@azure/msal-browser 5.3.0 → 5.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (422) hide show
  1. package/README.md +1 -0
  2. package/dist/app/IPublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientApplication.mjs +1 -1
  4. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
  7. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  8. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  9. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  10. package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
  11. package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
  12. package/dist/cache/AccountManager.mjs +1 -1
  13. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  14. package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
  15. package/dist/cache/BrowserCacheManager.mjs +4 -1
  16. package/dist/cache/BrowserCacheManager.mjs.map +1 -1
  17. package/dist/cache/CacheHelpers.mjs +1 -1
  18. package/dist/cache/CacheKeys.mjs +1 -1
  19. package/dist/cache/CookieStorage.mjs +1 -1
  20. package/dist/cache/DatabaseStorage.mjs +1 -1
  21. package/dist/cache/EncryptedData.mjs +1 -1
  22. package/dist/cache/LocalStorage.mjs +1 -1
  23. package/dist/cache/MemoryStorage.mjs +1 -1
  24. package/dist/cache/SessionStorage.mjs +1 -1
  25. package/dist/cache/TokenCache.mjs +1 -1
  26. package/dist/config/Configuration.d.ts +4 -0
  27. package/dist/config/Configuration.d.ts.map +1 -1
  28. package/dist/config/Configuration.mjs +2 -1
  29. package/dist/config/Configuration.mjs.map +1 -1
  30. package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
  31. package/dist/controllers/NestedAppAuthController.mjs +12 -2
  32. package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
  33. package/dist/controllers/StandardController.d.ts.map +1 -1
  34. package/dist/controllers/StandardController.mjs +11 -8
  35. package/dist/controllers/StandardController.mjs.map +1 -1
  36. package/dist/crypto/BrowserCrypto.mjs +1 -1
  37. package/dist/crypto/CryptoOps.mjs +1 -1
  38. package/dist/crypto/PkceGenerator.mjs +1 -1
  39. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  40. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  41. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  42. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  43. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
  44. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  45. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  46. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  47. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
  48. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
  49. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  50. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  51. package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts.map +1 -1
  52. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +4 -1
  53. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs.map +1 -1
  54. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  55. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  56. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  57. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  58. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  59. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  60. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  61. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  62. package/dist/custom-auth-path/config/Configuration.d.ts +4 -0
  63. package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
  64. package/dist/custom-auth-path/config/Configuration.mjs +2 -1
  65. package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
  66. package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
  67. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  68. package/dist/custom-auth-path/controllers/StandardController.mjs +11 -8
  69. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  70. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  71. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  72. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  74. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  166. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  167. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  169. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  170. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  171. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  172. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  173. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  174. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  175. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  176. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  177. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  178. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  179. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  180. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  181. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  182. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  183. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  184. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  185. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  186. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  187. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  188. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  189. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  190. package/dist/custom-auth-path/index.d.ts +1 -1
  191. package/dist/custom-auth-path/index.d.ts.map +1 -1
  192. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  193. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  194. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  195. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
  196. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  197. package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
  198. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +5 -5
  199. package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
  200. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  201. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  202. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  203. package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
  204. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +3 -3
  205. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
  206. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  207. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  208. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +6 -1
  209. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
  210. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  211. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
  212. package/dist/custom-auth-path/log-strings-mapping.json +19 -3
  213. package/dist/custom-auth-path/naa/TokenRequest.d.ts +1 -0
  214. package/dist/custom-auth-path/naa/TokenRequest.d.ts.map +1 -1
  215. package/dist/custom-auth-path/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  216. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  217. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  218. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  219. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  220. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  221. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  222. package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
  223. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  224. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  225. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  226. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +1 -1
  227. package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  228. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  229. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  230. package/dist/custom-auth-path/utils/BrowserUtils.d.ts +2 -2
  231. package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
  232. package/dist/custom-auth-path/utils/BrowserUtils.mjs +12 -2
  233. package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
  234. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  235. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
  236. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  237. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
  238. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
  239. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  240. package/dist/encode/Base64Decode.mjs +1 -1
  241. package/dist/encode/Base64Encode.mjs +1 -1
  242. package/dist/error/BrowserAuthError.mjs +1 -1
  243. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  244. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  245. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  246. package/dist/error/NativeAuthError.mjs +1 -1
  247. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  248. package/dist/error/NestedAppAuthError.mjs +1 -1
  249. package/dist/event/EventHandler.mjs +1 -1
  250. package/dist/event/EventMessage.mjs +1 -1
  251. package/dist/event/EventType.mjs +1 -1
  252. package/dist/index.d.ts +1 -1
  253. package/dist/index.d.ts.map +1 -1
  254. package/dist/index.mjs +2 -2
  255. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  256. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  257. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  258. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
  259. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  260. package/dist/interaction_client/PopupClient.d.ts.map +1 -1
  261. package/dist/interaction_client/PopupClient.mjs +5 -5
  262. package/dist/interaction_client/PopupClient.mjs.map +1 -1
  263. package/dist/interaction_client/RedirectClient.mjs +1 -1
  264. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  265. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  266. package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
  267. package/dist/interaction_client/SilentIframeClient.mjs +3 -3
  268. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  269. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  270. package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  271. package/dist/interaction_client/StandardInteractionClient.mjs +6 -1
  272. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  273. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  274. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  275. package/dist/log-strings-mapping.json +23 -7
  276. package/dist/naa/BridgeError.mjs +1 -1
  277. package/dist/naa/BridgeProxy.mjs +1 -1
  278. package/dist/naa/BridgeStatusCode.mjs +1 -1
  279. package/dist/naa/TokenRequest.d.ts +1 -0
  280. package/dist/naa/TokenRequest.d.ts.map +1 -1
  281. package/dist/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  282. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +2 -1
  283. package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
  284. package/dist/navigation/NavigationClient.mjs +1 -1
  285. package/dist/network/FetchClient.mjs +1 -1
  286. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  287. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  288. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  289. package/dist/packageMetadata.d.ts +1 -1
  290. package/dist/packageMetadata.mjs +2 -2
  291. package/dist/protocol/Authorize.mjs +1 -1
  292. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  293. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
  294. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
  295. package/dist/redirect-bridge/cache/BrowserCacheManager.d.ts.map +1 -1
  296. package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
  297. package/dist/redirect-bridge/config/Configuration.d.ts +4 -0
  298. package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
  299. package/dist/redirect-bridge/config/Configuration.mjs +1 -1
  300. package/dist/redirect-bridge/controllers/NestedAppAuthController.d.ts.map +1 -1
  301. package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
  302. package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
  303. package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
  304. package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
  305. package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
  306. package/dist/redirect-bridge/index.d.ts +1 -1
  307. package/dist/redirect-bridge/index.d.ts.map +1 -1
  308. package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  309. package/dist/redirect-bridge/interaction_client/PopupClient.d.ts.map +1 -1
  310. package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
  311. package/dist/redirect-bridge/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  312. package/dist/redirect-bridge/naa/TokenRequest.d.ts +1 -0
  313. package/dist/redirect-bridge/naa/TokenRequest.d.ts.map +1 -1
  314. package/dist/redirect-bridge/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  315. package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
  316. package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
  317. package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
  318. package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  319. package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
  320. package/dist/redirect-bridge/utils/BrowserUtils.d.ts +2 -2
  321. package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -1
  322. package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
  323. package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -1
  324. package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts +10 -0
  325. package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  326. package/dist/request/RequestHelpers.mjs +1 -1
  327. package/dist/response/ResponseHandler.mjs +1 -1
  328. package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  329. package/dist/telemetry/BrowserPerformanceClient.mjs +5 -1
  330. package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
  331. package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
  332. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  333. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  334. package/dist/utils/BrowserConstants.mjs +1 -1
  335. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  336. package/dist/utils/BrowserUtils.d.ts +2 -2
  337. package/dist/utils/BrowserUtils.d.ts.map +1 -1
  338. package/dist/utils/BrowserUtils.mjs +12 -2
  339. package/dist/utils/BrowserUtils.mjs.map +1 -1
  340. package/dist/utils/Helpers.mjs +1 -1
  341. package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
  342. package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  343. package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
  344. package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
  345. package/lib/custom-auth-path/log-strings-mapping.json +19 -3
  346. package/lib/custom-auth-path/msal-custom-auth.cjs +192 -96
  347. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  348. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  349. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
  350. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
  351. package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts.map +1 -1
  352. package/lib/custom-auth-path/types/config/Configuration.d.ts +4 -0
  353. package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
  354. package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  355. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  356. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  357. package/lib/custom-auth-path/types/index.d.ts +1 -1
  358. package/lib/custom-auth-path/types/index.d.ts.map +1 -1
  359. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  360. package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
  361. package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  362. package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  363. package/lib/custom-auth-path/types/naa/TokenRequest.d.ts +1 -0
  364. package/lib/custom-auth-path/types/naa/TokenRequest.d.ts.map +1 -1
  365. package/lib/custom-auth-path/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  366. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  367. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  368. package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +2 -2
  369. package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
  370. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  371. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  372. package/lib/log-strings-mapping.json +23 -7
  373. package/lib/msal-browser.cjs +289 -108
  374. package/lib/msal-browser.cjs.map +1 -1
  375. package/lib/msal-browser.js +289 -108
  376. package/lib/msal-browser.js.map +1 -1
  377. package/lib/msal-browser.min.js +2 -2
  378. package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
  379. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
  380. package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
  381. package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  382. package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
  383. package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
  384. package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
  385. package/lib/types/config/Configuration.d.ts +4 -0
  386. package/lib/types/config/Configuration.d.ts.map +1 -1
  387. package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  388. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  389. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  390. package/lib/types/index.d.ts +1 -1
  391. package/lib/types/index.d.ts.map +1 -1
  392. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  393. package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
  394. package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  395. package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  396. package/lib/types/naa/TokenRequest.d.ts +1 -0
  397. package/lib/types/naa/TokenRequest.d.ts.map +1 -1
  398. package/lib/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  399. package/lib/types/packageMetadata.d.ts +1 -1
  400. package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  401. package/lib/types/utils/BrowserUtils.d.ts +2 -2
  402. package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
  403. package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  404. package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  405. package/package.json +2 -2
  406. package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +34 -17
  407. package/src/broker/nativeBroker/PlatformAuthRequest.ts +1 -0
  408. package/src/cache/BrowserCacheManager.ts +4 -0
  409. package/src/config/Configuration.ts +5 -0
  410. package/src/controllers/NestedAppAuthController.ts +14 -0
  411. package/src/controllers/StandardController.ts +13 -6
  412. package/src/index.ts +1 -0
  413. package/src/interaction_client/PlatformAuthInteractionClient.ts +1 -0
  414. package/src/interaction_client/PopupClient.ts +8 -4
  415. package/src/interaction_client/SilentIframeClient.ts +4 -2
  416. package/src/interaction_client/StandardInteractionClient.ts +11 -0
  417. package/src/naa/TokenRequest.ts +1 -0
  418. package/src/naa/mapping/NestedAppAuthAdapter.ts +1 -0
  419. package/src/packageMetadata.ts +1 -1
  420. package/src/telemetry/BrowserPerformanceClient.ts +4 -0
  421. package/src/utils/BrowserUtils.ts +24 -1
  422. package/src/utils/MsalFrameStatsUtils.ts +27 -0
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-browser v5.3.0 2026-02-24 */
1
+ /*! @azure/msal-browser v5.5.0 2026-03-13 */
2
2
  'use strict';
3
3
  (function (global, factory) {
4
4
  typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
@@ -6,7 +6,7 @@
6
6
  (global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
7
7
  })(this, (function (exports) { 'use strict';
8
8
 
