@azure/msal-browser 5.3.0 → 5.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +4 -1
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +4 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +12 -2
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +11 -8
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +4 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +4 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +11 -8
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/index.d.ts +1 -1
- package/dist/custom-auth-path/index.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +5 -5
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +6 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +19 -3
- package/dist/custom-auth-path/naa/TokenRequest.d.ts +1 -0
- package/dist/custom-auth-path/naa/TokenRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts +2 -2
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +12 -2
- package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +2 -2
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +5 -5
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +6 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +23 -7
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/TokenRequest.d.ts +1 -0
- package/dist/naa/TokenRequest.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +2 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/config/Configuration.d.ts +4 -0
- package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/index.d.ts +1 -1
- package/dist/redirect-bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/naa/TokenRequest.d.ts +1 -0
- package/dist/redirect-bridge/naa/TokenRequest.d.ts.map +1 -1
- package/dist/redirect-bridge/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts +2 -2
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -1
- package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +5 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.d.ts +2 -2
- package/dist/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/utils/BrowserUtils.mjs +12 -2
- package/dist/utils/BrowserUtils.mjs.map +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +19 -3
- package/lib/custom-auth-path/msal-custom-auth.cjs +192 -96
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +4 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/naa/TokenRequest.d.ts +1 -0
- package/lib/custom-auth-path/types/naa/TokenRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/lib/log-strings-mapping.json +23 -7
- package/lib/msal-browser.cjs +289 -108
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +289 -108
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +4 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/index.d.ts +1 -1
- package/lib/types/index.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/naa/TokenRequest.d.ts +1 -0
- package/lib/types/naa/TokenRequest.d.ts.map +1 -1
- package/lib/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +34 -17
- package/src/broker/nativeBroker/PlatformAuthRequest.ts +1 -0
- package/src/cache/BrowserCacheManager.ts +4 -0
- package/src/config/Configuration.ts +5 -0
- package/src/controllers/NestedAppAuthController.ts +14 -0
- package/src/controllers/StandardController.ts +13 -6
- package/src/index.ts +1 -0
- package/src/interaction_client/PlatformAuthInteractionClient.ts +1 -0
- package/src/interaction_client/PopupClient.ts +8 -4
- package/src/interaction_client/SilentIframeClient.ts +4 -2
- package/src/interaction_client/StandardInteractionClient.ts +11 -0
- package/src/naa/TokenRequest.ts +1 -0
- package/src/naa/mapping/NestedAppAuthAdapter.ts +1 -0
- package/src/packageMetadata.ts +1 -1
- package/src/telemetry/BrowserPerformanceClient.ts +4 -0
- package/src/utils/BrowserUtils.ts +24 -1
- package/src/utils/MsalFrameStatsUtils.ts +27 -0
package/lib/msal-browser.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.
|
|
1
|
+
/*! @azure/msal-browser v5.5.0 2026-03-13 */
|
|
2
2
|
'use strict';
|
|
3
3
|
(function (global, factory) {
|
|
4
4
|
typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
(global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
|
|
7
7
|
})(this, (function (exports) { 'use strict';
|
|
8
8
|
|
|
9
|
-
/*! @azure/msal-common v16.
|
|
9
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
10
10
|
/*
|
|
11
11
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
12
12
|
* Licensed under the MIT License.
|
|
@@ -238,7 +238,7 @@
|
|
|
238
238
|
// Token renewal offset default in seconds
|
|
239
239
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
240
240
|
|
|
241
|
-
/*! @azure/msal-common v16.
|
|
241
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
242
242
|
/*
|
|
243
243
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
244
244
|
* Licensed under the MIT License.
|
|
@@ -286,9 +286,10 @@
|
|
|
286
286
|
const BROKER_REDIRECT_URI = "brk_redirect_uri";
|
|
287
287
|
const INSTANCE_AWARE = "instance_aware";
|
|
288
288
|
const EAR_JWK = "ear_jwk";
|
|
289
|
-
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
289
|
+
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
290
|
+
const RESOURCE = "resource";
|
|
290
291
|
|
|
291
|
-
/*! @azure/msal-common v16.
|
|
292
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
292
293
|
/*
|
|
293
294
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
294
295
|
* Licensed under the MIT License.
|
|
@@ -319,7 +320,7 @@
|
|
|
319
320
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
320
321
|
}
|
|
321
322
|
|
|
322
|
-
/*! @azure/msal-common v16.
|
|
323
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
323
324
|
|
|
324
325
|
/*
|
|
325
326
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -339,7 +340,7 @@
|
|
|
339
340
|
return new ClientConfigurationError(errorCode);
|
|
340
341
|
}
|
|
341
342
|
|
|
342
|
-
/*! @azure/msal-common v16.
|
|
343
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
343
344
|
/*
|
|
344
345
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
345
346
|
* Licensed under the MIT License.
|
|
@@ -419,7 +420,7 @@
|
|
|
419
420
|
}
|
|
420
421
|
}
|
|
421
422
|
|
|
422
|
-
/*! @azure/msal-common v16.
|
|
423
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
423
424
|
|
|
424
425
|
/*
|
|
425
426
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -442,7 +443,7 @@
|
|
|
442
443
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
443
444
|
}
|
|
444
445
|
|
|
445
|
-
/*! @azure/msal-common v16.
|
|
446
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
446
447
|
/*
|
|
447
448
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
448
449
|
* Licensed under the MIT License.
|
|
@@ -496,7 +497,7 @@
|
|
|
496
497
|
urlParseError: urlParseError
|
|
497
498
|
});
|
|
498
499
|
|
|
499
|
-
/*! @azure/msal-common v16.
|
|
500
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
500
501
|
/*
|
|
501
502
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
502
503
|
* Licensed under the MIT License.
|
|
@@ -537,7 +538,9 @@
|
|
|
537
538
|
const userCanceled = "user_canceled";
|
|
538
539
|
const methodNotImplemented = "method_not_implemented";
|
|
539
540
|
const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
|
|
540
|
-
const platformBrokerError = "platform_broker_error";
|
|
541
|
+
const platformBrokerError = "platform_broker_error";
|
|
542
|
+
const resourceParameterRequired = "resource_parameter_required";
|
|
543
|
+
const misplacedResourceParam = "misplaced_resource_parameter";
|
|
541
544
|
|
|
542
545
|
var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
543
546
|
__proto__: null,
|
|
@@ -558,6 +561,7 @@
|
|
|
558
561
|
keyIdMissing: keyIdMissing,
|
|
559
562
|
maxAgeTranspired: maxAgeTranspired,
|
|
560
563
|
methodNotImplemented: methodNotImplemented,
|
|
564
|
+
misplacedResourceParam: misplacedResourceParam,
|
|
561
565
|
multipleMatchingAppMetadata: multipleMatchingAppMetadata,
|
|
562
566
|
multipleMatchingTokens: multipleMatchingTokens,
|
|
563
567
|
nestedAppAuthBridgeDisabled: nestedAppAuthBridgeDisabled,
|
|
@@ -571,6 +575,7 @@
|
|
|
571
575
|
openIdConfigError: openIdConfigError,
|
|
572
576
|
platformBrokerError: platformBrokerError,
|
|
573
577
|
requestCannotBeMade: requestCannotBeMade,
|
|
578
|
+
resourceParameterRequired: resourceParameterRequired,
|
|
574
579
|
stateMismatch: stateMismatch,
|
|
575
580
|
stateNotFound: stateNotFound,
|
|
576
581
|
tokenClaimsCnfRequiredForSignedJwt: tokenClaimsCnfRequiredForSignedJwt,
|
|
@@ -580,7 +585,7 @@
|
|
|
580
585
|
userCanceled: userCanceled
|
|
581
586
|
});
|
|
582
587
|
|
|
583
|
-
/*! @azure/msal-common v16.
