(this.logger.trace("1h4wa6",t),null)}setThrottlingCache(e,t,r){this.logger.trace("0wfgh6",r),this.setItem(e,JSON.stringify(t),r)}getTemporaryCache(e,t,r){this.logger.trace("1ordf8",t);const o=r?this.generateCacheKey(e):e;return this.temporaryCacheStorage.getItem(o)}setTemporaryCache(e,t,r){const o=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(o,t)}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e)}getKeys(){return this.browserStorage.getKeys()}clear(e){this.removeAllAccounts(e),this.removeAppMetadata(e),this.temporaryCacheStorage.getKeys().forEach((e=>{-1===e.indexOf(cc)&&-1===e.indexOf(this.clientId)||this.removeTemporaryItem(e)})),this.browserStorage.getKeys().forEach((e=>{-1===e.indexOf(cc)&&-1===e.indexOf(this.clientId)||this.browserStorage.removeItem(e)})),this.internalStorage.clear()}generateCacheKey(e){return _e.startsWith(e,cc)?e:`${cc}.${this.clientId}.${e}`}generateCredentialKey(e){const t=e.credentialType===K.REFRESH_TOKEN&&e.familyId||e.clientId,r=e.tokenType&&e.tokenType.toLowerCase()!==X.BEARER.toLowerCase()?e.tokenType.toLowerCase():"";return[`${cc}.3`,e.homeAccountId,e.environment,e.credentialType,t,e.realm||"",e.target||"",r].join("|").toLowerCase()}generateAccountKey(e){const t=e.homeAccountId.split(".")[1];return[`${cc}.3`,e.homeAccountId,e.environment,t||e.tenantId||""].join("|").toLowerCase()}resetRequestCache(e){this.logger.trace("0h0ynu",e),this.removeTemporaryItem(this.generateCacheKey(Ms)),this.removeTemporaryItem(this.generateCacheKey(xs)),this.removeTemporaryItem(this.generateCacheKey(Rs)),this.removeTemporaryItem(this.generateCacheKey(Os)),this.removeTemporaryItem(this.generateCacheKey(Ns)),this.setInteractionInProgress(!1,void 0)}cacheAuthorizeRequest(e,t,r){this.logger.trace("1tzef5",t);const o=Qs(JSON.stringify(e));if(this.setTemporaryCache(Ms,o,!0),r){const e=Qs(r);this.setTemporaryCache(xs,e,!0)}}getCachedRequest(e){this.logger.trace("0uen20",e);const t=this.getTemporaryCache(Ms,e,!0);if(!t)throw is(Pi,"");const r=this.getTemporaryCache(xs,e,!0);let o,n="";try{o=JSON.parse(ss(t)),r&&(n=ss(r))}catch(r){throw this.logger.errorPii(`0ewsey ${t}`,e),this.logger.error(`0tvdic ${r}`,e),is(Ri,"")}return[o,n]}getCachedNativeRequest(){this.logger.trace("1yxcdm","");const e=this.getTemporaryCache(Ns,"",!0);if(!e)return this.logger.trace("0mnxd4",""),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("0rrkip",""),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress()?.clientId;return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${cc}.${qs}`,t=this.getTemporaryCache(e,"",!1);try{return t?JSON.parse(t):null}catch(t){return this.logger.error("0jjyys",""),this.removeTemporaryItem(e),this.resetRequestCache(""),Sa(window),null}}setInteractionInProgress(e,t=Es,r=!1,o=""){const n=`${cc}.${qs}`;if(e){const e=this.getInteractionInProgress();if(e){if(!r)throw is(Ii,"");this.logger.warning(`1pmscr ${e.clientId} ${e.type}`,o),Oa(this.logger,o),this.removeTemporaryItem(n)}this.setTemporaryCache(n,JSON.stringify({clientId:this.clientId,type:t}),!1)}else e||this.getInteractionInProgress()?.clientId!==this.clientId||this.removeTemporaryItem(n)}async hydrateCache(e,t){const r=wo(e.account.homeAccountId,e.account.environment,e.idToken,this.clientId,e.tenantId),o=Co(e.account.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?po(e.expiresOn):0,e.extExpiresOn?po(e.extExpiresOn):0,ss,t.correlationId||"",void 0,e.tokenType,void 0,t.sshKid);t.resource&&(o.resource=t.resource);const n={idToken:r,accessToken:o};return this.saveCacheRecord(n,e.correlationId,br(Tr(e.idToken,ss,e.correlationId)),Fs.hydrateCache)}async saveCacheRecord(e,t,r,o,n){try{await super.saveCacheRecord(e,t,r,o,n)}catch(e){if(e instanceof Ur&&this.performanceClient&&t)try{const e=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:e.refreshToken.length,cacheIdCount:e.idToken.length,cacheAtCount:e.accessToken.length},t)}catch(e){}throw e}}}function Fc(e,t,r,o){try{switch(t){case As.LocalStorage:return new _c(e,r,o);case As.SessionStorage:return new Ec}}catch(e){r.error(e,"")}return new Wa}const Hc=(e,t,r,o)=>new Lc(e,{cacheLocation:As.MemoryStorage,cacheRetentionDays:5},mr,t,r,o);function Dc(e,t,r,o,n){return e.verbose("1yd030",o),r?t.getAllAccounts(n,o):[]}function $c(e,t,r,o){t.trace("0u7b90",o);const n=r.getAccountInfoFilteredBy(e,o);return n?(t.verbose("0btgll",o),n):(t.verbose("0ltaj5",o),null)}function Kc(e,t,r){t.setActiveAccount(e,r)}function Bc(e,t){return e.getActiveAccount(t)}class zc{constructor(e){this.eventCallbacks=new Map,this.logger=e||new wr({},Rc,Oc),"undefined"!=typeof BroadcastChannel&&(this.broadcastChannel=new BroadcastChannel("msal.broadcast.event")),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if("undefined"!=typeof window){const o=r||Ba();return this.eventCallbacks.has(o)?(this.logger.error(`1578i0 ${o}`,""),null):(this.eventCallbacks.set(o,[e,t||[]]),this.logger.verbose(`1cnec4 ${o}`,""),o)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose(`12zotd ${e}`,"")}emitEvent(e,t,r,o,n){const i={eventType:e,interactionType:r||null,payload:o||null,error:n||null,correlationId:t,timestamp:Date.now()};switch(e){case Pc.LOGIN_SUCCESS:case Pc.LOGOUT_SUCCESS:case Pc.ACTIVE_ACCOUNT_CHANGED:this.broadcastChannel?.postMessage(i)}this.invokeCallbacks(i)}invokeCallbacks(e){this.eventCallbacks.forEach((([t,r],o)=>{(0===r.length||r.includes(e.eventType))&&(this.logger.verbose(`15jpwk ${o} ${e.eventType}`,""),t.apply(null,[e]))}))}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){this.broadcastChannel?.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){this.broadcastChannel?.removeEventListener("message",this.invokeCrossTabCallbacks)}}class jc{constructor(e,t,r,o,n,i,s,a,c){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=n,this.navigationClient=i,this.platformAuthProvider=c,this.correlationId=a,this.logger=o.clone(Rc,Oc),this.performanceClient=s}}function Jc(e,t,r,o){r.verbose("0bd1la",o);const n=e||t||"";return Er.getAbsoluteUrl(n,xa(),o)}function Wc(e,t,r,o,n,i,s=!0){if(n.verbose("1p12tq",r),!s)return n.verbose("0tajnr",r),new Un;const a={clientId:t,correlationId:r,apiId:e,forceRefresh:!1,wrapperSKU:o.getWrapperMetadata()[0],wrapperVer:o.getWrapperMetadata()[1]};return new Nn(a,o)}async function Gc(e,t,r,o,n,i,s,a,c){const l=a&&a.hasOwnProperty("instance_aware")?a.instance_aware:void 0,h={protocolMode:e.system.protocolMode,OIDCOptions:e.auth.OIDCOptions,knownAuthorities:e.auth.knownAuthorities,cloudDiscoveryMetadata:e.auth.cloudDiscoveryMetadata,authorityMetadata:e.auth.authorityMetadata},d=i||e.auth.authority,u=l?.length?"true"===l:e.auth.instanceAware,g=c&&u?e.auth.authority.replace(Er.getDomainFromUrl(d,t),c.environment):d,p=wn.generateAuthority(g,s||e.auth.azureCloudOptions),m=await Fo(kn,"authorityFactoryCreateDiscoveredInstance",n,r,t)(p,e.system.networkClient,o,h,n,t,r);if(c&&!m.isAlias(c.environment))throw Se(Ge,t);return m}async function Qc(e,t,r,o,n){if(n)try{e.removeAccount(n,o),r.verbose("0s4z6h",o)}catch(e){r.error("0mgg1d",o)}else try{r.verbose("0zj631",o),e.clear(o),await t.clearKeystore(o)}catch(e){r.error("12ih0c",o)}}async function Vc(e,t,r,o,n){const i=e.authority||t.auth.authority,s=[...e&&e.scopes||[]],a={...e,correlationId:e.correlationId,authority:i,scopes:s};if(a.authenticationScheme){if(a.authenticationScheme===X.SSH){if(!e.sshJwk)throw Se(Ke,"");if(!e.sshKid)throw Se(Be,"")}o.verbose(`1ecmns ${a.authenticationScheme}`,n)}else a.authenticationScheme=X.BEARER,o.verbose("1l4fwv",n);return a}async function Yc(e,t,r,o,n){const i=await Fo(Vc,Jn,n,o,e.correlationId)(e,r,o,n,e.correlationId);return{...e,...i,account:t,forceRefresh:e.forceRefresh||!1}}function Zc(e,t){let r;const o=e.httpMethod;if(t===jr.EAR){if(o&&o!==m)throw Se(Qe,"");r=m}else r=o||p;return r}class Xc extends jc{initializeLogoutRequest(e){this.logger.verbose("0546u4",this.correlationId);const t={correlationId:this.correlationId,...e};if(e)if(e.logoutHint)this.logger.verbose("12k4l4",this.correlationId);else if(e.account){const r=e.account.loginHint||this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("0d7s8p",this.correlationId),t.logoutHint=r)}else this.logger.verbose("0pdtc3",this.correlationId);else this.logger.verbose("07ndze",this.correlationId);return e&&null===e.postLogoutRedirectUri?this.logger.verbose("0ljv63",t.correlationId):e&&e.postLogoutRedirectUri?(this.logger.verbose("1vamm6",t.correlationId),t.postLogoutRedirectUri=Er.getAbsoluteUrl(e.postLogoutRedirectUri,xa(),t.correlationId)):null===this.config.auth.postLogoutRedirectUri?this.logger.verbose("15m5g7",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("1f4xlz",t.correlationId),t.postLogoutRedirectUri=Er.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,xa(),t.correlationId)):(this.logger.verbose("17s5rf",t.correlationId),t.postLogoutRedirectUri=Er.getAbsoluteUrl(xa(),xa(),t.correlationId)),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return this.logger.verbose("0u5bmc",this.correlationId),t.login_hint;this.logger.verbose("0mvp54",this.correlationId)}else this.logger.verbose("1e7bdp",this.correlationId);return null}async createAuthCodeClient(e){const t=await Fo(this.getClientConfiguration.bind(this),Yn,this.logger,this.performanceClient,this.correlationId)(e);return new Tn(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:r,requestAzureCloudOptions:o,requestExtraQueryParameters:n,account:i}=e,s=e.authority||await Fo(Gc,Bn,this.logger,this.performanceClient,this.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,o,n,i),a=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:s,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri,isMcp:this.config.auth.isMcp},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:a.loggerCallback,piiLoggingEnabled:a.piiLoggingEnabled,logLevel:a.logLevel,correlationId:this.correlationId},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:us,version:Oc,cpu:"",os:""},telemetry:this.config.telemetry}}}async function el(e,t,r,o,n,i,s,a){const c=Jc(e.redirectUri,r.auth.redirectUri,i,a);new URL(c).origin!==new URL(window.location.href).origin&&(i.warning("08qbvw",a),s.addFields({isRedirectUriCrossOrigin:!0},a));const l={interactionType:t},h=on(o,e&&e.state||"",l,a),d={...await Fo(Vc,Jn,i,s,a)({...e,correlationId:a},r,s,i,a),redirectUri:c,state:h,nonce:e.nonce||ha(),responseMode:r.auth.OIDCOptions.responseMode},u={...d,httpMethod:Zc(d,r.system.protocolMode)};if(e.loginHint||e.sid)return u;const g=e.account||n.getActiveAccount(a);return g&&(i.verbose("1eqlb3",a),i.verbosePii(`0tf99t ${g.homeAccountId}`,a),u.account=g),u}function tl(e,t,r,o){const n=ur(e);if(!n)throw dr(e)?(r.error(`13pl0s ${t} ${t}`,o),r.errorPii(`1097vx ${t} ${e}`,o),is(mi,o)):(r.error(`18h0l1 ${t} ${t}`,o),is(gi,o));return n}function rl(e,t,r,o){if(!e.state)throw is(pi,o);const n=function(e,t,r){if(!t)return null;try{return nn(e.base64Decode,t,r).libraryState.meta}catch(e){throw Pe(at,r)}}(t,e.state,o);if(!n)throw is(fi,o);if(n.interactionType!==r)throw is(yi,o)}class ol{constructor(e,t,r,o,n){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=o,this.performanceClient=n}async handleCodeResponse(e,t,r){let o;try{o=function(e,t,r){if(Pn(e,t,r),!e.code)throw Pe(Tt,r);return e}(e,t.state,t.correlationId)}catch(e){throw e instanceof rn&&e.subError===ki?is(ki,t.correlationId):e}return Fo(this.handleCodeResponseFromServer.bind(this),Mo,this.logger,this.performanceClient,t.correlationId)(o,t,r)}async handleCodeResponseFromServer(e,t,r,o=!0){if(this.logger.trace("0mf2hb",t.correlationId),this.authCodeRequest.code=e.code,o&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const e=this.createCcsCredentials(t);e&&(this.authCodeRequest.ccsCredential=e)}return await Fo(this.authModule.acquireToken.bind(this.authModule),"authClientAcquireToken",this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,r,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:cn}:e.loginHint?{credential:e.loginHint,type:ln}:null}}class nl extends Te{constructor(e,t,r,o){super(e,t,r||os(e)),Object.setPrototypeOf(this,nl.prototype),this.name="NativeAuthError",this.ext=o}}function il(e){if(e.ext&&e.ext.status&&"DISABLED"===e.ext.status)return!0;if(e.ext&&e.ext.error&&-2147186943===e.ext.error)return!0;switch(e.errorCode){case"ContentError":case"PageException":return!0;default:return!1}}function sl(e,t,r,o){let n;if(o&&o.status){switch(o.status){case"ACCOUNT_UNAVAILABLE":n=tn(Ko,t,os(e));break;case"USER_INTERACTION_REQUIRED":n=new Xo(e,t,r);break;case"USER_CANCEL":n=is(ki,t);break;case"NO_NETWORK":n=is(xi,t);break;case"UI_NOT_ALLOWED":n=tn(zo,t);break;default:n=new nl(e,t,r,o)}return n}return n=new nl(e,t,r,o),n}class al extends Xc{async acquireToken(e){const t=Wc(Fs.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),r=await Fo(this.getClientConfiguration.bind(this),Yn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),o=new An(r,this.performanceClient);this.logger.verbose("0wa871",this.correlationId);try{const t=(await Fo(o.acquireCachedToken.bind(o),"silentFlowClientAcquireCachedToken",this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),t}catch(e){throw e instanceof ns&&e.errorCode===Fi&&this.logger.verbose("06wena",this.correlationId),e}}logout(e){this.logger.verbose("1rkurh",this.correlationId);const t=this.initializeLogoutRequest(e);return Qc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account)}}class cl extends jc{constructor(e,t,r,o,n,i,s,a,c,l,h,d){super(e,t,r,o,n,i,a,d,c),this.apiId=s,this.accountId=l,this.platformAuthProvider=c,this.nativeStorageManager=h,this.silentCacheClient=new al(e,this.nativeStorageManager,r,o,n,i,a,d,c);const u=this.platformAuthProvider.getExtensionName();this.skus=Nn.makeExtraSkuString({libraryName:us,libraryVersion:Oc,extensionName:u,extensionVersion:this.platformAuthProvider.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[Ie]:this.skus}}async acquireToken(e,t){this.logger.trace("03qeos",this.correlationId);const r=this.performanceClient.startMeasurement(zn,this.correlationId),o=go(),n=Wc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled);try{const i=await this.initializePlatformRequest(e);try{const e=await this.acquireTokensFromCache(this.accountId,i);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),e}catch(e){if(t===js.AccessToken)throw this.logger.info("0eitbc",this.correlationId),r.end({success:!1,brokerErrorCode:"cache_request_failed"}),e;this.logger.info("0957j1",this.correlationId)}const s=await this.platformAuthProvider.sendMessage(i);return await this.handleNativeResponse(s,i,o).then((e=>(r.end({success:!0,isNativeBroker:!0,requestId:e.requestId}),n.clearNativeBrokerErrorCode(),e))).catch((e=>{throw r.end({success:!1,errorCode:e.errorCode,subErrorCode:e.subError}),e}))}catch(e){throw e instanceof nl&&n.setNativeBrokerErrorCode(e.errorCode),r.end({success:!1}),e}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:qt.fromString(e.scope,this.correlationId).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("1ndf3e",this.correlationId),Pe(wt,this.correlationId);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e},this.correlationId);if(!r)throw Pe(wt,this.correlationId);try{const e=this.createSilentCacheRequest(t,r),o=await this.silentCacheClient.acquireToken(e),n=this.browserStorage.getIdToken(r,this.correlationId,this.browserStorage.getTokenKeys(),r.tenantId),i=Tr(n?.secret||"",ss,this.correlationId),s=_r(r,void 0,i,n?.secret);return{...o,idToken:n?.secret||"",idTokenClaims:i,account:s}}catch(e){throw e}}async acquireTokenRedirect(e,t,r){this.logger.trace("0luikq",this.correlationId);const o=await this.initializePlatformRequest(e),n=r?.navigateToLoginRequestUrl??!0;try{await this.platformAuthProvider.sendMessage(o)}catch(e){if(e instanceof nl){if(Wc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled).setNativeBrokerErrorCode(e.errorCode),il(e))throw e}}this.browserStorage.setTemporaryCache(Ns,JSON.stringify(o),!0);const i={apiId:Fs.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},s=n?Er.getAbsoluteUrl(e.redirectStartPage||window.location.href,xa(),this.correlationId):Jc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId);t.end({success:!0}),await this.navigationClient.navigateExternal(s,i)}async handleRedirectPromise(){if(this.logger.trace("1c5lhw",this.correlationId),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",this.correlationId),null;const e=this.browserStorage.getCachedNativeRequest();if(!e)return this.logger.verbose("0a6zjb",this.correlationId),this.performanceClient?.addFields({errorCode:"no_cached_request"},this.correlationId),null;const{prompt:t,...r}=e;t&&this.logger.verbose("0ac34v",this.correlationId),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Ns));const o=go();try{this.logger.verbose("003x5a",this.correlationId);const e=await this.platformAuthProvider.sendMessage(r),t=await this.handleNativeResponse(e,r,o);return Wc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled).clearNativeBrokerErrorCode(),this.performanceClient?.addFields({isNativeBroker:!0},this.correlationId),t}catch(e){throw e}}logout(){return this.logger.trace("0u2sjm",this.correlationId),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){this.logger.trace("1bojln",this.correlationId);const o=Tr(e.id_token,ss,this.correlationId),n=this.createHomeAccountIdentifier(e,o),i=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId},this.correlationId)?.homeAccountId;if(t.extraParameters?.child_client_id&&e.account.id!==t.accountId)this.logger.info("1ub1in",this.correlationId);else if(n!==i&&e.account.id!==t.accountId)throw sl("user_switch",this.correlationId);const s=await Gc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t.authority),a=an(this.browserStorage,s,n,ss,this.correlationId,o,e.client_info,s.getPreferredCache(),o.tid,void 0,e.account.id,this.logger,this.performanceClient);e.expires_in=Number(e.expires_in);const c=await this.generateAuthenticationResult(e,t,o,a,s.canonicalAuthority,r);return await this.cacheAccount(a,br(o)),await this.cacheNativeTokens(e,t,n,o,c.tenantId,r,s.getPreferredCache()),c}createHomeAccountIdentifier(e,t){return Gr(e.client_info||"",Dr,this.logger,this.browserCrypto,this.correlationId,t)}generateScopes(e,t){return t?qt.fromString(t,this.correlationId):qt.fromString(e,this.correlationId)}async generatePopAccessToken(e,t){if(t.tokenType===X.POP&&t.signPopToken){if(e.shr)return this.logger.trace("0coqhu",this.correlationId),e.shr;const r=new Do(this.browserCrypto,this.performanceClient),o={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce,correlationId:this.correlationId};if(!t.keyId)throw Pe(St,this.correlationId);return r.signPopToken(e.access_token,t.keyId,o)}return e.access_token}async generateAuthenticationResult(e,t,r,o,n,i){const s=this.addTelemetryFromNativeResponse(e.properties.MATS),a=this.generateScopes(t.scope,e.scope),c=e.account.properties||{},l=c.UID||r.oid||r.sub||"",h=c.TenantId||r.tid||"",d=_r(Jr(o),void 0,r,e.id_token);if(d.nativeAccountId!==e.account.id){d.nativeAccountId=e.account.id;const t=h||d.tenantId,r=d.tenantProfiles?.get(t);r&&(r.nativeAccountId=e.account.id)}const u=await this.generatePopAccessToken(e,t),g=t.tokenType===X.POP?X.POP:X.BEARER;return{authority:n,uniqueId:l,tenantId:h,scopes:a.asArray(),account:d,idToken:e.id_token,idTokenClaims:r,accessToken:u,fromCache:!!s&&this.isResponseFromCache(s),expiresOn:mo(i+e.expires_in),tokenType:g,correlationId:this.correlationId,state:e.state,fromPlatformBroker:!0,...t.resource&&{resource:t.resource}}}async cacheAccount(e,t){await this.browserStorage.setAccount(e,this.correlationId,t,this.apiId),this.browserStorage.removeAccountContext(Jr(e),this.correlationId)}async cacheNativeTokens(e,t,r,o,n,i,s){const a=wo(r,s,e.id_token||"",t.clientId,o.tid||""),c=i+(t.tokenType===X.POP?240:("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0),l=this.generateScopes(e.scope,t.scope),h=Co(r,s,e.access_token,t.clientId,o.tid||n,l.printScopes(),c,0,ss,t.correlationId,void 0,t.tokenType,void 0,t.keyId);a&&!1!==t.storeInCache?.idToken&&await this.browserStorage.setIdTokenCredential(a,this.correlationId,br(o));const d={accessToken:h};return this.nativeStorageManager.saveCacheRecord(d,this.correlationId,br(o),this.apiId,t.storeInCache)}getExpiresInValue(e,t){return e===X.POP?240:("string"==typeof t?parseInt(t,10):t)||0}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.platformAuthProvider.getExtensionId(),extensionVersion:this.platformAuthProvider.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}getMATSFromResponse(e){if(e)try{return JSON.parse(e)}catch(e){this.logger.error("0b3l57",this.correlationId)}return null}isResponseFromCache(e){return void 0===e.is_cached?(this.logger.verbose("1okqev",this.correlationId),!1):!!e.is_cached}async initializePlatformRequest(e){this.logger.trace("1xdm2a",this.correlationId);const t=await this.getCanonicalAuthority(e),r=e.skipBrokerClaims&&e.embeddedClientId?void 0:this.config.auth.clientCapabilities,{scopes:o,claims:n,...i}=e,s=new qt(o||[],this.correlationId);s.appendScopes(f);const a={...i,claims:nr(n,r?.length?r:void 0),accountId:this.accountId,clientId:this.config.auth.clientId,authority:t.urlString,scope:s.printScopes(),redirectUri:Jc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId),prompt:this.getPrompt(e.prompt),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraParameters},extendedExpiryToken:!1,keyId:e.popKid};if(a.signPopToken&&e.popKid)throw is(Vi,this.correlationId);if(this.handleExtraBrokerParams(a),a.extraParameters=a.extraParameters||{},a.extraParameters.telemetry=ms,e.authenticationScheme===X.POP){const t={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce,correlationId:this.correlationId},r=new Do(this.browserCrypto,this.performanceClient);let o;if(a.keyId)o=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:a.keyId})),a.signPopToken=!1;else{const e=await Fo(r.generateCnf.bind(r),xo,this.logger,this.performanceClient,this.correlationId)(t,this.logger);o=e.reqCnfString,a.keyId=e.kid,a.signPopToken=!0}a.reqCnf=o}return this.addRequestSKUs(a),a}async getCanonicalAuthority(e){const t=e.authority||this.config.auth.authority,{azureCloudOptions:r,account:o}=e;o&&await Gc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t,r,void 0,o);const n=new Er(t,this.correlationId);return n.validateAsUri(),n}getPrompt(e){switch(this.apiId){case Fs.ssoSilent:case Fs.acquireTokenSilent_silentFlow:return this.logger.trace("12n1y2",this.correlationId),N.NONE}if(e)switch(e){case N.NONE:case N.CONSENT:case N.LOGIN:return this.logger.trace("0i0hco",this.correlationId),e;default:throw this.logger.trace(`0w3tpw ${e}`,this.correlationId),is(Gi,this.correlationId)}else this.logger.trace("0uid1p",this.correlationId)}handleExtraBrokerParams(e){const t=e.extraParameters&&e.extraParameters.hasOwnProperty(we)&&e.extraParameters.hasOwnProperty(Ce)&&e.extraParameters.hasOwnProperty(ge);if(!e.embeddedClientId&&!t)return;let r="";const o=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,r=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[Ce],r=e.extraParameters[ge]),e.extraParameters={child_client_id:r,child_redirect_uri:o},this.performanceClient?.addFields({embeddedClientId:r,embeddedRedirectUri:o},this.correlationId)}}const ll=new Map([["e","AAD"],["m","MSA"]]);function hl(e,t,r){const o=function(e){if(!e)return null;try{const t=(/%(?:[0-9A-Fa-f]{2})/.test(e)?decodeURIComponent(e):e).split("|");return t.length<5?null:{accountType:ll.get(t[0]?.trim()||"")||"",error:t[1]?.trim()||"",subError:t[2]?.trim()||"",cloudInstance:t[3]?.trim()||"",callerDataBoundary:t[4]?.trim()||""}}catch{return null}}(e.clientdata);o?.accountType&&r.addFields({accountType:o.accountType},t),o?.error&&r.addFields({serverErrorNo:o.error},t),o?.subError&&r.addFields({serverSubErrorNo:o.subError},t)}async function dl(e,t,r,o,n){const i=_n({...e.auth,authority:t},r,o,n);if(Jt(i,{sku:us,version:Oc,os:"",cpu:""}),e.system.protocolMode!==jr.OIDC&&Wt(i,e.telemetry.application),r.platformBroker&&(function(e){e.set("nativebroker","1")}(i),n.addFields({isPlatformAuthorizeRequest:!0},r.correlationId),r.authenticationScheme===X.POP)){const e=new Qa(o,n),t=new Do(e,n);let s;if(r.popKid)s=e.encodeKid(r.popKid);else{s=(await Fo(t.generateCnf.bind(t),xo,o,n,r.correlationId)(r,o)).reqCnfString}ir(i,s)}return Nt(i,r.correlationId,n),i}async function ul(e,t,r,o,n){if(!r.codeChallenge)throw Se(Fe,r.correlationId);const i=await Fo(dl,"getStandardParams",o,n,r.correlationId)(e,t,r,o,n);return Ut(i,U),Qt(i,r.codeChallenge,l),rr(i,{...r.extraQueryParameters,...r.extraParameters}),En(t,i)}async function gl(e,t,r,o,n,i){if(!o.earJwk)throw is(li,o.correlationId);const s=await dl(t,r,o,n,i);Ut(s,L),function(e,t){e.set("ear_jwk",encodeURIComponent(t)),e.set("ear_jwe_crypto","eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}(s,o.earJwk),Qt(s,o.codeChallenge,l),rr(s,{...o.extraParameters});const a=new Map;rr(a,o.extraQueryParameters||{}),jt(a,o.correlationId);return ml(e,En(r,a),s)}async function pl(e,t,r,o,n,i){const s=await dl(t,r,o,n,i);Ut(s,U),Qt(s,o.codeChallenge,o.codeChallengeMethod||l),rr(s,{...o.extraParameters});const a=new Map;rr(a,o.extraQueryParameters||{}),jt(a,o.correlationId);return ml(e,En(r,a),s)}function ml(e,t,r){const o=e.createElement("form");return o.method="post",o.action=t,r.forEach(((t,r)=>{const n=e.createElement("input");n.hidden=!0,n.name=r,n.value=t,o.appendChild(n)})),e.body.appendChild(o),o}async function fl(e,t,r,o,n,i,s,a,c,l){if(a.verbose("11qcow",e.correlationId),!l)throw is(Ji,e.correlationId);const h=new Qa(a,c),d=new cl(o,n,h,a,s,o.system.navigationClient,r,c,l,t,i,e.correlationId),{userRequestState:u}=nn(h.base64Decode,e.state,e.correlationId);return Fo(d.acquireToken.bind(d),zn,a,c,e.correlationId)({...e,state:u,prompt:void 0})}async function yl(e,t,r,o,n,i,s,a,c,l,h,d){if(un.removeThrottle(s,n.auth.clientId,e),hl(t,e.correlationId,h),t.accountId)return Fo(fl,ei,l,h,e.correlationId)(e,t.accountId,o,n,s,a,c,l,h,d);const u={...e,code:t.code||"",codeVerifier:r},g=new ol(i,s,u,l,h);return await Fo(g.handleCodeResponse.bind(g),"handleCodeResponse",l,h,e.correlationId)(t,e,o)}async function Il(e,t,r,o,n,i,s,a,c,l,h){if(un.removeThrottle(i,o.auth.clientId,e),hl(t,e.correlationId,l),Pn(t,e.state,e.correlationId),!t.ear_jwe)throw is(hi,e.correlationId);if(!e.earJwk)throw is(li,e.correlationId);const d=JSON.parse(await Fo(ga,"decryptEarResponse",c,l,e.correlationId)(e.earJwk,t.ear_jwe));if(d.accountId)return Fo(fl,ei,c,l,e.correlationId)(e,d.accountId,r,o,i,s,a,c,l,h);const u=new sn(o.auth.clientId,i,new Qa(c,l),c,l,null,null);u.validateTokenResponse(d,e.correlationId);const g={code:"",state:e.state,nonce:e.nonce,client_info:d.client_info,cloud_graph_host_name:d.cloud_graph_host_name,cloud_instance_host_name:d.cloud_instance_host_name,cloud_instance_name:d.cloud_instance_name,msgraph_host:d.msgraph_host};return await Fo(u.handleServerTokenResponse.bind(u),qo,c,l,e.correlationId)(d,n,go(),e,r,g,void 0,void 0,void 0,void 0)}async function wl(e,t,r){const o=Lo(Cl,"generateCodeVerifier",t,e,r)(e,t,r);return{verifier:o,challenge:await Fo(vl,"generateCodeChallengeFromVerifier",t,e,r)(o,e,t,r)}}function Cl(e,t,r){try{const o=new Uint8Array(32);Lo(ca,"getRandomValues",t,e,r)(o);return Gs(o)}catch(e){throw is(ci,r)}}async function vl(e,t,r,o){try{const n=await Fo(aa,"sha256Digest",r,t,o)(e);return Gs(new Uint8Array(n))}catch(e){throw is(ci,o)}}class kl{navigateInternal(e,t){return kl.defaultNavigateWindow(e,t)}navigateExternal(e,t){return kl.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(((e,r)=>{setTimeout((()=>{r(is(es,"","failed_to_redirect"))}),t.timeout)}))}}class Tl{async sendGetRequestAsync(e,t){let r,o={},n=0;const i=bl(t);try{r=await fetch(e,{method:Ss,headers:i})}catch(e){throw pn(is(window.navigator.onLine?Ni:xi,""),void 0,void 0,e)}o=Al(r.headers);try{return n=r.status,{headers:o,body:await r.json(),status:n}}catch(e){throw pn(is(Ui,""),n,o,e)}}async sendPostRequestAsync(e,t){const r=t&&t.body||"",o=bl(t);let n,i=0,s={};try{n=await fetch(e,{method:_s,headers:o,body:r})}catch(e){throw pn(is(window.navigator.onLine?qi:xi,""),void 0,void 0,e)}s=Al(n.headers);try{return i=n.status,{headers:s,body:await n.json(),status:i}}catch(e){throw pn(is(Ui,""),i,s,e)}}}function bl(e){try{const t=new Headers;if(!e||!e.headers)return t;const r=e.headers;return Object.entries(r).forEach((([e,r])=>{t.append(e,r)})),t}catch(e){throw pn(is(Yi,""),void 0,void 0,e)}}function Al(e){try{const t={};return e.forEach(((e,r)=>{t[r]=e})),t}catch(e){throw is(Zi,"")}}function Sl({auth:r,cache:o,system:n,experimental:i,telemetry:l},h){const d={clientId:"",authority:`${t}`,knownAuthorities:[],cloudDiscoveryMetadata:"",authorityMetadata:"",redirectUri:"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:"",postLogoutRedirectUri:"",clientCapabilities:[],OIDCOptions:{responseMode:F.FRAGMENT,defaultScopes:[s,a,c]},azureCloudOptions:{azureCloudInstance:kr.None,tenant:""},instanceAware:!1,isMcp:!1,verifySSO:!1},u={cacheLocation:As.SessionStorage,cacheRetentionDays:5},g={loggerCallback:()=>{},logLevel:e.LogLevel.Info,piiLoggingEnabled:!1},p={...{...ro,loggerOptions:g,networkClient:h?new Tl:Sn,navigationClient:new kl,popupBridgeTimeout:n?.popupBridgeTimeout||6e4,iframeBridgeTimeout:n?.iframeBridgeTimeout||1e4,redirectNavigationTimeout:3e4,allowRedirectInIframe:!1,navigatePopups:!0,allowPlatformBroker:!1,nativeBrokerHandshakeTimeout:n?.nativeBrokerHandshakeTimeout||2e3,protocolMode:jr.AAD,serverTelemetryEnabled:!1},...n,loggerOptions:n?.loggerOptions||g},m={application:{appName:"",appVersion:""},client:new to};if(n?.protocolMode!==jr.OIDC&&r?.OIDCOptions){new wr(p.loggerOptions,Rc,Oc).warning(JSON.stringify(Se(Je,"")),"")}if(n?.protocolMode&&n.protocolMode===jr.OIDC&&p?.allowPlatformBroker)throw Se(We,"");return{auth:{...d,...r,OIDCOptions:{...d.OIDCOptions,...r?.OIDCOptions}},cache:{...u,...o},system:p,experimental:{iframeTimeoutTelemetry:!1,allowPlatformBrokerWithDOM:!1,...i},telemetry:{...m,...l}}}class _l{constructor(e,t,r,o){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=o,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=this.performanceClient.startMeasurement("nativeMessageHandlerHandshake"),this.platformAuthType=Cs}async sendMessage(e){this.logger.trace(`0on4p2 ${this.platformAuthType}`,e.correlationId);const t={method:Ts,request:e},r={channel:gs,extensionId:this.extensionId,responseId:ha(),body:t};this.logger.trace(`1qadfi ${this.platformAuthType}`,e.correlationId),this.logger.tracePii(`1xm533 ${this.platformAuthType} ${JSON.stringify(r)}`,e.correlationId),this.messageChannel.port1.postMessage(r);const o=await new Promise(((e,t)=>{this.resolvers.set(r.responseId,{resolve:e,reject:t})}));return this.validatePlatformBrokerResponse(o)}static async createProvider(e,t,r,o){e.trace("15zfnw",o);try{const n=new _l(e,t,r,ps);return await n.sendHandshakeRequest(o),n}catch(n){const i=new _l(e,t,r);return await i.sendHandshakeRequest(o),i}}async sendHandshakeRequest(e){this.logger.trace(`1dpg9o ${this.platformAuthType}`,e),window.addEventListener("message",this.windowListener,!1);const t={channel:gs,extensionId:this.extensionId,responseId:ha(),body:{method:vs}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=e=>{this.onChannelMessage(e)},window.postMessage(t,window.origin,[this.messageChannel.port2]),new Promise(((e,r)=>{this.handshakeResolvers.set(t.responseId,{resolve:e,reject:r}),this.timeoutId=window.setTimeout((()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(is(zi,"")),this.handshakeResolvers.delete(t.responseId)}),this.handshakeTimeoutMs)}))}onWindowMessage(e){const t=Ba();if(this.logger.trace(`0jpn5u ${this.platformAuthType}`,t),e.source!==window)return;const r=e.data;if(r.channel&&r.channel===gs&&(!r.extensionId||r.extensionId===this.extensionId)&&r.body.method===vs){const e=this.handshakeResolvers.get(r.responseId);if(!e)return void this.logger.trace(`07buhm ${this.platformAuthType} ${r.responseId}`,t);this.logger.verbose(r.extensionId?`0xrkug ${r.extensionId}`:"No extension installed",t),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),e.reject(is(ji,""))}}onChannelMessage(e){const t=Ba();this.logger.trace(`1py8yf ${this.platformAuthType}`,t);const r=e.data,o=this.resolvers.get(r.responseId),n=this.handshakeResolvers.get(r.responseId);try{const e=r.body.method;if(e===bs){if(!o)return;const e=r.body.response;if(this.logger.trace(`19hpgm ${this.platformAuthType}`,t),this.logger.tracePii(`179a24 ${this.platformAuthType} ${JSON.stringify(e)}`,t),"Success"!==e.status)o.reject(sl(e.code,t,e.description,e.ext));else{if(!e.result)throw be(Mn,t,"Event does not contain result.");e.result.code&&e.result.description?o.reject(sl(e.result.code,t,e.result.description,e.result.ext)):o.resolve(e.result)}this.resolvers.delete(r.responseId)}else if(e===ks){if(!n)return void this.logger.trace(`082qnt ${this.platformAuthType} ${r.responseId}`,t);clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=r.extensionId,this.extensionVersion=r.body.version,this.logger.verbose(`0yf5ib ${this.platformAuthType} ${this.extensionId}`,t),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),n.resolve(),this.handshakeResolvers.delete(r.responseId)}}catch(r){this.logger.error("0xf978",t),this.logger.errorPii(`04i99o ${r}`,t),this.logger.errorPii(`0xdvsy ${e}`,t),o?o.reject(r):n&&n.reject(r)}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw be(Mn,"","Response missing expected properties.")}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}getExtensionName(){return this.getExtensionId()===ps?"chrome":this.getExtensionId()?.length?"unknown":void 0}}class El{constructor(e,t,r){this.logger=e,this.performanceClient=t,this.correlationId=r,this.platformAuthType=ws}static async createProvider(e,t,r){if(e.trace("12mj4a",r),window.navigator?.platformAuthentication){const o=await window.navigator.platformAuthentication.getSupportedContracts(fs);if(o?.includes(Is))return e.trace("1h5q1r",r),new El(e,t,r)}}getExtensionId(){return fs}getExtensionVersion(){return""}getExtensionName(){return ys}async sendMessage(e){this.logger.trace(`02bcil ${this.platformAuthType}`,e.correlationId);try{const t=this.initializePlatformDOMRequest(e),r=await window.navigator.platformAuthentication.executeGetToken(t);return this.validatePlatformBrokerResponse(r,e.correlationId)}catch(t){throw this.logger.error(`11im7g ${this.platformAuthType}`,e.correlationId),t}}initializePlatformDOMRequest(e){this.logger.trace(`15d6yv ${this.platformAuthType}`,e.correlationId);const{accountId:t,clientId:r,authority:o,scope:n,redirectUri:i,correlationId:s,state:a,storeInCache:c,embeddedClientId:l,extraParameters:h,...d}=e,u=this.getDOMExtraParams(d,s);return{accountId:t,brokerId:this.getExtensionId(),authority:o,clientId:r,correlationId:s||this.correlationId,extraParameters:{...h,...u},isSecurityTokenService:!1,redirectUri:i,scope:n,state:a,storeInCache:c,embeddedClientId:l}}validatePlatformBrokerResponse(e,t){if(e.hasOwnProperty("isSuccess")){if(e.hasOwnProperty("accessToken")&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("clientInfo")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scopes")&&e.hasOwnProperty("expiresIn"))return this.logger.trace(`0h4vei ${this.platformAuthType}`,t),this.convertToPlatformBrokerResponse(e,t);if(e.hasOwnProperty("error")){const r=e;if(!1===r.isSuccess&&r.error&&r.error.code)throw this.logger.trace(`0g92vm ${this.platformAuthType}`,t),sl(r.error.code,t,r.error.description,{error:parseInt(r.error.errorCode),protocol_error:r.error.protocolError,status:r.error.status,properties:r.error.properties})}}throw be(Mn,t,"Response missing expected properties.")}convertToPlatformBrokerResponse(e,t){this.logger.trace(`14913t ${this.platformAuthType}`,t);return{access_token:e.accessToken,id_token:e.idToken,client_info:e.clientInfo,account:e.account,expires_in:e.expiresIn,scope:e.scopes,state:e.state||"",properties:e.properties||{},extendedLifetimeToken:e.extendedLifetimeToken??!1,shr:e.proofOfPossessionPayload}}getDOMExtraParams(e,t){try{const t={};for(const[r,o]of Object.entries(e))o&&(t[r]="object"==typeof o?JSON.stringify(o):String(o));return t}catch(e){return this.logger.error(`0eu9o3 ${this.platformAuthType}`,t),this.logger.errorPii(`17rpl5 ${this.platformAuthType} ${e}`,t),{}}}}async function Pl(e,t,r,o,n){let i;e.trace("134j0v",r),e.trace(`04c81g ${n}`,r);try{n&&(i=await El.createProvider(e,t,r)),i||(e.trace("0l3na8",r),i=await _l.createProvider(e,o||2e3,t,r))}catch(t){e.trace("0icbd7",t)}return i}function Rl(e,t,r,o,n){if(t.trace("0uko3r",r),!e.system.allowPlatformBroker&&e.experimental.allowPlatformBrokerWithDOM)throw Se(Ve,"");if(!e.system.allowPlatformBroker)return t.trace("04hozs",r),!1;if(!o)return t.trace("0kvv1r",r),!1;if(n)switch(n){case X.BEARER:case X.POP:return t.trace("18tev1",r),!0;default:return t.trace("1dd2nh",r),!1}return!0}class Ol extends Xc{constructor(e,t,r,o,n,i,s,a,c,l,h){super(e,t,r,o,n,i,s,c,l),this.nativeStorage=a,this.eventHandler=n,this.waitForPopupResponseHook=h}acquireToken(e,t){let r;try{if(r={popupName:this.generatePopupName(e.scopes||f,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window},this.performanceClient.addFields({isAsyncPopup:!this.config.system.navigatePopups},this.correlationId),this.config.system.navigatePopups){const o={...e,httpMethod:Zc(e,this.config.system.protocolMode)};return this.logger.verbose("1f9ok3",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.acquireTokenPopupAsync(o,r,t)}return this.logger.verbose("162h4u",this.correlationId),this.acquireTokenPopupAsync(e,r,t)}catch(e){return Promise.reject(e)}}logout(e){try{this.logger.verbose("068rup",this.correlationId);const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:e?.popupWindowAttributes||{},popupWindowParent:e?.popupWindowParent??window},o=e&&e.authority,n=e&&e.mainWindowRedirectUri;return this.config.system.navigatePopups?(this.logger.verbose("1a28da",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,o,n)):(this.logger.verbose("1phd8u",this.correlationId),this.logoutPopupAsync(t,r,o,n))}catch(e){return Promise.reject(e)}}async acquireTokenPopupAsync(t,r,o){this.logger.verbose("1g77pg",this.correlationId);const n=await Fo(el,Zn,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Popup,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.popup&&Ka(n.authority);const i=Rl(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);return n.platformBroker=i,this.config.system.protocolMode===jr.EAR?this.executeEarFlow(n,r,o):this.executeCodeFlow(n,r,o)}async executeCodeFlow(t,r,o){const n=t.correlationId,i=Wc(Fs.acquireTokenPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),s=o||await Fo(wl,ni,this.logger,this.performanceClient,n)(this.performanceClient,this.logger,n),a={...t,codeChallenge:s.challenge};try{const o=await Fo(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,n)({serverTelemetryManager:i,requestAuthority:a.authority,requestAzureCloudOptions:a.azureCloudOptions,requestExtraQueryParameters:a.extraQueryParameters,account:a.account});if(a.httpMethod===m)return await this.executeCodeFlowWithPost(a,r,o,s.verifier);{const i=await Fo(ul,Oo,this.logger,this.performanceClient,n)(this.config,o.authority,a,this.logger,this.performanceClient),c=this.initiateAuthRequest(i,r);this.eventHandler.emitEvent(Pc.POPUP_OPENED,n,e.InteractionType.Popup,{popupWindow:c},null);const l=await this.waitForPopupResponse(t,c,r.popupWindowParent),h=Lo(tl,ri,this.logger,this.performanceClient,this.correlationId)(l,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return await Fo(yl,ti,this.logger,this.performanceClient,n)(t,h,s.verifier,Fs.acquireTokenPopup,this.config,o,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}catch(e){throw r.popup?.close(),e instanceof Te&&(e.correlationId=this.correlationId,i.cacheFailedRequest(e)),e}}async executeEarFlow(e,t,r){const{correlationId:o,authority:n,azureCloudOptions:i,extraQueryParameters:s,account:a}=e,c=await Fo(Gc,Bn,this.logger,this.performanceClient,o)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,n,i,s,a),l=await Fo(ua,ai,this.logger,this.performanceClient,o)(),h=r||await Fo(wl,ni,this.logger,this.performanceClient,o)(this.performanceClient,this.logger,o),d={...e,earJwk:l,codeChallenge:h.challenge},u=t.popup||this.openPopup("about:blank",t);(await gl(u.document,this.config,c,d,this.logger,this.performanceClient)).submit();const g=await Fo(this.waitForPopupResponse.bind(this),Qn,this.logger,this.performanceClient,o)(d,u,t.popupWindowParent),p=Lo(tl,ri,this.logger,this.performanceClient,this.correlationId)(g,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);if(!p.ear_jwe&&p.code){const t=await Fo(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,o)({serverTelemetryManager:Wc(Fs.acquireTokenPopup,this.config.auth.clientId,o,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:c});return Fo(yl,ti,this.logger,this.performanceClient,o)(d,p,h.verifier,Fs.acquireTokenPopup,this.config,t,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Fo(Il,Xn,this.logger,this.performanceClient,o)(d,p,Fs.acquireTokenPopup,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async executeCodeFlowWithPost(e,t,r,o){const n=e.correlationId,i=await Fo(Gc,Bn,this.logger,this.performanceClient,n)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger),s=t.popup||this.openPopup("about:blank",t);(await pl(s.document,this.config,i,e,this.logger,this.performanceClient)).submit();const a=await Fo(this.waitForPopupResponse.bind(this),Qn,this.logger,this.performanceClient,n)(e,s,t.popupWindowParent),c=Lo(tl,ri,this.logger,this.performanceClient,this.correlationId)(a,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return Fo(yl,ti,this.logger,this.performanceClient,n)(e,c,o,Fs.acquireTokenPopup,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async logoutPopupAsync(t,r,o,n){this.logger.verbose("0b7yrk",this.correlationId),this.eventHandler.emitEvent(Pc.LOGOUT_START,this.correlationId,e.InteractionType.Popup,t);const i=Wc(Fs.logoutPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled);try{await Qc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account);const s=await Fo(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:i,requestAuthority:o,account:t.account||void 0});try{s.authority.endSessionEndpoint}catch{if(t.account?.homeAccountId&&t.postLogoutRedirectUri&&s.authority.protocolMode===jr.OIDC){if(this.eventHandler.emitEvent(Pc.LOGOUT_SUCCESS,t.correlationId,e.InteractionType.Popup,t),n){const e={apiId:Fs.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=Er.getAbsoluteUrl(n,xa(),this.correlationId);await this.navigationClient.navigateInternal(t,e)}return void r.popup?.close()}}t.state=on(this.browserCrypto,t.state||"",{interactionType:e.InteractionType.Popup},t.correlationId);const a=s.getLogoutUri(t);this.eventHandler.emitEvent(Pc.LOGOUT_SUCCESS,t.correlationId,e.InteractionType.Popup,t);const c=this.openPopup(a,r);if(this.eventHandler.emitEvent(Pc.POPUP_OPENED,t.correlationId,e.InteractionType.Popup,{popupWindow:c},null),await this.waitForPopupResponse(t,c,r.popupWindowParent).catch((()=>{})),n){const e={apiId:Fs.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=Er.getAbsoluteUrl(n,xa(),this.correlationId);this.logger.verbose("0qcur2",this.correlationId),this.logger.verbosePii(`0oj7lk ${t}`,this.correlationId),await this.navigationClient.navigateInternal(t,e)}else this.logger.verbose("03zgcf",this.correlationId)}catch(t){throw r.popup?.close(),t instanceof Te&&(t.correlationId=this.correlationId,i.cacheFailedRequest(t)),this.eventHandler.emitEvent(Pc.LOGOUT_FAILURE,this.correlationId,e.InteractionType.Popup,null,t),this.eventHandler.emitEvent(Pc.LOGOUT_END,this.correlationId,e.InteractionType.Popup),t}this.eventHandler.emitEvent(Pc.LOGOUT_END,this.correlationId,e.InteractionType.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii(`1kcr9k ${e}`,this.correlationId),this.openPopup(e,t);throw this.logger.error("1l7hyp",this.correlationId),is(ui,this.correlationId)}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii(`0cgeo7 ${e}`,this.correlationId),r.location.assign(e)):void 0===t.popup&&(this.logger.verbosePii(`0c2awd ${e}`,this.correlationId),r=this.openSizedPopup(e,t)),!r)throw is(vi,this.correlationId);try{r.document.title="Microsoft Authentication"}catch(e){"undefined"!