9
- /*! @azure/msal-common v16.1.0 2026-02-24 */
9
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
10
10
  /*
11
11
  * Copyright (c) Microsoft Corporation. All rights reserved.
12
12
  * Licensed under the MIT License.
@@ -238,7 +238,7 @@
238
238
  // Token renewal offset default in seconds
239
239
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
240
240
 
241
- /*! @azure/msal-common v16.1.0 2026-02-24 */
241
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
242
242
  /*
243
243
  * Copyright (c) Microsoft Corporation. All rights reserved.
244
244
  * Licensed under the MIT License.
@@ -286,9 +286,10 @@
286
286
  const BROKER_REDIRECT_URI = "brk_redirect_uri";
287
287
  const INSTANCE_AWARE = "instance_aware";
288
288
  const EAR_JWK = "ear_jwk";
289
- const EAR_JWE_CRYPTO = "ear_jwe_crypto";
289
+ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
290
+ const RESOURCE = "resource";
290
291
 
291
- /*! @azure/msal-common v16.1.0 2026-02-24 */
292
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
292
293
  /*
293
294
  * Copyright (c) Microsoft Corporation. All rights reserved.
294
295
  * Licensed under the MIT License.
@@ -319,7 +320,7 @@
319
320
  return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
320
321
  }
321
322
 
322
- /*! @azure/msal-common v16.1.0 2026-02-24 */
323
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
323
324
 
324
325
  /*
325
326
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -339,7 +340,7 @@
339
340
  return new ClientConfigurationError(errorCode);
340
341
  }
341
342
 
342
- /*! @azure/msal-common v16.1.0 2026-02-24 */
343
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
343
344
  /*
344
345
  * Copyright (c) Microsoft Corporation. All rights reserved.
345
346
  * Licensed under the MIT License.
@@ -419,7 +420,7 @@
419
420
  }
420
421
  }
421
422
 
422
- /*! @azure/msal-common v16.1.0 2026-02-24 */
423
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
423
424
 
424
425
  /*
425
426
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -442,7 +443,7 @@
442
443
  return new ClientAuthError(errorCode, additionalMessage);
443
444
  }
444
445
 
445
- /*! @azure/msal-common v16.1.0 2026-02-24 */
446
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
446
447
  /*
447
448
  * Copyright (c) Microsoft Corporation. All rights reserved.
448
449
  * Licensed under the MIT License.
@@ -496,7 +497,7 @@
496
497
  urlParseError: urlParseError
497
498
  });
498
499
 
499
- /*! @azure/msal-common v16.1.0 2026-02-24 */
500
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
500
501
  /*
501
502
  * Copyright (c) Microsoft Corporation. All rights reserved.
502
503
  * Licensed under the MIT License.
@@ -537,7 +538,9 @@
537
538
  const userCanceled = "user_canceled";
538
539
  const methodNotImplemented = "method_not_implemented";
539
540
  const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
540
- const platformBrokerError = "platform_broker_error";
541
+ const platformBrokerError = "platform_broker_error";
542
+ const resourceParameterRequired = "resource_parameter_required";
543
+ const misplacedResourceParam = "misplaced_resource_parameter";
541
544
 
