@azure/msal-browser 5.3.0 → 5.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +4 -1
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +4 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +12 -2
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +11 -8
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +4 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +4 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +11 -8
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/index.d.ts +1 -1
- package/dist/custom-auth-path/index.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +5 -5
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +6 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +19 -3
- package/dist/custom-auth-path/naa/TokenRequest.d.ts +1 -0
- package/dist/custom-auth-path/naa/TokenRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts +2 -2
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +12 -2
- package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +2 -2
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +5 -5
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +6 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +23 -7
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/TokenRequest.d.ts +1 -0
- package/dist/naa/TokenRequest.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +2 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/config/Configuration.d.ts +4 -0
- package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/index.d.ts +1 -1
- package/dist/redirect-bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/naa/TokenRequest.d.ts +1 -0
- package/dist/redirect-bridge/naa/TokenRequest.d.ts.map +1 -1
- package/dist/redirect-bridge/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts +2 -2
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -1
- package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +5 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.d.ts +2 -2
- package/dist/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/utils/BrowserUtils.mjs +12 -2
- package/dist/utils/BrowserUtils.mjs.map +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +19 -3
- package/lib/custom-auth-path/msal-custom-auth.cjs +192 -96
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +4 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/naa/TokenRequest.d.ts +1 -0
- package/lib/custom-auth-path/types/naa/TokenRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/lib/log-strings-mapping.json +23 -7
- package/lib/msal-browser.cjs +289 -108
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +289 -108
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +4 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/index.d.ts +1 -1
- package/lib/types/index.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/naa/TokenRequest.d.ts +1 -0
- package/lib/types/naa/TokenRequest.d.ts.map +1 -1
- package/lib/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +34 -17
- package/src/broker/nativeBroker/PlatformAuthRequest.ts +1 -0
- package/src/cache/BrowserCacheManager.ts +4 -0
- package/src/config/Configuration.ts +5 -0
- package/src/controllers/NestedAppAuthController.ts +14 -0
- package/src/controllers/StandardController.ts +13 -6
- package/src/index.ts +1 -0
- package/src/interaction_client/PlatformAuthInteractionClient.ts +1 -0
- package/src/interaction_client/PopupClient.ts +8 -4
- package/src/interaction_client/SilentIframeClient.ts +4 -2
- package/src/interaction_client/StandardInteractionClient.ts +11 -0
- package/src/naa/TokenRequest.ts +1 -0
- package/src/naa/mapping/NestedAppAuthAdapter.ts +1 -0
- package/src/packageMetadata.ts +1 -1
- package/src/telemetry/BrowserPerformanceClient.ts +4 -0
- package/src/utils/BrowserUtils.ts +24 -1
- package/src/utils/MsalFrameStatsUtils.ts +27 -0
package/lib/msal-browser.cjs
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.
|
|
1
|
+
/*! @azure/msal-browser v5.5.0 2026-03-13 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v16.
|
|
5
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -234,7 +234,7 @@ const JsonWebTokenTypes$1 = {
|
|
|
234
234
|
// Token renewal offset default in seconds
|
|
235
235
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
236
236
|
|
|
237
|
-
/*! @azure/msal-common v16.
|
|
237
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
238
238
|
/*
|
|
239
239
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
240
240
|
* Licensed under the MIT License.
|
|
@@ -282,9 +282,10 @@ const BROKER_CLIENT_ID = "brk_client_id";
|
|
|
282
282
|
const BROKER_REDIRECT_URI = "brk_redirect_uri";
|
|
283
283
|
const INSTANCE_AWARE = "instance_aware";
|
|
284
284
|
const EAR_JWK = "ear_jwk";
|
|
285
|
-
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
285
|
+
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
286
|
+
const RESOURCE = "resource";
|
|
286
287
|
|
|
287
|
-
/*! @azure/msal-common v16.
|
|
288
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
288
289
|
/*
|
|
289
290
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
290
291
|
* Licensed under the MIT License.
|
|
@@ -315,7 +316,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
315
316
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
316
317
|
}
|
|
317
318
|
|
|
318
|
-
/*! @azure/msal-common v16.
|
|
319
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
319
320
|
|
|
320
321
|
/*
|
|
321
322
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -335,7 +336,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
335
336
|
return new ClientConfigurationError(errorCode);
|
|
336
337
|
}
|
|
337
338
|
|
|
338
|
-
/*! @azure/msal-common v16.
|
|
339
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
339
340
|
/*
|
|
340
341
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
341
342
|
* Licensed under the MIT License.
|
|
@@ -415,7 +416,7 @@ class StringUtils {
|
|
|
415
416
|
}
|
|
416
417
|
}
|
|
417
418
|
|
|
418
|
-
/*! @azure/msal-common v16.
|
|
419
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
419
420
|
|
|
420
421
|
/*
|
|
421
422
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -438,7 +439,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
438
439
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
439
440
|
}
|
|
440
441
|
|
|
441
|
-
/*! @azure/msal-common v16.
|
|
442
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
442
443
|
/*
|
|
443
444
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
444
445
|
* Licensed under the MIT License.
|
|
@@ -492,7 +493,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
492
493
|
urlParseError: urlParseError
|
|
493
494
|
});
|
|
494
495
|
|
|
495
|
-
/*! @azure/msal-common v16.
|
|
496
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
496
497
|
/*
|
|
497
498
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
498
499
|
* Licensed under the MIT License.
|
|
@@ -533,7 +534,9 @@ const noNetworkConnectivity$1 = "no_network_connectivity";
|
|
|
533
534
|
const userCanceled = "user_canceled";
|
|
534
535
|
const methodNotImplemented = "method_not_implemented";
|
|
535
536
|
const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
|
|
536
|
-
const platformBrokerError = "platform_broker_error";
|
|
537
|
+
const platformBrokerError = "platform_broker_error";
|
|
538
|
+
const resourceParameterRequired = "resource_parameter_required";
|
|
539
|
+
const misplacedResourceParam = "misplaced_resource_parameter";
|
|
537
540
|
|
|
538
541
|
var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
539
542
|
__proto__: null,
|
|
@@ -554,6 +557,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
554
557
|
keyIdMissing: keyIdMissing,
|
|
555
558
|
maxAgeTranspired: maxAgeTranspired,
|
|
556
559
|
methodNotImplemented: methodNotImplemented,
|
|
560
|
+
misplacedResourceParam: misplacedResourceParam,
|
|
557
561
|
multipleMatchingAppMetadata: multipleMatchingAppMetadata,
|
|
558
562
|
multipleMatchingTokens: multipleMatchingTokens,
|
|
559
563
|
nestedAppAuthBridgeDisabled: nestedAppAuthBridgeDisabled,
|
|
@@ -567,6 +571,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
567
571
|
openIdConfigError: openIdConfigError,
|
|
568
572
|
platformBrokerError: platformBrokerError,
|
|
569
573
|
requestCannotBeMade: requestCannotBeMade,
|
|
574
|
+
resourceParameterRequired: resourceParameterRequired,
|
|
570
575
|
stateMismatch: stateMismatch,
|
|
571
576
|
stateNotFound: stateNotFound,
|
|
572
577
|
tokenClaimsCnfRequiredForSignedJwt: tokenClaimsCnfRequiredForSignedJwt,
|
|
@@ -576,7 +581,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
576
581
|
userCanceled: userCanceled
|
|
577
582
|
});
|
|
578
583
|
|
|
579
|
-
/*! @azure/msal-common v16.
|
|
584
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
580
585
|
|
|
581
586
|
/*
|
|
582
587
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -771,7 +776,7 @@ class ScopeSet {
|
|
|
771
776
|
}
|
|
772
777
|
}
|
|
773
778
|
|
|
774
|
-
/*! @azure/msal-common v16.
