@azure/msal-browser 5.16.0 → 5.17.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (399) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/IPublicClientApplication.mjs.map +1 -1
  3. package/dist/app/PublicClientApplication.mjs +1 -1
  4. package/dist/app/PublicClientApplication.mjs.map +1 -1
  5. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  8. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  9. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs.map +1 -1
  10. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  11. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -1
  12. package/dist/cache/AccountManager.mjs +1 -1
  13. package/dist/cache/AccountManager.mjs.map +1 -1
  14. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  15. package/dist/cache/AsyncMemoryStorage.mjs.map +1 -1
  16. package/dist/cache/BrowserCacheManager.mjs +1 -1
  17. package/dist/cache/BrowserCacheManager.mjs.map +1 -1
  18. package/dist/cache/CacheHelpers.mjs +1 -1
  19. package/dist/cache/CacheHelpers.mjs.map +1 -1
  20. package/dist/cache/CacheKeys.mjs +1 -1
  21. package/dist/cache/CacheKeys.mjs.map +1 -1
  22. package/dist/cache/CookieStorage.mjs +1 -1
  23. package/dist/cache/CookieStorage.mjs.map +1 -1
  24. package/dist/cache/DatabaseStorage.mjs +1 -1
  25. package/dist/cache/DatabaseStorage.mjs.map +1 -1
  26. package/dist/cache/EncryptedData.mjs +1 -1
  27. package/dist/cache/LocalStorage.mjs +1 -1
  28. package/dist/cache/LocalStorage.mjs.map +1 -1
  29. package/dist/cache/MemoryStorage.mjs +1 -1
  30. package/dist/cache/MemoryStorage.mjs.map +1 -1
  31. package/dist/cache/SessionStorage.mjs +1 -1
  32. package/dist/cache/SessionStorage.mjs.map +1 -1
  33. package/dist/cache/TokenCache.mjs +1 -1
  34. package/dist/cache/TokenCache.mjs.map +1 -1
  35. package/dist/config/Configuration.mjs +2 -1
  36. package/dist/config/Configuration.mjs.map +1 -1
  37. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  38. package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
  39. package/dist/controllers/StandardController.mjs +2 -2
  40. package/dist/controllers/StandardController.mjs.map +1 -1
  41. package/dist/crypto/BrowserCrypto.mjs +61 -12
  42. package/dist/crypto/BrowserCrypto.mjs.map +1 -1
  43. package/dist/crypto/CryptoOps.mjs +6 -12
  44. package/dist/crypto/CryptoOps.mjs.map +1 -1
  45. package/dist/crypto/PkceGenerator.mjs +1 -1
  46. package/dist/crypto/PkceGenerator.mjs.map +1 -1
  47. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  48. package/dist/crypto/SignedHttpRequest.mjs.map +1 -1
  49. package/dist/custom_auth/CustomAuthConstants.mjs +1 -1
  50. package/dist/custom_auth/CustomAuthConstants.mjs.map +1 -1
  51. package/dist/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  52. package/dist/custom_auth/CustomAuthPublicClientApplication.mjs.map +1 -1
  53. package/dist/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  54. package/dist/custom_auth/controller/CustomAuthStandardController.mjs.map +1 -1
  55. package/dist/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  56. package/dist/custom_auth/core/CustomAuthAuthority.mjs.map +1 -1
  57. package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  58. package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs.map +1 -1
  59. package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  60. package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs.map +1 -1
  61. package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  62. package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs.map +1 -1
  63. package/dist/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  64. package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  65. package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs.map +1 -1
  66. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  67. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs.map +1 -1
  68. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  69. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs.map +1 -1
  70. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  71. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs.map +1 -1
  72. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  73. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs.map +1 -1
  74. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  75. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs.map +1 -1
  76. package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  77. package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs.map +1 -1
  78. package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  79. package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs.map +1 -1
  80. package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  81. package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs.map +1 -1
  82. package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  83. package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs.map +1 -1
  84. package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  85. package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs.map +1 -1
  86. package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  87. package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs.map +1 -1
  88. package/dist/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  89. package/dist/custom_auth/core/error/CustomAuthApiError.mjs.map +1 -1
  90. package/dist/custom_auth/core/error/CustomAuthError.mjs +1 -1
  91. package/dist/custom_auth/core/error/CustomAuthError.mjs.map +1 -1
  92. package/dist/custom_auth/core/error/HttpError.mjs +1 -1
  93. package/dist/custom_auth/core/error/HttpError.mjs.map +1 -1
  94. package/dist/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  95. package/dist/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  96. package/dist/custom_auth/core/error/InvalidArgumentError.mjs.map +1 -1
  97. package/dist/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  98. package/dist/custom_auth/core/error/InvalidConfigurationError.mjs.map +1 -1
  99. package/dist/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  100. package/dist/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  101. package/dist/custom_auth/core/error/MethodNotImplementedError.mjs.map +1 -1
  102. package/dist/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  103. package/dist/custom_auth/core/error/MsalCustomAuthError.mjs.map +1 -1
  104. package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  105. package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs.map +1 -1
  106. package/dist/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  107. package/dist/custom_auth/core/error/ParsedUrlError.mjs.map +1 -1
  108. package/dist/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  109. package/dist/custom_auth/core/error/UnexpectedError.mjs +1 -1
  110. package/dist/custom_auth/core/error/UnexpectedError.mjs.map +1 -1
  111. package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  112. package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs.map +1 -1
  113. package/dist/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  114. package/dist/custom_auth/core/error/UserAccountAttributeError.mjs.map +1 -1
  115. package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  116. package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs.map +1 -1
  117. package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  118. package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs.map +1 -1
  119. package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  120. package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs.map +1 -1
  121. package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  122. package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs.map +1 -1
  123. package/dist/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  124. package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  125. package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs.map +1 -1
  126. package/dist/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  127. package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  128. package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs.map +1 -1
  129. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  130. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs.map +1 -1
  131. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  132. package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  133. package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs.map +1 -1
  134. package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  135. package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs.map +1 -1
  136. package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  137. package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs.map +1 -1
  138. package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  139. package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs.map +1 -1
  140. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  141. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  142. package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  143. package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs.map +1 -1
  144. package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  145. package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs.map +1 -1
  146. package/dist/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  147. package/dist/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  148. package/dist/custom_auth/core/utils/ArgumentValidator.mjs.map +1 -1
  149. package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs +1 -1
  150. package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs.map +1 -1
  151. package/dist/custom_auth/core/utils/UrlUtils.mjs +1 -1
  152. package/dist/custom_auth/core/utils/UrlUtils.mjs.map +1 -1
  153. package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  154. package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs.map +1 -1
  155. package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  156. package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs.map +1 -1
  157. package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  158. package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs.map +1 -1
  159. package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  160. package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs.map +1 -1
  161. package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  162. package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs.map +1 -1
  163. package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  164. package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs.map +1 -1
  165. package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  166. package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs.map +1 -1
  167. package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  168. package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs.map +1 -1
  169. package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  170. package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs.map +1 -1
  171. package/dist/custom_auth/index.mjs +1 -1
  172. package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  173. package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs.map +1 -1
  174. package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  175. package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs.map +1 -1
  176. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  177. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs.map +1 -1
  178. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  179. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs.map +1 -1
  180. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  181. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs.map +1 -1
  182. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  183. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs.map +1 -1
  184. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  185. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs.map +1 -1
  186. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  187. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs.map +1 -1
  188. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  189. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs.map +1 -1
  190. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  191. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs.map +1 -1