|
|
588
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
584
589
|
|
|
585
590
|
/*
|
|
586
591
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -775,7 +780,7 @@
|
|
|
775
780
|
}
|
|
776
781
|
}
|
|
777
782
|
|
|
778
|
-
/*! @azure/msal-common v16.
|
|
783
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
779
784
|
|
|
780
785
|
/*
|
|
781
786
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1140,9 +1145,14 @@
|
|
|
1140
1145
|
// ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
|
|
1141
1146
|
const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
|
|
1142
1147
|
parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
1148
|
+
}
|
|
1149
|
+
function addResource(parameters, resource) {
|
|
1150
|
+
if (resource) {
|
|
1151
|
+
parameters.set(RESOURCE, resource);
|
|
1152
|
+
}
|
|
1143
1153
|
}
|
|
1144
1154
|
|
|
1145
|
-
/*! @azure/msal-common v16.
|
|
1155
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1146
1156
|
|
|
1147
1157
|
/*
|
|
1148
1158
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1251,7 +1261,7 @@
|
|
|
1251
1261
|
}
|
|
1252
1262
|
}
|
|
1253
1263
|
|
|
1254
|
-
/*! @azure/msal-common v16.
|
|
1264
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1255
1265
|
|
|
1256
1266
|
/*
|
|
1257
1267
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1290,7 +1300,7 @@
|
|
|
1290
1300
|
},
|
|
1291
1301
|
};
|
|
1292
1302
|
|
|
1293
|
-
/*! @azure/msal-common v16.
|
|
1303
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1294
1304
|
/*
|
|
1295
1305
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1296
1306
|
* Licensed under the MIT License.
|
|
@@ -1565,12 +1575,12 @@
|
|
|
1565
1575
|
}
|
|
1566
1576
|
}
|
|
1567
1577
|
|
|
1568
|
-
/*! @azure/msal-common v16.
|
|
1578
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1569
1579
|
/* eslint-disable header/header */
|
|
1570
1580
|
const name$1 = "@azure/msal-common";
|
|
1571
|
-
const version$1 = "16.
|
|
1581
|
+
const version$1 = "16.3.0";
|
|
1572
1582
|
|
|
1573
|
-
/*! @azure/msal-common v16.
|
|
1583
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1574
1584
|
/*
|
|
1575
1585
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1576
1586
|
* Licensed under the MIT License.
|
|
@@ -1590,7 +1600,7 @@
|
|
|
1590
1600
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
1591
1601
|
};
|
|
1592
1602
|
|
|
1593
|
-
/*! @azure/msal-common v16.
|
|
1603
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1594
1604
|
/*
|
|
1595
1605
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1596
1606
|
* Licensed under the MIT License.
|
|
@@ -1672,7 +1682,7 @@
|
|
|
1672
1682
|
return updatedAccountInfo;
|
|
1673
1683
|
}
|
|
1674
1684
|
|
|
1675
|
-
/*! @azure/msal-common v16.
|
|
1685
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1676
1686
|
|
|
1677
1687
|
/*
|
|
1678
1688
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1752,7 +1762,7 @@
|
|
|
1752
1762
|
}
|
|
1753
1763
|
}
|
|
1754
1764
|
|
|
1755
|
-
/*! @azure/msal-common v16.
|
|
1765
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1756
1766
|
|
|
1757
1767
|
/*
|
|
1758
1768
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1909,7 +1919,7 @@
|
|
|
1909
1919
|
}
|
|
1910
1920
|
}
|
|
1911
1921
|
|
|
1912
|
-
/*! @azure/msal-common v16.
|
|
1922
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1913
1923
|
|
|
1914
1924
|
/*
|
|
1915
1925
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2066,7 +2076,7 @@
|
|
|
2066
2076
|
return null;
|
|
2067
2077
|
}
|
|
2068
2078
|
|
|
2069
|
-
/*! @azure/msal-common v16.
|
|
2079
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2070
2080
|
/*
|
|
2071
2081
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2072
2082
|
* Licensed under the MIT License.
|
|
@@ -2074,7 +2084,7 @@
|
|
|
2074
2084
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2075
2085
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2076
2086
|
|
|
2077
|
-
/*! @azure/msal-common v16.
|
|
2087
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2078
2088
|
|
|
2079
2089
|
/*
|
|
2080
2090
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2112,7 +2122,7 @@
|
|
|
2112
2122
|
}
|
|
2113
2123
|
}
|
|
2114
2124
|
|
|
2115
|
-
/*! @azure/msal-common v16.
|
|
2125
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2116
2126
|
|
|
2117
2127
|
/*
|
|
2118
2128
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2150,7 +2160,7 @@
|
|
|
2150
2160
|
};
|
|
2151
2161
|
}
|
|
2152
2162
|
|
|
2153
|
-
/*! @azure/msal-common v16.
|
|
2163
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2154
2164
|
/*
|
|
2155
2165
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2156
2166
|
* Licensed under the MIT License.
|
|
@@ -2165,7 +2175,7 @@
|
|
|
2165
2175
|
Ciam: 3,
|
|
2166
2176
|
};
|
|
2167
2177
|
|
|
2168
|
-
/*! @azure/msal-common v16.
|
|
2178
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2169
2179
|
/*
|
|
2170
2180
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2171
2181
|
* Licensed under the MIT License.
|
|
@@ -2187,7 +2197,7 @@
|
|
|
2187
2197
|
return null;
|
|
2188
2198
|
}
|
|
2189
2199
|
|
|
2190
|
-
/*! @azure/msal-common v16.
|
|
2200
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2191
2201
|
/*
|
|
2192
2202
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2193
2203
|
* Licensed under the MIT License.
|
|
@@ -2211,7 +2221,7 @@
|
|
|
2211
2221
|
EAR: "EAR",
|
|
2212
2222
|
};
|
|
2213
2223
|
|
|
2214
|
-
/*! @azure/msal-common v16.
|
|
2224
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2215
2225
|
/**
|
|
2216
2226
|
* Returns the AccountInfo interface for this account.
|
|
2217
2227
|
*/
|
|
@@ -2386,7 +2396,7 @@
|
|
|
2386
2396
|
entity.hasOwnProperty("authorityType"));
|
|
2387
2397
|
}
|
|
2388
2398
|
|
|
2389
|
-
/*! @azure/msal-common v16.
|
|
2399
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2390
2400
|
|
|
2391
2401
|
/*
|
|
2392
2402
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3483,7 +3493,7 @@
|
|
|
3483
3493
|
}
|
|
3484
3494
|
}
|
|
3485
3495
|
|
|
3486
|
-
/*! @azure/msal-common v16.
|
|
3496
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3487
3497
|
/*
|
|
3488
3498
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3489
3499
|
* Licensed under the MIT License.
|
|
@@ -3498,6 +3508,12 @@
|
|
|
3498
3508
|
InProgress: 1,
|
|
3499
3509
|
Completed: 2,
|
|
3500
3510
|
};
|
|
3511
|
+
/**
|
|
3512
|
+
* Prefix used to mark telemetry field names as dynamic.
|
|
3513
|
+
* Fields with this prefix in addFields/incrementFields calls will be routed
|
|
3514
|
+
* to the PerformanceEvent.ext sub-object.