|
|
779
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
775
780
|
|
|
776
781
|
/*
|
|
777
782
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1136,9 +1141,14 @@ function addEARParameters(parameters, jwk) {
|
|
|
1136
1141
|
// ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
|
|
1137
1142
|
const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
|
|
1138
1143
|
parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
1144
|
+
}
|
|
1145
|
+
function addResource(parameters, resource) {
|
|
1146
|
+
if (resource) {
|
|
1147
|
+
parameters.set(RESOURCE, resource);
|
|
1148
|
+
}
|
|
1139
1149
|
}
|
|
1140
1150
|
|
|
1141
|
-
/*! @azure/msal-common v16.
|
|
1151
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1142
1152
|
|
|
1143
1153
|
/*
|
|
1144
1154
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1247,7 +1257,7 @@ function normalizeUrlForComparison(url) {
|
|
|
1247
1257
|
}
|
|
1248
1258
|
}
|
|
1249
1259
|
|
|
1250
|
-
/*! @azure/msal-common v16.
|
|
1260
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1251
1261
|
|
|
1252
1262
|
/*
|
|
1253
1263
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1286,7 +1296,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
1286
1296
|
},
|
|
1287
1297
|
};
|
|
1288
1298
|
|
|
1289
|
-
/*! @azure/msal-common v16.
|
|
1299
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1290
1300
|
/*
|
|
1291
1301
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1292
1302
|
* Licensed under the MIT License.
|
|
@@ -1561,12 +1571,12 @@ class Logger {
|
|
|
1561
1571
|
}
|
|
1562
1572
|
}
|
|
1563
1573
|
|
|
1564
|
-
/*! @azure/msal-common v16.
|
|
1574
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1565
1575
|
/* eslint-disable header/header */
|
|
1566
1576
|
const name$1 = "@azure/msal-common";
|
|
1567
|
-
const version$1 = "16.
|
|
1577
|
+
const version$1 = "16.3.0";
|
|
1568
1578
|
|
|
1569
|
-
/*! @azure/msal-common v16.
|
|
1579
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1570
1580
|
/*
|
|
1571
1581
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1572
1582
|
* Licensed under the MIT License.
|
|
@@ -1586,7 +1596,7 @@ const AzureCloudInstance = {
|
|
|
1586
1596
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
1587
1597
|
};
|
|
1588
1598
|
|
|
1589
|
-
/*! @azure/msal-common v16.
|
|
1599
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1590
1600
|
/*
|
|
1591
1601
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1592
1602
|
* Licensed under the MIT License.
|
|
@@ -1668,7 +1678,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1668
1678
|
return updatedAccountInfo;
|
|
1669
1679
|
}
|
|
1670
1680
|
|
|
1671
|
-
/*! @azure/msal-common v16.
|
|
1681
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1672
1682
|
|
|
1673
1683
|
/*
|
|
1674
1684
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1748,7 +1758,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1748
1758
|
}
|
|
1749
1759
|
}
|
|
1750
1760
|
|
|
1751
|
-
/*! @azure/msal-common v16.
|
|
1761
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1752
1762
|
|
|
1753
1763
|
/*
|
|
1754
1764
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1905,7 +1915,7 @@ class UrlString {
|
|
|
1905
1915
|
}
|
|
1906
1916
|
}
|
|
1907
1917
|
|
|
1908
|
-
/*! @azure/msal-common v16.
|
|
1918
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1909
1919
|
|
|
1910
1920
|
/*
|
|
1911
1921
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2062,7 +2072,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2062
2072
|
return null;
|
|
2063
2073
|
}
|
|
2064
2074
|
|
|
2065
|
-
/*! @azure/msal-common v16.
|
|
2075
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2066
2076
|
/*
|
|
2067
2077
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2068
2078
|
* Licensed under the MIT License.
|
|
@@ -2070,7 +2080,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2070
2080
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2071
2081
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2072
2082
|
|
|
2073
|
-
/*! @azure/msal-common v16.
|
|
2083
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2074
2084
|
|
|
2075
2085
|
/*
|
|
2076
2086
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2108,7 +2118,7 @@ function createCacheError(e) {
|
|
|
2108
2118
|
}
|
|
2109
2119
|
}
|
|
2110
2120
|
|
|
2111
|
-
/*! @azure/msal-common v16.
|
|
2121
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2112
2122
|
|
|
2113
2123
|
/*
|
|
2114
2124
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2146,7 +2156,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
2146
2156
|
};
|
|
2147
2157
|
}
|
|
2148
2158
|
|
|
2149
|
-
/*! @azure/msal-common v16.
|
|
2159
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2150
2160
|
/*
|
|
2151
2161
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2152
2162
|
* Licensed under the MIT License.
|
|
@@ -2161,7 +2171,7 @@ const AuthorityType = {
|
|
|
2161
2171
|
Ciam: 3,
|
|
2162
2172
|
};
|
|
2163
2173
|
|
|
2164
|
-
/*! @azure/msal-common v16.
|
|
2174
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2165
2175
|
/*
|
|
2166
2176
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2167
2177
|
* Licensed under the MIT License.
|
|
@@ -2183,7 +2193,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
2183
2193
|
return null;
|
|
2184
2194
|
}
|
|
2185
2195
|
|
|
2186
|
-
/*! @azure/msal-common v16.
|
|
2196
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2187
2197
|
/*
|
|
2188
2198
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2189
2199
|
* Licensed under the MIT License.
|
|
@@ -2207,7 +2217,7 @@ const ProtocolMode = {
|
|
|
2207
2217
|
EAR: "EAR",
|
|
2208
2218
|
};
|
|
2209
2219
|
|
|
2210
|
-
/*! @azure/msal-common v16.
|
|
2220
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2211
2221
|
/**
|
|
2212
2222
|
* Returns the AccountInfo interface for this account.
|
|
2213
2223
|
*/
|
|
@@ -2382,7 +2392,7 @@ function isAccountEntity(entity) {
|
|
|
2382
2392
|
entity.hasOwnProperty("authorityType"));
|
|
2383
2393
|
}
|
|
2384
2394
|
|
|
2385
|
-
/*! @azure/msal-common v16.
|
|
2395
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2386
2396
|
|
|
2387
2397
|
/*
|
|
2388
2398
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3479,7 +3489,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3479
3489
|
}
|
|
3480
3490
|
}
|
|
3481
3491
|
|
|
3482
|
-
/*! @azure/msal-common v16.
|
|
3492
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3483
3493
|
/*
|
|
3484
3494
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3485
3495
|
* Licensed under the MIT License.
|
|
@@ -3494,6 +3504,12 @@ const PerformanceEventStatus = {
|
|
|
3494
3504
|
InProgress: 1,
|
|
3495
3505
|
Completed: 2,
|
|
3496
3506
|
};
|
|
3507
|
+
/**
|
|
3508
|
+
* Prefix used to mark telemetry field names as dynamic.
|
|
3509
|
+
* Fields with this prefix in addFields/incrementFields calls will be routed
|
|
3510
|
+
* to the PerformanceEvent.ext sub-object.
|
|
3511
|
+
*/
|
|
3512
|
+
const EXT_FIELD_PREFIX = "ext.";
|
|
3497
3513
|
const IntFields = new Set([
|
|
3498
3514
|
"accessTokenSize",
|
|
3499
3515
|
"durationMs",
|
|
@@ -3518,9 +3534,12 @@ const IntFields = new Set([
|
|
|
3518
3534
|
"currRefreshCount",
|
|
3519
3535
|
"expiredCacheRemovedCount",
|
|
3520
3536
|
"upgradedCacheCount",
|
|
3537
|
+
"networkRtt",
|
|
3538
|
+
"redirectBridgeTimeoutMs",
|
|
3539
|
+
"redirectBridgeMessageVersion",
|
|
3521
3540
|
]);
|
|
3522
3541
|
|
|
3523
|
-
/*! @azure/msal-common v16.