=typeof DOMException&&e instanceof DOMException&&"SecurityError"===e.name||this.logger.verbose("1s1yfs",this.correlationId)}return r.focus&&r.focus(),this.currentWindow=r,r}catch(e){throw this.logger.error(`0dxfb9 ${e.message}`,this.correlationId),is(Ci,this.correlationId)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:o}){const n=o.screenLeft?o.screenLeft:o.screenX,i=o.screenTop?o.screenTop:o.screenY,s=o.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,a=o.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let c=r.popupSize?.width,l=r.popupSize?.height,h=r.popupPosition?.top,d=r.popupPosition?.left;return(!c||c<0||c>s)&&(this.logger.verbose("08vfmo",this.correlationId),c=ls),(!l||l<0||l>a)&&(this.logger.verbose("09cxa0",this.correlationId),l=hs),(!h||h<0||h>a)&&(this.logger.verbose("1qh4wo",this.correlationId),h=Math.max(0,a/2-hs/2+i)),(!d||d<0||d>s)&&(this.logger.verbose("1sz3en",this.correlationId),d=Math.max(0,s/2-ls/2+n)),o.open(e,t,`width=${c}, height=${l}, top=${h}, left=${d}, scrollbars=yes`)}generatePopupName(e,t){return`${ds}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${ds}.${this.config.auth.clientId}.${t}.${this.correlationId}`}async waitForPopupResponse(e,t,r){return this.waitForPopupResponseHook?this.waitForPopupResponseHook(e,t,r):Ma(this.config.system.popupBridgeTimeout,this.logger,e,this.performanceClient)}}class Ml extends Xc{constructor(e,t,r,o,n,i,s,a,c,l){super(e,t,r,o,n,i,s,c,l),this.nativeStorage=a}async acquireToken(t){const r=await Fo(el,Zn,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Redirect,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.platformBroker=Rl(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);const o=t=>{t.persisted&&(this.logger.verbose("0udvtt",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),this.eventHandler.emitEvent(Pc.RESTORE_FROM_BFCACHE,this.correlationId,e.InteractionType.Redirect))},n=this.getRedirectStartPage(t.redirectStartPage);this.logger.verbosePii(`0zao0a ${n}`,this.correlationId),this.browserStorage.setTemporaryCache(Rs,n,!0),window.addEventListener("pageshow",o);try{this.config.system.protocolMode===jr.EAR?await this.executeEarFlow(r):await this.executeCodeFlow(r)}catch(e){throw e instanceof Te&&(e.correlationId=this.correlationId),window.removeEventListener("pageshow",o),e}}async executeCodeFlow(e){const t=e.correlationId,r=Wc(Fs.acquireTokenRedirect,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),o=await Fo(wl,ni,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),n={...e,codeChallenge:o.challenge};this.browserStorage.cacheAuthorizeRequest(n,this.correlationId,o.verifier);try{if(n.httpMethod===m)return await this.executeCodeFlowWithPost(n);{const t=await Fo(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:r,requestAuthority:n.authority,requestAzureCloudOptions:n.azureCloudOptions,requestExtraQueryParameters:n.extraQueryParameters,account:n.account}),o=await Fo(ul,Oo,this.logger,this.performanceClient,e.correlationId)(this.config,t.authority,n,this.logger,this.performanceClient);return await this.initiateAuthRequest(o)}}catch(e){throw e instanceof Te&&(e.correlationId=this.correlationId,r.cacheFailedRequest(e)),e}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:o,extraQueryParameters:n,account:i}=e,s=await Fo(Gc,Bn,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,o,n,i),a=await Fo(ua,ai,this.logger,this.performanceClient,t)(),c=await Fo(wl,ni,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),l={...e,earJwk:a,codeChallenge:c.challenge};this.browserStorage.cacheAuthorizeRequest(l,this.correlationId,c.verifier);return(await gl(document,this.config,s,l,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(is(es,"","failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async executeCodeFlowWithPost(e){const t=e.correlationId,r=await Fo(Gc,Bn,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger);this.browserStorage.cacheAuthorizeRequest(e,this.correlationId);return(await pl(document,this.config,r,e,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(is(es,"","failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async handleRedirectPromise(e,t,r,o){const n=document.title;document.title="Microsoft Authentication";const i=Wc(Fs.handleRedirectPromise,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),s=o?.navigateToLoginRequestUrl??!0;try{const[n,a]=this.getRedirectResponse(o?.hash||"");if(!n)return this.logger.info("1qmv0q",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),"back_forward"!==function(){if("undefined"==typeof window||void 0===window.performance||"function"!=typeof window.performance.getEntriesByType)return;const e=window.performance.getEntriesByType("navigation"),t=e.length?e[0]:void 0;return t?.type}()?r.event.errorCode="no_server_response":this.logger.verbose("1eqegq",this.correlationId),null;const c=this.browserStorage.getTemporaryCache(Rs,this.correlationId,!0)||"",l=pr(c,this.logger,this.correlationId);if(l===pr(window.location.href,this.logger,this.correlationId)&&s){this.logger.verbose("11yred",this.correlationId),c.indexOf("#")>-1&&_a(c);return await this.handleResponse(n,e,t,i)}if(!s)return this.logger.verbose("0v4sdv",this.correlationId),await this.handleResponse(n,e,t,i);if(!Ea()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(Os,a,!0);const r={apiId:Fs.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let o=!0;if(c)this.logger.verbose(`08jpy1 ${c}`,this.correlationId),o=await this.navigationClient.navigateInternal(c,r);else{const e=qa(this.correlationId);this.browserStorage.setTemporaryCache(Rs,e,!0),this.logger.warning("1dutq1",this.correlationId),o=await this.navigationClient.navigateInternal(e,r)}if(!o)return await this.handleResponse(n,e,t,i)}return null}catch(e){throw e instanceof Te&&(e.correlationId=this.correlationId,i.cacheFailedRequest(e)),e}finally{document.title=n}}getRedirectResponse(t){this.logger.verbose("1c5i8m",this.correlationId);let r=t;r||(r=this.config.auth.OIDCOptions.responseMode===F.QUERY?window.location.search:window.location.hash);let o=ur(r);if(o){try{rl(o,this.browserCrypto,e.InteractionType.Redirect,this.correlationId)}catch(e){return e instanceof Te&&this.logger.error(`0bkq6p ${e.errorCode} ${e.errorMessage}`,this.correlationId),[null,""]}return Sa(window),this.logger.verbose("00uvho",this.correlationId),[o,r]}const n=this.browserStorage.getTemporaryCache(Os,this.correlationId,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Os)),n&&(o=ur(n),o)?(this.logger.verbose("001671",this.correlationId),[o,n]):[null,""]}async handleResponse(e,t,r,o){if(!e.state)throw is(pi,t.correlationId);const{authority:n,azureCloudOptions:i,extraQueryParameters:s,account:a}=t;if(e.ear_jwe){const r=await Fo(Gc,Bn,this.logger,this.performanceClient,t.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,n,i,s,a);return Fo(Il,Xn,this.logger,this.performanceClient,t.correlationId)(t,e,Fs.acquireTokenRedirect,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}const c=await Fo(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:o,requestAuthority:t.authority});return Fo(yl,ti,this.logger,this.performanceClient,t.correlationId)(t,e,r,Fs.acquireTokenRedirect,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async initiateAuthRequest(e){if(this.logger.verbose("0yaw2e",this.correlationId),e){this.logger.infoPii(`1luf83 ${e}`,this.correlationId);const t={apiId:Fs.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},r=this.config.auth.onRedirectNavigate;if("function"==typeof r){this.logger.verbose("1nehvl",this.correlationId);return!1!==r(e)?(this.logger.verbose("1a0jxh",this.correlationId),void await this.navigationClient.navigateExternal(e,t)):void this.logger.verbose("09k5h5",this.correlationId)}return this.logger.verbose("0klwf7",this.correlationId),void await this.navigationClient.navigateExternal(e,t)}throw this.logger.info("0rlh4e",this.correlationId),is(ui,this.correlationId)}async logout(t){this.logger.verbose("1rkurh",this.correlationId);const r=this.initializeLogoutRequest(t),o=Wc(Fs.logout,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled);try{this.eventHandler.emitEvent(Pc.LOGOUT_START,this.correlationId,e.InteractionType.Redirect,t),await Qc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,r.account);const n={apiId:Fs.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=await Fo(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:o,requestAuthority:t&&t.authority,requestExtraQueryParameters:t?.extraQueryParameters,account:t&&t.account||void 0});if(i.authority.protocolMode===jr.OIDC)try{i.authority.endSessionEndpoint}catch{if(r.account?.homeAccountId)return void this.eventHandler.emitEvent(Pc.LOGOUT_SUCCESS,this.correlationId,e.InteractionType.Redirect,r)}r.state=on(this.browserCrypto,r.state||"",{interactionType:e.InteractionType.Redirect},r.correlationId);const s=i.getLogoutUri(r);r.account?.homeAccountId&&this.eventHandler.emitEvent(Pc.LOGOUT_SUCCESS,this.correlationId,e.InteractionType.Redirect,r);const a=this.config.auth.onRedirectNavigate;if("function"!=typeof a)return this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Ps),void await this.navigationClient.navigateExternal(s,n);if(!1!==a(s))return this.logger.verbose("06v57e",this.correlationId),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Ps),void await this.navigationClient.navigateExternal(s,n);this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("0xqes1",this.correlationId)}catch(t){throw t instanceof Te&&(t.correlationId=this.correlationId,o.cacheFailedRequest(t)),this.eventHandler.emitEvent(Pc.LOGOUT_FAILURE,this.correlationId,e.InteractionType.Redirect,null,t),this.eventHandler.emitEvent(Pc.LOGOUT_END,this.correlationId,e.InteractionType.Redirect),t}this.eventHandler.emitEvent(Pc.LOGOUT_END,this.correlationId,e.InteractionType.Redirect)}getRedirectStartPage(e){const t=e||window.location.href,r=Er.getAbsoluteUrl(t,xa(),this.correlationId);return function(e,t,r){try{new URL(e)}catch(e){throw t?.error(`1lrjz7 ${e}`,r||""),Se(Me,r||"")}}(r,this.logger,this.correlationId),r}}async function xl(e,t,r,o){if(!t)throw r.info("1l7hyp",o),is(ui,o);return e.src=t,e}async function ql(e,t,r,o,n,i){if(!e.contentDocument)throw"No document associated with iframe!";return(await pl(e.contentDocument,t,r,o,n,i)).submit(),e}async function Nl(e,t,r,o,n,i){if(!e.contentDocument)throw"No document associated with iframe!";return(await gl(e.contentDocument,t,r,o,n,i)).submit(),e}function Ul(){const e=document.createElement("iframe");return e.className="msalSilentIframe",e.title="Microsoft Authentication",e.style.visibility="hidden",e.style.position="absolute",e.style.width=e.style.height="0",e.style.border="0",e.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),e.setAttribute("allow","local-network-access *"),document.body.appendChild(e),e}function Ll(e){document.body===e.parentNode&&document.body.removeChild(e)}class Fl extends Xc{constructor(e,t,r,o,n,i,s,a,c,l,h,d){super(e,t,r,o,n,i,a,l,h),this.apiId=s,this.nativeStorage=c,this.waitForIframeResponseHook=d}async acquireToken(t){t.loginHint||t.sid||t.account&&t.account.username||this.logger.warning("1kl318",this.correlationId);const r={...t};r.prompt?r.prompt!==N.NONE&&r.prompt!==N.NO_SESSION&&(this.logger.warning(`0bmctg ${r.prompt} ${N.NONE}`,this.correlationId),r.prompt=N.NONE):r.prompt=N.NONE;const o=await Fo(el,Zn,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);return o.platformBroker=Rl(this.config,this.logger,this.correlationId,this.platformAuthProvider,o.authenticationScheme),Ka(o.authority),this.config.system.protocolMode===jr.EAR?this.executeEarFlow(o):this.executeCodeFlow(o)}async executeCodeFlow(e){let t;const r=Wc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled);try{return t=await Fo(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await Fo(this.silentTokenHelper.bind(this),Wn,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(o){if(o instanceof Te&&(o.correlationId=this.correlationId,r.cacheFailedRequest(o)),!(t&&o instanceof Te&&o.errorCode===cs))throw o;return this.performanceClient.addFields({retryError:o.errorCode},this.correlationId),await Fo(this.silentTokenHelper.bind(this),Wn,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:o,extraQueryParameters:n,account:i}=e,s=await Fo(Gc,Bn,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,o,n,i),a=await Fo(ua,ai,this.logger,this.performanceClient,t)(),c=await Fo(wl,ni,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),l={...e,earJwk:a,codeChallenge:c.challenge},h=Ul(),d=this.config.auth.OIDCOptions.responseMode;let u;try{const r=Fo(this.waitForIframeResponse.bind(this),Qn,this.logger,this.performanceClient,t)(h,e);r.catch((()=>{})),await Fo(Nl,Gn,this.logger,this.performanceClient,t)(h,this.config,s,l,this.logger,this.performanceClient),u=await r}finally{Lo(Ll,oi,this.logger,this.performanceClient,t)(h)}const g=Lo(tl,ri,this.logger,this.performanceClient,t)(u,d,this.logger,this.correlationId);if(!g.ear_jwe&&g.code){const r=await Fo(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,t)({serverTelemetryManager:Wc(this.apiId,this.config.auth.clientId,t,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:s});return Fo(yl,ti,this.logger,this.performanceClient,t)(l,g,c.verifier,this.apiId,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Fo(Il,Xn,this.logger,this.performanceClient,t)(l,g,this.apiId,this.config,s,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async verifySso(t){const r={...t};r.prompt||(r.prompt=N.NONE);const o=await Fo(el,Zn,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),n=await Fo(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:Wc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),requestAuthority:o.authority,requestAzureCloudOptions:o.azureCloudOptions,requestExtraQueryParameters:o.extraQueryParameters,account:o.account}),{serverParams:i}=await this.silentAuthorizeHelper(n,o),s=o.correlationId;return Pn(i,o.state,s),i.code?(this.logger.verbose("0kkkcj",s),!0):(this.logger.warning("0y34ti",s),!1)}logout(){return Promise.reject(is(_i,""))}async silentTokenHelper(e,t){const{serverParams:r,pkceCodes:o}=await this.silentAuthorizeHelper(e,t);return Fo(yl,ti,this.logger,this.performanceClient,t.correlationId)(t,r,o.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async silentAuthorizeHelper(e,t){const r=t.correlationId,o=await Fo(wl,ni,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),n={...t,codeChallenge:o.challenge},i=Ul(),s=this.config.auth.OIDCOptions.responseMode;let a;try{const o=Fo(this.waitForIframeResponse.bind(this),Qn,this.logger,this.performanceClient,r)(i,t);if(o.catch((()=>{})),t.httpMethod===m)await Fo(ql,Gn,this.logger,this.performanceClient,r)(i,this.config,e.authority,n,this.logger,this.performanceClient);else{const t=await Fo(ul,Oo,this.logger,this.performanceClient,r)(this.config,e.authority,n,this.logger,this.performanceClient);await Fo(xl,Gn,this.logger,this.performanceClient,r)(i,t,this.logger,r)}a=await o}finally{Lo(Ll,oi,this.logger,this.performanceClient,r)(i)}return{serverParams:Lo(tl,ri,this.logger,this.performanceClient,r)(a,s,this.logger,this.correlationId),pkceCodes:o,silentRequest:n}}async waitForIframeResponse(e,t){return this.waitForIframeResponseHook?this.waitForIframeResponseHook(e,t):Ma(this.config.system.iframeBridgeTimeout,this.logger,t,this.performanceClient,this.config.experimental)}}class Hl extends Xc{async acquireToken(e){const t=await Fo(Vc,Jn,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger,this.correlationId),r={...e,...t};e.redirectUri&&(r.redirectUri=Jc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId));const o=Wc(Fs.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),n=await this.createRefreshTokenClient({serverTelemetryManager:o,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return Fo(n.acquireTokenByRefreshToken.bind(n),"refreshTokenClientAcquireTokenByRefreshToken",this.logger,this.performanceClient,e.correlationId)(r,Fs.acquireTokenSilent_silentFlow).catch((e=>{throw e.correlationId=this.correlationId,o.cacheFailedRequest(e),e}))}logout(){return Promise.reject(is(_i,""))}async createRefreshTokenClient(e){const t=await Fo(this.getClientConfiguration.bind(this),Yn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new bn(t,this.performanceClient)}}class Dl extends Tn{constructor(e,t){super(e,t),this.includeRedirectUri=!1}}class $l extends Xc{constructor(e,t,r,o,n,i,s,a,c,l){super(e,t,r,o,n,i,a,c,l),this.apiId=s}async acquireToken(t){if(!t.code)throw is(Hi,this.correlationId);const r=await Fo(el,Zn,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),o=Wc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled);try{const e={...r,code:t.code},n=await Fo(this.getClientConfiguration.bind(this),Yn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:o,requestAuthority:r.authority,requestAzureCloudOptions:r.azureCloudOptions,requestExtraQueryParameters:r.extraQueryParameters,account:r.account}),i=new Dl(n,this.performanceClient);this.logger.verbose("1uic5e",this.correlationId);const s=new ol(i,this.browserStorage,e,this.logger,this.performanceClient);return await Fo(s.handleCodeResponseFromServer.bind(s),Mo,this.logger,this.performanceClient,this.correlationId)({code:t.code,msgraph_host:t.msGraphHost,cloud_graph_host_name:t.cloudGraphHostName,cloud_instance_host_name:t.cloudInstanceHostName},r,this.apiId,!1)}catch(e){throw e instanceof Te&&(e.correlationId=this.correlationId,o.cacheFailedRequest(e)),e}}logout(){return Promise.reject(is(_i,""))}}function Kl(e,t,r,o){try{Da(e),Rn(r.auth.isMcp,o)}catch(e){throw t.end({success:!1},e,o.account),e}}class Bl{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new Qa(this.logger,this.performanceClient):mr,this.eventHandler=new zc(this.logger),this.browserStorage=this.isBrowserEnvironment?new Lc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,vn(this.config.auth)):Hc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:As.MemoryStorage,cacheRetentionDays:5};this.nativeInternalStorage=new Lc(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.activeSilentTokenRequests=new Map,this.trackStateChange=this.trackStateChange.bind(this),this.trackStateChangeWithMeasurement=this.trackStateChangeWithMeasurement.bind(this)}static async createController(e,t){const r=new Bl(e);return await r.initialize(t),r}trackStateChange(e,t){e&&("visibilitychange"===t.type?(this.logger.info("16v6hv",e),this.performanceClient.incrementFields({visibilityChangeCount:1},e)):"online"===t.type?(this.logger.info("0zirfd",e),this.performanceClient.incrementFields({onlineStatusChangeCount:1},e)):"offline"===t.type&&(this.logger.info("1xk9ef",e),this.performanceClient.incrementFields({onlineStatusChangeCount:1},e)))}async initialize(e){const t=this.getRequestCorrelationId(e);if(this.logger.trace("1f7joy",t),this.initialized)return void this.logger.info("061m5x",t);if(!this.isBrowserEnvironment)return this.logger.info("19fvpi",t),this.initialized=!0,void this.eventHandler.emitEvent(Pc.INITIALIZE_END,t);const r=this.config.system.allowPlatformBroker,o=this.performanceClient.startMeasurement(oc,t);if(this.eventHandler.emitEvent(Pc.INITIALIZE_START,t),this.logMultipleInstances(o,t),o.add({isMcp:this.config.auth.isMcp}),await Fo(this.browserStorage.initialize.bind(this.browserStorage),"initializeCache",this.logger,this.performanceClient,t)(t),r)try{this.platformAuthProvider=await Pl(this.logger,this.performanceClient,t,this.config.system.nativeBrokerHandshakeTimeout,this.config.experimental.allowPlatformBrokerWithDOM)}catch(e){this.logger.verbose(e,t)}this.config.cache.cacheLocation===As.LocalStorage&&this.eventHandler.subscribeCrossTab(),!this.config.system.navigatePopups&&await this.preGeneratePkceCodes(t),this.initialized=!0,this.eventHandler.emitEvent(Pc.INITIALIZE_END,t),o.end({allowPlatformBroker:r,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("02l8bm",""),Ha(this.initialized),this.isBrowserEnvironment){const t=e?.hash||"";let r=this.redirectResponse.get(t);return void 0===r?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("1wn9kp","")):this.logger.verbose("0w0gm3",""),r}return this.logger.verbose("12xi63",""),null}async handleRedirectPromiseInternal(t){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",""),null;const r=this.browserStorage.getInteractionInProgress()?.type;if(r===Ps)return this.logger.verbose("1ywcv2",""),this.browserStorage.setInteractionInProgress(!1),Promise.resolve(null);const o=this.getAllAccounts(),n=this.browserStorage.getCachedNativeRequest(),i=n&&!t?.hash;let s,a,c;try{if(i&&this.platformAuthProvider){const t=n?.correlationId||"";this.eventHandler.emitEvent(Pc.HANDLE_REDIRECT_START,t,e.InteractionType.Redirect),s=this.performanceClient.startMeasurement(tc,t),this.logger.trace("12v7is",t),s.add({isPlatformBrokerRequest:!0});const r=new cl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Fs.handleRedirectPromise,this.performanceClient,this.platformAuthProvider,n.accountId,this.nativeInternalStorage,n.correlationId);a=Fo(r.handleRedirectPromise.bind(r),"handleNativeRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)()}else{const[r,o]=this.browserStorage.getCachedRequest("");c=r;const n=r.correlationId;this.eventHandler.emitEvent(Pc.HANDLE_REDIRECT_START,n,e.InteractionType.Redirect),s=this.performanceClient.startMeasurement(tc,n),this.logger.trace("0znzs5",n);const i=this.createRedirectClient(n);a=Fo(i.handleRedirectPromise.bind(i),"handleRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(r,o,s,t)}}catch(e){throw this.browserStorage.resetRequestCache(""),e}return a.then((t=>{if(t){this.browserStorage.resetRequestCache(t.correlationId),this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_SUCCESS,t.correlationId,e.InteractionType.Redirect,t),this.logger.verbose("0ui8f5",t.correlationId);o.length<this.getAllAccounts().length&&(this.eventHandler.emitEvent(Pc.LOGIN_SUCCESS,t.correlationId,e.InteractionType.Redirect,t.account),this.logger.verbose("16im3l",t.correlationId)),s.end({success:!0},void 0,t.account),this.verifySsoCapability(c,e.InteractionType.Redirect)}else s.event.errorCode?s.end({success:!1},void 0):s.discard();return this.eventHandler.emitEvent(Pc.HANDLE_REDIRECT_END,s.event.correlationId,e.InteractionType.Redirect),t})).catch((t=>{this.browserStorage.resetRequestCache(s.event.correlationId);const r=t;throw this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_FAILURE,s.event.correlationId,e.InteractionType.Redirect,null,r),this.eventHandler.emitEvent(Pc.HANDLE_REDIRECT_END,s.event.correlationId,e.InteractionType.Redirect),s.end({success:!1},r),t}))}async acquireTokenRedirect(t){const r=this.getRequestCorrelationId(t);this.logger.verbose("0os66p",r),$a(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Es);const o=this.performanceClient.startMeasurement(ec,r);o.add({scenarioId:t.scenarioId});const n=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=e=>{const r="function"==typeof n?n(e):void 0;return o.add({navigateCallbackResult:!1!==r}),o.event=o.end({success:!0},void 0,t.account)||o.event,r};try{let n;if(Rn(this.config.auth.isMcp,t),this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_START,r,e.InteractionType.Redirect,t),this.platformAuthProvider&&this.canUsePlatformBroker(t)){const e=new cl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Fs.acquireTokenRedirect,this.performanceClient,this.platformAuthProvider,this.getNativeAccountId(t),this.nativeInternalStorage,r);n=Fo(e.acquireTokenRedirect.bind(e),"nativeInteractionClientAcquireToken",this.logger,this.performanceClient,r)(t,o).catch((e=>{if(o.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof nl&&il(e)){this.platformAuthProvider=void 0;return this.createRedirectClient(r).acquireToken(t)}if(e instanceof Xo){this.logger.verbose("1ipyz4",r);return this.createRedirectClient(r).acquireToken(t)}throw e}))}else{n=this.createRedirectClient(r).acquireToken(t)}return await n}catch(n){throw this.browserStorage.resetRequestCache(r),2===o.event.status?this.performanceClient.startMeasurement(tc,r).end({success:!1},n,t.account):o.end({success:!1},n,t.account),this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Redirect,null,n),n}}acquireTokenPopup(t){const r=this.getRequestCorrelationId(t),o=this.performanceClient.startMeasurement(Xa,r);o.add({scenarioId:t.scenarioId});try{this.logger.verbose("0ch87b",r),Kl(this.initialized,o,this.config,t),this.browserStorage.setInteractionInProgress(!0,Es,t.overrideInteractionInProgress,r)}catch(e){return Promise.reject(e)}const n=this.getAllAccounts();let i;this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_START,r,e.InteractionType.Popup,t);const s=this.getPreGeneratedPkceCodes(r);if(this.canUsePlatformBroker(t))o.add({isPlatformBrokerRequest:!0}),i=this.acquireTokenNative({...t,correlationId:r},Fs.acquireTokenPopup).then((e=>(o.end({success:!0,isNativeBroker:!0},void 0,e.account),e))).catch((e=>{if(o.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof nl&&il(e)){this.platformAuthProvider=void 0;return this.createPopupClient(r).acquireToken(t,s)}if(e instanceof Xo){this.logger.verbose("0yy5fw",r);return this.createPopupClient(r).acquireToken(t,s)}throw e}));else{i=this.createPopupClient(r).acquireToken(t,s)}return i.then((i=>{const s=n.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Popup,i),s&&this.eventHandler.emitEvent(Pc.LOGIN_SUCCESS,r,e.InteractionType.Popup,i.account),o.end({success:!0,accessTokenSize:i.accessToken.length,idTokenSize:i.idToken.length},void 0,i.account),this.verifySsoCapability(t,e.InteractionType.Popup),i})).catch((n=>(this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Popup,null,n),o.end({success:!1},n,t.account),Promise.reject(n)))).finally((async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.navigatePopups||await this.preGeneratePkceCodes(r)}))}trackStateChangeWithMeasurement(e){const t=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;t&&("visibilitychange"===e.type?(this.logger.info(`0yzimq ${t.event.name}`,t.event.correlationId),t.increment({visibilityChangeCount:1})):"online"===e.type?(this.logger.info(`1caf53 ${t.event.name}`,t.event.correlationId),t.increment({onlineStatusChangeCount:1})):"offline"===e.type&&(this.logger.info(`0fdyk7 ${t.event.name}`,t.event.correlationId),t.increment({onlineStatusChangeCount:1})))}addStateChangeListeners(e){document.addEventListener("visibilitychange",e),window.addEventListener("online",e),window.addEventListener("offline",e)}removeStateChangeListeners(e){document.removeEventListener("visibilitychange",e),window.removeEventListener("online",e),window.removeEventListener("offline",e)}getCachedSsoCapable(){try{const e=window.localStorage.getItem(fc);if(e){const t=JSON.parse(e);if(t&&"boolean"==typeof t.ssoCapable&&t.expiresOn&&Date.now()<t.expiresOn)return t.ssoCapable}}catch{}}verifySsoCapability(e,t){if(!this.config.auth.verifySSO)return;const r=fc;if(void 0!==this.getCachedSsoCapable())return void this.logger.verbose(`13poou ${t}`,"");const o=ha(),n=this.performanceClient.startMeasurement(sc,o);n.add({"ext.interactionType":t}),this.logger.verbose(`0pbr0i ${t}`,o),setTimeout((()=>{const i={...e,correlationId:o};this.createSilentIframeClient(o).verifySso(i).then((e=>{this.logger.verbose(`1gd1iv ${t} ${e}`,o);try{const t=JSON.stringify({ssoCapable:e,expiresOn:Date.now()+864e5});window.localStorage.setItem(r,t)}catch{this.logger.warning(`18lmoj ${t}`,o)}n.end({fromCache:!1,success:e},void 0)})).catch((e=>{this.logger.warning(`05g83w ${t} ${e.message}`,o);try{window.localStorage.removeItem(r)}catch{this.logger.warning(`0nlf9q ${t}`,o)}n.end({fromCache:!1,success:!1},e)}))}),0)}async ssoSilent(t){const r=this.getRequestCorrelationId(t),o={...t,correlationId:r};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(rc,r),this.ssoSilentMeasurement?.add({scenarioId:t.scenarioId,ssoCapable:this.getCachedSsoCapable()}),Kl(this.initialized,this.ssoSilentMeasurement,this.config,o),this.ssoSilentMeasurement?.increment({visibilityChangeCount:0,onlineStatusChangeCount:0}),this.addStateChangeListeners(this.trackStateChangeWithMeasurement);const n=this.getAllAccounts();let i;if(this.logger.verbose("0w1b45",r),this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_START,r,e.InteractionType.Silent,o),this.canUsePlatformBroker(o))this.ssoSilentMeasurement?.add({isPlatformBrokerRequest:!0}),i=this.acquireTokenNative(o,Fs.ssoSilent).catch((e=>{if(this.ssoSilentMeasurement?.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof nl&&il(e)){this.platformAuthProvider=void 0;return this.createSilentIframeClient(o.correlationId).acquireToken(o)}throw e}));else{i=this.createSilentIframeClient(o.correlationId).acquireToken(o)}return i.then((t=>{const o=n.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,t),o&&this.eventHandler.emitEvent(Pc.LOGIN_SUCCESS,r,e.InteractionType.Silent,t.account),this.ssoSilentMeasurement?.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t})).catch((o=>{throw this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,o),this.ssoSilentMeasurement?.end({success:!1},o,t.account),o})).finally((()=>{this.removeStateChangeListeners(this.trackStateChangeWithMeasurement)}))}async acquireTokenByCode(t){const r=this.getRequestCorrelationId(t);this.logger.trace("0ch6ga",r);const o=this.performanceClient.startMeasurement(Za,r);Kl(this.initialized,o,this.config,t),this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_START,r,e.InteractionType.Silent,t),o.add({scenarioId:t.scenarioId});try{if(t.code&&t.nativeAccountId)throw is($i,r);if(t.code){const n=t.code;let i=this.hybridAuthCodeResponses.get(n);return i?(this.logger.verbose("0qgp28",r),o.discard()):(this.logger.verbose("06eh73",r),i=this.acquireTokenByCodeAsync({...t,correlationId:r}).then((t=>(this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,t),this.hybridAuthCodeResponses.delete(n),o.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((t=>{throw this.hybridAuthCodeResponses.delete(n),this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,t),o.end({success:!1},t),t})),this.hybridAuthCodeResponses.set(n,i)),await i}if(t.nativeAccountId){if(this.canUsePlatformBroker(t,t.nativeAccountId)){o.add({isPlatformBrokerRequest:!0});const e=await this.acquireTokenNative({...t,correlationId:r},Fs.acquireTokenByCode,t.nativeAccountId).catch((e=>{throw o.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof nl&&il(e)&&(this.platformAuthProvider=void 0),e}));return o.end({success:!0},void 0,e.account),e}throw is(Bi,r)}throw is(Di,r)}catch(t){throw this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,t),o.end({success:!1},t),t}}async acquireTokenByCodeAsync(e){const t=this.getRequestCorrelationId(e);this.logger.trace("10d9hy",t),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement("acquireTokenByCodeAsync",t),this.acquireTokenByCodeAsyncMeasurement?.increment({visibilityChangeCount:0,onlineStatusChangeCount:0}),this.addStateChangeListeners(this.trackStateChangeWithMeasurement);const r=this.createSilentAuthCodeClient(t);return await r.acquireToken(e).then((e=>(this.acquireTokenByCodeAsyncMeasurement?.end({success:!0,fromCache:e.fromCache}),e))).catch((e=>{throw this.acquireTokenByCodeAsyncMeasurement?.end({success:!1},e),e})).finally((()=>{this.removeStateChangeListeners(this.trackStateChangeWithMeasurement)}))}async acquireTokenFromCache(e,t){switch(t){case js.Default:case js.AccessToken:case js.AccessTokenAndRefreshToken:const t=this.createSilentCacheClient(e.correlationId);return Fo(t.acquireToken.bind(t),"silentCacheClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw Pe(vt,e.correlationId)}}async acquireTokenByRefreshToken(e,t){switch(t){case js.Default:case js.AccessTokenAndRefreshToken:case js.RefreshToken:case js.RefreshTokenAndNetwork:const t=this.createSilentRefreshClient(e.correlationId);return Fo(t.acquireToken.bind(t),"silentRefreshClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw Pe(vt,e.correlationId)}}async acquireTokenBySilentIframe(e){const t=this.createSilentIframeClient(e.correlationId);return Fo(t.acquireToken.bind(t),"silentIframeClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e)}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);$a(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Ps);return this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);Da(this.initialized),this.browserStorage.setInteractionInProgress(!0,Ps);return this.createPopupClient(t).logout(e).finally((()=>{this.browserStorage.setInteractionInProgress(!1)}))}catch(e){return Promise.reject(e)}}async clearCache(e){if(!this.isBrowserEnvironment)return;const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return Dc(this.logger,this.browserStorage,this.isBrowserEnvironment,this.getRequestCorrelationId(),e)}getAccount(e){return $c(e,this.logger,this.browserStorage,this.getRequestCorrelationId())}setActiveAccount(e){Kc(e,this.browserStorage,this.getRequestCorrelationId())}getActiveAccount(){return Bc(this.browserStorage,this.getRequestCorrelationId())}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=Wr(e.account,e.cloudGraphHostName,e.msGraphHost);if(await this.browserStorage.setAccount(r,e.correlationId,br(e.idTokenClaims),Fs.hydrateCache),!e.fromPlatformBroker)return this.browserStorage.hydrateCache(e,t);{this.logger.verbose("1i5atf",e.correlationId);const r=wo(e.account.homeAccountId,e.account.environment,e.idToken,this.config.auth.clientId,e.tenantId),o=Co(e.account.homeAccountId,e.account.environment,e.accessToken,this.config.auth.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?po(e.expiresOn):0,e.extExpiresOn?po(e.extExpiresOn):0,ss,t.correlationId||"",void 0,e.tokenType,void 0,t.sshKid);t.resource&&(o.resource=t.resource);const n=br(e.idTokenClaims);await this.browserStorage.setIdTokenCredential(r,e.correlationId,n),await this.nativeInternalStorage.setAccessTokenCredential(o,e.correlationId,n)}}async acquireTokenNative(e,t,r,o){const n=this.getRequestCorrelationId(e);if(this.logger.trace("0b9y3p",n),!this.platformAuthProvider)throw is(Ji,n);const i=new cl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.platformAuthProvider,r||this.getNativeAccountId(e),this.nativeInternalStorage,n);return Fo(i.acquireToken.bind(i),zn,this.logger,this.performanceClient,n)(e,o)}canUsePlatformBroker(e,t){const r=this.getRequestCorrelationId(e);if(this.logger.trace("1n9lbl",r),!this.platformAuthProvider)return this.logger.trace("0vnu11",r),!1;if(!Rl(this.config,this.logger,r,this.platformAuthProvider,e.authenticationScheme))return this.logger.trace("0yoy1g",r),!1;if(e.prompt)switch(e.prompt){case N.NONE:case N.CONSENT:case N.LOGIN:this.logger.trace("0vdv8e",r);break;default:return this.logger.trace(`0pdzw6 ${e.prompt}`,r),!1}return!(!t&&!this.getNativeAccountId(e))||(this.logger.trace("16lbtk",r),!1)}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||(e.loginHint||e.sid?null:this.getActiveAccount());return t&&t.nativeAccountId||""}createPopupClient(e){return new Ol(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider,this.operatingContext.getResponseHandlers()?.waitForPopupResponse)}createRedirectClient(e){return new Ml(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentIframeClient(e){return new Fl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Fs.ssoSilent,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider,this.operatingContext.getResponseHandlers()?.waitForIframeResponse)}createSilentCacheClient(e){return new al(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentRefreshClient(e){return new Hl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentAuthCodeClient(e){return new $l(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Fs.acquireTokenByCode,this.performanceClient,e,this.platformAuthProvider)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return Fa(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e?.correlationId?e.correlationId:this.isBrowserEnvironment?ha():""}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0lz9hf",t),this.acquireTokenRedirect({correlationId:t,...e||Ks})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0qw7v5",t),this.acquireTokenPopup({correlationId:t,...e||Ks})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(Ya,t);r.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId,ssoCapable:this.getCachedSsoCapable()}),Kl(this.initialized,r,this.config,e),this.logger.verbose("0x1c4s",t);const o=e.account||this.getActiveAccount();if(!o)throw is(Ei,t);return this.acquireTokenSilentDeduped(e,o,t).then((o=>(r.end({success:!0,fromCache:o.fromCache,accessTokenSize:o.accessToken.length,idTokenSize:o.idToken.length},void 0,o.account),{...o,state:e.state,correlationId:t}))).catch((e=>{throw e instanceof Te&&(e.correlationId=t),r.end({success:!1},e,o),e}))}async acquireTokenSilentDeduped(e,t,r){const o=dn(this.config.auth.clientId,{...e,authority:e.authority||this.config.auth.authority},t.homeAccountId),n=JSON.stringify(o),i=this.activeSilentTokenRequests.get(n);if(void 0===i){this.logger.verbose("0fcjbk",r),this.performanceClient.addFields({deduped:!1},r);const o=Fo(this.acquireTokenSilentAsync.bind(this),"acquireTokenSilentAsync",this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(n,o),o.finally((()=>{this.activeSilentTokenRequests.delete(n)}))}return this.logger.verbose("1yq7nb",r),this.performanceClient.addFields({deduped:!0},r),i}async acquireTokenSilentAsync(t,r){const o=e=>this.trackStateChange(t.correlationId,e);this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_START,t.correlationId,e.InteractionType.Silent,t),t.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0,onlineStatusChangeCount:0},t.correlationId),this.addStateChangeListeners(o);const n=await Fo(Yc,"initializeSilentRequest",this.logger,this.performanceClient,t.correlationId)(t,r,this.config,this.performanceClient,this.logger),i=t.cacheLookupPolicy||js.Default;return this.acquireTokenSilentNoIframe(n,i).catch((async e=>{const r=function(e,t){const r=!(e instanceof Xo&&e.subError!==Go),o=e.errorCode===cs||e.errorCode===vt,n=r&&o||e.errorCode===$o||e.errorCode===Bo,i=Js.includes(t);return n&&i}(e,i);if(r){const r=`${e.errorCode}${e.subError?`|${e.subError}`:""}`;if(this.performanceClient.addFields({silentRefreshReason:r},t.correlationId),this.activeIframeRequest){if(i!==js.Skip){const[t,r]=this.activeIframeRequest;this.logger.verbose(`1w8fso ${r}`,n.correlationId);const o=this.performanceClient.startMeasurement("awaitConcurrentIframe",n.correlationId);o.add({awaitIframeCorrelationId:r});const s=await t;if(o.end({success:s}),s)return this.logger.verbose(`0ywzzi ${r}`,n.correlationId),this.acquireTokenSilentNoIframe(n,i);throw this.logger.info(`17y14q ${r}`,n.correlationId),e}return this.logger.warning("1bd4p8",n.correlationId),Fo(this.acquireTokenBySilentIframe.bind(this),jn,this.logger,this.performanceClient,n.correlationId)(n)}{let e;return this.activeIframeRequest=[new Promise((t=>{e=t})),n.correlationId],this.logger.verbose("0rh08z",n.correlationId),Fo(this.acquireTokenBySilentIframe.bind(this),jn,this.logger,this.performanceClient,n.correlationId)(n).then((t=>(e(!0),t))).catch((t=>{throw e(!1),t})).finally((()=>{this.activeIframeRequest=void 0}))}}throw e})).then((r=>(this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_SUCCESS,t.correlationId,e.InteractionType.Silent,r),t.correlationId&&this.performanceClient.addFields({fromCache:r.fromCache,isNativeBroker:r.fromPlatformBroker},t.correlationId),r))).catch((r=>{throw this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_FAILURE,t.correlationId,e.InteractionType.Silent,null,r),r})).finally((()=>{this.removeStateChangeListeners(o)}))}async acquireTokenSilentNoIframe(t,r){return Rl(this.config,this.logger,t.correlationId,this.platformAuthProvider,t.authenticationScheme)&&t.account.nativeAccountId?(this.logger.verbose("0sczo4",t.correlationId),this.performanceClient.addFields({isPlatformBrokerRequest:!0},t.correlationId),this.acquireTokenNative(t,Fs.acquireTokenSilent_silentFlow,t.account.nativeAccountId,r).catch((async e=>{if(this.performanceClient.addFields({brokerErrorName:e.name,brokerErrorCode:e.errorCode},t.correlationId),e instanceof nl&&il(e))throw this.logger.verbose("07rkmb",t.correlationId),this.platformAuthProvider=void 0,Pe(vt,t.correlationId);throw e}))):(this.logger.verbose("0ox81t",t.correlationId),r===js.AccessToken&&this.logger.verbose("0fvwxe",t.correlationId),Fo(this.acquireTokenFromCache.bind(this),"acquireTokenFromCache",this.logger,this.performanceClient,t.correlationId)(t,r).catch((o=>{if(r===js.AccessToken)throw o;return this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_NETWORK_START,t.correlationId,e.InteractionType.Silent,t),Fo(this.acquireTokenByRefreshToken.bind(this),"acquireTokenByRefreshToken",this.logger,this.performanceClient,t.correlationId)(t,r)})))}async preGeneratePkceCodes(e){return this.logger.verbose("1x6uj6",e),this.pkceCode=await Fo(wl,ni,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,t?this.logger.verbose("12js1o",e):this.logger.verbose("1oe9ci",e),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}logMultipleInstances(e,t){const r=this.config.auth.clientId;if(!window)return;window.msal=window.msal||{},window.msal.clientIds=window.msal.clientIds||[];window.msal.clientIds.length>0&&this.logger.verbose("1qtz3l",t),window.msal.clientIds.push(r),function(e,t,r,o){const n=window.msal?.clientIds||[],i=n.length,s=n.filter((t=>t===e)).length;s>1&&r.warning("1e88vg",o),t.add({msalInstanceCount:i,sameClientIdInstanceCount:s})}(r,e,this.logger,t)}}class zl{static loggerCallback(t,r){switch(t){case e.LogLevel.Error:return void console.error(r);case e.LogLevel.Info:return void console.info(r);case e.LogLevel.Verbose:return void console.debug(r);case e.LogLevel.Warning:return void console.warn(r);default:return void console.log(r)}}constructor(t,r){let o;this.browserEnvironment="undefined"!=typeof window,this.config=Sl(t,this.browserEnvironment),this.responseHandlers=r;try{o=window[As.SessionStorage]}catch(e){}const n=o?.getItem(hc),i=o?.getItem(dc)?.toLowerCase(),s="true"===i||"false"!==i&&void 0,a={...this.config.system.loggerOptions},c=n&&Object.keys(e.LogLevel).includes(n)?e.LogLevel[n]:void 0;c&&(a.loggerCallback=zl.loggerCallback,a.logLevel=c),void 0!==s&&(a.piiLoggingEnabled=s),this.logger=new wr(a,Rc,Oc),this.available=!1}getConfig(){return this.config}getResponseHandlers(){return this.responseHandlers}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}class jl extends zl{getModuleName(){return jl.MODULE_NAME}getId(){return jl.ID}async initialize(e){return this.available="undefined"!=typeof window,this.available}}jl.MODULE_NAME="",jl.ID="StandardOperatingContext";const Jl="USER_INTERACTION_REQUIRED",Wl="USER_CANCEL",Gl="NO_NETWORK",Ql="TRANSIENT_ERROR",Vl="PERSISTENT_ERROR",Yl="DISABLED",Zl="ACCOUNT_UNAVAILABLE",Xl="NESTED_APP_AUTH_UNAVAILABLE";class eh{constructor(e,t,r,o){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=o}toNaaTokenRequest(e){let t;t=void 0===e.extraQueryParameters?new Map:new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId||this.crypto.createNewGuid(),o=nr(e.claims,this.clientCapabilities),n=e.scopes||f;return{platformBrokerId:e.account?.homeAccountId,clientId:this.clientId,authority:e.authority,resource:e.resource,scope:n.join(" "),correlationId:r,claims:_e.isEmptyObj(o)?void 0:o,state:e.state,authenticationScheme:e.authenticationScheme||X.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token||!t.token.access_token)throw Pe(rt,e.correlationId);const o=mo(r+(t.token.expires_in||0)),n=Tr(t.token.id_token,this.crypto.base64Decode,e.correlationId),i=this.fromNaaAccountInfo(t.account,t.token.id_token,n),s=t.token.scope||e.scope;return{authority:t.token.authority||i.environment,uniqueId:i.localAccountId,tenantId:i.tenantId,scopes:s.split(" "),account:i,idToken:t.token.id_token,idTokenClaims:n,accessToken:t.token.access_token,fromCache:!1,expiresOn:o,tokenType:e.authenticationScheme||X.BEARER,correlationId:e.correlationId,extExpiresOn:o,state:e.state}}fromNaaAccountInfo(e,t,r){const o=r||e.idTokenClaims,n=e.localAccountId||o?.oid||o?.sub||"",i=e.tenantId||zr(o)||"",s=e.homeAccountId||`${n}.${i}`,a=e.environment;if(!a)throw Pe(It,"");const c=o?.preferred_username||o?.upn,l=o?.emails?.