|
|
3515
|
+
*/
|
|
3516
|
+
const EXT_FIELD_PREFIX = "ext.";
|
|
3501
3517
|
const IntFields = new Set([
|
|
3502
3518
|
"accessTokenSize",
|
|
3503
3519
|
"durationMs",
|
|
@@ -3522,9 +3538,12 @@
|
|
|
3522
3538
|
"currRefreshCount",
|
|
3523
3539
|
"expiredCacheRemovedCount",
|
|
3524
3540
|
"upgradedCacheCount",
|
|
3541
|
+
"networkRtt",
|
|
3542
|
+
"redirectBridgeTimeoutMs",
|
|
3543
|
+
"redirectBridgeMessageVersion",
|
|
3525
3544
|
]);
|
|
3526
3545
|
|
|
3527
|
-
/*! @azure/msal-common v16.
|
|
3546
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3528
3547
|
|
|
3529
3548
|
/*
|
|
3530
3549
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3579,7 +3598,7 @@
|
|
|
3579
3598
|
}
|
|
3580
3599
|
}
|
|
3581
3600
|
|
|
3582
|
-
/*! @azure/msal-common v16.
|
|
3601
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3583
3602
|
|
|
3584
3603
|
/*
|
|
3585
3604
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3662,6 +3681,7 @@
|
|
|
3662
3681
|
clientCapabilities: [],
|
|
3663
3682
|
azureCloudOptions: DEFAULT_AZURE_CLOUD_OPTIONS,
|
|
3664
3683
|
instanceAware: false,
|
|
3684
|
+
isMcp: false,
|
|
3665
3685
|
...authOptions,
|
|
3666
3686
|
};
|
|
3667
3687
|
}
|
|
@@ -3673,7 +3693,7 @@
|
|
|
3673
3693
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3674
3694
|
}
|
|
3675
3695
|
|
|
3676
|
-
/*! @azure/msal-common v16.
|
|
3696
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3677
3697
|
|
|
3678
3698
|
/*
|
|
3679
3699
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3692,7 +3712,7 @@
|
|
|
3692
3712
|
}
|
|
3693
3713
|
}
|
|
3694
3714
|
|
|
3695
|
-
/*! @azure/msal-common v16.
|
|
3715
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3696
3716
|
/*
|
|
3697
3717
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3698
3718
|
* Licensed under the MIT License.
|
|
@@ -3756,7 +3776,7 @@
|
|
|
3756
3776
|
uxNotAllowed: uxNotAllowed
|
|
3757
3777
|
});
|
|
3758
3778
|
|
|
3759
|
-
/*! @azure/msal-common v16.
|
|
3779
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3760
3780
|
|
|
3761
3781
|
/*
|
|
3762
3782
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3824,7 +3844,7 @@
|
|
|
3824
3844
|
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
3825
3845
|
}
|
|
3826
3846
|
|
|
3827
|
-
/*! @azure/msal-common v16.
|
|
3847
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3828
3848
|
|
|
3829
3849
|
/*
|
|
3830
3850
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3892,7 +3912,7 @@
|
|
|
3892
3912
|
}
|
|
3893
3913
|
}
|
|
3894
3914
|
|
|
3895
|
-
/*! @azure/msal-common v16.
|
|
3915
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3896
3916
|
/*
|
|
3897
3917
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3898
3918
|
* Licensed under the MIT License.
|
|
@@ -3957,7 +3977,7 @@
|
|
|
3957
3977
|
return cachedAtSec > nowSeconds();
|
|
3958
3978
|
}
|
|
3959
3979
|
|
|
3960
|
-
/*! @azure/msal-common v16.
|
|
3980
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3961
3981
|
/*
|
|
3962
3982
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3963
3983
|
* Licensed under the MIT License.
|
|
@@ -4028,7 +4048,7 @@
|
|
|
4028
4048
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
4029
4049
|
const SetUserData = "setUserData";
|
|
4030
4050
|
|
|
4031
|
-
/*! @azure/msal-common v16.
|
|
4051
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4032
4052
|
/*
|
|
4033
4053
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4034
4054
|
* Licensed under the MIT License.
|
|
@@ -4051,8 +4071,7 @@
|
|
|
4051
4071
|
const inProgressEvent = telemetryClient.startMeasurement(eventName, correlationId);
|
|
4052
4072
|
if (correlationId) {
|
|
4053
4073
|
// Track number of times this API is called in a single request
|
|
4054
|
-
|
|
4055
|
-
telemetryClient.incrementFields({ [eventCount]: 1 }, correlationId);
|
|
4074
|
+
telemetryClient.incrementFields({ [`ext.${eventName}CallCount`]: 1 }, correlationId);
|
|
4056
4075
|
}
|
|
4057
4076
|
try {
|
|
4058
4077
|
const result = callback(...args);
|
|
@@ -4096,8 +4115,7 @@
|
|
|
4096
4115
|
const inProgressEvent = telemetryClient.startMeasurement(eventName, correlationId);
|
|
4097
4116
|
if (correlationId) {
|
|
4098
4117
|
// Track number of times this API is called in a single request
|
|
4099
|
-
|
|
4100
|
-
telemetryClient.incrementFields({ [eventCount]: 1 }, correlationId);
|
|
4118
|
+
telemetryClient.incrementFields({ [`ext.${eventName}CallCount`]: 1 }, correlationId);
|
|
4101
4119
|
}
|
|
4102
4120
|
return callback(...args)
|
|
4103
4121
|
.then((response) => {
|
|
@@ -4123,7 +4141,7 @@
|
|
|
4123
4141
|
};
|
|
4124
4142
|
};
|
|
4125
4143
|
|
|
4126
|
-
/*! @azure/msal-common v16.
|
|
4144
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4127
4145
|
|
|
4128
4146
|
/*
|
|
4129
4147
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4203,7 +4221,7 @@
|
|
|
4203
4221
|
}
|
|
4204
4222
|
}
|
|
4205
4223
|
|
|
4206
|
-
/*! @azure/msal-common v16.
|
|
4224
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4207
4225
|
/*
|
|
4208
4226
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4209
4227
|
* Licensed under the MIT License.
|
|
@@ -4230,7 +4248,7 @@
|
|
|
4230
4248
|
}
|
|
4231
4249
|
}
|
|
4232
4250
|
|
|
4233
|
-
/*! @azure/msal-common v16.
|
|
4251
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4234
4252
|
|
|
4235
4253
|
/*
|
|
4236
4254
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4489,7 +4507,7 @@
|
|
|
4489
4507
|
return metadata.expiresAt <= nowSeconds();
|
|
4490
4508
|
}
|
|
4491
4509
|
|
|
4492
|
-
/*! @azure/msal-common v16.
|
|
4510
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4493
4511
|
|
|
4494
4512
|
/*
|
|
4495
4513
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4674,6 +4692,11 @@
|
|
|
4674
4692
|
: undefined;
|
|
4675
4693
|
// non AAD scenarios can have empty realm
|
|
4676
4694
|
cachedAccessToken = createAccessTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.access_token, this.clientId, claimsTenantId || authority.tenant || "", responseScopes.printScopes(), tokenExpirationSeconds, extendedTokenExpirationSeconds, this.cryptoObj.base64Decode, refreshOnSeconds, serverTokenResponse.token_type, userAssertionHash, serverTokenResponse.key_id);
|
|
4695
|
+
// Set resource (to be used for MCP scenarios)
|
|
4696
|
+
const resource = request.resource || null;
|
|
4697
|
+
if (resource) {
|
|
4698
|
+
cachedAccessToken.resource = resource;
|
|
4699
|
+
}
|
|
4677
4700
|
}
|
|
4678
4701
|
// refreshToken
|
|
4679
4702
|
let cachedRefreshToken = null;
|
|
@@ -4825,7 +4848,7 @@
|
|
|
4825
4848
|
return baseAccount;
|
|
4826
4849
|
}
|
|
4827
4850
|
|
|
4828
|
-
/*! @azure/msal-common v16.