  192. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  193. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs.map +1 -1
  194. package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  195. package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs.map +1 -1
  196. package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  197. package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs.map +1 -1
  198. package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  199. package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs.map +1 -1
  200. package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  201. package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs.map +1 -1
  202. package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  203. package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs.map +1 -1
  204. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  205. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs.map +1 -1
  206. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  207. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs.map +1 -1
  208. package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  209. package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs.map +1 -1
  210. package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  211. package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs.map +1 -1
  212. package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  213. package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs.map +1 -1
  214. package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  215. package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs.map +1 -1
  216. package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  217. package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs.map +1 -1
  218. package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  219. package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs.map +1 -1
  220. package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  221. package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs.map +1 -1
  222. package/dist/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  223. package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  224. package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs.map +1 -1
  225. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  226. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs.map +1 -1
  227. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  228. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs.map +1 -1
  229. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  230. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs.map +1 -1
  231. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  232. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs.map +1 -1
  233. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  234. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs.map +1 -1
  235. package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  236. package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs.map +1 -1
  237. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  238. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs.map +1 -1
  239. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  240. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs.map +1 -1
  241. package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  242. package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs.map +1 -1
  243. package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  244. package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs.map +1 -1
  245. package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  246. package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs.map +1 -1
  247. package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  248. package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs.map +1 -1
  249. package/dist/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  250. package/dist/encode/Base64Decode.mjs +1 -1
  251. package/dist/encode/Base64Encode.mjs +1 -1
  252. package/dist/error/BrowserAuthError.mjs +1 -1
  253. package/dist/error/BrowserAuthError.mjs.map +1 -1
  254. package/dist/error/BrowserAuthErrorCodes.mjs +4 -2
  255. package/dist/error/BrowserAuthErrorCodes.mjs.map +1 -1
  256. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  257. package/dist/error/BrowserConfigurationAuthError.mjs.map +1 -1
  258. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  259. package/dist/error/NativeAuthError.mjs +1 -1
  260. package/dist/error/NativeAuthError.mjs.map +1 -1
  261. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  262. package/dist/error/NestedAppAuthError.mjs +1 -1
  263. package/dist/error/NestedAppAuthError.mjs.map +1 -1
  264. package/dist/event/EventHandler.mjs +1 -1
  265. package/dist/event/EventHandler.mjs.map +1 -1
  266. package/dist/event/EventMessage.mjs +1 -1
  267. package/dist/event/EventMessage.mjs.map +1 -1
  268. package/dist/event/EventType.mjs +1 -1
  269. package/dist/event/EventType.mjs.map +1 -1
  270. package/dist/index.mjs +1 -1
  271. package/dist/index.mjs.map +1 -1
  272. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  273. package/dist/interaction_client/BaseInteractionClient.mjs.map +1 -1
  274. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  275. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs.map +1 -1
  276. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  277. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  278. package/dist/interaction_client/PopupClient.mjs +77 -10
  279. package/dist/interaction_client/PopupClient.mjs.map +1 -1
  280. package/dist/interaction_client/RedirectClient.mjs +1 -1
  281. package/dist/interaction_client/RedirectClient.mjs.map +1 -1
  282. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  283. package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
  284. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  285. package/dist/interaction_client/SilentCacheClient.mjs.map +1 -1
  286. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  287. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  288. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  289. package/dist/interaction_client/SilentRefreshClient.mjs.map +1 -1
  290. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  291. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  292. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  293. package/dist/interaction_handler/InteractionHandler.mjs.map +1 -1
  294. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  295. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  296. package/dist/log-strings-mapping.json +7 -3
  297. package/dist/naa/BridgeError.mjs +1 -1
  298. package/dist/naa/BridgeProxy.mjs +2 -2
  299. package/dist/naa/BridgeProxy.mjs.map +1 -1
  300. package/dist/naa/BridgeStatusCode.mjs +1 -1
  301. package/dist/naa/BridgeStatusCode.mjs.map +1 -1
  302. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  303. package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
  304. package/dist/navigation/NavigationClient.mjs +1 -1
  305. package/dist/navigation/NavigationClient.mjs.map +1 -1
  306. package/dist/network/FetchClient.mjs +1 -1
  307. package/dist/network/FetchClient.mjs.map +1 -1
  308. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  309. package/dist/operatingcontext/BaseOperatingContext.mjs.map +1 -1
  310. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  311. package/dist/operatingcontext/NestedAppOperatingContext.mjs.map +1 -1
  312. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  313. package/dist/operatingcontext/StandardOperatingContext.mjs.map +1 -1
  314. package/dist/packageMetadata.mjs +2 -2
  315. package/dist/popup_relay/constants.mjs +21 -0
  316. package/dist/popup_relay/constants.mjs.map +1 -0
  317. package/dist/popup_relay/index.mjs +163 -0
  318. package/dist/popup_relay/index.mjs.map +1 -0
  319. package/dist/popup_relay/relayClient.mjs +114 -0
  320. package/dist/popup_relay/relayClient.mjs.map +1 -0
  321. package/dist/protocol/Authorize.mjs +42 -24
  322. package/dist/protocol/Authorize.mjs.map +1 -1
  323. package/dist/redirect_bridge/index.mjs +1 -1
  324. package/dist/redirect_bridge/index.mjs.map +1 -1
  325. package/dist/request/RequestHelpers.mjs +1 -1
  326. package/dist/request/RequestHelpers.mjs.map +1 -1
  327. package/dist/response/ResponseHandler.mjs +1 -1
  328. package/dist/response/ResponseHandler.mjs.map +1 -1
  329. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  330. package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
  331. package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
  332. package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
  333. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  334. package/dist/telemetry/BrowserPerformanceMeasurement.mjs.map +1 -1
  335. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  336. package/dist/utils/BrowserConstants.mjs +1 -1
  337. package/dist/utils/BrowserConstants.mjs.map +1 -1
  338. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  339. package/dist/utils/BrowserProtocolUtils.mjs.map +1 -1
  340. package/dist/utils/BrowserUtils.mjs +2 -2
  341. package/dist/utils/BrowserUtils.mjs.map +1 -1
  342. package/dist/utils/Helpers.mjs +1 -1
  343. package/dist/utils/Helpers.mjs.map +1 -1
  344. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  345. package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
  346. package/lib/custom-auth-path/log-strings-mapping.json +7 -3
  347. package/lib/custom-auth-path/msal-custom-auth.cjs +6047 -5793
  348. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  349. package/lib/custom-auth-path/msal-custom-auth.js +6047 -5793
  350. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  351. package/lib/log-strings-mapping.json +7 -3
  352. package/lib/msal-browser.cjs +6875 -6613
  353. package/lib/msal-browser.cjs.map +1 -1
  354. package/lib/msal-browser.js +6875 -6613
  355. package/lib/msal-browser.js.map +1 -1
  356. package/lib/msal-browser.min.js +2 -2
  357. package/lib/popup-relay/msal-popup-relay.cjs +278 -0
  358. package/lib/popup-relay/msal-popup-relay.cjs.map +1 -0
  359. package/lib/popup-relay/msal-popup-relay.js +284 -0
  360. package/lib/popup-relay/msal-popup-relay.js.map +1 -0
  361. package/lib/popup-relay/msal-popup-relay.min.js +2 -0
  362. package/lib/redirect-bridge/msal-redirect-bridge.cjs +39 -39
  363. package/lib/redirect-bridge/msal-redirect-bridge.cjs.map +1 -1
  364. package/lib/redirect-bridge/msal-redirect-bridge.js +39 -39
  365. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
  366. package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
  367. package/package.json +14 -3
  368. package/scripts/README.md +112 -0
  369. package/scripts/decode-logs.cjs +822 -0
  370. package/src/config/Configuration.ts +18 -0
  371. package/src/crypto/BrowserCrypto.ts +104 -9
  372. package/src/crypto/CryptoOps.ts +13 -12
  373. package/src/error/BrowserAuthErrorCodes.ts +2 -0
  374. package/src/interaction_client/PopupClient.ts +137 -23
  375. package/src/packageMetadata.ts +1 -1
  376. package/src/popup_relay/constants.ts +17 -0
  377. package/src/popup_relay/index.ts +221 -0
  378. package/src/popup_relay/relayClient.ts +178 -0
  379. package/src/protocol/Authorize.ts +76 -27
  380. package/types/config/Configuration.d.ts +16 -0
  381. package/types/config/Configuration.d.ts.map +1 -1
  382. package/types/crypto/BrowserCrypto.d.ts +19 -5
  383. package/types/crypto/BrowserCrypto.d.ts.map +1 -1
  384. package/types/crypto/CryptoOps.d.ts.map +1 -1
  385. package/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  386. package/types/error/BrowserAuthErrorCodes.d.ts +2 -0
  387. package/types/error/BrowserAuthErrorCodes.d.ts.map +1 -1
  388. package/types/interaction_client/PopupClient.d.ts +13 -0
  389. package/types/interaction_client/PopupClient.d.ts.map +1 -1
  390. package/types/packageMetadata.d.ts +1 -1
  391. package/types/popup_relay/constants.d.ts +13 -0
  392. package/types/popup_relay/constants.d.ts.map +1 -0
  393. package/types/popup_relay/index.d.cts +1 -0
  394. package/types/popup_relay/index.d.ts +42 -0
  395. package/types/popup_relay/index.d.ts.map +1 -0
  396. package/types/popup_relay/relayClient.d.ts +43 -0
  397. package/types/popup_relay/relayClient.d.ts.map +1 -0
  398. package/types/protocol/Authorize.d.ts +25 -0
  399. package/types/protocol/Authorize.d.ts.map +1 -1
@@ -0,0 +1,221 @@
1
+ /*
2
+ * Copyright (c) Microsoft Corporation. All rights reserved.