542
545
  var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
543
546
  __proto__: null,
@@ -558,6 +561,7 @@
558
561
  keyIdMissing: keyIdMissing,
559
562
  maxAgeTranspired: maxAgeTranspired,
560
563
  methodNotImplemented: methodNotImplemented,
564
+ misplacedResourceParam: misplacedResourceParam,
561
565
  multipleMatchingAppMetadata: multipleMatchingAppMetadata,
562
566
  multipleMatchingTokens: multipleMatchingTokens,
563
567
  nestedAppAuthBridgeDisabled: nestedAppAuthBridgeDisabled,
@@ -571,6 +575,7 @@
571
575
  openIdConfigError: openIdConfigError,
572
576
  platformBrokerError: platformBrokerError,
573
577
  requestCannotBeMade: requestCannotBeMade,
578
+ resourceParameterRequired: resourceParameterRequired,
574
579
  stateMismatch: stateMismatch,
575
580
  stateNotFound: stateNotFound,
576
581
  tokenClaimsCnfRequiredForSignedJwt: tokenClaimsCnfRequiredForSignedJwt,
@@ -580,7 +585,7 @@
580
585
  userCanceled: userCanceled
581
586
  });
582
587
 
583
- /*! @azure/msal-common v16.1.0 2026-02-24 */
588
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
584
589
 
585
590
  /*
586
591
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -775,7 +780,7 @@
775
780
  }
776
781
  }
777
782
 
778
- /*! @azure/msal-common v16.1.0 2026-02-24 */
783
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
779
784
 
780
785
  /*
781
786
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1140,9 +1145,14 @@
1140
1145
  // ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
1141
1146
  const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
1142
1147
  parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
1148
+ }
1149
+ function addResource(parameters, resource) {
1150
+ if (resource) {
1151
+ parameters.set(RESOURCE, resource);
1152
+ }
1143
1153
  }
1144
1154
 
1145
- /*! @azure/msal-common v16.1.0 2026-02-24 */
1155
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1146
1156
 
1147
1157
  /*
1148
1158
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1251,7 +1261,7 @@
1251
1261
  }
1252
1262
  }
1253
1263
 
1254
- /*! @azure/msal-common v16.1.0 2026-02-24 */
1264
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1255
1265
 
1256
1266
  /*
1257
1267
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1290,7 +1300,7 @@
1290
1300
  },
1291
1301
  };
1292
1302
 
1293
- /*! @azure/msal-common v16.1.0 2026-02-24 */
1303
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1294
1304
  /*
1295
1305
  * Copyright (c) Microsoft Corporation. All rights reserved.
1296
1306
  * Licensed under the MIT License.
@@ -1565,12 +1575,12 @@
1565
1575
  }
1566
1576
  }
1567
1577
 
1568
- /*! @azure/msal-common v16.1.0 2026-02-24 */
1578
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1569
1579
  /* eslint-disable header/header */
1570
1580
  const name$1 = "@azure/msal-common";
1571
- const version$1 = "16.1.0";
1581
+ const version$1 = "16.3.0";
1572
1582
 
1573
- /*! @azure/msal-common v16.1.0 2026-02-24 */
1583
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1574
1584
  /*
1575
1585
  * Copyright (c) Microsoft Corporation. All rights reserved.
1576
1586
  * Licensed under the MIT License.
@@ -1590,7 +1600,7 @@
1590
1600
  AzureUsGovernment: "https://login.microsoftonline.us",
1591
1601
  };
1592
1602
 
1593
- /*! @azure/msal-common v16.1.0 2026-02-24 */
1603
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1594
1604
  /*
1595
1605
  * Copyright (c) Microsoft Corporation. All rights reserved.
1596
1606
  * Licensed under the MIT License.
@@ -1672,7 +1682,7 @@
1672
1682
  return updatedAccountInfo;
1673
1683
  }
1674
1684
 
1675
- /*! @azure/msal-common v16.1.0 2026-02-24 */
1685
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1676
1686
 
1677
1687
  /*
1678
1688
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1752,7 +1762,7 @@
1752
1762
  }
1753
1763
  }
1754
1764
 
1755
- /*! @azure/msal-common v16.1.0 2026-02-24 */
1765
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1756
1766
 
1757
1767
  /*
1758
1768
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1909,7 +1919,7 @@
1909
1919
  }
1910
1920
  }
1911
1921
 
1912
- /*! @azure/msal-common v16.1.0 2026-02-24 */
1922
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1913
1923
 
1914
1924
  /*
1915
1925
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2066,7 +2076,7 @@
2066
2076
  return null;
2067
2077
  }
2068
2078
 
2069
- /*! @azure/msal-common v16.1.0 2026-02-24 */
2079
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2070
2080
  /*
2071
2081
  * Copyright (c) Microsoft Corporation. All rights reserved.
2072
2082
  * Licensed under the MIT License.
@@ -2074,7 +2084,7 @@
2074
2084
  const cacheQuotaExceeded = "cache_quota_exceeded";
2075
2085
  const cacheErrorUnknown = "cache_error_unknown";
2076
2086
 
2077
- /*! @azure/msal-common v16.1.0 2026-02-24 */
2087
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2078
2088
 
2079
2089
  /*
2080
2090
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2112,7 +2122,7 @@
2112
2122
  }
2113
2123
  }
2114
2124
 
2115
- /*! @azure/msal-common v16.1.0 2026-02-24 */
2125
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2116
2126
 
2117
2127
  /*
2118
2128
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2150,7 +2160,7 @@
2150
2160
  };
2151
2161
  }
2152
2162
 
2153
- /*! @azure/msal-common v16.1.0 2026-02-24 */
2163
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2154
2164
  /*
2155
2165
  * Copyright (c) Microsoft Corporation. All rights reserved.
2156
2166
  * Licensed under the MIT License.
@@ -2165,7 +2175,7 @@
2165
2175
  Ciam: 3,
2166
2176
  };
2167
2177
 
2168
- /*! @azure/msal-common v16.1.0 2026-02-24 */
2178
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2169
2179
  /*
2170
2180
  * Copyright (c) Microsoft Corporation. All rights reserved.
2171
2181
  * Licensed under the MIT License.
@@ -2187,7 +2197,7 @@
2187
2197
  return null;
2188
2198
  }
2189
2199
 
2190
- /*! @azure/msal-common v16.1.0 2026-02-24 */
2200
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2191
2201
  /*
2192
2202
  * Copyright (c) Microsoft Corporation. All rights reserved.
2193
2203
  * Licensed under the MIT License.
@@ -2211,7 +2221,7 @@
2211
2221
  EAR: "EAR",
2212
2222
  };
2213
2223
 
2214
- /*! @azure/msal-common v16.1.0 2026-02-24 */
2224
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2215
2225
  /**
2216
2226
  * Returns the AccountInfo interface for this account.
2217
2227
  */
@@ -2386,7 +2396,7 @@
2386
2396
  entity.hasOwnProperty("authorityType"));
2387
2397
  }
2388
2398
 
2389
- /*! @azure/msal-common v16.1.0 2026-02-24 */
2399
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2390
2400
 
2391
2401
  /*
2392
2402
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3483,7 +3493,7 @@
3483
3493
  }
3484
3494
  }
3485
3495
 
3486
- /*! @azure/msal-common v16.1.0 2026-02-24 */
3496
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3487
3497
  /*
3488
3498
  * Copyright (c) Microsoft Corporation. All rights reserved.
3489
3499
  * Licensed under the MIT License.
@@ -3498,6 +3508,12 @@
3498
3508
  InProgress: 1,
3499
3509
  Completed: 2,
3500
3510
  };
3511
+ /**
3512
+ * Prefix used to mark telemetry field names as dynamic.
3513
+ * Fields with this prefix in addFields/incrementFields calls will be routed
3514
+ * to the PerformanceEvent.ext sub-object.
3515
+ */
3516
+ const EXT_FIELD_PREFIX = "ext.";
3501
3517
  const IntFields = new Set([
3502
3518
  "accessTokenSize",
3503
3519
  "durationMs",
@@ -3522,9 +3538,12 @@
3522
3538
  "currRefreshCount",
3523
3539
  "expiredCacheRemovedCount",
3524
3540
  "upgradedCacheCount",
3541
+ "networkRtt",
3542
+ "redirectBridgeTimeoutMs",
3543
+ "redirectBridgeMessageVersion",
3525
3544
  ]);
3526
3545
 
