@azure/msal-browser 5.16.0 → 5.17.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/IPublicClientApplication.mjs.map +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs.map +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AccountManager.mjs.map +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs.map +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CacheKeys.mjs.map +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/CookieStorage.mjs.map +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs.map +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/LocalStorage.mjs.map +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs.map +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs.map +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/cache/TokenCache.mjs.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.mjs +2 -2
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +61 -12
- package/dist/crypto/BrowserCrypto.mjs.map +1 -1
- package/dist/crypto/CryptoOps.mjs +6 -12
- package/dist/crypto/CryptoOps.mjs.map +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs.map +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom_auth/CustomAuthPublicClientApplication.mjs.map +1 -1
- package/dist/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom_auth/controller/CustomAuthStandardController.mjs.map +1 -1
- package/dist/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom_auth/core/CustomAuthAuthority.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs.map +1 -1
- package/dist/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom_auth/core/error/CustomAuthApiError.mjs.map +1 -1
- package/dist/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom_auth/core/error/CustomAuthError.mjs.map +1 -1
- package/dist/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom_auth/core/error/HttpError.mjs.map +1 -1
- package/dist/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom_auth/core/error/InvalidArgumentError.mjs.map +1 -1
- package/dist/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom_auth/core/error/InvalidConfigurationError.mjs.map +1 -1
- package/dist/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom_auth/core/error/MethodNotImplementedError.mjs.map +1 -1
- package/dist/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom_auth/core/error/MsalCustomAuthError.mjs.map +1 -1
- package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs.map +1 -1
- package/dist/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom_auth/core/error/ParsedUrlError.mjs.map +1 -1
- package/dist/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom_auth/core/error/UnexpectedError.mjs.map +1 -1
- package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs.map +1 -1
- package/dist/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom_auth/core/error/UserAccountAttributeError.mjs.map +1 -1
- package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs.map +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs.map +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs.map +1 -1
- package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs.map +1 -1
- package/dist/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs.map +1 -1
- package/dist/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs.map +1 -1
- package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs.map +1 -1
- package/dist/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom_auth/core/utils/ArgumentValidator.mjs.map +1 -1
- package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs +1 -1
- package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs.map +1 -1
- package/dist/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom_auth/core/utils/UrlUtils.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs.map +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs.map +1 -1
- package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs.map +1 -1
- package/dist/custom_auth/index.mjs +1 -1
- package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs.map +1 -1
- package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs.map +1 -1
- package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs.map +1 -1
- package/dist/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs.map +1 -1
- package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs.map +1 -1
- package/dist/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs.map +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +4 -2
- package/dist/error/BrowserAuthErrorCodes.mjs.map +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs.map +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthError.mjs.map +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs.map +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventHandler.mjs.map +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventMessage.mjs.map +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/event/EventType.mjs.map +1 -1
- package/dist/index.mjs +1 -1
- package/dist/index.mjs.map +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +77 -10
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/log-strings-mapping.json +7 -3
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +2 -2
- package/dist/naa/BridgeProxy.mjs.map +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs.map +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/network/FetchClient.mjs.map +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs.map +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs.map +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs.map +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/popup_relay/constants.mjs +21 -0
- package/dist/popup_relay/constants.mjs.map +1 -0
- package/dist/popup_relay/index.mjs +163 -0
- package/dist/popup_relay/index.mjs.map +1 -0
- package/dist/popup_relay/relayClient.mjs +114 -0
- package/dist/popup_relay/relayClient.mjs.map +1 -0
- package/dist/protocol/Authorize.mjs +42 -24
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/redirect_bridge/index.mjs +1 -1
- package/dist/redirect_bridge/index.mjs.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/request/RequestHelpers.mjs.map +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs.map +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs.map +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs.map +1 -1
- package/dist/utils/BrowserUtils.mjs +2 -2
- package/dist/utils/BrowserUtils.mjs.map +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/Helpers.mjs.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +7 -3
- package/lib/custom-auth-path/msal-custom-auth.cjs +6047 -5793
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/msal-custom-auth.js +6047 -5793
- package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
- package/lib/log-strings-mapping.json +7 -3
- package/lib/msal-browser.cjs +6875 -6613
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +6875 -6613
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/popup-relay/msal-popup-relay.cjs +278 -0
- package/lib/popup-relay/msal-popup-relay.cjs.map +1 -0
- package/lib/popup-relay/msal-popup-relay.js +284 -0
- package/lib/popup-relay/msal-popup-relay.js.map +1 -0
- package/lib/popup-relay/msal-popup-relay.min.js +2 -0
- package/lib/redirect-bridge/msal-redirect-bridge.cjs +39 -39
- package/lib/redirect-bridge/msal-redirect-bridge.cjs.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.js +39 -39
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
- package/package.json +14 -3
- package/scripts/README.md +112 -0
- package/scripts/decode-logs.cjs +822 -0
- package/src/config/Configuration.ts +18 -0
- package/src/crypto/BrowserCrypto.ts +104 -9
- package/src/crypto/CryptoOps.ts +13 -12
- package/src/error/BrowserAuthErrorCodes.ts +2 -0
- package/src/interaction_client/PopupClient.ts +137 -23
- package/src/packageMetadata.ts +1 -1
- package/src/popup_relay/constants.ts +17 -0
- package/src/popup_relay/index.ts +221 -0
- package/src/popup_relay/relayClient.ts +178 -0
- package/src/protocol/Authorize.ts +76 -27
- package/types/config/Configuration.d.ts +16 -0
- package/types/config/Configuration.d.ts.map +1 -1
- package/types/crypto/BrowserCrypto.d.ts +19 -5
- package/types/crypto/BrowserCrypto.d.ts.map +1 -1
- package/types/crypto/CryptoOps.d.ts.map +1 -1
- package/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/types/error/BrowserAuthErrorCodes.d.ts +2 -0
- package/types/error/BrowserAuthErrorCodes.d.ts.map +1 -1
- package/types/interaction_client/PopupClient.d.ts +13 -0
- package/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/types/packageMetadata.d.ts +1 -1
- package/types/popup_relay/constants.d.ts +13 -0
- package/types/popup_relay/constants.d.ts.map +1 -0
- package/types/popup_relay/index.d.cts +1 -0
- package/types/popup_relay/index.d.ts +42 -0
- package/types/popup_relay/index.d.ts.map +1 -0
- package/types/popup_relay/relayClient.d.ts +43 -0
- package/types/popup_relay/relayClient.d.ts.map +1 -0
- package/types/protocol/Authorize.d.ts +25 -0
- package/types/protocol/Authorize.d.ts.map +1 -1
|
@@ -0,0 +1,221 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3
|
+
* Licensed under the MIT License.