|
|
3542
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3524
3543
|
|
|
3525
3544
|
/*
|
|
3526
3545
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3575,7 +3594,7 @@ class StubPerformanceClient {
|
|
|
3575
3594
|
}
|
|
3576
3595
|
}
|
|
3577
3596
|
|
|
3578
|
-
/*! @azure/msal-common v16.
|
|
3597
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3579
3598
|
|
|
3580
3599
|
/*
|
|
3581
3600
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3658,6 +3677,7 @@ function buildAuthOptions(authOptions) {
|
|
|
3658
3677
|
clientCapabilities: [],
|
|
3659
3678
|
azureCloudOptions: DEFAULT_AZURE_CLOUD_OPTIONS,
|
|
3660
3679
|
instanceAware: false,
|
|
3680
|
+
isMcp: false,
|
|
3661
3681
|
...authOptions,
|
|
3662
3682
|
};
|
|
3663
3683
|
}
|
|
@@ -3669,7 +3689,7 @@ function isOidcProtocolMode(config) {
|
|
|
3669
3689
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3670
3690
|
}
|
|
3671
3691
|
|
|
3672
|
-
/*! @azure/msal-common v16.
|
|
3692
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3673
3693
|
|
|
3674
3694
|
/*
|
|
3675
3695
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3688,7 +3708,7 @@ class ServerError extends AuthError {
|
|
|
3688
3708
|
}
|
|
3689
3709
|
}
|
|
3690
3710
|
|
|
3691
|
-
/*! @azure/msal-common v16.
|
|
3711
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3692
3712
|
/*
|
|
3693
3713
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3694
3714
|
* Licensed under the MIT License.
|
|
@@ -3752,7 +3772,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
3752
3772
|
uxNotAllowed: uxNotAllowed
|
|
3753
3773
|
});
|
|
3754
3774
|
|
|
3755
|
-
/*! @azure/msal-common v16.
|
|
3775
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3756
3776
|
|
|
3757
3777
|
/*
|
|
3758
3778
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3820,7 +3840,7 @@ function createInteractionRequiredAuthError(errorCode, errorMessage) {
|
|
|
3820
3840
|
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
3821
3841
|
}
|
|
3822
3842
|
|
|
3823
|
-
/*! @azure/msal-common v16.
|
|
3843
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3824
3844
|
|
|
3825
3845
|
/*
|
|
3826
3846
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3888,7 +3908,7 @@ function parseRequestState(base64Decode, state) {
|
|
|
3888
3908
|
}
|
|
3889
3909
|
}
|
|
3890
3910
|
|
|
3891
|
-
/*! @azure/msal-common v16.
|
|
3911
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3892
3912
|
/*
|
|
3893
3913
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3894
3914
|
* Licensed under the MIT License.
|
|
@@ -3953,7 +3973,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
3953
3973
|
return cachedAtSec > nowSeconds();
|
|
3954
3974
|
}
|
|
3955
3975
|
|
|
3956
|
-
/*! @azure/msal-common v16.
|
|
3976
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3957
3977
|
/*
|
|
3958
3978
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3959
3979
|
* Licensed under the MIT License.
|
|
@@ -4024,7 +4044,7 @@ const RegionDiscoveryGetCurrentVersion = "regionDiscoveryGetCurrentVersion";
|
|
|
4024
4044
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
4025
4045
|
const SetUserData = "setUserData";
|
|
4026
4046
|
|
|
4027
|
-
/*! @azure/msal-common v16.
|
|
4047
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4028
4048
|
/*
|
|
4029
4049
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4030
4050
|
* Licensed under the MIT License.
|
|
@@ -4047,8 +4067,7 @@ const invoke = (callback, eventName, logger, telemetryClient, correlationId) =>
|
|
|
4047
4067
|
const inProgressEvent = telemetryClient.startMeasurement(eventName, correlationId);
|
|
4048
4068
|
if (correlationId) {
|
|
4049
4069
|
// Track number of times this API is called in a single request
|
|
4050
|
-
|
|
4051
|
-
telemetryClient.incrementFields({ [eventCount]: 1 }, correlationId);
|
|
4070
|
+
telemetryClient.incrementFields({ [`ext.${eventName}CallCount`]: 1 }, correlationId);
|
|
4052
4071
|
}
|
|
4053
4072
|
try {
|
|
4054
4073
|
const result = callback(...args);
|
|
@@ -4092,8 +4111,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
4092
4111
|
const inProgressEvent = telemetryClient.startMeasurement(eventName, correlationId);
|
|
4093
4112
|
if (correlationId) {
|
|
4094
4113
|
// Track number of times this API is called in a single request
|
|
4095
|
-
|
|
4096
|
-
telemetryClient.incrementFields({ [eventCount]: 1 }, correlationId);
|
|
4114
|
+
telemetryClient.incrementFields({ [`ext.${eventName}CallCount`]: 1 }, correlationId);
|
|
4097
4115
|
}
|
|
4098
4116
|
return callback(...args)
|
|
4099
4117
|
.then((response) => {
|
|
@@ -4119,7 +4137,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
4119
4137
|
};
|
|
4120
4138
|
};
|
|
4121
4139
|
|
|
4122
|
-
/*! @azure/msal-common v16.
|
|
4140
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4123
4141
|
|
|
4124
4142
|
/*
|
|
4125
4143
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4199,7 +4217,7 @@ class PopTokenGenerator {
|
|
|
4199
4217
|
}
|
|
4200
4218
|
}
|
|
4201
4219
|
|
|
4202
|
-
/*! @azure/msal-common v16.
|
|
4220
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4203
4221
|
/*
|
|
4204
4222
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4205
4223
|
* Licensed under the MIT License.
|
|
@@ -4226,7 +4244,7 @@ class PopTokenGenerator {
|
|
|
4226
4244
|
}
|
|
4227
4245
|
}
|
|
4228
4246
|
|
|
4229
|
-
/*! @azure/msal-common v16.
|
|
4247
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4230
4248
|
|
|
4231
4249
|
/*
|
|
4232
4250
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4485,7 +4503,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
4485
4503
|
return metadata.expiresAt <= nowSeconds();
|
|
4486
4504
|
}
|
|
4487
4505
|
|
|
4488
|
-
/*! @azure/msal-common v16.
|
|
4506
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4489
4507
|
|
|
4490
4508
|
/*
|
|
4491
4509
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4670,6 +4688,11 @@ class ResponseHandler {
|
|
|
4670
4688
|
: undefined;
|
|
4671
4689
|
// non AAD scenarios can have empty realm
|
|
4672
4690
|
cachedAccessToken = createAccessTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.access_token, this.clientId, claimsTenantId || authority.tenant || "", responseScopes.printScopes(), tokenExpirationSeconds, extendedTokenExpirationSeconds, this.cryptoObj.base64Decode, refreshOnSeconds, serverTokenResponse.token_type, userAssertionHash, serverTokenResponse.key_id);
|
|
4691
|
+
// Set resource (to be used for MCP scenarios)
|
|
4692
|
+
const resource = request.resource || null;
|
|
4693
|
+
if (resource) {
|
|
4694
|
+
cachedAccessToken.resource = resource;
|
|
4695
|
+
}
|
|
4673
4696
|
}
|
|
4674
4697
|
// refreshToken
|
|
4675
4698
|
let cachedRefreshToken = null;
|
|
@@ -4821,7 +4844,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
4821
4844
|
return baseAccount;
|
|
4822
4845
|
}
|
|
4823
4846
|
|
|
4824
|
-
/*! @azure/msal-common v16.
|
|
4847
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4825
4848
|
/*
|
|
4826
4849
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4827
4850
|
* Licensed under the MIT License.