3527
- /*! @azure/msal-common v16.1.0 2026-02-24 */
3546
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3528
3547
 
3529
3548
  /*
3530
3549
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3579,7 +3598,7 @@
3579
3598
  }
3580
3599
  }
3581
3600
 
3582
- /*! @azure/msal-common v16.1.0 2026-02-24 */
3601
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3583
3602
 
3584
3603
  /*
3585
3604
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3662,6 +3681,7 @@
3662
3681
  clientCapabilities: [],
3663
3682
  azureCloudOptions: DEFAULT_AZURE_CLOUD_OPTIONS,
3664
3683
  instanceAware: false,
3684
+ isMcp: false,
3665
3685
  ...authOptions,
3666
3686
  };
3667
3687
  }
@@ -3673,7 +3693,7 @@
3673
3693
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3674
3694
  }
3675
3695
 
3676
- /*! @azure/msal-common v16.1.0 2026-02-24 */
3696
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3677
3697
 
3678
3698
  /*
3679
3699
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3692,7 +3712,7 @@
3692
3712
  }
3693
3713
  }
3694
3714
 
3695
- /*! @azure/msal-common v16.1.0 2026-02-24 */
3715
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3696
3716
  /*
3697
3717
  * Copyright (c) Microsoft Corporation. All rights reserved.
3698
3718
  * Licensed under the MIT License.
@@ -3756,7 +3776,7 @@
3756
3776
  uxNotAllowed: uxNotAllowed
3757
3777
  });
3758
3778
 
3759
- /*! @azure/msal-common v16.1.0 2026-02-24 */
3779
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3760
3780
 
3761
3781
  /*
3762
3782
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3824,7 +3844,7 @@
3824
3844
  return new InteractionRequiredAuthError(errorCode, errorMessage);
3825
3845
  }
3826
3846
 
3827
- /*! @azure/msal-common v16.1.0 2026-02-24 */
3847
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3828
3848
 
3829
3849
  /*
3830
3850
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3892,7 +3912,7 @@
3892
3912
  }
3893
3913
  }
3894
3914
 
3895
- /*! @azure/msal-common v16.1.0 2026-02-24 */
3915
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3896
3916
  /*
3897
3917
  * Copyright (c) Microsoft Corporation. All rights reserved.
3898
3918
  * Licensed under the MIT License.
@@ -3957,7 +3977,7 @@
3957
3977
  return cachedAtSec > nowSeconds();
3958
3978
  }
3959
3979
 
3960
- /*! @azure/msal-common v16.1.0 2026-02-24 */
3980
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3961
3981
  /*
3962
3982
  * Copyright (c) Microsoft Corporation. All rights reserved.
3963
3983
  * Licensed under the MIT License.
@@ -4028,7 +4048,7 @@
4028
4048
  const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
4029
4049
  const SetUserData = "setUserData";
4030
4050
 
4031
- /*! @azure/msal-common v16.1.0 2026-02-24 */
4051
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4032
4052
  /*
4033
4053
  * Copyright (c) Microsoft Corporation. All rights reserved.
4034
4054
  * Licensed under the MIT License.
@@ -4051,8 +4071,7 @@
4051
4071
  const inProgressEvent = telemetryClient.startMeasurement(eventName, correlationId);
4052
4072
  if (correlationId) {
4053
4073
  // Track number of times this API is called in a single request
4054
- const eventCount = eventName + "CallCount";
4055
- telemetryClient.incrementFields({ [eventCount]: 1 }, correlationId);
4074
+ telemetryClient.incrementFields({ [`ext.${eventName}CallCount`]: 1 }, correlationId);
4056
4075
  }
4057
4076
  try {
4058
4077
  const result = callback(...args);
@@ -4096,8 +4115,7 @@
4096
4115
  const inProgressEvent = telemetryClient.startMeasurement(eventName, correlationId);
4097
4116
  if (correlationId) {
4098
4117
  // Track number of times this API is called in a single request
4099
- const eventCount = eventName + "CallCount";
4100
- telemetryClient.incrementFields({ [eventCount]: 1 }, correlationId);
4118
+ telemetryClient.incrementFields({ [`ext.${eventName}CallCount`]: 1 }, correlationId);
4101
4119
  }
4102
4120
  return callback(...args)
4103
4121
  .then((response) => {
@@ -4123,7 +4141,7 @@
4123
4141
  };
4124
4142
  };
4125
4143
 
4126
- /*! @azure/msal-common v16.1.0 2026-02-24 */
4144
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4127
4145
 
4128
4146
  /*
4129
4147
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4203,7 +4221,7 @@
4203
4221
  }
4204
4222
  }
4205
4223
 
4206
- /*! @azure/msal-common v16.1.0 2026-02-24 */
4224
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4207
4225
  /*
4208
4226
  * Copyright (c) Microsoft Corporation. All rights reserved.
4209
4227
  * Licensed under the MIT License.
@@ -4230,7 +4248,7 @@
4230
4248
  }
4231
4249
  }
4232
4250
 
4233
- /*! @azure/msal-common v16.1.0 2026-02-24 */
4251
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4234
4252
 
4235
4253
  /*
4236
4254
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4489,7 +4507,7 @@
4489
4507
  return metadata.expiresAt <= nowSeconds();
4490
4508
  }
4491
4509
 
4492
- /*! @azure/msal-common v16.1.0 2026-02-24 */
4510
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4493
4511
 
4494
4512
  /*
4495
4513
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4674,6 +4692,11 @@
4674
4692
  : undefined;
4675
4693
  // non AAD scenarios can have empty realm
4676
4694
  cachedAccessToken = createAccessTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.access_token, this.clientId, claimsTenantId || authority.tenant || "", responseScopes.printScopes(), tokenExpirationSeconds, extendedTokenExpirationSeconds, this.cryptoObj.base64Decode, refreshOnSeconds, serverTokenResponse.token_type, userAssertionHash, serverTokenResponse.key_id);
4695
+ // Set resource (to be used for MCP scenarios)
4696
+ const resource = request.resource || null;
4697
+ if (resource) {
4698
+ cachedAccessToken.resource = resource;
4699
+ }
4677
4700
  }
4678
4701
  // refreshToken
4679
4702
  let cachedRefreshToken = null;
@@ -4825,7 +4848,7 @@
4825
4848
  return baseAccount;
4826
4849
  }
4827
4850
 
4828
- /*! @azure/msal-common v16.1.0 2026-02-24 */
4851
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4829
4852
  /*
4830
4853
  * Copyright (c) Microsoft Corporation. All rights reserved.
4831
4854
  * Licensed under the MIT License.
@@ -4835,7 +4858,7 @@
4835
4858
  UPN: "UPN",
4836
4859
  };
4837
4860
 
4838
- /*! @azure/msal-common v16.1.0 2026-02-24 */
4861
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4839
4862
  /*
4840
4863
  * Copyright (c) Microsoft Corporation. All rights reserved.
4841
4864
  * Licensed under the MIT License.
@@ -4853,7 +4876,7 @@
4853
4876
  }
4854
4877
  }
4855
4878
 