|
|
4851
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4829
4852
|
/*
|
|
4830
4853
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4831
4854
|
* Licensed under the MIT License.
|
|
@@ -4835,7 +4858,7 @@
|
|
|
4835
4858
|
UPN: "UPN",
|
|
4836
4859
|
};
|
|
4837
4860
|
|
|
4838
|
-
/*! @azure/msal-common v16.
|
|
4861
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4839
4862
|
/*
|
|
4840
4863
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4841
4864
|
* Licensed under the MIT License.
|
|
@@ -4853,7 +4876,7 @@
|
|
|
4853
4876
|
}
|
|
4854
4877
|
}
|
|
4855
4878
|
|
|
4856
|
-
/*! @azure/msal-common v16.
|
|
4879
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4857
4880
|
/*
|
|
4858
4881
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4859
4882
|
* Licensed under the MIT License.
|
|
@@ -4874,7 +4897,7 @@
|
|
|
4874
4897
|
};
|
|
4875
4898
|
}
|
|
4876
4899
|
|
|
4877
|
-
/*! @azure/msal-common v16.
|
|
4900
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4878
4901
|
|
|
4879
4902
|
/*
|
|
4880
4903
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4960,7 +4983,7 @@
|
|
|
4960
4983
|
}
|
|
4961
4984
|
}
|
|
4962
4985
|
|
|
4963
|
-
/*! @azure/msal-common v16.
|
|
4986
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4964
4987
|
|
|
4965
4988
|
/*
|
|
4966
4989
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4991,7 +5014,7 @@
|
|
|
4991
5014
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
4992
5015
|
}
|
|
4993
5016
|
|
|
4994
|
-
/*! @azure/msal-common v16.
|
|
5017
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4995
5018
|
|
|
4996
5019
|
/*
|
|
4997
5020
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5105,7 +5128,7 @@
|
|
|
5105
5128
|
return response;
|
|
5106
5129
|
}
|
|
5107
5130
|
|
|
5108
|
-
/*! @azure/msal-common v16.
|
|
5131
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5109
5132
|
/*
|
|
5110
5133
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5111
5134
|
* Licensed under the MIT License.
|
|
@@ -5117,7 +5140,7 @@
|
|
|
5117
5140
|
response.hasOwnProperty("jwks_uri"));
|
|
5118
5141
|
}
|
|
5119
5142
|
|
|
5120
|
-
/*! @azure/msal-common v16.
|
|
5143
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5121
5144
|
/*
|
|
5122
5145
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5123
5146
|
* Licensed under the MIT License.
|
|
@@ -5127,7 +5150,7 @@
|
|
|
5127
5150
|
response.hasOwnProperty("metadata"));
|
|
5128
5151
|
}
|
|
5129
5152
|
|
|
5130
|
-
/*! @azure/msal-common v16.
|
|
5153
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5131
5154
|
/*
|
|
5132
5155
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5133
5156
|
* Licensed under the MIT License.
|
|
@@ -5137,7 +5160,7 @@
|
|
|
5137
5160
|
response.hasOwnProperty("error_description"));
|
|
5138
5161
|
}
|
|
5139
5162
|
|
|
5140
|
-
/*! @azure/msal-common v16.
|
|
5163
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5141
5164
|
|
|
5142
5165
|
/*
|
|
5143
5166
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5242,7 +5265,7 @@
|
|
|
5242
5265
|
},
|
|
5243
5266
|
};
|
|
5244
5267
|
|
|
5245
|
-
/*! @azure/msal-common v16.
|
|
5268
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5246
5269
|
|
|
5247
5270
|
/*
|
|
5248
5271
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6062,7 +6085,7 @@
|
|
|
6062
6085
|
};
|
|
6063
6086
|
}
|
|
6064
6087
|
|
|
6065
|
-
/*! @azure/msal-common v16.
|
|
6088
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6066
6089
|
|
|
6067
6090
|
/*
|
|
6068
6091
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6096,7 +6119,7 @@
|
|
|
6096
6119
|
}
|
|
6097
6120
|
}
|
|
6098
6121
|
|
|
6099
|
-
/*! @azure/msal-common v16.
|
|
6122
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6100
6123
|
|
|
6101
6124
|
/*
|
|
6102
6125
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6216,6 +6239,7 @@
|
|
|
6216
6239
|
}
|
|
6217
6240
|
// Add scope array, parameter builder will add default scopes and dedupe
|
|
6218
6241
|
addScopes(parameters, request.scopes, true, this.oidcDefaultScopes);
|
|
6242
|
+
addResource(parameters, request.resource);
|
|
6219
6243
|
// add code: user set, not validated
|
|
6220
6244
|
addAuthorizationCode(parameters, request.code);
|
|
6221
6245
|
// Add library metadata
|
|
@@ -6356,7 +6380,7 @@
|
|
|
6356
6380
|
}
|
|
6357
6381
|
}
|
|
6358
6382
|
|
|
6359
|
-
/*! @azure/msal-common v16.
|
|
6383
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6360
6384
|
|
|
6361
6385
|
/*
|
|
6362
6386
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6581,7 +6605,7 @@
|
|
|
6581
6605
|
}
|
|
6582
6606
|
}
|
|
6583
6607
|
|
|
6584
|
-
/*! @azure/msal-common v16.
|
|
6608
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6585
6609
|
|
|
6586
6610
|
/*
|
|
6587
6611
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6637,6 +6661,13 @@
|
|
|
6637
6661
|
this.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED, request.correlationId);
|
|
6638
6662
|
throw createClientAuthError(tokenRefreshRequired);
|
|
6639
6663
|
}
|
|
6664
|
+
else if (request.resource) {
|
|
6665
|
+
// cached access token must have a resource that matches the request resource for MCP scenarios
|
|
6666
|
+
if (cachedAccessToken.resource !== request.resource) {
|
|
6667
|
+
this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
|
|
6668
|
+
throw createClientAuthError(tokenRefreshRequired);
|
|
6669
|
+
}
|
|
6670
|
+
}
|
|
6640
6671
|
else if (cachedAccessToken.refreshOn &&
|
|
6641
6672
|
isTokenExpired(cachedAccessToken.refreshOn, 0)) {
|
|
6642
6673
|
// must refresh (in the background) due to the refresh_in value
|
|
@@ -6690,7 +6721,7 @@
|
|
|
6690
6721
|
}
|
|
6691
6722
|
}
|
|
6692
6723
|
|
|
6693
|
-
/*! @azure/msal-common v16.
|
|
6724
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6694
6725
|
|
|
6695
6726
|
/*
|
|
6696
6727
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6705,7 +6736,7 @@
|
|
|
6705
6736
|
},
|
|
6706
6737
|
};
|
|
6707
6738
|
|
|
6708
|
-
/*! @azure/msal-common v16.
|
|
6739
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6709
6740
|
|
|
6710
6741
|
/*
|
|
6711
6742
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6731,6 +6762,7 @@
|
|
|
6731
6762
|
...(request.extraScopesToConsent || []),
|
|
6732
6763
|
];
|
|
6733
6764
|
addScopes(parameters, requestScopes, true, authOptions.authority.options.OIDCOptions?.defaultScopes);
|
|
6765
|
+
addResource(parameters, request.resource);
|
|
6734
6766
|
addRedirectUri(parameters, request.redirectUri);
|
|
6735
6767
|
addCorrelationId(parameters, correlationId);
|
|
6736
6768
|
// add response_mode. If not passed in it defaults to query.