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
import { POPUP_RELAY_RESPONSE_TYPE } from "./constants.js";
|
|
7
|
+
import {
|
|
8
|
+
BrowserAuthErrorCodes,
|
|
9
|
+
createBrowserAuthError,
|
|
10
|
+
} from "../error/BrowserAuthError.js";
|
|
11
|
+
import { createForm } from "../protocol/Authorize.js";
|
|
12
|
+
import { PopupWindowAttributes } from "../request/PopupWindowAttributes.js";
|
|
13
|
+
|
|
14
|
+
/** Options for {@link runPopupRelay}. */
|
|
15
|
+
export type PopupRelayOptions = {
|
|
16
|
+
/**
|
|
17
|
+
* Sizing/positioning for the IdP child popup the relay page opens. Same
|
|
18
|
+
* shape as `PopupRequest.popupWindowAttributes` (`popupSize` with width and
|
|
19
|
+
* height, `popupPosition` with top and left). Defaults to a 520x640 window.
|
|
20
|
+
*/
|
|
21
|
+
popupWindowAttributes?: PopupWindowAttributes;
|
|
22
|
+
/**
|
|
23
|
+
* How long (ms) to wait for the IdP child popup to deliver a response
|
|
24
|
+
* before giving up. Defaults to 300000 (5 minutes).
|
|
25
|
+
*/
|
|
26
|
+
timeoutMs?: number;
|
|
27
|
+
};
|
|
28
|
+
|
|
29
|
+
type PopupRelayRequest = { id: string } & (
|
|
30
|
+
| { method: "GET"; url: string }
|
|
31
|
+
| { method: "POST"; action: string; fields: Record<string, string> }
|
|
32
|
+
);
|
|
33
|
+
|
|
34
|
+
const DEFAULT_POPUP_RELAY_TIMEOUT_MS = 300000;
|
|
35
|
+
const DEFAULT_POPUP_RELAY_WIDTH = 520;
|
|
36
|
+
const DEFAULT_POPUP_RELAY_HEIGHT = 640;
|
|
37
|
+
|
|
38
|
+
/**
|
|
39
|
+
* Builds the `window.open` features string for the IdP child popup from a
|
|
40
|
+
* {@link PopupWindowAttributes}, mirroring the shape used by
|
|
41
|
+
* `PopupRequest.popupWindowAttributes`.
|
|
42
|
+
*/
|
|
43
|
+
function buildChildPopupFeatures(attributes?: PopupWindowAttributes): string {
|
|
44
|
+
const width = attributes?.popupSize?.width || DEFAULT_POPUP_RELAY_WIDTH;
|
|
45
|
+
const height = attributes?.popupSize?.height || DEFAULT_POPUP_RELAY_HEIGHT;
|
|
46
|
+
const features = [`width=${width}`, `height=${height}`];
|
|
47
|
+
if (attributes?.popupPosition?.top !== undefined) {
|
|
48
|
+
features.push(`top=${attributes.popupPosition.top}`);
|
|
49
|
+
}
|
|
50
|
+
if (attributes?.popupPosition?.left !== undefined) {
|
|
51
|
+
features.push(`left=${attributes.popupPosition.left}`);
|
|
52
|
+
}
|
|
53
|
+
features.push("scrollbars=yes");
|
|
54
|
+
return features.join(",");
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
/**
|
|
58
|
+
* Entry point for the top-level "popup-relay" page referenced by
|
|
59
|
+
* `auth.popupRelayUri`. Call this from the relay page (which MSAL opens as a
|
|
60
|
+
* top-level popup from inside an embedded, cross-origin iframe). It:
|
|
61
|
+
*
|
|
62
|
+
* 1. Reads the IdP navigation MSAL passed in this page's hash (a GET URL, or a
|
|
63
|
+
* POST form for the form_post / EAR response modes), then scrubs the hash.
|
|
64
|
+
* 2. Opens the IdP child popup and performs that navigation (the relay page
|
|
65
|
+
* stays put, so its `window.opener` link back to the embedded frame
|
|
66
|
+
* survives COOP).
|
|
67
|
+
* 3. Waits for the child's redirect URI page (which must run the redirect
|
|
68
|
+
* bridge, `broadcastResponseToMainFrame`) to broadcast the raw auth
|
|
69
|
+
* response over a same-origin `BroadcastChannel`.
|
|
70
|
+
* 4. Relays that raw response back to the embedded frame via
|
|
71
|
+
* `opener.postMessage`, posting only to its own (same) origin, then closes.
|
|
72
|
+
*
|
|
73
|
+
* The embedded frame keeps the PKCE verifier (and EAR private key) and exchanges
|
|
74
|
+
* the relayed response itself — no token, verifier, or private key ever crosses
|
|
75
|
+
* a window boundary.
|
|
76
|
+
*
|
|
77
|
+
* Note: the child popup is opened when this function runs, so call it from a
|
|
78
|
+
* user gesture (e.g. a "Continue" button click) to avoid popup blockers.
|
|
79
|
+
*
|
|
80
|
+
* @param options - {@link PopupRelayOptions}
|
|
81
|
+
*/
|
|
82
|
+
export function runPopupRelay(options?: PopupRelayOptions): void {
|
|
83
|
+
const opener = window.opener as Window | null;
|
|
84
|
+
const targetOrigin = window.location.origin;
|
|
85
|
+
|
|
86
|
+
const hashParams = new URLSearchParams(
|
|
87
|
+
window.location.hash.replace(/^#/, "")
|
|
88
|
+
);
|
|
89
|
+
const rawReq = hashParams.get("req") || "";
|
|
90
|
+
|
|
91
|
+
// Scrub the relayed request out of the relay page's own URL immediately.
|
|
92
|
+
if (typeof window.history.replaceState === "function") {
|
|
93
|
+
window.history.replaceState(
|
|
94
|
+
null,
|
|
95
|
+
"",
|
|
96
|
+
window.location.origin + window.location.pathname
|
|
97
|
+
);
|
|
98
|
+
}
|
|
99
|
+
|
|
100
|
+
if (!opener) {
|
|
101
|
+
throw createBrowserAuthError(
|
|
102
|
+
BrowserAuthErrorCodes.popupRelayUnsupportedFlow,
|
|
103
|
+
"",
|
|
104
|
+
"popup_relay_no_opener"
|
|
105
|
+
);
|
|
106
|
+
}
|
|
107
|
+
|
|
108
|
+
let request: PopupRelayRequest;
|
|
109
|
+
try {
|
|
110
|
+
request = JSON.parse(rawReq) as PopupRelayRequest;
|
|
111
|
+
} catch (e) {
|
|
112
|
+
throw createBrowserAuthError(
|
|
113
|
+
BrowserAuthErrorCodes.popupRelayUnsupportedFlow,
|
|
114
|
+
"",
|
|
115
|
+
"popup_relay_bad_request"
|
|
116
|
+
);
|
|
117
|
+
}
|
|
118
|
+
if (!request || !request.id) {
|
|
119
|
+
throw createBrowserAuthError(
|
|
120
|
+
BrowserAuthErrorCodes.popupRelayUnsupportedFlow,
|
|
121
|
+
"",
|
|
122
|
+
"popup_relay_bad_request"
|
|
123
|
+
);
|
|
124
|
+
}
|
|
125
|
+
|
|
126
|
+
const id = request.id;
|
|
127
|
+
const channel = new BroadcastChannel(id);
|
|
128
|
+
let settled = false;
|
|
129
|
+
/*
|
|
130
|
+
* Timer handles are kept on a const holder so relay() (declared before the
|
|
131
|
+
* timers are created) can clear them — `let` handles trip prefer-const, and
|
|
132
|
+
* `const` handles can't be referenced before assignment (TDZ).