|
|
@@ -4831,7 +4854,7 @@ const CcsCredentialType = {
|
|
|
4831
4854
|
UPN: "UPN",
|
|
4832
4855
|
};
|
|
4833
4856
|
|
|
4834
|
-
/*! @azure/msal-common v16.
|
|
4857
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4835
4858
|
/*
|
|
4836
4859
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4837
4860
|
* Licensed under the MIT License.
|
|
@@ -4849,7 +4872,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
4849
4872
|
}
|
|
4850
4873
|
}
|
|
4851
4874
|
|
|
4852
|
-
/*! @azure/msal-common v16.
|
|
4875
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4853
4876
|
/*
|
|
4854
4877
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4855
4878
|
* Licensed under the MIT License.
|
|
@@ -4870,7 +4893,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
4870
4893
|
};
|
|
4871
4894
|
}
|
|
4872
4895
|
|
|
4873
|
-
/*! @azure/msal-common v16.
|
|
4896
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4874
4897
|
|
|
4875
4898
|
/*
|
|
4876
4899
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4956,7 +4979,7 @@ class ThrottlingUtils {
|
|
|
4956
4979
|
}
|
|
4957
4980
|
}
|
|
4958
4981
|
|
|
4959
|
-
/*! @azure/msal-common v16.
|
|
4982
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4960
4983
|
|
|
4961
4984
|
/*
|
|
4962
4985
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4987,7 +5010,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
4987
5010
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
4988
5011
|
}
|
|
4989
5012
|
|
|
4990
|
-
/*! @azure/msal-common v16.
|
|
5013
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4991
5014
|
|
|
4992
5015
|
/*
|
|
4993
5016
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5101,7 +5124,7 @@ async function sendPostRequest(thumbprint, tokenEndpoint, options, correlationId
|
|
|
5101
5124
|
return response;
|
|
5102
5125
|
}
|
|
5103
5126
|
|
|
5104
|
-
/*! @azure/msal-common v16.
|
|
5127
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5105
5128
|
/*
|
|
5106
5129
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5107
5130
|
* Licensed under the MIT License.
|
|
@@ -5113,7 +5136,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
5113
5136
|
response.hasOwnProperty("jwks_uri"));
|
|
5114
5137
|
}
|
|
5115
5138
|
|
|
5116
|
-
/*! @azure/msal-common v16.
|
|
5139
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5117
5140
|
/*
|
|
5118
5141
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5119
5142
|
* Licensed under the MIT License.
|
|
@@ -5123,7 +5146,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
5123
5146
|
response.hasOwnProperty("metadata"));
|
|
5124
5147
|
}
|
|
5125
5148
|
|
|
5126
|
-
/*! @azure/msal-common v16.
|
|
5149
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5127
5150
|
/*
|
|
5128
5151
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5129
5152
|
* Licensed under the MIT License.
|
|
@@ -5133,7 +5156,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
5133
5156
|
response.hasOwnProperty("error_description"));
|
|
5134
5157
|
}
|
|
5135
5158
|
|
|
5136
|
-
/*! @azure/msal-common v16.
|
|
5159
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5137
5160
|
|
|
5138
5161
|
/*
|
|
5139
5162
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5238,7 +5261,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
5238
5261
|
},
|
|
5239
5262
|
};
|
|
5240
5263
|
|
|
5241
|
-
/*! @azure/msal-common v16.
|
|
5264
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5242
5265
|
|
|
5243
5266
|
/*
|
|
5244
5267
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6058,7 +6081,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
6058
6081
|
};
|
|
6059
6082
|
}
|
|
6060
6083
|
|
|
6061
|
-
/*! @azure/msal-common v16.
|
|
6084
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6062
6085
|
|
|
6063
6086
|
/*
|
|
6064
6087
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6092,7 +6115,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
6092
6115
|
}
|
|
6093
6116
|
}
|
|
6094
6117
|
|
|
6095
|
-
/*! @azure/msal-common v16.
|
|
6118
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6096
6119
|
|
|
6097
6120
|
/*
|
|
6098
6121
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6212,6 +6235,7 @@ class AuthorizationCodeClient {
|
|
|
6212
6235
|
}
|
|
6213
6236
|
// Add scope array, parameter builder will add default scopes and dedupe
|
|
6214
6237
|
addScopes(parameters, request.scopes, true, this.oidcDefaultScopes);
|
|
6238
|
+
addResource(parameters, request.resource);
|
|
6215
6239
|
// add code: user set, not validated
|
|
6216
6240
|
addAuthorizationCode(parameters, request.code);
|
|
6217
6241
|
// Add library metadata
|
|
@@ -6352,7 +6376,7 @@ class AuthorizationCodeClient {
|
|
|
6352
6376
|
}
|
|
6353
6377
|
}
|
|
6354
6378
|
|
|
6355
|
-
/*! @azure/msal-common v16.
|
|
6379
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6356
6380
|
|
|
6357
6381
|
/*
|
|
6358
6382
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6577,7 +6601,7 @@ class RefreshTokenClient {
|
|
|
6577
6601
|
}
|
|
6578
6602
|
}
|
|
6579
6603
|
|
|
6580
|
-
/*! @azure/msal-common v16.
|
|
6604
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6581
6605
|
|
|
6582
6606
|
/*
|
|
6583
6607
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6633,6 +6657,13 @@ class SilentFlowClient {
|
|
|
6633
6657
|
this.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED, request.correlationId);
|
|
6634
6658
|
throw createClientAuthError(tokenRefreshRequired);
|
|
6635
6659
|
}
|
|
6660
|
+
else if (request.resource) {
|
|
6661
|
+
// cached access token must have a resource that matches the request resource for MCP scenarios
|
|
6662
|
+
if (cachedAccessToken.resource !== request.resource) {
|
|
6663
|
+
this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
|
|
6664
|
+
throw createClientAuthError(tokenRefreshRequired);
|
|
6665
|
+
}
|
|
6666
|
+
}
|
|
6636
6667
|
else if (cachedAccessToken.refreshOn &&
|
|
6637
6668
|
isTokenExpired(cachedAccessToken.refreshOn, 0)) {
|
|
6638
6669
|
// must refresh (in the background) due to the refresh_in value
|
|
@@ -6686,7 +6717,7 @@ class SilentFlowClient {
|
|
|
6686
6717
|
}
|
|
6687
6718
|
}
|
|
6688
6719
|
|
|
6689
|
-
/*! @azure/msal-common v16.
|
|
6720
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6690
6721
|
|
|
6691
6722
|
/*
|
|
6692
6723
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6701,7 +6732,7 @@ const StubbedNetworkModule = {
|
|
|
6701
6732
|
},
|
|
6702
6733
|
};
|
|
6703
6734
|
|
|
6704
|
-
/*! @azure/msal-common v16.
|
|
6735
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6705
6736
|
|
|
6706
6737
|
/*
|
|
6707
6738
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6727,6 +6758,7 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
|
|
|
6727
6758
|
...(request.extraScopesToConsent || []),
|
|
6728
6759
|
];
|
|
6729
6760
|
addScopes(parameters, requestScopes, true, authOptions.authority.options.OIDCOptions?.defaultScopes);
|
|
6761
|
+
addResource(parameters, request.resource);
|
|
6730
6762
|
addRedirectUri(parameters, request.redirectUri);
|
|
6731
6763
|
addCorrelationId(parameters, correlationId);
|
|
6732
6764
|
// add response_mode. If not passed in it defaults to query.
|
|
@@ -6925,7 +6957,40 @@ function extractLoginHint(account) {
|
|
|
6925
6957
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
6926
6958
|
}
|
|
6927
6959
|
|
|
6928
|
-
/*! @azure/msal-common v16.
|
|
6960
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6961
|
+
|
|
6962
|
+
/*
|
|
6963
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6964
|
+
* Licensed under the MIT License.