[0]||null,h=e.username||c||l||"",d=e.name||o?.name||"",u=e.loginHint||o?.login_hint,g=new Map,p=Sr(s,n,i,e.platformBrokerId,o);g.set(i,p);return{homeAccountId:s,environment:a,tenantId:i,username:h,localAccountId:n,name:d,loginHint:u,idToken:t,idTokenClaims:o,nativeAccountId:e.platformBrokerId,tenantProfiles:g}}fromBridgeError(e){if(!function(e){return void 0!==e.status}(e))return new Te("unknown_error","","An unknown error occurred");switch(e.status){case Wl:return new Ee(Et,"");case Gl:return new Ee(_t,"");case Zl:return new Ee(wt,"");case Yl:return new Ee(Rt,"");case Xl:return new Ee(e.code||Rt,"",e.description);case Ql:case Vl:return new rn(e.code||"","",e.description);case Jl:return new Xo(e.code||"","",e.description);default:return new Te(e.code||"","",e.description)}}toAuthenticationResultFromCache(e,t,r,o,n){if(!t||!r)throw Pe(rt,n);const i=Tr(t.secret,this.crypto.base64Decode,n),s=r.target||o.scopes.join(" ");return{authority:r.environment||e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:s.split(" "),account:e,idToken:t.secret,idTokenClaims:i||{},accessToken:r.secret,fromCache:!0,expiresOn:mo(r.expiresOn),extExpiresOn:mo(r.extendedExpiresOn),tokenType:o.authenticationScheme||X.BEARER,correlationId:n,state:o.state}}}class th extends Te{constructor(e,t,r){super(e,t,r),Object.setPrototypeOf(this,th.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(e){return new th("unsupported_method",e||"")}}class rh{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(void 0===t)throw new Error("unexpected: bridgeProxy is undefined");this.bridgeProxy=t,this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new Qa(this.logger,this.performanceClient,!0):mr,this.eventHandler=new zc(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new Lc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,vn(this.config.auth)):Hc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new eh(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r||null}static async createController(e){const t=new rh(e);return Promise.resolve(t)}async initialize(e,t){const r=e?.correlationId||ha();return await this.browserStorage.initialize(r),Promise.resolve()}ensureValidRequest(e){return e?.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(t){const r=this.ensureValidRequest(t),o=r.correlationId||ha();this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_START,o,e.InteractionType.Popup,r);const n=this.performanceClient.startMeasurement(Xa,o);n.add({nestedAppAuthRequest:!0});try{Rn(this.config.auth.isMcp,r);const i=this.nestedAppAuthAdapter.toNaaTokenRequest(r),s=go(),a=await this.bridgeProxy.getTokenInteractive(i),c={...this.nestedAppAuthAdapter.fromNaaTokenResponse(i,a,s)};try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii(`1mwr91 ${e}`,o)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_SUCCESS,o,e.InteractionType.Popup,c),n.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),n.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const i=r instanceof Te?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_FAILURE,o,e.InteractionType.Popup,null,r),n.end({success:!1},r,t.account),i}}async acquireTokenSilentInternal(t){const r=this.ensureValidRequest(t),o=r.correlationId||ha();this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_START,o,e.InteractionType.Silent,r);const n=await this.acquireTokenFromCache(r);if(n)return this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_SUCCESS,o,e.InteractionType.Silent,n),n;const i=this.performanceClient.startMeasurement(rc,o);i.increment({visibilityChangeCount:0}),i.add({nestedAppAuthRequest:!0});try{Rn(this.config.auth.isMcp,r);const n=this.nestedAppAuthAdapter.toNaaTokenRequest(r);n.forceRefresh=r.forceRefresh;const s=go(),a=await this.bridgeProxy.getTokenSilent(n),c=this.nestedAppAuthAdapter.fromNaaTokenResponse(n,a,s);try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii(`1mwr91 ${e}`,o)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_SUCCESS,o,e.InteractionType.Silent,c),i?.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),i?.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const n=r instanceof Te?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_FAILURE,o,e.InteractionType.Silent,null,r),i?.end({success:!1},r,t.account),n}}async acquireTokenFromCache(t){const r=t.correlationId||ha(),o=this.performanceClient.startMeasurement(Ya,r);if(o?.add({nestedAppAuthRequest:!0}),t.claims)return this.logger.verbose("11t57w",r),null;if(t.forceRefresh)return this.logger.verbose("1ovnmo",r),null;let n=null;switch(t.cacheLookupPolicy||(t.cacheLookupPolicy=js.Default),t.cacheLookupPolicy){case js.Default:case js.AccessToken:case js.AccessTokenAndRefreshToken:n=await this.acquireTokenFromCacheInternal(t);break;default:return null}return n?(this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,n),o.add({accessTokenSize:n.accessToken.length,idTokenSize:n.idToken.length}),o.end({success:!0},void 0,n.account),n):(this.logger.warning("1yb4fi",r),this.eventHandler.emitEvent(Pc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null),o.end({success:!1},void 0,t.account),null)}async acquireTokenFromCacheInternal(e){const t=this.bridgeProxy.getAccountContext()||this.currentAccountContext,r=e.correlationId||ha();let o=null;if(t&&(o=$c(t,this.logger,this.browserStorage,r)),!o)return this.logger.verbose("10qnr0",r),Promise.resolve(null);this.logger.verbose("1u7hux",r);const n={...e,correlationId:r,authority:e.authority||o.environment,scopes:e.scopes?.length?e.scopes:[...f]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(o,n,i,o.tenantId);if(!s)return this.logger.verbose("03vm49",r),Promise.resolve(null);if(Io(s.cachedAt)||fo(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("18egye",r),Promise.resolve(null);if(n.resource){const e=n.resource,t=s.resource;if(!t||t!==e)return this.logger.verbose("0qraxd",r),Promise.resolve(null)}const a=this.browserStorage.getIdToken(o,n.correlationId,i,o.tenantId);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(o,a,s,n,n.correlationId):(this.logger.verbose("0d68kd",r),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw th.createUnsupportedError(e?.correlationId)}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw th.createUnsupportedError(e?.correlationId)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw th.createUnsupportedError()}removePerformanceCallback(e){throw th.createUnsupportedError()}getAllAccounts(e){return Dc(this.logger,this.browserStorage,this.isBrowserEnv(),ha(),e)}getAccount(e){return $c(e,this.logger,this.browserStorage,ha())}setActiveAccount(e){return Kc(e,this.browserStorage,ha())}getActiveAccount(){return Bc(this.browserStorage,ha())}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e||Ks)}loginRedirect(e){throw th.createUnsupportedError(e?.correlationId)}logoutRedirect(e){throw th.createUnsupportedError(e?.correlationId)}logoutPopup(e){throw th.createUnsupportedError(e?.correlationId)}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("1k8729","")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw th.createUnsupportedError()}getRedirectResponse(){throw th.createUnsupportedError()}async clearCache(e){throw th.createUnsupportedError(e?.correlationId)}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=Wr(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,br(e.idTokenClaims),Fs.hydrateCache),this.browserStorage.hydrateCache(e,t)}}class oh{static async initializeNestedAppAuthBridge(){if(void 0===window)throw new Error("window is undefined");if(void 0===window.nestedAppAuthBridge)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",(e=>{const t="string"==typeof e?e:e.data,r=JSON.parse(t),o=oh.bridgeRequests.find((e=>e.requestId===r.requestId));void 0!==o&&(oh.bridgeRequests.splice(oh.bridgeRequests.indexOf(o),1),r.success?o.resolve(r):o.reject(r.error))}));const e=await new Promise(((e,t)=>{const r=oh.buildRequest("GetInitContext"),o={requestId:r.requestId,method:r.method,resolve:e,reject:t};oh.bridgeRequests.push(o),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}));return oh.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:oh.validateBridgeResultOrThrow(r.token),account:oh.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:ha(),sendTime:Date.now(),clientLibrary:us,clientLibraryVersion:Oc,...t}}sendRequest(e,t){const r=oh.buildRequest(e,t);return new Promise(((e,t)=>{const o={requestId:r.requestId,method:r.method,resolve:e,reject:t};oh.bridgeRequests.push(o),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}))}static validateBridgeResultOrThrow(e){if(void 0===e){throw{status:Xl}}return e}constructor(e,t,r,o){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=o}static async create(){const e=await oh.initializeNestedAppAuthBridge();return new oh(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}oh.bridgeRequests=[];class nh extends zl{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return nh.MODULE_NAME}getId(){return nh.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(e){const t=e||"";try{if("undefined"!=typeof window){"function"==typeof window.__initializeNestedAppAuth&&await window.__initializeNestedAppAuth();const e=await oh.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=void 0!==e}}catch(e){this.logger.infoPii(`1mdxyj ${e}`,t)}return this.logger.info(`12jy9a ${this.available}`,t),this.available}}nh.MODULE_NAME="",nh.ID="NestedAppOperatingContext";class ih{constructor(e,t){this.controller=t||new Bl(new jl(e,{waitForPopupResponse:this.waitForPopupResponse.bind(this),waitForIframeResponse:this.waitForIframeResponse.bind(this)}))}async waitForPopupResponse(e,t,r){const o=this.controller;return Ma(o.getConfiguration().system.popupBridgeTimeout,o.getLogger(),e,o.getPerformanceClient())}async waitForIframeResponse(e,t){const r=this.controller,o=r.getConfiguration();return Ma(o.system.iframeBridgeTimeout,r.getLogger(),t,r.getPerformanceClient(),o.experimental)}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}getAccount(e){return this.controller.getAccount(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function sh(e){const t=new ih(e);return await t.initialize(),t}const ah={initialize:()=>Promise.reject(ba(Ca,"")),acquireTokenPopup:()=>Promise.reject(ba(Ca,"")),acquireTokenRedirect:()=>Promise.reject(ba(Ca,"")),acquireTokenSilent:()=>Promise.reject(ba(Ca,"")),acquireTokenByCode:()=>Promise.reject(ba(Ca,"")),getAllAccounts:()=>[],getAccount:()=>null,handleRedirectPromise:()=>Promise.reject(ba(Ca,"")),loginPopup:()=>Promise.reject(ba(Ca,"")),loginRedirect:()=>Promise.reject(ba(Ca,"")),logoutRedirect:()=>Promise.reject(ba(Ca,"")),logoutPopup:()=>Promise.reject(ba(Ca,"")),ssoSilent:()=>Promise.reject(ba(Ca,"")),addEventCallback:()=>null,removeEventCallback:()=>{},addPerformanceCallback:()=>"",removePerformanceCallback:()=>!1,getLogger:()=>{throw ba(Ca,"")},setLogger:()=>{},setActiveAccount:()=>{},getActiveAccount:()=>null,initializeWrapperLibrary:()=>{},setNavigationClient:()=>{},getConfiguration:()=>{throw ba(Ca,"")},hydrateCache:()=>Promise.reject(ba(Ca,"")),clearCache:()=>Promise.reject(ba(Ca,""))};async function ch(e,t,r,o,n,i,s,a,c){if(n.verbose("0ke46k",r),e.account){const t=Wr(e.account);return await o.setAccount(t,r,br(a||{}),Fs.loadExternalTokens),t}if(!t&&!a)throw n.error("0hzcn4",r),is(Li,"");const l=Gr(t,s.authorityType,n,i,r,a),h=a?.tid,d=an(o,s,l,ss,r,a,t,s.getPreferredCache(),h,void 0,void 0,n,c);return await o.setAccount(d,r,br(a||{}),Fs.loadExternalTokens),d}async function lh(e,t,r,o,n,i,s,a,c){if(!e.id_token)return a.verbose("1pm7g1",i),null;a.verbose("168lyi",i);const l=wo(t,r,e.id_token,c,o);return await s.setIdTokenCredential(l,i,n),l}async function hh(e,t,r,o,n,i,s,a,c,l,h){if(!t.access_token)return l.verbose("1ckp9e",a),null;if(!t.expires_in)return l.error("15mzx8",a),null;if(!(t.scope||e.scopes&&e.scopes.length))return l.error("1h7xse",a),null;l.verbose("01kmxb",a);const d=t.scope?qt.fromString(t.scope,a):new qt(e.scopes,a),u=s.expiresOn||t.expires_in+go(),g=s.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+go(),p=Co(r,o,t.access_token,h,n,d.printScopes(),u,g,ss,a);return await c.setAccessTokenCredential(p,a,i),p}async function dh(e,t,r,o,n,i,s,a,c){if(!e.refresh_token)return s.verbose("1l7um5",n),null;const l=e.refresh_token_expires_in?e.refresh_token_expires_in+go():void 0;c.addFields({extRtExpiresOnSeconds:l},n),s.verbose("0qy8ev",n);const h=vo(t,r,e.refresh_token,a,e.foci,void 0,l);return await i.setRefreshTokenCredential(h,n,o),h}function uh(){let e;try{e=window[As.SessionStorage];const t=e?.getItem(uc);if(1===Number(t))return Promise.resolve().then((function(){return fh}))}catch(e){}}function gh(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.now}function ph(e){if(e&&gh())return Math.round(window.performance.now()-e)}class mh{constructor(e,t){this.correlationId=t,this.measureName=mh.makeMeasureName(e,t),this.startMark=mh.makeStartMark(e,t),this.endMark=mh.makeEndMark(e,t)}static makeMeasureName(e,t){return`msal.measure.${e}.${t}`}static makeStartMark(e,t){return`msal.start.${e}.${t}`}static makeEndMark(e,t){return`msal.end.${e}.${t}`}static supportsBrowserPerformance(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.mark&&"function"==typeof window.performance.measure&&"function"==typeof window.performance.clearMarks&&"function"==typeof window.performance.clearMeasures&&"function"==typeof window.performance.getEntriesByName}static flushMeasurements(e,t){if(mh.supportsBrowserPerformance())try{t.forEach((t=>{const r=mh.makeMeasureName(t.name,e);window.performance.getEntriesByName(r,"measure").length>0&&(window.performance.clearMeasures(r),window.performance.clearMarks(mh.makeStartMark(r,e)),window.performance.clearMarks(mh.makeEndMark(r,e)))}))}catch(e){}}startMeasurement(){if(mh.supportsBrowserPerformance())try{window.performance.mark(this.startMark)}catch(e){}}endMeasurement(){if(mh.supportsBrowserPerformance())try{window.performance.mark(this.endMark),window.performance.measure(this.measureName,this.startMark,this.endMark)}catch(e){}}flushMeasurement(){if(mh.supportsBrowserPerformance())try{const e=window.performance.getEntriesByName(this.measureName,"measure");if(e.length>0){const t=e[0].duration;return window.performance.clearMeasures(this.measureName),window.performance.clearMarks(this.startMark),window.performance.clearMarks(this.endMark),t}}catch(e){}return null}}var fh=Object.freeze({__proto__:null,BrowserPerformanceMeasurement:mh});const yh=X,Ih=F,wh=N,Ch=ue,vh=f;e.ApiId=Fs,e.AuthError=Te,e.AuthErrorCodes=xn,e.AuthenticationHeaderParser=class{constructor(e){this.headers=e}getShrNonce(){const e=this.headers[T];if(e){const t=this.parseChallenges(e);if(t.nextnonce)return t.nextnonce;throw Se(je,"")}const t=this.headers[k];if(t){const e=this.parseChallenges(t);if(e.nonce)return e.nonce;throw Se(je,"")}throw Se(ze,"")}parseChallenges(e){const t=e.indexOf(" "),r=e.substr(t+1).split(","),o={};return r.forEach((e=>{const[t,r]=e.split("=");o[t]=unescape(r.replace(/['"]+/g,""))})),o}},e.AuthenticationScheme=yh,e.AzureCloudInstance=kr,e.BrowserAuthError=ns,e.BrowserAuthErrorCodes=rs,e.BrowserCacheLocation=As,e.BrowserConfigurationAuthError=Ta,e.BrowserConfigurationAuthErrorCodes=ka,e.BrowserPerformanceClient=class extends Kn{constructor(e,r){super(e.auth.clientId,e.auth.authority||`${t}`,new wr(e.system?.loggerOptions||{},Rc,Oc),Rc,Oc,e.telemetry?.application||{appName:"",appVersion:""},r)}generateId(){return ha()}getPageVisibility(){return document.visibilityState?.toString()||null}getOnlineStatus(){return"undefined"!=typeof navigator?navigator.onLine:null}deleteIncompleteSubMeasurements(e){uh()?.then((t=>{const r=this.eventsByCorrelationId.get(e.event.correlationId),o=r&&r.eventId===e.event.eventId,n=[];o&&r?.incompleteSubMeasurements&&r.incompleteSubMeasurements.forEach((e=>{n.push({...e})})),t.BrowserPerformanceMeasurement.flushMeasurements(e.event.correlationId,n)}))}startMeasurement(e,t){const r=this.getPageVisibility(),o=this.getOnlineStatus(),n=super.startMeasurement(e,t),i=gh()?window.performance.now():void 0,s=uh()?.then((t=>new t.BrowserPerformanceMeasurement(e,n.event.correlationId)));return s?.then((e=>e.startMeasurement())),{...n,end:(e,t,a)=>{const c=function(){if("undefined"==typeof window||!window.navigator)return{};const e="connection"in window.navigator?window.navigator.connection:void 0;return{effectiveType:e?.effectiveType,rtt:e?.rtt}}(),l=n.end({...e,startPageVisibility:r,startOnlineStatus:o,endPageVisibility:this.getPageVisibility(),durationMs:ph(i),networkEffectiveType:c.effectiveType,networkRtt:c.rtt},t,a);return s?.then((e=>e.endMeasurement())),this.deleteIncompleteSubMeasurements(n),l},discard:()=>{n.discard(),s?.then((e=>e.flushMeasurement())),this.deleteIncompleteSubMeasurements(n)}}}},e.BrowserPerformanceMeasurement=mh,e.BrowserRootPerformanceEvents=ac,e.BrowserUtils=ja,e.CacheLookupPolicy=js,e.ClientAuthError=Ee,e.ClientAuthErrorCodes=xt,e.ClientConfigurationError=Ae,e.ClientConfigurationErrorCodes=Ze,e.DEFAULT_IFRAME_TIMEOUT_MS=1e4,e.EventHandler=zc,e.EventMessageUtils=class{static getInteractionStatusFromEvent(t,r){switch(t.eventType){case Pc.ACQUIRE_TOKEN_START:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup)return $s.AcquireToken;break;case Pc.HANDLE_REDIRECT_START:return $s.HandleRedirect;case Pc.LOGOUT_START:return $s.Logout;case Pc.LOGOUT_END:if(r&&r!==$s.Logout)break;return $s.None;case Pc.HANDLE_REDIRECT_END:if(r&&r!==$s.HandleRedirect)break;return $s.None;case Pc.ACQUIRE_TOKEN_SUCCESS:case Pc.ACQUIRE_TOKEN_FAILURE:case Pc.RESTORE_FROM_BFCACHE:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup){if(r&&r!==$s.AcquireToken)break;return $s.None}}return null}},e.EventType=Pc,e.InteractionRequiredAuthError=Xo,e.InteractionRequiredAuthErrorCodes=Vo,e.InteractionStatus=$s,e.JsonWebTokenTypes=Ch,e.LocalStorage=_c,e.Logger=wr,e.MemoryStorage=Wa,e.NavigationClient=kl,e.OIDC_DEFAULT_SCOPES=vh,e.PromptValue=wh,e.ProtocolMode=jr,e.PublicClientApplication=ih,e.ResponseMode=Ih,e.ServerError=rn,e.SessionStorage=Ec,e.SignedHttpRequest=class{constructor(e,t){const r=t&&t.loggerOptions||{};this.logger=new wr(r,Rc,Oc),this.cryptoOps=new Qa(this.logger),this.popTokenGenerator=new Do(this.cryptoOps,new to),this.shrParameters=e}async generatePublicKeyThumbprint(){const{kid:e}=await this.popTokenGenerator.generateKid(this.shrParameters);return e}async signRequest(e,t,r){return this.popTokenGenerator.signPayload(e,t,this.shrParameters,r)}async removeKeys(e,t){return this.cryptoOps.removeTokenBindingKey(e,t)}},e.StubPerformanceClient=to,e.WrapperSKU={React:"@azure/msal-react",Angular:"@azure/msal-angular"},e.createNestablePublicClientApplication=async function(e,t,r){const o=new nh(e);if(await o.initialize(t),o.isAvailable()){const n=t||ha(),i=new rh(o),s=r?r(e,i):new ih(e,i);return await s.initialize({correlationId:n}),s}return sh(e)},e.createStandardPublicClientApplication=sh,e.enforceResourceParameter=Rn,e.isPlatformBrokerAvailable=async function(e,t,r,o){const n=new wr(t||{},Rc,Oc),i=r||new to;return"undefined"==typeof window?(n.trace("082ed3",o||ha()),!1):!!await Pl(n,i,o||ha(),void 0,e)},e.loadExternalTokens=async function(e,t,r,o,n=new to){Fa();const i=Sl(e,!0),s=t.correlationId||ha(),a=n.startMeasurement(ic,s);try{const c=r.id_token?Tr(r.id_token,ss,s):void 0,l=br(c||{}),h={protocolMode:i.system.protocolMode,knownAuthorities:i.auth.knownAuthorities,cloudDiscoveryMetadata:i.auth.cloudDiscoveryMetadata,authorityMetadata:i.auth.authorityMetadata},d=new wr(i.system.loggerOptions||{},Rc,Oc),u=new Qa(d,i.telemetry.client),g=new Lc(i.auth.clientId,i.cache,u,d,i.telemetry.client,new zc(d),vn(i.auth));await g.initialize(s);const p=t.authority||i.auth.authority,m=await kn(wn.generateAuthority(p,t.azureCloudOptions),i.system.networkClient,g,h,d,s,n),f=await Fo(ch,"loadAccount",d,n,s)(t,o.clientInfo||r.client_info||"",s,g,d,u,m,c,n),y=await Fo(lh,"loadIdToken",d,n,s)(r,f.homeAccountId,f.environment,f.realm,l,s,g,d,e.auth.clientId),I=await Fo(hh,"loadAccessToken",d,n,s)(t,r,f.homeAccountId,f.environment,f.realm,l,o,s,g,d,e.auth.clientId),w=await Fo(dh,"loadRefreshToken",d,n,s)(r,f.homeAccountId,f.environment,l,s,g,d,e.auth.clientId,n);return a.end({success:!0},void 0,Jr(f)),function(e,t,r,o){let n,i="",s=[],a=null;t?.accessToken&&(i=t.accessToken.secret,s=qt.fromString(t.accessToken.target,e.correlationId||"").asArray(),a=mo(t.accessToken.expiresOn),n=mo(t.accessToken.extendedExpiresOn));const c=t.account;return{authority:r.canonicalAuthority,uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:Jr(c),idToken:t.idToken?.secret||"",idTokenClaims:o||{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId||"",requestId:"",extExpiresOn:n,familyId:t.refreshToken?.familyId||"",tokenType:t?.accessToken?.tokenType||"",state:e.state||"",cloudGraphHostName:c.cloudGraphHostName||"",msGraphHost:c.msGraphHost||"",fromPlatformBroker:!1}}(t,{account:f,idToken:y,accessToken:I,refreshToken:w},m,c)}catch(e){throw a.end({success:!1},e),e}},e.stubbedPublicClientApplication=ah,e.version=Oc}));
|
|
1
|
+
/*! @azure/msal-browser v5.17.0 2026-07-07 */
|
|
2
|
+
"use strict";!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).msal={})}(this,function(e){const t="client_id",r="redirect_uri",o="token_type",n="req_cnf",i="return_spa_code",s="x-client-xtra-sku",a="brk_client_id",c="brk_redirect_uri",l="instance_aware",h="https://login.microsoftonline.com/common/",d="common",u=`${h}discovery/instance?api-version=1.1&authorization_endpoint=`,g=".ciamlogin.com",p=".onmicrosoft.com",m="openid",f="profile",y="offline_access",I="S256",w="N/A",C="Not Available",v="http://169.254.169.254/metadata/instance/compute",k=["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"],T="GET",b="POST",A=[m,f,y],S=[...A,"email"],_="Content-Type",E="Content-Length",P="Retry-After",R="X-AnchorMailbox",O="WWW-Authenticate",M="Authentication-Info",x="x-ms-request-id",q="x-ms-httpver",N="active-account-filters",U="common",L="organizations",F="consumers",H="access_token",D="xms_cc",$="id_token",K="signin_state",B="login_hint",z={LOGIN:"login",SELECT_ACCOUNT:"select_account",CONSENT:"consent",NONE:"none",CREATE:"create",NO_SESSION:"no_session"},j="code",J="id_token token refresh_token",W={QUERY:"query",FRAGMENT:"fragment",FORM_POST:"form_post"},G="authorization_code",Q="refresh_token",V="Generic",Y={ID_TOKEN:"IdToken",ACCESS_TOKEN:"AccessToken",ACCESS_TOKEN_WITH_AUTH_SCHEME:"AccessToken_With_AuthScheme",REFRESH_TOKEN:"RefreshToken"},Z="appmetadata",X="1",ee="authority-metadata",te="config",re="cache",oe="network",ne="hardcoded_values",ie=5,se="server-telemetry",ae=",",ce={BEARER:"Bearer",POP:"pop",SSH:"ssh-cert"},le="throttling",he="1",de="3",ue="4",ge="2",pe="4",me="5",fe="0",ye="1",Ie="2",we="3",Ce="4",ve={Jwt:"JWT",Jwk:"JWK",Pop:"pop"};function ke(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class Te extends Error{constructor(e,t,r,o){const n=r||(e?ke(e):"");super(n?`${e}: ${n}`:e),Object.setPrototypeOf(this,Te.prototype),this.errorCode=e||"",this.errorMessage=n||"",this.subError=o||"",this.correlationId=t,this.name="AuthError"}}function be(e,t,r){return new Te(e,t,r||ke(e))}class Ae extends Te{constructor(e,t,r){super(e,t,r),this.name="ClientAuthError",Object.setPrototypeOf(this,Ae.prototype)}}function Se(e,t,r){return new Ae(e,t,r)}const _e="client_info_decoding_error",Ee="client_info_empty_error",Pe="token_parsing_error",Re="null_or_empty_token",Oe="endpoints_resolution_error",Me="network_error",xe="openid_config_error",qe="hash_not_deserialized",Ne="invalid_state",Ue="state_mismatch",Le="state_not_found",Fe="nonce_mismatch",He="multiple_matching_appMetadata",De="request_cannot_be_made",$e="cannot_remove_empty_scope",Ke="cannot_append_scopeset",Be="empty_input_scopeset",ze="no_account_in_silent_request",je="invalid_cache_record",Je="invalid_cache_environment",We="no_account_found",Ge="no_crypto_object",Qe="token_refresh_required",Ve="token_claims_cnf_required_for_signedjwt",Ye="authorization_code_missing_from_server_response",Ze="binding_key_not_removed",Xe="end_session_endpoint_not_supported",et="key_id_missing",tt="no_network_connectivity",rt="user_canceled",ot="method_not_implemented",nt="nested_app_auth_bridge_disabled",it="resource_parameter_required",st="misplaced_resource_parameter";var at=Object.freeze({__proto__:null,authorizationCodeMissingFromServerResponse:Ye,bindingKeyNotRemoved:Ze,cannotAppendScopeSet:Ke,cannotRemoveEmptyScope:$e,clientInfoDecodingError:_e,clientInfoEmptyError:Ee,emptyInputScopeSet:Be,endSessionEndpointNotSupported:Xe,endpointResolutionError:Oe,hashNotDeserialized:qe,invalidCacheEnvironment:Je,invalidCacheRecord:je,invalidState:Ne,keyIdMissing:et,methodNotImplemented:ot,misplacedResourceParam:st,multipleMatchingAppMetadata:He,multipleMatchingTokens:"multiple_matching_tokens",nestedAppAuthBridgeDisabled:nt,networkError:Me,noAccountFound:We,noAccountInSilentRequest:ze,noCryptoObject:Ge,noNetworkConnectivity:tt,nonceMismatch:Fe,nullOrEmptyToken:Re,openIdConfigError:xe,platformBrokerError:"platform_broker_error",requestCannotBeMade:De,resourceParameterRequired:it,stateMismatch:Ue,stateNotFound:Le,tokenClaimsCnfRequiredForSignedJwt:Ve,tokenParsingError:Pe,tokenRefreshRequired:Qe,unexpectedCredentialType:"unexpected_credential_type",userCanceled:rt});function ct(e,t){if(!e)throw Se(Ee,"");try{const r=t(e);return JSON.parse(r)}catch(e){throw Se(_e,"")}}function lt(e){if(!e)throw Se(_e,"");const t=e.split(".",2);return{uid:t[0],utid:t.length<2?"":t[1]}}function ht(e,t,r){const o=function(e,t){if(!e)throw Se(Re,t);const r=/^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/.exec(e);if(!r||r.length<4)throw Se(Pe,t);return r[2]}(e,r);try{const e=t(o);return JSON.parse(e)}catch(e){throw Se(Pe,r)}}function dt(e){if(!e.signin_state)return!1;const t=["kmsi","dvc_dmjd"];return e.signin_state.some(e=>t.includes(e.trim().toLowerCase()))}function ut(e,t){return!!e&&!!t&&e===t.split(".")[1]}function gt(e,t,r,o,n){if(n){const{oid:t,sub:r,tid:i,name:s,tfp:a,acr:c,preferred_username:l,upn:h,login_hint:d}=n,u=i||a||c||"";return{tenantId:u,localAccountId:t||r||"",name:s,username:l||h||"",loginHint:d,isHomeTenant:ut(u,e),upn:h,...o&&{nativeAccountId:o}}}return{tenantId:r,localAccountId:t,username:"",isHomeTenant:ut(r,e),...o&&{nativeAccountId:o}}}function pt(e,t,r,o){let n=e;if(t){const{isHomeTenant:r,...o}=t;n={...e,...o}}if(r){const{isHomeTenant:t,...i}=gt(e.homeAccountId,e.localAccountId,e.tenantId,n.nativeAccountId,r);return n={...n,...i,idTokenClaims:r,idToken:o,kmsi:dt(r)},n}return n}const mt=0,ft=1,yt=2,It=3;function wt(e){if(e){return e.tid||e.tfp||e.acr||null}return null}const Ct={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"};function vt(e){const t=e.tenantProfiles||[];0===t.length&&e.realm&&e.localAccountId&&t.push(gt(e.homeAccountId,e.localAccountId,e.realm,e.nativeAccountId));const r=t.find(t=>t.tenantId===e.realm),o=r?.nativeAccountId||e.nativeAccountId;return{homeAccountId:e.homeAccountId,environment:e.environment,tenantId:e.realm,username:e.username,localAccountId:e.localAccountId,loginHint:e.loginHint,name:e.name,nativeAccountId:o,authorityType:e.authorityType,tenantProfiles:new Map(t.map(e=>[e.tenantId,e])),dataBoundary:e.dataBoundary}}function kt(e,t,r){const o=Array.from(e.tenantProfiles?.values()||[]);if(0===o.length&&e.tenantId&&e.localAccountId)o.push(gt(e.homeAccountId,e.localAccountId,e.tenantId,e.nativeAccountId,e.idTokenClaims));else if(e.nativeAccountId){const t=o.find(t=>t.tenantId===e.tenantId);t&&!t.nativeAccountId&&(t.nativeAccountId=e.nativeAccountId)}return{authorityType:e.authorityType||V,homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,nativeAccountId:e.nativeAccountId,realm:e.tenantId,environment:e.environment,username:e.username,loginHint:e.loginHint,name:e.name,cloudGraphHostName:t,msGraphHost:r,tenantProfiles:o,dataBoundary:e.dataBoundary}}function Tt(e,t,r,o,n,i){if(t!==ft&&t!==yt){if(e)try{const t=ct(e,o.base64Decode);if(t.uid&&t.utid)return`${t.uid}.${t.utid}`}catch(e){}r.warning("1ub6wv",n)}return i?.sub||""}const bt="unexpected_error";var At=Object.freeze({__proto__:null,postRequestFailed:"post_request_failed",unexpectedError:bt});class St extends Te{constructor(e,t){super(e,t),this.name="ClientConfigurationError",Object.setPrototypeOf(this,St.prototype)}}function _t(e,t){return new St(e,t)}const Et="redirect_uri_empty",Pt="authority_uri_insecure",Rt="url_parse_error",Ot="empty_url_error",Mt="empty_input_scopes_error",xt="invalid_claims",qt="token_request_empty",Nt="logout_request_empty",Ut="pkce_params_missing",Lt="invalid_cloud_discovery_metadata",Ft="invalid_authority_metadata",Ht="untrusted_authority",Dt="missing_ssh_jwk",$t="missing_ssh_kid",Kt="missing_nonce_authentication_header",Bt="invalid_authentication_header",zt="cannot_set_OIDCOptions",jt="cannot_allow_platform_broker",Jt="authority_mismatch",Wt="invalid_request_method_for_EAR",Gt="invalid_platform_broker_configuration",Qt="issuer_validation_failed";var Vt=Object.freeze({__proto__:null,authorityMismatch:Jt,authorityUriInsecure:Pt,cannotAllowPlatformBroker:jt,cannotSetOIDCOptions:zt,claimsRequestParsingError:"claims_request_parsing_error",emptyInputScopesError:Mt,invalidAuthenticationHeader:Bt,invalidAuthorityMetadata:Ft,invalidClaims:xt,invalidCloudDiscoveryMetadata:Lt,invalidCodeChallengeMethod:"invalid_code_challenge_method",invalidPlatformBrokerConfiguration:Gt,invalidRequestMethodForEAR:Wt,invalidResponseMode:"invalid_response_mode",issuerValidationFailed:Qt,logoutRequestEmpty:Nt,missingNonceAuthenticationHeader:Kt,missingSshJwk:Dt,missingSshKid:$t,pkceParamsMissing:Ut,redirectUriEmpty:Et,tokenRequestEmpty:qt,untrustedAuthority:Ht,urlEmptyError:Ot,urlParseError:Rt});class Yt{static isEmptyObj(e){if(e)try{const t=JSON.parse(e);return 0===Object.keys(t).length}catch(e){}return!0}static startsWith(e,t){return 0===e.indexOf(t)}static endsWith(e,t){return e.length>=t.length&&e.lastIndexOf(t)===e.length-t.length}static queryStringToObject(e){const t={},r=e.split("&"),o=e=>decodeURIComponent(e.replace(/\+/g," "));return r.forEach(e=>{if(e.trim()){const[r,n]=e.split(/=(.+)/g,2);r&&n&&(t[o(r)]=o(n))}}),t}static trimArrayEntries(e){return e.map(e=>e.trim())}static removeEmptyStringsFromArray(e){return e.filter(e=>!!e)}static jsonParseHelper(e){try{return JSON.parse(e)}catch(e){return null}}}class Zt{get urlString(){return this._urlString}constructor(e,t){if(this._urlString=e,this.correlationId=t,!this._urlString)throw _t(Ot,t);e.includes("#")||(this._urlString=Zt.canonicalizeUri(e))}static canonicalizeUri(e){if(e){let t=e.toLowerCase();return Yt.endsWith(t,"?")?t=t.slice(0,-1):Yt.endsWith(t,"?/")&&(t=t.slice(0,-2)),Yt.endsWith(t,"/")||(t+="/"),t}return e}validateAsUri(){let e;try{e=this.getUrlComponents()}catch(e){throw _t(Rt,this.correlationId)}if(!e.HostNameAndPort||!e.PathSegments)throw _t(Rt,this.correlationId);if(!e.Protocol||"https:"!==e.Protocol.toLowerCase())throw _t(Pt,this.correlationId)}static appendQueryString(e,t){return t?e.indexOf("?")<0?`${e}?${t}`:`${e}&${t}`:e}static removeHashFromUrl(e){return Zt.canonicalizeUri(e.split("#")[0])}replaceTenantPath(e){const t=this.getUrlComponents(),r=t.PathSegments;return!e||0===r.length||r[0]!==U&&r[0]!==L||(r[0]=e),Zt.constructAuthorityUriFromObject(t,this.correlationId)}getUrlComponents(){const e=RegExp("^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?"),t=this.urlString.match(e);if(!t)throw _t(Rt,this.correlationId);const r={Protocol:t[1],HostNameAndPort:t[4],AbsolutePath:t[5],QueryString:t[7]};let o=r.AbsolutePath.split("/");return o=o.filter(e=>e&&e.length>0),r.PathSegments=o,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(e,t){const r=RegExp("^([^:/?#]+://)?([^/?#]*)"),o=e.match(r);if(!o)throw _t(Rt,t);return o[2]}static getAbsoluteUrl(e,t,r){if("/"===e[0]){const o=new Zt(t,r).getUrlComponents();return o.Protocol+"//"+o.HostNameAndPort+e}return e}static constructAuthorityUriFromObject(e,t){return new Zt(e.Protocol+"//"+e.HostNameAndPort+"/"+e.PathSegments.join("/"),t)}}const Xt={endpointMetadata:[{host:"login.microsoftonline.com"},{host:"login.chinacloudapi.cn",issuerHost:"login.partner.microsoftonline.cn"},{host:"login.microsoftonline.us"},{host:"login.sovcloud-identity.fr"},{host:"login.sovcloud-identity.de"},{host:"login.sovcloud-identity.sg"}].reduce((e,{host:t,issuerHost:r})=>(e[t]=function(e,t){return{token_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/token`,jwks_uri:`https://${e}/{tenantid}/discovery/v2.0/keys`,issuer:`https://${t}/{tenantid}/v2.0`,authorization_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/authorize`,end_session_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/logout`}}(t,r||t),e),{}),instanceDiscoveryMetadata:{metadata:[{preferred_network:"login.microsoftonline.com",preferred_cache:"login.windows.net",aliases:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{preferred_network:"login.partner.microsoftonline.cn",preferred_cache:"login.partner.microsoftonline.cn",aliases:["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{preferred_network:"login.microsoftonline.de",preferred_cache:"login.microsoftonline.de",aliases:["login.microsoftonline.de"]},{preferred_network:"login.microsoftonline.us",preferred_cache:"login.microsoftonline.us",aliases:["login.microsoftonline.us","login.usgovcloudapi.net"]},{preferred_network:"login-us.microsoftonline.com",preferred_cache:"login-us.microsoftonline.com",aliases:["login-us.microsoftonline.com"]},{preferred_network:"login.sovcloud-identity.fr",preferred_cache:"login.sovcloud-identity.fr",aliases:["login.sovcloud-identity.fr"]},{preferred_network:"login.sovcloud-identity.de",preferred_cache:"login.sovcloud-identity.de",aliases:["login.sovcloud-identity.de"]},{preferred_network:"login.sovcloud-identity.sg",preferred_cache:"login.sovcloud-identity.sg",aliases:["login.sovcloud-identity.sg"]},{preferred_network:"login.windows-ppe.net",preferred_cache:"login.windows-ppe.net",aliases:["login.windows-ppe.net","sts.windows-ppe.net","login.microsoft-ppe.com"]}]}},er=Xt.endpointMetadata,tr=Xt.instanceDiscoveryMetadata,rr=new Set;function or(e,t,r,o,n){if(e.trace(`1bmquz ${n}`,t),r&&o){const i=nr(o,r);if(i)return e.trace(`1fotbt ${n}`,t),i.aliases;e.trace(`14avvj ${n}`,t)}return null}function nr(e,t){for(let r=0;r<e.length;r++){const o=e[r];if(o.aliases.includes(t))return o}return null}tr.metadata.forEach(e=>{e.aliases.forEach(e=>{rr.add(e)})});const ir={None:"none",AzurePublic:"https://login.microsoftonline.com",AzurePpe:"https://login.windows-ppe.net",AzureChina:"https://login.chinacloudapi.cn",AzureGermany:"https://login.microsoftonline.de",AzureUsGovernment:"https://login.microsoftonline.us"};const sr="networkClientSendPostRequestAsync",ar="refreshTokenClientAcquireTokenWithCachedRefreshToken",cr="getAuthCodeUrl",lr="handleCodeResponseFromServer",hr="popTokenGenerateCnf",dr="handleServerTokenResponse",ur="authorityUpdateMetadataWithRegionalInformation",gr="regionDiscoveryGetRegionFromIMDS",pr=(e,t,r,o,n)=>(...i)=>{r.trace(`1plfzx ${t}`,n);const s=o.startMeasurement(t,n);n&&o.incrementFields({[`ext.${t}CallCount`]:1},n);try{const o=e(...i);return s.end({success:!0}),r.trace(`1g8n6a ${t}`,n),o}catch(e){r.trace(`0cfd8i ${t}`,n);try{r.trace(JSON.stringify(e),n)}catch(e){r.trace("00dty7",n)}throw s.end({success:!1},e),e}},mr=(e,t,r,o,n)=>(...i)=>{r.trace(`1plfzx ${t}`,n);const s=o.startMeasurement(t,n);return n&&o.incrementFields({[`ext.${t}CallCount`]:1},n),e(...i).then(e=>(r.trace(`1g8n6a ${t}`,n),s.end({success:!0}),e)).catch(e=>{r.trace(`0cfd8i ${t}`,n);try{r.trace(JSON.stringify(e),n)}catch(e){r.trace("00dty7",n)}throw s.end({success:!1},e),e})};class fr{constructor(e,t,r,o){this.networkInterface=e,this.logger=t,this.performanceClient=r,this.correlationId=o}async detectRegion(e,t){let r=e;if(r)t.region_source=de;else{const e=fr.IMDS_OPTIONS;try{const o=await mr(this.getRegionFromIMDS.bind(this),gr,this.logger,this.performanceClient,this.correlationId)("2021-02-01",e);if(200===o.status&&(r=o.body?.location,r&&(t.region_source=ue)),400===o.status){const o=await mr(this.getCurrentVersion.bind(this),"regionDiscoveryGetCurrentVersion",this.logger,this.performanceClient,this.correlationId)(e);if(!o)return t.region_source=he,null;const n=await mr(this.getRegionFromIMDS.bind(this),gr,this.logger,this.performanceClient,this.correlationId)(o,e);200===n.status&&(r=n.body?.location,r&&(t.region_source=ue))}}catch(e){return t.region_source=he,null}}return r||(t.region_source=he),r||null}async getRegionFromIMDS(e,t){return this.networkInterface.sendGetRequestAsync(`${v}?api-version=${e}`,t,2e3)}async getCurrentVersion(e){try{const t=await this.networkInterface.sendGetRequestAsync(`${v}?format=json`,e);return 400===t.status&&t.body&&t.body["newest-versions"]&&t.body["newest-versions"].length>0?t.body["newest-versions"][0]:null}catch(e){return null}}}function yr(){return Math.round((new Date).getTime()/1e3)}function Ir(e){return e.getTime()/1e3}function wr(e){return e?new Date(1e3*Number(e)):new Date}function Cr(e,t){const r=Number(e)||0;return yr()+t>r}function vr(e,t){const r=Number(e)+24*t*60*60*1e3;return Date.now()>r}function kr(e){return Number(e)>yr()}function Tr(e,t,r,o,n){return{credentialType:Y.ID_TOKEN,homeAccountId:e,environment:t,clientId:o,secret:r,realm:n,lastUpdatedAt:Date.now().toString()}}function br(e,t,r,o,n,i,s,a,c,l,h,d,u,g,p){const m={homeAccountId:e,credentialType:Y.ACCESS_TOKEN,secret:r,cachedAt:yr().toString(),expiresOn:s.toString(),extendedExpiresOn:a.toString(),environment:t,clientId:o,realm:n,target:i,tokenType:d||ce.BEARER,lastUpdatedAt:Date.now().toString()};if(u&&(m.userAssertionHash=u),h&&(m.refreshOn=h.toString()),m.tokenType?.toLowerCase()!==ce.BEARER.toLowerCase())switch(m.credentialType=Y.ACCESS_TOKEN_WITH_AUTH_SCHEME,m.tokenType){case ce.POP:const e=ht(r,c,l);if(!e?.cnf?.kid)throw Se(Ve,l);m.keyId=e.cnf.kid;break;case ce.SSH:m.keyId=g}return p&&Object.keys(p).length>0&&(m.additionalCacheKeyComponents=p),m}function Ar(e,t,r,o,n,i,s){const a={credentialType:Y.REFRESH_TOKEN,homeAccountId:e,environment:t,clientId:o,secret:r,lastUpdatedAt:Date.now().toString()};return i&&(a.userAssertionHash=i),n&&(a.familyId=n),s&&(a.expiresOn=s.toString()),a}function Sr(e){return e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("credentialType")&&e.hasOwnProperty("clientId")&&e.hasOwnProperty("secret")}function _r(e){return!!e&&(Sr(e)&&e.hasOwnProperty("realm")&&e.hasOwnProperty("target")&&(e.credentialType===Y.ACCESS_TOKEN||e.credentialType===Y.ACCESS_TOKEN_WITH_AUTH_SCHEME))}function Er(e){return!!e&&(Sr(e)&&e.credentialType===Y.REFRESH_TOKEN)}function Pr(){return yr()+86400}function Rr(e,t,r){e.authorization_endpoint=t.authorization_endpoint,e.token_endpoint=t.token_endpoint,e.end_session_endpoint=t.end_session_endpoint,e.issuer=t.issuer,e.endpointsFromNetwork=r,e.jwks_uri=t.jwks_uri}function Or(e,t,r){e.aliases=t.aliases,e.preferred_cache=t.preferred_cache,e.preferred_network=t.preferred_network,e.aliasesFromNetwork=r}function Mr(e){return e.expiresAt<=yr()}fr.IMDS_OPTIONS={headers:{Metadata:"true"}};class xr{constructor(e,t,r,o,n,i,s,a){this.canonicalAuthority=e,this._canonicalAuthority.validateAsUri(),this.networkInterface=t,this.cacheManager=r,this.authorityOptions=o,this.regionDiscoveryMetadata={region_used:void 0,region_source:void 0,region_outcome:void 0},this.logger=n,this.performanceClient=s,this.correlationId=i,this.managedIdentity=a||!1,this.regionDiscovery=new fr(t,this.logger,this.performanceClient,this.correlationId)}getAuthorityType(e){if(e.HostNameAndPort.endsWith(g))return It;const t=e.PathSegments;if(t.length)switch(t[0].toLowerCase()){case"adfs":return ft;case"dstsv2":return yt}return mt}get authorityType(){return this.getAuthorityType(this.canonicalAuthorityUrlComponents)}get protocolMode(){return this.authorityOptions.protocolMode}get options(){return this.authorityOptions}get canonicalAuthority(){return this._canonicalAuthority.urlString}set canonicalAuthority(e){this._canonicalAuthority=new Zt(e,this.correlationId),this._canonicalAuthority.validateAsUri(),this._canonicalAuthorityUrlComponents=null}get canonicalAuthorityUrlComponents(){return this._canonicalAuthorityUrlComponents||(this._canonicalAuthorityUrlComponents=this._canonicalAuthority.getUrlComponents()),this._canonicalAuthorityUrlComponents}get hostnameAndPort(){return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()}get tenant(){return this.canonicalAuthorityUrlComponents.PathSegments[0]}get authorizationEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.authorization_endpoint);throw Se(Oe,this.correlationId)}get tokenEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint);throw Se(Oe,this.correlationId)}get deviceCodeEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint.replace("/token","/devicecode"));throw Se(Oe,this.correlationId)}get endSessionEndpoint(){if(this.discoveryComplete()){if(!this.metadata.end_session_endpoint)throw Se(Xe,this.correlationId);return this.replacePath(this.metadata.end_session_endpoint)}throw Se(Oe,this.correlationId)}get selfSignedJwtAudience(){if(this.discoveryComplete())return this.replacePath(this.metadata.issuer);throw Se(Oe,this.correlationId)}get jwksUri(){if(this.discoveryComplete())return this.replacePath(this.metadata.jwks_uri);throw Se(Oe,this.correlationId)}canReplaceTenant(e){return 1===e.PathSegments.length&&!xr.reservedTenantDomains.has(e.PathSegments[0])&&this.getAuthorityType(e)===mt&&this.protocolMode!==Ct.OIDC}replaceTenant(e){return e.replace(/{tenant}|{tenantid}/g,this.tenant)}replacePath(e){let t=e;const r=new Zt(this.metadata.canonical_authority,this.correlationId).getUrlComponents(),o=r.PathSegments;return this.canonicalAuthorityUrlComponents.PathSegments.forEach((e,n)=>{let i=o[n];if(0===n&&this.canReplaceTenant(r)){const e=new Zt(this.metadata.authorization_endpoint,this.correlationId).getUrlComponents().PathSegments[0];i!==e&&(this.logger.verbose(`1q3g2x ${i} ${e}`,this.correlationId),i=e)}e!==i&&(t=t.replace(`/${i}/`,`/${e}/`))}),this.replaceTenant(t)}get defaultOpenIdConfigurationEndpoint(){const e=this.hostnameAndPort;return this.canonicalAuthority.endsWith("v2.0/")||this.authorityType===ft||this.protocolMode===Ct.OIDC&&!this.isAliasOfKnownMicrosoftAuthority(e)?`${this.canonicalAuthority}.well-known/openid-configuration`:`${this.canonicalAuthority}v2.0/.well-known/openid-configuration`}discoveryComplete(){return!!this.metadata}async resolveEndpointsAsync(){const e=this.getCurrentMetadataEntity(),t=await mr(this.updateCloudDiscoveryMetadata.bind(this),"authorityUpdateCloudDiscoveryMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.canonicalAuthority=this.canonicalAuthority.replace(this.hostnameAndPort,e.preferred_network);const r=await mr(this.updateEndpointMetadata.bind(this),"authorityUpdateEndpointMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.updateCachedMetadata(e,t,{source:r}),this.performanceClient?.addFields({cloudDiscoverySource:t,authorityEndpointSource:r},this.correlationId)}getCurrentMetadataEntity(){let e=this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort,this.correlationId);return e||(e={aliases:[],preferred_cache:this.hostnameAndPort,preferred_network:this.hostnameAndPort,canonical_authority:this.canonicalAuthority,authorization_endpoint:"",token_endpoint:"",end_session_endpoint:"",issuer:"",aliasesFromNetwork:!1,endpointsFromNetwork:!1,expiresAt:Pr(),jwks_uri:""}),e}updateCachedMetadata(e,t,r){t!==re&&r?.source!==re&&(e.expiresAt=Pr(),e.canonical_authority=this.canonicalAuthority);const o=this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache,this.correlationId);this.cacheManager.setAuthorityMetadata(o,e,this.correlationId),this.metadata=e}async updateEndpointMetadata(e){const t=this.updateEndpointMetadataFromLocalSources(e);if(t){if(t.source===ne&&this.authorityOptions.azureRegionConfiguration?.azureRegion&&t.metadata){Rr(e,await mr(this.updateMetadataWithRegionalInformation.bind(this),ur,this.logger,this.performanceClient,this.correlationId)(t.metadata),!1),e.canonical_authority=this.canonicalAuthority}return t.source}let r=await mr(this.getEndpointMetadataFromNetwork.bind(this),"authorityGetEndpointMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return this.validateIssuer(r.issuer),this.authorityOptions.azureRegionConfiguration?.azureRegion&&(r=await mr(this.updateMetadataWithRegionalInformation.bind(this),ur,this.logger,this.performanceClient,this.correlationId)(r)),Rr(e,r,!0),oe;throw Se(xe,this.defaultOpenIdConfigurationEndpoint,this.correlationId)}updateEndpointMetadataFromLocalSources(e){this.logger.verbose("1fi0kc",this.correlationId);const t=this.getEndpointMetadataFromConfig();if(t)return this.logger.verbose("06t0uj",this.correlationId),Rr(e,t,!1),{source:te};this.logger.verbose("151k0p",this.correlationId);const r=this.getEndpointMetadataFromHardcodedValues();if(r)return Rr(e,r,!1),{source:ne,metadata:r};this.logger.verbose("1imop5",this.correlationId);const o=Mr(e);return this.isAuthoritySameType(e)&&e.endpointsFromNetwork&&!o?