|
|
133
|
+
*/
|
|
134
|
+
const timers: {
|
|
135
|
+
closedPoll?: number;
|
|
136
|
+
timeoutId?: number;
|
|
137
|
+
} = {};
|
|
138
|
+
|
|
139
|
+
const relay = (message: { payload?: string; error?: string }): void => {
|
|
140
|
+
if (settled) {
|
|
141
|
+
return;
|
|
142
|
+
}
|
|
143
|
+
settled = true;
|
|
144
|
+
try {
|
|
145
|
+
channel.close();
|
|
146
|
+
} catch (e) {
|
|
147
|
+
/* ignore */
|
|
148
|
+
}
|
|
149
|
+
clearInterval(timers.closedPoll);
|
|
150
|
+
clearTimeout(timers.timeoutId);
|
|
151
|
+
opener.postMessage(
|
|
152
|
+
{ type: POPUP_RELAY_RESPONSE_TYPE, id, ...message },
|
|
153
|
+
targetOrigin
|
|
154
|
+
);
|
|
155
|
+
setTimeout(() => {
|
|
156
|
+
try {
|
|
157
|
+
window.close();
|
|
158
|
+
} catch (e) {
|
|
159
|
+
/* ignore */
|
|
160
|
+
}
|
|
161
|
+
}, 0);
|
|
162
|
+
};
|
|
163
|
+
|
|
164
|
+
// The redirect bridge broadcasts the raw auth response payload here.
|
|
165
|
+
channel.onmessage = (event: MessageEvent): void => {
|
|
166
|
+
const payload = event.data && event.data.payload;
|
|
167
|
+
if (payload) {
|
|
168
|
+
relay({ payload });
|
|
169
|
+
}
|
|
170
|
+
};
|
|
171
|
+
|
|
172
|
+
const features = buildChildPopupFeatures(options?.popupWindowAttributes);
|
|
173
|
+
const childPopup =
|
|
174
|
+
request.method === "POST"
|
|
175
|
+
? window.open("about:blank", "msalPopupRelayChild", features)
|
|
176
|
+
: window.open(request.url, "msalPopupRelayChild", features);
|
|
177
|
+
|
|
178
|
+
if (!childPopup) {
|
|
179
|
+
relay({ error: BrowserAuthErrorCodes.popupWindowError });
|
|
180
|
+
return;
|
|
181
|
+
}
|
|
182
|
+
|
|
183
|
+
if (request.method === "POST") {
|
|
184
|
+
createForm(
|
|
185
|
+
childPopup.document,
|
|
186
|
+
request.action,
|
|
187
|
+
request.fields
|
|
188
|
+
).submit();
|
|
189
|
+
}
|
|
190
|
+
|
|
191
|
+
timers.closedPoll = window.setInterval(() => {
|
|
192
|
+
if (childPopup.closed && !settled) {
|
|
193
|
+
/*
|
|
194
|
+
* The popup is gone, so the overall timeout no longer applies —
|
|
195
|
+
* drop it and report cancellation. A successful sign-in settles
|
|
196
|
+
* first: the redirect bridge broadcasts the response before it
|
|
197
|
+
* closes the popup, so onmessage runs on the
|
|
198
|
+
* next event-loop turn, well before this 500ms poll observes the
|
|
199
|
+
* close — the `!settled` guard then skips cancellation.
|
|
200
|
+
*/
|
|
201
|
+
clearTimeout(timers.timeoutId);
|
|
202
|
+
relay({ error: BrowserAuthErrorCodes.userCancelled });
|
|
203
|
+
}
|
|
204
|
+
}, 500);
|
|
205
|
+
|
|
206
|
+
timers.timeoutId = window.setTimeout(() => {
|
|
207
|
+
if (!settled) {
|
|
208
|
+
/*
|
|
209
|
+
* Stop the close poll before we close the popup ourselves, so it
|
|
210
|
+
* can't observe the close and report user_cancelled instead.
|
|
211
|
+
*/
|
|
212
|
+
clearInterval(timers.closedPoll);
|
|
213
|
+
try {
|
|
214
|
+
childPopup.close();
|
|
215
|
+
} catch (e) {
|
|
216
|
+
/* ignore */
|
|
217
|
+
}
|
|
218
|
+
relay({ error: BrowserAuthErrorCodes.timedOut });
|
|
219
|
+
}
|
|
220
|
+
}, options?.timeoutMs || DEFAULT_POPUP_RELAY_TIMEOUT_MS);
|
|
221
|
+
}
|
|
@@ -0,0 +1,178 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3
|
+
* Licensed under the MIT License.
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
import {
|
|
7
|
+
IPerformanceClient,
|
|
8
|
+
Logger,
|
|
9
|
+
ProtocolUtils,
|
|
10
|
+
} from "@azure/msal-common/browser";
|
|
11
|
+
import { base64Decode } from "../encode/Base64Decode.js";
|
|
12
|
+
import {
|
|
13
|
+
BrowserAuthErrorCodes,
|
|
14
|
+
createBrowserAuthError,
|
|
15
|
+
} from "../error/BrowserAuthError.js";
|
|
16
|
+
import { redirectBridgeEmptyResponse } from "../error/BrowserAuthErrorCodes.js";
|
|
17
|
+
import type { WaitForBridgeRequest } from "../utils/BrowserUtils.js";
|
|
18
|
+
import { POPUP_RELAY_RESPONSE_TYPE } from "./constants.js";
|
|
19
|
+
|
|
20
|
+
/**
|
|
21
|
+
* The navigation the popup-relay page should perform in its IdP child popup:
|
|
22
|
+
* either a GET navigation to a URL, or a POST form submission (used by the
|
|
23
|
+
* form_post and EAR response modes).
|
|
24
|
+
*
|
|
25
|
+
* @internal
|
|
26
|
+
*/
|
|
27
|
+
export type PopupRelayAction =
|
|
28
|
+
| { method: "GET"; url: string }
|
|
29
|
+
| { method: "POST"; action: string; fields: Record<string, string> };
|
|
30
|
+
|
|
31
|
+
/**
|
|
32
|
+
* Builds the URL of the popup-relay page to open. The action the relay page
|
|
33
|
+
* must perform (GET navigation or POST form) is carried in the page's hash
|
|
34
|
+
* (client-side only, never sent to a server), keyed by the per-request
|
|
35
|
+
* library-state `id` so the relay page can listen on the right BroadcastChannel
|
|
36
|
+
* and echo the id back. The relay URI is resolved against the app origin, so it
|
|
37
|
+
* must be same-origin as the embedded frame. See `runPopupRelay`.