3
+ * Licensed under the MIT License.
4
+ */
5
+
6
+ import { POPUP_RELAY_RESPONSE_TYPE } from "./constants.js";
7
+ import {
8
+ BrowserAuthErrorCodes,
9
+ createBrowserAuthError,
10
+ } from "../error/BrowserAuthError.js";
11
+ import { createForm } from "../protocol/Authorize.js";
12
+ import { PopupWindowAttributes } from "../request/PopupWindowAttributes.js";
13
+
14
+ /** Options for {@link runPopupRelay}. */
15
+ export type PopupRelayOptions = {
16
+ /**
17
+ * Sizing/positioning for the IdP child popup the relay page opens. Same
18
+ * shape as `PopupRequest.popupWindowAttributes` (`popupSize` with width and
19
+ * height, `popupPosition` with top and left). Defaults to a 520x640 window.
20
+ */
21
+ popupWindowAttributes?: PopupWindowAttributes;
22
+ /**
23
+ * How long (ms) to wait for the IdP child popup to deliver a response
24
+ * before giving up. Defaults to 300000 (5 minutes).
25
+ */
26
+ timeoutMs?: number;
27
+ };
28
+
29
+ type PopupRelayRequest = { id: string } & (
30
+ | { method: "GET"; url: string }
31
+ | { method: "POST"; action: string; fields: Record<string, string> }
32
+ );
33
+
34
+ const DEFAULT_POPUP_RELAY_TIMEOUT_MS = 300000;
35
+ const DEFAULT_POPUP_RELAY_WIDTH = 520;
36
+ const DEFAULT_POPUP_RELAY_HEIGHT = 640;
37
+
38
+ /**
39
+ * Builds the `window.open` features string for the IdP child popup from a
40
+ * {@link PopupWindowAttributes}, mirroring the shape used by
41
+ * `PopupRequest.popupWindowAttributes`.
42
+ */
43
+ function buildChildPopupFeatures(attributes?: PopupWindowAttributes): string {
44
+ const width = attributes?.popupSize?.width || DEFAULT_POPUP_RELAY_WIDTH;
45
+ const height = attributes?.popupSize?.height || DEFAULT_POPUP_RELAY_HEIGHT;
46
+ const features = [`width=${width}`, `height=${height}`];
47
+ if (attributes?.popupPosition?.top !== undefined) {
48
+ features.push(`top=${attributes.popupPosition.top}`);
49
+ }
50
+ if (attributes?.popupPosition?.left !== undefined) {
51
+ features.push(`left=${attributes.popupPosition.left}`);
52
+ }
53
+ features.push("scrollbars=yes");
54
+ return features.join(",");
55
+ }
56
+
57
+ /**
58
+ * Entry point for the top-level "popup-relay" page referenced by
59
+ * `auth.popupRelayUri`. Call this from the relay page (which MSAL opens as a
60
+ * top-level popup from inside an embedded, cross-origin iframe). It:
61
+ *
62
+ * 1. Reads the IdP navigation MSAL passed in this page's hash (a GET URL, or a
63
+ * POST form for the form_post / EAR response modes), then scrubs the hash.
64
+ * 2. Opens the IdP child popup and performs that navigation (the relay page
65
+ * stays put, so its `window.opener` link back to the embedded frame
66
+ * survives COOP).
67
+ * 3. Waits for the child's redirect URI page (which must run the redirect
68
+ * bridge, `broadcastResponseToMainFrame`) to broadcast the raw auth
69
+ * response over a same-origin `BroadcastChannel`.
70
+ * 4. Relays that raw response back to the embedded frame via
71
+ * `opener.postMessage`, posting only to its own (same) origin, then closes.
72
+ *
73
+ * The embedded frame keeps the PKCE verifier (and EAR private key) and exchanges
74
+ * the relayed response itself — no token, verifier, or private key ever crosses
75
+ * a window boundary.
76
+ *
77
+ * Note: the child popup is opened when this function runs, so call it from a
78
+ * user gesture (e.g. a "Continue" button click) to avoid popup blockers.
79
+ *
80
+ * @param options - {@link PopupRelayOptions}
81
+ */
82
+ export function runPopupRelay(options?: PopupRelayOptions): void {
83
+ const opener = window.opener as Window | null;
84
+ const targetOrigin = window.location.origin;
85
+
86
+ const hashParams = new URLSearchParams(
87
+ window.location.hash.replace(/^#/, "")
88
+ );
89
+ const rawReq = hashParams.get("req") || "";
90
+
91
+ // Scrub the relayed request out of the relay page's own URL immediately.
92
+ if (typeof window.history.replaceState === "function") {
93
+ window.history.replaceState(
94
+ null,
95
+ "",
96
+ window.location.origin + window.location.pathname
97
+ );
98
+ }
99
+
100
+ if (!opener) {
101
+ throw createBrowserAuthError(
102
+ BrowserAuthErrorCodes.popupRelayUnsupportedFlow,
103
+ "",
104
+ "popup_relay_no_opener"
105
+ );
106
+ }
107
+
108
+ let request: PopupRelayRequest;
109
+ try {
110
+ request = JSON.parse(rawReq) as PopupRelayRequest;
111
+ } catch (e) {
112
+ throw createBrowserAuthError(
113
+ BrowserAuthErrorCodes.popupRelayUnsupportedFlow,
114
+ "",
115
+ "popup_relay_bad_request"
116
+ );
117
+ }
118
+ if (!request || !request.id) {
119
+ throw createBrowserAuthError(
120
+ BrowserAuthErrorCodes.popupRelayUnsupportedFlow,
121
+ "",
122
+ "popup_relay_bad_request"
123
+ );
124
+ }
125
+
126
+ const id = request.id;
127
+ const channel = new BroadcastChannel(id);
128
+ let settled = false;
129
+ /*
130
+ * Timer handles are kept on a const holder so relay() (declared before the
131
+ * timers are created) can clear them — `let` handles trip prefer-const, and
132
+ * `const` handles can't be referenced before assignment (TDZ).