(this.logger.verbose("16uq31",""),{source:re}):(o&&this.logger.verbose("0uoibc",""),null)}isAuthoritySameType(e){return new Zt(e.canonical_authority,this.correlationId).getUrlComponents().PathSegments.length===this.canonicalAuthorityUrlComponents.PathSegments.length}getEndpointMetadataFromConfig(){if(this.authorityOptions.authorityMetadata)try{return JSON.parse(this.authorityOptions.authorityMetadata)}catch(e){throw _t(Ft,this.correlationId)}return null}async getEndpointMetadataFromNetwork(){const e={},t=this.defaultOpenIdConfigurationEndpoint;this.logger.verbose(`1y65x6 ${t}`,this.correlationId);try{const r=await this.networkInterface.sendGetRequestAsync(t,e),o=function(e){return e.hasOwnProperty("authorization_endpoint")&&e.hasOwnProperty("token_endpoint")&&e.hasOwnProperty("issuer")&&e.hasOwnProperty("jwks_uri")}(r.body);return o?r.body:(this.logger.verbose("1koyv8",this.correlationId),null)}catch(e){return this.logger.verbose(`0a9wik ${e}`,this.correlationId),null}}getEndpointMetadataFromHardcodedValues(){return this.hostnameAndPort in er?er[this.hostnameAndPort]:null}async updateMetadataWithRegionalInformation(e){const t=this.authorityOptions.azureRegionConfiguration?.azureRegion;if(t){if("TryAutoDetect"!==t)return this.regionDiscoveryMetadata.region_outcome=ge,this.regionDiscoveryMetadata.region_used=t,xr.replaceWithRegionalInformation(e,t,this.correlationId);const r=await mr(this.regionDiscovery.detectRegion.bind(this.regionDiscovery),"regionDiscoveryDetectRegion",this.logger,this.performanceClient,this.correlationId)(this.authorityOptions.azureRegionConfiguration?.environmentRegion,this.regionDiscoveryMetadata);if(r)return this.regionDiscoveryMetadata.region_outcome=pe,this.regionDiscoveryMetadata.region_used=r,xr.replaceWithRegionalInformation(e,r,this.correlationId);this.regionDiscoveryMetadata.region_outcome=me}return e}async updateCloudDiscoveryMetadata(e){const t=this.updateCloudDiscoveryMetadataFromLocalSources(e);if(t)return t;const r=await mr(this.getCloudDiscoveryMetadataFromNetwork.bind(this),"authorityGetCloudDiscoveryMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return Or(e,r,!0),oe;throw _t(Ht,this.correlationId)}updateCloudDiscoveryMetadataFromLocalSources(e){this.logger.verbose("1tpqlr",this.correlationId),this.logger.verbosePii(`1fy7uz ${this.authorityOptions.knownAuthorities||w}`,this.correlationId),this.logger.verbosePii(`08zabj ${this.authorityOptions.authorityMetadata||w}`,this.correlationId),this.logger.verbosePii(`1o1kv3 ${e.canonical_authority||w}`,this.correlationId);const t=this.getCloudDiscoveryMetadataFromConfig();if(t)return this.logger.verbose("1nakio",this.correlationId),Or(e,t,!1),te;this.logger.verbose("1x74aj",this.correlationId);const r=(o=this.hostnameAndPort,nr(tr.metadata,o));var o;if(r)return this.logger.verbose("0by47c",this.correlationId),Or(e,r,!1),ne;this.logger.verbose("0r2fzy",this.correlationId);const n=Mr(e);return this.isAuthoritySameType(e)&&e.aliasesFromNetwork&&!n?(this.logger.verbose("1uffgh",""),re):(n&&this.logger.verbose("0uoibc",""),null)}getCloudDiscoveryMetadataFromConfig(){if(this.authorityType===It)return this.logger.verbose("04y84h",this.correlationId),xr.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);if(this.authorityOptions.cloudDiscoveryMetadata){this.logger.verbose("0gszr3",this.correlationId);try{this.logger.verbose("1iifkx",this.correlationId);const e=nr(JSON.parse(this.authorityOptions.cloudDiscoveryMetadata).metadata,this.hostnameAndPort);if(this.logger.verbose("0q67e3",""),e)return this.logger.verbose("0hzfao",this.correlationId),e;this.logger.verbose("1ajz3u",this.correlationId)}catch(e){throw this.logger.verbose("1wq5tu",this.correlationId),_t(Lt,this.correlationId)}}return this.isInKnownAuthorities(this.hostnameAndPort)?(this.logger.verbose("0mt9al",this.correlationId),xr.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)):null}async getCloudDiscoveryMetadataFromNetwork(){const e=`${u}${this.canonicalAuthority}oauth2/v2.0/authorize`,t={};let r=null;try{const o=await this.networkInterface.sendGetRequestAsync(e,t);let n,i;if(function(e){return e.hasOwnProperty("tenant_discovery_endpoint")&&e.hasOwnProperty("metadata")}(o.body))n=o.body,i=n.metadata,this.logger.verbosePii(`1vglyt ${n.tenant_discovery_endpoint}`,this.correlationId);else{if(!function(e){return e.hasOwnProperty("error")&&e.hasOwnProperty("error_description")}(o.body))return this.logger.error("0768g0",this.correlationId),null;if(this.logger.warning(`062uto ${o.status}`,this.correlationId),n=o.body,"invalid_instance"===n.error)return this.logger.error("1x90tm",this.correlationId),null;this.logger.warning(`0wchdm ${n.error}`,this.correlationId),this.logger.warning(`1s5mpv ${n.error_description}`,this.correlationId),this.logger.warning("1yhqpw",this.correlationId),i=[]}this.logger.verbose("1lrobr",this.correlationId),r=nr(i,this.hostnameAndPort)}catch(e){if(e instanceof Te)this.logger.error(`0vwhc7 ${e.errorCode} ${e.errorMessage}`,this.correlationId);else{const t=e;this.logger.error(`0s2z41 ${t.name} ${t.message}`,this.correlationId)}return null}return r||(this.logger.warning("0jp28q",this.correlationId),this.logger.verbose("130sd8",this.correlationId),r=xr.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),r}isInKnownAuthorities(e){const t=e.toLowerCase();return this.authorityOptions.knownAuthorities.filter(e=>e&&Zt.getDomainFromUrl(e,this.correlationId).toLowerCase()===t).length>0}static generateAuthority(e,t){let r;if(t&&t.azureCloudInstance!==ir.None){const e=t.tenant?t.tenant:d;r=`${t.azureCloudInstance}/${e}/`}return r||e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return"login.microsoftonline.com";if(this.discoveryComplete())return this.metadata.preferred_cache;throw Se(Oe,this.correlationId)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return rr.has(e)}validateIssuer(e){if(!e)throw _t(Qt,this.correlationId);let t;try{t=new URL(e)}catch{throw _t(Qt,this.correlationId)}const r=t.protocol,o=t.host,n=(this.canonicalAuthorityUrlComponents.Protocol||"").toLowerCase(),i=(this.canonicalAuthorityUrlComponents.HostNameAndPort||"").toLowerCase(),s=this.matchesAuthorityOrigin(r,o,n,i),a="https:"===r&&this.isAliasOfKnownMicrosoftAuthority(o),c="https:"===r&&this.matchesRegionalMicrosoftHost(o),l=this.matchesCiamTenantPattern(t,i,this.canonicalAuthorityUrlComponents.PathSegments),h="https:"===r&&this.isInKnownAuthorities(o);if(!(s||a||c||l||h))throw _t(Qt,this.correlationId)}matchesAuthorityOrigin(e,t,r,o){return e===r&&t===o}matchesRegionalMicrosoftHost(e){const t=e.indexOf(".");if(t>0&&t<e.length-1){const r=e.substring(t+1);return this.isAliasOfKnownMicrosoftAuthority(r)}return!1}matchesCiamTenantPattern(e,t,r){const o=r[0],n=o?o.endsWith(p)?o.slice(0,-16):o:t.split(".")[0];if(!n)return!1;const i=`https://${n}${g}`,s=[i,`${i}/${n}`,`${i}/${n}/v2.0`,`${i}/${n}${p}`,`${i}/${n}${p}/v2.0`],a=e.pathname.replace(/\/+$/,""),c=`${e.protocol}//${e.host}${a}`;return s.some(e=>e===c)}static isPublicCloudAuthority(e){return k.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,r,o){const n=new Zt(e,r);n.validateAsUri();const i=n.getUrlComponents();let s=`${t}.${i.HostNameAndPort}`;this.isPublicCloudAuthority(i.HostNameAndPort)&&(s=`${t}.login.microsoft.com`);const a=Zt.constructAuthorityUriFromObject({...n.getUrlComponents(),HostNameAndPort:s},r).urlString;return o?`${a}?${o}`:a}static replaceWithRegionalInformation(e,t,r){const o={...e};return o.authorization_endpoint=xr.buildRegionalAuthorityString(o.authorization_endpoint,t,r),o.token_endpoint=xr.buildRegionalAuthorityString(o.token_endpoint,t,r),o.end_session_endpoint&&(o.end_session_endpoint=xr.buildRegionalAuthorityString(o.end_session_endpoint,t,r)),o}static transformCIAMAuthority(e,t){let r=e;const o=new Zt(e,t).getUrlComponents();if(0===o.PathSegments.length&&o.HostNameAndPort.endsWith(g)){r=`${r}${o.HostNameAndPort.split(".")[0]}${p}`}return r}}function qr(e){return e.endsWith("/")?e:`${e}/`}function Nr(e){const t=e.cloudDiscoveryMetadata;let r;if(t)try{r=JSON.parse(t)}catch(e){throw _t(Lt,"")}return{canonicalAuthority:e.authority?qr(e.authority):void 0,knownAuthorities:e.knownAuthorities,cloudDiscoveryMetadata:r}}async function Ur(e,t,r,o,n,i,s){const a=xr.transformCIAMAuthority(qr(e),i),c=new xr(a,t,r,o,n,i,s);try{return await mr(c.resolveEndpointsAsync.bind(c),"authorityResolveEndpointsAsync",n,s,i)(),c}catch(e){throw Se(Oe,i)}}xr.reservedTenantDomains=new Set(["{tenant}","{tenantid}",U,F,L]);class Lr{constructor(e,t){this.correlationId=t;const r=e?Yt.trimArrayEntries([...e]):[],o=r?Yt.removeEmptyStringsFromArray(r):[];if(!o||!o.length)throw _t(Mt,t);this.scopes=new Set,o.forEach(e=>this.scopes.add(e))}static fromString(e,t){const r=(e||"").split(" ");return new Lr(r,t)}static createSearchScopes(e,t){const r=e&&e.length>0?e:[...A],o=new Lr(r,t);return o.containsOnlyOIDCScopes()?o.removeScope(y):o.removeOIDCScopes(),o}containsScope(e){const t=this.printScopesLowerCase().split(" "),r=new Lr(t,this.correlationId);return!!e&&r.scopes.has(e.toLowerCase())}containsScopeSet(e){return!(!e||e.scopes.size<=0)&&(this.scopes.size>=e.scopes.size&&e.asArray().every(e=>this.containsScope(e)))}containsOnlyOIDCScopes(){let e=0;return S.forEach(t=>{this.containsScope(t)&&(e+=1)}),this.scopes.size===e}appendScope(e){e&&this.scopes.add(e.trim())}appendScopes(e){try{e.forEach(e=>this.appendScope(e))}catch(e){throw Se(Ke,this.correlationId)}}removeScope(e){if(!e)throw Se($e,this.correlationId);this.scopes.delete(e.trim())}removeOIDCScopes(){S.forEach(e=>{this.scopes.delete(e)})}unionScopeSets(e){if(!e)throw Se(Be,this.correlationId);const t=new Set;return e.scopes.forEach(e=>t.add(e.toLowerCase())),this.scopes.forEach(e=>t.add(e.toLowerCase())),t}intersectingScopeSets(e){if(!e)throw Se(Be,this.correlationId);e.containsOnlyOIDCScopes()||e.removeOIDCScopes();const t=this.unionScopeSets(e),r=e.getScopeCount(),o=this.getScopeCount();return t.size<o+r}getScopeCount(){return this.scopes.size}asArray(){const e=[];return this.scopes.forEach(t=>e.push(t)),e}printScopes(){if(this.scopes){return this.asArray().join(" ")}return""}printScopesLowerCase(){return this.printScopes().toLowerCase()}}function Fr(e,o,n){if(!o)return;const i=e.get(t);i&&e.has(a)&&n?.addFields({embeddedClientId:i,embeddedRedirectUri:e.get(r)},o)}function Hr(e,t){e.set("response_type",t)}function Dr(e,t,r,o=!0,n=A){!o||n.includes("openid")||t.includes("openid")||n.push("openid");const i=o?[...t||[],...n]:t||[],s=new Lr(i,r);e.set("scope",s.printScopes())}function $r(e,r){e.set(t,r)}function Kr(e,t){e.set(r,t)}function Br(e,t){e.set("login_hint",t)}function zr(e,t){e.set(R,`UPN:${t}`)}function jr(e,t){e.set(R,`Oid:${t.uid}@${t.utid}`)}function Jr(e,t){e.set("sid",t)}function Wr(e,t,r,o,n){const i=ao(r,n&&e.has(a)?void 0:o,t);e.set("claims",i)}function Gr(e,t){e.set("client-request-id",t)}function Qr(e,t){e.set("x-client-SKU",t.sku),e.set("x-client-VER",t.version),t.os&&e.set("x-client-OS",t.os),t.cpu&&e.set("x-client-CPU",t.cpu)}function Vr(e,t){t?.appName&&e.set("x-app-name",t.appName),t?.appVersion&&e.set("x-app-ver",t.appVersion)}function Yr(e,t){t&&e.set("state",t)}function Zr(e,t,r){if(!t||!r)throw _t(Ut,"");e.set("code_challenge",t),e.set("code_challenge_method",r)}function Xr(e,t){e.set("client_secret",t)}function eo(e,t){t&&e.set("client_assertion",t)}function to(e,t){t&&e.set("client_assertion_type",t)}function ro(e,t){e.set("grant_type",t)}function oo(e){e.set("client_info","1")}function no(e){e.has(l)||e.set(l,"true")}function io(e,t){Object.entries(t).forEach(([t,r])=>{!e.has(t)&&r&&e.set(t,r)})}const so={[K]:{essential:!1},[B]:{essential:!1}};function ao(e,t,r=""){let o;if(e)try{const t=JSON.parse(e);if("object"!=typeof t||null===t||Array.isArray(t))throw new Error("Claims must be a JSON object");o=t}catch(e){throw _t(xt,r)}else o={};Object.prototype.hasOwnProperty.call(o,$)||(o[$]={});const n=o[$];for(const[e,t]of Object.entries(so))e in n||(n[e]=t);return t&&t.length>0&&(Object.prototype.hasOwnProperty.call(o,H)||(o[H]={}),o[H][D]={values:t}),JSON.stringify(o)}function co(e,t){t&&(e.set(o,ce.POP),e.set(n,t))}function lo(e,t){t&&(e.set(o,ce.SSH),e.set(n,t))}function ho(e,t){e.set("x-client-current-telemetry",t.generateCurrentRequestHeaderValue()),e.set("x-client-last-telemetry",t.generateLastRequestHeaderValue())}function uo(e){e.set("x-ms-lib-capability","retry-after, h429")}function go(e,t,r){e.has(a)||e.set(a,t),e.has(c)||e.set(c,r)}function po(e,t){t&&e.set("resource",t)}function mo(e){return e.startsWith("#/")?e.substring(2):e.startsWith("#")||e.startsWith("?")?e.substring(1):e}function fo(e){if(!e||e.indexOf("=")<0)return null;try{const t=mo(e),r=Object.fromEntries(new URLSearchParams(t));if(r.code||r.ear_jwe||r.error||r.error_description||r.state)return r}catch(e){throw Se(qe,"")}return null}function yo(e){const t=new Array;return e.forEach((e,r)=>{t.push(`${r}=${encodeURIComponent(e)}`)}),t.join("&")}function Io(e,t,r){if(!e)return e;const o=e.split("#")[0];if(!o)return o;try{const e=new URL(o);let t;e.search||(e.search="");try{t=decodeURIComponent(e.pathname)}catch(r){t=e.pathname}return t.endsWith("/")||(t+="/"),e.pathname=t,e.href}catch(e){throw t?.error(`15apdm ${e}`,r||""),_t(Rt,r||"")}}const wo={createNewGuid:()=>{throw Se(ot,"")},base64Decode:()=>{throw Se(ot,"")},base64Encode:()=>{throw Se(ot,"")},base64UrlEncode:()=>{throw Se(ot,"")},encodeKid:()=>{throw Se(ot,"")},async getPublicKeyThumbprint(){throw Se(ot,"")},async removeTokenBindingKey(){throw Se(ot,"")},async clearKeystore(){throw Se(ot,"")},async signJwt(){throw Se(ot,"")},async hashString(){throw Se(ot,"")}};var Co;e.LogLevel=void 0,(Co=e.LogLevel||(e.LogLevel={}))[Co.Error=0]="Error",Co[Co.Warning=1]="Warning",Co[Co.Info=2]="Info",Co[Co.Verbose=3]="Verbose",Co[Co.Trace=4]="Trace";const vo=new Map;function ko(e,t){const r=Date.now();let o=vo.get(e);if(o)!function(e,t){vo.delete(e),vo.set(e,t)}(e,o);else if(o={logs:[],firstEventTime:r},vo.set(e,o),vo.size>50){const e=vo.keys().next().value;void 0!==e&&vo.delete(e)}o.logs.push({...t,milliseconds:r-o.firstEventTime}),o.logs.length>500&&o.logs.shift()}class To{constructor(t,r,o){this.level=e.LogLevel.Info;const n=t||To.createDefaultLoggerOptions();this.localCallback=n.loggerCallback||(()=>{}),this.piiLoggingEnabled=n.piiLoggingEnabled||!1,this.level="number"==typeof n.logLevel?n.logLevel:e.LogLevel.Info,this.packageName=r||"",this.packageVersion=o||""}static createDefaultLoggerOptions(){return{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info}}clone(e,t){return new To({loggerCallback:this.localCallback,piiLoggingEnabled:this.piiLoggingEnabled,logLevel:this.level},e,t)}logMessage(t,r){const o=r.correlationId,n=function(e){if(e.length<6)return null;if(e.length>6&&" "!==e[6])return null;for(let t=0;t<6;t++){const r=e[t];if(!(r>="a"&&r<="z"||r>="A"&&r<="Z"||r>="0"&&r<="9"))return null}return e.substring(0,6)}(t);if(n){ko(o,{hash:n,level:r.logLevel,containsPii:r.containsPii||!1,milliseconds:0})}if(r.logLevel>this.level||!this.piiLoggingEnabled&&r.containsPii)return;const i=`${`[${(new Date).toUTCString()}] : [${o}]`} : ${this.packageName}@${this.packageVersion} : ${e.LogLevel[r.logLevel]} - ${t}`;this.executeCallback(r.logLevel,i,r.containsPii||!1)}executeCallback(e,t,r){this.localCallback&&this.localCallback(e,t,r)}error(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!1,correlationId:r})}errorPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!0,correlationId:r})}warning(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!1,correlationId:r})}warningPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!0,correlationId:r})}info(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!1,correlationId:r})}infoPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!0,correlationId:r})}verbose(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!1,correlationId:r})}verbosePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!0,correlationId:r})}trace(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!1,correlationId:r})}tracePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!0,correlationId:r})}isPiiLoggingEnabled(){return this.piiLoggingEnabled||!1}}const bo="@azure/msal-common",Ao="16.11.1",So="cache_quota_exceeded";class _o extends Error{constructor(e,t){const r=t||ke(e);super(r),Object.setPrototypeOf(this,_o.prototype),this.name="CacheError",this.errorCode=e,this.errorMessage=r}}function Eo(e){return e instanceof Error?"QuotaExceededError"===e.name||"NS_ERROR_DOM_QUOTA_REACHED"===e.name||e.message.includes("exceeded the quota")?new _o(So):new _o(e.name,e.message):new _o("cache_error_unknown")}class Po{constructor(e,t,r,o,n){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(bo,Ao),this.staticAuthorityOptions=n,this.performanceClient=o}getAllAccounts(e={},t){return this.buildTenantProfiles(this.getAccountsFilteredBy(e,t),t,e)}getAccountInfoFilteredBy(e,t){if(0===Object.keys(e).length||Object.values(e).every(e=>null==e||""===e))return this.commonLogger.warning("1skb02",t),null;const r=this.getAllAccounts(e,t);if(r.length>1){return r.sort((e,t)=>{const r=e.idTokenClaims?1:0;return(t.idTokenClaims?1:0)-r})[0]}return 1===r.length?r[0]:null}getBaseAccountInfo(e,t){const r=this.getAccountsFilteredBy(e,t);return r.length>0?vt(r[0]):null}buildTenantProfiles(e,t,r){return e.flatMap(e=>this.getTenantProfilesFromAccountEntity(e,t,r?.tenantId,r))}getTenantedAccountInfoByFilter(e,t,r,o,n){let i,s=null;if(n&&!this.tenantProfileMatchesFilter(r,n))return null;const a=this.getIdToken(e,o,t,r.tenantId);return a&&(i=ht(a.secret,this.cryptoImpl.base64Decode,o),!this.idTokenClaimsMatchTenantProfileFilter(i,n))?null:(s=pt(e,r,i,a?.secret),s)}getTenantProfilesFromAccountEntity(e,t,r,o){const n=vt(e);let i=n.tenantProfiles||new Map;const s=this.getTokenKeys();if(r){const e=i.get(r);if(!e)return[];i=new Map([[r,e]])}const a=[];return i.forEach(e=>{const r=this.getTenantedAccountInfoByFilter(n,s,e,t,o);r&&a.push(r)}),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId))&&((!t.name||e.name===t.name)&&((void 0===t.isHomeTenant||e.isHomeTenant===t.isHomeTenant)&&(!(t.username&&!this.matchUsername(e.username,t.username)&&!this.matchUsername(e.upn,t.username))&&(!(t.loginHint&&!this.matchLoginHintWithTenantProfile(e,t.loginHint))&&((!t.upn||e.upn===t.upn)&&(!t.nativeAccountId||e.nativeAccountId===t.nativeAccountId))))))}idTokenClaimsMatchTenantProfileFilter(e,t){if(t){if(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId))return!1;if(t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint))return!1;if(t.username&&!this.matchUsername(e.preferred_username,t.username)&&!this.matchUsername(e.upn,t.username))return!1;if(t.name&&!this.matchName(e,t.name))return!1;if(t.sid&&!this.matchSid(e,t.sid))return!1}return!0}async saveCacheRecord(e,t,r,o,n){if(!e)throw Se(je,t);try{e.account&&await this.setAccount(e.account,t,r,o),e.idToken&&!1!==n?.idToken&&await this.setIdTokenCredential(e.idToken,t,r),e.accessToken&&!1!==n?.accessToken&&await this.saveAccessToken(e.accessToken,t,r),e.refreshToken&&!1!==n?.refreshToken&&await this.setRefreshTokenCredential(e.refreshToken,t,r),e.appMetadata&&this.setAppMetadata(e.appMetadata,t)}catch(e){throw this.commonLogger?.error("0j476p",t),e instanceof Te?e:Eo(e)}}async saveAccessToken(e,t,r){const o={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType},n=this.getTokenKeys(),i=Lr.fromString(e.target,t);n.accessToken.forEach(e=>{if(!this.accessTokenKeyMatchesFilter(e,o,!1))return;const r=this.getAccessTokenCredential(e,t);if(r&&this.credentialMatchesFilter(r,o,t)){Lr.fromString(r.target,t).intersectingScopeSets(i)&&this.removeAccessToken(e,t)}}),await this.setAccessTokenCredential(e,t,r)}getAccountsFilteredBy(e,t){const r=this.getAccountKeys(),o=[];return r.forEach(r=>{const n=this.getAccount(r,t);if(!n)return;if(e.homeAccountId&&!this.matchHomeAccountId(n,e.homeAccountId))return;if(e.environment&&!this.matchEnvironment(n,e.environment,t))return;if(e.realm&&!this.matchRealm(n,e.realm))return;if(e.authorityType&&!this.matchAuthorityType(n,e.authorityType))return;const i={localAccountId:e?.localAccountId,name:e?.name,username:e?.username,loginHint:e?.loginHint,upn:e?.upn,nativeAccountId:e?.nativeAccountId},s=n.tenantProfiles?.filter(e=>this.tenantProfileMatchesFilter(e,i));s&&0===s.length||o.push(n)}),o}credentialMatchesFilter(e,t,r){if(t.clientId&&!this.matchClientId(e,t.clientId))return!1;if(t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash))return!1;if("string"==typeof t.homeAccountId&&!this.matchHomeAccountId(e,t.homeAccountId))return!1;if(t.environment&&!this.matchEnvironment(e,t.environment,r))return!1;if(t.realm&&!this.matchRealm(e,t.realm))return!1;if(t.credentialType&&!this.matchCredentialType(e,t.credentialType))return!1;if(t.familyId&&!this.matchFamilyId(e,t.familyId))return!1;if(t.target&&!this.matchTarget(e,t.target,r))return!1;if(e.credentialType===Y.ACCESS_TOKEN_WITH_AUTH_SCHEME){if(t.tokenType&&!this.matchTokenType(e,t.tokenType))return!1;if(t.tokenType===ce.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId))return!1}const o=e.additionalCacheKeyComponents,n=t.additionalCacheKeyComponents,i=!!o&&Object.keys(o).length>0,s=!!n&&Object.keys(n).length>0;if(i!==s)return!1;if(i&&s){const e=Object.keys(o).sort(),t=Object.keys(n).sort();if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r]||o[e[r]]!==n[t[r]])return!1}return!0}getAppMetadataFilteredBy(e,t){const r=this.getKeys(),o={};return r.forEach(r=>{if(!this.isAppMetadata(r))return;const n=this.getAppMetadata(r,t);n&&(e.environment&&!this.matchEnvironment(n,e.environment,t)||e.clientId&&!this.matchClientId(n,e.clientId)||(o[r]=n))}),o}getAuthorityMetadataByAlias(e,t){const r=this.getAuthorityMetadataKeys();let o=null;return r.forEach(r=>{if(!this.isAuthorityMetadata(r)||-1===r.indexOf(this.clientId))return;const n=this.getAuthorityMetadata(r,t);n&&-1!==n.aliases.indexOf(e)&&(o=n)}),o}removeAllAccounts(e){this.getAllAccounts({},e).forEach(t=>{this.removeAccount(t,e)})}removeAccount(e,t){this.removeAccountContext(e,t);this.getAccountKeys().filter(t=>t.includes(e.homeAccountId)&&t.includes(e.environment)).forEach(e=>{this.removeItem(e,t),this.performanceClient.incrementFields({accountsRemoved:1},t)})}removeAccountContext(e,t){const r=this.getTokenKeys(),o=t=>t.includes(e.homeAccountId)&&t.includes(e.environment);r.idToken.filter(o).forEach(e=>{this.removeIdToken(e,t)}),r.accessToken.filter(o).forEach(e=>{this.removeAccessToken(e,t)}),r.refreshToken.filter(o).forEach(e=>{this.removeRefreshToken(e,t)})}removeAccessToken(e,t){const r=this.getAccessTokenCredential(e,t);if(r&&(this.removeItem(e,t),this.performanceClient.incrementFields({accessTokensRemoved:1},t),r.credentialType.toLowerCase()===Y.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()&&r.tokenType===ce.POP)){const e=r.keyId;e&&this.cryptoImpl.removeTokenBindingKey(e,t).catch(()=>{this.commonLogger.error(`0cx291 ${e}`,t),this.performanceClient?.incrementFields({removeTokenBindingKeyFailure:1},t)})}}removeAppMetadata(e){return this.getKeys().forEach(t=>{this.isAppMetadata(t)&&this.removeItem(t,e)}),!0}getIdToken(e,t,r,o){this.commonLogger.trace("1drz22",t);const n={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:Y.ID_TOKEN,clientId:this.clientId,realm:o},i=this.getIdTokensByFilter(n,t,r),s=i.size;if(s<1)return this.commonLogger.info("1atvtd",t),null;if(s>1){let r=i;if(!o){const o=new Map;i.forEach((t,r)=>{t.realm===e.tenantId&&o.set(r,t)});const n=o.size;if(n<1)return this.commonLogger.info("0ooalx",t),i.values().next().value??null;if(1===n)return this.commonLogger.info("1eq2vc",t),o.values().next().value??null;r=o}return this.commonLogger.info("1ws328",t),r.forEach((e,r)=>{this.removeIdToken(r,t)}),this.performanceClient.addFields({multiMatchedID:i.size},t),null}return this.commonLogger.info("1sm769",t),i.values().next().value??null}getIdTokensByFilter(e,t,r){const o=r&&r.idToken||this.getTokenKeys().idToken,n=new Map;return o.forEach(r=>{if(!this.idTokenKeyMatchesFilter(r,{clientId:this.clientId,...e}))return;const o=this.getIdTokenCredential(r,t);o&&this.credentialMatchesFilter(o,e,t)&&n.set(r,o)}),n}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.clientId||-1!==r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase()))}removeIdToken(e,t){this.removeItem(e,t)}removeRefreshToken(e,t){this.removeItem(e,t)}getAccessToken(e,t,r,o){const n=t.correlationId;this.commonLogger.trace("1t7hz1",n);const i=Lr.createSearchScopes(t.scopes,n),s=t.authenticationScheme||ce.BEARER,a=s&&s.toLowerCase()!==ce.BEARER.toLowerCase()?Y.ACCESS_TOKEN_WITH_AUTH_SCHEME:Y.ACCESS_TOKEN,c={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:a,clientId:this.clientId,realm:o||e.tenantId,target:i,tokenType:s,keyId:t.sshKid},l=r&&r.accessToken||this.getTokenKeys().accessToken,h=[];l.forEach(e=>{if(this.accessTokenKeyMatchesFilter(e,c,!0)){const t=this.getAccessTokenCredential(e,n);t&&this.credentialMatchesFilter(t,c,n)&&h.push(t)}});const d=h.length;return d<1?(this.commonLogger.info("1nckna",n),null):d>1?(this.commonLogger.info("1wkfwp",n),h.forEach(e=>{this.removeAccessToken(this.generateCredentialKey(e),n)}),this.performanceClient.addFields({multiMatchedAT:h.length},n),null):(this.commonLogger.info("06yt98",n),h[0])}accessTokenKeyMatchesFilter(e,t,r){const o=e.toLowerCase();if(t.clientId&&-1===o.indexOf(t.clientId.toLowerCase()))return!1;if(t.homeAccountId&&-1===o.indexOf(t.homeAccountId.toLowerCase()))return!1;if(t.realm&&-1===o.indexOf(t.realm.toLowerCase()))return!1;if(t.target){const e=t.target.asArray();for(let t=0;t<e.length;t++){if(r&&!o.includes(e[t].toLowerCase()))return!1;if(!r&&o.includes(e[t].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e,t){const r=this.getTokenKeys(),o=[];return r.accessToken.forEach(r=>{if(!this.accessTokenKeyMatchesFilter(r,e,!0))return;const n=this.getAccessTokenCredential(r,t);n&&this.credentialMatchesFilter(n,e,t)&&o.push(n)}),o}getRefreshToken(e,t,r,o){this.commonLogger.trace("0x53vi",r);const n=t?X:void 0,i={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:Y.REFRESH_TOKEN,clientId:this.clientId,familyId:n},s=o&&o.refreshToken||this.getTokenKeys().refreshToken,a=[];s.forEach(e=>{if(this.refreshTokenKeyMatchesFilter(e,i)){const t=this.getRefreshTokenCredential(e,r);t&&this.credentialMatchesFilter(t,i,r)&&a.push(t)}});const c=a.length;return c<1?(this.commonLogger.info("0dlw11",r),null):(c>1&&this.performanceClient.addFields({multiMatchedRT:c},r),this.commonLogger.info("0wcnep",r),a[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.familyId||-1!==r.indexOf(t.familyId.toLowerCase()))&&(!(!t.familyId&&t.clientId&&-1===r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase())))}readAppMetadataFromCache(e,t){const r={environment:e,clientId:this.clientId},o=this.getAppMetadataFilteredBy(r,t),n=Object.keys(o).map(e=>o[e]),i=n.length;if(i<1)return null;if(i>1)throw Se(He,t);return n[0]}isAppMetadataFOCI(e,t){const r=this.readAppMetadataFromCache(e,t);return!(!r||r.familyId!==X)}matchHomeAccountId(e,t){return!("string"!=typeof e.homeAccountId||t!==e.homeAccountId)}matchLocalAccountIdFromTokenClaims(e,t){return t===(e.oid||e.sub)}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){return!(t.toLowerCase()!==e.name?.toLowerCase())}matchUsername(e,t){return!(!e||"string"!=typeof e||t?.toLowerCase()!==e.toLowerCase())}matchLoginHintWithTenantProfile(e,t){return e.loginHint===t||e.username===t||e.upn===t}matchUserAssertionHash(e,t){return!(!e.userAssertionHash||t!==e.userAssertionHash)}matchEnvironment(e,t,r){if(this.staticAuthorityOptions){const o=function(e,t,r){let o;const n=e.canonicalAuthority;if(n){const i=new Zt(n,r).getUrlComponents().HostNameAndPort;o=or(t,r,i,e.cloudDiscoveryMetadata?.metadata,te)||or(t,r,i,tr.metadata,ne)||e.knownAuthorities}return o||[]}(this.staticAuthorityOptions,this.commonLogger,r);if(o.includes(t)&&o.includes(e.environment))return!0}const o=this.getAuthorityMetadataByAlias(t,r);return!!(o&&o.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!(!e.clientId||t!==e.clientId)}matchFamilyId(e,t){return!(!e.familyId||t!==e.familyId)}matchRealm(e,t){return!(e.realm?.toLowerCase()!==t.toLowerCase())}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t||(e.preferred_username===t||(e.upn===t||!(!e.emails||!e.emails.includes(t))))}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!(!e.authorityType||t.toLowerCase()!==e.authorityType.toLowerCase())}matchTarget(e,t,r){if(e.credentialType!==Y.ACCESS_TOKEN&&e.credentialType!==Y.ACCESS_TOKEN_WITH_AUTH_SCHEME||!e.target)return!1;return Lr.fromString(e.target,r).containsScopeSet(t)}matchTokenType(e,t){return!(!e.tokenType||e.tokenType!==t)}matchKeyId(e,t){return!(!e.keyId||e.keyId!==t)}isAppMetadata(e){return-1!==e.indexOf(Z)}isAuthorityMetadata(e){return-1!==e.indexOf(ee)}generateAuthorityMetadataCacheKey(e){return`${ee}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class Ro extends Po{async setAccount(){throw Se(ot,"")}getAccount(){throw Se(ot,"")}async setIdTokenCredential(){throw Se(ot,"")}getIdTokenCredential(){throw Se(ot,"")}async setAccessTokenCredential(){throw Se(ot,"")}getAccessTokenCredential(){throw Se(ot,"")}async setRefreshTokenCredential(){throw Se(ot,"")}getRefreshTokenCredential(){throw Se(ot,"")}setAppMetadata(){throw Se(ot,"")}getAppMetadata(){throw Se(ot,"")}setServerTelemetry(){throw Se(ot,"")}getServerTelemetry(){throw Se(ot,"")}setAuthorityMetadata(){throw Se(ot,"")}getAuthorityMetadata(){throw Se(ot,"")}getAuthorityMetadataKeys(){throw Se(ot,"")}setThrottlingCache(){throw Se(ot,"")}getThrottlingCache(){throw Se(ot,"")}removeItem(){throw Se(ot,"")}getKeys(){throw Se(ot,"")}getAccountKeys(){throw Se(ot,"")}getTokenKeys(){throw Se(ot,"")}generateCredentialKey(){throw Se(ot,"")}generateAccountKey(){throw Se(ot,"")}}const Oo=1,Mo=2,xo="ext.",qo=new Set(["accessTokenSize","durationMs","idTokenSize","matsSilentStatus","matsHttpStatus","refreshTokenSize","startTimeMs","status","multiMatchedAT","multiMatchedID","multiMatchedRT","unencryptedCacheCount","encryptedCacheExpiredCount","oldAccountCount","oldAccessCount","oldIdCount","oldRefreshCount","currAccountCount","currAccessCount","currIdCount","currRefreshCount","ttlExpiredAcntCount","ttlExpiredITCount","ttlExpiredATCount","ttlExpiredRTCount","decryptFailedAcntCount","decryptFailedITCount","decryptFailedATCount","decryptFailedRTCount","invalidAcntCount","invalidITCount","invalidATCount","invalidRTCount","expiredATCount","expiredRTCount","upgradedCacheCount","cacheMatchedAccounts","networkRtt","redirectBridgeTimeoutMs","redirectBridgeMessageVersion"]);class No{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:Oo,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""}}}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}addGlobalFields(){}incrementFields(){}cacheEventByCorrelationId(){}}const Uo={tokenRenewalOffsetSeconds:300,preventCorsPreflight:!1},Lo={loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info,correlationId:""},Fo={async sendGetRequestAsync(){throw Se(ot,"")},async sendPostRequestAsync(){throw Se(ot,"")}},Ho={sku:"msal.js.common",version:Ao,cpu:"",os:""},Do={clientSecret:"",clientAssertion:void 0},$o={azureCloudInstance:ir.None,tenant:`${d}`},Ko={application:{appName:"",appVersion:""}};function Bo({authOptions:e,systemOptions:t,loggerOptions:r,storageInterface:o,networkInterface:n,cryptoInterface:i,clientCredentials:s,libraryInfo:a,telemetry:c,serverTelemetryManager:l,persistencePlugin:h,serializableCache:d}){const u={...Lo,...r};return{authOptions:(g=e,{clientCapabilities:[],azureCloudOptions:$o,instanceAware:!1,isMcp:!1,...g}),systemOptions:{...Uo,...t},loggerOptions:u,storageInterface:o||new Ro(e.clientId,wo,new To(u,bo,Ao),new No),networkInterface:n||Fo,cryptoInterface:i||wo,clientCredentials:s||Do,libraryInfo:{...Ho,...a},telemetry:{...Ko,...c},serverTelemetryManager:l||null,persistencePlugin:h||null,serializableCache:d||null};var g}function zo(e){return e.authOptions.authority.options.protocolMode===Ct.OIDC}class jo{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}const Jo="sw";class Wo{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){const r=await mr(this.generateKid.bind(this),hr,t,this.performanceClient,e.correlationId)(e),o=this.cryptoUtils.base64UrlEncode(JSON.stringify(r));return{kid:r.kid,reqCnfString:o}}async generateKid(e){return{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:Jo}}async signPopToken(e,t,r){return this.signPayload(e,t,r)}async signPayload(e,t,r,o){const{resourceRequestMethod:n,resourceRequestUri:i,shrClaims:s,shrNonce:a,shrOptions:c}=r,l=i?new Zt(i,r.correlationId):void 0,h=l?.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:yr(),m:n?.toUpperCase(),u:h?.HostNameAndPort,nonce:a||this.cryptoUtils.createNewGuid(),p:h?.AbsolutePath,q:h?.QueryString?[[],h.QueryString]:void 0,client_claims:s||void 0,...o},t,c,r.correlationId)}}const Go="no_tokens_found",Qo="native_account_unavailable",Vo="refresh_token_expired",Yo="ui_not_allowed",Zo="interaction_required",Xo="consent_required",en="login_required",tn="bad_token",rn="interrupted_user";var on=Object.freeze({__proto__:null,badToken:tn,consentRequired:Xo,interactionRequired:Zo,interruptedUser:rn,loginRequired:en,nativeAccountUnavailable:Qo,noTokensFound:Go,refreshTokenExpired:Vo,uiNotAllowed:Yo});const nn=[Zo,Xo,en,tn,Yo,rn],sn=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token","ui_not_allowed","interrupted_user"];class an extends Te{constructor(e,t,r,o,n,i,s,a){super(e,t,r,o),Object.setPrototypeOf(this,an.prototype),this.timestamp=n||"",this.traceId=i||"",this.claims=s||"",this.name="InteractionRequiredAuthError",this.errorNo=a}}function cn(e,t,r){const o=!!e&&nn.indexOf(e)>-1,n=!!r&&sn.indexOf(r)>-1,i=!!t&&nn.some(e=>t.indexOf(e)>-1);return o||i||n}function ln(e,t,r){return new an(e,t,r)}class hn extends Te{constructor(e,t,r,o,n,i){super(e,t,r,o),this.name="ServerError",this.errorNo=n,this.status=i,Object.setPrototypeOf(this,hn.prototype)}}function dn(e,t,r,o){const n=function(e,t,r){if(!e)throw Se(Ge,t);const o={id:e.createNewGuid()};r&&(o.meta=r);const n=JSON.stringify(o);return e.base64Encode(n)}(e,o,r);return t?`${n}|${t}`:n}function un(e,t,r){if(!e)throw Se(Ge,r);if(!t)throw Se(Ne,r);try{const r=t.split("|"),o=r[0],n=r.length>1?r.slice(1).join("|"):"",i=e(o);return{userRequestState:n||"",libraryState:JSON.parse(i)}}catch(e){throw Se(Ne,r)}}class gn{constructor(e,t,r,o,n,i,s){this.clientId=e,this.cacheStorage=t,this.cryptoObj=r,this.logger=o,this.performanceClient=n,this.serializableCache=i,this.persistencePlugin=s}validateTokenResponse(e,t,r){if(e.error||e.error_description||e.suberror){const o=`Error(s): ${e.error_codes||C} - Timestamp: ${e.timestamp||C} - Description: ${e.error_description||C} - Correlation ID: ${e.correlation_id||C} - Trace ID: ${e.trace_id||C}`,n=e.error_codes?.length?e.error_codes[0]:void 0,i=new hn(e.error||"",e.correlation_id||"",o,e.suberror,n,e.status);if(r&&e.status&&e.status>=500&&e.status<=599)return void this.logger.warning(`16ks7j ${i}`,t);if(r&&e.status&&e.status>=400&&e.status<=499)return void this.logger.warning(`0g61x3 ${i}`,t);if(cn(e.error,e.error_description,e.suberror))throw new an(e.error||"",e.correlation_id||"",e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.claims||"",n);throw i}}async handleServerTokenResponse(e,t,r,o,n,i,s,a,c,l,h){let d,u;if(e.id_token&&(d=ht(e.id_token||"",this.cryptoObj.base64Decode,o.correlationId),i&&i.nonce&&d.nonce!==i.nonce))throw Se(Fe,o.correlationId);this.homeAccountIdentifier=Tt(e.client_info||"",t.authorityType,this.logger,this.cryptoObj,o.correlationId,d),i&&i.state&&(u=un(this.cryptoObj.base64Decode,i.state,o.correlationId)),e.key_id=e.key_id||o.sshKid||void 0;const g=this.generateCacheRecord(e,t,r,o,d,s,i,h);let p;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("0jbz5k",o.correlationId),p=new jo(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(p)),a&&!c&&g.account){if(this.cacheStorage.getAllAccounts({homeAccountId:g.account.homeAccountId,environment:g.account.environment},o.correlationId).length<1)return this.logger.warning("1gmt66",o.correlationId),this.performanceClient?.addFields({acntLoggedOut:!0},o.correlationId),await gn.generateAuthenticationResult(this.cryptoObj,t,g,!1,o,this.performanceClient,d,u,void 0,l)}await this.cacheStorage.saveCacheRecord(g,o.correlationId,dt(d||{}),n,o.storeInCache)}finally{this.persistencePlugin&&this.serializableCache&&p&&(this.logger.verbose("1bh17u",o.correlationId),await this.persistencePlugin.afterCacheAccess(p))}return gn.generateAuthenticationResult(this.cryptoObj,t,g,!1,o,this.performanceClient,d,u,e,l)}generateCacheRecord(e,t,r,o,n,i,s,a){const c=t.getPreferredCache();if(!c)throw Se(Je,o.correlationId);const l=wt(n);let h,d;e.id_token&&n&&(h=Tr(this.homeAccountIdentifier,c,e.id_token,this.clientId,l||""),d=pn(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,o.correlationId,n,e.client_info,c,l,s,void 0,this.logger,this.performanceClient));let u=null;if(e.access_token){const n=e.scope?Lr.fromString(e.scope,o.correlationId):new Lr(o.scopes||[],o.correlationId),s=("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0,h=("string"==typeof e.ext_expires_in?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,d=("string"==typeof e.refresh_in?parseInt(e.refresh_in,10):e.refresh_in)||void 0,g=r+s,p=g+h,m=d&&d>0?r+d:void 0;u=br(this.homeAccountIdentifier,c,e.access_token,this.clientId,l||t.tenant||"",n.printScopes(),g,p,this.cryptoObj.base64Decode,o.correlationId,m,e.token_type,i,e.key_id,a);const f=o.resource||null;f&&(u.resource=f)}let g=null;if(e.refresh_token){let t;if(e.refresh_token_expires_in){t=r+("string"==typeof e.refresh_token_expires_in?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in),this.performanceClient?.addFields({ntwkRtExpiresOnSeconds:t},o.correlationId)}g=Ar(this.homeAccountIdentifier,c,e.refresh_token,this.clientId,e.foci,i,t)}let p=null;return e.foci&&(p={clientId:this.clientId,environment:c,familyId:e.foci}),{account:d,idToken:h,accessToken:u,refreshToken:g,appMetadata:p}}static async generateAuthenticationResult(e,t,r,o,n,i,s,a,c,l){let h,d,u="",g=[],p=null,m="";if(r.accessToken){if(r.accessToken.tokenType!==ce.POP||n.popKid)u=r.accessToken.secret;else{const t=new Wo(e,i),{secret:o,keyId:s}=r.accessToken;if(!s)throw Se(et,n.correlationId);u=await t.signPopToken(o,s,n)}g=Lr.fromString(r.accessToken.target,n.correlationId).asArray(),p=wr(r.accessToken.expiresOn),h=wr(r.accessToken.extendedExpiresOn),r.accessToken.refreshOn&&(d=wr(r.accessToken.refreshOn))}r.appMetadata&&(m=r.appMetadata.familyId===X?X:"");const f=s?.oid||s?.sub||"",y=s?.tid||"";if(c?.spa_accountid&&r.account){r.account.nativeAccountId=c?.spa_accountid;const e=y||r.account.realm;if(r.account.tenantProfiles){const t=r.account.tenantProfiles.find(t=>t.tenantId===e);t&&(t.nativeAccountId=c.spa_accountid)}}const I=r.account?pt(vt(r.account),void 0,s,r.idToken?.secret):null;return{authority:t.canonicalAuthority,uniqueId:f,tenantId:y,scopes:g,account:I,idToken:r?.idToken?.secret||"",idTokenClaims:s||{},accessToken:u,fromCache:o,expiresOn:p,extExpiresOn:h,refreshOn:d,correlationId:n.correlationId,requestId:l||"",familyId:m,tokenType:r.accessToken?.tokenType||"",state:a?a.userRequestState:"",cloudGraphHostName:r.account?.cloudGraphHostName||"",msGraphHost:r.account?.msGraphHost||"",code:c?.spa_code,fromPlatformBroker:!1}}}function pn(e,t,r,o,n,i,s,a,c,l,h,d,u){d?.verbose("09jz0t",n);const g=a||t.getPreferredCache(),p=e.getAccountsFilteredBy({homeAccountId:r,environment:g},n);u?.addFields({cacheMatchedAccounts:p.length},n),p.length>1&&d?.warning("0x7ad1",n);const m=(1===p.length?p[0]:null)||function(e,t,r,o){let n,i,s;n=t.authorityType===ft?"ADFS":t.protocolMode===Ct.OIDC?V:"MSSTS",e.clientInfo&&o&&(i=ct(e.clientInfo,o),i.xms_tdbr&&(s="EU"===i.xms_tdbr?"EU":"None"));const a=e.environment||t&&t.getPreferredCache();if(!a)throw Se(Je,r);const c=e.idTokenClaims?.preferred_username||e.idTokenClaims?.upn,l=e.idTokenClaims?.emails?e.idTokenClaims.emails[0]:null,h=c||l||"",d=e.idTokenClaims?.login_hint,u=i?.utid||wt(e.idTokenClaims)||"",g=i?.uid||e.idTokenClaims?.oid||e.idTokenClaims?.sub||"";let p;p=e.tenantProfiles?e.tenantProfiles:[gt(e.homeAccountId,g,u,e.nativeAccountId,e.idTokenClaims)];return{homeAccountId:e.homeAccountId,environment:a,realm:u,localAccountId:g,username:h,authorityType:n,loginHint:d,clientInfo:e.clientInfo,name:e.idTokenClaims?.name||"",lastModificationTime:void 0,lastModificationApp:void 0,cloudGraphHostName:e.cloudGraphHostName,msGraphHost:e.msGraphHost,nativeAccountId:e.nativeAccountId,tenantProfiles:p,dataBoundary:s}}({homeAccountId:r,idTokenClaims:i,clientInfo:s,environment:a,cloudGraphHostName:l?.cloud_graph_host_name,msGraphHost:l?.msgraph_host,nativeAccountId:h},t,n,o),f=m.tenantProfiles||[],y=c||m.realm;if(y&&!f.find(e=>e.tenantId===y)){const e=gt(r,m.localAccountId,y,h,i);f.push(e)}return m.tenantProfiles=f,m}const mn="home_account_id",fn="UPN";async function yn(e,t,r,o){if("string"==typeof e)return e;return e({clientId:t,tokenEndpoint:r,fmiPath:o})}function In(e,t,r){return{clientId:e,authority:t.authority,scopes:t.scopes,homeAccountIdentifier:r,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid,embeddedClientId:t.embeddedClientId||t.extraParameters?.clientId,resource:t.resource}}class wn{static generateThrottlingStorageKey(e){return`${le}.${JSON.stringify(e)}`}static preProcess(e,t,r){const o=wn.generateThrottlingStorageKey(t),n=e.getThrottlingCache(o,r);if(n){if(n.throttleTime<Date.now())return void e.removeItem(o,r);throw new hn(n.errorCodes?.join(" ")||"",r,n.errorMessage,n.subError)}}static postProcess(e,t,r,o){if(wn.checkResponseStatus(r)||wn.checkResponseForRetryAfter(r)){const n={throttleTime:wn.calculateThrottleTime(parseInt(r.headers[P])),error:r.body.error,errorCodes:r.body.error_codes,errorMessage:r.body.error_description,subError:r.body.suberror};e.setThrottlingCache(wn.generateThrottlingStorageKey(t),n,o)}}static checkResponseStatus(e){return 429===e.status||e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return!!e.headers&&(e.headers.hasOwnProperty(P)&&(e.status<200||e.status>=300))}static calculateThrottleTime(e){const t=e<=0?0:e,r=Date.now()/1e3;return Math.floor(1e3*Math.min(r+(t||60),r+3600))}static removeThrottle(e,t,r,o){const n=In(t,r,o),i=this.generateThrottlingStorageKey(n);e.removeItem(i,r.correlationId)}}class Cn extends Te{constructor(e,t,r){super(e.errorCode,e.correlationId,e.errorMessage,e.subError),Object.setPrototypeOf(this,Cn.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=r}}function vn(e,t,r,o){return e.errorMessage=`${e.errorMessage}, additionalErrorInfo: error.name:${o?.name}, error.message:${o?.message}`,new Cn(e,t,r)}function kn(e,t,r){const o={};if(o[_]="application/x-www-form-urlencoded;charset=utf-8",!t&&r)switch(r.type){case mn:try{const e=lt(r.credential);o[R]=`Oid:${e.uid}@${e.utid}`}catch(t){e.verbose(`1qhtee ${t}`,"")}break;case fn:o[R]=`UPN: ${r.credential}`}return o}function Tn(e,t,r,o){const n=new Map;return e.embeddedClientId&&go(n,t,r),e.extraQueryParameters&&io(n,e.extraQueryParameters),Gr(n,e.correlationId),Fr(n,e.correlationId,o),yo(n)}async function bn(e,t,r,o,n,i,s,a,c,l){const h=await async function(e,t,r,o,n,i,s,a){let c;wn.preProcess(n,e,o);try{c=await mr(i.sendPostRequestAsync.bind(i),sr,s,a,o)(t,r);const e=c.headers||{};a?.addFields({refreshTokenSize:c.body.refresh_token?.length||0,httpVerToken:e[q]||"",requestId:e[x]||""},o)}catch(e){if(e instanceof Cn){const t=e.responseHeaders;throw t&&a?.addFields({httpVerToken:t[q]||"",requestId:t[x]||"",contentTypeHeader:t[_]||void 0,contentLengthHeader:t[E]||void 0,httpStatus:e.httpStatus},o),e.error}throw e instanceof Te?e:Se(Me,o)}return wn.postProcess(n,e,c,o),c}(o,e,{body:t,headers:r},n,i,s,a,c);return l&&h.status<500&&429!