|
|
38
|
+
*
|
|
39
|
+
* @internal
|
|
40
|
+
*/
|
|
41
|
+
export function buildPopupRelayUrl(
|
|
42
|
+
popupRelayUri: string,
|
|
43
|
+
id: string,
|
|
44
|
+
action: PopupRelayAction,
|
|
45
|
+
correlationId: string
|
|
46
|
+
): string {
|
|
47
|
+
const req = { id, ...action };
|
|
48
|
+
const target = new URL(popupRelayUri, window.location.origin);
|
|
49
|
+
/*
|
|
50
|
+
* The relay page must be same-origin as the embedded frame: the response is
|
|
51
|
+
* relayed back via postMessage and only accepted from this origin, and a
|
|
52
|
+
* cross-origin page would also receive the relayed /authorize request. Fail
|
|
53
|
+
* fast with a clear error instead of silently relaying to (and timing out
|
|
54
|
+
* against) the wrong origin.
|
|
55
|
+
*/
|
|
56
|
+
if (target.origin !== window.location.origin) {
|
|
57
|
+
throw createBrowserAuthError(
|
|
58
|
+
BrowserAuthErrorCodes.popupRelayUnsupportedFlow,
|
|
59
|
+
correlationId,
|
|
60
|
+
"popup_relay_cross_origin"
|
|
61
|
+
);
|
|
62
|
+
}
|
|
63
|
+
const hashParams = new URLSearchParams();
|
|
64
|
+
hashParams.set("req", JSON.stringify(req));
|
|
65
|
+
target.hash = hashParams.toString();
|
|
66
|
+
return target.toString();
|
|
67
|
+
}
|
|
68
|
+
|
|
69
|
+
/**
|
|
70
|
+
* Waits for the popup-relay page to relay the raw auth response back to the
|
|
71
|
+
* embedded frame via postMessage. Used in place of `waitForBridgeResponse`
|
|
72
|
+
* when `auth.popupRelayUri` is configured, because third-party storage
|
|
73
|
+
* partitioning blocks the BroadcastChannel the redirect bridge uses from
|
|
74
|
+
* reaching the embedded frame.
|
|
75
|
+
*
|
|
76
|
+
* The response is accepted only from the popup window we opened, on our own
|
|
77
|
+
* origin (the relay page is same-origin as the embedded frame), and only when
|
|
78
|
+
* it carries the matching per-request library-state id.
|
|
79
|
+
*
|
|
80
|
+
* @internal
|
|
81
|
+
*/
|
|
82
|
+
export async function waitForPopupRelayResponse(
|
|
83
|
+
timeoutMs: number,
|
|
84
|
+
logger: Logger,
|
|
85
|
+
request: WaitForBridgeRequest,
|
|
86
|
+
popupWindow: Window,
|
|
87
|
+
performanceClient: IPerformanceClient
|
|
88
|
+
): Promise<string> {
|
|
89
|
+
return new Promise<string>((resolve, reject) => {
|
|
90
|
+
const correlationId = request.correlationId;
|
|
91
|
+
logger.verbose(
|
|
92
|
+
"PopupRelay.waitForPopupRelayResponse - started",
|
|
93
|
+
correlationId
|
|
94
|
+
);
|
|
95
|
+
performanceClient.addFields(
|
|
96
|
+
{ redirectBridgeTimeoutMs: timeoutMs },
|
|
97
|
+
correlationId
|
|
98
|
+
);
|
|
99
|
+
|
|
100
|
+
const { libraryState } = ProtocolUtils.parseRequestState(
|
|
101
|
+
base64Decode,
|
|
102
|
+
request.state || "",
|
|
103
|
+
correlationId
|
|
104
|
+
);
|
|
105
|
+
const expectedId = libraryState.id;
|
|
106
|
+
const expectedOrigin = window.location.origin;
|
|
107
|
+
let settled = false;
|
|
108
|
+
|
|
109
|
+
const cleanup = (): void => {
|
|
110
|
+
window.removeEventListener("message", onMessage);
|
|
111
|
+
clearTimeout(timeoutId);
|
|
112
|
+
clearInterval(closedPoll);
|
|
113
|
+
};
|
|
114
|
+
|
|
115
|
+
const onMessage = (event: MessageEvent): void => {
|
|
116
|
+
if (
|
|
117
|
+
event.origin !== expectedOrigin ||
|
|
118
|
+
event.source !== popupWindow
|
|
119
|
+
) {
|
|
120
|
+
return;
|
|
121
|
+
}
|
|
122
|
+
const data = event.data;
|
|
123
|
+
if (
|
|
124
|
+
!data ||
|
|
125
|
+
data.type !== POPUP_RELAY_RESPONSE_TYPE ||
|
|
126
|
+
data.id !== expectedId
|
|
127
|
+
) {
|
|
128
|
+
return;
|
|
129
|
+
}
|
|
130
|
+
if (settled) {
|
|
131
|
+
return;
|
|
132
|
+
}
|
|
133
|
+
settled = true;
|
|
134
|
+
cleanup();
|
|
135
|
+
if (data.error) {
|
|
136
|
+
reject(createBrowserAuthError(data.error, correlationId));
|
|
137
|
+
} else if (data.payload) {
|
|
138
|
+
resolve(data.payload);
|
|
139
|
+
} else {
|
|
140
|
+
reject(
|
|
141
|
+
createBrowserAuthError(
|
|
142
|
+
redirectBridgeEmptyResponse,
|
|
143
|
+
correlationId
|
|
144
|
+
)
|
|
145
|
+
);
|
|
146
|
+
}
|
|
147
|
+
};
|
|
148
|
+
window.addEventListener("message", onMessage);
|
|
149
|
+
|
|
150
|
+
const timeoutId = window.setTimeout(() => {
|
|
151
|
+
if (settled) {
|
|
152
|
+
return;
|
|
153
|
+
}
|
|
154
|
+
settled = true;
|
|
155
|
+
cleanup();
|
|
156
|
+
reject(
|
|
157
|
+
createBrowserAuthError(
|
|
158
|
+
BrowserAuthErrorCodes.timedOut,
|
|
159
|
+
correlationId,
|
|
160
|
+
"popup_relay_timeout"
|
|
161
|
+
)
|
|
162
|
+
);
|
|
163
|
+
}, timeoutMs);
|
|
164
|
+
|
|
165
|
+
const closedPoll = window.setInterval(() => {
|
|
166
|
+
if (popupWindow.closed && !settled) {
|
|
167
|
+
settled = true;
|
|
168
|
+
cleanup();
|
|
169
|
+
reject(
|
|
170
|
+
createBrowserAuthError(
|
|
171
|
+
BrowserAuthErrorCodes.userCancelled,
|
|
172
|
+
correlationId
|
|
173
|
+
)
|
|
174
|
+
);
|
|
175
|
+
}
|
|
176
|
+
}, 500);
|
|
177
|
+
});
|
|
178
|
+
}
|
|
@@ -271,17 +271,22 @@ export async function getAuthCodeRequestUrl(
|
|
|
271
271
|
return AuthorizeProtocol.getAuthorizeUrl(authority, parameters);
|
|
272
272
|
}
|
|
273
273
|
|
|
274
|
+
/** Action URL + POST-body fields for a /authorize form submission. */
|
|
275
|
+
export type AuthorizeFormData = {
|
|
276
|
+
action: string;
|
|
277
|
+
fields: Record<string, string>;
|
|
278
|
+
};
|
|
279
|
+
|
|
274
280
|
/**
|
|
275
|
-
*
|
|
281
|
+
* Builds the action URL + POST-body fields for the EAR /authorize form.