133
+ */
134
+ const timers: {
135
+ closedPoll?: number;
136
+ timeoutId?: number;
137
+ } = {};
138
+
139
+ const relay = (message: { payload?: string; error?: string }): void => {
140
+ if (settled) {
141
+ return;
142
+ }
143
+ settled = true;
144
+ try {
145
+ channel.close();
146
+ } catch (e) {
147
+ /* ignore */
148
+ }
149
+ clearInterval(timers.closedPoll);
150
+ clearTimeout(timers.timeoutId);
151
+ opener.postMessage(
152
+ { type: POPUP_RELAY_RESPONSE_TYPE, id, ...message },
153
+ targetOrigin
154
+ );
155
+ setTimeout(() => {
156
+ try {
157
+ window.close();
158
+ } catch (e) {
159
+ /* ignore */
160
+ }
161
+ }, 0);
162
+ };
163
+
164
+ // The redirect bridge broadcasts the raw auth response payload here.
165
+ channel.onmessage = (event: MessageEvent): void => {
166
+ const payload = event.data && event.data.payload;
167
+ if (payload) {
168
+ relay({ payload });
169
+ }
170
+ };
171
+
172
+ const features = buildChildPopupFeatures(options?.popupWindowAttributes);
173
+ const childPopup =
174
+ request.method === "POST"
175
+ ? window.open("about:blank", "msalPopupRelayChild", features)
176
+ : window.open(request.url, "msalPopupRelayChild", features);
177
+
178
+ if (!childPopup) {
179
+ relay({ error: BrowserAuthErrorCodes.popupWindowError });
180
+ return;
181
+ }
182
+
183
+ if (request.method === "POST") {
184
+ createForm(
185
+ childPopup.document,
186
+ request.action,
187
+ request.fields
188
+ ).submit();
189
+ }
190
+
191
+ timers.closedPoll = window.setInterval(() => {
192
+ if (childPopup.closed && !settled) {
193
+ /*
194
+ * The popup is gone, so the overall timeout no longer applies —
195
+ * drop it and report cancellation. A successful sign-in settles
196
+ * first: the redirect bridge broadcasts the response before it
197
+ * closes the popup, so onmessage runs on the
198
+ * next event-loop turn, well before this 500ms poll observes the
199
+ * close — the `!settled` guard then skips cancellation.
200
+ */
201
+ clearTimeout(timers.timeoutId);
202
+ relay({ error: BrowserAuthErrorCodes.userCancelled });
203
+ }
204
+ }, 500);
205
+
206
+ timers.timeoutId = window.setTimeout(() => {
207
+ if (!settled) {
208
+ /*
209
+ * Stop the close poll before we close the popup ourselves, so it
210
+ * can't observe the close and report user_cancelled instead.
211
+ */
212
+ clearInterval(timers.closedPoll);
213
+ try {
214
+ childPopup.close();
215
+ } catch (e) {
216
+ /* ignore */
217
+ }
218
+ relay({ error: BrowserAuthErrorCodes.timedOut });
219
+ }
220
+ }, options?.timeoutMs || DEFAULT_POPUP_RELAY_TIMEOUT_MS);
221
+ }
@@ -0,0 +1,178 @@
1
+ /*
2
+ * Copyright (c) Microsoft Corporation. All rights reserved.
3
+ * Licensed under the MIT License.
4
+ */
5
+
6
+ import {
7
+ IPerformanceClient,
8
+ Logger,
9
+ ProtocolUtils,
10
+ } from "@azure/msal-common/browser";
11
+ import { base64Decode } from "../encode/Base64Decode.js";
12
+ import {
13
+ BrowserAuthErrorCodes,
14
+ createBrowserAuthError,
15
+ } from "../error/BrowserAuthError.js";
16
+ import { redirectBridgeEmptyResponse } from "../error/BrowserAuthErrorCodes.js";
17
+ import type { WaitForBridgeRequest } from "../utils/BrowserUtils.js";
18
+ import { POPUP_RELAY_RESPONSE_TYPE } from "./constants.js";
19
+
20
+ /**
21
+ * The navigation the popup-relay page should perform in its IdP child popup:
22
+ * either a GET navigation to a URL, or a POST form submission (used by the
23
+ * form_post and EAR response modes).
24
+ *
25
+ * @internal
26
+ */
27
+ export type PopupRelayAction =
28
+ | { method: "GET"; url: string }
29
+ | { method: "POST"; action: string; fields: Record<string, string> };
30
+
31
+ /**
32
+ * Builds the URL of the popup-relay page to open. The action the relay page
33
+ * must perform (GET navigation or POST form) is carried in the page's hash
34
+ * (client-side only, never sent to a server), keyed by the per-request
35
+ * library-state `id` so the relay page can listen on the right BroadcastChannel
36
+ * and echo the id back. The relay URI is resolved against the app origin, so it
37
+ * must be same-origin as the embedded frame. See `runPopupRelay`.
38
+ *
39
+ * @internal
40
+ */
41
+ export function buildPopupRelayUrl(
42
+ popupRelayUri: string,
43
+ id: string,
44
+ action: PopupRelayAction,
45
+ correlationId: string
46
+ ): string {
47
+ const req = { id, ...action };
48
+ const target = new URL(popupRelayUri, window.location.origin);
49
+ /*
50
+ * The relay page must be same-origin as the embedded frame: the response is
51
+ * relayed back via postMessage and only accepted from this origin, and a
52
+ * cross-origin page would also receive the relayed /authorize request. Fail
53
+ * fast with a clear error instead of silently relaying to (and timing out
54
+ * against) the wrong origin.
55
+ */
56
+ if (target.origin !== window.location.origin) {
57
+ throw createBrowserAuthError(
58
+ BrowserAuthErrorCodes.popupRelayUnsupportedFlow,
59
+ correlationId,
60
+ "popup_relay_cross_origin"
61
+ );
62
+ }
63
+ const hashParams = new URLSearchParams();
64
+ hashParams.set("req", JSON.stringify(req));
65
+ target.hash = hashParams.toString();
66
+ return target.toString();
67
+ }
68
+
69
+ /**
70
+ * Waits for the popup-relay page to relay the raw auth response back to the
71
+ * embedded frame via postMessage. Used in place of `waitForBridgeResponse`
72
+ * when `auth.popupRelayUri` is configured, because third-party storage
73
+ * partitioning blocks the BroadcastChannel the redirect bridge uses from
74
+ * reaching the embedded frame.
75
+ *
76
+ * The response is accepted only from the popup window we opened, on our own
77
+ * origin (the relay page is same-origin as the embedded frame), and only when
78
+ * it carries the matching per-request library-state id.