|
|
6965
|
+
*/
|
|
6966
|
+
/**
|
|
6967
|
+
* Helper to enforce resource parameter presence in token requests when isMcp is set in the configuration.
|
|
6968
|
+
* If resource parameter is set in both the request and in extraQueryParameters or extraParameters, an error will be thrown.
|
|
6969
|
+
* This is used for MCP flows.
|
|
6970
|
+
* @param isMcp - Flag indicating if application is an MCP app, from configuration
|
|
6971
|
+
* @param request - Auth request
|
|
6972
|
+
*/
|
|
6973
|
+
function enforceResourceParameter(isMcp, request) {
|
|
6974
|
+
if (!isMcp) {
|
|
6975
|
+
return;
|
|
6976
|
+
}
|
|
6977
|
+
if (request.resource &&
|
|
6978
|
+
(containsResourceParam(request.extraParameters) ||
|
|
6979
|
+
containsResourceParam(request.extraQueryParameters))) {
|
|
6980
|
+
throw createClientAuthError(misplacedResourceParam);
|
|
6981
|
+
}
|
|
6982
|
+
if (!request.resource) {
|
|
6983
|
+
throw createClientAuthError(resourceParameterRequired);
|
|
6984
|
+
}
|
|
6985
|
+
}
|
|
6986
|
+
function containsResourceParam(params) {
|
|
6987
|
+
if (!params) {
|
|
6988
|
+
return false;
|
|
6989
|
+
}
|
|
6990
|
+
return Object.prototype.hasOwnProperty.call(params, "resource");
|
|
6991
|
+
}
|
|
6992
|
+
|
|
6993
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6929
6994
|
|
|
6930
6995
|
/*
|
|
6931
6996
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6983,7 +7048,7 @@ class AuthenticationHeaderParser {
|
|
|
6983
7048
|
}
|
|
6984
7049
|
}
|
|
6985
7050
|
|
|
6986
|
-
/*! @azure/msal-common v16.
|
|
7051
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6987
7052
|
/*
|
|
6988
7053
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6989
7054
|
* Licensed under the MIT License.
|
|
@@ -7000,7 +7065,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
7000
7065
|
unexpectedError: unexpectedError
|
|
7001
7066
|
});
|
|
7002
7067
|
|
|
7003
|
-
/*! @azure/msal-common v16.
|
|
7068
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7004
7069
|
|
|
7005
7070
|
/*
|
|
7006
7071
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7261,7 +7326,7 @@ class ServerTelemetryManager {
|
|
|
7261
7326
|
}
|
|
7262
7327
|
}
|
|
7263
7328
|
|
|
7264
|
-
/*! @azure/msal-common v16.
|
|
7329
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7265
7330
|
|
|
7266
7331
|
/*
|
|
7267
7332
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7282,7 +7347,7 @@ function createJoseHeaderError(code) {
|
|
|
7282
7347
|
return new JoseHeaderError(code);
|
|
7283
7348
|
}
|
|
7284
7349
|
|
|
7285
|
-
/*! @azure/msal-common v16.
|
|
7350
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7286
7351
|
/*
|
|
7287
7352
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7288
7353
|
* Licensed under the MIT License.
|
|
@@ -7290,7 +7355,7 @@ function createJoseHeaderError(code) {
|
|
|
7290
7355
|
const missingKidError = "missing_kid_error";
|
|
7291
7356
|
const missingAlgError = "missing_alg_error";
|
|
7292
7357
|
|
|
7293
|
-
/*! @azure/msal-common v16.
|
|
7358
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7294
7359
|
|
|
7295
7360
|
/*
|
|
7296
7361
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7330,7 +7395,7 @@ class JoseHeader {
|
|
|
7330
7395
|
}
|
|
7331
7396
|
}
|
|
7332
7397
|
|
|
7333
|
-
/*! @azure/msal-common v16.
|
|
7398
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7334
7399
|
|
|
7335
7400
|
/*
|
|
7336
7401
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7629,9 +7694,13 @@ class PerformanceClient {
|
|
|
7629
7694
|
if (error) {
|
|
7630
7695
|
addError(error, this.logger, rootEvent);
|
|
7631
7696
|
}
|
|
7632
|
-
// Add sub-measurement attribute to root event.
|
|
7697
|
+
// Add sub-measurement attribute to root event's ext field.
|
|
7633
7698
|
if (!isRoot) {
|
|
7634
|
-
rootEvent
|
|
7699
|
+
rootEvent.ext = {
|
|
7700
|
+
...rootEvent.ext,
|
|
7701
|
+
...event.ext,
|
|
7702
|
+
};
|
|
7703
|
+
rootEvent.ext[event.name + "DurationMs"] = Math.floor(event.durationMs);
|
|
7635
7704
|
return { ...rootEvent };
|
|
7636
7705
|
}
|
|
7637
7706
|
if (isRoot &&
|
|
@@ -7677,10 +7746,32 @@ class PerformanceClient {
|
|
|
7677
7746
|
addFields(fields, correlationId) {
|
|
7678
7747
|
const event = this.eventsByCorrelationId.get(correlationId);
|
|
7679
7748
|
if (event) {
|
|
7680
|
-
|
|
7749
|
+
const staticFields = {};
|
|
7750
|
+
const dynamicFields = {};
|
|
7751
|
+
for (const key in fields) {
|
|
7752
|
+
if (key.startsWith(EXT_FIELD_PREFIX)) {
|
|
7753
|
+
const dynamicKey = key.slice(EXT_FIELD_PREFIX.length);
|
|
7754
|
+
const value = fields[key];
|
|
7755
|
+
if (typeof value === "string" ||
|
|
7756
|
+
typeof value === "number") {
|
|
7757
|
+
dynamicFields[dynamicKey] = value;
|
|
7758
|
+
}
|
|
7759
|
+
}
|
|
7760
|
+
else {
|
|
7761
|
+
staticFields[key] = fields[key];
|
|
7762
|
+
}
|
|
7763
|
+
}
|
|
7764
|
+
const updatedEvent = {
|
|
7681
7765
|
...event,
|
|
7682
|
-
...