|
|
276
282
|
*/
|
|
277
|
-
export async function
|
|
278
|
-
frame: Document,
|
|
283
|
+
export async function getEARFormData(
|
|
279
284
|
config: BrowserConfiguration,
|
|
280
285
|
authority: Authority,
|
|
281
286
|
request: CommonAuthorizationUrlRequest,
|
|
282
287
|
logger: Logger,
|
|
283
288
|
performanceClient: IPerformanceClient
|
|
284
|
-
): Promise<
|
|
289
|
+
): Promise<AuthorizeFormData> {
|
|
285
290
|
if (!request.earJwk) {
|
|
286
291
|
throw createBrowserAuthError(
|
|
287
292
|
BrowserAuthErrorCodes.earJwkEmpty,
|
|
@@ -326,15 +331,15 @@ export async function getEARForm(
|
|
|
326
331
|
request.correlationId
|
|
327
332
|
);
|
|
328
333
|
|
|
329
|
-
const
|
|
334
|
+
const action = AuthorizeProtocol.getAuthorizeUrl(authority, queryParams);
|
|
330
335
|
|
|
331
|
-
return
|
|
336
|
+
return { action, fields: Object.fromEntries(parameters) };
|
|
332
337
|
}
|
|
333
338
|
|
|
334
339
|
/**
|
|
335
|
-
* Gets the form that will be posted to /authorize with request parameters when using
|
|
340
|
+
* Gets the form that will be posted to /authorize with request parameters when using EAR
|
|
336
341
|
*/
|
|
337
|
-
export async function
|
|
342
|
+
export async function getEARForm(
|
|
338
343
|
frame: Document,
|
|
339
344
|
config: BrowserConfiguration,
|
|
340
345
|
authority: Authority,
|
|
@@ -342,6 +347,26 @@ export async function getCodeForm(
|
|
|
342
347
|
logger: Logger,
|
|
343
348
|
performanceClient: IPerformanceClient
|
|
344
349
|
): Promise<HTMLFormElement> {
|
|
350
|
+
const { action, fields } = await getEARFormData(
|
|
351
|
+
config,
|
|
352
|
+
authority,
|
|
353
|
+
request,
|
|
354
|
+
logger,
|
|
355
|
+
performanceClient
|
|
356
|
+
);
|
|
357
|
+
return createForm(frame, action, fields);
|
|
358
|
+
}
|
|
359
|
+
|
|
360
|
+
/**
|
|
361
|
+
* Builds the action URL + POST-body fields for the auth-code /authorize form.
|
|
362
|
+
*/
|
|
363
|
+
export async function getCodeFormData(
|
|
364
|
+
config: BrowserConfiguration,
|
|
365
|
+
authority: Authority,
|
|
366
|
+
request: CommonAuthorizationUrlRequest,
|
|
367
|
+
logger: Logger,
|
|
368
|
+
performanceClient: IPerformanceClient
|
|
369
|
+
): Promise<AuthorizeFormData> {
|
|
345
370
|
const parameters = await getStandardParameters(
|
|
346
371
|
config,
|
|
347
372
|
authority,
|
|
@@ -379,34 +404,58 @@ export async function getCodeForm(
|
|
|
379
404
|
request.correlationId
|
|
380
405
|
);
|
|
381
406
|
|
|
382
|
-
const
|
|
407
|
+
const action = AuthorizeProtocol.getAuthorizeUrl(authority, queryParams);
|
|
383
408
|
|
|
384
|
-
return
|
|
409
|
+
return { action, fields: Object.fromEntries(parameters) };
|
|
385
410
|
}
|
|
386
411
|
|
|
387
412
|
/**
|
|
388
|
-
*
|
|
389
|
-
|
|
390
|
-
|
|
391
|
-
|
|
392
|
-
|
|
413
|
+
* Gets the form that will be posted to /authorize with request parameters when using POST method
|
|
414
|
+
*/
|
|
415
|
+
export async function getCodeForm(
|
|
416
|
+
frame: Document,
|
|
417
|
+
config: BrowserConfiguration,
|
|
418
|
+
authority: Authority,
|
|
419
|
+
request: CommonAuthorizationUrlRequest,
|
|
420
|
+
logger: Logger,
|
|
421
|
+
performanceClient: IPerformanceClient
|
|
422
|
+
): Promise<HTMLFormElement> {
|
|
423
|
+
const { action, fields } = await getCodeFormData(
|
|
424
|
+
config,
|
|
425
|
+
authority,
|
|
426
|
+
request,
|
|
427
|
+
logger,
|
|
428
|
+
performanceClient
|
|
429
|
+
);
|
|
430
|
+
return createForm(frame, action, fields);
|
|
431
|
+
}
|
|
432
|
+
|
|
433
|
+
/**
|
|
434
|
+
* Creates a POST `<form>` in the provided document with the given auth
|
|
435
|
+
* parameters as hidden inputs, targeting `action`. Shared by the popup auth
|
|
436
|
+
* flows (`getEARForm` / `getCodeForm`) and the popup-relay page
|
|
437
|
+
* (`runPopupRelay`) so the form is built one way only.
|
|
438
|
+
*
|
|
439
|
+
* @param frame - document to create the form in
|
|
440
|
+
* @param action - form action (the /authorize URL)
|
|
441
|
+
* @param fields - POST-body fields
|
|
442
|
+
* @internal
|
|
393
443
|
*/
|
|
394
|
-
function createForm(
|
|
444
|
+
export function createForm(
|
|
395
445
|
frame: Document,
|
|
396
|
-
|
|
397
|
-
|
|
446
|
+
action: string,
|
|
447
|
+
fields: Record<string, string>
|
|
398
448
|
): HTMLFormElement {
|
|
399
449
|
const form = frame.createElement("form");
|
|
400
450
|
form.method = "post";
|
|
401
|
-
form.action =
|
|
402
|
-
|
|
403
|
-
|
|
404
|
-
const
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
|
|
408
|
-
|
|
409
|
-
form.appendChild(param);
|
|
451
|
+
form.action = action;
|
|
452
|
+
|
|
453
|
+
Object.keys(fields).forEach((name) => {
|
|
454
|
+
const input = frame.createElement("input");
|
|
455
|
+
input.hidden = true;
|
|
456
|
+
input.name = name;
|
|
457
|
+
input.value = fields[name];
|
|
458
|
+
form.appendChild(input);
|
|
410
459
|
});
|
|
411
460
|
|
|
412
461
|
frame.body.appendChild(form);
|
|
@@ -37,6 +37,22 @@ export type BrowserAuthOptions = {
|
|
|
37
37
|
* The redirect URI where the window navigates after a successful logout.