|
|
@@ -6929,7 +6961,40 @@
|
|
|
6929
6961
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
6930
6962
|
}
|
|
6931
6963
|
|
|
6932
|
-
/*! @azure/msal-common v16.
|
|
6964
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6965
|
+
|
|
6966
|
+
/*
|
|
6967
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6968
|
+
* Licensed under the MIT License.
|
|
6969
|
+
*/
|
|
6970
|
+
/**
|
|
6971
|
+
* Helper to enforce resource parameter presence in token requests when isMcp is set in the configuration.
|
|
6972
|
+
* If resource parameter is set in both the request and in extraQueryParameters or extraParameters, an error will be thrown.
|
|
6973
|
+
* This is used for MCP flows.
|
|
6974
|
+
* @param isMcp - Flag indicating if application is an MCP app, from configuration
|
|
6975
|
+
* @param request - Auth request
|
|
6976
|
+
*/
|
|
6977
|
+
function enforceResourceParameter(isMcp, request) {
|
|
6978
|
+
if (!isMcp) {
|
|
6979
|
+
return;
|
|
6980
|
+
}
|
|
6981
|
+
if (request.resource &&
|
|
6982
|
+
(containsResourceParam(request.extraParameters) ||
|
|
6983
|
+
containsResourceParam(request.extraQueryParameters))) {
|
|
6984
|
+
throw createClientAuthError(misplacedResourceParam);
|
|
6985
|
+
}
|
|
6986
|
+
if (!request.resource) {
|
|
6987
|
+
throw createClientAuthError(resourceParameterRequired);
|
|
6988
|
+
}
|
|
6989
|
+
}
|
|
6990
|
+
function containsResourceParam(params) {
|
|
6991
|
+
if (!params) {
|
|
6992
|
+
return false;
|
|
6993
|
+
}
|
|
6994
|
+
return Object.prototype.hasOwnProperty.call(params, "resource");
|
|
6995
|
+
}
|
|
6996
|
+
|
|
6997
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6933
6998
|
|
|
6934
6999
|
/*
|
|
6935
7000
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6987,7 +7052,7 @@
|
|
|
6987
7052
|
}
|
|
6988
7053
|
}
|
|
6989
7054
|
|
|
6990
|
-
/*! @azure/msal-common v16.
|
|
7055
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6991
7056
|
/*
|
|
6992
7057
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6993
7058
|
* Licensed under the MIT License.
|
|
@@ -7004,7 +7069,7 @@
|
|
|
7004
7069
|
unexpectedError: unexpectedError
|
|
7005
7070
|
});
|
|
7006
7071
|
|
|
7007
|
-
/*! @azure/msal-common v16.
|
|
7072
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7008
7073
|
|
|
7009
7074
|
/*
|
|
7010
7075
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7265,7 +7330,7 @@
|
|
|
7265
7330
|
}
|
|
7266
7331
|
}
|
|
7267
7332
|
|
|
7268
|
-
/*! @azure/msal-common v16.
|
|
7333
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7269
7334
|
|
|
7270
7335
|
/*
|
|
7271
7336
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7286,7 +7351,7 @@
|
|
|
7286
7351
|
return new JoseHeaderError(code);
|
|
7287
7352
|
}
|
|
7288
7353
|
|
|
7289
|
-
/*! @azure/msal-common v16.
|
|
7354
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7290
7355
|
/*
|
|
7291
7356
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7292
7357
|
* Licensed under the MIT License.
|
|
@@ -7294,7 +7359,7 @@
|
|
|
7294
7359
|
const missingKidError = "missing_kid_error";
|
|
7295
7360
|
const missingAlgError = "missing_alg_error";
|
|
7296
7361
|
|
|
7297
|
-
/*! @azure/msal-common v16.
|
|
7362
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7298
7363
|
|
|
7299
7364
|
/*
|
|
7300
7365
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7334,7 +7399,7 @@
|
|
|
7334
7399
|
}
|
|
7335
7400
|
}
|
|
7336
7401
|
|
|
7337
|
-
/*! @azure/msal-common v16.
|
|
7402
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7338
7403
|
|
|
7339
7404
|
/*
|
|
7340
7405
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7633,9 +7698,13 @@
|
|
|
7633
7698
|
if (error) {
|
|
7634
7699
|
addError(error, this.logger, rootEvent);
|
|
7635
7700
|
}
|
|
7636
|
-
// Add sub-measurement attribute to root event.
|
|
7701
|
+
// Add sub-measurement attribute to root event's ext field.
|
|
7637
7702
|
if (!isRoot) {
|
|
7638
|
-
rootEvent
|
|
7703
|
+
rootEvent.ext = {
|
|
7704
|
+
...rootEvent.ext,
|
|
7705
|
+
...event.ext,
|
|
7706
|
+
};
|
|
7707
|
+
rootEvent.ext[event.name + "DurationMs"] = Math.floor(event.durationMs);
|
|
7639
7708
|
return { ...rootEvent };
|
|
7640
7709
|
}
|
|
7641
7710
|
if (isRoot &&
|
|
@@ -7681,10 +7750,32 @@
|
|
|
7681
7750
|
addFields(fields, correlationId) {
|
|
7682
7751
|
const event = this.eventsByCorrelationId.get(correlationId);
|
|
7683
7752
|
if (event) {
|
|
7684
|
-
|
|
7753
|
+
const staticFields = {};
|
|
7754
|
+
const dynamicFields = {};
|
|
7755
|
+
for (const key in fields) {
|
|
7756
|
+
if (key.startsWith(EXT_FIELD_PREFIX)) {
|
|
7757
|
+
const dynamicKey = key.slice(EXT_FIELD_PREFIX.length);
|
|
7758
|
+
const value = fields[key];
|
|
7759
|
+
if (typeof value === "string" ||
|
|
7760
|
+
typeof value === "number") {
|
|
7761
|
+
dynamicFields[dynamicKey] = value;
|
|
7762
|
+
}
|
|
7763
|
+
}
|
|
7764
|
+
else {
|
|
7765
|
+
staticFields[key] = fields[key];
|
|
7766
|
+
}
|
|
7767
|
+
}
|
|
7768
|
+
const updatedEvent = {
|
|
7685
7769
|
...event,
|
|
7686
|
-
...