|
|
7683
|
-
}
|
|
7766
|
+
...staticFields,
|
|
7767
|
+
};
|
|
7768
|
+
if (Object.keys(dynamicFields).length) {
|
|
7769
|
+
updatedEvent.ext = {
|
|
7770
|
+
...updatedEvent.ext,
|
|
7771
|
+
...dynamicFields,
|
|
7772
|
+
};
|
|
7773
|
+
}
|
|
7774
|
+
this.eventsByCorrelationId.set(correlationId, updatedEvent);
|
|
7684
7775
|
}
|
|
7685
7776
|
else {
|
|
7686
7777
|
this.logger.trace("0thl6s", correlationId);
|
|
@@ -7695,13 +7786,32 @@ class PerformanceClient {
|
|
|
7695
7786
|
const event = this.eventsByCorrelationId.get(correlationId);
|
|
7696
7787
|
if (event) {
|
|
7697
7788
|
for (const counter in fields) {
|
|
7698
|
-
if (
|
|
7699
|
-
event
|
|
7789
|
+
if (counter.startsWith(EXT_FIELD_PREFIX)) {
|
|
7790
|
+
event.ext = event.ext || {};
|
|
7791
|
+
// Route to ext sub-object
|
|
7792
|
+
const dynamicKey = counter.slice(EXT_FIELD_PREFIX.length);
|
|
7793
|
+
const currentValue = event.ext[dynamicKey];
|
|
7794
|
+
if (currentValue === undefined) {
|
|
7795
|
+
event.ext[dynamicKey] = 0;
|
|
7796
|
+
}
|
|
7797
|
+
else if (isNaN(Number(currentValue))) {
|
|
7798
|
+
return;
|
|
7799
|
+
}
|
|
7800
|
+
event.ext[dynamicKey] =
|
|
7801
|
+
(Number(event.ext[dynamicKey]) || 0) +
|
|
7802
|
+
(fields[counter] ?? 0);
|
|
7700
7803
|
}
|
|
7701
|
-
else
|
|
7702
|
-
|
|
7804
|
+
else {
|
|
7805
|
+
/* eslint-disable custom-msal/no-dynamic-telemetry-fields -- internal dispatching of static fields by name */
|
|
7806
|
+
if (!event.hasOwnProperty(counter)) {
|
|
7807
|
+
event[counter] = 0;
|
|
7808
|
+
}
|
|
7809
|
+
else if (isNaN(Number(event[counter]))) {
|
|
7810
|
+
return;
|
|
7811
|
+
}
|
|
7812
|
+
event[counter] += fields[counter];
|
|
7813
|
+
/* eslint-enable custom-msal/no-dynamic-telemetry-fields */
|
|
7703
7814
|
}
|
|
7704
|
-
event[counter] += fields[counter];
|
|
7705
7815
|
}
|
|
7706
7816
|
}
|
|
7707
7817
|
else {
|
|
@@ -7794,9 +7904,11 @@ class PerformanceClient {
|
|
|
7794
7904
|
*/
|
|
7795
7905
|
truncateIntegralFields(event) {
|
|
7796
7906
|
this.intFields.forEach((key) => {
|
|
7907
|
+
/* eslint-disable custom-msal/no-dynamic-telemetry-fields -- internal truncation of known integer fields */
|
|
7797
7908
|
if (key in event && typeof event[key] === "number") {
|
|
7798
7909
|
event[key] = Math.floor(event[key]);
|
|
7799
7910
|
}
|
|
7911
|
+
/* eslint-enable custom-msal/no-dynamic-telemetry-fields */
|
|
7800
7912
|
});
|
|
7801
7913
|
}
|
|
7802
7914
|
/**
|
|
@@ -8717,9 +8829,13 @@ function cancelPendingBridgeResponse(logger, correlationId) {
|
|
|
8717
8829
|
activeBridgeMonitor = null;
|
|
8718
8830
|
}
|
|
8719
8831
|
}
|
|
8720
|
-
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request) {
|
|
8832
|
+
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient) {
|
|
8721
8833
|
return new Promise((resolve, reject) => {
|
|
8722
8834
|
logger.verbose("1rf6em", request.correlationId);
|
|
8835
|
+
const correlationId = request.correlationId;
|
|
8836
|
+
performanceClient.addFields({
|
|
8837
|
+
redirectBridgeTimeoutMs: timeoutMs,
|
|
8838
|
+
}, correlationId);
|
|
8723
8839
|
const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
|
|
8724
8840
|
const channel = new BroadcastChannel(libraryState.id);
|
|
8725
8841
|
let responseString = undefined;
|
|
@@ -8737,6 +8853,12 @@ async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request)
|
|
|
8737
8853
|
};
|
|
8738
8854
|
channel.onmessage = (event) => {
|
|
8739
8855
|
responseString = event.data.payload;
|
|
8856
|
+
const messageVersion = event?.data && typeof event.data.v === "number"
|
|
8857
|
+
? event.data.v
|
|
8858
|
+
: undefined;
|
|
8859
|
+
performanceClient.addFields({
|
|
8860
|
+
redirectBridgeMessageVersion: messageVersion,
|
|
8861
|
+
}, correlationId);
|
|
8740
8862
|
// Clear the active monitor
|
|
8741
8863
|
activeBridgeMonitor = null;
|
|
8742
8864
|
clearTimeout(timeoutId);
|
|
@@ -10156,7 +10278,7 @@ const EventType = {
|
|
|
10156
10278
|
|
|
10157
10279
|
/* eslint-disable header/header */
|
|
10158
10280
|
const name = "@azure/msal-browser";
|
|
10159
|
-
const version = "5.
|
|
10281
|
+
const version = "5.5.0";
|
|
10160
10282
|
|
|
10161
10283
|
/*
|
|
10162
10284
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -11471,6 +11593,9 @@ class BrowserCacheManager extends CacheManager {
|
|
|
11471
11593
|
: 0, base64Decode, undefined, // refreshOn
|
|
11472
11594
|
result.tokenType, undefined, // userAssertionHash
|
|
11473
11595
|
request.sshKid);
|
|
11596
|
+
if (request.resource) {
|
|
11597
|
+
accessTokenEntity.resource = request.resource;
|
|
11598
|
+
}
|
|
11474
11599
|
const cacheRecord = {
|
|
11475
11600
|
idToken: idTokenEntity,
|
|
11476
11601
|
accessToken: accessTokenEntity,
|
|
@@ -12023,6 +12148,7 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
12023
12148
|
authority: discoveredAuthority,
|
|
12024
12149
|
clientCapabilities: this.config.auth.clientCapabilities,
|
|
12025
12150
|
redirectUri: this.config.auth.redirectUri,
|
|
12151
|
+
isMcp: this.config.auth.isMcp,
|
|
12026
12152
|
},
|
|
12027
12153
|
systemOptions: {
|
|
12028
12154
|
tokenRenewalOffsetSeconds: this.config.system.tokenRenewalOffsetSeconds,
|
|
@@ -12063,6 +12189,10 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
12063
12189
|
*/
|
|
12064
12190
|
async function initializeAuthorizationRequest(request, interactionType, config, browserCrypto, browserStorage, logger, performanceClient, correlationId) {
|
|
12065
12191
|
const redirectUri = getRedirectUri(request.redirectUri, config.auth.redirectUri, logger, correlationId);
|
|
12192
|
+
if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
|
|
12193
|
+
logger.warning("08qbvw", correlationId);
|
|
12194
|
+
performanceClient.addFields({ isRedirectUriCrossOrigin: true }, correlationId);
|
|
12195
|
+
}
|
|
12066
12196
|
const browserState = {
|
|
12067
12197
|
interactionType: interactionType,
|
|
12068
12198
|
};
|
|
@@ -12740,6 +12870,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
12740
12870
|
correlationId: this.correlationId,
|
|
12741
12871
|
state: response.state,
|
|
12742
12872
|
fromPlatformBroker: true,
|
|
12873
|
+
...(request.resource && { resource: request.resource }),
|
|
12743
12874
|
};
|
|
12744
12875
|
return result;
|
|
12745
12876
|
}
|
|
@@ -13468,6 +13599,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
13468
13599
|
tenant: "",
|
|
13469
13600
|
},
|
|
13470
13601
|
instanceAware: false,
|
|
13602
|
+
isMcp: false,
|
|
13471
13603
|
};
|
|
13472
13604
|
// Default cache options for browser
|
|
13473
13605
|
const DEFAULT_CACHE_OPTIONS = {
|
|
@@ -13860,14 +13992,17 @@ class PlatformAuthDOMHandler {
|
|
|
13860
13992
|
initializePlatformDOMRequest(request) {
|
|
13861
13993
|
this.logger.trace("15d6yv", request.correlationId);
|
|
13862
13994
|
const { accountId, clientId, authority, scope, redirectUri, correlationId, state, storeInCache, embeddedClientId, extraParameters, ...remainingProperties } = request;
|
|
13863
|
-
const validExtraParameters = this.getDOMExtraParams(remainingProperties);