79
+ *
80
+ * @internal
81
+ */
82
+ export async function waitForPopupRelayResponse(
83
+ timeoutMs: number,
84
+ logger: Logger,
85
+ request: WaitForBridgeRequest,
86
+ popupWindow: Window,
87
+ performanceClient: IPerformanceClient
88
+ ): Promise<string> {
89
+ return new Promise<string>((resolve, reject) => {
90
+ const correlationId = request.correlationId;
91
+ logger.verbose(
92
+ "PopupRelay.waitForPopupRelayResponse - started",
93
+ correlationId
94
+ );
95
+ performanceClient.addFields(
96
+ { redirectBridgeTimeoutMs: timeoutMs },
97
+ correlationId
98
+ );
99
+
100
+ const { libraryState } = ProtocolUtils.parseRequestState(
101
+ base64Decode,
102
+ request.state || "",
103
+ correlationId
104
+ );
105
+ const expectedId = libraryState.id;
106
+ const expectedOrigin = window.location.origin;
107
+ let settled = false;
108
+
109
+ const cleanup = (): void => {
110
+ window.removeEventListener("message", onMessage);
111
+ clearTimeout(timeoutId);
112
+ clearInterval(closedPoll);
113
+ };
114
+
115
+ const onMessage = (event: MessageEvent): void => {
116
+ if (
117
+ event.origin !== expectedOrigin ||
118
+ event.source !== popupWindow
119
+ ) {
120
+ return;
121
+ }
122
+ const data = event.data;
123
+ if (
124
+ !data ||
125
+ data.type !== POPUP_RELAY_RESPONSE_TYPE ||
126
+ data.id !== expectedId
127
+ ) {
128
+ return;
129
+ }
130
+ if (settled) {
131
+ return;
132
+ }
133
+ settled = true;
134
+ cleanup();
135
+ if (data.error) {
136
+ reject(createBrowserAuthError(data.error, correlationId));
137
+ } else if (data.payload) {
138
+ resolve(data.payload);
139
+ } else {
140
+ reject(
141
+ createBrowserAuthError(
142
+ redirectBridgeEmptyResponse,
143
+ correlationId
144
+ )
145
+ );
146
+ }
147
+ };
148
+ window.addEventListener("message", onMessage);
149
+
150
+ const timeoutId = window.setTimeout(() => {
151
+ if (settled) {
152
+ return;
153
+ }
154
+ settled = true;
155
+ cleanup();
156
+ reject(
157
+ createBrowserAuthError(
158
+ BrowserAuthErrorCodes.timedOut,
159
+ correlationId,
160
+ "popup_relay_timeout"
161
+ )
162
+ );
163
+ }, timeoutMs);
164
+
165
+ const closedPoll = window.setInterval(() => {
166
+ if (popupWindow.closed && !settled) {
167
+ settled = true;
168
+ cleanup();
169
+ reject(
170
+ createBrowserAuthError(
171
+ BrowserAuthErrorCodes.userCancelled,
172
+ correlationId
173
+ )
174
+ );
175
+ }
176
+ }, 500);
177
+ });
178
+ }
@@ -271,17 +271,22 @@ export async function getAuthCodeRequestUrl(
271
271
  return AuthorizeProtocol.getAuthorizeUrl(authority, parameters);
272
272
  }
273
273
 
274
+ /** Action URL + POST-body fields for a /authorize form submission. */
275
+ export type AuthorizeFormData = {
276
+ action: string;
277
+ fields: Record<string, string>;
278
+ };
279
+
274
280
  /**
275
- * Gets the form that will be posted to /authorize with request parameters when using EAR
281
+ * Builds the action URL + POST-body fields for the EAR /authorize form.
276
282
  */
277
- export async function getEARForm(
278
- frame: Document,
283
+ export async function getEARFormData(
279
284
  config: BrowserConfiguration,
280
285
  authority: Authority,
281
286
  request: CommonAuthorizationUrlRequest,
282
287
  logger: Logger,
283
288
  performanceClient: IPerformanceClient
284
- ): Promise<HTMLFormElement> {
289
+ ): Promise<AuthorizeFormData> {
285
290
  if (!request.earJwk) {
286
291
  throw createBrowserAuthError(
287
292
  BrowserAuthErrorCodes.earJwkEmpty,
@@ -326,15 +331,15 @@ export async function getEARForm(
326
331
  request.correlationId
327
332
  );
328
333
 
329
- const url = AuthorizeProtocol.getAuthorizeUrl(authority, queryParams);
334
+ const action = AuthorizeProtocol.getAuthorizeUrl(authority, queryParams);
330
335
 
331
- return createForm(frame, url, parameters);
336
+ return { action, fields: Object.fromEntries(parameters) };
332
337
  }
333
338
 
334
339
  /**
335
- * Gets the form that will be posted to /authorize with request parameters when using POST method
340
+ * Gets the form that will be posted to /authorize with request parameters when using EAR
336
341
  */
337
- export async function getCodeForm(
342
+ export async function getEARForm(
338
343
  frame: Document,
339
344
  config: BrowserConfiguration,
340
345
  authority: Authority,
@@ -342,6 +347,26 @@ export async function getCodeForm(
342
347
  logger: Logger,
343
348
  performanceClient: IPerformanceClient
344
349
  ): Promise<HTMLFormElement> {
350
+ const { action, fields } = await getEARFormData(
351
+ config,
352
+ authority,
353
+ request,
354
+ logger,
355
+ performanceClient
356
+ );
357
+ return createForm(frame, action, fields);
358
+ }
359
+
360
+ /**
361
+ * Builds the action URL + POST-body fields for the auth-code /authorize form.
362
+ */
363
+ export async function getCodeFormData(
364
+ config: BrowserConfiguration,
365
+ authority: Authority,
366
+ request: CommonAuthorizationUrlRequest,
367
+ logger: Logger,
368
+ performanceClient: IPerformanceClient
369
+ ): Promise<AuthorizeFormData> {
345
370
  const parameters = await getStandardParameters(
346
371
  config,
347
372
  authority,
@@ -379,34 +404,58 @@ export async function getCodeForm(
379
404
  request.correlationId
380
405
  );
381
406
 
382
- const url = AuthorizeProtocol.getAuthorizeUrl(authority, queryParams);
407
+ const action = AuthorizeProtocol.getAuthorizeUrl(authority, queryParams);
383
408
 
384
- return createForm(frame, url, parameters);
409
+ return { action, fields: Object.fromEntries(parameters) };
385
410
  }
386
411
 
387
412
  /**
388
- * Creates form element in the provided document with auth parameters in the post body
389
- * @param frame
390
- * @param authorizeUrl
391
- * @param parameters
392
- * @returns
413
+ * Gets the form that will be posted to /authorize with request parameters when using POST method
414
+ */
415
+ export async function getCodeForm(
416
+ frame: Document,
417
+ config: BrowserConfiguration,
418
+ authority: Authority,
419
+ request: CommonAuthorizationUrlRequest,
420
+ logger: Logger,
421
+ performanceClient: IPerformanceClient
422
+ ): Promise<HTMLFormElement> {
423
+ const { action, fields } = await getCodeFormData(
424
+ config,
425
+ authority,
426
+ request,
427
+ logger,
428
+ performanceClient
429
+ );
430
+ return createForm(frame, action, fields);
431
+ }
432
+
433
+ /**
434
+ * Creates a POST `<form>` in the provided document with the given auth
435
+ * parameters as hidden inputs, targeting `action`. Shared by the popup auth
436
+ * flows (`getEARForm` / `getCodeForm`) and the popup-relay page
437
+ * (`runPopupRelay`) so the form is built one way only.
438
+ *
439
+ * @param frame - document to create the form in
440
+ * @param action - form action (the /authorize URL)
441
+ * @param fields - POST-body fields
442
+ * @internal
393
443
  */
394
- function createForm(
444
+ export function createForm(
395
445
  frame: Document,
396
- authorizeUrl: string,
397
- parameters: Map<string, string>
446
+ action: string,
447
+ fields: Record<string, string>
398
448
  ): HTMLFormElement {
399
449
  const form = frame.createElement("form");
400
450
  form.method = "post";
401
- form.action = authorizeUrl;
402
-
403
- parameters.forEach((value: string, key: string) => {
404
- const param = frame.createElement("input");
405
- param.hidden = true;
406
- param.name = key;
407
- param.value = value;
408
-
409
- form.appendChild(param);
451
+ form.action = action;
452
+
453
+ Object.keys(fields).forEach((name) => {
454
+ const input = frame.createElement("input");
455
+ input.hidden = true;
456
+ input.name = name;
457
+ input.value = fields[name];
458
+ form.appendChild(input);
410
459
  });
411
460
 
412
461
  frame.body.appendChild(form);
@@ -37,6 +37,22 @@ export type BrowserAuthOptions = {
37
37
  * The redirect URI where the window navigates after a successful logout.