|
|
7687
|
-
}
|
|
7770
|
+
...staticFields,
|
|
7771
|
+
};
|
|
7772
|
+
if (Object.keys(dynamicFields).length) {
|
|
7773
|
+
updatedEvent.ext = {
|
|
7774
|
+
...updatedEvent.ext,
|
|
7775
|
+
...dynamicFields,
|
|
7776
|
+
};
|
|
7777
|
+
}
|
|
7778
|
+
this.eventsByCorrelationId.set(correlationId, updatedEvent);
|
|
7688
7779
|
}
|
|
7689
7780
|
else {
|
|
7690
7781
|
this.logger.trace("0thl6s", correlationId);
|
|
@@ -7699,13 +7790,32 @@
|
|
|
7699
7790
|
const event = this.eventsByCorrelationId.get(correlationId);
|
|
7700
7791
|
if (event) {
|
|
7701
7792
|
for (const counter in fields) {
|
|
7702
|
-
if (
|
|
7703
|
-
event
|
|
7793
|
+
if (counter.startsWith(EXT_FIELD_PREFIX)) {
|
|
7794
|
+
event.ext = event.ext || {};
|
|
7795
|
+
// Route to ext sub-object
|
|
7796
|
+
const dynamicKey = counter.slice(EXT_FIELD_PREFIX.length);
|
|
7797
|
+
const currentValue = event.ext[dynamicKey];
|
|
7798
|
+
if (currentValue === undefined) {
|
|
7799
|
+
event.ext[dynamicKey] = 0;
|
|
7800
|
+
}
|
|
7801
|
+
else if (isNaN(Number(currentValue))) {
|
|
7802
|
+
return;
|
|
7803
|
+
}
|
|
7804
|
+
event.ext[dynamicKey] =
|
|
7805
|
+
(Number(event.ext[dynamicKey]) || 0) +
|
|
7806
|
+
(fields[counter] ?? 0);
|
|
7704
7807
|
}
|
|
7705
|
-
else
|
|
7706
|
-
|
|
7808
|
+
else {
|
|
7809
|
+
/* eslint-disable custom-msal/no-dynamic-telemetry-fields -- internal dispatching of static fields by name */
|
|
7810
|
+
if (!event.hasOwnProperty(counter)) {
|
|
7811
|
+
event[counter] = 0;
|
|
7812
|
+
}
|
|
7813
|
+
else if (isNaN(Number(event[counter]))) {
|
|
7814
|
+
return;
|
|
7815
|
+
}
|
|
7816
|
+
event[counter] += fields[counter];
|
|
7817
|
+
/* eslint-enable custom-msal/no-dynamic-telemetry-fields */
|
|
7707
7818
|
}
|
|
7708
|
-
event[counter] += fields[counter];
|
|
7709
7819
|
}
|
|
7710
7820
|
}
|
|
7711
7821
|
else {
|
|
@@ -7798,9 +7908,11 @@
|
|
|
7798
7908
|
*/
|
|
7799
7909
|
truncateIntegralFields(event) {
|
|
7800
7910
|
this.intFields.forEach((key) => {
|
|
7911
|
+
/* eslint-disable custom-msal/no-dynamic-telemetry-fields -- internal truncation of known integer fields */
|
|
7801
7912
|
if (key in event && typeof event[key] === "number") {
|
|
7802
7913
|
event[key] = Math.floor(event[key]);
|
|
7803
7914
|
}
|
|
7915
|
+
/* eslint-enable custom-msal/no-dynamic-telemetry-fields */
|
|
7804
7916
|
});
|
|
7805
7917
|
}
|
|
7806
7918
|
/**
|
|
@@ -8721,9 +8833,13 @@
|
|
|
8721
8833
|
activeBridgeMonitor = null;
|
|
8722
8834
|
}
|
|
8723
8835
|
}
|
|
8724
|
-
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request) {
|
|
8836
|
+
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient) {
|
|
8725
8837
|
return new Promise((resolve, reject) => {
|
|
8726
8838
|
logger.verbose("1rf6em", request.correlationId);
|
|
8839
|
+
const correlationId = request.correlationId;
|
|
8840
|
+
performanceClient.addFields({
|
|
8841
|
+
redirectBridgeTimeoutMs: timeoutMs,
|
|
8842
|
+
}, correlationId);
|
|
8727
8843
|
const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
|
|
8728
8844
|
const channel = new BroadcastChannel(libraryState.id);
|
|
8729
8845
|
let responseString = undefined;
|
|
@@ -8741,6 +8857,12 @@
|
|
|
8741
8857
|
};
|
|
8742
8858
|
channel.onmessage = (event) => {
|
|
8743
8859
|
responseString = event.data.payload;
|
|
8860
|
+
const messageVersion = event?.data && typeof event.data.v === "number"
|
|
8861
|
+
? event.data.v
|
|
8862
|
+
: undefined;
|
|
8863
|
+
performanceClient.addFields({
|
|
8864
|
+
redirectBridgeMessageVersion: messageVersion,
|
|
8865
|
+
}, correlationId);
|
|
8744
8866
|
// Clear the active monitor
|
|
8745
8867
|
activeBridgeMonitor = null;
|
|
8746
8868
|
clearTimeout(timeoutId);
|
|
@@ -10160,7 +10282,7 @@
|
|
|
10160
10282
|
|
|
10161
10283
|
/* eslint-disable header/header */
|
|
10162
10284
|
const name = "@azure/msal-browser";
|
|
10163
|
-
const version = "5.
|
|
10285
|
+
const version = "5.5.0";
|
|
10164
10286
|
|
|
10165
10287
|
/*
|
|
10166
10288
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -11475,6 +11597,9 @@
|
|
|
11475
11597
|
: 0, base64Decode, undefined, // refreshOn
|
|
11476
11598
|
result.tokenType, undefined, // userAssertionHash
|
|
11477
11599
|
request.sshKid);
|
|
11600
|
+
if (request.resource) {
|
|
11601
|
+
accessTokenEntity.resource = request.resource;
|
|
11602
|
+
}
|
|
11478
11603
|
const cacheRecord = {
|
|
11479
11604
|
idToken: idTokenEntity,
|
|
11480
11605
|
accessToken: accessTokenEntity,
|
|
@@ -12027,6 +12152,7 @@
|
|
|
12027
12152
|
authority: discoveredAuthority,
|
|
12028
12153
|
clientCapabilities: this.config.auth.clientCapabilities,
|
|
12029
12154
|
redirectUri: this.config.auth.redirectUri,
|
|
12155
|
+
isMcp: this.config.auth.isMcp,
|
|
12030
12156
|
},
|
|
12031
12157
|
systemOptions: {
|
|
12032
12158
|
tokenRenewalOffsetSeconds: this.config.system.tokenRenewalOffsetSeconds,
|
|
@@ -12067,6 +12193,10 @@
|
|
|
12067
12193
|
*/
|
|
12068
12194
|
async function initializeAuthorizationRequest(request, interactionType, config, browserCrypto, browserStorage, logger, performanceClient, correlationId) {
|
|
12069
12195
|
const redirectUri = getRedirectUri(request.redirectUri, config.auth.redirectUri, logger, correlationId);
|
|
12196
|
+
if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
|
|
12197
|
+
logger.warning("08qbvw", correlationId);
|
|
12198
|
+
performanceClient.addFields({ isRedirectUriCrossOrigin: true }, correlationId);
|
|
12199
|
+
}
|
|
12070
12200
|
const browserState = {
|
|
12071
12201
|
interactionType: interactionType,
|
|
12072
12202
|
};
|
|
@@ -12744,6 +12874,7 @@
|
|
|
12744
12874
|
correlationId: this.correlationId,
|
|
12745
12875
|
state: response.state,
|
|
12746
12876
|
fromPlatformBroker: true,
|
|
12877
|
+
...(request.resource && { resource: request.resource }),
|
|
12747
12878
|
};
|
|
12748
12879
|
return result;
|
|
12749
12880
|
}
|
|
@@ -13472,6 +13603,7 @@
|
|
|
13472
13603
|
tenant: "",
|
|
13473
13604
|
},
|
|
13474
13605
|
instanceAware: false,
|
|
13606
|
+
isMcp: false,
|
|
13475
13607
|
};
|
|
13476
13608
|
// Default cache options for browser
|
|
13477
13609
|
const DEFAULT_CACHE_OPTIONS = {
|
|
@@ -13864,14 +13996,17 @@
|
|
|
13864
13996
|
initializePlatformDOMRequest(request) {
|
|
13865
13997
|
this.logger.trace("15d6yv", request.correlationId);
|
|
13866
13998
|
const { accountId, clientId, authority, scope, redirectUri, correlationId, state, storeInCache, embeddedClientId, extraParameters, ...remainingProperties } = request;
|
|
13867
|
-
const validExtraParameters = this.getDOMExtraParams(remainingProperties);