4856
- /*! @azure/msal-common v16.1.0 2026-02-24 */
4879
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4857
4880
  /*
4858
4881
  * Copyright (c) Microsoft Corporation. All rights reserved.
4859
4882
  * Licensed under the MIT License.
@@ -4874,7 +4897,7 @@
4874
4897
  };
4875
4898
  }
4876
4899
 
4877
- /*! @azure/msal-common v16.1.0 2026-02-24 */
4900
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4878
4901
 
4879
4902
  /*
4880
4903
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4960,7 +4983,7 @@
4960
4983
  }
4961
4984
  }
4962
4985
 
4963
- /*! @azure/msal-common v16.1.0 2026-02-24 */
4986
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4964
4987
 
4965
4988
  /*
4966
4989
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4991,7 +5014,7 @@
4991
5014
  return new NetworkError(error, httpStatus, responseHeaders);
4992
5015
  }
4993
5016
 
4994
- /*! @azure/msal-common v16.1.0 2026-02-24 */
5017
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4995
5018
 
4996
5019
  /*
4997
5020
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5105,7 +5128,7 @@
5105
5128
  return response;
5106
5129
  }
5107
5130
 
5108
- /*! @azure/msal-common v16.1.0 2026-02-24 */
5131
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
5109
5132
  /*
5110
5133
  * Copyright (c) Microsoft Corporation. All rights reserved.
5111
5134
  * Licensed under the MIT License.
@@ -5117,7 +5140,7 @@
5117
5140
  response.hasOwnProperty("jwks_uri"));
5118
5141
  }
5119
5142
 
5120
- /*! @azure/msal-common v16.1.0 2026-02-24 */
5143
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
5121
5144
  /*
5122
5145
  * Copyright (c) Microsoft Corporation. All rights reserved.
5123
5146
  * Licensed under the MIT License.
@@ -5127,7 +5150,7 @@
5127
5150
  response.hasOwnProperty("metadata"));
5128
5151
  }
5129
5152
 
5130
- /*! @azure/msal-common v16.1.0 2026-02-24 */
5153
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
5131
5154
  /*
5132
5155
  * Copyright (c) Microsoft Corporation. All rights reserved.
5133
5156
  * Licensed under the MIT License.
@@ -5137,7 +5160,7 @@
5137
5160
  response.hasOwnProperty("error_description"));
5138
5161
  }
5139
5162
 
5140
- /*! @azure/msal-common v16.1.0 2026-02-24 */
5163
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
5141
5164
 
5142
5165
  /*
5143
5166
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5242,7 +5265,7 @@
5242
5265
  },
5243
5266
  };
5244
5267
 
5245
- /*! @azure/msal-common v16.1.0 2026-02-24 */
5268
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
5246
5269
 
5247
5270
  /*
5248
5271
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6062,7 +6085,7 @@
6062
6085
  };
6063
6086
  }
6064
6087
 
6065
- /*! @azure/msal-common v16.1.0 2026-02-24 */
6088
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6066
6089
 
6067
6090
  /*
6068
6091
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6096,7 +6119,7 @@
6096
6119
  }
6097
6120
  }
6098
6121
 
6099
- /*! @azure/msal-common v16.1.0 2026-02-24 */
6122
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6100
6123
 
6101
6124
  /*
6102
6125
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6216,6 +6239,7 @@
6216
6239
  }
6217
6240
  // Add scope array, parameter builder will add default scopes and dedupe
6218
6241
  addScopes(parameters, request.scopes, true, this.oidcDefaultScopes);
6242
+ addResource(parameters, request.resource);
6219
6243
  // add code: user set, not validated
6220
6244
  addAuthorizationCode(parameters, request.code);
6221
6245
  // Add library metadata
@@ -6356,7 +6380,7 @@
6356
6380
  }
6357
6381
  }
6358
6382
 
6359
- /*! @azure/msal-common v16.1.0 2026-02-24 */
6383
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6360
6384
 
6361
6385
  /*
6362
6386
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6581,7 +6605,7 @@
6581
6605
  }
6582
6606
  }
6583
6607
 
6584
- /*! @azure/msal-common v16.1.0 2026-02-24 */
6608
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6585
6609
 
6586
6610
  /*
6587
6611
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6637,6 +6661,13 @@
6637
6661
  this.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED, request.correlationId);
6638
6662
  throw createClientAuthError(tokenRefreshRequired);
6639
6663
  }
6664
+ else if (request.resource) {
6665
+ // cached access token must have a resource that matches the request resource for MCP scenarios
6666
+ if (cachedAccessToken.resource !== request.resource) {
6667
+ this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
6668
+ throw createClientAuthError(tokenRefreshRequired);
6669
+ }
6670
+ }
6640
6671
  else if (cachedAccessToken.refreshOn &&
6641
6672
  isTokenExpired(cachedAccessToken.refreshOn, 0)) {
6642
6673
  // must refresh (in the background) due to the refresh_in value
@@ -6690,7 +6721,7 @@
6690
6721
  }
6691
6722
  }
6692
6723
 
6693
- /*! @azure/msal-common v16.1.0 2026-02-24 */
6724
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6694
6725
 
6695
6726
  /*
6696
6727
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6705,7 +6736,7 @@
6705
6736
  },
6706
6737
  };
6707
6738
 
6708
- /*! @azure/msal-common v16.1.0 2026-02-24 */
6739
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6709
6740
 
6710
6741
  /*
6711
6742
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6731,6 +6762,7 @@
6731
6762
  ...(request.extraScopesToConsent || []),
6732
6763
  ];
6733
6764
  addScopes(parameters, requestScopes, true, authOptions.authority.options.OIDCOptions?.defaultScopes);
6765
+ addResource(parameters, request.resource);
6734
6766
  addRedirectUri(parameters, request.redirectUri);
6735
6767
  addCorrelationId(parameters, correlationId);
6736
6768
  // add response_mode. If not passed in it defaults to query.
@@ -6929,7 +6961,40 @@
6929
6961
  return account.loginHint || account.idTokenClaims?.login_hint || null;
6930
6962
  }
6931
6963
 
6932
- /*! @azure/msal-common v16.1.0 2026-02-24 */
6964
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6965
+
6966
+ /*
6967
+ * Copyright (c) Microsoft Corporation. All rights reserved.
6968
+ * Licensed under the MIT License.
6969
+ */
6970
+ /**
6971
+ * Helper to enforce resource parameter presence in token requests when isMcp is set in the configuration.
6972
+ * If resource parameter is set in both the request and in extraQueryParameters or extraParameters, an error will be thrown.
6973
+ * This is used for MCP flows.
6974
+ * @param isMcp - Flag indicating if application is an MCP app, from configuration
6975
+ * @param request - Auth request
6976
+ */
6977
+ function enforceResourceParameter(isMcp, request) {
6978
+ if (!isMcp) {
6979
+ return;
6980
+ }
6981
+ if (request.resource &&
6982
+ (containsResourceParam(request.extraParameters) ||
6983
+ containsResourceParam(request.extraQueryParameters))) {
6984
+ throw createClientAuthError(misplacedResourceParam);
6985
+ }
6986
+ if (!request.resource) {
6987
+ throw createClientAuthError(resourceParameterRequired);
6988
+ }
6989
+ }
6990
+ function containsResourceParam(params) {
6991
+ if (!params) {
6992
+ return false;
6993
+ }
6994
+ return Object.prototype.hasOwnProperty.call(params, "resource");
6995
+ }
6996
+
6997
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6933
6998
 
6934
6999
  /*
6935
7000
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6987,7 +7052,7 @@
6987
7052
  }
6988
7053
  }
6989
7054
 