==h.status&&l.clearTelemetryCache(),h}class An{constructor(e,t){this.includeRedirectUri=!0,this.config=Bo(e),this.logger=new To(this.config.loggerOptions,bo,Ao),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t,this.oidcDefaultScopes=this.config.authOptions.authority.options.OIDCOptions?.defaultScopes}async acquireToken(e,t,r){if(!e.code)throw Se(De,e.correlationId);r&&r.cloud_instance_host_name&&await mr(this.updateTokenEndpointAuthority.bind(this),"updateTokenEndpointAuthority",this.logger,this.performanceClient,e.correlationId)(r.cloud_instance_host_name,e.correlationId);const o=yr(),n=await mr(this.executeTokenRequest.bind(this),"authClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(this.authority,e,this.serverTelemetryManager),i=n.headers?.[x],s=new gn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return s.validateTokenResponse(n.body,e.correlationId),mr(s.handleServerTokenResponse.bind(s),dr,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,o,e,t,r,void 0,void 0,void 0,i)}getLogoutUri(e){if(!e)throw _t(Nt,"");const t=this.createLogoutUrlQueryString(e);return Zt.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t,r){const o=Tn(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),n=Zt.appendQueryString(e.tokenEndpoint,o),i=await mr(this.createTokenRequestBody.bind(this),"authClientCreateTokenRequestBody",this.logger,this.performanceClient,t.correlationId)(t);let s;if(t.clientInfo)try{const e=ct(t.clientInfo,this.cryptoUtils.base64Decode);s={credential:`${e.uid}.${e.utid}`,type:mn}}catch(e){this.logger.verbose(`0wznt3 ${e}`,t.correlationId)}const a=kn(this.logger,this.config.systemOptions.preventCorsPreflight,s||t.ccsCredential),c=In(this.config.authOptions.clientId,t);return mr(bn,"authorizationCodeClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,t.correlationId)(n,i,a,c,t.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,r)}async createTokenRequestBody(e){const r=new Map;if($r(r,e.embeddedClientId||e.extraParameters?.[t]||this.config.authOptions.clientId),this.includeRedirectUri)Kr(r,e.redirectUri);else if(!e.redirectUri)throw _t(Et,e.correlationId);if(Dr(r,e.scopes,e.correlationId,!0,this.oidcDefaultScopes),po(r,e.resource),function(e,t){e.set("code",t)}(r,e.code),Qr(r,this.config.libraryInfo),Vr(r,this.config.telemetry.application),uo(r),this.serverTelemetryManager&&!zo(this.config)&&ho(r,this.serverTelemetryManager),e.codeVerifier&&function(e,t){e.set("code_verifier",t)}(r,e.codeVerifier),this.config.clientCredentials.clientSecret&&Xr(r,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const t=this.config.clientCredentials.clientAssertion;eo(r,await yn(t.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),to(r,t.assertionType)}if(ro(r,G),oo(r),e.authenticationScheme===ce.POP){const t=new Wo(this.cryptoUtils,this.performanceClient);let o;if(e.popKid)o=this.cryptoUtils.encodeKid(e.popKid);else{o=(await mr(t.generateCnf.bind(t),hr,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}co(r,o)}else if(e.authenticationScheme===ce.SSH){if(!e.sshJwk)throw _t(Dt,e.correlationId);lo(r,e.sshJwk)}let o;if(e.clientInfo)try{const t=ct(e.clientInfo,this.cryptoUtils.base64Decode);o={credential:`${t.uid}.${t.utid}`,type:mn}}catch(t){this.logger.verbose(`0wznt3 ${t}`,e.correlationId)}else o=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&o)switch(o.type){case mn:try{jr(r,lt(o.credential))}catch(t){this.logger.verbose(`1qhtee ${t}`,e.correlationId)}break;case fn:zr(r,o.credential)}return e.embeddedClientId&&go(r,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&io(r,e.extraParameters),!e.enableSpaAuthorizationCode||e.extraParameters&&e.extraParameters[i]||io(r,{[i]:"1"}),Fr(r,e.correlationId,this.performanceClient),Wr(r,e.correlationId,e.claims,this.config.authOptions.clientCapabilities,e.skipBrokerClaims),yo(r)}createLogoutUrlQueryString(e){const t=new Map;return e.postLogoutRedirectUri&&function(e,t){e.set("post_logout_redirect_uri",t)}(t,e.postLogoutRedirectUri),e.correlationId&&Gr(t,e.correlationId),e.idTokenHint&&function(e,t){e.set("id_token_hint",t)}(t,e.idTokenHint),e.state&&Yr(t,e.state),e.logoutHint&&function(e,t){e.set("logout_hint",t)}(t,e.logoutHint),e.extraQueryParameters&&io(t,e.extraQueryParameters),this.config.authOptions.instanceAware&&no(t),yo(t)}async updateTokenEndpointAuthority(e,t){const r=`https://${e}/${this.authority.tenant}/`,o=await Ur(r,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=o}}function Sn(e,r,o,n){const i=r.correlationId,s=new Map;$r(s,r.embeddedClientId||r.extraQueryParameters?.[t]||e.clientId);if(Dr(s,[...r.scopes||[],...r.extraScopesToConsent||[]],r.correlationId,!0,e.authority.options.OIDCOptions?.defaultScopes),po(s,r.resource),Kr(s,r.redirectUri),Gr(s,i),function(e,t){e.set("response_mode",t||W.QUERY)}(s,r.responseMode),oo(s),function(e){e.set("clidata","1")}(s),r.prompt&&(!function(e,t){e.set("prompt",t)}(s,r.prompt),n?.addFields({prompt:r.prompt},i)),r.domainHint&&(!function(e,t){e.set("domain_hint",t)}(s,r.domainHint),n?.addFields({domainHintFromRequest:!0},i)),r.prompt!==z.SELECT_ACCOUNT)if(r.sid&&r.prompt===z.NONE)o.verbose("1tvqyx",r.correlationId),Jr(s,r.sid),n?.addFields({sidFromRequest:!0},i);else if(r.account){const e=(a=r.account,a.idTokenClaims?.sid||null);let t=function(e){return e.loginHint||e.idTokenClaims?.login_hint||null}(r.account);if(t&&r.domainHint&&(o.warning("0wkg3v",r.correlationId),t=null),t){o.verbose("1eyfsw",r.correlationId),Br(s,t),n?.addFields({loginHintFromClaim:!0},i);try{jr(s,lt(r.account.homeAccountId))}catch(e){o.verbose("12ugck",r.correlationId)}}else if(e&&r.prompt===z.NONE){o.verbose("1rmd8s",r.correlationId),Jr(s,e),n?.addFields({sidFromClaim:!0},i);try{jr(s,lt(r.account.homeAccountId))}catch(e){o.verbose("12ugck",r.correlationId)}}else if(r.loginHint)o.verbose("0y3007",r.correlationId),Br(s,r.loginHint),zr(s,r.loginHint),n?.addFields({loginHintFromRequest:!0},i);else if(r.account.username){o.verbose("02f507",r.correlationId),Br(s,r.account.username),n?.addFields({loginHintFromUpn:!0},i);try{jr(s,lt(r.account.homeAccountId))}catch(e){o.verbose("12ugck",r.correlationId)}}}else r.loginHint&&(o.verbose("0g01ey",r.correlationId),Br(s,r.loginHint),zr(s,r.loginHint),n?.addFields({loginHintFromRequest:!0},i));else o.verbose("169k9v",r.correlationId);var a;return r.nonce&&function(e,t){e.set("nonce",t)}(s,r.nonce),r.state&&Yr(s,r.state),r.embeddedClientId&&go(s,e.clientId,e.redirectUri),Wr(s,r.correlationId,r.claims,e.clientCapabilities,r.skipBrokerClaims),!e.instanceAware||r.extraQueryParameters&&Object.keys(r.extraQueryParameters).includes(l)||no(s),s}function _n(e,t){const r=yo(t);return Zt.appendQueryString(e.authorizationEndpoint,r)}function En(e,t,r){if(!e.state||!t)throw e.state?Se(Le,r,"Cached State"):Se(Le,r,"Server State");let o,n;try{o=decodeURIComponent(e.state)}catch(t){throw Se(Ne,r,e.state)}try{n=decodeURIComponent(t)}catch(t){throw Se(Ne,r,e.state)}if(o!==n)throw Se(Ue,r);if(e.error||e.error_description||e.suberror){const t=function(e){const t="code=",r=e.error_uri?.lastIndexOf(t);return r&&r>=0?e.error_uri?.substring(r+t.length):void 0}(e);if(cn(e.error,e.error_description,e.suberror))throw new an(e.error||"",e.correlation_id||r,e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.claims||"",t);throw new hn(e.error||"",e.correlation_id||r,e.error_description,e.suberror,t)}}class Pn extends Te{constructor(e,t,r){super(e,t,r),this.name="JoseHeaderError",Object.setPrototypeOf(this,Pn.prototype)}}function Rn(e,t){return new Pn(e,t)}class On{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw Rn("missing_kid_error","");if(!e.alg)throw Rn("missing_alg_error","");const t=new On({typ:e.typ||ve.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}function Mn(e,t,r,o=5){if(e instanceof Error)return e instanceof Te?(r.errorCode=e.errorCode,r.subErrorCode=e.subError,void(!r.serverErrorNo&&(e instanceof hn||e instanceof an)&&e.errorNo&&(r.serverErrorNo=e.errorNo))):void(e instanceof _o?r.errorCode=e.errorCode:r.errorStack?.length?t.trace("0lmqrh",r.correlationId):e.stack?.length?(e.stack&&(r.errorStack=function(e,t){if(t<0)return[];const r=e.split("\n")||[],o=[],n=r[0];n.startsWith("TypeError: Cannot read property")||n.startsWith("TypeError: Cannot read properties of")||n.startsWith("TypeError: Cannot set property")||n.startsWith("TypeError: Cannot set properties of")||n.endsWith("is not a function")?o.push(xn(n)):(n.startsWith("SyntaxError")||n.startsWith("TypeError"))&&o.push(xn(n.replace(/['].*[']|["].*["]/g,"<redacted>")));for(let e=1;e<r.length&&!(o.length>=t);e++){const t=r[e];o.push(xn(t))}return o}(e.stack,o)),r.errorName=e.name):t.trace("1cnpwa",r.correlationId));t.trace("0gcyox",r.correlationId)}function xn(e){const t=e.lastIndexOf(" ")+1;if(t<1)return e;const r=e.substring(t);let o=r.lastIndexOf("/");return o=o<0?r.lastIndexOf("\\"):o,o>=0?(e.substring(0,t)+"("+r.substring(o+1)+(")"===r.charAt(r.length-1)?"":")")).trimStart():e.trimStart()}class qn{constructor(e,t,r,o,n,i,s){this.authority=t,this.libraryName=o,this.libraryVersion=n,this.globalFields={},this.applicationTelemetry=i,this.clientId=e,this.logger=r,this.callbacks=new Map,this.eventsByCorrelationId=new Map,this.eventStack=new Map,this.intFields=s||new Set;for(const e of qo)this.intFields.add(e)}startMeasurement(e,t){const r=t||this.generateId(),o={eventId:this.generateId(),status:Oo,authority:this.authority,libraryName:this.libraryName,libraryVersion:this.libraryVersion,clientId:this.clientId,name:e,startTimeMs:Date.now(),correlationId:r,appName:this.applicationTelemetry?.appName,appVersion:this.applicationTelemetry?.appVersion};var n,i;return this.cacheEventByCorrelationId(o),n=o,(i=this.eventStack.get(r))&&i.push({name:n.name}),{end:(e,t,r)=>this.endMeasurement({...o,...e},t,r),discard:()=>this.discardMeasurements(o.correlationId),add:e=>this.addFields(e,o.correlationId),increment:e=>this.incrementFields(e,o.correlationId),event:o}}endMeasurement(e,t,r){const o=this.eventsByCorrelationId.get(e.correlationId);if(!o)return this.logger.trace(`0k9ti8 ${e.eventId}`,e.correlationId),null;const n=e.eventId===o.eventId;e.durationMs=Math.round(e.durationMs||this.getDurationMs(e.startTimeMs));const i=JSON.stringify(function(e,t,r){if(!t?.length)return;const o=e=>e.length?e[e.length-1]:void 0,n=e.name,i=o(t);if(i?.name!==n)return;const s=t?.pop();if(!s)return;const a=r instanceof Te?r.errorCode:r instanceof Error?r.name:void 0,c=r instanceof Te?r.subError:void 0;a&&s.childErr!==a&&(s.err=a,c&&(s.subErr=c)),delete s.name,delete s.childErr;const l={...s,dur:e.durationMs};e.success||(l.fail=1);const h=o(t);if(!h)return{[n]:l};let d;if(a&&(h.childErr=a),h[n]){const e=Object.keys(h).filter(e=>e.startsWith(n)).length;d=`${n}_${e+1}`}else d=n;return h[d]=l,h}(e,this.eventStack.get(o.correlationId),t));if(n?this.discardMeasurements(o.correlationId):o.incompleteSubMeasurements?.delete(e.eventId),t&&Mn(t,this.logger,o),!n)return o.ext={...o.ext,...e.ext},o.ext[e.name+"DurationMs"]=Math.floor(e.durationMs),{...o};n&&!t&&(o.errorCode||o.subErrorCode)&&(this.logger.trace(`1fm1tm ${e.name}`,e.correlationId),o.errorCode=void 0,o.subErrorCode=void 0);let s={...o,...e},a=0;s.incompleteSubMeasurements?.forEach(t=>{this.logger.trace(`0nxk52 ${t.name} ${e.name}`,s.correlationId),a++}),s.incompleteSubMeasurements=void 0;const c=function(e){const t=[];for(const r of["",e]){const e=vo.get(r);t.push(...e?.logs??[]),vo.delete(r)}return t}(e.correlationId).map(e=>`${e.milliseconds},${e.hash}`).join(";");return s={...s,status:Mo,incompleteSubsCount:a,context:i,logs:c,...this.globalFields},r&&(s.accountType=function(e){const t=e?.idTokenClaims;return t?.tfp||t?.acr?"B2C":t?.tid?"9188040d-6c67-4c5b-b112-36a304b66dad"===t?.tid?"MSA":"AAD":void 0}(r),s.dataBoundary=r.dataBoundary),this.truncateIntegralFields(s),this.emitEvents([s],e.correlationId),s}addFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r){const o={},n={};for(const t in e)if(t.startsWith(xo)){const r=t.slice(4),o=e[t];"string"!=typeof o&&"number"!=typeof o||(n[r]=o)}else o[t]=e[t];const i={...r,...o};Object.keys(n).length&&(i.ext={...i.ext,...n}),this.eventsByCorrelationId.set(t,i)}else this.logger.trace("0thl6s",t)}addGlobalFields(e){this.globalFields={...this.globalFields,...e}}incrementFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r)for(const t in e)if(t.startsWith(xo)){r.ext=r.ext||{};const o=t.slice(4),n=r.ext[o];if(void 0===n)r.ext[o]=0;else if(isNaN(Number(n)))return;r.ext[o]=(Number(r.ext[o])||0)+(e[t]??0)}else{if(r.hasOwnProperty(t)){if(isNaN(Number(r[t])))return}else r[t]=0;r[t]+=e[t]}else this.logger.trace("0thl6s",t)}cacheEventByCorrelationId(e){const t=this.eventsByCorrelationId.get(e.correlationId);t?(t.incompleteSubMeasurements=t.incompleteSubMeasurements||new Map,t.incompleteSubMeasurements.set(e.eventId,{name:e.name,startTimeMs:e.startTimeMs})):(this.eventsByCorrelationId.set(e.correlationId,{...e}),this.eventStack.set(e.correlationId,[]))}discardMeasurements(e){this.eventsByCorrelationId.delete(e),this.eventStack.delete(e)}addPerformanceCallback(e){for(const[t,r]of this.callbacks)if(r.toString()===e.toString())return this.logger.warning(`1eap5p ${t}`,""),t;const t=this.generateId();return this.callbacks.set(t,e),this.logger.verbose(`0c9ujz ${t}`,""),t}removePerformanceCallback(e){const t=this.callbacks.delete(e);return t?this.logger.verbose(`0253if ${e}`,""):this.logger.verbose(`0iqk07 ${e}`,""),t}emitEvents(e,t){this.logger.verbose("11jb1y",t),this.callbacks.forEach((r,o)=>{this.logger.trace(`0p2pjl ${o}`,t),r.apply(null,[e])})}truncateIntegralFields(e){this.intFields.forEach(t=>{t in e&&"number"==typeof e[t]&&(e[t]=Math.floor(e[t]))})}getDurationMs(e){const t=Date.now()-e;return t<0?t:0}}class Nn{constructor(e,t){this.config=Bo(e),this.logger=new To(this.config.loggerOptions,bo,Ao),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireToken(e,t){const r=yr(),o=await mr(this.executeTokenRequest.bind(this),"refreshTokenClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(e,this.authority),n=o.headers?.[x],i=new gn(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return i.validateTokenResponse(o.body,e.correlationId),mr(i.handleServerTokenResponse.bind(i),dr,this.logger,this.performanceClient,e.correlationId)(o.body,this.authority,r,e,t,void 0,void 0,!0,e.forceCache,n)}async acquireTokenByRefreshToken(e,t){if(!e)throw _t(qt,"");if(!e.account)throw Se(ze,e.correlationId);if(this.cacheManager.isAppMetadataFOCI(e.account.environment,e.correlationId))try{return await mr(this.acquireTokenWithCachedRefreshToken.bind(this),ar,this.logger,this.performanceClient,e.correlationId)(e,!0,t)}catch(r){const o=r instanceof an&&r.errorCode===Go,n=r instanceof hn&&"invalid_grant"===r.errorCode&&"client_mismatch"===r.subError;if(o||n)return mr(this.acquireTokenWithCachedRefreshToken.bind(this),ar,this.logger,this.performanceClient,e.correlationId)(e,!1,t);throw r}return mr(this.acquireTokenWithCachedRefreshToken.bind(this),ar,this.logger,this.performanceClient,e.correlationId)(e,!1,t)}async acquireTokenWithCachedRefreshToken(e,t,r){const o=pr(this.cacheManager.getRefreshToken.bind(this.cacheManager),"cacheManagerGetRefreshToken",this.logger,this.performanceClient,e.correlationId)(e.account,t,e.correlationId,void 0);if(!o)throw ln(Go,e.correlationId);if(o.expiresOn){const t=e.refreshTokenExpirationOffsetSeconds||300;if(this.performanceClient?.addFields({cacheRtExpiresOnSeconds:Number(o.expiresOn),rtOffsetSeconds:t},e.correlationId),Cr(o.expiresOn,t))throw ln(Vo,e.correlationId)}const n={...e,refreshToken:o.secret,authenticationScheme:e.authenticationScheme||ce.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:mn}};try{return await mr(this.acquireToken.bind(this),"refreshTokenClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(n,r)}catch(t){if(t instanceof an&&t.subError===tn){this.logger.verbose("1pg3ap",e.correlationId);const t=this.cacheManager.generateCredentialKey(o);this.cacheManager.removeRefreshToken(t,e.correlationId)}throw t}}async executeTokenRequest(e,t){const r=Tn(e,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),o=Zt.appendQueryString(t.tokenEndpoint,r),n=await mr(this.createTokenRequestBody.bind(this),"refreshTokenClientCreateTokenRequestBody",this.logger,this.performanceClient,e.correlationId)(e),i=kn(this.logger,this.config.systemOptions.preventCorsPreflight,e.ccsCredential),s=In(this.config.authOptions.clientId,e);return mr(bn,"refreshTokenClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,e.correlationId)(o,n,i,s,e.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,this.serverTelemetryManager)}async createTokenRequestBody(e){const r=new Map;if($r(r,e.embeddedClientId||e.extraParameters?.[t]||this.config.authOptions.clientId),e.redirectUri&&Kr(r,e.redirectUri),Dr(r,e.scopes,e.correlationId,!0,this.config.authOptions.authority.options.OIDCOptions?.defaultScopes),ro(r,Q),oo(r),Qr(r,this.config.libraryInfo),Vr(r,this.config.telemetry.application),uo(r),this.serverTelemetryManager&&!zo(this.config)&&ho(r,this.serverTelemetryManager),function(e,t){e.set("refresh_token",t)}(r,e.refreshToken),this.config.clientCredentials.clientSecret&&Xr(r,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const t=this.config.clientCredentials.clientAssertion;eo(r,await yn(t.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),to(r,t.assertionType)}if(e.authenticationScheme===ce.POP){const t=new Wo(this.cryptoUtils,this.performanceClient);let o;if(e.popKid)o=this.cryptoUtils.encodeKid(e.popKid);else{o=(await mr(t.generateCnf.bind(t),hr,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}co(r,o)}else if(e.authenticationScheme===ce.SSH){if(!e.sshJwk)throw _t(Dt,e.correlationId);lo(r,e.sshJwk)}if(this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case mn:try{jr(r,lt(e.ccsCredential.credential))}catch(t){this.logger.verbose(`1qhtee ${t}`,e.correlationId)}break;case fn:zr(r,e.ccsCredential.credential)}return e.embeddedClientId&&go(r,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&io(r,{...e.extraParameters}),Fr(r,e.correlationId,this.performanceClient),Wr(r,e.correlationId,e.claims,this.config.authOptions.clientCapabilities,e.skipBrokerClaims),yo(r)}}function Un(e){const{skus:t,libraryName:r,libraryVersion:o,extensionName:n,extensionVersion:i}=e,s=new Map([[0,[r,o]],[2,[n,i]]]);let a=[];if(t?.length){if(a=t.split(","),a.length<4)return t}else a=Array.from({length:4},()=>"|");return s.forEach((e,t)=>{2===e.length&&e[0]?.length&&e[1]?.length&&function(e){const{skuArr:t,index:r,skuName:o,skuVersion:n}=e;if(r>=t.length)return;t[r]=[o,n].join("|")}({skuArr:a,index:t,skuName:e[0],skuVersion:e[1]})}),a.join(",")}class Ln{constructor(e,t){this.cacheOutcome=fe,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||"",this.wrapperVer=e.wrapperVer||"",this.telemetryCacheKey=se+"-"+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${ae}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],r=this.getNativeBrokerErrorCode();r?.length&&t.push(`broker_error=${r}`);const o=t.join(ae),n=[e,this.getRegionDiscoveryFields()].join(ae);return[ie,n,o].join("|")}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=Ln.maxErrorsToSend(e),r=e.failedRequests.slice(0,2*t).join(ae),o=e.errors.slice(0,t).join(ae),n=e.errors.length,i=[n,t<n?"1":"0"].join(ae);return[ie,e.cacheHits,r,o,i].join("|")}cacheFailedRequest(e){try{const t=this.getLastRequests();t.errors.length>=50&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof Te?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push("unknown_error"),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}catch{}}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId),e.cacheHits}getLastRequests(){return this.cacheManager.getServerTelemetry(this.telemetryCacheKey,this.correlationId)||{failedRequests:[],errors:[],cacheHits:0}}clearTelemetryCache(){const e=this.getLastRequests(),t=Ln.maxErrorsToSend(e);if(t===e.errors.length)this.cacheManager.removeItem(this.telemetryCacheKey,this.correlationId);else{const r={failedRequests:e.failedRequests.slice(2*t),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,r,this.correlationId)}}static maxErrorsToSend(e){let t,r=0,o=0;const n=e.errors.length;for(t=0;t<n;t++){const n=e.failedRequests[2*t]||"",i=e.failedRequests[2*t+1]||"",s=e.errors[t]||"";if(o+=n.toString().length+i.toString().length+s.length+3,!(o<330))break;r+=1}return r}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||""),e.push(this.regionSource||""),e.push(this.regionOutcome||""),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId)}static makeExtraSkuString(e){return Un(e)}}class Fn extends Ln{constructor(){super({clientId:"",apiId:0,correlationId:"",forceRefresh:!1},{})}generateCurrentRequestHeaderValue(){return""}generateLastRequestHeaderValue(){return""}cacheFailedRequest(){}incrementCacheHits(){return 0}clearTelemetryCache(){}getRegionDiscoveryFields(){return""}updateRegionDiscoveryMetadata(){}setCacheOutcome(){}setNativeBrokerErrorCode(){}getNativeBrokerErrorCode(){}clearNativeBrokerErrorCode(){}}class Hn{constructor(e,t){this.config=Bo(e),this.logger=new To(this.config.loggerOptions,bo,Ao),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireCachedToken(e){let t=fe;if(e.forceRefresh||!Yt.isEmptyObj(e.claims))throw this.setCacheOutcome(ye,e.correlationId),Se(Qe,e.correlationId);if(!e.account)throw Se(ze,e.correlationId);const r=e.account.tenantId||function(e,t){const r=new Zt(e,t).getUrlComponents(),o=r.PathSegments.slice(-1)[0]?.toLowerCase();switch(o){case U:case L:case F:return;default:return o}}(e.authority,e.correlationId),o=this.cacheManager.getTokenKeys(),n=this.cacheManager.getAccessToken(e.account,e,o,r);if(!n)throw this.setCacheOutcome(Ie,e.correlationId),Se(Qe,e.correlationId);if(kr(n.cachedAt)||Cr(n.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(we,e.correlationId),Se(Qe,e.correlationId);if(e.resource){if(n.resource!==e.resource)throw this.setCacheOutcome(Ie,e.correlationId),Se(Qe,e.correlationId)}else n.refreshOn&&Cr(n.refreshOn,0)&&(t=Ce);const i=e.authority||this.authority.getPreferredCache(),s={account:this.cacheManager.getAccount(this.cacheManager.generateAccountKey(e.account),e.correlationId),accessToken:n,idToken:this.cacheManager.getIdToken(e.account,e.correlationId,o,r),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(i,e.correlationId)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await mr(this.generateResultFromCacheRecord.bind(this),"silentFlowClientGenerateResultFromCacheRecord",this.logger,this.performanceClient,e.correlationId)(s,e),t]}setCacheOutcome(e,t){this.serverTelemetryManager?.setCacheOutcome(e),this.performanceClient?.addFields({cacheOutcome:e},t),e!==fe&&this.logger.info(`09ingz ${e}`,t)}async generateResultFromCacheRecord(e,t){let r;return e.idToken&&(r=ht(e.idToken.secret,this.config.cryptoInterface.base64Decode,t.correlationId)),gn.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,this.performanceClient,r)}}const Dn={sendGetRequestAsync:()=>Promise.reject(Se(ot,"")),sendPostRequestAsync:()=>Promise.reject(Se(ot,""))};function $n(e,t){if(e){if(t.resource&&(Kn(t.extraParameters)||Kn(t.extraQueryParameters)))throw Se(st,t.correlationId||"");if(!t.resource)throw Se(it,t.correlationId||"")}}function Kn(e){return!!e&&Object.prototype.hasOwnProperty.call(e,"resource")}const Bn="standardInteractionClientGetDiscoveredAuthority",zn="nativeInteractionClientAcquireToken",jn="acquireTokenBySilentIframe",Jn="initializeBaseRequest",Wn="silentIframeClientTokenHelper",Gn="silentHandlerInitiateAuthRequest",Qn="silentHandlerMonitorIframeForHash",Vn="standardInteractionClientCreateAuthCodeClient",Yn="standardInteractionClientGetClientConfiguration",Zn="standardInteractionClientInitializeAuthorizationRequest",Xn="handleResponseEar",ei="handleResponsePlatformBroker",ti="handleResponseCode",ri="deserializeResponse",oi="removeHiddenIframe",ni="generatePkceCodes",ii="generateHKDF",si="decrypt",ai="generateEarKey",ci="pkce_not_created",li="ear_jwk_empty",hi="ear_jwe_empty",di="crypto_nonexistent",ui="empty_navigate_uri",gi="hash_empty_error",pi="no_state_in_hash",mi="hash_does_not_contain_known_properties",fi="unable_to_parse_state",yi="state_interaction_type_mismatch",Ii="interaction_in_progress",wi="interaction_in_progress_cancelled",Ci="popup_window_error",vi="empty_window_error",ki="user_cancelled",Ti="redirect_bridge_empty_response",bi="redirect_in_iframe",Ai="block_iframe_reload",Si="block_nested_popups",_i="popup_relay_unsupported_flow",Ei="silent_logout_unsupported",Pi="no_account_error",Ri="no_token_request_cache_error",Oi="unable_to_parse_token_request_cache_error",Mi="non_browser_environment",xi="database_not_open",qi="no_network_connectivity",Ni="post_request_failed",Ui="get_request_failed",Li="failed_to_parse_response",Fi="unable_to_load_token",Hi="crypto_key_not_found",Di="auth_code_required",$i="auth_code_or_nativeAccountId_required",Ki="spa_code_and_nativeAccountId_present",Bi="database_unavailable",zi="unable_to_acquire_token_from_native_platform",ji="native_handshake_timeout",Ji="native_extension_not_installed",Wi="native_connection_not_established",Gi="uninitialized_public_client_application",Qi="native_prompt_not_supported",Vi="invalid_base64_string",Yi="invalid_pop_token_request",Zi="failed_to_build_headers",Xi="failed_to_parse_headers",es="failed_to_decrypt_ear_response",ts="timed_out",rs="empty_response";var os=Object.freeze({__proto__:null,authCodeOrNativeAccountIdRequired:$i,authCodeRequired:Di,authRequestNotSetError:"auth_request_not_set_error",blockIframeReload:Ai,blockNestedPopups:Si,cryptoKeyNotFound:Hi,cryptoNonExistent:di,databaseNotOpen:xi,databaseUnavailable:Bi,earJweEmpty:hi,earJwkEmpty:li,emptyNavigateUri:ui,emptyResponse:rs,emptyWindowError:vi,failedToBuildHeaders:Zi,failedToDecryptEarResponse:es,failedToParseHeaders:Xi,failedToParseResponse:Li,getRequestFailed:Ui,hashDoesNotContainKnownProperties:mi,hashEmptyError:gi,iframeClosedPrematurely:"iframe_closed_prematurely",interactionInProgress:Ii,interactionInProgressCancelled:wi,invalidBase64String:Vi,invalidCacheType:"invalid_cache_type",invalidPopTokenRequest:Yi,nativeConnectionNotEstablished:Wi,nativeExtensionNotInstalled:Ji,nativeHandshakeTimeout:ji,nativePromptNotSupported:Qi,noAccountError:Pi,noNetworkConnectivity:qi,noStateInHash:pi,noTokenRequestCacheError:Ri,nonBrowserEnvironment:Mi,pkceNotCreated:ci,popupRelayUnsupportedFlow:_i,popupWindowError:Ci,postRequestFailed:Ni,redirectBridgeEmptyResponse:Ti,redirectInIframe:bi,silentLogoutUnsupported:Ei,silentPromptValueError:"silent_prompt_value_error",spaCodeAndNativeAccountIdPresent:Ki,stateInteractionTypeMismatch:yi,timedOut:ts,unableToAcquireTokenFromNativePlatform:zi,unableToLoadToken:Fi,unableToParseState:fi,unableToParseTokenRequestCacheError:Oi,uninitializedPublicClientApplication:Gi,userCancelled:ki});function ns(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class is extends Te{constructor(e,t,r){super(e,t,ns(e),r),Object.setPrototypeOf(this,is.prototype),this.name="BrowserAuthError"}}function ss(e,t,r){return new is(e,t,r)}function as(e){return(new TextDecoder).decode(cs(e))}function cs(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw ss(Vi,"")}const r=atob(t);return Uint8Array.from(r,e=>e.codePointAt(0)||0)}const ls="invalid_grant",hs=483,ds=600,us="msal",gs="msal.js.browser",ps="53ee284d-920a-4b59-9d30-a60315b26836",ms="ppnbnpeolgkicgegkbkbjmhlideopiji",fs="MATS",ys="MicrosoftEntra",Is="DOM API",ws="get-token-and-sign-out",Cs="PlatformAuthDOMHandler",vs="PlatformAuthExtensionHandler",ks="Handshake",Ts="HandshakeResponse",bs="GetToken",As="Response",Ss={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},_s="GET",Es="POST",Ps="signin",Rs="signout",Os="request.origin",Ms="urlHash",xs="request.params",qs="code.verifier",Ns="interaction.status",Us="request.native",Ls="wrapper.sku",Fs="wrapper.version",Hs={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962,hydrateCache:963,loadExternalTokens:964},Ds={861:"acquireTokenRedirect",862:"acquireTokenPopup",863:"ssoSilent",864:"acquireTokenSilent_authCode",865:"handleRedirectPromise",866:"acquireTokenByCode",61:"acquireTokenSilent_silentFlow",961:"logout",962:"logoutPopup",963:"hydrateCache",964:"loadExternalTokens"};var $s;e.InteractionType=void 0,($s=e.InteractionType||(e.InteractionType={})).Redirect="redirect",$s.Popup="popup",$s.Silent="silent",$s.None="none";const Ks={Startup:"startup",Logout:"logout",AcquireToken:"acquireToken",HandleRedirect:"handleRedirect",None:"none"},Bs={scopes:A},zs="msal.db",js=`${zs}.keys`,Js={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},Ws=[Js.Default,Js.Skip,Js.RefreshTokenAndNetwork];function Gs(e){return encodeURIComponent(Vs(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function Qs(e){return Ys(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function Vs(e){return Ys((new TextEncoder).encode(e))}function Ys(e){const t=Array.from(e,e=>String.fromCodePoint(e)).join("");return btoa(t)}const Zs="AES-GCM",Xs="HKDF",ea="SHA-256",ta=new Uint8Array([1,0,1]),ra="0123456789abcdef",oa=new Uint32Array(1),na="raw",ia="encrypt",sa="decrypt",aa={name:"RSASSA-PKCS1-v1_5",hash:ea,modulusLength:2048,publicExponent:ta};async function ca(e){const t=(new TextEncoder).encode(e);return window.crypto.subtle.digest(ea,t)}function la(e){return window.crypto.getRandomValues(e)}function ha(){return window.crypto.getRandomValues(oa),oa[0]}function da(){const e=Date.now(),t=1024*ha()+(1023&ha()),r=new Uint8Array(16),o=Math.trunc(t/2**30),n=t&2**30-1,i=ha();r[0]=e/2**40,r[1]=e/2**32,r[2]=e/2**24,r[3]=e/65536,r[4]=e/256,r[5]=e,r[6]=112|o>>>8,r[7]=o,r[8]=128|n>>>24,r[9]=n>>>16,r[10]=n>>>8,r[11]=n,r[12]=i>>>24,r[13]=i>>>16,r[14]=i>>>8,r[15]=i;let s="";for(let e=0;e<r.length;e++)s+=ra.charAt(r[e]>>>4),s+=ra.charAt(15&r[e]),3!==e&&5!==e&&7!==e&&9!==e||(s+="-");return s}async function ua(e){return window.crypto.subtle.exportKey("jwk",e)}async function ga(){const e=await ma(),t={alg:"dir",kty:"oct",k:Qs(new Uint8Array(e))};return Vs(JSON.stringify(t))}async function pa(e,t){const r=t.split(".");if(5!==r.length)throw ss(es,"","jwe_length");const o=await async function(e){const t=as(e),r=cs(JSON.parse(t).k);return window.crypto.subtle.importKey(na,r,Zs,!1,[sa])}(e).catch(()=>{throw ss(es,"","import_key")});try{const e=(new TextEncoder).encode(r[0]),t=cs(r[2]),n=cs(r[3]),i=cs(r[4]),s=8*i.byteLength,a=new Uint8Array(n.length+i.length);a.set(n),a.set(i,n.length);const c=await window.crypto.subtle.decrypt({name:Zs,iv:t,tagLength:s,additionalData:e},o,a);return(new TextDecoder).decode(c)}catch(e){throw ss(es,"","decrypt")}}async function ma(){const e=await window.crypto.subtle.generateKey({name:Zs,length:256},!0,[ia,sa]);return window.crypto.subtle.exportKey(na,e)}async function fa(e){return window.crypto.subtle.importKey(na,e,Xs,!1,["deriveKey"])}async function ya(e,t,r){return window.crypto.subtle.deriveKey({name:Xs,salt:t,hash:ea,info:(new TextEncoder).encode(r)},e,{name:Zs,length:256},!1,[ia,sa])}async function Ia(e,t,r){const o=(new TextEncoder).encode(t),n=window.crypto.getRandomValues(new Uint8Array(16)),i=await ya(e,n,r),s=await window.crypto.subtle.encrypt({name:Zs,iv:new Uint8Array(12)},i,o);return{data:Qs(new Uint8Array(s)),nonce:Qs(n)}}async function wa(e,t,r,o){const n=cs(o),i=await ya(e,cs(t),r),s=await window.crypto.subtle.decrypt({name:Zs,iv:new Uint8Array(12)},i,n);return(new TextDecoder).decode(s)}const Ca="storage_not_supported",va="stubbed_public_client_application_called",ka="in_mem_redirect_unavailable";var Ta=Object.freeze({__proto__:null,inMemRedirectUnavailable:ka,storageNotSupported:Ca,stubbedPublicClientApplicationCalled:va});class ba extends Te{constructor(e,t,r){super(e,t,r),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,ba.prototype)}}function Aa(e,t){return new ba(e,t,ns(e))}function Sa(){const e=window.location.hash,t=window.location.search;let r,o=!1,n=!1,i="";if(e&&e.length>1){const t="#"===e.charAt(0)?e.substring(1):e,n=new URLSearchParams(t);n.has("state")&&(o=!0,i=t,r=n)}if(t&&t.length>1){const e="?"===t.charAt(0)?t.substring(1):t,o=new URLSearchParams(e);o.has("state")&&(n=!0,i=e,r=o)}if(o&&n){i=`${"?"===t.charAt(0)?t.substring(1):t}${"#"===e.charAt(0)?e.substring(1):e}`,r=new URLSearchParams(i)}if(!i||!r)throw ss(rs,"");const s=r.get("state");if(!s)throw ss(pi,"");const{libraryState:a}=un(as,s,""),{id:c,meta:l}=a;if(!c||!l)throw ss(fi,"","missing_library_state");return{params:r,payload:i,urlHash:e,urlQuery:t,hasResponseInHash:o,hasResponseInQuery:n,libraryState:{id:c,meta:l}}}function _a(e){e.location.hash="","function"==typeof e.history.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}${e.location.search}`)}function Ea(e){const t=e.split("#");t.shift(),window.location.hash=t.length>0?t.join("#"):""}function Pa(){return window.parent!==window}function Ra(){if(Pa())return!1;try{const{libraryState:t}=Sa(),{meta:r}=t;return r.interactionType===e.InteractionType.Popup}catch(e){return!1}}let Oa=null;function Ma(e,t){Oa&&(e.verbose("18y01k",t),clearTimeout(Oa.timeoutId),Oa.channel.close(),Oa.reject(ss(wi,"")),Oa=null)}async function xa(e,t,r,o,n){return new Promise((i,s)=>{t.verbose("1rf6em",r.correlationId);const a=r.correlationId;o.addFields({redirectBridgeTimeoutMs:e,lateResponseExperimentEnabled:n?.iframeTimeoutTelemetry||!1},a);const{libraryState:c}=un(as,r.state||"",r.correlationId),l=new BroadcastChannel(c.id);let h,d,u,g=!1;const p=window.setTimeout(()=>{Oa=null,n?.iframeTimeoutTelemetry?(u=o.startMeasurement("waitForBridgeLateResponse",a),g=!0,d=window.setTimeout(()=>{u?.end({success:!1}),clearTimeout(d),l.close()},6e4)):l.close(),s(ss(ts,"","redirect_bridge_timeout"))},e);Oa={timeoutId:p,channel:l,reject:s},l.onmessage=e=>{h=e.data.payload;const t=e?.data&&"number"==typeof e.data.v?e.data.v:void 0;if(g)return u?.end({success:!!h}),clearTimeout(d),void l.close();o.addFields({redirectBridgeMessageVersion:t},a),Oa=null,clearTimeout(p),l.close(),h?i(h):s(ss(Ti,a))}})}function qa(){return"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function Na(e){const t=new Zt(window.location.href,e||"").getUrlComponents();return`${t.Protocol}//${t.HostNameAndPort}/`}function Ua(){if(fo(window.location.hash)&&Pa())throw ss(Ai,"")}function La(e){if(Pa()&&!e)throw ss(bi,"")}function Fa(){if(Ra())throw ss(Si,"")}function Ha(){if("undefined"==typeof window)throw ss(Mi,"")}function Da(e){if(!e)throw ss(Gi,"")}function $a(e){Ha(),Ua(),Fa(),Da(e)}function Ka(e,t){if($a(e),La(t.system.allowRedirectInIframe),t.cache.cacheLocation===Ss.MemoryStorage)throw Aa(ka,"")}function Ba(e){const t=document.createElement("link");t.rel="preconnect",t.href=new URL(e).origin,t.crossOrigin="anonymous",document.head.appendChild(t),window.setTimeout(()=>{try{document.head.removeChild(t)}catch{}},1e4)}function za(){return da()}const ja=ao;var Ja=Object.freeze({__proto__:null,blockAPICallsBeforeInitialize:Da,blockAcquireTokenInPopups:Fa,blockNonBrowserEnvironment:Ha,blockRedirectInIframe:La,blockReloadInHiddenIframes:Ua,buildMergedClaims:ja,cancelPendingBridgeResponse:Ma,clearAuthResponseFromUrl:function(e){"function"==typeof e.history?.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}`)},clearHash:_a,createGuid:za,getCurrentUri:qa,getHomepage:Na,invoke:pr,invokeAsync:mr,isInIframe:Pa,isInPopup:Ra,parseAuthResponseFromUrl:Sa,preconnect:Ba,preflightCheck:$a,redirectPreflightCheck:Ka,replaceHash:Ea,waitForBridgeResponse:xa});class Wa{constructor(){this.dbName=zs,this.version=1,this.tableName=js,this.dbOpen=!1}async open(){return new Promise((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",e=>{e.target.result.createObjectStore(this.tableName)}),r.addEventListener("success",t=>{const r=t;this.db=r.target.result,this.dbOpen=!0,e()}),r.addEventListener("error",()=>t(ss(Bi,"")))})}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise((t,r)=>{if(!this.db)return r(ss(xi,""));const o=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);o.addEventListener("success",e=>{const r=e;this.closeConnection(),t(r.target.result)}),o.addEventListener("error",e=>{this.closeConnection(),r(e)})})}async setItem(e,t){return await this.validateDbIsOpen(),new Promise((r,o)=>{if(!this.db)return o(ss(xi,""));const n=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);n.addEventListener("success",()=>{this.closeConnection(),r()}),n.addEventListener("error",e=>{this.closeConnection(),o(e)})})}async removeItem(e){return await this.validateDbIsOpen(),new Promise((t,r)=>{if(!this.db)return r(ss(xi,""));const o=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);o.addEventListener("success",()=>{this.closeConnection(),t()}),o.addEventListener("error",e=>{this.closeConnection(),r(e)})})}async getKeys(){return await this.validateDbIsOpen(),new Promise((e,t)=>{if(!this.db)return t(ss(xi,""));const r=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();r.addEventListener("success",t=>{const r=t;this.closeConnection(),e(r.target.result)}),r.addEventListener("error",e=>{this.closeConnection(),t(e)})})}async containsKey(e){return await this.validateDbIsOpen(),new Promise((t,r)=>{if(!this.db)return r(ss(xi,""));const o=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);o.addEventListener("success",e=>{const r=e;this.closeConnection(),t(1===r.target.result)}),o.addEventListener("error",e=>{this.closeConnection(),r(e)})})}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise((e,t)=>{const r=window.indexedDB.deleteDatabase(zs),o=setTimeout(()=>t(!1),200);r.addEventListener("success",()=>(clearTimeout(o),e(!0))),r.addEventListener("blocked",()=>(clearTimeout(o),e(!0))),r.addEventListener("error",()=>(clearTimeout(o),t(!1)))})}}class Ga{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)||null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach((t,r)=>{e.push(r)}),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}decryptData(){return Promise.resolve(null)}}class Qa{constructor(e){this.inMemoryCache=new Ga,this.indexedDBCache=new Wa,this.logger=e}handleDatabaseAccessError(e,t){if(!(e instanceof is&&e.errorCode===Bi))throw e;this.logger.error("1wx7zz",t)}async getItem(e,t){const r=this.inMemoryCache.getItem(e);if(!r)try{return this.logger.verbose("0naxpl",t),await this.indexedDBCache.getItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}async setItem(e,t,r){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(e){this.handleDatabaseAccessError(e,r)}}async removeItem(e,t){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}}async getKeys(e){const t=this.inMemoryCache.getKeys();if(0===t.length)try{return this.logger.verbose("1iqrbq",e),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t,e)}return t}async containsKey(e,t){const r=this.inMemoryCache.containsKey(e);if(!r)try{return this.logger.verbose("03zl2j",t),await this.indexedDBCache.containsKey(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}clearInMemory(e){this.logger.verbose("03r21p",e),this.inMemoryCache.clear(),this.logger.verbose("0uksk1",e)}async clearPersistent(e){try{this.logger.verbose("0rdqut",e);const t=await this.indexedDBCache.deleteDatabase();return t&&this.logger.verbose("149ouc",e),t}catch(t){return this.handleDatabaseAccessError(t,e),!1}}}class Va{constructor(e,t,r){this.logger=e,function(e){if(!window)throw ss(Mi,"");if(!window.crypto)throw ss(di,"");if(!e&&!window.crypto.subtle)throw ss(di,"","crypto_subtle_undefined")}(r??!1),this.cache=new Qa(this.logger),this.performanceClient=t}createNewGuid(){return da()}base64Encode(e){return Vs(e)}base64Decode(e){return as(e)}base64UrlEncode(e){return Gs(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){const t=this.performanceClient?.startMeasurement("cryptoOptsGetPublicKeyThumbprint",e.correlationId),r=await async function(e,t){return window.crypto.subtle.generateKey(aa,e,t)}(Va.EXTRACTABLE,Va.POP_KEY_USAGES),o=await ua(r.publicKey),n=Ya({e:o.e,kty:o.kty,n:o.n}),i=await this.hashString(n),s=await ua(r.privateKey),a=await async function(e,t,r){return window.crypto.subtle.importKey("jwk",e,aa,t,r)}(s,!1,["sign"]);return await this.cache.setItem(i,{privateKey:a,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri},e.correlationId),t&&t.end({success:!0}),i}async removeTokenBindingKey(e,t){await this.cache.removeItem(e,t);if(await this.cache.containsKey(e,t))throw Se(Ze,t)}async clearKeystore(e){this.cache.clearInMemory(e);try{return await this.cache.clearPersistent(e),!0}catch(t){return t instanceof Error?this.logger.error(`1owpn8 ${t.message}`,e):this.logger.error("0yrmwo",e),!1}}async signJwt(e,t,r,o){const n=this.performanceClient?.startMeasurement("cryptoOptsSignJwt",o),i=await this.cache.getItem(t,o||"");if(!i)throw ss(Hi,o||"");const s=await ua(i.publicKey),a=Ya(s),c=Gs(JSON.stringify({kid:t})),l=Gs(On.getShrHeaderString({...r?.header,alg:s.alg,kid:c}));e.cnf={jwk:JSON.parse(a)};const h=`${l}.${Gs(JSON.stringify(e))}`,d=(new TextEncoder).encode(h),u=await async function(e,t){return window.crypto.subtle.sign(aa,e,t)}(i.privateKey,d),g=`${h}.${Qs(new Uint8Array(u))}`;return n&&n.end({success:!0}),g}async hashString(e){return async function(e){const t=await ca(e);return Qs(new Uint8Array(t))}(e)}}function Ya(e){return JSON.stringify(e,Object.keys(e).sort())}Va.POP_KEY_USAGES=["sign","verify"],Va.EXTRACTABLE=!0;const Za="acquireTokenSilent",Xa="acquireTokenByCode",ec="acquireTokenPopup",tc="acquireTokenPreRedirect",rc="acquireTokenRedirect",oc="ssoSilent",nc="initializeClientApplication",ic="localStorageUpdated",sc="loadExternalTokens",ac="ssoCapable";var cc=Object.freeze({__proto__:null,AcquireTokenByCode:Xa,AcquireTokenPopup:ec,AcquireTokenPreRedirect:tc,AcquireTokenRedirect:rc,AcquireTokenSilent:Za,InitializeClientApplication:nc,LoadExternalTokens:sc,LocalStorageUpdated:ic,SsoCapable:ac,SsoSilent:oc,WaitForBridgeLateResponse:"waitForBridgeLateResponse"});const lc="msal",hc="browser",dc=`${lc}.${hc}.log.level`,uc=`${lc}.${hc}.log.pii`,gc=`${lc}.${hc}.performance.enabled`,pc=`${lc}.version`,mc="account.keys",fc="token.keys",yc=`${lc}.${hc}.sso.capable`;function Ic(e=3){return e<1?`${lc}.${mc}`:`${lc}.${e}.${mc}`}function wc(e,t=3){return t<1?`${lc}.${fc}.${e}`:`${lc}.${t}.${fc}.${e}`}const Cc=864e5,vc="Lax",kc="None";class Tc{initialize(){return Promise.resolve()}getItem(e){const t=encodeURIComponent(e),r=document.cookie.split(";");for(let e=0;e<r.length;e++){const o=r[e].trim(),n=o.indexOf("=");if((-1===n?o:o.substring(0,n))===t){const e=-1===n?"":o.substring(n+1);try{return decodeURIComponent(e)}catch{return e}}}return""}getUserData(){throw Se(ot,"")}setItem(e,t,r,o=!0,n=vc){let i=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${n};`;if(r){const e=function(e){const t=new Date,r=new Date(t.getTime()+e*Cc);return r.toUTCString()}(r);i+=`expires=${e};`}(o||n===kc)&&(i+="Secure;"),document.cookie=i}async setUserData(e,t,r){return Promise.reject(Se(ot,r))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach(e=>{const r=e.trim(),o=r.indexOf("="),n=-1===o?r:r.substring(0,o);try{t.push(decodeURIComponent(n))}catch{}}),t}containsKey(e){return this.getKeys().includes(e)}decryptData(){return Promise.resolve(null)}}function bc(e,t){const r=e.getItem(Ic(t));return r?JSON.parse(r):[]}function Ac(e,t,r){const o=t.getItem(wc(e,r));if(o){const e=JSON.parse(o);if(e&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("accessToken")&&e.hasOwnProperty("refreshToken"))return e}return{idToken:[],accessToken:[],refreshToken:[]}}function Sc(e){return e.hasOwnProperty("id")&&e.hasOwnProperty("nonce")&&e.hasOwnProperty("data")}const _c="msal.cache.encryption";class Ec{constructor(e,t,r){if(!window.localStorage)throw Aa(Ca,"");this.memoryStorage=new Ga,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel("msal.broadcast.cache")}async initialize(e){const t=new Tc,r=t.getItem(_c);let o={key:"",id:""};if(r)try{o=JSON.parse(r)}catch(e){}if(o.key&&o.id){const t=pr(cs,"base64Decode",this.logger,this.performanceClient,e)(o.key);this.encryptionCookie={id:o.id,key:await mr(fa,ii,this.logger,this.performanceClient,e)(t)}}else{const r=da(),o=await mr(ma,"generateBaseKey",this.logger,this.performanceClient,e)(),n=pr(Qs,"urlEncodeArr",this.logger,this.performanceClient,e)(new Uint8Array(o));this.encryptionCookie={id:r,key:await mr(fa,ii,this.logger,this.performanceClient,e)(o)};const i={id:r,key:n};t.setItem(_c,JSON.stringify(i),0,!0,kc)}await mr(this.importExistingCache.bind(this),"importExistingCache",this.logger,this.performanceClient,e)(e),this.broadcast.addEventListener("message",t=>{this.updateCache(t,e)}),this.initialized=!0}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw ss(Gi,"");return this.memoryStorage.getItem(e)}async decryptData(e,t,r){if(!this.initialized||!this.encryptionCookie)throw ss(Gi,"");if(t.id!