|
|
13999
|
+
const validExtraParameters = this.getDOMExtraParams(remainingProperties, correlationId);
|
|
13868
14000
|
const platformDOMRequest = {
|
|
13869
14001
|
accountId: accountId,
|
|
13870
14002
|
brokerId: this.getExtensionId(),
|
|
13871
14003
|
authority: authority,
|
|
13872
14004
|
clientId: clientId,
|
|
13873
14005
|
correlationId: correlationId || this.correlationId,
|
|
13874
|
-
extraParameters: {
|
|
14006
|
+
extraParameters: {
|
|
14007
|
+
...extraParameters,
|
|
14008
|
+
...validExtraParameters,
|
|
14009
|
+
},
|
|
13875
14010
|
isSecurityTokenService: false,
|
|
13876
14011
|
redirectUri: redirectUri,
|
|
13877
14012
|
scope: scope,
|
|
@@ -13925,15 +14060,27 @@
|
|
|
13925
14060
|
};
|
|
13926
14061
|
return nativeResponse;
|
|
13927
14062
|
}
|
|
13928
|
-
getDOMExtraParams(extraParameters) {
|
|
13929
|
-
|
|
13930
|
-
|
|
13931
|
-
|
|
13932
|
-
|
|
13933
|
-
|
|
13934
|
-
|
|
13935
|
-
|
|
13936
|
-
|
|
14063
|
+
getDOMExtraParams(extraParameters, correlationId) {
|
|
14064
|
+
try {
|
|
14065
|
+
const stringifiedProperties = {};
|
|
14066
|
+
for (const [key, value] of Object.entries(extraParameters)) {
|
|
14067
|
+
if (!value) {
|
|
14068
|
+
continue;
|
|
14069
|
+
}
|
|
14070
|
+
if (typeof value === "object") {
|
|
14071
|
+
stringifiedProperties[key] = JSON.stringify(value);
|
|
14072
|
+
}
|
|
14073
|
+
else {
|
|
14074
|
+
stringifiedProperties[key] = String(value);
|
|
14075
|
+
}
|
|
14076
|
+
}
|
|
14077
|
+
return stringifiedProperties;
|
|
14078
|
+
}
|
|
14079
|
+
catch (e) {
|
|
14080
|
+
this.logger.error("0eu9o3", correlationId);
|
|
14081
|
+
this.logger.errorPii("17rpl5", correlationId);
|
|
14082
|
+
return {};
|
|
14083
|
+
}
|
|
13937
14084
|
}
|
|
13938
14085
|
}
|
|
13939
14086
|
|
|
@@ -14177,7 +14324,7 @@
|
|
|
14177
14324
|
const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
|
|
14178
14325
|
this.eventHandler.emitEvent(EventType.POPUP_OPENED, correlationId, exports.InteractionType.Popup, { popupWindow }, null);
|
|
14179
14326
|
// Wait for the redirect bridge response
|
|
14180
|
-
const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
14327
|
+
const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
14181
14328
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14182
14329
|
return await invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
14183
14330
|
}
|
|
@@ -14212,7 +14359,7 @@
|
|
|
14212
14359
|
const form = await getEARForm(popupWindow.document, this.config, discoveredAuthority, popupRequest, this.logger, this.performanceClient);
|
|
14213
14360
|
form.submit();
|
|
14214
14361
|
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
14215
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest);
|
|
14362
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest, this.performanceClient);
|
|
14216
14363
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14217
14364
|
if (!serverParams.ear_jwe && serverParams.code) {
|
|
14218
14365
|
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, correlationId)({
|
|
@@ -14237,7 +14384,7 @@
|
|
|
14237
14384
|
const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
14238
14385
|
form.submit();
|
|
14239
14386
|
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
14240
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
14387
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
14241
14388
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14242
14389
|
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
14243
14390
|
}
|
|
@@ -14290,7 +14437,7 @@
|
|
|
14290
14437
|
// Open the popup window to requestUrl.
|
|
14291
14438
|
const popupWindow = this.openPopup(logoutUri, popupParams);
|
|
14292
14439
|
this.eventHandler.emitEvent(EventType.POPUP_OPENED, validRequest.correlationId, exports.InteractionType.Popup, { popupWindow }, null);
|
|
14293
|
-
await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest).catch(() => {
|
|
14440
|
+
await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest, this.performanceClient).catch(() => {
|
|
14294
14441
|
// Swallow any errors related to monitoring the window. Server logout is best effort
|
|
14295
14442
|
});
|
|
14296
14443
|
if (mainWindowRedirectUri) {
|
|
@@ -15038,7 +15185,7 @@
|
|
|
15038
15185
|
};
|
|
15039
15186
|
await invokeAsync(initiateEarRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, discoveredAuthority, silentRequest, this.logger, this.performanceClient);
|
|
15040
15187
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
15041
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
15188
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
15042
15189
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
15043
15190
|
if (!serverParams.ear_jwe && serverParams.code) {
|
|
15044
15191
|
// If server doesn't support EAR, they may fallback to auth code flow instead
|
|
@@ -15087,7 +15234,7 @@
|
|
|
15087
15234
|
}
|
|
15088
15235
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
15089
15236
|
// Wait for response from the redirect bridge.
|
|
15090
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
15237
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
15091
15238
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
15092
15239
|
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceCodes.verifier, this.apiId, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15093
15240
|
}
|
|
@@ -15240,6 +15387,22 @@
|
|
|
15240
15387
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
15241
15388
|
* Licensed under the MIT License.
|
|
15242
15389
|
*/
|
|
15390
|
+
/**
|
|
15391
|
+
* Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
|
|
15392
|
+
* @returns Network connection information, or an empty object if not available.
|
|
15393
|
+
*/
|
|
15394
|
+
function getNetworkInfo() {
|
|
15395
|
+
if (typeof window === "undefined" || !window.navigator) {
|
|
15396
|
+
return {};
|
|
15397
|
+
}
|
|
15398
|
+
const connection = "connection" in window.navigator
|
|
15399
|
+
? window.navigator.connection
|
|
15400
|
+
: undefined;
|
|
15401
|
+
return {
|
|
15402
|
+
effectiveType: connection?.effectiveType,
|
|
15403
|
+
rtt: connection?.rtt,
|
|
15404
|
+
};
|
|
15405
|
+
}
|
|
15243
15406
|
function collectInstanceStats(currentClientId, performanceEvent, logger, correlationId) {
|
|
15244
15407
|
const frameInstances =
|
|
15245
15408
|
// @ts-ignore
|
|
@@ -15259,12 +15422,13 @@
|
|
|
15259
15422
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
15260
15423
|
* Licensed under the MIT License.