|
|
38
38
|
*/
|
|
39
39
|
postLogoutRedirectUri?: string | null;
|
|
40
|
+
/**
|
|
41
|
+
* URI of a first-party, top-level "popup-relay" page used to acquire tokens
|
|
42
|
+
* interactively from inside a cross-origin iframe that an untrusted host has
|
|
43
|
+
* embedded (where third-party storage partitioning and COOP break the normal
|
|
44
|
+
* popup flow). When set, `acquireTokenPopup` opens this page top-level
|
|
45
|
+
* instead of navigating the popup straight to the IdP, and the page must call
|
|
46
|
+
* `runPopupRelay()`. Resolved relative to the app origin, so it must be
|
|
47
|
+
* same-origin as the embedded frame.
|
|
48
|
+
*
|
|
49
|
+
* This is a browser SPA-only mechanism (`PublicClientApplication` in
|
|
50
|
+
* `@azure/msal-browser`): it brokers the standard interactive popup
|
|
51
|
+
* auth-code flow through a same-origin page. It does not apply to native
|
|
52
|
+
* app, platform broker (WAM), Nested App Auth, or confidential-client /
|
|
53
|
+
* server-side scenarios.
|
|
54
|
+
*/
|
|
55
|
+
popupRelayUri?: string;
|
|
40
56
|
/**
|
|
41
57
|
* Array of capabilities which will be added to the claims.access_token.xms_cc request property on every network request.
|
|
42
58
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Configuration.d.ts","sourceRoot":"","sources":["../../src/config/Configuration.ts"],"names":[],"mappings":"AAKA,OAAO,EACH,aAAa,EACb,aAAa,EACb,cAAc,EAEd,YAAY,EACZ,WAAW,EAIX,iBAAiB,EACjB,oBAAoB,EAGpB,kBAAkB,EAIrB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAMvE,eAAO,MAAM,wBAAwB,QAAQ,CAAC;AAC9C,eAAO,MAAM,yBAAyB,QAAQ,CAAC;AAC/C,eAAO,MAAM,2BAA2B,QAAQ,CAAC;AACjD,eAAO,MAAM,0CAA0C,OAAO,CAAC;AAE/D;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG;IAC7B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,gBAAgB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC;;OAEG;IACH,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEtC;;OAEG;IACH,kBAAkB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACnC;;OAEG;IACH,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B;;OAEG;IACH,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC;;OAEG;IACH,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,GAAG,IAAI,CAAC;IACrD;;OAEG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB;;OAEG;IACH,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;CACvB,CAAC;AAEF,gBAAgB;AAChB,MAAM,MAAM,mBAAmB,GAAG,IAAI,CAClC,QAAQ,CAAC,kBAAkB,CAAC,EAC5B,oBAAoB,CACvB,GAAG;IACA,WAAW,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;IACnC,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,GAAG,IAAI,CAAC;CACxD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG;IACvB;;OAEG;IACH,aAAa,CAAC,EAAE,oBAAoB,GAAG,MAAM,CAAC;IAC9C;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,aAAa,GAAG;IAC/C;;OAEG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC;IAC9B;;OAEG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAC/B;;OAEG;IACH,gBAAgB,CAAC,EAAE,iBAAiB,CAAC;IACrC;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B;;OAEG;IACH,yBAAyB,CAAC,EAAE,MAAM,CAAC;IACnC;;OAEG;IACH,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB;;OAEG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC;;OAEG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B;;OAEG;IACH,4BAA4B,CAAC,EAAE,MAAM,CAAC;IACtC;;OAEG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B;;;OAGG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;CACpC,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,0BAA0B,GAAG;IACrC;;OAEG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC;;OAEG;IACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;CACxC,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAAG;IAClC;;;;OAIG;IACH,WAAW,CAAC,EAAE,oBAAoB,CAAC;IAEnC,MAAM,CAAC,EAAE,kBAAkB,CAAC;CAC/B,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG;IACxB;;OAEG;IACH,IAAI,EAAE,kBAAkB,CAAC;IACzB;;OAEG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IACrB;;OAEG;IACH,MAAM,CAAC,EAAE,oBAAoB,CAAC;IAC9B;;OAEG;IACH,YAAY,CAAC,EAAE,0BAA0B,CAAC;IAC1C;;OAEG;IACH,SAAS,CAAC,EAAE,uBAAuB,CAAC;CACvC,CAAC;AAEF,gBAAgB;AAChB,MAAM,MAAM,oBAAoB,GAAG;IAC/B,IAAI,EAAE,mBAAmB,CAAC;IAC1B,KAAK,EAAE,QAAQ,CAAC,YAAY,CAAC,CAAC;IAC9B,MAAM,EAAE,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IACvC,YAAY,EAAE,QAAQ,CAAC,0BAA0B,CAAC,CAAC;IACnD,SAAS,EAAE,QAAQ,CAAC,uBAAuB,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,kBAAkB,CAC9B,EACI,IAAI,EAAE,aAAa,EACnB,KAAK,EAAE,cAAc,EACrB,MAAM,EAAE,eAAe,EACvB,YAAY,EAAE,qBAAqB,EACnC,SAAS,EAAE,kBAAkB,GAChC,EAAE,aAAa,EAChB,oBAAoB,EAAE,OAAO,GAC9B,oBAAoB,
|
|
1
|
+