==this.encryptionCookie.id)return this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},r),null;const o=await mr(wa,si,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t.nonce,this.getContext(e),t.data);if(!o)return null;try{return{...JSON.parse(o),lastUpdatedAt:t.lastUpdatedAt}}catch(e){return this.performanceClient.incrementFields({encryptedCacheCorruptionCount:1},r),null}}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r,o,n){if(!this.initialized||!this.encryptionCookie)throw ss(Gi,"");if(n)this.setItem(e,t);else{const{data:n,nonce:i}=await mr(Ia,"encrypt",this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:n,lastUpdatedAt:o};this.setItem(e,JSON.stringify(s))}this.memoryStorage.setItem(e,t),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear();bc(this).forEach(e=>this.removeItem(e));const e=Ac(this.clientId,this);e.idToken.forEach(e=>this.removeItem(e)),e.accessToken.forEach(e=>this.removeItem(e)),e.refreshToken.forEach(e=>this.removeItem(e)),this.getKeys().forEach(e=>{(e.startsWith(lc)||-1!==e.indexOf(this.clientId))&&this.removeItem(e)})}async importExistingCache(e){if(!this.encryptionCookie)return;let t=bc(this);t=await this.importArray(t,e),t.length?this.setItem(Ic(),JSON.stringify(t)):this.removeItem(Ic());const r=Ac(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),r.idToken.length||r.accessToken.length||r.refreshToken.length?this.setItem(wc(this.clientId),JSON.stringify(r)):this.removeItem(wc(this.clientId))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let o;try{o=JSON.parse(r)}catch(e){return null}return Sc(o)?o.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):(this.performanceClient.incrementFields({encryptedCacheCount:1},t),mr(wa,si,this.logger,this.performanceClient,t)(this.encryptionCookie.key,o.nonce,this.getContext(e),o.data)):(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),r)}async importArray(e,t){const r=[],o=[];return e.forEach(e=>{const n=this.getItemFromEncryptedCache(e,t).then(t=>{t?(this.memoryStorage.setItem(e,t),r.push(e)):this.removeItem(e)});o.push(n)}),await Promise.all(o),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e,t){this.logger.trace("17cxcm",t);const r=this.performanceClient.startMeasurement(ic);r.add({isBackground:!0});const{key:o,value:n,context:i}=e.data;return o?i&&i!==this.clientId?(this.logger.trace(`04rtdy ${i}`,t),void r.end({success:!1,errorCode:"contextMismatch"})):(n?(this.memoryStorage.setItem(o,n),this.logger.verbose("1vzsgt",t)):(this.memoryStorage.removeItem(o),this.logger.verbose("04ypih",t)),void r.end({success:!0})):(this.logger.error("0e10qr",t),void r.end({success:!1,errorCode:"noKey"}))}}class Pc{constructor(){if(!window.sessionStorage)throw Aa(Ca,"")}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}decryptData(){return Promise.resolve(null)}}const Rc={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_SUCCESS:"msal:loginSuccess",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",BROKERED_REQUEST_START:"msal:brokeredRequestStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",BROKERED_REQUEST_SUCCESS:"msal:brokeredRequestSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",BROKERED_REQUEST_FAILURE:"msal:brokeredRequestFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache",BROKER_CONNECTION_ESTABLISHED:"msal:brokerConnectionEstablished"},Oc="@azure/msal-browser",Mc="5.17.0";function xc(e,t){const r=e.indexOf(t);r>-1&&e.splice(r,1)}const qc="invalid",Nc="ttlExpired",Uc="decryptFailed",Lc="expired";class Fc extends Po{constructor(e,t,r,o,n,i,s){super(e,r,o,n,s),this.cacheConfig=t,this.logger=o,this.internalStorage=new Ga,this.browserStorage=Hc(e,t.cacheLocation,o,n),this.temporaryCacheStorage=Hc(e,Ss.SessionStorage,o,n),this.cookieStorage=new Tc,this.eventHandler=i}async initialize(e){this.performanceClient.addFields({cacheLocation:this.cacheConfig.cacheLocation,cacheRetentionDays:this.cacheConfig.cacheRetentionDays},e),await this.browserStorage.initialize(e),await this.migrateExistingCache(e),this.trackVersionChanges(e)}async migrateExistingCache(e){let t=bc(this.browserStorage),r=Ac(this.clientId,this.browserStorage);this.performanceClient.addFields({preMigrateAcntCount:t.length,preMigrateATCount:r.accessToken.length,preMigrateITCount:r.idToken.length,preMigrateRTCount:r.refreshToken.length},e);for(let t=0;t<3;t++){const r=t;await this.removeStaleAccounts(t,r,e)}for(let t=0;t<3;t++){const r=t;await this.migrateIdTokens(t,r,e)}const o=this.getKMSIValues();for(let t=0;t<3;t++)await this.migrateAccessTokens(t,o,e),await this.migrateRefreshTokens(t,o,e);t=bc(this.browserStorage),r=Ac(this.clientId,this.browserStorage),this.performanceClient.addFields({postMigrateAcntCount:t.length,postMigrateATCount:r.accessToken.length,postMigrateITCount:r.idToken.length,postMigrateRTCount:r.refreshToken.length},e)}async updateOldEntry(e,t){const r=this.browserStorage.getItem(e),o=this.validateAndParseJson(r||"");if(!o)return this.browserStorage.removeItem(e),{entry:null,removalReason:qc};if(o.lastUpdatedAt){if(vr(o.lastUpdatedAt,this.cacheConfig.cacheRetentionDays))return this.browserStorage.removeItem(e),{entry:null,removalReason:Nc}}else o.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(o),t);const n=Sc(o),i=n?await this.browserStorage.decryptData(e,o,t):o;return i?Sr(i)?(_r(i)||Er(i))&&i.expiresOn&&Cr(i.expiresOn,300)?(this.browserStorage.removeItem(e),{entry:null,removalReason:Lc}):{entry:i}:(this.browserStorage.removeItem(e),{entry:null,removalReason:qc}):(this.browserStorage.removeItem(e),{entry:null,removalReason:n?Uc:qc})}async removeStaleAccounts(e,t,r){const o=bc(this.browserStorage,e);if(0!==o.length){for(const e of[...o]){this.performanceClient.incrementFields({oldAcntCount:1},r);const n=this.browserStorage.getItem(e),i=this.validateAndParseJson(n||"");if(i)if(i.lastUpdatedAt){if(vr(i.lastUpdatedAt,this.cacheConfig.cacheRetentionDays))await this.removeAccountOldSchema(e,i,t,r),this.performanceClient.incrementFields({ttlExpiredAcntCount:1},r),xc(o,e);else if(Sc(i)){await this.browserStorage.decryptData(e,i,r)||(this.browserStorage.removeItem(e),this.performanceClient.incrementFields({decryptFailedAcntCount:1},r),xc(o,e))}}else i.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(i),r);else this.browserStorage.removeItem(e),this.performanceClient.incrementFields({invalidAcntCount:1},r),xc(o,e)}this.setAccountKeys(o,r,e)}}async removeAccountOldSchema(e,t,r,o){const n=Sc(t)?await this.browserStorage.decryptData(e,t,o):t,i=n?.homeAccountId;if(i){const e=this.getTokenKeys(r);[...e.idToken].filter(e=>e.includes(i)).forEach(t=>{this.browserStorage.removeItem(t),xc(e.idToken,t)}),[...e.accessToken].filter(e=>e.includes(i)).forEach(t=>{this.browserStorage.removeItem(t),xc(e.accessToken,t)}),[...e.refreshToken].filter(e=>e.includes(i)).forEach(t=>{this.browserStorage.removeItem(t),xc(e.refreshToken,t)}),this.setTokenKeys(e,o,r)}this.browserStorage.removeItem(e)}getKMSIValues(){const e={},t=this.getTokenKeys().idToken;for(const r of t){const t=this.browserStorage.getUserData(r);if(t){const r=JSON.parse(t),o=ht(r.secret,as,"");o&&(e[r.homeAccountId]=dt(o))}}return e}async migrateIdTokens(e,t,r){const o=Ac(this.clientId,this.browserStorage,e);if(0===o.idToken.length)return;const n=Ac(this.clientId,this.browserStorage,3),i=bc(this.browserStorage),s=bc(this.browserStorage,t);for(const e of[...o.idToken]){this.performanceClient.incrementFields({oldITCount:1},r);const t=await this.updateOldEntry(e,r),a=t.entry;if(!a){switch(t.removalReason){case Nc:this.performanceClient.incrementFields({ttlExpiredITCount:1},r);break;case Uc:this.performanceClient.incrementFields({decryptFailedITCount:1},r);break;case qc:this.performanceClient.incrementFields({invalidITCount:1},r)}xc(o.idToken,e);continue}const c=i.find(e=>e.includes(a.homeAccountId)),l=s.find(e=>e.includes(a.homeAccountId));let h=null;if(c)h=this.getAccount(c,r);else if(l){const e=this.browserStorage.getItem(l),t=this.validateAndParseJson(e||"");h=t&&Sc(t)?await this.browserStorage.decryptData(l,t,r):t}if(!h){this.performanceClient.incrementFields({skipITMigrateCount:1},r);continue}const d=ht(a.secret,as,r),u=this.generateCredentialKey(a),g=this.getIdTokenCredential(u,r),p=Object.keys(d).includes("signin_state"),m=g&&Object.keys(ht(g.secret,as,r)||{}).includes("signin_state");if(!g||a.lastUpdatedAt>g.lastUpdatedAt&&(p||!m)){const e=h.tenantProfiles||[],t=wt(d)||h.realm;if(t&&!e.find(e=>e.tenantId===t)){const r=gt(h.homeAccountId,h.localAccountId,t,h.nativeAccountId,d);e.push(r)}h.tenantProfiles=e;const o=this.generateAccountKey(vt(h)),s=dt(d);await this.setUserData(o,JSON.stringify(h),r,h.lastUpdatedAt,s),i.includes(o)||i.push(o),await this.setUserData(u,JSON.stringify(a),r,a.lastUpdatedAt,s),this.performanceClient.incrementFields({migratedITCount:1},r),n.idToken.includes(u)||n.idToken.push(u)}}this.setTokenKeys(o,r,e),this.setTokenKeys(n,r),this.setAccountKeys(i,r)}async migrateAccessTokens(e,t,r){const o=Ac(this.clientId,this.browserStorage,e);if(0===o.accessToken.length)return;const n=Ac(this.clientId,this.browserStorage,3);for(const e of[...o.accessToken]){this.performanceClient.incrementFields({oldATCount:1},r);const i=await this.updateOldEntry(e,r),s=i.entry;if(!s){switch(i.removalReason){case Nc:this.performanceClient.incrementFields({ttlExpiredATCount:1},r);break;case Uc:this.performanceClient.incrementFields({decryptFailedATCount:1},r);break;case Lc:this.performanceClient.incrementFields({expiredATCount:1},r);break;case qc:this.performanceClient.incrementFields({invalidATCount:1},r)}xc(o.accessToken,e);continue}if(!(s.homeAccountId in t)){this.performanceClient.incrementFields({skipATMigrateCount:1},r);continue}const a=this.generateCredentialKey(s),c=t[s.homeAccountId];if(n.accessToken.includes(a)){const e=this.getAccessTokenCredential(a,r);(!e||s.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(a,JSON.stringify(s),r,s.lastUpdatedAt,c),this.performanceClient.incrementFields({migratedATCount:1},r))}else await this.setUserData(a,JSON.stringify(s),r,s.lastUpdatedAt,c),this.performanceClient.incrementFields({migratedATCount:1},r),n.accessToken.push(a)}this.setTokenKeys(o,r,e),this.setTokenKeys(n,r)}async migrateRefreshTokens(e,t,r){const o=Ac(this.clientId,this.browserStorage,e);if(0===o.refreshToken.length)return;const n=Ac(this.clientId,this.browserStorage,3);for(const e of[...o.refreshToken]){this.performanceClient.incrementFields({oldRTCount:1},r);const i=await this.updateOldEntry(e,r),s=i.entry;if(!s){switch(i.removalReason){case Nc:this.performanceClient.incrementFields({ttlExpiredRTCount:1},r);break;case Uc:this.performanceClient.incrementFields({decryptFailedRTCount:1},r);break;case Lc:this.performanceClient.incrementFields({expiredRTCount:1},r);break;case qc:this.performanceClient.incrementFields({invalidRTCount:1},r)}xc(o.refreshToken,e);continue}if(!(s.homeAccountId in t)){this.performanceClient.incrementFields({skipRTMigrateCount:1},r);continue}const a=this.generateCredentialKey(s),c=t[s.homeAccountId];if(n.refreshToken.includes(a)){const e=this.getRefreshTokenCredential(a,r);(!e||s.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(a,JSON.stringify(s),r,s.lastUpdatedAt,c),this.performanceClient.incrementFields({migratedRTCount:1},r))}else await this.setUserData(a,JSON.stringify(s),r,s.lastUpdatedAt,c),this.performanceClient.incrementFields({migratedRTCount:1},r),n.refreshToken.push(a)}this.setTokenKeys(o,r,e),this.setTokenKeys(n,r)}trackVersionChanges(e){const t=this.browserStorage.getItem(pc);t&&(this.logger.info(`1wuc87 ${t}`,e),this.performanceClient.addGlobalFields({previousLibraryVersion:t})),t!==Mc&&this.setItem(pc,Mc,e)}validateAndParseJson(e){if(!e)return null;try{const t=JSON.parse(e);return t&&"object"==typeof t?t:null}catch(e){return null}}setItem(e,t,r){const o=new Array(4).fill(0),n=[];for(let i=0;i<=20;i++)try{if(this.browserStorage.setItem(e,t),i>0)for(let e=0;e<=3;e++){const t=o.slice(0,e).reduce((e,t)=>e+t,0);if(t>=i)break;const s=i>t+o[e]?t+o[e]:i;i>t&&o[e]>0&&this.removeAccessTokenKeys(n.slice(t,s),r,e)}break}catch(s){const a=Eo(s);if(!(a.errorCode===So&&i<20))throw a;if(!n.length)for(let r=0;r<=3;r++)if(e===wc(this.clientId,r)){const e=JSON.parse(t).accessToken;n.push(...e),o[r]=e.length}else{const e=this.getTokenKeys(r).accessToken;n.push(...e),o[r]=e.length}if(n.length<=i)throw a;this.removeAccessToken(n[i],r,!1)}}async setUserData(e,t,r,o,n){const i=new Array(4).fill(0),s=[];for(let a=0;a<=20;a++)try{if(await mr(this.browserStorage.setUserData.bind(this.browserStorage),"setUserData",this.logger,this.performanceClient,r)(e,t,r,o,n),a>0)for(let e=0;e<=3;e++){const t=i.slice(0,e).reduce((e,t)=>e+t,0);if(t>=a)break;const o=a>t+i[e]?t+i[e]:a;a>t&&i[e]>0&&this.removeAccessTokenKeys(s.slice(t,o),r,e)}break}catch(e){const t=Eo(e);if(!(t.errorCode===So&&a<20))throw t;if(!s.length)for(let e=0;e<=3;e++){const t=this.getTokenKeys(e).accessToken;s.push(...t),i[e]=t.length}if(s.length<=a)throw t;this.removeAccessToken(s[a],r,!1)}}getAccount(e,t){this.logger.trace("1lfvm6",t);const r=this.browserStorage.getUserData(e);if(!r)return this.removeAccountKeyFromMap(e,t),null;const o=this.validateAndParseJson(r);if(!(o&&(n=o,n&&n.hasOwnProperty("homeAccountId")&&n.hasOwnProperty("environment")&&n.hasOwnProperty("realm")&&n.hasOwnProperty("localAccountId")&&n.hasOwnProperty("username")&&n.hasOwnProperty("authorityType"))))return null;var n;const i=Po.toObject({},o);var s;return this.performanceClient.addFields({accountCachedBy:(s=i.cachedByApiId,"number"==typeof s&&s in Ds?Ds[s]:"unknown")},t),i}async setAccount(e,t,r,o){this.logger.trace("1bz3wr",t);const n=this.generateAccountKey(vt(e)),i=Date.now().toString();e.lastUpdatedAt=i,e.cachedByApiId=o,await this.setUserData(n,JSON.stringify(e),t,i,r),this.addAccountKeyToMap(n,t),this.performanceClient.addFields({kmsi:r},t)}setAccountKeys(e,t,r=3){0===e.length?this.removeItem(Ic(r)):this.setItem(Ic(r),JSON.stringify(e),t)}getAccountKeys(){return bc(this.browserStorage)}addAccountKeyToMap(e,t){this.logger.trace("0rb85k",t),this.logger.tracePii(`1l9bdo ${e}`,t);const r=this.getAccountKeys();return-1===r.indexOf(e)?(r.push(e),this.setItem(Ic(),JSON.stringify(r),t),this.logger.verbose("0xia39",t),!0):(this.logger.verbose("0161kk",t),!1)}removeAccountKeyFromMap(e,t){this.logger.trace("1jpigu",t),this.logger.tracePii(`1xzspl ${e}`,t);const r=this.getAccountKeys(),o=r.indexOf(e);o>-1?(r.splice(o,1),this.setAccountKeys(r,t)):this.logger.trace("1dytu2",t)}removeAccount(e,t){const r=this.getActiveAccount(t);r?.homeAccountId===e.homeAccountId&&r?.environment===e.environment&&this.setActiveAccount(null,t),super.removeAccount(e,t),this.removeAccountKeyFromMap(this.generateAccountKey(e),t),this.browserStorage.getKeys().forEach(t=>{t.includes(e.homeAccountId)&&t.includes(e.environment)&&this.browserStorage.removeItem(t)})}removeIdToken(e,t){super.removeIdToken(e,t);const r=this.getTokenKeys(),o=r.idToken.indexOf(e);o>-1&&(this.logger.info("05udv9",t),r.idToken.splice(o,1),this.setTokenKeys(r,t))}removeAccessToken(e,t,r=!0){super.removeAccessToken(e,t),r&&this.removeAccessTokenKeys([e],t)}removeAccessTokenKeys(e,t,r=3){this.logger.trace("17o18n",t);const o=this.getTokenKeys(r);let n=0;if(e.forEach(e=>{const t=o.accessToken.indexOf(e);t>-1&&(o.accessToken.splice(t,1),n++)}),n>0)return this.logger.info(`15i5d5 ${n}`,t),void this.setTokenKeys(o,t,r)}removeRefreshToken(e,t){super.removeRefreshToken(e,t);const r=this.getTokenKeys(),o=r.refreshToken.indexOf(e);o>-1&&(this.logger.info("1f4fq3",t),r.refreshToken.splice(o,1),this.setTokenKeys(r,t))}getTokenKeys(e=3){return Ac(this.clientId,this.browserStorage,e)}setTokenKeys(e,t,r=3){0!==e.idToken.length||0!==e.accessToken.length||0!==e.refreshToken.length?this.setItem(wc(this.clientId,r),JSON.stringify(e),t):this.removeItem(wc(this.clientId,r))}getIdTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("1jukz6",t),this.removeIdToken(e,t),null;const o=this.validateAndParseJson(r);return o&&((n=o)&&Sr(n)&&n.hasOwnProperty("realm")&&n.credentialType===Y.ID_TOKEN)?(this.logger.trace("01ju66",t),o):(this.logger.trace("1jukz6",t),null);var n}async setIdTokenCredential(e,t,r){this.logger.trace("13hjll",t);const o=this.generateCredentialKey(e),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(o,JSON.stringify(e),t,n,r);const i=this.getTokenKeys();-1===i.idToken.indexOf(o)&&(this.logger.info("07jy92",t),i.idToken.push(o),this.setTokenKeys(i,t))}getAccessTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0bqvx8",t),this.removeAccessTokenKeys([e],t),null;const o=this.validateAndParseJson(r);return o&&_r(o)?(this.logger.trace("1o81rl",t),o):(this.logger.trace("0bqvx8",t),null)}async setAccessTokenCredential(e,t,r){this.logger.trace("1pondb",t);const o=this.generateCredentialKey(e),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(o,JSON.stringify(e),t,n,r);const i=this.getTokenKeys(),s=i.accessToken.indexOf(o);-1!==s&&i.accessToken.splice(s,1),this.logger.trace("1onhey "+(-1===s?"added to":"updated in"),t),i.accessToken.push(o),this.setTokenKeys(i,t)}getRefreshTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0jlizt",t),this.removeRefreshToken(e,t),null;const o=this.validateAndParseJson(r);return o&&Er(o)?(this.logger.trace("0nokxi",t),o):(this.logger.trace("0jlizt",t),null)}async setRefreshTokenCredential(e,t,r){this.logger.trace("0tcg8d",t);const o=this.generateCredentialKey(e),n=Date.now().toString();e.lastUpdatedAt=n,await this.setUserData(o,JSON.stringify(e),t,n,r);const i=this.getTokenKeys();-1===i.refreshToken.indexOf(o)&&(this.logger.info("0eckjs",t),i.refreshToken.push(o),this.setTokenKeys(i,t))}getAppMetadata(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1q101h",t),null;const o=this.validateAndParseJson(r);return o&&(n=e,(i=o)&&0===n.indexOf(Z)&&i.hasOwnProperty("clientId")&&i.hasOwnProperty("environment"))?(this.logger.trace("19pvg2",t),o):(this.logger.trace("1q101h",t),null);var n,i}setAppMetadata(e,t){this.logger.trace("0cyma6",t);const r=function({environment:e,clientId:t}){return[Z,e,t].join("-").toLowerCase()}(e);this.setItem(r,JSON.stringify(e),t)}getServerTelemetry(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("0jk19c",t),null;const o=this.validateAndParseJson(r);return o&&function(e,t){const r=0===e.indexOf(se);let o=!0;return t&&(o=t.hasOwnProperty("failedRequests")&&t.hasOwnProperty("errors")&&t.hasOwnProperty("cacheHits")),r&&o}(e,o)?(this.logger.trace("12jguk",t),o):(this.logger.trace("0jk19c",t),null)}setServerTelemetry(e,t,r){this.logger.trace("1poh61",r),this.setItem(e,JSON.stringify(t),r)}getAuthorityMetadata(e,t){const r=this.internalStorage.getItem(e);if(!r)return this.logger.trace("1r39oe",t),null;const o=this.validateAndParseJson(r);return o&&function(e,t){return!!t&&0===e.indexOf(ee)&&t.hasOwnProperty("aliases")&&t.hasOwnProperty("preferred_cache")&&t.hasOwnProperty("preferred_network")&&t.hasOwnProperty("canonical_authority")&&t.hasOwnProperty("authorization_endpoint")&&t.hasOwnProperty("token_endpoint")&&t.hasOwnProperty("issuer")&&t.hasOwnProperty("aliasesFromNetwork")&&t.hasOwnProperty("endpointsFromNetwork")&&t.hasOwnProperty("expiresAt")&&t.hasOwnProperty("jwks_uri")}(e,o)?(this.logger.trace("1ohvk3",t),o):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter(e=>this.isAuthorityMetadata(e))}setWrapperMetadata(e,t){this.internalStorage.setItem(Ls,e),this.internalStorage.setItem(Fs,t)}getWrapperMetadata(){return[this.internalStorage.getItem(Ls)||"",this.internalStorage.getItem(Fs)||""]}setAuthorityMetadata(e,t,r){this.logger.trace("07w8n2",r),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(e){const t=this.generateCacheKey(N),r=this.browserStorage.getItem(t);if(!r)return this.logger.trace("08gw0e",e),null;const o=this.validateAndParseJson(r);return o?(this.logger.trace("1t3ch7",e),this.getAccountInfoFilteredBy({homeAccountId:o.homeAccountId,localAccountId:o.localAccountId,tenantId:o.tenantId},e)):(this.logger.trace("0me1up",e),null)}setActiveAccount(e,t){const r=this.generateCacheKey(N);if(e){this.logger.verbose("0rsj80",t);const o={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.setItem(r,JSON.stringify(o),t)}else this.logger.verbose("1bp5z5",t),this.browserStorage.removeItem(r);this.eventHandler.emitEvent(Rc.ACTIVE_ACCOUNT_CHANGED,t)}getThrottlingCache(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1h4wa6",t),null;const o=this.validateAndParseJson(r);return o&&function(e,t){let r=!1;e&&(r=0===e.indexOf(le));let o=!0;return t&&(o=t.hasOwnProperty("throttleTime")),r&&o}(e,o)?(this.logger.trace("0of6n8",t),o):(this.logger.trace("1h4wa6",t),null)}setThrottlingCache(e,t,r){this.logger.trace("0wfgh6",r),this.setItem(e,JSON.stringify(t),r)}getTemporaryCache(e,t,r){this.logger.trace("1ordf8",t);const o=r?this.generateCacheKey(e):e;return this.temporaryCacheStorage.getItem(o)}setTemporaryCache(e,t,r){const o=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(o,t)}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e)}getKeys(){return this.browserStorage.getKeys()}clear(e){this.removeAllAccounts(e),this.removeAppMetadata(e),this.temporaryCacheStorage.getKeys().forEach(e=>{-1===e.indexOf(lc)&&-1===e.indexOf(this.clientId)||this.removeTemporaryItem(e)}),this.browserStorage.getKeys().forEach(e=>{-1===e.indexOf(lc)&&-1===e.indexOf(this.clientId)||this.browserStorage.removeItem(e)}),this.internalStorage.clear()}generateCacheKey(e){return Yt.startsWith(e,lc)?e:`${lc}.${this.clientId}.${e}`}generateCredentialKey(e){const t=e.credentialType===Y.REFRESH_TOKEN&&e.familyId||e.clientId,r=e.tokenType&&e.tokenType.toLowerCase()!==ce.BEARER.toLowerCase()?e.tokenType.toLowerCase():"";return[`${lc}.3`,e.homeAccountId,e.environment,e.credentialType,t,e.realm||"",e.target||"",r].join("|").toLowerCase()}generateAccountKey(e){const t=e.homeAccountId.split(".")[1];return[`${lc}.3`,e.homeAccountId,e.environment,t||e.tenantId||""].join("|").toLowerCase()}resetRequestCache(e){this.logger.trace("0h0ynu",e),this.removeTemporaryItem(this.generateCacheKey(xs)),this.removeTemporaryItem(this.generateCacheKey(qs)),this.removeTemporaryItem(this.generateCacheKey(Os)),this.removeTemporaryItem(this.generateCacheKey(Ms)),this.removeTemporaryItem(this.generateCacheKey(Us)),this.setInteractionInProgress(!1,void 0)}cacheAuthorizeRequest(e,t,r){this.logger.trace("1tzef5",t);const o=Vs(JSON.stringify(e));if(this.setTemporaryCache(xs,o,!0),r){const e=Vs(r);this.setTemporaryCache(qs,e,!0)}}getCachedRequest(e){this.logger.trace("0uen20",e);const t=this.getTemporaryCache(xs,e,!0);if(!t)throw ss(Ri,"");const r=this.getTemporaryCache(qs,e,!0);let o,n="";try{o=JSON.parse(as(t)),r&&(n=as(r))}catch(r){throw this.logger.errorPii(`0ewsey ${t}`,e),this.logger.error(`0tvdic ${r}`,e),ss(Oi,"")}return[o,n]}getCachedNativeRequest(){this.logger.trace("1yxcdm","");const e=this.getTemporaryCache(Us,"",!0);if(!e)return this.logger.trace("0mnxd4",""),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("0rrkip",""),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress()?.clientId;return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${lc}.${Ns}`,t=this.getTemporaryCache(e,"",!1);try{return t?JSON.parse(t):null}catch(t){return this.logger.error("0jjyys",""),this.removeTemporaryItem(e),this.resetRequestCache(""),_a(window),null}}setInteractionInProgress(e,t=Ps,r=!1,o=""){const n=`${lc}.${Ns}`;if(e){const e=this.getInteractionInProgress();if(e){if(!r)throw ss(Ii,"");this.logger.warning(`1pmscr ${e.clientId} ${e.type}`,o),Ma(this.logger,o),this.removeTemporaryItem(n)}this.setTemporaryCache(n,JSON.stringify({clientId:this.clientId,type:t}),!1)}else e||this.getInteractionInProgress()?.clientId!==this.clientId||this.removeTemporaryItem(n)}async hydrateCache(e,t){const r=Tr(e.account.homeAccountId,e.account.environment,e.idToken,this.clientId,e.tenantId),o=br(e.account.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?Ir(e.expiresOn):0,e.extExpiresOn?Ir(e.extExpiresOn):0,as,t.correlationId||"",void 0,e.tokenType,void 0,t.sshKid);t.resource&&(o.resource=t.resource);const n={idToken:r,accessToken:o};return this.saveCacheRecord(n,e.correlationId,dt(ht(e.idToken,as,e.correlationId)),Hs.hydrateCache)}async saveCacheRecord(e,t,r,o,n){try{await super.saveCacheRecord(e,t,r,o,n)}catch(e){if(e instanceof _o&&this.performanceClient&&t)try{const e=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:e.refreshToken.length,cacheIdCount:e.idToken.length,cacheAtCount:e.accessToken.length},t)}catch(e){}throw e}}}function Hc(e,t,r,o){try{switch(t){case Ss.LocalStorage:return new Ec(e,r,o);case Ss.SessionStorage:return new Pc}}catch(e){r.error(e,"")}return new Ga}const Dc=(e,t,r,o)=>new Fc(e,{cacheLocation:Ss.MemoryStorage,cacheRetentionDays:5},wo,t,r,o);function $c(e,t,r,o,n){return e.verbose("1yd030",o),r?t.getAllAccounts(n,o):[]}function Kc(e,t,r,o){t.trace("0u7b90",o);const n=r.getAccountInfoFilteredBy(e,o);return n?(t.verbose("0btgll",o),n):(t.verbose("0ltaj5",o),null)}function Bc(e,t,r){t.setActiveAccount(e,r)}function zc(e,t){return e.getActiveAccount(t)}class jc{constructor(e){this.eventCallbacks=new Map,this.logger=e||new To({},Oc,Mc),"undefined"!=typeof BroadcastChannel&&(this.broadcastChannel=new BroadcastChannel("msal.broadcast.event")),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if("undefined"!=typeof window){const o=r||za();return this.eventCallbacks.has(o)?(this.logger.error(`1578i0 ${o}`,""),null):(this.eventCallbacks.set(o,[e,t||[]]),this.logger.verbose(`1cnec4 ${o}`,""),o)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose(`12zotd ${e}`,"")}emitEvent(e,t,r,o,n){const i={eventType:e,interactionType:r||null,payload:o||null,error:n||null,correlationId:t,timestamp:Date.now()};switch(e){case Rc.LOGIN_SUCCESS:case Rc.LOGOUT_SUCCESS:case Rc.ACTIVE_ACCOUNT_CHANGED:this.broadcastChannel?.postMessage(i)}this.invokeCallbacks(i)}invokeCallbacks(e){this.eventCallbacks.forEach(([t,r],o)=>{(0===r.length||r.includes(e.eventType))&&(this.logger.verbose(`15jpwk ${o} ${e.eventType}`,""),t.apply(null,[e]))})}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){this.broadcastChannel?.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){this.broadcastChannel?.removeEventListener("message",this.invokeCrossTabCallbacks)}}class Jc{constructor(e,t,r,o,n,i,s,a,c){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=n,this.navigationClient=i,this.platformAuthProvider=c,this.correlationId=a,this.logger=o.clone(Oc,Mc),this.performanceClient=s}}function Wc(e,t,r,o){r.verbose("0bd1la",o);const n=e||t||"";return Zt.getAbsoluteUrl(n,qa(),o)}function Gc(e,t,r,o,n,i,s=!0){if(n.verbose("1p12tq",r),!s)return n.verbose("0tajnr",r),new Fn;const a={clientId:t,correlationId:r,apiId:e,forceRefresh:!1,wrapperSKU:o.getWrapperMetadata()[0],wrapperVer:o.getWrapperMetadata()[1]};return new Ln(a,o)}async function Qc(e,t,r,o,n,i,s,a,c){const l=a&&a.hasOwnProperty("instance_aware")?a.instance_aware:void 0,h={protocolMode:e.system.protocolMode,OIDCOptions:e.auth.OIDCOptions,knownAuthorities:e.auth.knownAuthorities,cloudDiscoveryMetadata:e.auth.cloudDiscoveryMetadata,authorityMetadata:e.auth.authorityMetadata},d=i||e.auth.authority,u=l?.length?"true"===l:e.auth.instanceAware,g=c&&u?e.auth.authority.replace(Zt.getDomainFromUrl(d,t),c.environment):d,p=xr.generateAuthority(g,s||e.auth.azureCloudOptions),m=await mr(Ur,"authorityFactoryCreateDiscoveredInstance",n,r,t)(p,e.system.networkClient,o,h,n,t,r);if(c&&!m.isAlias(c.environment))throw _t(Jt,t);return m}async function Vc(e,t,r,o,n){if(n)try{e.removeAccount(n,o),r.verbose("0s4z6h",o)}catch(e){r.error("0mgg1d",o)}else try{r.verbose("0zj631",o),e.clear(o),await t.clearKeystore(o)}catch(e){r.error("12ih0c",o)}}async function Yc(e,t,r,o,n){const i=e.authority||t.auth.authority,s=[...e&&e.scopes||[]],a={...e,correlationId:e.correlationId,authority:i,scopes:s};if(a.authenticationScheme){if(a.authenticationScheme===ce.SSH){if(!e.sshJwk)throw _t(Dt,"");if(!e.sshKid)throw _t($t,"")}o.verbose(`1ecmns ${a.authenticationScheme}`,n)}else a.authenticationScheme=ce.BEARER,o.verbose("1l4fwv",n);return a}async function Zc(e,t,r,o,n){const i=await mr(Yc,Jn,n,o,e.correlationId)(e,r,o,n,e.correlationId);return{...e,...i,account:t,forceRefresh:e.forceRefresh||!1}}function Xc(e,t){let r;const o=e.httpMethod;if(t===Ct.EAR){if(o&&o!==b)throw _t(Wt,"");r=b}else r=o||T;return r}class el extends Jc{initializeLogoutRequest(e){this.logger.verbose("0546u4",this.correlationId);const t={correlationId:this.correlationId,...e};if(e)if(e.logoutHint)this.logger.verbose("12k4l4",this.correlationId);else if(e.account){const r=e.account.loginHint||this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("0d7s8p",this.correlationId),t.logoutHint=r)}else this.logger.verbose("0pdtc3",this.correlationId);else this.logger.verbose("07ndze",this.correlationId);return e&&null===e.postLogoutRedirectUri?this.logger.verbose("0ljv63",t.correlationId):e&&e.postLogoutRedirectUri?(this.logger.verbose("1vamm6",t.correlationId),t.postLogoutRedirectUri=Zt.getAbsoluteUrl(e.postLogoutRedirectUri,qa(),t.correlationId)):null===this.config.auth.postLogoutRedirectUri?this.logger.verbose("15m5g7",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("1f4xlz",t.correlationId),t.postLogoutRedirectUri=Zt.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,qa(),t.correlationId)):(this.logger.verbose("17s5rf",t.correlationId),t.postLogoutRedirectUri=Zt.getAbsoluteUrl(qa(),qa(),t.correlationId)),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return this.logger.verbose("0u5bmc",this.correlationId),t.login_hint;this.logger.verbose("0mvp54",this.correlationId)}else this.logger.verbose("1e7bdp",this.correlationId);return null}async createAuthCodeClient(e){const t=await mr(this.getClientConfiguration.bind(this),Yn,this.logger,this.performanceClient,this.correlationId)(e);return new An(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:r,requestAzureCloudOptions:o,requestExtraQueryParameters:n,account:i}=e,s=e.authority||await mr(Qc,Bn,this.logger,this.performanceClient,this.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,o,n,i),a=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:s,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri,isMcp:this.config.auth.isMcp},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:a.loggerCallback,piiLoggingEnabled:a.piiLoggingEnabled,logLevel:a.logLevel,correlationId:this.correlationId},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:gs,version:Mc,cpu:"",os:""},telemetry:this.config.telemetry}}}async function tl(e,t,r,o,n,i,s,a){const c=Wc(e.redirectUri,r.auth.redirectUri,i,a);new URL(c).origin!==new URL(window.location.href).origin&&(i.warning("08qbvw",a),s.addFields({isRedirectUriCrossOrigin:!0},a));const l={interactionType:t},h=dn(o,e&&e.state||"",l,a),d={...await mr(Yc,Jn,i,s,a)({...e,correlationId:a},r,s,i,a),redirectUri:c,state:h,nonce:e.nonce||da(),responseMode:r.auth.OIDCOptions.responseMode},u={...d,httpMethod:Xc(d,r.system.protocolMode)};if(e.loginHint||e.sid)return u;const g=e.account||n.getActiveAccount(a);return g&&(i.verbose("1eqlb3",a),i.verbosePii(`0tf99t ${g.homeAccountId}`,a),u.account=g),u}function rl(e,t,r,o){const n={id:t,...r},i=new URL(e,window.location.origin);if(i.origin!==window.location.origin)throw ss(_i,o,"popup_relay_cross_origin");const s=new URLSearchParams;return s.set("req",JSON.stringify(n)),i.hash=s.toString(),i.toString()}function ol(e,t,r,o){const n=fo(e);if(!n)throw mo(e)?(r.error(`13pl0s ${t} ${t}`,o),r.errorPii(`1097vx ${t} ${e}`,o),ss(mi,o)):(r.error(`18h0l1 ${t} ${t}`,o),ss(gi,o));return n}function nl(e,t,r,o){if(!e.state)throw ss(pi,o);const n=function(e,t,r){if(!t)return null;try{return un(e.base64Decode,t,r).libraryState.meta}catch(e){throw Se(Ne,r)}}(t,e.state,o);if(!n)throw ss(fi,o);if(n.interactionType!==r)throw ss(yi,o)}class il{constructor(e,t,r,o,n){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=o,this.performanceClient=n}async handleCodeResponse(e,t,r){let o;try{o=function(e,t,r){if(En(e,t,r),!e.code)throw Se(Ye,r);return e}(e,t.state,t.correlationId)}catch(e){throw e instanceof hn&&e.subError===ki?ss(ki,t.correlationId):e}return mr(this.handleCodeResponseFromServer.bind(this),lr,this.logger,this.performanceClient,t.correlationId)(o,t,r)}async handleCodeResponseFromServer(e,t,r,o=!0){if(this.logger.trace("0mf2hb",t.correlationId),this.authCodeRequest.code=e.code,o&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const e=this.createCcsCredentials(t);e&&(this.authCodeRequest.ccsCredential=e)}return await mr(this.authModule.acquireToken.bind(this.authModule),"authClientAcquireToken",this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,r,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:mn}:e.loginHint?{credential:e.loginHint,type:fn}:null}}class sl extends Te{constructor(e,t,r,o){super(e,t,r||ns(e)),Object.setPrototypeOf(this,sl.prototype),this.name="NativeAuthError",this.ext=o}}function al(e){if(e.ext&&e.ext.status&&"DISABLED"===e.ext.status)return!0;if(e.ext&&e.ext.error&&-2147186943===e.ext.error)return!0;switch(e.errorCode){case"ContentError":case"PageException":return!0;default:return!1}}function cl(e,t,r,o){let n;if(o&&o.status){switch(o.status){case"ACCOUNT_UNAVAILABLE":n=ln(Qo,t,ns(e));break;case"USER_INTERACTION_REQUIRED":n=new an(e,t,r);break;case"USER_CANCEL":n=ss(ki,t);break;case"NO_NETWORK":n=ss(qi,t);break;case"UI_NOT_ALLOWED":n=ln(Yo,t);break;default:n=new sl(e,t,r,o)}return n}return n=new sl(e,t,r,o),n}class ll extends el{async acquireToken(e){const t=Gc(Hs.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),r=await mr(this.getClientConfiguration.bind(this),Yn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),o=new Hn(r,this.performanceClient);this.logger.verbose("0wa871",this.correlationId);try{const t=(await mr(o.acquireCachedToken.bind(o),"silentFlowClientAcquireCachedToken",this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),t}catch(e){throw e instanceof is&&e.errorCode===Hi&&this.logger.verbose("06wena",this.correlationId),e}}logout(e){this.logger.verbose("1rkurh",this.correlationId);const t=this.initializeLogoutRequest(e);return Vc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account)}}class hl extends Jc{constructor(e,t,r,o,n,i,s,a,c,l,h,d){super(e,t,r,o,n,i,a,d,c),this.apiId=s,this.accountId=l,this.platformAuthProvider=c,this.nativeStorageManager=h,this.silentCacheClient=new ll(e,this.nativeStorageManager,r,o,n,i,a,d,c);const u=this.platformAuthProvider.getExtensionName();this.skus=Ln.makeExtraSkuString({libraryName:gs,libraryVersion:Mc,extensionName:u,extensionVersion:this.platformAuthProvider.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[s]:this.skus}}async acquireToken(e,t){this.logger.trace("03qeos",this.correlationId);const r=this.performanceClient.startMeasurement(zn,this.correlationId),o=yr(),n=Gc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled);try{const i=await this.initializePlatformRequest(e);try{const e=await this.acquireTokensFromCache(this.accountId,i);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),e}catch(e){if(t===Js.AccessToken)throw this.logger.info("0eitbc",this.correlationId),r.end({success:!1,brokerErrorCode:"cache_request_failed"}),e;this.logger.info("0957j1",this.correlationId)}const s=await this.platformAuthProvider.sendMessage(i);return await this.handleNativeResponse(s,i,o).then(e=>(r.end({success:!0,isNativeBroker:!0,requestId:e.requestId}),n.clearNativeBrokerErrorCode(),e)).catch(e=>{throw r.end({success:!1,errorCode:e.errorCode,subErrorCode:e.subError}),e})}catch(e){throw e instanceof sl&&n.setNativeBrokerErrorCode(e.errorCode),r.end({success:!1}),e}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:Lr.fromString(e.scope,this.correlationId).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("1ndf3e",this.correlationId),Se(We,this.correlationId);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e},this.correlationId);if(!r)throw Se(We,this.correlationId);try{const e=this.createSilentCacheRequest(t,r),o=await this.silentCacheClient.acquireToken(e),n=this.browserStorage.getIdToken(r,this.correlationId,this.browserStorage.getTokenKeys(),r.tenantId),i=ht(n?.secret||"",as,this.correlationId),s=pt(r,void 0,i,n?.secret);return{...o,idToken:n?.secret||"",idTokenClaims:i,account:s}}catch(e){throw e}}async acquireTokenRedirect(e,t,r){this.logger.trace("0luikq",this.correlationId);const o=await this.initializePlatformRequest(e),n=r?.navigateToLoginRequestUrl??!0;try{await this.platformAuthProvider.sendMessage(o)}catch(e){if(e instanceof sl){if(Gc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled).setNativeBrokerErrorCode(e.errorCode),al(e))throw e}}this.browserStorage.setTemporaryCache(Us,JSON.stringify(o),!0);const i={apiId:Hs.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},s=n?Zt.getAbsoluteUrl(e.redirectStartPage||window.location.href,qa(),this.correlationId):Wc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId);t.end({success:!0}),await this.navigationClient.navigateExternal(s,i)}async handleRedirectPromise(){if(this.logger.trace("1c5lhw",this.correlationId),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",this.correlationId),null;const e=this.browserStorage.getCachedNativeRequest();if(!e)return this.logger.verbose("0a6zjb",this.correlationId),this.performanceClient?.addFields({errorCode:"no_cached_request"},this.correlationId),null;const{prompt:t,...r}=e;t&&this.logger.verbose("0ac34v",this.correlationId),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Us));const o=yr();try{this.logger.verbose("003x5a",this.correlationId);const e=await this.platformAuthProvider.sendMessage(r),t=await this.handleNativeResponse(e,r,o);return Gc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled).clearNativeBrokerErrorCode(),this.performanceClient?.addFields({isNativeBroker:!0},this.correlationId),t}catch(e){throw e}}logout(){return this.logger.trace("0u2sjm",this.correlationId),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){this.logger.trace("1bojln",this.correlationId);const o=ht(e.id_token,as,this.correlationId),n=this.createHomeAccountIdentifier(e,o),i=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId},this.correlationId)?.homeAccountId;if(t.extraParameters?.child_client_id&&e.account.id!==t.accountId)this.logger.info("1ub1in",this.correlationId);else if(n!==i&&e.account.id!==t.accountId)throw cl("user_switch",this.correlationId);const s=await Qc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t.authority),a=pn(this.browserStorage,s,n,as,this.correlationId,o,e.client_info,s.getPreferredCache(),o.tid,void 0,e.account.id,this.logger,this.performanceClient);e.expires_in=Number(e.expires_in);const c=await this.generateAuthenticationResult(e,t,o,a,s.canonicalAuthority,r);return await this.cacheAccount(a,dt(o)),await this.cacheNativeTokens(e,t,n,o,c.tenantId,r,s.getPreferredCache()),c}createHomeAccountIdentifier(e,t){return Tt(e.client_info||"",mt,this.logger,this.browserCrypto,this.correlationId,t)}generateScopes(e,t){return t?Lr.fromString(t,this.correlationId):Lr.fromString(e,this.correlationId)}async generatePopAccessToken(e,t){if(t.tokenType===ce.POP&&t.signPopToken){if(e.shr)return this.logger.trace("0coqhu",this.correlationId),e.shr;const r=new Wo(this.browserCrypto,this.performanceClient),o={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce,correlationId:this.correlationId};if(!t.keyId)throw Se(et,this.correlationId);return r.signPopToken(e.access_token,t.keyId,o)}return e.access_token}async generateAuthenticationResult(e,t,r,o,n,i){const s=this.addTelemetryFromNativeResponse(e.properties.MATS),a=this.generateScopes(t.scope,e.scope),c=e.account.properties||{},l=c.UID||r.oid||r.sub||"",h=c.TenantId||r.tid||"",d=pt(vt(o),void 0,r,e.id_token);if(d.nativeAccountId!==e.account.id){d.nativeAccountId=e.account.id;const t=h||d.tenantId,r=d.tenantProfiles?.get(t);r&&(r.nativeAccountId=e.account.id)}const u=await this.generatePopAccessToken(e,t),g=t.tokenType===ce.POP?ce.POP:ce.BEARER;return{authority:n,uniqueId:l,tenantId:h,scopes:a.asArray(),account:d,idToken:e.id_token,idTokenClaims:r,accessToken:u,fromCache:!!s&&this.isResponseFromCache(s),expiresOn:wr(i+e.expires_in),tokenType:g,correlationId:this.correlationId,state:e.state,fromPlatformBroker:!0,...t.resource&&{resource:t.resource}}}async cacheAccount(e,t){await this.browserStorage.setAccount(e,this.correlationId,t,this.apiId),this.browserStorage.removeAccountContext(vt(e),this.correlationId)}async cacheNativeTokens(e,t,r,o,n,i,s){const a=Tr(r,s,e.id_token||"",t.clientId,o.tid||""),c=i+(t.tokenType===ce.POP?240:("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0),l=this.generateScopes(e.scope,t.scope),h=br(r,s,e.access_token,t.clientId,o.tid||n,l.printScopes(),c,0,as,t.correlationId,void 0,t.tokenType,void 0,t.keyId);a&&!1!==t.storeInCache?.idToken&&await this.browserStorage.setIdTokenCredential(a,this.correlationId,dt(o));const d={accessToken:h};return this.nativeStorageManager.saveCacheRecord(d,this.correlationId,dt(o),this.apiId,t.storeInCache)}getExpiresInValue(e,t){return e===ce.POP?240:("string"==typeof t?parseInt(t,10):t)||0}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.platformAuthProvider.getExtensionId(),extensionVersion:this.platformAuthProvider.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}getMATSFromResponse(e){if(e)try{return JSON.parse(e)}catch(e){this.logger.error("0b3l57",this.correlationId)}return null}isResponseFromCache(e){return void 0===e.is_cached?(this.logger.verbose("1okqev",this.correlationId),!1):!!e.is_cached}async initializePlatformRequest(e){this.logger.trace("1xdm2a",this.correlationId);const t=await this.getCanonicalAuthority(e),r=e.skipBrokerClaims&&e.embeddedClientId?void 0:this.config.auth.clientCapabilities,{scopes:o,claims:n,...i}=e,s=new Lr(o||[],this.correlationId);s.appendScopes(A);const a={...i,claims:ao(n,r?.length?r:void 0),accountId:this.accountId,clientId:this.config.auth.clientId,authority:t.urlString,scope:s.printScopes(),redirectUri:Wc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId),prompt:this.getPrompt(e.prompt),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraParameters},extendedExpiryToken:!1,keyId:e.popKid};if(a.signPopToken&&e.popKid)throw ss(Yi,this.correlationId);if(this.handleExtraBrokerParams(a),a.extraParameters=a.extraParameters||{},a.extraParameters.telemetry=fs,e.authenticationScheme===ce.POP){const t={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce,correlationId:this.correlationId},r=new Wo(this.browserCrypto,this.performanceClient);let o;if(a.keyId)o=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:a.keyId})),a.signPopToken=!1;else{const e=await mr(r.generateCnf.bind(r),hr,this.logger,this.performanceClient,this.correlationId)(t,this.logger);o=e.reqCnfString,a.keyId=e.kid,a.signPopToken=!0}a.reqCnf=o}return this.addRequestSKUs(a),a}async getCanonicalAuthority(e){const t=e.authority||this.config.auth.authority,{azureCloudOptions:r,account:o}=e;o&&await Qc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t,r,void 0,o);const n=new Zt(t,this.correlationId);return n.validateAsUri(),n}getPrompt(e){switch(this.apiId){case Hs.ssoSilent:case Hs.acquireTokenSilent_silentFlow:return this.logger.trace("12n1y2",this.correlationId),z.NONE}if(e)switch(e){case z.NONE:case z.CONSENT:case z.LOGIN:return this.logger.trace("0i0hco",this.correlationId),e;default:throw this.logger.trace(`0w3tpw ${e}`,this.correlationId),ss(Qi,this.correlationId)}else this.logger.trace("0uid1p",this.correlationId)}handleExtraBrokerParams(e){const r=e.extraParameters&&e.extraParameters.hasOwnProperty(a)&&e.extraParameters.hasOwnProperty(c)&&e.extraParameters.hasOwnProperty(t);if(!e.embeddedClientId&&!r)return;let o="";const n=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,o=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[c],o=e.extraParameters[t]),e.extraParameters={child_client_id:o,child_redirect_uri:n},this.performanceClient?.addFields({embeddedClientId:o,embeddedRedirectUri:n},this.correlationId)}}const dl=new Map([["e","AAD"],["m","MSA"]]);function ul(e,t,r){const o=function(e){if(!e)return null;try{const t=(/%(?:[0-9A-Fa-f]{2})/.test(e)?decodeURIComponent(e):e).split("|");return t.length<5?null:{accountType:dl.get(t[0]?.trim()||"")||"",error:t[1]?.trim()||"",subError:t[2]?.trim()||"",cloudInstance:t[3]?.trim()||"",callerDataBoundary:t[4]?.trim()||""}}catch{return null}}(e.clientdata);o?.accountType&&r.addFields({accountType:o.accountType},t),o?.error&&r.addFields({serverErrorNo:o.error},t),o?.subError&&r.addFields({serverSubErrorNo:o.subError},t)}async function gl(e,t,r,o,n){const i=Sn({...e.auth,authority:t},r,o,n);if(Qr(i,{sku:gs,version:Mc,os:"",cpu:""}),e.system.protocolMode!