|
|
15261
15424
|
*/
|
|
15262
|
-
function preflightCheck(initialized, performanceEvent,
|
|
15425
|
+
function preflightCheck(initialized, performanceEvent, config, request) {
|
|
15263
15426
|
try {
|
|
15264
15427
|
preflightCheck$1(initialized);
|
|
15428
|
+
enforceResourceParameter(config.auth.isMcp, request);
|
|
15265
15429
|
}
|
|
15266
15430
|
catch (e) {
|
|
15267
|
-
performanceEvent.end({ success: false }, e, account);
|
|
15431
|
+
performanceEvent.end({ success: false }, e, request.account);
|
|
15268
15432
|
throw e;
|
|
15269
15433
|
}
|
|
15270
15434
|
}
|
|
@@ -15365,6 +15529,7 @@
|
|
|
15365
15529
|
this.eventHandler.emitEvent(EventType.INITIALIZE_START, correlationId);
|
|
15366
15530
|
// Broker applications are initialized twice, so we avoid double-counting it
|
|
15367
15531
|
this.logMultipleInstances(initMeasurement, correlationId);
|
|
15532
|
+
initMeasurement.add({ isMcp: this.config.auth.isMcp });
|
|
15368
15533
|
await invokeAsync(this.browserStorage.initialize.bind(this.browserStorage), InitializeCache, this.logger, this.performanceClient, correlationId)(correlationId);
|
|
15369
15534
|
if (allowPlatformBroker) {
|
|
15370
15535
|
try {
|
|
@@ -15542,6 +15707,7 @@
|
|
|
15542
15707
|
};
|
|
15543
15708
|
try {
|
|
15544
15709
|
redirectPreflightCheck(this.initialized, this.config);
|
|
15710
|
+
enforceResourceParameter(this.config.auth.isMcp, request);
|
|
15545
15711
|
this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN);
|
|
15546
15712
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Redirect, request);
|
|
15547
15713
|
let result;
|
|
@@ -15606,7 +15772,7 @@
|
|
|
15606
15772
|
});
|
|
15607
15773
|
try {
|
|
15608
15774
|
this.logger.verbose("0ch87b", correlationId);
|
|
15609
|
-
preflightCheck(this.initialized, atPopupMeasurement, request
|
|
15775
|
+
preflightCheck(this.initialized, atPopupMeasurement, this.config, request);
|
|
15610
15776
|
this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN, request.overrideInteractionInProgress, correlationId);
|
|
15611
15777
|
}
|
|
15612
15778
|
catch (e) {
|
|
@@ -15720,7 +15886,7 @@
|
|
|
15720
15886
|
this.ssoSilentMeasurement?.add({
|
|
15721
15887
|
scenarioId: request.scenarioId,
|
|
15722
15888
|
});
|
|
15723
|
-
preflightCheck(this.initialized, this.ssoSilentMeasurement,
|
|
15889
|
+
preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
|
|
15724
15890
|
this.ssoSilentMeasurement?.increment({
|
|
15725
15891
|
visibilityChangeCount: 0,
|
|
15726
15892
|
});
|
|
@@ -15784,7 +15950,7 @@
|
|
|
15784
15950
|
const correlationId = this.getRequestCorrelationId(request);
|
|
15785
15951
|
this.logger.trace("0ch6ga", correlationId);
|
|
15786
15952
|
const atbcMeasurement = this.performanceClient.startMeasurement(AcquireTokenByCode, correlationId);
|
|
15787
|
-
preflightCheck(this.initialized, atbcMeasurement);
|
|
15953
|
+
preflightCheck(this.initialized, atbcMeasurement, this.config, request);
|
|
15788
15954
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Silent, request);
|
|
15789
15955
|
atbcMeasurement.add({ scenarioId: request.scenarioId });
|
|
15790
15956
|
try {
|
|
@@ -16286,7 +16452,7 @@
|
|
|
16286
16452
|
cacheLookupPolicy: request.cacheLookupPolicy,
|
|
16287
16453
|
scenarioId: request.scenarioId,
|
|
16288
16454
|
});
|
|
16289
|
-
preflightCheck(this.initialized, atsMeasurement, request
|
|
16455
|
+
preflightCheck(this.initialized, atsMeasurement, this.config, request);
|
|
16290
16456
|
this.logger.verbose("0x1c4s", correlationId);
|
|
16291
16457
|
const account = request.account || this.getActiveAccount();
|
|
16292
16458
|
if (!account) {
|
|
@@ -16742,6 +16908,7 @@
|
|
|
16742
16908
|
platformBrokerId: request.account?.homeAccountId,
|
|
16743
16909
|
clientId: this.clientId,
|
|
16744
16910
|
authority: request.authority,
|
|
16911
|
+
resource: request.resource,
|
|
16745
16912
|
scope: scopes.join(" "),
|
|
16746
16913
|
correlationId,
|
|
16747
16914
|
claims: !StringUtils.isEmptyObj(claims) ? claims : undefined,
|
|
@@ -17012,6 +17179,7 @@
|
|
|
17012
17179
|
const atPopupMeasurement = this.performanceClient.startMeasurement(AcquireTokenPopup, correlationId);
|
|
17013
17180
|
atPopupMeasurement.add({ nestedAppAuthRequest: true });
|
|
17014
17181
|
try {
|
|
17182
|
+
enforceResourceParameter(this.config.auth.isMcp, validRequest);
|
|
17015
17183
|
const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
|
|
17016
17184
|
const reqTimestamp = nowSeconds();
|
|
17017
17185
|
const response = await this.bridgeProxy.getTokenInteractive(naaRequest);
|
|
@@ -17078,6 +17246,7 @@
|
|
|
17078
17246
|
nestedAppAuthRequest: true,
|
|
17079
17247
|
});
|
|
17080
17248
|
try {
|
|
17249
|
+
enforceResourceParameter(this.config.auth.isMcp, validRequest);
|
|
17081
17250
|
const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
|
|
17082
17251
|
naaRequest.forceRefresh = validRequest.forceRefresh;
|
|
17083
17252
|
const reqTimestamp = nowSeconds();
|
|
@@ -17212,6 +17381,14 @@
|
|
|
17212
17381
|
this.logger.verbose("18egye", correlationId);
|
|
17213
17382
|
return Promise.resolve(null);
|
|
17214
17383
|
}
|
|
17384
|
+
else if (authRequest.resource) {
|
|
17385
|
+
const requestedResource = authRequest.resource;
|
|
17386
|
+
const cachedResource = cachedAccessToken.resource;
|
|
17387
|
+
if (!cachedResource || cachedResource !== requestedResource) {
|
|
17388
|
+
this.logger.verbose("0qraxd", correlationId);
|
|
17389
|
+
return Promise.resolve(null);
|
|
17390
|
+
}
|
|
17391
|
+
}
|
|
17215
17392
|
const cachedIdToken = this.browserStorage.getIdToken(currentAccount, authRequest.correlationId, tokenKeys, currentAccount.tenantId);
|
|
17216
17393
|
if (!cachedIdToken) {
|
|
17217
17394
|
this.logger.verbose("0d68kd", correlationId);
|
|
@@ -18381,11 +18558,14 @@
|
|
|
18381
18558
|
return {
|
|
18382
18559
|
...inProgressEvent,
|
|
18383
18560
|
end: (event, error, account) => {
|
|
18561
|
+
const networkInfo = getNetworkInfo();
|
|
18384
18562
|
const res = inProgressEvent.end({
|
|
18385
18563
|
...event,
|
|
18386
18564
|
startPageVisibility,
|
|
18387
18565
|
endPageVisibility: this.getPageVisibility(),
|
|
18388
18566
|
durationMs: getPerfDurationMs(startTime),
|
|
18567
|
+
networkEffectiveType: networkInfo.effectiveType,
|
|
18568
|
+
networkRtt: networkInfo.rtt,
|
|
18389
18569
|
}, error, account);
|
|
18390
18570
|
void browserMeasurement?.then((measurement) => measurement.endMeasurement());
|
|
18391
18571
|
this.deleteIncompleteSubMeasurements(inProgressEvent);
|
|
@@ -18557,6 +18737,7 @@
|
|
|
18557
18737
|
exports.WrapperSKU = WrapperSKU;
|
|
18558
18738
|
exports.createNestablePublicClientApplication = createNestablePublicClientApplication;
|
|
18559
18739
|
exports.createStandardPublicClientApplication = createStandardPublicClientApplication;
|
|
18740
|
+
exports.enforceResourceParameter = enforceResourceParameter;
|
|
18560
18741
|
exports.isPlatformBrokerAvailable = isPlatformBrokerAvailable;
|
|
18561
18742
|
exports.loadExternalTokens = loadExternalTokens;
|
|
18562
18743
|
exports.stubbedPublicClientApplication = stubbedPublicClientApplication;
|