38
38
  */
39
39
  postLogoutRedirectUri?: string | null;
40
+ /**
41
+ * URI of a first-party, top-level "popup-relay" page used to acquire tokens
42
+ * interactively from inside a cross-origin iframe that an untrusted host has
43
+ * embedded (where third-party storage partitioning and COOP break the normal
44
+ * popup flow). When set, `acquireTokenPopup` opens this page top-level
45
+ * instead of navigating the popup straight to the IdP, and the page must call
46
+ * `runPopupRelay()`. Resolved relative to the app origin, so it must be
47
+ * same-origin as the embedded frame.
48
+ *
49
+ * This is a browser SPA-only mechanism (`PublicClientApplication` in
50
+ * `@azure/msal-browser`): it brokers the standard interactive popup
51
+ * auth-code flow through a same-origin page. It does not apply to native
52
+ * app, platform broker (WAM), Nested App Auth, or confidential-client /
53
+ * server-side scenarios.
54
+ */
55
+ popupRelayUri?: string;
40
56
  /**
41
57
  * Array of capabilities which will be added to the claims.access_token.xms_cc request property on every network request.
42
58
  */
@@ -1 +1 @@
1
- {"version":3,"file":"Configuration.d.ts","sourceRoot":"","sources":["../../src/config/Configuration.ts"],"names":[],"mappings":"AAKA,OAAO,EACH,aAAa,EACb,aAAa,EACb,cAAc,EAEd,YAAY,EACZ,WAAW,EAIX,iBAAiB,EACjB,oBAAoB,EAGpB,kBAAkB,EAIrB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAMvE,eAAO,MAAM,wBAAwB,QAAQ,CAAC;AAC9C,eAAO,MAAM,yBAAyB,QAAQ,CAAC;AAC/C,eAAO,MAAM,2BAA2B,QAAQ,CAAC;AACjD,eAAO,MAAM,0CAA0C,OAAO,CAAC;AAE/D;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG;IAC7B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,gBAAgB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC;;OAEG;IACH,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEtC;;OAEG;IACH,kBAAkB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACnC;;OAEG;IACH,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B;;OAEG;IACH,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC;;OAEG;IACH,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,GAAG,IAAI,CAAC;IACrD;;OAEG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB;;OAEG;IACH,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;CACvB,CAAC;AAEF,gBAAgB;AAChB,MAAM,MAAM,mBAAmB,GAAG,IAAI,CAClC,QAAQ,CAAC,kBAAkB,CAAC,EAC5B,oBAAoB,CACvB,GAAG;IACA,WAAW,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;IACnC,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,GAAG,IAAI,CAAC;CACxD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG;IACvB;;OAEG;IACH,aAAa,CAAC,EAAE,oBAAoB,GAAG,MAAM,CAAC;IAC9C;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,aAAa,GAAG;IAC/C;;OAEG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC;IAC9B;;OAEG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAC/B;;OAEG;IACH,gBAAgB,CAAC,EAAE,iBAAiB,CAAC;IACrC;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B;;OAEG;IACH,yBAAyB,CAAC,EAAE,MAAM,CAAC;IACnC;;OAEG;IACH,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB;;OAEG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC;;OAEG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B;;OAEG;IACH,4BAA4B,CAAC,EAAE,MAAM,CAAC;IACtC;;OAEG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B;;;OAGG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;CACpC,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,0BAA0B,GAAG;IACrC;;OAEG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC;;OAEG;IACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;CACxC,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAAG;IAClC;;;;OAIG;IACH,WAAW,CAAC,EAAE,oBAAoB,CAAC;IAEnC,MAAM,CAAC,EAAE,kBAAkB,CAAC;CAC/B,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG;IACxB;;OAEG;IACH,IAAI,EAAE,kBAAkB,CAAC;IACzB;;OAEG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IACrB;;OAEG;IACH,MAAM,CAAC,EAAE,oBAAoB,CAAC;IAC9B;;OAEG;IACH,YAAY,CAAC,EAAE,0BAA0B,CAAC;IAC1C;;OAEG;IACH,SAAS,CAAC,EAAE,uBAAuB,CAAC;CACvC,CAAC;AAEF,gBAAgB;AAChB,MAAM,MAAM,oBAAoB,GAAG;IAC/B,IAAI,EAAE,mBAAmB,CAAC;IAC1B,KAAK,EAAE,QAAQ,CAAC,YAAY,CAAC,CAAC;IAC9B,MAAM,EAAE,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IACvC,YAAY,EAAE,QAAQ,CAAC,0BAA0B,CAAC,CAAC;IACnD,SAAS,EAAE,QAAQ,CAAC,uBAAuB,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,kBAAkB,CAC9B,EACI,IAAI,EAAE,aAAa,EACnB,KAAK,EAAE,cAAc,EACrB,MAAM,EAAE,eAAe,EACvB,YAAY,EAAE,qBAAqB,EACnC,SAAS,EAAE,kBAAkB,GAChC,EAAE,aAAa,EAChB,oBAAoB,EAAE,OAAO,GAC9B,oBAAoB,CA6ItB"}
1
+ {"version":3,"file":"Configuration.d.ts","sourceRoot":"","sources":["../../src/config/Configuration.ts"],"names":[],"mappings":"AAKA,OAAO,EACH,aAAa,EACb,aAAa,EACb,cAAc,EAEd,YAAY,EACZ,WAAW,EAIX,iBAAiB,EACjB,oBAAoB,EAGpB,kBAAkB,EAIrB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAMvE,eAAO,MAAM,wBAAwB,QAAQ,CAAC;AAC9C,eAAO,MAAM,yBAAyB,QAAQ,CAAC;AAC/C,eAAO,MAAM,2BAA2B,QAAQ,CAAC;AACjD,eAAO,MAAM,0CAA0C,OAAO,CAAC;AAE/D;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG;IAC7B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,gBAAgB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC;;OAEG;IACH,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEtC;;;;;;;;;;;;;;OAcG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,kBAAkB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACnC;;OAEG;IACH,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B;;OAEG;IACH,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC;;OAEG;IACH,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,GAAG,IAAI,CAAC;IACrD;;OAEG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB;;OAEG;IACH,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;CACvB,CAAC;AAEF,gBAAgB;AAChB,MAAM,MAAM,mBAAmB,GAAG,IAAI,CAClC,QAAQ,CAAC,kBAAkB,CAAC,EAC5B,oBAAoB,CACvB,GAAG;IACA,WAAW,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;IACnC,kBAAkB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,GAAG,IAAI,CAAC;CACxD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG;IACvB;;OAEG;IACH,aAAa,CAAC,EAAE,oBAAoB,GAAG,MAAM,CAAC;IAC9C;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,aAAa,GAAG;IAC/C;;OAEG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC;IAC9B;;OAEG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAC/B;;OAEG;IACH,gBAAgB,CAAC,EAAE,iBAAiB,CAAC;IACrC;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B;;OAEG;IACH,yBAAyB,CAAC,EAAE,MAAM,CAAC;IACnC;;OAEG;IACH,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB;;OAEG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC;;OAEG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B;;OAEG;IACH,4BAA4B,CAAC,EAAE,MAAM,CAAC;IACtC;;OAEG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B;;;OAGG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;CACpC,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,0BAA0B,GAAG;IACrC;;OAEG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC;;OAEG;IACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;CACxC,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAAG;IAClC;;;;OAIG;IACH,WAAW,CAAC,EAAE,oBAAoB,CAAC;IAEnC,MAAM,CAAC,EAAE,kBAAkB,CAAC;CAC/B,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG;IACxB;;OAEG;IACH,IAAI,EAAE,kBAAkB,CAAC;IACzB;;OAEG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IACrB;;OAEG;IACH,MAAM,CAAC,EAAE,oBAAoB,CAAC;IAC9B;;OAEG;IACH,YAAY,CAAC,EAAE,0BAA0B,CAAC;IAC1C;;OAEG;IACH,SAAS,CAAC,EAAE,uBAAuB,CAAC;CACvC,CAAC;AAEF,gBAAgB;AAChB,MAAM,MAAM,oBAAoB,GAAG;IAC/B,IAAI,EAAE,mBAAmB,CAAC;IAC1B,KAAK,EAAE,QAAQ,CAAC,YAAY,CAAC,CAAC;IAC9B,MAAM,EAAE,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IACvC,YAAY,EAAE,QAAQ,CAAC,0BAA0B,CAAC,CAAC;IACnD,SAAS,EAAE,QAAQ,CAAC,uBAAuB,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,kBAAkB,CAC9B,EACI,IAAI,EAAE,aAAa,EACnB,KAAK,EAAE,cAAc,EACrB,MAAM,EAAE,eAAe,EACvB,YAAY,EAAE,qBAAqB,EACnC,SAAS,EAAE,kBAAkB,GAChC,EAAE,aAAa,EAChB,oBAAoB,EAAE,OAAO,GAC9B,oBAAoB,CA8ItB"}
@@ -1,3 +1,7 @@
1
+ export declare const RSA_KEYGEN_ALGORITHM_OPTIONS: RsaHashedKeyGenParams;
2
+ export declare const RSA_SIGN_ALGORITHM_OPTIONS: Algorithm;
3
+ export declare const ECDSA_P256_KEYGEN_ALGORITHM_OPTIONS: EcKeyGenParams;
4
+ export declare const ECDSA_SHA256_SIGN_ALGORITHM_OPTIONS: EcdsaParams;
1
5
  /**
2
6
  * Check whether browser crypto is available.
3
7
  */
@@ -21,11 +25,12 @@ export declare function getRandomValues(dataBuffer: Uint8Array): Uint8Array;
21
25
  */
22
26
  export declare function createNewGuid(): string;
23
27
  /**
24
- * Generates a keypair based on current keygen algorithm config.
28
+ * Generates a keypair based on the provided algorithm config.
25
29
  * @param extractable
26
30
  * @param usages
31
+ * @param algorithm
27
32
  */
28
- export declare function generateKeyPair(extractable: boolean, usages: Array<KeyUsage>): Promise<CryptoKeyPair>;
33
+ export declare function generateKeyPair(extractable: boolean, usages: Array<KeyUsage>, algorithm: AlgorithmIdentifier): Promise<CryptoKeyPair>;
29
34
  /**
30
35
  * Export key as Json Web Key (JWK)
31
36
  * @param key
@@ -36,14 +41,16 @@ export declare function exportJwk(key: CryptoKey): Promise<JsonWebKey>;
36
41
  * @param key
37
42
  * @param extractable
38
43
  * @param usages
44
+ * @param algorithm
39
45
  */
40
- export declare function importJwk(key: JsonWebKey, extractable: boolean, usages: Array<KeyUsage>): Promise<CryptoKey>;
46
+ export declare function importJwk(key: JsonWebKey, extractable: boolean, usages: Array<KeyUsage>, algorithm: AlgorithmIdentifier): Promise<CryptoKey>;
41
47
  /**
42
- * Signs given data with given key
48
+ * Signs given data with given key.
43
49
  * @param key
44
50
  * @param data
51
+ * @param algorithm
45
52
  */
46
- export declare function sign(key: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer>;
53
+ export declare function sign(key: CryptoKey, data: ArrayBuffer, algorithm: AlgorithmIdentifier): Promise<ArrayBuffer>;
47
54
  /**
48
55
  * Generates Base64 encoded jwk used in the Encrypted Authorize Response (EAR) flow
49
56
  */
@@ -93,4 +100,11 @@ export declare function decrypt(baseKey: CryptoKey, nonce: string, context: stri
93
100
  * @param plainText
94
101
  */
95
102
  export declare function hashString(plainText: string): Promise<string>;
103
+ /**
104
+ * Computes an RFC 7638 JWK thumbprint for a public key.
105
+ * The required members for the JWK key type are serialised in lexicographic order
106
+ * and the SHA-256 digest is returned as a base64url string.
107
+ * @internal
108
+ */
109
+ export declare function computeJwkThumbprint(publicJwk: JsonWebKey): Promise<string>;
96
110
  //# sourceMappingURL=BrowserCrypto.