==Ct.OIDC&&Vr(i,e.telemetry.application),r.platformBroker&&(function(e){e.set("nativebroker","1")}(i),n.addFields({isPlatformAuthorizeRequest:!0},r.correlationId),r.authenticationScheme===ce.POP)){const e=new Va(o,n),t=new Wo(e,n);let s;if(r.popKid)s=e.encodeKid(r.popKid);else{s=(await mr(t.generateCnf.bind(t),hr,o,n,r.correlationId)(r,o)).reqCnfString}co(i,s)}return Fr(i,r.correlationId,n),i}async function pl(e,t,r,o,n){if(!r.codeChallenge)throw _t(Ut,r.correlationId);const i=await mr(gl,"getStandardParams",o,n,r.correlationId)(e,t,r,o,n);return Hr(i,j),Zr(i,r.codeChallenge,I),io(i,{...r.extraQueryParameters,...r.extraParameters}),_n(t,i)}async function ml(e,t,r,o,n){if(!r.earJwk)throw ss(li,r.correlationId);const i=await gl(e,t,r,o,n);Hr(i,J),function(e,t){e.set("ear_jwk",encodeURIComponent(t)),e.set("ear_jwe_crypto","eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}(i,r.earJwk),Zr(i,r.codeChallenge,I),io(i,{...r.extraParameters});const s=new Map;io(s,r.extraQueryParameters||{}),Gr(s,r.correlationId);return{action:_n(t,s),fields:Object.fromEntries(i)}}async function fl(e,t,r,o,n,i){const{action:s,fields:a}=await ml(t,r,o,n,i);return wl(e,s,a)}async function yl(e,t,r,o,n){const i=await gl(e,t,r,o,n);Hr(i,j),Zr(i,r.codeChallenge,r.codeChallengeMethod||I),io(i,{...r.extraParameters});const s=new Map;io(s,r.extraQueryParameters||{}),Gr(s,r.correlationId);return{action:_n(t,s),fields:Object.fromEntries(i)}}async function Il(e,t,r,o,n,i){const{action:s,fields:a}=await yl(t,r,o,n,i);return wl(e,s,a)}function wl(e,t,r){const o=e.createElement("form");return o.method="post",o.action=t,Object.keys(r).forEach(t=>{const n=e.createElement("input");n.hidden=!0,n.name=t,n.value=r[t],o.appendChild(n)}),e.body.appendChild(o),o}async function Cl(e,t,r,o,n,i,s,a,c,l){if(a.verbose("11qcow",e.correlationId),!l)throw ss(Wi,e.correlationId);const h=new Va(a,c),d=new hl(o,n,h,a,s,o.system.navigationClient,r,c,l,t,i,e.correlationId),{userRequestState:u}=un(h.base64Decode,e.state,e.correlationId);return mr(d.acquireToken.bind(d),zn,a,c,e.correlationId)({...e,state:u,prompt:void 0})}async function vl(e,t,r,o,n,i,s,a,c,l,h,d){if(wn.removeThrottle(s,n.auth.clientId,e),ul(t,e.correlationId,h),t.accountId)return mr(Cl,ei,l,h,e.correlationId)(e,t.accountId,o,n,s,a,c,l,h,d);const u={...e,code:t.code||"",codeVerifier:r},g=new il(i,s,u,l,h);return await mr(g.handleCodeResponse.bind(g),"handleCodeResponse",l,h,e.correlationId)(t,e,o)}async function kl(e,t,r,o,n,i,s,a,c,l,h){if(wn.removeThrottle(i,o.auth.clientId,e),ul(t,e.correlationId,l),En(t,e.state,e.correlationId),!t.ear_jwe)throw ss(hi,e.correlationId);if(!e.earJwk)throw ss(li,e.correlationId);const d=JSON.parse(await mr(pa,"decryptEarResponse",c,l,e.correlationId)(e.earJwk,t.ear_jwe));if(d.accountId)return mr(Cl,ei,c,l,e.correlationId)(e,d.accountId,r,o,i,s,a,c,l,h);const u=new gn(o.auth.clientId,i,new Va(c,l),c,l,null,null);u.validateTokenResponse(d,e.correlationId);const g={code:"",state:e.state,nonce:e.nonce,client_info:d.client_info,cloud_graph_host_name:d.cloud_graph_host_name,cloud_instance_host_name:d.cloud_instance_host_name,cloud_instance_name:d.cloud_instance_name,msgraph_host:d.msgraph_host};return await mr(u.handleServerTokenResponse.bind(u),dr,c,l,e.correlationId)(d,n,yr(),e,r,g,void 0,void 0,void 0,void 0)}async function Tl(e,t,r){const o=pr(bl,"generateCodeVerifier",t,e,r)(e,t,r);return{verifier:o,challenge:await mr(Al,"generateCodeChallengeFromVerifier",t,e,r)(o,e,t,r)}}function bl(e,t,r){try{const o=new Uint8Array(32);pr(la,"getRandomValues",t,e,r)(o);return Qs(o)}catch(e){throw ss(ci,r)}}async function Al(e,t,r,o){try{const n=await mr(ca,"sha256Digest",r,t,o)(e);return Qs(new Uint8Array(n))}catch(e){throw ss(ci,o)}}class Sl{navigateInternal(e,t){return Sl.defaultNavigateWindow(e,t)}navigateExternal(e,t){return Sl.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise((e,r)=>{setTimeout(()=>{r(ss(ts,"","failed_to_redirect"))},t.timeout)})}}class _l{async sendGetRequestAsync(e,t){let r,o={},n=0;const i=El(t);try{r=await fetch(e,{method:_s,headers:i})}catch(e){throw vn(ss(window.navigator.onLine?Ui:qi,""),void 0,void 0,e)}o=Pl(r.headers);try{return n=r.status,{headers:o,body:await r.json(),status:n}}catch(e){throw vn(ss(Li,""),n,o,e)}}async sendPostRequestAsync(e,t){const r=t&&t.body||"",o=El(t);let n,i=0,s={};try{n=await fetch(e,{method:Es,headers:o,body:r})}catch(e){throw vn(ss(window.navigator.onLine?Ni:qi,""),void 0,void 0,e)}s=Pl(n.headers);try{return i=n.status,{headers:s,body:await n.json(),status:i}}catch(e){throw vn(ss(Li,""),i,s,e)}}}function El(e){try{const t=new Headers;if(!e||!e.headers)return t;const r=e.headers;return Object.entries(r).forEach(([e,r])=>{t.append(e,r)}),t}catch(e){throw vn(ss(Zi,""),void 0,void 0,e)}}function Pl(e){try{const t={};return e.forEach((e,r)=>{t[r]=e}),t}catch(e){throw ss(Xi,"")}}function Rl({auth:t,cache:r,system:o,experimental:n,telemetry:i},s){const a={clientId:"",authority:`${h}`,knownAuthorities:[],cloudDiscoveryMetadata:"",authorityMetadata:"",redirectUri:"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:"",postLogoutRedirectUri:"",popupRelayUri:"",clientCapabilities:[],OIDCOptions:{responseMode:W.FRAGMENT,defaultScopes:[m,f,y]},azureCloudOptions:{azureCloudInstance:ir.None,tenant:""},instanceAware:!1,isMcp:!1,verifySSO:!1},c={cacheLocation:Ss.SessionStorage,cacheRetentionDays:5},l={loggerCallback:()=>{},logLevel:e.LogLevel.Info,piiLoggingEnabled:!1},d={...{...Uo,loggerOptions:l,networkClient:s?new _l:Dn,navigationClient:new Sl,popupBridgeTimeout:o?.popupBridgeTimeout||6e4,iframeBridgeTimeout:o?.iframeBridgeTimeout||1e4,redirectNavigationTimeout:3e4,allowRedirectInIframe:!1,navigatePopups:!0,allowPlatformBroker:!1,nativeBrokerHandshakeTimeout:o?.nativeBrokerHandshakeTimeout||2e3,protocolMode:Ct.AAD,serverTelemetryEnabled:!1},...o,loggerOptions:o?.loggerOptions||l},u={application:{appName:"",appVersion:""},client:new No};if(o?.protocolMode!==Ct.OIDC&&t?.OIDCOptions){new To(d.loggerOptions,Oc,Mc).warning(JSON.stringify(_t(zt,"")),"")}if(o?.protocolMode&&o.protocolMode===Ct.OIDC&&d?.allowPlatformBroker)throw _t(jt,"");return{auth:{...a,...t,OIDCOptions:{...a.OIDCOptions,...t?.OIDCOptions}},cache:{...c,...r},system:d,experimental:{iframeTimeoutTelemetry:!1,allowPlatformBrokerWithDOM:!1,...n},telemetry:{...u,...i}}}class Ol{constructor(e,t,r,o){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=o,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=this.performanceClient.startMeasurement("nativeMessageHandlerHandshake"),this.platformAuthType=vs}async sendMessage(e){this.logger.trace(`0on4p2 ${this.platformAuthType}`,e.correlationId);const t={method:bs,request:e},r={channel:ps,extensionId:this.extensionId,responseId:da(),body:t};this.logger.trace(`1qadfi ${this.platformAuthType}`,e.correlationId),this.logger.tracePii(`1xm533 ${this.platformAuthType} ${JSON.stringify(r)}`,e.correlationId),this.messageChannel.port1.postMessage(r);const o=await new Promise((e,t)=>{this.resolvers.set(r.responseId,{resolve:e,reject:t})});return this.validatePlatformBrokerResponse(o)}static async createProvider(e,t,r,o){e.trace("15zfnw",o);try{const n=new Ol(e,t,r,ms);return await n.sendHandshakeRequest(o),n}catch(n){const i=new Ol(e,t,r);return await i.sendHandshakeRequest(o),i}}async sendHandshakeRequest(e){this.logger.trace(`1dpg9o ${this.platformAuthType}`,e),window.addEventListener("message",this.windowListener,!1);const t={channel:ps,extensionId:this.extensionId,responseId:da(),body:{method:ks}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=e=>{this.onChannelMessage(e)},window.postMessage(t,window.origin,[this.messageChannel.port2]),new Promise((e,r)=>{this.handshakeResolvers.set(t.responseId,{resolve:e,reject:r}),this.timeoutId=window.setTimeout(()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(ss(ji,"")),this.handshakeResolvers.delete(t.responseId)},this.handshakeTimeoutMs)})}onWindowMessage(e){const t=za();if(this.logger.trace(`0jpn5u ${this.platformAuthType}`,t),e.source!==window)return;const r=e.data;if(r.channel&&r.channel===ps&&(!r.extensionId||r.extensionId===this.extensionId)&&r.body.method===ks){const e=this.handshakeResolvers.get(r.responseId);if(!e)return void this.logger.trace(`07buhm ${this.platformAuthType} ${r.responseId}`,t);this.logger.verbose(r.extensionId?`0xrkug ${r.extensionId}`:"No extension installed",t),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),e.reject(ss(Ji,""))}}onChannelMessage(e){const t=za();this.logger.trace(`1py8yf ${this.platformAuthType}`,t);const r=e.data,o=this.resolvers.get(r.responseId),n=this.handshakeResolvers.get(r.responseId);try{const e=r.body.method;if(e===As){if(!o)return;const e=r.body.response;if(this.logger.trace(`19hpgm ${this.platformAuthType}`,t),this.logger.tracePii(`179a24 ${this.platformAuthType} ${JSON.stringify(e)}`,t),"Success"!==e.status)o.reject(cl(e.code,t,e.description,e.ext));else{if(!e.result)throw be(bt,t,"Event does not contain result.");e.result.code&&e.result.description?o.reject(cl(e.result.code,t,e.result.description,e.result.ext)):o.resolve(e.result)}this.resolvers.delete(r.responseId)}else if(e===Ts){if(!n)return void this.logger.trace(`082qnt ${this.platformAuthType} ${r.responseId}`,t);clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=r.extensionId,this.extensionVersion=r.body.version,this.logger.verbose(`0yf5ib ${this.platformAuthType} ${this.extensionId}`,t),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),n.resolve(),this.handshakeResolvers.delete(r.responseId)}}catch(r){this.logger.error("0xf978",t),this.logger.errorPii(`04i99o ${r}`,t),this.logger.errorPii(`0xdvsy ${e}`,t),o?o.reject(r):n&&n.reject(r)}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw be(bt,"","Response missing expected properties.")}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}getExtensionName(){return this.getExtensionId()===ms?"chrome":this.getExtensionId()?.length?"unknown":void 0}}class Ml{constructor(e,t,r){this.logger=e,this.performanceClient=t,this.correlationId=r,this.platformAuthType=Cs}static async createProvider(e,t,r){if(e.trace("12mj4a",r),window.navigator?.platformAuthentication){const o=await window.navigator.platformAuthentication.getSupportedContracts(ys);if(o?.includes(ws))return e.trace("1h5q1r",r),new Ml(e,t,r)}}getExtensionId(){return ys}getExtensionVersion(){return""}getExtensionName(){return Is}async sendMessage(e){this.logger.trace(`02bcil ${this.platformAuthType}`,e.correlationId);try{const t=this.initializePlatformDOMRequest(e),r=await window.navigator.platformAuthentication.executeGetToken(t);return this.validatePlatformBrokerResponse(r,e.correlationId)}catch(t){throw this.logger.error(`11im7g ${this.platformAuthType}`,e.correlationId),t}}initializePlatformDOMRequest(e){this.logger.trace(`15d6yv ${this.platformAuthType}`,e.correlationId);const{accountId:t,clientId:r,authority:o,scope:n,redirectUri:i,correlationId:s,state:a,storeInCache:c,embeddedClientId:l,extraParameters:h,...d}=e,u=this.getDOMExtraParams(d,s);return{accountId:t,brokerId:this.getExtensionId(),authority:o,clientId:r,correlationId:s||this.correlationId,extraParameters:{...h,...u},isSecurityTokenService:!1,redirectUri:i,scope:n,state:a,storeInCache:c,embeddedClientId:l}}validatePlatformBrokerResponse(e,t){if(e.hasOwnProperty("isSuccess")){if(e.hasOwnProperty("accessToken")&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("clientInfo")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scopes")&&e.hasOwnProperty("expiresIn"))return this.logger.trace(`0h4vei ${this.platformAuthType}`,t),this.convertToPlatformBrokerResponse(e,t);if(e.hasOwnProperty("error")){const r=e;if(!1===r.isSuccess&&r.error&&r.error.code)throw this.logger.trace(`0g92vm ${this.platformAuthType}`,t),cl(r.error.code,t,r.error.description,{error:parseInt(r.error.errorCode),protocol_error:r.error.protocolError,status:r.error.status,properties:r.error.properties})}}throw be(bt,t,"Response missing expected properties.")}convertToPlatformBrokerResponse(e,t){this.logger.trace(`14913t ${this.platformAuthType}`,t);return{access_token:e.accessToken,id_token:e.idToken,client_info:e.clientInfo,account:e.account,expires_in:e.expiresIn,scope:e.scopes,state:e.state||"",properties:e.properties||{},extendedLifetimeToken:e.extendedLifetimeToken??!1,shr:e.proofOfPossessionPayload}}getDOMExtraParams(e,t){try{const t={};for(const[r,o]of Object.entries(e))o&&(t[r]="object"==typeof o?JSON.stringify(o):String(o));return t}catch(e){return this.logger.error(`0eu9o3 ${this.platformAuthType}`,t),this.logger.errorPii(`17rpl5 ${this.platformAuthType} ${e}`,t),{}}}}async function xl(e,t,r,o,n){let i;e.trace("134j0v",r),e.trace(`04c81g ${n}`,r);try{n&&(i=await Ml.createProvider(e,t,r)),i||(e.trace("0l3na8",r),i=await Ol.createProvider(e,o||2e3,t,r))}catch(t){e.trace("0icbd7",t)}return i}function ql(e,t,r,o,n){if(t.trace("0uko3r",r),!e.system.allowPlatformBroker&&e.experimental.allowPlatformBrokerWithDOM)throw _t(Gt,"");if(!e.system.allowPlatformBroker)return t.trace("04hozs",r),!1;if(!o)return t.trace("0kvv1r",r),!1;if(n)switch(n){case ce.BEARER:case ce.POP:return t.trace("18tev1",r),!0;default:return t.trace("1dd2nh",r),!1}return!0}class Nl extends el{constructor(e,t,r,o,n,i,s,a,c,l,h){super(e,t,r,o,n,i,s,c,l),this.nativeStorage=a,this.eventHandler=n,this.waitForPopupResponseHook=h}acquireToken(e,t){let r;try{if(r={popupName:this.generatePopupName(e.scopes||A,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window},this.performanceClient.addFields({isAsyncPopup:!this.config.system.navigatePopups},this.correlationId),this.config.system.navigatePopups){const o={...e,httpMethod:Xc(e,this.config.system.protocolMode)};return this.logger.verbose("1f9ok3",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.acquireTokenPopupAsync(o,r,t)}return this.logger.verbose("162h4u",this.correlationId),this.acquireTokenPopupAsync(e,r,t)}catch(e){return Promise.reject(e)}}logout(e){try{this.logger.verbose("068rup",this.correlationId);const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:e?.popupWindowAttributes||{},popupWindowParent:e?.popupWindowParent??window},o=e&&e.authority,n=e&&e.mainWindowRedirectUri;return this.config.system.navigatePopups?(this.logger.verbose("1a28da",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,o,n)):(this.logger.verbose("1phd8u",this.correlationId),this.logoutPopupAsync(t,r,o,n))}catch(e){return Promise.reject(e)}}async acquireTokenPopupAsync(t,r,o){this.logger.verbose("1g77pg",this.correlationId);const n=await mr(tl,Zn,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Popup,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.popup&&Ba(n.authority);const i=ql(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);return n.platformBroker=i,this.config.system.protocolMode===Ct.EAR?this.executeEarFlow(n,r,o):this.executeCodeFlow(n,r,o)}async executeCodeFlow(t,r,o){const n=t.correlationId,i=Gc(Hs.acquireTokenPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),s=o||await mr(Tl,ni,this.logger,this.performanceClient,n)(this.performanceClient,this.logger,n),a={...t,codeChallenge:s.challenge};try{const o=await mr(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,n)({serverTelemetryManager:i,requestAuthority:a.authority,requestAzureCloudOptions:a.azureCloudOptions,requestExtraQueryParameters:a.extraQueryParameters,account:a.account});if(a.httpMethod===b)return await this.executeCodeFlowWithPost(a,r,o,s.verifier);{const i=await mr(pl,cr,this.logger,this.performanceClient,n)(this.config,o.authority,a,this.logger,this.performanceClient),c=this.config.auth.popupRelayUri,l=c?rl(c,this.getRelayStateId(t.state,n),{method:"GET",url:i},n):i,h=this.initiateAuthRequest(l,r);this.eventHandler.emitEvent(Rc.POPUP_OPENED,n,e.InteractionType.Popup,{popupWindow:h},null);const d=await this.waitForPopupResponse(t,h,r.popupWindowParent),u=pr(ol,ri,this.logger,this.performanceClient,this.correlationId)(d,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return await mr(vl,ti,this.logger,this.performanceClient,n)(t,u,s.verifier,Hs.acquireTokenPopup,this.config,o,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}catch(e){throw r.popup?.close(),e instanceof Te&&(e.correlationId=this.correlationId,i.cacheFailedRequest(e)),e}}async executeEarFlow(e,t,r){const{correlationId:o,authority:n,azureCloudOptions:i,extraQueryParameters:s,account:a}=e,c=await mr(Qc,Bn,this.logger,this.performanceClient,o)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,n,i,s,a),l=await mr(ga,ai,this.logger,this.performanceClient,o)(),h=r||await mr(Tl,ni,this.logger,this.performanceClient,o)(this.performanceClient,this.logger,o),d={...e,earJwk:l,codeChallenge:h.challenge},u=await this.openPostFormPopup(d,c,t,o,!0),g=await mr(this.waitForPopupResponse.bind(this),Qn,this.logger,this.performanceClient,o)(d,u,t.popupWindowParent),p=pr(ol,ri,this.logger,this.performanceClient,this.correlationId)(g,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);if(!p.ear_jwe&&p.code){const t=await mr(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,o)({serverTelemetryManager:Gc(Hs.acquireTokenPopup,this.config.auth.clientId,o,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:c});return mr(vl,ti,this.logger,this.performanceClient,o)(d,p,h.verifier,Hs.acquireTokenPopup,this.config,t,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return mr(kl,Xn,this.logger,this.performanceClient,o)(d,p,Hs.acquireTokenPopup,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async executeCodeFlowWithPost(e,t,r,o){const n=e.correlationId,i=await mr(Qc,Bn,this.logger,this.performanceClient,n)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger),s=await this.openPostFormPopup(e,i,t,n,!1),a=await mr(this.waitForPopupResponse.bind(this),Qn,this.logger,this.performanceClient,n)(e,s,t.popupWindowParent),c=pr(ol,ri,this.logger,this.performanceClient,this.correlationId)(a,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return mr(vl,ti,this.logger,this.performanceClient,n)(e,c,o,Hs.acquireTokenPopup,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async logoutPopupAsync(t,r,o,n){this.logger.verbose("0b7yrk",this.correlationId),this.eventHandler.emitEvent(Rc.LOGOUT_START,this.correlationId,e.InteractionType.Popup,t);const i=Gc(Hs.logoutPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled);try{await Vc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account);const s=await mr(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:i,requestAuthority:o,account:t.account||void 0});try{s.authority.endSessionEndpoint}catch{if(t.account?.homeAccountId&&t.postLogoutRedirectUri&&s.authority.protocolMode===Ct.OIDC){if(this.eventHandler.emitEvent(Rc.LOGOUT_SUCCESS,t.correlationId,e.InteractionType.Popup,t),n){const e={apiId:Hs.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=Zt.getAbsoluteUrl(n,qa(),this.correlationId);await this.navigationClient.navigateInternal(t,e)}return void r.popup?.close()}}t.state=dn(this.browserCrypto,t.state||"",{interactionType:e.InteractionType.Popup},t.correlationId);const a=s.getLogoutUri(t);this.eventHandler.emitEvent(Rc.LOGOUT_SUCCESS,t.correlationId,e.InteractionType.Popup,t);const c=this.config.auth.popupRelayUri,l=c?rl(c,this.getRelayStateId(t.state||"",this.correlationId),{method:"GET",url:a},this.correlationId):a,h=this.openPopup(l,r);if(this.eventHandler.emitEvent(Rc.POPUP_OPENED,t.correlationId,e.InteractionType.Popup,{popupWindow:h},null),await this.waitForPopupResponse(t,h,r.popupWindowParent).catch(()=>{}),n){const e={apiId:Hs.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=Zt.getAbsoluteUrl(n,qa(),this.correlationId);this.logger.verbose("0qcur2",this.correlationId),this.logger.verbosePii(`0oj7lk ${t}`,this.correlationId),await this.navigationClient.navigateInternal(t,e)}else this.logger.verbose("03zgcf",this.correlationId)}catch(t){throw r.popup?.close(),t instanceof Te&&(t.correlationId=this.correlationId,i.cacheFailedRequest(t)),this.eventHandler.emitEvent(Rc.LOGOUT_FAILURE,this.correlationId,e.InteractionType.Popup,null,t),this.eventHandler.emitEvent(Rc.LOGOUT_END,this.correlationId,e.InteractionType.Popup),t}this.eventHandler.emitEvent(Rc.LOGOUT_END,this.correlationId,e.InteractionType.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii(`1kcr9k ${e}`,this.correlationId),this.openPopup(e,t);throw this.logger.error("1l7hyp",this.correlationId),ss(ui,this.correlationId)}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii(`0cgeo7 ${e}`,this.correlationId),r.location.assign(e)):void 0===t.popup&&(this.logger.verbosePii(`0c2awd ${e}`,this.correlationId),r=this.openSizedPopup(e,t)),!r)throw ss(vi,this.correlationId);try{r.document.title="Microsoft Authentication"}catch(e){"undefined"!=typeof DOMException&&e instanceof DOMException&&"SecurityError"===e.name||this.logger.verbose("1s1yfs",this.correlationId)}return r.focus&&r.focus(),this.currentWindow=r,r}catch(e){throw this.logger.error(`0dxfb9 ${e.message}`,this.correlationId),ss(Ci,this.correlationId)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:o}){const n=o.screenLeft?o.screenLeft:o.screenX,i=o.screenTop?o.screenTop:o.screenY,s=o.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,a=o.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let c=r.popupSize?.width,l=r.popupSize?.height,h=r.popupPosition?.top,d=r.popupPosition?.left;return(!c||c<0||c>s)&&(this.logger.verbose("08vfmo",this.correlationId),c=hs),(!l||l<0||l>a)&&(this.logger.verbose("09cxa0",this.correlationId),l=ds),(!h||h<0||h>a)&&(this.logger.verbose("1qh4wo",this.correlationId),h=Math.max(0,a/2-ds/2+i)),(!d||d<0||d>s)&&(this.logger.verbose("1sz3en",this.correlationId),d=Math.max(0,s/2-hs/2+n)),o.open(e,t,`width=${c}, height=${l}, top=${h}, left=${d}, scrollbars=yes`)}generatePopupName(e,t){return`${us}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${us}.${this.config.auth.clientId}.${t}.${this.correlationId}`}getRelayStateId(e,t){return un(as,e,t).libraryState.id}async openPostFormPopup(e,t,r,o,n){const i=this.config.auth.popupRelayUri;if(i){const s=n?ml:yl,a=await s(this.config,t,e,this.logger,this.performanceClient),c=rl(i,this.getRelayStateId(e.state,o),{method:"POST",action:a.action,fields:a.fields},o);return this.initiateAuthRequest(c,r)}const s=r.popup||this.openPopup("about:blank",r),a=n?fl:Il;return(await a(s.document,this.config,t,e,this.logger,this.performanceClient)).submit(),s}async waitForPopupResponse(e,t,r){return this.config.auth.popupRelayUri?async function(e,t,r,o,n){return new Promise((i,s)=>{const a=r.correlationId;t.verbose("1d05g9",a),n.addFields({redirectBridgeTimeoutMs:e},a);const{libraryState:c}=un(as,r.state||"",a),l=c.id,h=window.location.origin;let d=!1;const u=()=>{window.removeEventListener("message",g),clearTimeout(p),clearInterval(m)},g=e=>{if(e.origin!==h||e.source!==o)return;const t=e.data;t&&"msal:popup-relay-response:v1"===t.type&&t.id===l&&(d||(d=!0,u(),t.error?s(ss(t.error,a)):t.payload?i(t.payload):s(ss(Ti,a))))};window.addEventListener("message",g);const p=window.setTimeout(()=>{d||(d=!0,u(),s(ss(ts,a,"popup_relay_timeout")))},e),m=window.setInterval(()=>{o.closed&&!d&&(d=!0,u(),s(ss(ki,a)))},500)})}(this.config.system.popupBridgeTimeout,this.logger,e,t,this.performanceClient):this.waitForPopupResponseHook?this.waitForPopupResponseHook(e,t,r):xa(this.config.system.popupBridgeTimeout,this.logger,e,this.performanceClient)}}class Ul extends el{constructor(e,t,r,o,n,i,s,a,c,l){super(e,t,r,o,n,i,s,c,l),this.nativeStorage=a}async acquireToken(t){const r=await mr(tl,Zn,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Redirect,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.platformBroker=ql(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);const o=t=>{t.persisted&&(this.logger.verbose("0udvtt",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),this.eventHandler.emitEvent(Rc.RESTORE_FROM_BFCACHE,this.correlationId,e.InteractionType.Redirect))},n=this.getRedirectStartPage(t.redirectStartPage);this.logger.verbosePii(`0zao0a ${n}`,this.correlationId),this.browserStorage.setTemporaryCache(Os,n,!0),window.addEventListener("pageshow",o);try{this.config.system.protocolMode===Ct.EAR?await this.executeEarFlow(r):await this.executeCodeFlow(r)}catch(e){throw e instanceof Te&&(e.correlationId=this.correlationId),window.removeEventListener("pageshow",o),e}}async executeCodeFlow(e){const t=e.correlationId,r=Gc(Hs.acquireTokenRedirect,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),o=await mr(Tl,ni,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),n={...e,codeChallenge:o.challenge};this.browserStorage.cacheAuthorizeRequest(n,this.correlationId,o.verifier);try{if(n.httpMethod===b)return await this.executeCodeFlowWithPost(n);{const t=await mr(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:r,requestAuthority:n.authority,requestAzureCloudOptions:n.azureCloudOptions,requestExtraQueryParameters:n.extraQueryParameters,account:n.account}),o=await mr(pl,cr,this.logger,this.performanceClient,e.correlationId)(this.config,t.authority,n,this.logger,this.performanceClient);return await this.initiateAuthRequest(o)}}catch(e){throw e instanceof Te&&(e.correlationId=this.correlationId,r.cacheFailedRequest(e)),e}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:o,extraQueryParameters:n,account:i}=e,s=await mr(Qc,Bn,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,o,n,i),a=await mr(ga,ai,this.logger,this.performanceClient,t)(),c=await mr(Tl,ni,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),l={...e,earJwk:a,codeChallenge:c.challenge};this.browserStorage.cacheAuthorizeRequest(l,this.correlationId,c.verifier);return(await fl(document,this.config,s,l,this.logger,this.performanceClient)).submit(),new Promise((e,t)=>{setTimeout(()=>{t(ss(ts,"","failed_to_redirect"))},this.config.system.redirectNavigationTimeout)})}async executeCodeFlowWithPost(e){const t=e.correlationId,r=await mr(Qc,Bn,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger);this.browserStorage.cacheAuthorizeRequest(e,this.correlationId);return(await Il(document,this.config,r,e,this.logger,this.performanceClient)).submit(),new Promise((e,t)=>{setTimeout(()=>{t(ss(ts,"","failed_to_redirect"))},this.config.system.redirectNavigationTimeout)})}async handleRedirectPromise(e,t,r,o){const n=document.title;document.title="Microsoft Authentication";const i=Gc(Hs.handleRedirectPromise,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),s=o?.navigateToLoginRequestUrl??!0;try{const[n,a]=this.getRedirectResponse(o?.hash||"");if(!n)return this.logger.info("1qmv0q",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),"back_forward"!==function(){if("undefined"==typeof window||void 0===window.performance||"function"!=typeof window.performance.getEntriesByType)return;const e=window.performance.getEntriesByType("navigation"),t=e.length?e[0]:void 0;return t?.type}()?r.event.errorCode="no_server_response":this.logger.verbose("1eqegq",this.correlationId),null;const c=this.browserStorage.getTemporaryCache(Os,this.correlationId,!0)||"",l=Io(c,this.logger,this.correlationId);if(l===Io(window.location.href,this.logger,this.correlationId)&&s){this.logger.verbose("11yred",this.correlationId),c.indexOf("#")>-1&&Ea(c);return await this.handleResponse(n,e,t,i)}if(!s)return this.logger.verbose("0v4sdv",this.correlationId),await this.handleResponse(n,e,t,i);if(!Pa()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(Ms,a,!0);const r={apiId:Hs.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let o=!0;if(c)this.logger.verbose(`08jpy1 ${c}`,this.correlationId),o=await this.navigationClient.navigateInternal(c,r);else{const e=Na(this.correlationId);this.browserStorage.setTemporaryCache(Os,e,!0),this.logger.warning("1dutq1",this.correlationId),o=await this.navigationClient.navigateInternal(e,r)}if(!o)return await this.handleResponse(n,e,t,i)}return null}catch(e){throw e instanceof Te&&(e.correlationId=this.correlationId,i.cacheFailedRequest(e)),e}finally{document.title=n}}getRedirectResponse(t){this.logger.verbose("1c5i8m",this.correlationId);let r=t;r||(r=this.config.auth.OIDCOptions.responseMode===W.QUERY?window.location.search:window.location.hash);let o=fo(r);if(o){try{nl(o,this.browserCrypto,e.InteractionType.Redirect,this.correlationId)}catch(e){return e instanceof Te&&this.logger.error(`0bkq6p ${e.errorCode} ${e.errorMessage}`,this.correlationId),[null,""]}return _a(window),this.logger.verbose("00uvho",this.correlationId),[o,r]}const n=this.browserStorage.getTemporaryCache(Ms,this.correlationId,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Ms)),n&&(o=fo(n),o)?(this.logger.verbose("001671",this.correlationId),[o,n]):[null,""]}async handleResponse(e,t,r,o){if(!e.state)throw ss(pi,t.correlationId);const{authority:n,azureCloudOptions:i,extraQueryParameters:s,account:a}=t;if(e.ear_jwe){const r=await mr(Qc,Bn,this.logger,this.performanceClient,t.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,n,i,s,a);return mr(kl,Xn,this.logger,this.performanceClient,t.correlationId)(t,e,Hs.acquireTokenRedirect,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}const c=await mr(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:o,requestAuthority:t.authority});return mr(vl,ti,this.logger,this.performanceClient,t.correlationId)(t,e,r,Hs.acquireTokenRedirect,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async initiateAuthRequest(e){if(this.logger.verbose("0yaw2e",this.correlationId),e){this.logger.infoPii(`1luf83 ${e}`,this.correlationId);const t={apiId:Hs.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},r=this.config.auth.onRedirectNavigate;if("function"==typeof r){this.logger.verbose("1nehvl",this.correlationId);return!1!==r(e)?(this.logger.verbose("1a0jxh",this.correlationId),void await this.navigationClient.navigateExternal(e,t)):void this.logger.verbose("09k5h5",this.correlationId)}return this.logger.verbose("0klwf7",this.correlationId),void await this.navigationClient.navigateExternal(e,t)}throw this.logger.info("0rlh4e",this.correlationId),ss(ui,this.correlationId)}async logout(t){this.logger.verbose("1rkurh",this.correlationId);const r=this.initializeLogoutRequest(t),o=Gc(Hs.logout,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled);try{this.eventHandler.emitEvent(Rc.LOGOUT_START,this.correlationId,e.InteractionType.Redirect,t),await Vc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,r.account);const n={apiId:Hs.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=await mr(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:o,requestAuthority:t&&t.authority,requestExtraQueryParameters:t?.extraQueryParameters,account:t&&t.account||void 0});if(i.authority.protocolMode===Ct.OIDC)try{i.authority.endSessionEndpoint}catch{if(r.account?.homeAccountId)return void this.eventHandler.emitEvent(Rc.LOGOUT_SUCCESS,this.correlationId,e.InteractionType.Redirect,r)}r.state=dn(this.browserCrypto,r.state||"",{interactionType:e.InteractionType.Redirect},r.correlationId);const s=i.getLogoutUri(r);r.account?.homeAccountId&&this.eventHandler.emitEvent(Rc.LOGOUT_SUCCESS,this.correlationId,e.InteractionType.Redirect,r);const a=this.config.auth.onRedirectNavigate;if("function"!=typeof a)return this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Rs),void await this.navigationClient.navigateExternal(s,n);if(!1!==a(s))return this.logger.verbose("06v57e",this.correlationId),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,Rs),void await this.navigationClient.navigateExternal(s,n);this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("0xqes1",this.correlationId)}catch(t){throw t instanceof Te&&(t.correlationId=this.correlationId,o.cacheFailedRequest(t)),this.eventHandler.emitEvent(Rc.LOGOUT_FAILURE,this.correlationId,e.InteractionType.Redirect,null,t),this.eventHandler.emitEvent(Rc.LOGOUT_END,this.correlationId,e.InteractionType.Redirect),t}this.eventHandler.emitEvent(Rc.LOGOUT_END,this.correlationId,e.InteractionType.Redirect)}getRedirectStartPage(e){const t=e||window.location.href,r=Zt.getAbsoluteUrl(t,qa(),this.correlationId);return function(e,t,r){try{new URL(e)}catch(e){throw t?.error(`1lrjz7 ${e}`,r||""),_t(Rt,r||"")}}(r,this.logger,this.correlationId),r}}async function Ll(e,t,r,o){if(!t)throw r.info("1l7hyp",o),ss(ui,o);return e.src=t,e}async function Fl(e,t,r,o,n,i){if(!e.contentDocument)throw"No document associated with iframe!";return(await Il(e.contentDocument,t,r,o,n,i)).submit(),e}async function Hl(e,t,r,o,n,i){if(!e.contentDocument)throw"No document associated with iframe!";return(await fl(e.contentDocument,t,r,o,n,i)).submit(),e}function Dl(){const e=document.createElement("iframe");return e.className="msalSilentIframe",e.title="Microsoft Authentication",e.style.visibility="hidden",e.style.position="absolute",e.style.width=e.style.height="0",e.style.border="0",e.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),e.setAttribute("allow","local-network-access *"),document.body.appendChild(e),e}function $l(e){document.body===e.parentNode&&document.body.removeChild(e)}class Kl extends el{constructor(e,t,r,o,n,i,s,a,c,l,h,d){super(e,t,r,o,n,i,a,l,h),this.apiId=s,this.nativeStorage=c,this.waitForIframeResponseHook=d}async acquireToken(t){t.loginHint||t.sid||t.account&&t.account.username||this.logger.warning("1kl318",this.correlationId);const r={...t};r.prompt?r.prompt!==z.NONE&&r.prompt!==z.NO_SESSION&&(this.logger.warning(`0bmctg ${r.prompt} ${z.NONE}`,this.correlationId),r.prompt=z.NONE):r.prompt=z.NONE;const o=await mr(tl,Zn,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);return o.platformBroker=ql(this.config,this.logger,this.correlationId,this.platformAuthProvider,o.authenticationScheme),Ba(o.authority),this.config.system.protocolMode===Ct.EAR?this.executeEarFlow(o):this.executeCodeFlow(o)}async executeCodeFlow(e){let t;const r=Gc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled);try{return t=await mr(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await mr(this.silentTokenHelper.bind(this),Wn,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(o){if(o instanceof Te&&(o.correlationId=this.correlationId,r.cacheFailedRequest(o)),!(t&&o instanceof Te&&o.errorCode===ls))throw o;return this.performanceClient.addFields({retryError:o.errorCode},this.correlationId),await mr(this.silentTokenHelper.bind(this),Wn,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:o,extraQueryParameters:n,account:i}=e,s=await mr(Qc,Bn,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,o,n,i),a=await mr(ga,ai,this.logger,this.performanceClient,t)(),c=await mr(Tl,ni,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),l={...e,earJwk:a,codeChallenge:c.challenge},h=Dl(),d=this.config.auth.OIDCOptions.responseMode;let u;try{const r=mr(this.waitForIframeResponse.bind(this),Qn,this.logger,this.performanceClient,t)(h,e);r.catch(()=>{}),await mr(Hl,Gn,this.logger,this.performanceClient,t)(h,this.config,s,l,this.logger,this.performanceClient),u=await r}finally{pr($l,oi,this.logger,this.performanceClient,t)(h)}const g=pr(ol,ri,this.logger,this.performanceClient,t)(u,d,this.logger,this.correlationId);if(!g.ear_jwe&&g.code){const r=await mr(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,t)({serverTelemetryManager:Gc(this.apiId,this.config.auth.clientId,t,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:s});return mr(vl,ti,this.logger,this.performanceClient,t)(l,g,c.verifier,this.apiId,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return mr(kl,Xn,this.logger,this.performanceClient,t)(l,g,this.apiId,this.config,s,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async verifySso(t){const r={...t};r.prompt||(r.prompt=z.NONE);const o=await mr(tl,Zn,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),n=await mr(this.createAuthCodeClient.bind(this),Vn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:Gc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),requestAuthority:o.authority,requestAzureCloudOptions:o.azureCloudOptions,requestExtraQueryParameters:o.extraQueryParameters,account:o.account}),{serverParams:i}=await this.silentAuthorizeHelper(n,o),s=o.correlationId;return En(i,o.state,s),i.code?(this.logger.verbose("0kkkcj",s),!0):(this.logger.warning("0y34ti",s),!1)}logout(){return Promise.reject(ss(Ei,""))}async silentTokenHelper(e,t){const{serverParams:r,pkceCodes:o}=await this.silentAuthorizeHelper(e,t);return mr(vl,ti,this.logger,this.performanceClient,t.correlationId)(t,r,o.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async silentAuthorizeHelper(e,t){const r=t.correlationId,o=await mr(Tl,ni,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),n={...t,codeChallenge:o.challenge},i=Dl(),s=this.config.auth.OIDCOptions.responseMode;let a;try{const o=mr(this.waitForIframeResponse.bind(this),Qn,this.logger,this.performanceClient,r)(i,t);if(o.catch(()=>{}),t.httpMethod===b)await mr(Fl,Gn,this.logger,this.performanceClient,r)(i,this.config,e.authority,n,this.logger,this.performanceClient);else{const t=await mr(pl,cr,this.logger,this.performanceClient,r)(this.config,e.authority,n,this.logger,this.performanceClient);await mr(Ll,Gn,this.logger,this.performanceClient,r)(i,t,this.logger,r)}a=await o}finally{pr($l,oi,this.logger,this.performanceClient,r)(i)}return{serverParams:pr(ol,ri,this.logger,this.performanceClient,r)(a,s,this.logger,this.correlationId),pkceCodes:o,silentRequest:n}}async waitForIframeResponse(e,t){return this.waitForIframeResponseHook?this.waitForIframeResponseHook(e,t):xa(this.config.system.iframeBridgeTimeout,this.logger,t,this.performanceClient,this.config.experimental)}}class Bl extends el{async acquireToken(e){const t=await mr(Yc,Jn,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger,this.correlationId),r={...e,...t};e.redirectUri&&(r.redirectUri=Wc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId));const o=Gc(Hs.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled),n=await this.createRefreshTokenClient({serverTelemetryManager:o,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return mr(n.acquireTokenByRefreshToken.bind(n),"refreshTokenClientAcquireTokenByRefreshToken",this.logger,this.performanceClient,e.correlationId)(r,Hs.acquireTokenSilent_silentFlow).catch(e=>{throw e.correlationId=this.correlationId,o.cacheFailedRequest(e),e})}logout(){return Promise.reject(ss(Ei,""))}async createRefreshTokenClient(e){const t=await mr(this.getClientConfiguration.bind(this),Yn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new Nn(t,this.performanceClient)}}class zl extends An{constructor(e,t){super(e,t),this.includeRedirectUri=!1}}class jl extends el{constructor(e,t,r,o,n,i,s,a,c,l){super(e,t,r,o,n,i,a,c,l),this.apiId=s}async acquireToken(t){if(!t.code)throw ss(Di,this.correlationId);const r=await mr(tl,Zn,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),o=Gc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger,0,this.config.system.serverTelemetryEnabled);try{const e={...r,code:t.code},n=await mr(this.getClientConfiguration.bind(this),Yn,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:o,requestAuthority:r.authority,requestAzureCloudOptions:r.azureCloudOptions,requestExtraQueryParameters:r.extraQueryParameters,account:r.account}),i=new zl(n,this.performanceClient);this.logger.verbose("1uic5e",this.correlationId);const s=new il(i,this.browserStorage,e,this.logger,this.performanceClient);return await mr(s.handleCodeResponseFromServer.bind(s),lr,this.logger,this.performanceClient,this.correlationId)({code:t.code,msgraph_host:t.msGraphHost,cloud_graph_host_name:t.cloudGraphHostName,cloud_instance_host_name:t.cloudInstanceHostName},r,this.apiId,!1)}catch(e){throw e instanceof Te&&(e.correlationId=this.correlationId,o.cacheFailedRequest(e)),e}}logout(){return Promise.reject(ss(Ei,""))}}function Jl(e,t,r,o){try{$a(e),$n(r.auth.isMcp,o)}catch(e){throw t.end({success:!1},e,o.account),e}}class Wl{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new Va(this.logger,this.performanceClient):wo,this.eventHandler=new jc(this.logger),this.browserStorage=this.isBrowserEnvironment?new Fc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,Nr(this.config.auth)):Dc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:Ss.MemoryStorage,cacheRetentionDays:5};this.nativeInternalStorage=new Fc(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.activeSilentTokenRequests=new Map,this.trackStateChange=this.trackStateChange.bind(this),this.trackStateChangeWithMeasurement=this.trackStateChangeWithMeasurement.bind(this)}static async createController(e,t){const r=new Wl(e);return await r.initialize(t),r}trackStateChange(e,t){e&&("visibilitychange"===t.type?(this.logger.info("16v6hv",e),this.performanceClient.incrementFields({visibilityChangeCount:1},e)):"online"===t.type?(this.logger.info("0zirfd",e),this.performanceClient.incrementFields({onlineStatusChangeCount:1},e)):"offline"===t.type&&(this.logger.info("1xk9ef",e),this.performanceClient.incrementFields({onlineStatusChangeCount:1},e)))}async initialize(e){const t=this.getRequestCorrelationId(e);if(this.logger.trace("1f7joy",t),this.initialized)return void this.logger.info("061m5x",t);if(!this.isBrowserEnvironment)return this.logger.info("19fvpi",t),this.initialized=!0,void this.eventHandler.emitEvent(Rc.INITIALIZE_END,t);const r=this.config.system.allowPlatformBroker,o=this.performanceClient.startMeasurement(nc,t);if(this.eventHandler.emitEvent(Rc.INITIALIZE_START,t),this.logMultipleInstances(o,t),o.add({isMcp:this.config.auth.isMcp}),await mr(this.browserStorage.initialize.bind(this.browserStorage),"initializeCache",this.logger,this.performanceClient,t)(t),r)try{this.platformAuthProvider=await xl(this.logger,this.performanceClient,t,this.config.system.nativeBrokerHandshakeTimeout,this.config.experimental.allowPlatformBrokerWithDOM)}catch(e){this.logger.verbose(e,t)}this.config.cache.cacheLocation===Ss.LocalStorage&&this.eventHandler.subscribeCrossTab(),!this.config.system.navigatePopups&&await this.preGeneratePkceCodes(t),this.initialized=!0,this.eventHandler.emitEvent(Rc.INITIALIZE_END,t),o.end({allowPlatformBroker:r,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("02l8bm",""),Da(this.initialized),this.isBrowserEnvironment){const t=e?.hash||"";let r=this.redirectResponse.get(t);return void 0===r?