{"version":3,"file":"Configuration.d.ts","sourceRoot":"","sources":["../../src/config/Configuration.ts"],"names":[],"mappings":"AAKA,OAAO,EACH,aAAa,EACb,aAAa,EACb,cAAc,EAEd,YAAY,EACZ,WAAW,EAIX,iBAAiB,EACjB,oBAAoB,EAGpB,kBAAkB,EAIrB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAMvE,eAAO,MAAM,wBAAwB,QAAQ,CAAC;AAC9C,eAAO,MAAM,yBAAyB,QAAQ,CAAC;AAC/C,eAAO,MAAM,2BAA2B,QAAQ,CAAC;AACjD,eAAO,MAAM,0CAA0C,OAAO,CAAC;AAE/D;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG;IAC7B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,gBAAgB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC;;OAEG;IACH,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEtC;;;;;;;;;;;;;;OAcG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,kBAAkB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACnC;;OAEG;IACH,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B;;OAEG;IACH,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC;;OAEG;IACH,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,GAAG,IAAI,CAAC;IACrD;;OAEG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB;;OAEG;IACH,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;CACvB,CAAC;AAEF,gBAAgB;AAChB,MAAM,MAAM,mBAAmB,GAAG,IAAI,CAClC,QAAQ,CAAC,kBAAkB,CAAC,EAC5B,oBAAoB,CACvB,GAAG;IACA,WAAW,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;IACnC,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,GAAG,IAAI,CAAC;CACxD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG;IACvB;;OAEG;IACH,aAAa,CAAC,EAAE,oBAAoB,GAAG,MAAM,CAAC;IAC9C;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,aAAa,GAAG;IAC/C;;OAEG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC;IAC9B;;OAEG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAC/B;;OAEG;IACH,gBAAgB,CAAC,EAAE,iBAAiB,CAAC;IACrC;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B;;OAEG;IACH,yBAAyB,CAAC,EAAE,MAAM,CAAC;IACnC;;OAEG;IACH,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB;;OAEG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC;;OAEG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B;;OAEG;IACH,4BAA4B,CAAC,EAAE,MAAM,CAAC;IACtC;;OAEG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B;;;OAGG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;CACpC,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,0BAA0B,GAAG;IACrC;;OAEG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC;;OAEG;IACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;CACxC,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAAG;IAClC;;;;OAIG;IACH,WAAW,CAAC,EAAE,oBAAoB,CAAC;IAEnC,MAAM,CAAC,EAAE,kBAAkB,CAAC;CAC/B,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG;IACxB;;OAEG;IACH,IAAI,EAAE,kBAAkB,CAAC;IACzB;;OAEG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IACrB;;OAEG;IACH,MAAM,CAAC,EAAE,oBAAoB,CAAC;IAC9B;;OAEG;IACH,YAAY,CAAC,EAAE,0BAA0B,CAAC;IAC1C;;OAEG;IACH,SAAS,CAAC,EAAE,uBAAuB,CAAC;CACvC,CAAC;AAEF,gBAAgB;AAChB,MAAM,MAAM,oBAAoB,GAAG;IAC/B,IAAI,EAAE,mBAAmB,CAAC;IAC1B,KAAK,EAAE,QAAQ,CAAC,YAAY,CAAC,CAAC;IAC9B,MAAM,EAAE,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IACvC,YAAY,EAAE,QAAQ,CAAC,0BAA0B,CAAC,CAAC;IACnD,SAAS,EAAE,QAAQ,CAAC,uBAAuB,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,kBAAkB,CAC9B,EACI,IAAI,EAAE,aAAa,EACnB,KAAK,EAAE,cAAc,EACrB,MAAM,EAAE,eAAe,EACvB,YAAY,EAAE,qBAAqB,EACnC,SAAS,EAAE,kBAAkB,GAChC,EAAE,aAAa,EAChB,oBAAoB,EAAE,OAAO,GAC9B,oBAAoB,CA8ItB"}
|
|
@@ -1,3 +1,7 @@
|
|
|
1
|
+
export declare const RSA_KEYGEN_ALGORITHM_OPTIONS: RsaHashedKeyGenParams;
|
|
2
|
+
export declare const RSA_SIGN_ALGORITHM_OPTIONS: Algorithm;
|
|
3
|
+
export declare const ECDSA_P256_KEYGEN_ALGORITHM_OPTIONS: EcKeyGenParams;
|
|
4
|
+
export declare const ECDSA_SHA256_SIGN_ALGORITHM_OPTIONS: EcdsaParams;
|
|
1
5
|
/**
|
|
2
6
|
* Check whether browser crypto is available.
|
|
3
7
|
*/
|
|
@@ -21,11 +25,12 @@ export declare function getRandomValues(dataBuffer: Uint8Array): Uint8Array;
|
|
|
21
25
|
*/
|
|
22
26
|
export declare function createNewGuid(): string;
|
|
23
27
|
/**
|
|
24
|
-
* Generates a keypair based on
|
|
28
|
+
* Generates a keypair based on the provided algorithm config.
|
|
25
29
|
* @param extractable
|
|
26
30
|
* @param usages
|
|
31
|
+
* @param algorithm
|
|
27
32
|
*/
|
|
28
|
-
export declare function generateKeyPair(extractable: boolean, usages: Array<KeyUsage
|
|
33
|
+
export declare function generateKeyPair(extractable: boolean, usages: Array<KeyUsage>, algorithm: AlgorithmIdentifier): Promise<CryptoKeyPair>;
|
|
29
34
|
/**
|
|
30
35
|
* Export key as Json Web Key (JWK)
|
|
31
36
|
* @param key
|
|
@@ -36,14 +41,16 @@ export declare function exportJwk(key: CryptoKey): Promise<JsonWebKey>;
|
|
|
36
41
|
* @param key
|
|
37
42
|
* @param extractable
|
|
38
43
|
* @param usages
|
|
44
|
+
* @param algorithm
|
|
39
45
|
*/
|
|
40
|
-
export declare function importJwk(key: JsonWebKey, extractable: boolean, usages: Array<KeyUsage
|
|
46
|
+
export declare function importJwk(key: JsonWebKey, extractable: boolean, usages: Array<KeyUsage>, algorithm: AlgorithmIdentifier): Promise<CryptoKey>;
|
|
41
47
|
/**
|
|
42
|
-
* Signs given data with given key
|
|
48
|
+
* Signs given data with given key.
|
|
43
49
|
* @param key
|
|
44
50
|
* @param data
|
|
51
|
+
* @param algorithm
|
|
45
52
|
*/
|
|
46
|
-
export declare function sign(key: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer>;
|
|
53
|
+
export declare function sign(key: CryptoKey, data: ArrayBuffer, algorithm: AlgorithmIdentifier): Promise<ArrayBuffer>;
|
|
47
54
|
/**
|
|
48
55
|
* Generates Base64 encoded jwk used in the Encrypted Authorize Response (EAR) flow
|
|
49
56
|
*/
|
|
@@ -93,4 +100,11 @@ export declare function decrypt(baseKey: CryptoKey, nonce: string, context: stri
|
|
|
93
100
|
* @param plainText
|
|
94
101
|
*/
|
|
95
102
|
export declare function hashString(plainText: string): Promise<string>;
|
|
103
|
+
/**
|
|
104
|
+
* Computes an RFC 7638 JWK thumbprint for a public key.
|
|
105
|
+
* The required members for the JWK key type are serialised in lexicographic order
|
|
106
|
+
* and the SHA-256 digest is returned as a base64url string.