6990
- /*! @azure/msal-common v16.1.0 2026-02-24 */
7055
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6991
7056
  /*
6992
7057
  * Copyright (c) Microsoft Corporation. All rights reserved.
6993
7058
  * Licensed under the MIT License.
@@ -7004,7 +7069,7 @@
7004
7069
  unexpectedError: unexpectedError
7005
7070
  });
7006
7071
 
7007
- /*! @azure/msal-common v16.1.0 2026-02-24 */
7072
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
7008
7073
 
7009
7074
  /*
7010
7075
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7265,7 +7330,7 @@
7265
7330
  }
7266
7331
  }
7267
7332
 
7268
- /*! @azure/msal-common v16.1.0 2026-02-24 */
7333
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
7269
7334
 
7270
7335
  /*
7271
7336
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7286,7 +7351,7 @@
7286
7351
  return new JoseHeaderError(code);
7287
7352
  }
7288
7353
 
7289
- /*! @azure/msal-common v16.1.0 2026-02-24 */
7354
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
7290
7355
  /*
7291
7356
  * Copyright (c) Microsoft Corporation. All rights reserved.
7292
7357
  * Licensed under the MIT License.
@@ -7294,7 +7359,7 @@
7294
7359
  const missingKidError = "missing_kid_error";
7295
7360
  const missingAlgError = "missing_alg_error";
7296
7361
 
7297
- /*! @azure/msal-common v16.1.0 2026-02-24 */
7362
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
7298
7363
 
7299
7364
  /*
7300
7365
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7334,7 +7399,7 @@
7334
7399
  }
7335
7400
  }
7336
7401
 
7337
- /*! @azure/msal-common v16.1.0 2026-02-24 */
7402
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
7338
7403
 
7339
7404
  /*
7340
7405
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7633,9 +7698,13 @@
7633
7698
  if (error) {
7634
7699
  addError(error, this.logger, rootEvent);
7635
7700
  }
7636
- // Add sub-measurement attribute to root event.
7701
+ // Add sub-measurement attribute to root event's ext field.
7637
7702
  if (!isRoot) {
7638
- rootEvent[event.name + "DurationMs"] = Math.floor(event.durationMs);
7703
+ rootEvent.ext = {
7704
+ ...rootEvent.ext,
7705
+ ...event.ext,
7706
+ };
7707
+ rootEvent.ext[event.name + "DurationMs"] = Math.floor(event.durationMs);
7639
7708
  return { ...rootEvent };
7640
7709
  }
7641
7710
  if (isRoot &&
@@ -7681,10 +7750,32 @@
7681
7750
  addFields(fields, correlationId) {
7682
7751
  const event = this.eventsByCorrelationId.get(correlationId);
7683
7752
  if (event) {
7684
- this.eventsByCorrelationId.set(correlationId, {
7753
+ const staticFields = {};
7754
+ const dynamicFields = {};
7755
+ for (const key in fields) {
7756
+ if (key.startsWith(EXT_FIELD_PREFIX)) {
7757
+ const dynamicKey = key.slice(EXT_FIELD_PREFIX.length);
7758
+ const value = fields[key];
7759
+ if (typeof value === "string" ||
7760
+ typeof value === "number") {
7761
+ dynamicFields[dynamicKey] = value;
7762
+ }
7763
+ }
7764
+ else {
7765
+ staticFields[key] = fields[key];
7766
+ }
7767
+ }
7768
+ const updatedEvent = {
7685
7769
  ...event,
7686
- ...fields,
7687
- });
7770
+ ...staticFields,
7771
+ };
7772
+ if (Object.keys(dynamicFields).length) {
7773
+ updatedEvent.ext = {
7774
+ ...updatedEvent.ext,
7775
+ ...dynamicFields,
7776
+ };
7777
+ }
7778
+ this.eventsByCorrelationId.set(correlationId, updatedEvent);
7688
7779
  }
7689
7780
  else {
7690
7781
  this.logger.trace("0thl6s", correlationId);
@@ -7699,13 +7790,32 @@
7699
7790
  const event = this.eventsByCorrelationId.get(correlationId);
7700
7791
  if (event) {
7701
7792
  for (const counter in fields) {
7702
- if (!event.hasOwnProperty(counter)) {
7703
- event[counter] = 0;
7793
+ if (counter.startsWith(EXT_FIELD_PREFIX)) {
7794
+ event.ext = event.ext || {};
7795
+ // Route to ext sub-object
7796
+ const dynamicKey = counter.slice(EXT_FIELD_PREFIX.length);
7797
+ const currentValue = event.ext[dynamicKey];
7798
+ if (currentValue === undefined) {
7799
+ event.ext[dynamicKey] = 0;
7800
+ }
7801
+ else if (isNaN(Number(currentValue))) {
7802
+ return;
7803
+ }
7804
+ event.ext[dynamicKey] =
7805
+ (Number(event.ext[dynamicKey]) || 0) +
7806
+ (fields[counter] ?? 0);
7704
7807
  }
7705
- else if (isNaN(Number(event[counter]))) {
7706
- return;
7808
+ else {
7809
+ /* eslint-disable custom-msal/no-dynamic-telemetry-fields -- internal dispatching of static fields by name */
7810
+ if (!event.hasOwnProperty(counter)) {
7811
+ event[counter] = 0;
7812
+ }
7813
+ else if (isNaN(Number(event[counter]))) {
7814
+ return;
7815
+ }
7816
+ event[counter] += fields[counter];
7817
+ /* eslint-enable custom-msal/no-dynamic-telemetry-fields */
7707
7818
  }
7708
- event[counter] += fields[counter];
7709
7819
  }
7710
7820
  }
7711
7821
  else {
@@ -7798,9 +7908,11 @@
7798
7908
  */
7799
7909
  truncateIntegralFields(event) {
7800
7910
  this.intFields.forEach((key) => {
7911
+ /* eslint-disable custom-msal/no-dynamic-telemetry-fields -- internal truncation of known integer fields */
7801
7912
  if (key in event && typeof event[key] === "number") {
7802
7913
  event[key] = Math.floor(event[key]);
7803
7914
  }
7915
+ /* eslint-enable custom-msal/no-dynamic-telemetry-fields */
7804
7916
  });
7805
7917
  }
7806
7918
  /**
@@ -8721,9 +8833,13 @@
8721
8833
  activeBridgeMonitor = null;
8722
8834
  }
8723
8835
  }
8724
- async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request) {
8836
+ async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient) {
8725
8837
  return new Promise((resolve, reject) => {
8726
8838
  logger.verbose("1rf6em", request.correlationId);
8839
+ const correlationId = request.correlationId;
8840
+ performanceClient.addFields({
8841
+ redirectBridgeTimeoutMs: timeoutMs,
8842
+ }, correlationId);
8727
8843
  const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
8728
8844
  const channel = new BroadcastChannel(libraryState.id);
8729
8845
  let responseString = undefined;
@@ -8741,6 +8857,12 @@
8741
8857
  };
8742
8858
  channel.onmessage = (event) => {
8743
8859
  responseString = event.data.payload;
8860
+ const messageVersion = event?.data && typeof event.data.v === "number"
8861
+ ? event.data.v
8862
+ : undefined;
8863
+ performanceClient.addFields({
8864
+ redirectBridgeMessageVersion: messageVersion,
8865
+ }, correlationId);
8744
8866
  // Clear the active monitor
8745
8867
  activeBridgeMonitor = null;
8746
8868
  clearTimeout(timeoutId);
@@ -10160,7 +10282,7 @@
10160
10282
 