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("1wn9kp","")):this.logger.verbose("0w0gm3",""),r}return this.logger.verbose("12xi63",""),null}async handleRedirectPromiseInternal(t){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",""),null;const r=this.browserStorage.getInteractionInProgress()?.type;if(r===Rs)return this.logger.verbose("1ywcv2",""),this.browserStorage.setInteractionInProgress(!1),Promise.resolve(null);const o=this.getAllAccounts(),n=this.browserStorage.getCachedNativeRequest(),i=n&&!t?.hash;let s,a,c;try{if(i&&this.platformAuthProvider){const t=n?.correlationId||"";this.eventHandler.emitEvent(Rc.HANDLE_REDIRECT_START,t,e.InteractionType.Redirect),s=this.performanceClient.startMeasurement(rc,t),this.logger.trace("12v7is",t),s.add({isPlatformBrokerRequest:!0});const r=new hl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Hs.handleRedirectPromise,this.performanceClient,this.platformAuthProvider,n.accountId,this.nativeInternalStorage,n.correlationId);a=mr(r.handleRedirectPromise.bind(r),"handleNativeRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)()}else{const[r,o]=this.browserStorage.getCachedRequest("");c=r;const n=r.correlationId;this.eventHandler.emitEvent(Rc.HANDLE_REDIRECT_START,n,e.InteractionType.Redirect),s=this.performanceClient.startMeasurement(rc,n),this.logger.trace("0znzs5",n);const i=this.createRedirectClient(n);a=mr(i.handleRedirectPromise.bind(i),"handleRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(r,o,s,t)}}catch(e){throw this.browserStorage.resetRequestCache(""),e}return a.then(t=>{if(t){this.browserStorage.resetRequestCache(t.correlationId),this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_SUCCESS,t.correlationId,e.InteractionType.Redirect,t),this.logger.verbose("0ui8f5",t.correlationId);o.length<this.getAllAccounts().length&&(this.eventHandler.emitEvent(Rc.LOGIN_SUCCESS,t.correlationId,e.InteractionType.Redirect,t.account),this.logger.verbose("16im3l",t.correlationId)),s.end({success:!0},void 0,t.account),this.verifySsoCapability(c,e.InteractionType.Redirect)}else s.event.errorCode?s.end({success:!1},void 0):s.discard();return this.eventHandler.emitEvent(Rc.HANDLE_REDIRECT_END,s.event.correlationId,e.InteractionType.Redirect),t}).catch(t=>{this.browserStorage.resetRequestCache(s.event.correlationId);const r=t;throw this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_FAILURE,s.event.correlationId,e.InteractionType.Redirect,null,r),this.eventHandler.emitEvent(Rc.HANDLE_REDIRECT_END,s.event.correlationId,e.InteractionType.Redirect),s.end({success:!1},r),t})}async acquireTokenRedirect(t){const r=this.getRequestCorrelationId(t);this.logger.verbose("0os66p",r),Ka(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Ps);const o=this.performanceClient.startMeasurement(tc,r);o.add({scenarioId:t.scenarioId});const n=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=e=>{const r="function"==typeof n?n(e):void 0;return o.add({navigateCallbackResult:!1!==r}),o.event=o.end({success:!0},void 0,t.account)||o.event,r};try{let n;if($n(this.config.auth.isMcp,t),this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_START,r,e.InteractionType.Redirect,t),this.platformAuthProvider&&this.canUsePlatformBroker(t)){const e=new hl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Hs.acquireTokenRedirect,this.performanceClient,this.platformAuthProvider,this.getNativeAccountId(t),this.nativeInternalStorage,r);n=mr(e.acquireTokenRedirect.bind(e),"nativeInteractionClientAcquireToken",this.logger,this.performanceClient,r)(t,o).catch(e=>{if(o.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof sl&&al(e)){this.platformAuthProvider=void 0;return this.createRedirectClient(r).acquireToken(t)}if(e instanceof an){this.logger.verbose("1ipyz4",r);return this.createRedirectClient(r).acquireToken(t)}throw e})}else{n=this.createRedirectClient(r).acquireToken(t)}return await n}catch(n){throw this.browserStorage.resetRequestCache(r),2===o.event.status?this.performanceClient.startMeasurement(rc,r).end({success:!1},n,t.account):o.end({success:!1},n,t.account),this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Redirect,null,n),n}}acquireTokenPopup(t){const r=this.getRequestCorrelationId(t),o=this.performanceClient.startMeasurement(ec,r);o.add({scenarioId:t.scenarioId});try{this.logger.verbose("0ch87b",r),Jl(this.initialized,o,this.config,t),this.browserStorage.setInteractionInProgress(!0,Ps,t.overrideInteractionInProgress,r)}catch(e){return Promise.reject(e)}const n=this.getAllAccounts();let i;this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_START,r,e.InteractionType.Popup,t);const s=this.getPreGeneratedPkceCodes(r);if(this.canUsePlatformBroker(t))o.add({isPlatformBrokerRequest:!0}),i=this.acquireTokenNative({...t,correlationId:r},Hs.acquireTokenPopup).then(e=>(o.end({success:!0,isNativeBroker:!0},void 0,e.account),e)).catch(e=>{if(o.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof sl&&al(e)){this.platformAuthProvider=void 0;return this.createPopupClient(r).acquireToken(t,s)}if(e instanceof an){this.logger.verbose("0yy5fw",r);return this.createPopupClient(r).acquireToken(t,s)}throw e});else{i=this.createPopupClient(r).acquireToken(t,s)}return i.then(i=>{const s=n.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Popup,i),s&&this.eventHandler.emitEvent(Rc.LOGIN_SUCCESS,r,e.InteractionType.Popup,i.account),o.end({success:!0,accessTokenSize:i.accessToken.length,idTokenSize:i.idToken.length},void 0,i.account),this.verifySsoCapability(t,e.InteractionType.Popup),i}).catch(n=>(this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Popup,null,n),o.end({success:!1},n,t.account),Promise.reject(n))).finally(async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.navigatePopups||await this.preGeneratePkceCodes(r)})}trackStateChangeWithMeasurement(e){const t=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;t&&("visibilitychange"===e.type?(this.logger.info(`0yzimq ${t.event.name}`,t.event.correlationId),t.increment({visibilityChangeCount:1})):"online"===e.type?(this.logger.info(`1caf53 ${t.event.name}`,t.event.correlationId),t.increment({onlineStatusChangeCount:1})):"offline"===e.type&&(this.logger.info(`0fdyk7 ${t.event.name}`,t.event.correlationId),t.increment({onlineStatusChangeCount:1})))}addStateChangeListeners(e){document.addEventListener("visibilitychange",e),window.addEventListener("online",e),window.addEventListener("offline",e)}removeStateChangeListeners(e){document.removeEventListener("visibilitychange",e),window.removeEventListener("online",e),window.removeEventListener("offline",e)}getCachedSsoCapable(){try{const e=window.localStorage.getItem(yc);if(e){const t=JSON.parse(e);if(t&&"boolean"==typeof t.ssoCapable&&t.expiresOn&&Date.now()<t.expiresOn)return t.ssoCapable}}catch{}}verifySsoCapability(e,t){if(!this.config.auth.verifySSO)return;const r=yc;if(void 0!==this.getCachedSsoCapable())return void this.logger.verbose(`13poou ${t}`,"");const o=da(),n=this.performanceClient.startMeasurement(ac,o);n.add({"ext.interactionType":t}),this.logger.verbose(`0pbr0i ${t}`,o),setTimeout(()=>{const i={...e,correlationId:o};this.createSilentIframeClient(o).verifySso(i).then(e=>{this.logger.verbose(`1gd1iv ${t} ${e}`,o);try{const t=JSON.stringify({ssoCapable:e,expiresOn:Date.now()+864e5});window.localStorage.setItem(r,t)}catch{this.logger.warning(`18lmoj ${t}`,o)}n.end({fromCache:!1,success:e},void 0)}).catch(e=>{this.logger.warning(`05g83w ${t} ${e.message}`,o);try{window.localStorage.removeItem(r)}catch{this.logger.warning(`0nlf9q ${t}`,o)}n.end({fromCache:!1,success:!1},e)})},0)}async ssoSilent(t){const r=this.getRequestCorrelationId(t),o={...t,correlationId:r};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(oc,r),this.ssoSilentMeasurement?.add({scenarioId:t.scenarioId,ssoCapable:this.getCachedSsoCapable()}),Jl(this.initialized,this.ssoSilentMeasurement,this.config,o),this.ssoSilentMeasurement?.increment({visibilityChangeCount:0,onlineStatusChangeCount:0}),this.addStateChangeListeners(this.trackStateChangeWithMeasurement);const n=this.getAllAccounts();let i;if(this.logger.verbose("0w1b45",r),this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_START,r,e.InteractionType.Silent,o),this.canUsePlatformBroker(o))this.ssoSilentMeasurement?.add({isPlatformBrokerRequest:!0}),i=this.acquireTokenNative(o,Hs.ssoSilent).catch(e=>{if(this.ssoSilentMeasurement?.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof sl&&al(e)){this.platformAuthProvider=void 0;return this.createSilentIframeClient(o.correlationId).acquireToken(o)}throw e});else{i=this.createSilentIframeClient(o.correlationId).acquireToken(o)}return i.then(t=>{const o=n.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,t),o&&this.eventHandler.emitEvent(Rc.LOGIN_SUCCESS,r,e.InteractionType.Silent,t.account),this.ssoSilentMeasurement?.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t}).catch(o=>{throw this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,o),this.ssoSilentMeasurement?.end({success:!1},o,t.account),o}).finally(()=>{this.removeStateChangeListeners(this.trackStateChangeWithMeasurement)})}async acquireTokenByCode(t){const r=this.getRequestCorrelationId(t);this.logger.trace("0ch6ga",r);const o=this.performanceClient.startMeasurement(Xa,r);Jl(this.initialized,o,this.config,t),this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_START,r,e.InteractionType.Silent,t),o.add({scenarioId:t.scenarioId});try{if(t.code&&t.nativeAccountId)throw ss(Ki,r);if(t.code){const n=t.code;let i=this.hybridAuthCodeResponses.get(n);return i?(this.logger.verbose("0qgp28",r),o.discard()):(this.logger.verbose("06eh73",r),i=this.acquireTokenByCodeAsync({...t,correlationId:r}).then(t=>(this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,t),this.hybridAuthCodeResponses.delete(n),o.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t)).catch(t=>{throw this.hybridAuthCodeResponses.delete(n),this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,t),o.end({success:!1},t),t}),this.hybridAuthCodeResponses.set(n,i)),await i}if(t.nativeAccountId){if(this.canUsePlatformBroker(t,t.nativeAccountId)){o.add({isPlatformBrokerRequest:!0});const e=await this.acquireTokenNative({...t,correlationId:r},Hs.acquireTokenByCode,t.nativeAccountId).catch(e=>{throw o.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof sl&&al(e)&&(this.platformAuthProvider=void 0),e});return o.end({success:!0},void 0,e.account),e}throw ss(zi,r)}throw ss($i,r)}catch(t){throw this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,t),o.end({success:!1},t),t}}async acquireTokenByCodeAsync(e){const t=this.getRequestCorrelationId(e);this.logger.trace("10d9hy",t),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement("acquireTokenByCodeAsync",t),this.acquireTokenByCodeAsyncMeasurement?.increment({visibilityChangeCount:0,onlineStatusChangeCount:0}),this.addStateChangeListeners(this.trackStateChangeWithMeasurement);const r=this.createSilentAuthCodeClient(t);return await r.acquireToken(e).then(e=>(this.acquireTokenByCodeAsyncMeasurement?.end({success:!0,fromCache:e.fromCache}),e)).catch(e=>{throw this.acquireTokenByCodeAsyncMeasurement?.end({success:!1},e),e}).finally(()=>{this.removeStateChangeListeners(this.trackStateChangeWithMeasurement)})}async acquireTokenFromCache(e,t){switch(t){case Js.Default:case Js.AccessToken:case Js.AccessTokenAndRefreshToken:const t=this.createSilentCacheClient(e.correlationId);return mr(t.acquireToken.bind(t),"silentCacheClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw Se(Qe,e.correlationId)}}async acquireTokenByRefreshToken(e,t){switch(t){case Js.Default:case Js.AccessTokenAndRefreshToken:case Js.RefreshToken:case Js.RefreshTokenAndNetwork:const t=this.createSilentRefreshClient(e.correlationId);return mr(t.acquireToken.bind(t),"silentRefreshClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw Se(Qe,e.correlationId)}}async acquireTokenBySilentIframe(e){const t=this.createSilentIframeClient(e.correlationId);return mr(t.acquireToken.bind(t),"silentIframeClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e)}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);Ka(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,Rs);return this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);$a(this.initialized),this.browserStorage.setInteractionInProgress(!0,Rs);return this.createPopupClient(t).logout(e).finally(()=>{this.browserStorage.setInteractionInProgress(!1)})}catch(e){return Promise.reject(e)}}async clearCache(e){if(!this.isBrowserEnvironment)return;const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return $c(this.logger,this.browserStorage,this.isBrowserEnvironment,this.getRequestCorrelationId(),e)}getAccount(e){return Kc(e,this.logger,this.browserStorage,this.getRequestCorrelationId())}setActiveAccount(e){Bc(e,this.browserStorage,this.getRequestCorrelationId())}getActiveAccount(){return zc(this.browserStorage,this.getRequestCorrelationId())}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=kt(e.account,e.cloudGraphHostName,e.msGraphHost);if(await this.browserStorage.setAccount(r,e.correlationId,dt(e.idTokenClaims),Hs.hydrateCache),!e.fromPlatformBroker)return this.browserStorage.hydrateCache(e,t);{this.logger.verbose("1i5atf",e.correlationId);const r=Tr(e.account.homeAccountId,e.account.environment,e.idToken,this.config.auth.clientId,e.tenantId),o=br(e.account.homeAccountId,e.account.environment,e.accessToken,this.config.auth.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?Ir(e.expiresOn):0,e.extExpiresOn?Ir(e.extExpiresOn):0,as,t.correlationId||"",void 0,e.tokenType,void 0,t.sshKid);t.resource&&(o.resource=t.resource);const n=dt(e.idTokenClaims);await this.browserStorage.setIdTokenCredential(r,e.correlationId,n),await this.nativeInternalStorage.setAccessTokenCredential(o,e.correlationId,n)}}async acquireTokenNative(e,t,r,o){const n=this.getRequestCorrelationId(e);if(this.logger.trace("0b9y3p",n),!this.platformAuthProvider)throw ss(Wi,n);const i=new hl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.platformAuthProvider,r||this.getNativeAccountId(e),this.nativeInternalStorage,n);return mr(i.acquireToken.bind(i),zn,this.logger,this.performanceClient,n)(e,o)}canUsePlatformBroker(e,t){const r=this.getRequestCorrelationId(e);if(this.logger.trace("1n9lbl",r),!this.platformAuthProvider)return this.logger.trace("0vnu11",r),!1;if(!ql(this.config,this.logger,r,this.platformAuthProvider,e.authenticationScheme))return this.logger.trace("0yoy1g",r),!1;if(e.prompt)switch(e.prompt){case z.NONE:case z.CONSENT:case z.LOGIN:this.logger.trace("0vdv8e",r);break;default:return this.logger.trace(`0pdzw6 ${e.prompt}`,r),!1}return!(!t&&!this.getNativeAccountId(e))||(this.logger.trace("16lbtk",r),!1)}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||(e.loginHint||e.sid?null:this.getActiveAccount());return t&&t.nativeAccountId||""}createPopupClient(e){return new Nl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider,this.operatingContext.getResponseHandlers()?.waitForPopupResponse)}createRedirectClient(e){return new Ul(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentIframeClient(e){return new Kl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Hs.ssoSilent,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider,this.operatingContext.getResponseHandlers()?.waitForIframeResponse)}createSilentCacheClient(e){return new ll(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentRefreshClient(e){return new Bl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentAuthCodeClient(e){return new jl(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Hs.acquireTokenByCode,this.performanceClient,e,this.platformAuthProvider)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return Ha(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e?.correlationId?e.correlationId:this.isBrowserEnvironment?da():""}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0lz9hf",t),this.acquireTokenRedirect({correlationId:t,...e||Bs})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0qw7v5",t),this.acquireTokenPopup({correlationId:t,...e||Bs})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(Za,t);r.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId,ssoCapable:this.getCachedSsoCapable()}),Jl(this.initialized,r,this.config,e),this.logger.verbose("0x1c4s",t);const o=e.account||this.getActiveAccount();if(!o)throw ss(Pi,t);return this.acquireTokenSilentDeduped(e,o,t).then(o=>(r.end({success:!0,fromCache:o.fromCache,accessTokenSize:o.accessToken.length,idTokenSize:o.idToken.length},void 0,o.account),{...o,state:e.state,correlationId:t})).catch(e=>{throw e instanceof Te&&(e.correlationId=t),r.end({success:!1},e,o),e})}async acquireTokenSilentDeduped(e,t,r){const o=In(this.config.auth.clientId,{...e,authority:e.authority||this.config.auth.authority},t.homeAccountId),n=JSON.stringify(o),i=this.activeSilentTokenRequests.get(n);if(void 0===i){this.logger.verbose("0fcjbk",r),this.performanceClient.addFields({deduped:!1},r);const o=mr(this.acquireTokenSilentAsync.bind(this),"acquireTokenSilentAsync",this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(n,o),o.finally(()=>{this.activeSilentTokenRequests.delete(n)})}return this.logger.verbose("1yq7nb",r),this.performanceClient.addFields({deduped:!0},r),i}async acquireTokenSilentAsync(t,r){const o=e=>this.trackStateChange(t.correlationId,e);this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_START,t.correlationId,e.InteractionType.Silent,t),t.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0,onlineStatusChangeCount:0},t.correlationId),this.addStateChangeListeners(o);const n=await mr(Zc,"initializeSilentRequest",this.logger,this.performanceClient,t.correlationId)(t,r,this.config,this.performanceClient,this.logger),i=t.cacheLookupPolicy||Js.Default;return this.acquireTokenSilentNoIframe(n,i).catch(async e=>{const r=function(e,t){const r=!(e instanceof an&&e.subError!==tn),o=e.errorCode===ls||e.errorCode===Qe,n=r&&o||e.errorCode===Go||e.errorCode===Vo,i=Ws.includes(t);return n&&i}(e,i);if(r){const r=`${e.errorCode}${e.subError?`|${e.subError}`:""}`;if(this.performanceClient.addFields({silentRefreshReason:r},t.correlationId),this.activeIframeRequest){if(i!==Js.Skip){const[t,r]=this.activeIframeRequest;this.logger.verbose(`1w8fso ${r}`,n.correlationId);const o=this.performanceClient.startMeasurement("awaitConcurrentIframe",n.correlationId);o.add({awaitIframeCorrelationId:r});const s=await t;if(o.end({success:s}),s)return this.logger.verbose(`0ywzzi ${r}`,n.correlationId),this.acquireTokenSilentNoIframe(n,i);throw this.logger.info(`17y14q ${r}`,n.correlationId),e}return this.logger.warning("1bd4p8",n.correlationId),mr(this.acquireTokenBySilentIframe.bind(this),jn,this.logger,this.performanceClient,n.correlationId)(n)}{let e;return this.activeIframeRequest=[new Promise(t=>{e=t}),n.correlationId],this.logger.verbose("0rh08z",n.correlationId),mr(this.acquireTokenBySilentIframe.bind(this),jn,this.logger,this.performanceClient,n.correlationId)(n).then(t=>(e(!0),t)).catch(t=>{throw e(!1),t}).finally(()=>{this.activeIframeRequest=void 0})}}throw e}).then(r=>(this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_SUCCESS,t.correlationId,e.InteractionType.Silent,r),t.correlationId&&this.performanceClient.addFields({fromCache:r.fromCache,isNativeBroker:r.fromPlatformBroker},t.correlationId),r)).catch(r=>{throw this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_FAILURE,t.correlationId,e.InteractionType.Silent,null,r),r}).finally(()=>{this.removeStateChangeListeners(o)})}async acquireTokenSilentNoIframe(t,r){return ql(this.config,this.logger,t.correlationId,this.platformAuthProvider,t.authenticationScheme)&&t.account.nativeAccountId?(this.logger.verbose("0sczo4",t.correlationId),this.performanceClient.addFields({isPlatformBrokerRequest:!0},t.correlationId),this.acquireTokenNative(t,Hs.acquireTokenSilent_silentFlow,t.account.nativeAccountId,r).catch(async e=>{if(this.performanceClient.addFields({brokerErrorName:e.name,brokerErrorCode:e.errorCode},t.correlationId),e instanceof sl&&al(e))throw this.logger.verbose("07rkmb",t.correlationId),this.platformAuthProvider=void 0,Se(Qe,t.correlationId);throw e})):(this.logger.verbose("0ox81t",t.correlationId),r===Js.AccessToken&&this.logger.verbose("0fvwxe",t.correlationId),mr(this.acquireTokenFromCache.bind(this),"acquireTokenFromCache",this.logger,this.performanceClient,t.correlationId)(t,r).catch(o=>{if(r===Js.AccessToken)throw o;return this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_NETWORK_START,t.correlationId,e.InteractionType.Silent,t),mr(this.acquireTokenByRefreshToken.bind(this),"acquireTokenByRefreshToken",this.logger,this.performanceClient,t.correlationId)(t,r)}))}async preGeneratePkceCodes(e){return this.logger.verbose("1x6uj6",e),this.pkceCode=await mr(Tl,ni,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,t?this.logger.verbose("12js1o",e):this.logger.verbose("1oe9ci",e),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}logMultipleInstances(e,t){const r=this.config.auth.clientId;if(!window)return;window.msal=window.msal||{},window.msal.clientIds=window.msal.clientIds||[];window.msal.clientIds.length>0&&this.logger.verbose("1qtz3l",t),window.msal.clientIds.push(r),function(e,t,r,o){const n=window.msal?.clientIds||[],i=n.length,s=n.filter(t=>t===e).length;s>1&&r.warning("1e88vg",o),t.add({msalInstanceCount:i,sameClientIdInstanceCount:s})}(r,e,this.logger,t)}}class Gl{static loggerCallback(t,r){switch(t){case e.LogLevel.Error:return void console.error(r);case e.LogLevel.Info:return void console.info(r);case e.LogLevel.Verbose:return void console.debug(r);case e.LogLevel.Warning:return void console.warn(r);default:return void console.log(r)}}constructor(t,r){let o;this.browserEnvironment="undefined"!=typeof window,this.config=Rl(t,this.browserEnvironment),this.responseHandlers=r;try{o=window[Ss.SessionStorage]}catch(e){}const n=o?.getItem(dc),i=o?.getItem(uc)?.toLowerCase(),s="true"===i||"false"!==i&&void 0,a={...this.config.system.loggerOptions},c=n&&Object.keys(e.LogLevel).includes(n)?e.LogLevel[n]:void 0;c&&(a.loggerCallback=Gl.loggerCallback,a.logLevel=c),void 0!==s&&(a.piiLoggingEnabled=s),this.logger=new To(a,Oc,Mc),this.available=!1}getConfig(){return this.config}getResponseHandlers(){return this.responseHandlers}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}class Ql extends Gl{getModuleName(){return Ql.MODULE_NAME}getId(){return Ql.ID}async initialize(e){return this.available="undefined"!=typeof window,this.available}}Ql.MODULE_NAME="",Ql.ID="StandardOperatingContext";const Vl="USER_INTERACTION_REQUIRED",Yl="USER_CANCEL",Zl="NO_NETWORK",Xl="TRANSIENT_ERROR",eh="PERSISTENT_ERROR",th="DISABLED",rh="ACCOUNT_UNAVAILABLE",oh="NESTED_APP_AUTH_UNAVAILABLE";class nh{constructor(e,t,r,o){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=o}toNaaTokenRequest(e){let t;t=void 0===e.extraQueryParameters?new Map:new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId||this.crypto.createNewGuid(),o=ao(e.claims,this.clientCapabilities),n=e.scopes||A;return{platformBrokerId:e.account?.homeAccountId,clientId:this.clientId,authority:e.authority,resource:e.resource,scope:n.join(" "),correlationId:r,claims:Yt.isEmptyObj(o)?void 0:o,state:e.state,authenticationScheme:e.authenticationScheme||ce.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token||!t.token.access_token)throw Se(Re,e.correlationId);const o=wr(r+(t.token.expires_in||0)),n=ht(t.token.id_token,this.crypto.base64Decode,e.correlationId),i=this.fromNaaAccountInfo(t.account,t.token.id_token,n),s=t.token.scope||e.scope;return{authority:t.token.authority||i.environment,uniqueId:i.localAccountId,tenantId:i.tenantId,scopes:s.split(" "),account:i,idToken:t.token.id_token,idTokenClaims:n,accessToken:t.token.access_token,fromCache:!1,expiresOn:o,tokenType:e.authenticationScheme||ce.BEARER,correlationId:e.correlationId,extExpiresOn:o,state:e.state}}fromNaaAccountInfo(e,t,r){const o=r||e.idTokenClaims,n=e.localAccountId||o?.oid||o?.sub||"",i=e.tenantId||wt(o)||"",s=e.homeAccountId||`${n}.${i}`,a=e.environment;if(!a)throw Se(Je,"");const c=o?.preferred_username||o?.upn,l=o?.emails?.[0]||null,h=e.username||c||l||"",d=e.name||o?.name||"",u=e.loginHint||o?.login_hint,g=new Map,p=gt(s,n,i,e.platformBrokerId,o);g.set(i,p);return{homeAccountId:s,environment:a,tenantId:i,username:h,localAccountId:n,name:d,loginHint:u,idToken:t,idTokenClaims:o,nativeAccountId:e.platformBrokerId,tenantProfiles:g}}fromBridgeError(e){if(!function(e){return void 0!==e.status}(e))return new Te("unknown_error","","An unknown error occurred");switch(e.status){case Yl:return new Ae(rt,"");case Zl:return new Ae(tt,"");case rh:return new Ae(We,"");case th:return new Ae(nt,"");case oh:return new Ae(e.code||nt,"",e.description);case Xl:case eh:return new hn(e.code||"","",e.description);case Vl:return new an(e.code||"","",e.description);default:return new Te(e.code||"","",e.description)}}toAuthenticationResultFromCache(e,t,r,o,n){if(!t||!r)throw Se(Re,n);const i=ht(t.secret,this.crypto.base64Decode,n),s=r.target||o.scopes.join(" ");return{authority:r.environment||e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:s.split(" "),account:e,idToken:t.secret,idTokenClaims:i||{},accessToken:r.secret,fromCache:!0,expiresOn:wr(r.expiresOn),extExpiresOn:wr(r.extendedExpiresOn),tokenType:o.authenticationScheme||ce.BEARER,correlationId:n,state:o.state}}}class ih extends Te{constructor(e,t,r){super(e,t,r),Object.setPrototypeOf(this,ih.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(e){return new ih("unsupported_method",e||"")}}class sh{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(void 0===t)throw new Error("unexpected: bridgeProxy is undefined");this.bridgeProxy=t,this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new Va(this.logger,this.performanceClient,!0):wo,this.eventHandler=new jc(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new Fc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,Nr(this.config.auth)):Dc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new nh(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r||null}static async createController(e){const t=new sh(e);return Promise.resolve(t)}async initialize(e,t){const r=e?.correlationId||da();return await this.browserStorage.initialize(r),Promise.resolve()}ensureValidRequest(e){return e?.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(t){const r=this.ensureValidRequest(t),o=r.correlationId||da();this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_START,o,e.InteractionType.Popup,r);const n=this.performanceClient.startMeasurement(ec,o);n.add({nestedAppAuthRequest:!0});try{$n(this.config.auth.isMcp,r);const i=this.nestedAppAuthAdapter.toNaaTokenRequest(r),s=yr(),a=await this.bridgeProxy.getTokenInteractive(i),c={...this.nestedAppAuthAdapter.fromNaaTokenResponse(i,a,s)};try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii(`1mwr91 ${e}`,o)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_SUCCESS,o,e.InteractionType.Popup,c),n.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),n.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const i=r instanceof Te?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_FAILURE,o,e.InteractionType.Popup,null,r),n.end({success:!1},r,t.account),i}}async acquireTokenSilentInternal(t){const r=this.ensureValidRequest(t),o=r.correlationId||da();this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_START,o,e.InteractionType.Silent,r);const n=await this.acquireTokenFromCache(r);if(n)return this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_SUCCESS,o,e.InteractionType.Silent,n),n;const i=this.performanceClient.startMeasurement(oc,o);i.increment({visibilityChangeCount:0}),i.add({nestedAppAuthRequest:!0});try{$n(this.config.auth.isMcp,r);const n=this.nestedAppAuthAdapter.toNaaTokenRequest(r);n.forceRefresh=r.forceRefresh;const s=yr(),a=await this.bridgeProxy.getTokenSilent(n),c=this.nestedAppAuthAdapter.fromNaaTokenResponse(n,a,s);try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii(`1mwr91 ${e}`,o)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_SUCCESS,o,e.InteractionType.Silent,c),i?.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),i?.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const n=r instanceof Te?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_FAILURE,o,e.InteractionType.Silent,null,r),i?.end({success:!1},r,t.account),n}}async acquireTokenFromCache(t){const r=t.correlationId||da(),o=this.performanceClient.startMeasurement(Za,r);if(o?.add({nestedAppAuthRequest:!0}),t.claims)return this.logger.verbose("11t57w",r),null;if(t.forceRefresh)return this.logger.verbose("1ovnmo",r),null;let n=null;switch(t.cacheLookupPolicy||(t.cacheLookupPolicy=Js.Default),t.cacheLookupPolicy){case Js.Default:case Js.AccessToken:case Js.AccessTokenAndRefreshToken:n=await this.acquireTokenFromCacheInternal(t);break;default:return null}return n?(this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,n),o.add({accessTokenSize:n.accessToken.length,idTokenSize:n.idToken.length}),o.end({success:!0},void 0,n.account),n):(this.logger.warning("1yb4fi",r),this.eventHandler.emitEvent(Rc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null),o.end({success:!1},void 0,t.account),null)}async acquireTokenFromCacheInternal(e){const t=this.bridgeProxy.getAccountContext()||this.currentAccountContext,r=e.correlationId||da();let o=null;if(t&&(o=Kc(t,this.logger,this.browserStorage,r)),!o)return this.logger.verbose("10qnr0",r),Promise.resolve(null);this.logger.verbose("1u7hux",r);const n={...e,correlationId:r,authority:e.authority||o.environment,scopes:e.scopes?.length?e.scopes:[...A]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(o,n,i,o.tenantId);if(!s)return this.logger.verbose("03vm49",r),Promise.resolve(null);if(kr(s.cachedAt)||Cr(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("18egye",r),Promise.resolve(null);if(n.resource){const e=n.resource,t=s.resource;if(!t||t!==e)return this.logger.verbose("0qraxd",r),Promise.resolve(null)}const a=this.browserStorage.getIdToken(o,n.correlationId,i,o.tenantId);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(o,a,s,n,n.correlationId):(this.logger.verbose("0d68kd",r),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw ih.createUnsupportedError(e?.correlationId)}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw ih.createUnsupportedError(e?.correlationId)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw ih.createUnsupportedError()}removePerformanceCallback(e){throw ih.createUnsupportedError()}getAllAccounts(e){return $c(this.logger,this.browserStorage,this.isBrowserEnv(),da(),e)}getAccount(e){return Kc(e,this.logger,this.browserStorage,da())}setActiveAccount(e){return Bc(e,this.browserStorage,da())}getActiveAccount(){return zc(this.browserStorage,da())}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e||Bs)}loginRedirect(e){throw ih.createUnsupportedError(e?.correlationId)}logoutRedirect(e){throw ih.createUnsupportedError(e?.correlationId)}logoutPopup(e){throw ih.createUnsupportedError(e?.correlationId)}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("1k8729","")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw ih.createUnsupportedError()}getRedirectResponse(){throw ih.createUnsupportedError()}async clearCache(e){throw ih.createUnsupportedError(e?.correlationId)}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=kt(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,dt(e.idTokenClaims),Hs.hydrateCache),this.browserStorage.hydrateCache(e,t)}}class ah{static async initializeNestedAppAuthBridge(){if(void 0===window)throw new Error("window is undefined");if(void 0===window.nestedAppAuthBridge)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",e=>{const t="string"==typeof e?e:e.data,r=JSON.parse(t),o=ah.bridgeRequests.find(e=>e.requestId===r.requestId);void 0!==o&&(ah.bridgeRequests.splice(ah.bridgeRequests.indexOf(o),1),r.success?o.resolve(r):o.reject(r.error))});const e=await new Promise((e,t)=>{const r=ah.buildRequest("GetInitContext"),o={requestId:r.requestId,method:r.method,resolve:e,reject:t};ah.bridgeRequests.push(o),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))});return ah.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:ah.validateBridgeResultOrThrow(r.token),account:ah.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:da(),sendTime:Date.now(),clientLibrary:gs,clientLibraryVersion:Mc,...t}}sendRequest(e,t){const r=ah.buildRequest(e,t);return new Promise((e,t)=>{const o={requestId:r.requestId,method:r.method,resolve:e,reject:t};ah.bridgeRequests.push(o),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))})}static validateBridgeResultOrThrow(e){if(void 0===e){throw{status:oh}}return e}constructor(e,t,r,o){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=o}static async create(){const e=await ah.initializeNestedAppAuthBridge();return new ah(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}ah.bridgeRequests=[];class ch extends Gl{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return ch.MODULE_NAME}getId(){return ch.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(e){const t=e||"";try{if("undefined"!=typeof window){"function"==typeof window.__initializeNestedAppAuth&&await window.__initializeNestedAppAuth();const e=await ah.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=void 0!==e}}catch(e){this.logger.infoPii(`1mdxyj ${e}`,t)}return this.logger.info(`12jy9a ${this.available}`,t),this.available}}ch.MODULE_NAME="",ch.ID="NestedAppOperatingContext";class lh{constructor(e,t){this.controller=t||new Wl(new Ql(e,{waitForPopupResponse:this.waitForPopupResponse.bind(this),waitForIframeResponse:this.waitForIframeResponse.bind(this)}))}async waitForPopupResponse(e,t,r){const o=this.controller;return xa(o.getConfiguration().system.popupBridgeTimeout,o.getLogger(),e,o.getPerformanceClient())}async waitForIframeResponse(e,t){const r=this.controller,o=r.getConfiguration();return xa(o.system.iframeBridgeTimeout,r.getLogger(),t,r.getPerformanceClient(),o.experimental)}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}getAccount(e){return this.controller.getAccount(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function hh(e){const t=new lh(e);return await t.initialize(),t}const dh={initialize:()=>Promise.reject(Aa(va,"")),acquireTokenPopup:()=>Promise.reject(Aa(va,"")),acquireTokenRedirect:()=>Promise.reject(Aa(va,"")),acquireTokenSilent:()=>Promise.reject(Aa(va,"")),acquireTokenByCode:()=>Promise.reject(Aa(va,"")),getAllAccounts:()=>[],getAccount:()=>null,handleRedirectPromise:()=>Promise.reject(Aa(va,"")),loginPopup:()=>Promise.reject(Aa(va,"")),loginRedirect:()=>Promise.reject(Aa(va,"")),logoutRedirect:()=>Promise.reject(Aa(va,"")),logoutPopup:()=>Promise.reject(Aa(va,"")),ssoSilent:()=>Promise.reject(Aa(va,"")),addEventCallback:()=>null,removeEventCallback:()=>{},addPerformanceCallback:()=>"",removePerformanceCallback:()=>!1,getLogger:()=>{throw Aa(va,"")},setLogger:()=>{},setActiveAccount:()=>{},getActiveAccount:()=>null,initializeWrapperLibrary:()=>{},setNavigationClient:()=>{},getConfiguration:()=>{throw Aa(va,"")},hydrateCache:()=>Promise.reject(Aa(va,"")),clearCache:()=>Promise.reject(Aa(va,""))};async function uh(e,t,r,o,n,i,s,a,c){if(n.verbose("0ke46k",r),e.account){const t=kt(e.account);return await o.setAccount(t,r,dt(a||{}),Hs.loadExternalTokens),t}if(!t&&!a)throw n.error("0hzcn4",r),ss(Fi,"");const l=Tt(t,s.authorityType,n,i,r,a),h=a?.tid,d=pn(o,s,l,as,r,a,t,s.getPreferredCache(),h,void 0,void 0,n,c);return await o.setAccount(d,r,dt(a||{}),Hs.loadExternalTokens),d}async function gh(e,t,r,o,n,i,s,a,c){if(!e.id_token)return a.verbose("1pm7g1",i),null;a.verbose("168lyi",i);const l=Tr(t,r,e.id_token,c,o);return await s.setIdTokenCredential(l,i,n),l}async function ph(e,t,r,o,n,i,s,a,c,l,h){if(!t.access_token)return l.verbose("1ckp9e",a),null;if(!t.expires_in)return l.error("15mzx8",a),null;if(!(t.scope||e.scopes&&e.scopes.length))return l.error("1h7xse",a),null;l.verbose("01kmxb",a);const d=t.scope?Lr.fromString(t.scope,a):new Lr(e.scopes,a),u=s.expiresOn||t.expires_in+yr(),g=s.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+yr(),p=br(r,o,t.access_token,h,n,d.printScopes(),u,g,as,a);return await c.setAccessTokenCredential(p,a,i),p}async function mh(e,t,r,o,n,i,s,a,c){if(!e.refresh_token)return s.verbose("1l7um5",n),null;const l=e.refresh_token_expires_in?e.refresh_token_expires_in+yr():void 0;c.addFields({extRtExpiresOnSeconds:l},n),s.verbose("0qy8ev",n);const h=Ar(t,r,e.refresh_token,a,e.foci,void 0,l);return await i.setRefreshTokenCredential(h,n,o),h}function fh(){let e;try{e=window[Ss.SessionStorage];const t=e?.getItem(gc);if(1===Number(t))return Promise.resolve().then(function(){return Ch})}catch(e){}}function yh(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.now}function Ih(e){if(e&&yh())return Math.round(window.performance.now()-e)}class wh{constructor(e,t){this.correlationId=t,this.measureName=wh.makeMeasureName(e,t),this.startMark=wh.makeStartMark(e,t),this.endMark=wh.makeEndMark(e,t)}static makeMeasureName(e,t){return`msal.measure.${e}.${t}`}static makeStartMark(e,t){return`msal.start.${e}.${t}`}static makeEndMark(e,t){return`msal.end.${e}.${t}`}static supportsBrowserPerformance(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.mark&&"function"==typeof window.performance.measure&&"function"==typeof window.performance.clearMarks&&"function"==typeof window.performance.clearMeasures&&"function"==typeof window.performance.getEntriesByName}static flushMeasurements(e,t){if(wh.supportsBrowserPerformance())try{t.forEach(t=>{const r=wh.makeMeasureName(t.name,e);window.performance.getEntriesByName(r,"measure").length>0&&(window.performance.clearMeasures(r),window.performance.clearMarks(wh.makeStartMark(r,e)),window.performance.clearMarks(wh.makeEndMark(r,e)))})}catch(e){}}startMeasurement(){if(wh.supportsBrowserPerformance())try{window.performance.mark(this.startMark)}catch(e){}}endMeasurement(){if(wh.supportsBrowserPerformance())try{window.performance.mark(this.endMark),window.performance.measure(this.measureName,this.startMark,this.endMark)}catch(e){}}flushMeasurement(){if(wh.supportsBrowserPerformance())try{const e=window.performance.getEntriesByName(this.measureName,"measure");if(e.length>0){const t=e[0].duration;return window.performance.clearMeasures(this.measureName),window.performance.clearMarks(this.startMark),window.performance.clearMarks(this.endMark),t}}catch(e){}return null}}var Ch=Object.freeze({__proto__:null,BrowserPerformanceMeasurement:wh});const vh=ce,kh=W,Th=z,bh=ve,Ah=A;e.ApiId=Hs,e.AuthError=Te,e.AuthErrorCodes=At,e.AuthenticationHeaderParser=class{constructor(e){this.headers=e}getShrNonce(){const e=this.headers[M];if(e){const t=this.parseChallenges(e);if(t.nextnonce)return t.nextnonce;throw _t(Bt,"")}const t=this.headers[O];if(t){const e=this.parseChallenges(t);if(e.nonce)return e.nonce;throw _t(Bt,"")}throw _t(Kt,"")}parseChallenges(e){const t=e.indexOf(" "),r=e.substr(t+1).split(","),o={};return r.forEach(e=>{const[t,r]=e.split("=");o[t]=unescape(r.replace(/['"]+/g,""))}),o}},e.AuthenticationScheme=vh,e.AzureCloudInstance=ir,e.BrowserAuthError=is,e.BrowserAuthErrorCodes=os,e.BrowserCacheLocation=Ss,e.BrowserConfigurationAuthError=ba,e.BrowserConfigurationAuthErrorCodes=Ta,e.BrowserPerformanceClient=class extends qn{constructor(e,t){super(e.auth.clientId,e.auth.authority||`${h}`,new To(e.system?.loggerOptions||{},Oc,Mc),Oc,Mc,e.telemetry?.application||{appName:"",appVersion:""},t)}generateId(){return da()}getPageVisibility(){return document.visibilityState?.toString()||null}getOnlineStatus(){return"undefined"!=typeof navigator?navigator.onLine:null}deleteIncompleteSubMeasurements(e){fh()?.then(t=>{const r=this.eventsByCorrelationId.get(e.event.correlationId),o=r&&r.eventId===e.event.eventId,n=[];o&&r?.incompleteSubMeasurements&&r.incompleteSubMeasurements.forEach(e=>{n.push({...e})}),t.BrowserPerformanceMeasurement.flushMeasurements(e.event.correlationId,n)})}startMeasurement(e,t){const r=this.getPageVisibility(),o=this.getOnlineStatus(),n=super.startMeasurement(e,t),i=yh()?window.performance.now():void 0,s=fh()?.then(t=>new t.BrowserPerformanceMeasurement(e,n.event.correlationId));return s?.then(e=>e.startMeasurement()),{...n,end:(e,t,a)=>{const c=function(){if("undefined"==typeof window||!window.navigator)return{};const e="connection"in window.navigator?window.navigator.connection:void 0;return{effectiveType:e?.effectiveType,rtt:e?.rtt}}(),l=n.end({...e,startPageVisibility:r,startOnlineStatus:o,endPageVisibility:this.getPageVisibility(),durationMs:Ih(i),networkEffectiveType:c.effectiveType,networkRtt:c.rtt},t,a);return s?.then(e=>e.endMeasurement()),this.deleteIncompleteSubMeasurements(n),l},discard:()=>{n.discard(),s?.then(e=>e.flushMeasurement()),this.deleteIncompleteSubMeasurements(n)}}}},e.BrowserPerformanceMeasurement=wh,e.BrowserRootPerformanceEvents=cc,e.BrowserUtils=Ja,e.CacheLookupPolicy=Js,e.ClientAuthError=Ae,e.ClientAuthErrorCodes=at,e.ClientConfigurationError=St,e.ClientConfigurationErrorCodes=Vt,e.DEFAULT_IFRAME_TIMEOUT_MS=1e4,e.EventHandler=jc,e.EventMessageUtils=class{static getInteractionStatusFromEvent(t,r){switch(t.eventType){case Rc.ACQUIRE_TOKEN_START:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup)return Ks.AcquireToken;break;case Rc.HANDLE_REDIRECT_START:return Ks.HandleRedirect;case Rc.LOGOUT_START:return Ks.Logout;case Rc.LOGOUT_END:if(r&&r!==Ks.Logout)break;return Ks.None;case Rc.HANDLE_REDIRECT_END:if(r&&r!==Ks.HandleRedirect)break;return Ks.None;case Rc.ACQUIRE_TOKEN_SUCCESS:case Rc.ACQUIRE_TOKEN_FAILURE:case Rc.RESTORE_FROM_BFCACHE:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup){if(r&&r!==Ks.AcquireToken)break;return Ks.None}}return null}},e.EventType=Rc,e.InteractionRequiredAuthError=an,e.InteractionRequiredAuthErrorCodes=on,e.InteractionStatus=Ks,e.JsonWebTokenTypes=bh,e.LocalStorage=Ec,e.Logger=To,e.MemoryStorage=Ga,e.NavigationClient=Sl,e.OIDC_DEFAULT_SCOPES=Ah,e.PromptValue=Th,e.ProtocolMode=Ct,e.PublicClientApplication=lh,e.ResponseMode=kh,e.ServerError=hn,e.SessionStorage=Pc,e.SignedHttpRequest=class{constructor(e,t){const r=t&&t.loggerOptions||{};this.logger=new To(r,Oc,Mc),this.cryptoOps=new Va(this.logger),this.popTokenGenerator=new Wo(this.cryptoOps,new No),this.shrParameters=e}async generatePublicKeyThumbprint(){const{kid:e}=await this.popTokenGenerator.generateKid(this.shrParameters);return e}async signRequest(e,t,r){return this.popTokenGenerator.signPayload(e,t,this.shrParameters,r)}async removeKeys(e,t){return this.cryptoOps.removeTokenBindingKey(e,t)}},e.StubPerformanceClient=No,e.WrapperSKU={React:"@azure/msal-react",Angular:"@azure/msal-angular"},e.createNestablePublicClientApplication=async function(e,t,r){const o=new ch(e);if(await o.initialize(t),o.isAvailable()){const n=t||da(),i=new sh(o),s=r?r(e,i):new lh(e,i);return await s.initialize({correlationId:n}),s}return hh(e)},e.createStandardPublicClientApplication=hh,e.enforceResourceParameter=$n,e.isPlatformBrokerAvailable=async function(e,t,r,o){const n=new To(t||{},Oc,Mc),i=r||new No;return"undefined"==typeof window?(n.trace("082ed3",o||da()),!1):!!await xl(n,i,o||da(),void 0,e)},e.loadExternalTokens=async function(e,t,r,o,n=new No){Ha();const i=Rl(e,!0),s=t.correlationId||da(),a=n.startMeasurement(sc,s);try{const c=r.id_token?ht(r.id_token,as,s):void 0,l=dt(c||{}),h={protocolMode:i.system.protocolMode,knownAuthorities:i.auth.knownAuthorities,cloudDiscoveryMetadata:i.auth.cloudDiscoveryMetadata,authorityMetadata:i.auth.authorityMetadata},d=new To(i.system.loggerOptions||{},Oc,Mc),u=new Va(d,i.telemetry.client),g=new Fc(i.auth.clientId,i.cache,u,d,i.telemetry.client,new jc(d),Nr(i.auth));await g.initialize(s);const p=t.authority||i.auth.authority,m=await Ur(xr.generateAuthority(p,t.azureCloudOptions),i.system.networkClient,g,h,d,s,n),f=await mr(uh,"loadAccount",d,n,s)(t,o.clientInfo||r.client_info||"",s,g,d,u,m,c,n),y=await mr(gh,"loadIdToken",d,n,s)(r,f.homeAccountId,f.environment,f.realm,l,s,g,d,e.auth.clientId),I=await mr(ph,"loadAccessToken",d,n,s)(t,r,f.homeAccountId,f.environment,f.realm,l,o,s,g,d,e.auth.clientId),w=await mr(mh,"loadRefreshToken",d,n,s)(r,f.homeAccountId,f.environment,l,s,g,d,e.auth.clientId,n);return a.end({success:!0},void 0,vt(f)),function(e,t,r,o){let n,i="",s=[],a=null;t?.accessToken&&(i=t.accessToken.secret,s=Lr.fromString(t.accessToken.target,e.correlationId||"").asArray(),a=wr(t.accessToken.expiresOn),n=wr(t.accessToken.extendedExpiresOn));const c=t.account;return{authority:r.canonicalAuthority,uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:vt(c),idToken:t.idToken?.secret||"",idTokenClaims:o||{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId||"",requestId:"",extExpiresOn:n,familyId:t.refreshToken?.familyId||"",tokenType:t?.accessToken?.tokenType||"",state:e.state||"",cloudGraphHostName:c.cloudGraphHostName||"",msGraphHost:c.msGraphHost||"",fromPlatformBroker:!1}}(t,{account:f,idToken:y,accessToken:I,refreshToken:w},m,c)}catch(e){throw a.end({success:!1},e),e}},e.stubbedPublicClientApplication=dh,e.version=Mc});
|