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"BrowserCrypto.d.ts","sourceRoot":"","sources":["../../src/crypto/BrowserCrypto.ts"],"names":[],"mappings":"AAqDA;;GAEG;AACH,wBAAgB,uBAAuB,CACnC,wBAAwB,EAAE,OAAO,GAClC,IAAI,CAoBN;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAO3E;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,UAAU,EAAE,UAAU,GAAG,UAAU,CAElE;AAWD;;;;GAIG;AACH,wBAAgB,aAAa,IAAI,MAAM,CAuCtC;AAED;;;;GAIG;AACH,wBAAsB,eAAe,CACjC,WAAW,EAAE,OAAO,EACpB,MAAM,EAAE,KAAK,CAAC,QAAQ,CAAC,GACxB,OAAO,CAAC,aAAa,CAAC,CAMxB;AAED;;;GAGG;AACH,wBAAsB,SAAS,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAKnE;AAED;;;;;GAKG;AACH,wBAAsB,SAAS,CAC3B,GAAG,EAAE,UAAU,EACf,WAAW,EAAE,OAAO,EACpB,MAAM,EAAE,KAAK,CAAC,QAAQ,CAAC,GACxB,OAAO,CAAC,SAAS,CAAC,CAQpB;AAED;;;;GAIG;AACH,wBAAsB,IAAI,CACtB,GAAG,EAAE,SAAS,EACd,IAAI,EAAE,WAAW,GAClB,OAAO,CAAC,WAAW,CAAC,CAMtB;AAED;;GAEG;AACH,wBAAsB,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,CAWtD;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CASrE;AAED;;;;;GAKG;AACH,wBAAsB,kBAAkB,CACpC,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,CAAC,CAiDjB;AAED;;GAEG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,WAAW,CAAC,CAU5D;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,SAAS,CAAC,CAI3E;AA4BD;;;;GAIG;AACH,wBAAsB,OAAO,CACzB,OAAO,EAAE,SAAS,EAClB,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,GAChB,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,CAkB1C;AAED;;;;;;GAMG;AACH,wBAAsB,OAAO,CACzB,OAAO,EAAE,SAAS,EAClB,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,MAAM,EACf,aAAa,EAAE,MAAM,GACtB,OAAO,CAAC,MAAM,CAAC,CAajB;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAInE"}
1
+ {"version":3,"file":"BrowserCrypto.d.ts","sourceRoot":"","sources":["../../src/crypto/BrowserCrypto.ts"],"names":[],"mappings":"AAsDA,eAAO,MAAM,4BAA4B,EAAE,qBAK1C,CAAC;AAEF,eAAO,MAAM,0BAA0B,EAAE,SAExC,CAAC;AAEF,eAAO,MAAM,mCAAmC,EAAE,cAGjD,CAAC;AAEF,eAAO,MAAM,mCAAmC,EAAE,WAGjD,CAAC;AAEF;;GAEG;AACH,wBAAgB,uBAAuB,CACnC,wBAAwB,EAAE,OAAO,GAClC,IAAI,CAoBN;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAO3E;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,UAAU,EAAE,UAAU,GAAG,UAAU,CAElE;AAWD;;;;GAIG;AACH,wBAAgB,aAAa,IAAI,MAAM,CAuCtC;AAED;;;;;GAKG;AACH,wBAAsB,eAAe,CACjC,WAAW,EAAE,OAAO,EACpB,MAAM,EAAE,KAAK,CAAC,QAAQ,CAAC,EACvB,SAAS,EAAE,mBAAmB,GAC/B,OAAO,CAAC,aAAa,CAAC,CAMxB;AAED;;;GAGG;AACH,wBAAsB,SAAS,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAKnE;AAED;;;;;;GAMG;AACH,wBAAsB,SAAS,CAC3B,GAAG,EAAE,UAAU,EACf,WAAW,EAAE,OAAO,EACpB,MAAM,EAAE,KAAK,CAAC,QAAQ,CAAC,EACvB,SAAS,EAAE,mBAAmB,GAC/B,OAAO,CAAC,SAAS,CAAC,CAQpB;AAED;;;;;GAKG;AACH,wBAAsB,IAAI,CACtB,GAAG,EAAE,SAAS,EACd,IAAI,EAAE,WAAW,EACjB,SAAS,EAAE,mBAAmB,GAC/B,OAAO,CAAC,WAAW,CAAC,CAMtB;AAED;;GAEG;AACH,wBAAsB,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,CAWtD;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CASrE;AAED;;;;;GAKG;AACH,wBAAsB,kBAAkB,CACpC,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,CAAC,CAiDjB;AAED;;GAEG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,WAAW,CAAC,CAU5D;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,SAAS,CAAC,CAI3E;AA4BD;;;;GAIG;AACH,wBAAsB,OAAO,CACzB,OAAO,EAAE,SAAS,EAClB,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,GAChB,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,CAkB1C;AAED;;;;;;GAMG;AACH,wBAAsB,OAAO,CACzB,OAAO,EAAE,SAAS,EAClB,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,MAAM,EACf,aAAa,EAAE,MAAM,GACtB,OAAO,CAAC,MAAM,CAAC,CAajB;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAInE;AAmDD;;;;;GAKG;AACH,wBAAsB,oBAAoB,CACtC,SAAS,EAAE,UAAU,GACtB,OAAO,CAAC,MAAM,CAAC,CAQjB"}
@@ -1 +1 @@
1
- {"version":3,"file":"CryptoOps.d.ts","sourceRoot":"","sources":["../../src/crypto/CryptoOps.ts"],"names":[],"mappings":"AAKA,OAAO,EAGH,OAAO,EACP,kBAAkB,EAElB,MAAM,EACN,UAAU,EACV,iBAAiB,EACjB,2BAA2B,EAC9B,MAAM,4BAA4B,CAAC;AAepC,MAAM,MAAM,aAAa,GAAG;IACxB,SAAS,EAAE,SAAS,CAAC;IACrB,UAAU,EAAE,SAAS,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF;;;GAGG;AACH,qBAAa,SAAU,YAAW,OAAO;IACrC,OAAO,CAAC,MAAM,CAAS;IAEvB;;;OAGG;IACH,OAAO,CAAC,iBAAiB,CAAiC;IAE1D,OAAO,CAAC,MAAM,CAAC,cAAc,CAAuC;IACpE,OAAO,CAAC,MAAM,CAAC,WAAW,CAAiB;IAC3C,OAAO,CAAC,KAAK,CAAoC;gBAG7C,MAAM,EAAE,MAAM,EACd,iBAAiB,CAAC,EAAE,kBAAkB,EACtC,wBAAwB,CAAC,EAAE,OAAO;IAWtC;;;OAGG;IACH,aAAa,IAAI,MAAM;IAIvB;;;OAGG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAItC;;;;OAIG;IACH,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACG,sBAAsB,CACxB,OAAO,EAAE,2BAA2B,GACrC,OAAO,CAAC,MAAM,CAAC;IAyDlB;;;;OAIG;IACG,qBAAqB,CACvB,GAAG,EAAE,MAAM,EACX,aAAa,EAAE,MAAM,GACtB,OAAO,CAAC,IAAI,CAAC;IAWhB;;;OAGG;IACG,aAAa,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA4B5D;;;;OAIG;IACG,OAAO,CACT,OAAO,EAAE,iBAAiB,EAC1B,GAAG,EAAE,MAAM,EACX,UAAU,CAAC,EAAE,UAAU,EACvB,aAAa,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,MAAM,CAAC;IA8DlB;;;OAGG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAGvD"}
1
+ {"version":3,"file":"CryptoOps.d.ts","sourceRoot":"","sources":["../../src/crypto/CryptoOps.ts"],"names":[],"mappings":"AAKA,OAAO,EAGH,OAAO,EACP,kBAAkB,EAElB,MAAM,EACN,UAAU,EACV,iBAAiB,EACjB,2BAA2B,EAC9B,MAAM,4BAA4B,CAAC;AAepC,MAAM,MAAM,aAAa,GAAG;IACxB,SAAS,EAAE,SAAS,CAAC;IACrB,UAAU,EAAE,SAAS,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF;;;GAGG;AACH,qBAAa,SAAU,YAAW,OAAO;IACrC,OAAO,CAAC,MAAM,CAAS;IAEvB;;;OAGG;IACH,OAAO,CAAC,iBAAiB,CAAiC;IAE1D,OAAO,CAAC,MAAM,CAAC,cAAc,CAAuC;IACpE,OAAO,CAAC,MAAM,CAAC,WAAW,CAAiB;IAC3C,OAAO,CAAC,KAAK,CAAoC;gBAG7C,MAAM,EAAE,MAAM,EACd,iBAAiB,CAAC,EAAE,kBAAkB,EACtC,wBAAwB,CAAC,EAAE,OAAO;IAWtC;;;OAGG;IACH,aAAa,IAAI,MAAM;IAIvB;;;OAGG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAItC;;;;OAIG;IACH,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACG,sBAAsB,CACxB,OAAO,EAAE,2BAA2B,GACrC,OAAO,CAAC,MAAM,CAAC;IAyDlB;;;;OAIG;IACG,qBAAqB,CACvB,GAAG,EAAE,MAAM,EACX,aAAa,EAAE,MAAM,GACtB,OAAO,CAAC,IAAI,CAAC;IAWhB;;;OAGG;IACG,aAAa,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA4B5D;;;;OAIG;IACG,OAAO,CACT,OAAO,EAAE,iBAAiB,EAC1B,GAAG,EAAE,MAAM,EACX,UAAU,CAAC,EAAE,UAAU,EACvB,aAAa,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,MAAM,CAAC;IA+DlB;;;OAGG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAGvD"}
@@ -23,7 +23,7 @@ export declare const CustomHeaderConstants: {
23
23
  };
24
24
  export declare const DefaultPackageInfo: {
25
25
  readonly SKU: "msal.browser";
26
- readonly VERSION: "5.16.0";
26
+ readonly VERSION: "5.17.1";
27
27
  readonly OS: "";
28
28
  readonly CPU: "";
29
29
  };