|
|
107
|
+
* @internal
|
|
108
|
+
*/
|
|
109
|
+
export declare function computeJwkThumbprint(publicJwk: JsonWebKey): Promise<string>;
|
|
96
110
|
//# sourceMappingURL=BrowserCrypto.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"BrowserCrypto.d.ts","sourceRoot":"","sources":["../../src/crypto/BrowserCrypto.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"BrowserCrypto.d.ts","sourceRoot":"","sources":["../../src/crypto/BrowserCrypto.ts"],"names":[],"mappings":"AAsDA,eAAO,MAAM,4BAA4B,EAAE,qBAK1C,CAAC;AAEF,eAAO,MAAM,0BAA0B,EAAE,SAExC,CAAC;AAEF,eAAO,MAAM,mCAAmC,EAAE,cAGjD,CAAC;AAEF,eAAO,MAAM,mCAAmC,EAAE,WAGjD,CAAC;AAEF;;GAEG;AACH,wBAAgB,uBAAuB,CACnC,wBAAwB,EAAE,OAAO,GAClC,IAAI,CAoBN;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAO3E;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,UAAU,EAAE,UAAU,GAAG,UAAU,CAElE;AAWD;;;;GAIG;AACH,wBAAgB,aAAa,IAAI,MAAM,CAuCtC;AAED;;;;;GAKG;AACH,wBAAsB,eAAe,CACjC,WAAW,EAAE,OAAO,EACpB,MAAM,EAAE,KAAK,CAAC,QAAQ,CAAC,EACvB,SAAS,EAAE,mBAAmB,GAC/B,OAAO,CAAC,aAAa,CAAC,CAMxB;AAED;;;GAGG;AACH,wBAAsB,SAAS,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAKnE;AAED;;;;;;GAMG;AACH,wBAAsB,SAAS,CAC3B,GAAG,EAAE,UAAU,EACf,WAAW,EAAE,OAAO,EACpB,MAAM,EAAE,KAAK,CAAC,QAAQ,CAAC,EACvB,SAAS,EAAE,mBAAmB,GAC/B,OAAO,CAAC,SAAS,CAAC,CAQpB;AAED;;;;;GAKG;AACH,wBAAsB,IAAI,CACtB,GAAG,EAAE,SAAS,EACd,IAAI,EAAE,WAAW,EACjB,SAAS,EAAE,mBAAmB,GAC/B,OAAO,CAAC,WAAW,CAAC,CAMtB;AAED;;GAEG;AACH,wBAAsB,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,CAWtD;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CASrE;AAED;;;;;GAKG;AACH,wBAAsB,kBAAkB,CACpC,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,CAAC,CAiDjB;AAED;;GAEG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,WAAW,CAAC,CAU5D;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,SAAS,CAAC,CAI3E;AA4BD;;;;GAIG;AACH,wBAAsB,OAAO,CACzB,OAAO,EAAE,SAAS,EAClB,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,GAChB,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,CAkB1C;AAED;;;;;;GAMG;AACH,wBAAsB,OAAO,CACzB,OAAO,EAAE,SAAS,EAClB,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,MAAM,EACf,aAAa,EAAE,MAAM,GACtB,OAAO,CAAC,MAAM,CAAC,CAajB;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAInE;AAmDD;;;;;GAKG;AACH,wBAAsB,oBAAoB,CACtC,SAAS,EAAE,UAAU,GACtB,OAAO,CAAC,MAAM,CAAC,CAQjB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CryptoOps.d.ts","sourceRoot":"","sources":["../../src/crypto/CryptoOps.ts"],"names":[],"mappings":"AAKA,OAAO,EAGH,OAAO,EACP,kBAAkB,EAElB,MAAM,EACN,UAAU,EACV,iBAAiB,EACjB,2BAA2B,EAC9B,MAAM,4BAA4B,CAAC;AAepC,MAAM,MAAM,aAAa,GAAG;IACxB,SAAS,EAAE,SAAS,CAAC;IACrB,UAAU,EAAE,SAAS,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF;;;GAGG;AACH,qBAAa,SAAU,YAAW,OAAO;IACrC,OAAO,CAAC,MAAM,CAAS;IAEvB;;;OAGG;IACH,OAAO,CAAC,iBAAiB,CAAiC;IAE1D,OAAO,CAAC,MAAM,CAAC,cAAc,CAAuC;IACpE,OAAO,CAAC,MAAM,CAAC,WAAW,CAAiB;IAC3C,OAAO,CAAC,KAAK,CAAoC;gBAG7C,MAAM,EAAE,MAAM,EACd,iBAAiB,CAAC,EAAE,kBAAkB,EACtC,wBAAwB,CAAC,EAAE,OAAO;IAWtC;;;OAGG;IACH,aAAa,IAAI,MAAM;IAIvB;;;OAGG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAItC;;;;OAIG;IACH,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACG,sBAAsB,CACxB,OAAO,EAAE,2BAA2B,GACrC,OAAO,CAAC,MAAM,CAAC;IAyDlB;;;;OAIG;IACG,qBAAqB,CACvB,GAAG,EAAE,MAAM,EACX,aAAa,EAAE,MAAM,GACtB,OAAO,CAAC,IAAI,CAAC;IAWhB;;;OAGG;IACG,aAAa,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA4B5D;;;;OAIG;IACG,OAAO,CACT,OAAO,EAAE,iBAAiB,EAC1B,GAAG,EAAE,MAAM,EACX,UAAU,CAAC,EAAE,UAAU,EACvB,aAAa,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"CryptoOps.d.ts","sourceRoot":"","sources":["../../src/crypto/CryptoOps.ts"],"names":[],"mappings":"AAKA,OAAO,EAGH,OAAO,EACP,kBAAkB,EAElB,MAAM,EACN,UAAU,EACV,iBAAiB,EACjB,2BAA2B,EAC9B,MAAM,4BAA4B,CAAC;AAepC,MAAM,MAAM,aAAa,GAAG;IACxB,SAAS,EAAE,SAAS,CAAC;IACrB,UAAU,EAAE,SAAS,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF;;;GAGG;AACH,qBAAa,SAAU,YAAW,OAAO;IACrC,OAAO,CAAC,MAAM,CAAS;IAEvB;;;OAGG;IACH,OAAO,CAAC,iBAAiB,CAAiC;IAE1D,OAAO,CAAC,MAAM,CAAC,cAAc,CAAuC;IACpE,OAAO,CAAC,MAAM,CAAC,WAAW,CAAiB;IAC3C,OAAO,CAAC,KAAK,CAAoC;gBAG7C,MAAM,EAAE,MAAM,EACd,iBAAiB,CAAC,EAAE,kBAAkB,EACtC,wBAAwB,CAAC,EAAE,OAAO;IAWtC;;;OAGG;IACH,aAAa,IAAI,MAAM;IAIvB;;;OAGG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAItC;;;;OAIG;IACH,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACG,sBAAsB,CACxB,OAAO,EAAE,2BAA2B,GACrC,OAAO,CAAC,MAAM,CAAC;IAyDlB;;;;OAIG;IACG,qBAAqB,CACvB,GAAG,EAAE,MAAM,EACX,aAAa,EAAE,MAAM,GACtB,OAAO,CAAC,IAAI,CAAC;IAWhB;;;OAGG;IACG,aAAa,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA4B5D;;;;OAIG;IACG,OAAO,CACT,OAAO,EAAE,iBAAiB,EAC1B,GAAG,EAAE,MAAM,EACX,UAAU,CAAC,EAAE,UAAU,EACvB,aAAa,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,MAAM,CAAC;IA+DlB;;;OAGG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAGvD"}
|