10161
10283
  /* eslint-disable header/header */
10162
10284
  const name = "@azure/msal-browser";
10163
- const version = "5.3.0";
10285
+ const version = "5.5.0";
10164
10286
 
10165
10287
  /*
10166
10288
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -11475,6 +11597,9 @@
11475
11597
  : 0, base64Decode, undefined, // refreshOn
11476
11598
  result.tokenType, undefined, // userAssertionHash
11477
11599
  request.sshKid);
11600
+ if (request.resource) {
11601
+ accessTokenEntity.resource = request.resource;
11602
+ }
11478
11603
  const cacheRecord = {
11479
11604
  idToken: idTokenEntity,
11480
11605
  accessToken: accessTokenEntity,
@@ -12027,6 +12152,7 @@
12027
12152
  authority: discoveredAuthority,
12028
12153
  clientCapabilities: this.config.auth.clientCapabilities,
12029
12154
  redirectUri: this.config.auth.redirectUri,
12155
+ isMcp: this.config.auth.isMcp,
12030
12156
  },
12031
12157
  systemOptions: {
12032
12158
  tokenRenewalOffsetSeconds: this.config.system.tokenRenewalOffsetSeconds,
@@ -12067,6 +12193,10 @@
12067
12193
  */
12068
12194
  async function initializeAuthorizationRequest(request, interactionType, config, browserCrypto, browserStorage, logger, performanceClient, correlationId) {
12069
12195
  const redirectUri = getRedirectUri(request.redirectUri, config.auth.redirectUri, logger, correlationId);
12196
+ if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
12197
+ logger.warning("08qbvw", correlationId);
12198
+ performanceClient.addFields({ isRedirectUriCrossOrigin: true }, correlationId);
12199
+ }
12070
12200
  const browserState = {
12071
12201
  interactionType: interactionType,
12072
12202
  };
@@ -12744,6 +12874,7 @@
12744
12874
  correlationId: this.correlationId,
12745
12875
  state: response.state,
12746
12876
  fromPlatformBroker: true,
12877
+ ...(request.resource && { resource: request.resource }),
12747
12878
  };
12748
12879
  return result;
12749
12880
  }
@@ -13472,6 +13603,7 @@
13472
13603
  tenant: "",
13473
13604
  },
13474
13605
  instanceAware: false,
13606
+ isMcp: false,
13475
13607
  };
13476
13608
  // Default cache options for browser
13477
13609
  const DEFAULT_CACHE_OPTIONS = {
@@ -13864,14 +13996,17 @@
13864
13996
  initializePlatformDOMRequest(request) {
13865
13997
  this.logger.trace("15d6yv", request.correlationId);
13866
13998
  const { accountId, clientId, authority, scope, redirectUri, correlationId, state, storeInCache, embeddedClientId, extraParameters, ...remainingProperties } = request;
13867
- const validExtraParameters = this.getDOMExtraParams(remainingProperties);
13999
+ const validExtraParameters = this.getDOMExtraParams(remainingProperties, correlationId);
13868
14000
  const platformDOMRequest = {
13869
14001
  accountId: accountId,
13870
14002
  brokerId: this.getExtensionId(),
13871
14003
  authority: authority,
13872
14004
  clientId: clientId,
13873
14005
  correlationId: correlationId || this.correlationId,
13874
- extraParameters: { ...extraParameters, ...validExtraParameters },
14006
+ extraParameters: {
14007
+ ...extraParameters,
14008
+ ...validExtraParameters,
14009
+ },
13875
14010
  isSecurityTokenService: false,
13876
14011
  redirectUri: redirectUri,
13877
14012
  scope: scope,
@@ -13925,15 +14060,27 @@
13925
14060
  };
13926
14061
  return nativeResponse;
13927
14062
  }
13928
- getDOMExtraParams(extraParameters) {
13929
- const stringifiedParams = Object.entries(extraParameters).reduce((record, [key, value]) => {
13930
- record[key] = String(value);
13931
- return record;
13932
- }, {});
13933
- const validExtraParams = {
13934
- ...stringifiedParams,
13935
- };
13936
- return validExtraParams;
14063
+ getDOMExtraParams(extraParameters, correlationId) {
14064
+ try {
14065
+ const stringifiedProperties = {};
14066
+ for (const [key, value] of Object.entries(extraParameters)) {
14067
+ if (!value) {
14068
+ continue;
14069
+ }
14070
+ if (typeof value === "object") {
14071
+ stringifiedProperties[key] = JSON.stringify(value);
14072
+ }
14073
+ else {
14074
+ stringifiedProperties[key] = String(value);
14075
+ }
14076
+ }
14077
+ return stringifiedProperties;
14078
+ }
14079
+ catch (e) {
14080
+ this.logger.error("0eu9o3", correlationId);
14081
+ this.logger.errorPii("17rpl5", correlationId);
14082
+ return {};
14083
+ }
13937
14084
  }
13938
14085
  }
13939
14086
 