|
|
13995
|
+
const validExtraParameters = this.getDOMExtraParams(remainingProperties, correlationId);
|
|
13864
13996
|
const platformDOMRequest = {
|
|
13865
13997
|
accountId: accountId,
|
|
13866
13998
|
brokerId: this.getExtensionId(),
|
|
13867
13999
|
authority: authority,
|
|
13868
14000
|
clientId: clientId,
|
|
13869
14001
|
correlationId: correlationId || this.correlationId,
|
|
13870
|
-
extraParameters: {
|
|
14002
|
+
extraParameters: {
|
|
14003
|
+
...extraParameters,
|
|
14004
|
+
...validExtraParameters,
|
|
14005
|
+
},
|
|
13871
14006
|
isSecurityTokenService: false,
|
|
13872
14007
|
redirectUri: redirectUri,
|
|
13873
14008
|
scope: scope,
|
|
@@ -13921,15 +14056,27 @@ class PlatformAuthDOMHandler {
|
|
|
13921
14056
|
};
|
|
13922
14057
|
return nativeResponse;
|
|
13923
14058
|
}
|
|
13924
|
-
getDOMExtraParams(extraParameters) {
|
|
13925
|
-
|
|
13926
|
-
|
|
13927
|
-
|
|
13928
|
-
|
|
13929
|
-
|
|
13930
|
-
|
|
13931
|
-
|
|
13932
|
-
|
|
14059
|
+
getDOMExtraParams(extraParameters, correlationId) {
|
|
14060
|
+
try {
|
|
14061
|
+
const stringifiedProperties = {};
|
|
14062
|
+
for (const [key, value] of Object.entries(extraParameters)) {
|
|
14063
|
+
if (!value) {
|
|
14064
|
+
continue;
|
|
14065
|
+
}
|
|
14066
|
+
if (typeof value === "object") {
|
|
14067
|
+
stringifiedProperties[key] = JSON.stringify(value);
|
|
14068
|
+
}
|
|
14069
|
+
else {
|
|
14070
|
+
stringifiedProperties[key] = String(value);
|
|
14071
|
+
}
|
|
14072
|
+
}
|
|
14073
|
+
return stringifiedProperties;
|
|
14074
|
+
}
|
|
14075
|
+
catch (e) {
|
|
14076
|
+
this.logger.error("0eu9o3", correlationId);
|
|
14077
|
+
this.logger.errorPii("17rpl5", correlationId);
|
|
14078
|
+
return {};
|
|
14079
|
+
}
|
|
13933
14080
|
}
|
|
13934
14081
|
}
|
|
13935
14082
|
|
|
@@ -14173,7 +14320,7 @@ class PopupClient extends StandardInteractionClient {
|
|
|
14173
14320
|
const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
|
|
14174
14321
|
this.eventHandler.emitEvent(EventType.POPUP_OPENED, correlationId, exports.InteractionType.Popup, { popupWindow }, null);
|
|
14175
14322
|
// Wait for the redirect bridge response
|
|
14176
|
-
const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
14323
|
+
const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
14177
14324
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14178
14325
|
return await invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
14179
14326
|
}
|
|
@@ -14208,7 +14355,7 @@ class PopupClient extends StandardInteractionClient {
|
|
|
14208
14355
|
const form = await getEARForm(popupWindow.document, this.config, discoveredAuthority, popupRequest, this.logger, this.performanceClient);
|
|
14209
14356
|
form.submit();
|
|
14210
14357
|
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
14211
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest);
|
|
14358
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest, this.performanceClient);
|
|
14212
14359
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14213
14360
|
if (!serverParams.ear_jwe && serverParams.code) {
|
|
14214
14361
|
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, correlationId)({
|
|
@@ -14233,7 +14380,7 @@ class PopupClient extends StandardInteractionClient {
|
|
|
14233
14380
|
const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
14234
14381
|
form.submit();
|
|
14235
14382
|
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
14236
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
14383
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
14237
14384
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14238
14385
|
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
14239
14386
|
}
|
|
@@ -14286,7 +14433,7 @@ class PopupClient extends StandardInteractionClient {
|
|
|
14286
14433
|
// Open the popup window to requestUrl.
|
|
14287
14434
|
const popupWindow = this.openPopup(logoutUri, popupParams);
|
|
14288
14435
|
this.eventHandler.emitEvent(EventType.POPUP_OPENED, validRequest.correlationId, exports.InteractionType.Popup, { popupWindow }, null);
|
|
14289
|
-
await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest).catch(() => {
|
|
14436
|
+
await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest, this.performanceClient).catch(() => {
|
|
14290
14437
|
// Swallow any errors related to monitoring the window. Server logout is best effort
|
|
14291
14438
|
});
|
|
14292
14439
|
if (mainWindowRedirectUri) {
|
|
@@ -15034,7 +15181,7 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
15034
15181
|
};
|
|
15035
15182
|
await invokeAsync(initiateEarRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, discoveredAuthority, silentRequest, this.logger, this.performanceClient);
|
|
15036
15183
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
15037
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
15184
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
15038
15185
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
15039
15186
|
if (!serverParams.ear_jwe && serverParams.code) {
|
|
15040
15187
|
// If server doesn't support EAR, they may fallback to auth code flow instead
|
|
@@ -15083,7 +15230,7 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
15083
15230
|
}
|
|
15084
15231
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
15085
15232
|
// Wait for response from the redirect bridge.
|
|
15086
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
15233
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
15087
15234
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
15088
15235
|
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceCodes.verifier, this.apiId, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15089
15236
|
}
|
|
@@ -15236,6 +15383,22 @@ class SilentAuthCodeClient extends StandardInteractionClient {
|
|
|
15236
15383
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
15237
15384
|
* Licensed under the MIT License.
|
|
15238
15385
|
*/
|
|
15386
|
+
/**
|
|
15387
|
+
* Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
|
|
15388
|
+
* @returns Network connection information, or an empty object if not available.
|
|
15389
|
+
*/
|
|
15390
|
+
function getNetworkInfo() {
|
|
15391
|
+
if (typeof window === "undefined" || !window.navigator) {
|
|
15392
|
+
return {};
|
|
15393
|
+
}
|
|
15394
|
+
const connection = "connection" in window.navigator
|
|
15395
|
+
? window.navigator.connection
|
|
15396
|
+
: undefined;
|
|
15397
|
+
return {
|
|
15398
|
+
effectiveType: connection?.effectiveType,
|
|
15399
|
+
rtt: connection?.rtt,
|
|
15400
|
+
};
|
|
15401
|
+
}
|
|
15239
15402
|
function collectInstanceStats(currentClientId, performanceEvent, logger, correlationId) {
|
|
15240
15403
|
const frameInstances =
|
|
15241
15404
|
// @ts-ignore
|
|
@@ -15255,12 +15418,13 @@ function collectInstanceStats(currentClientId, performanceEvent, logger, correla
|
|
|
15255
15418
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
15256
15419
|
* Licensed under the MIT License.
|
|
15257
15420
|
*/
|
|
15258
|
-
function preflightCheck(initialized, performanceEvent,
|
|
15421
|
+
function preflightCheck(initialized, performanceEvent, config, request) {
|
|
15259
15422
|
try {
|
|
15260
15423
|
preflightCheck$1(initialized);
|
|
15424
|
+
enforceResourceParameter(config.auth.isMcp, request);
|
|
15261
15425
|
}
|
|
15262
15426
|
catch (e) {
|
|
15263
|
-
performanceEvent.end({ success: false }, e, account);
|
|
15427
|
+
performanceEvent.end({ success: false }, e, request.account);
|
|
15264
15428
|
throw e;
|
|
15265
15429
|
}
|
|
15266
15430
|
}
|
|
@@ -15361,6 +15525,7 @@ class StandardController {
|
|
|
15361
15525
|
this.eventHandler.emitEvent(EventType.INITIALIZE_START, correlationId);
|
|
15362
15526
|
// Broker applications are initialized twice, so we avoid double-counting it
|
|
15363
15527
|
this.logMultipleInstances(initMeasurement, correlationId);
|
|
15528
|
+
initMeasurement.add({ isMcp: this.config.auth.isMcp });
|
|
15364
15529
|
await invokeAsync(this.browserStorage.initialize.bind(this.browserStorage), InitializeCache, this.logger, this.performanceClient, correlationId)(correlationId);
|
|
15365
15530
|
if (allowPlatformBroker) {
|
|
15366
15531
|
try {
|
|
@@ -15538,6 +15703,7 @@ class StandardController {
|
|
|
15538
15703
|
};
|
|
15539
15704
|
try {
|
|
15540
15705
|
redirectPreflightCheck(this.initialized, this.config);
|
|
15706
|
+
enforceResourceParameter(this.config.auth.isMcp, request);
|
|
15541
15707
|
this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN);
|
|
15542
15708
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Redirect, request);
|
|
15543
15709
|
let result;
|
|
@@ -15602,7 +15768,7 @@ class StandardController {
|
|
|
15602
15768
|
});
|
|
15603
15769
|
try {
|
|
15604
15770
|
this.logger.verbose("0ch87b", correlationId);
|
|
15605
|
-
preflightCheck(this.initialized, atPopupMeasurement, request
|
|
15771
|
+
preflightCheck(this.initialized, atPopupMeasurement, this.config, request);
|
|
15606
15772
|
this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN, request.overrideInteractionInProgress, correlationId);
|
|
15607
15773
|
}
|
|
15608
15774
|
catch (e) {
|
|
@@ -15716,7 +15882,7 @@ class StandardController {
|
|
|
15716
15882
|
this.ssoSilentMeasurement?.add({
|
|
15717
15883
|
scenarioId: request.scenarioId,
|
|
15718
15884
|
});
|
|
15719
|
-
preflightCheck(this.initialized, this.ssoSilentMeasurement,
|
|
15885
|
+
preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
|
|
15720
15886
|
this.ssoSilentMeasurement?.increment({
|
|
15721
15887
|
visibilityChangeCount: 0,
|
|
15722
15888
|
});
|
|
@@ -15780,7 +15946,7 @@ class StandardController {
|
|
|
15780
15946
|
const correlationId = this.getRequestCorrelationId(request);
|
|
15781
15947
|
this.logger.trace("0ch6ga", correlationId);
|
|
15782
15948
|
const atbcMeasurement = this.performanceClient.startMeasurement(AcquireTokenByCode, correlationId);
|
|
15783
|
-
preflightCheck(this.initialized, atbcMeasurement);
|
|
15949
|
+
preflightCheck(this.initialized, atbcMeasurement, this.config, request);
|
|
15784
15950
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Silent, request);
|
|
15785
15951
|
atbcMeasurement.add({ scenarioId: request.scenarioId });
|
|
15786
15952
|
try {
|
|
@@ -16282,7 +16448,7 @@ class StandardController {
|
|
|
16282
16448
|
cacheLookupPolicy: request.cacheLookupPolicy,
|
|
16283
16449
|
scenarioId: request.scenarioId,
|
|
16284
16450
|
});
|
|
16285
|
-
preflightCheck(this.initialized, atsMeasurement, request
|
|
16451
|
+
preflightCheck(this.initialized, atsMeasurement, this.config, request);
|
|
16286
16452
|
this.logger.verbose("0x1c4s", correlationId);
|
|
16287
16453
|
const account = request.account || this.getActiveAccount();
|
|
16288
16454
|
if (!account) {
|
|
@@ -16738,6 +16904,7 @@ class NestedAppAuthAdapter {
|
|
|
16738
16904
|
platformBrokerId: request.account?.homeAccountId,
|
|
16739
16905
|
clientId: this.clientId,
|
|
16740
16906
|
authority: request.authority,
|
|
16907
|
+
resource: request.resource,
|
|
16741
16908
|
scope: scopes.join(" "),
|
|
16742
16909
|
correlationId,
|
|
16743
16910
|
claims: !StringUtils.isEmptyObj(claims) ? claims : undefined,
|
|
@@ -17008,6 +17175,7 @@ class NestedAppAuthController {
|
|
|
17008
17175
|
const atPopupMeasurement = this.performanceClient.startMeasurement(AcquireTokenPopup, correlationId);
|
|
17009
17176
|
atPopupMeasurement.add({ nestedAppAuthRequest: true });
|
|
17010
17177
|
try {
|
|
17178
|
+
enforceResourceParameter(this.config.auth.isMcp, validRequest);
|
|
17011
17179
|
const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
|
|
17012
17180
|
const reqTimestamp = nowSeconds();
|
|
17013
17181
|
const response = await this.bridgeProxy.getTokenInteractive(naaRequest);
|
|
@@ -17074,6 +17242,7 @@ class NestedAppAuthController {
|
|
|
17074
17242
|
nestedAppAuthRequest: true,
|
|
17075
17243
|
});
|
|
17076
17244
|
try {
|
|
17245
|
+
enforceResourceParameter(this.config.auth.isMcp, validRequest);
|
|
17077
17246
|
const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
|
|
17078
17247
|
naaRequest.forceRefresh = validRequest.forceRefresh;
|
|
17079
17248
|
const reqTimestamp = nowSeconds();
|
|
@@ -17208,6 +17377,14 @@ class NestedAppAuthController {
|
|
|
17208
17377
|
this.logger.verbose("18egye", correlationId);
|
|
17209
17378
|
return Promise.resolve(null);
|
|
17210
17379
|
}
|
|
17380
|
+
else if (authRequest.resource) {
|
|
17381
|
+
const requestedResource = authRequest.resource;
|
|
17382
|
+
const cachedResource = cachedAccessToken.resource;
|
|
17383
|
+
if (!cachedResource || cachedResource !== requestedResource) {
|
|
17384
|
+
this.logger.verbose("0qraxd", correlationId);
|
|
17385
|
+
return Promise.resolve(null);
|
|
17386
|
+
}
|
|
17387
|
+
}
|
|
17211
17388
|
const cachedIdToken = this.browserStorage.getIdToken(currentAccount, authRequest.correlationId, tokenKeys, currentAccount.tenantId);
|
|
17212
17389
|
if (!cachedIdToken) {
|
|
17213
17390
|
this.logger.verbose("0d68kd", correlationId);
|
|
@@ -18377,11 +18554,14 @@ class BrowserPerformanceClient extends PerformanceClient {
|
|
|
18377
18554
|
return {
|
|
18378
18555
|
...inProgressEvent,
|
|
18379
18556
|
end: (event, error, account) => {
|
|
18557
|
+
const networkInfo = getNetworkInfo();
|
|
18380
18558
|
const res = inProgressEvent.end({
|
|
18381
18559
|
...event,
|
|
18382
18560
|
startPageVisibility,
|
|
18383
18561
|
endPageVisibility: this.getPageVisibility(),
|
|
18384
18562
|
durationMs: getPerfDurationMs(startTime),
|
|
18563
|
+
networkEffectiveType: networkInfo.effectiveType,
|
|
18564
|
+
networkRtt: networkInfo.rtt,
|
|
18385
18565
|
}, error, account);
|
|
18386
18566
|
void browserMeasurement?.then((measurement) => measurement.endMeasurement());
|
|
18387
18567
|
this.deleteIncompleteSubMeasurements(inProgressEvent);
|
|
@@ -18553,6 +18733,7 @@ exports.StubPerformanceClient = StubPerformanceClient;
|
|
|
18553
18733
|
exports.WrapperSKU = WrapperSKU;
|
|
18554
18734
|
exports.createNestablePublicClientApplication = createNestablePublicClientApplication;
|
|
18555
18735
|
exports.createStandardPublicClientApplication = createStandardPublicClientApplication;
|
|
18736
|
+
exports.enforceResourceParameter = enforceResourceParameter;
|
|
18556
18737
|
exports.isPlatformBrokerAvailable = isPlatformBrokerAvailable;
|
|
18557
18738
|
exports.loadExternalTokens = loadExternalTokens;
|
|
18558
18739
|
exports.stubbedPublicClientApplication = stubbedPublicClientApplication;
|