@@ -14177,7 +14324,7 @@
14177
14324
  const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
14178
14325
  this.eventHandler.emitEvent(EventType.POPUP_OPENED, correlationId, exports.InteractionType.Popup, { popupWindow }, null);
14179
14326
  // Wait for the redirect bridge response
14180
- const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
14327
+ const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
14181
14328
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
14182
14329
  return await invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
14183
14330
  }
@@ -14212,7 +14359,7 @@
14212
14359
  const form = await getEARForm(popupWindow.document, this.config, discoveredAuthority, popupRequest, this.logger, this.performanceClient);
14213
14360
  form.submit();
14214
14361
  // Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
14215
- const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest);
14362
+ const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest, this.performanceClient);
14216
14363
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
14217
14364
  if (!serverParams.ear_jwe && serverParams.code) {
14218
14365
  const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, correlationId)({
@@ -14237,7 +14384,7 @@
14237
14384
  const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
14238
14385
  form.submit();
14239
14386
  // Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
14240
- const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
14387
+ const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
14241
14388
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
14242
14389
  return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
14243
14390
  }
@@ -14290,7 +14437,7 @@
14290
14437
  // Open the popup window to requestUrl.
14291
14438
  const popupWindow = this.openPopup(logoutUri, popupParams);
14292
14439
  this.eventHandler.emitEvent(EventType.POPUP_OPENED, validRequest.correlationId, exports.InteractionType.Popup, { popupWindow }, null);
14293
- await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest).catch(() => {
14440
+ await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest, this.performanceClient).catch(() => {
14294
14441
  // Swallow any errors related to monitoring the window. Server logout is best effort
14295
14442
  });
14296
14443
  if (mainWindowRedirectUri) {
@@ -15038,7 +15185,7 @@
15038
15185
  };
15039
15186
  await invokeAsync(initiateEarRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, discoveredAuthority, silentRequest, this.logger, this.performanceClient);
15040
15187
  const responseType = this.config.auth.OIDCOptions.responseMode;
15041
- const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
15188
+ const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
15042
15189
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
15043
15190
  if (!serverParams.ear_jwe && serverParams.code) {
15044
15191
  // If server doesn't support EAR, they may fallback to auth code flow instead
@@ -15087,7 +15234,7 @@
15087
15234
  }
15088
15235
  const responseType = this.config.auth.OIDCOptions.responseMode;
15089
15236
  // Wait for response from the redirect bridge.
15090
- const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
15237
+ const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
15091
15238
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
15092
15239
  return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceCodes.verifier, this.apiId, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
15093
15240
  }
@@ -15240,6 +15387,22 @@
15240
15387
  * Copyright (c) Microsoft Corporation. All rights reserved.
15241
15388
  * Licensed under the MIT License.
15242
15389
  */
15390
+ /**
15391
+ * Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
15392
+ * @returns Network connection information, or an empty object if not available.
15393
+ */
15394
+ function getNetworkInfo() {
15395
+ if (typeof window === "undefined" || !window.navigator) {
15396
+ return {};
15397
+ }
15398
+ const connection = "connection" in window.navigator
15399
+ ? window.navigator.connection
15400
+ : undefined;
15401
+ return {
15402
+ effectiveType: connection?.effectiveType,
15403
+ rtt: connection?.rtt,
15404
+ };
15405
+ }
15243
15406
  function collectInstanceStats(currentClientId, performanceEvent, logger, correlationId) {
15244
15407
  const frameInstances =
15245
15408
  // @ts-ignore
@@ -15259,12 +15422,13 @@
15259
15422
  * Copyright (c) Microsoft Corporation. All rights reserved.
15260
15423
  * Licensed under the MIT License.
15261
15424
  */
15262
- function preflightCheck(initialized, performanceEvent, account) {
15425
+ function preflightCheck(initialized, performanceEvent, config, request) {
15263
15426
  try {
15264
15427
  preflightCheck$1(initialized);
15428
+ enforceResourceParameter(config.auth.isMcp, request);
15265
15429
  }
15266
15430
  catch (e) {
15267
- performanceEvent.end({ success: false }, e, account);
15431
+ performanceEvent.end({ success: false }, e, request.account);
15268
15432
  throw e;
15269
15433
  }
15270
15434
  }
@@ -15365,6 +15529,7 @@
15365
15529
  this.eventHandler.emitEvent(EventType.INITIALIZE_START, correlationId);
15366
15530
  // Broker applications are initialized twice, so we avoid double-counting it
15367
15531
  this.logMultipleInstances(initMeasurement, correlationId);
15532
+ initMeasurement.add({ isMcp: this.config.auth.isMcp });
15368
15533
  await invokeAsync(this.browserStorage.initialize.bind(this.browserStorage), InitializeCache, this.logger, this.performanceClient, correlationId)(correlationId);
15369
15534
  if (allowPlatformBroker) {
15370
15535
  try {
@@ -15542,6 +15707,7 @@
15542
15707
  };
15543
15708
  try {
15544
15709
  redirectPreflightCheck(this.initialized, this.config);
15710
+ enforceResourceParameter(this.config.auth.isMcp, request);
15545
15711
  this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN);
15546
15712
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Redirect, request);
15547
15713
  let result;
@@ -15606,7 +15772,7 @@
15606
15772
  });
15607
15773
  try {
15608
15774
  this.logger.verbose("0ch87b", correlationId);
15609
- preflightCheck(this.initialized, atPopupMeasurement, request.account);
15775
+ preflightCheck(this.initialized, atPopupMeasurement, this.config, request);
15610
15776
  this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN, request.overrideInteractionInProgress, correlationId);
15611
15777
  }
15612
15778
  catch (e) {
@@ -15720,7 +15886,7 @@
15720
15886
  this.ssoSilentMeasurement?.add({
15721
15887
  scenarioId: request.scenarioId,
15722
15888
  });
15723
- preflightCheck(this.initialized, this.ssoSilentMeasurement, request.account);
15889
+ preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
15724
15890
  this.ssoSilentMeasurement?.increment({
15725
15891
  visibilityChangeCount: 0,
15726
15892
  });
@@ -15784,7 +15950,7 @@
15784
15950
  const correlationId = this.getRequestCorrelationId(request);
15785
15951
  this.logger.trace("0ch6ga", correlationId);
15786
15952
  const atbcMeasurement = this.performanceClient.startMeasurement(AcquireTokenByCode, correlationId);
15787
- preflightCheck(this.initialized, atbcMeasurement);
15953
+ preflightCheck(this.initialized, atbcMeasurement, this.config, request);
15788
15954
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Silent, request);
15789
15955
  atbcMeasurement.add({ scenarioId: request.scenarioId });
15790
15956
  try {
@@ -16286,7 +16452,7 @@
16286
16452
  cacheLookupPolicy: request.cacheLookupPolicy,
16287
16453
  scenarioId: request.scenarioId,
16288
16454
  });
16289
- preflightCheck(this.initialized, atsMeasurement, request.account);
16455
+ preflightCheck(this.initialized, atsMeasurement, this.config, request);
16290
16456
  this.logger.verbose("0x1c4s", correlationId);
16291
16457
  const account = request.account || this.getActiveAccount();
16292
16458
  if (!account) {
@@ -16742,6 +16908,7 @@
16742
16908
  platformBrokerId: request.account?.homeAccountId,
16743
16909
  clientId: this.clientId,
16744
16910
  authority: request.authority,
16911
+ resource: request.resource,
16745
16912
  scope: scopes.join(" "),
16746
16913
  correlationId,
16747
16914
  claims: !StringUtils.isEmptyObj(claims) ? claims : undefined,
@@ -17012,6 +17179,7 @@
17012
17179
  const atPopupMeasurement = this.performanceClient.startMeasurement(AcquireTokenPopup, correlationId);
17013
17180
  atPopupMeasurement.add({ nestedAppAuthRequest: true });
17014
17181
  try {
17182
+ enforceResourceParameter(this.config.auth.isMcp, validRequest);
17015
17183
  const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
17016
17184
  const reqTimestamp = nowSeconds();
17017
17185
  const response = await this.bridgeProxy.getTokenInteractive(naaRequest);
@@ -17078,6 +17246,7 @@
17078
17246
  nestedAppAuthRequest: true,
17079
17247
  });
17080
17248
  try {
17249
+ enforceResourceParameter(this.config.auth.isMcp, validRequest);
17081
17250
  const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
17082
17251
  naaRequest.forceRefresh = validRequest.forceRefresh;
17083
17252
  const reqTimestamp = nowSeconds();
@@ -17212,6 +17381,14 @@
17212
17381
  this.logger.verbose("18egye", correlationId);
17213
17382
  return Promise.resolve(null);
17214
17383
  }
17384
+ else if (authRequest.resource) {
17385
+ const requestedResource = authRequest.resource;
17386
+ const cachedResource = cachedAccessToken.resource;
17387
+ if (!cachedResource || cachedResource !== requestedResource) {
17388
+ this.logger.verbose("0qraxd", correlationId);
17389
+ return Promise.resolve(null);
17390
+ }
17391
+ }
17215
17392
  const cachedIdToken = this.browserStorage.getIdToken(currentAccount, authRequest.correlationId, tokenKeys, currentAccount.tenantId);
17216
17393
  if (!cachedIdToken) {
17217
17394
  this.logger.verbose("0d68kd", correlationId);
@@ -18381,11 +18558,14 @@
18381
18558
  return {
18382
18559
  ...inProgressEvent,
18383
18560
  end: (event, error, account) => {
18561
+ const networkInfo = getNetworkInfo();
18384
18562
  const res = inProgressEvent.end({
18385
18563
  ...event,
18386
18564
  startPageVisibility,
18387
18565
  endPageVisibility: this.getPageVisibility(),
18388
18566
  durationMs: getPerfDurationMs(startTime),
18567
+ networkEffectiveType: networkInfo.effectiveType,
18568
+ networkRtt: networkInfo.rtt,
18389
18569
  }, error, account);
18390
18570
  void browserMeasurement?.then((measurement) => measurement.endMeasurement());
18391
18571
  this.deleteIncompleteSubMeasurements(inProgressEvent);
@@ -18557,6 +18737,7 @@
18557
18737
  exports.WrapperSKU = WrapperSKU;
18558
18738
  exports.createNestablePublicClientApplication = createNestablePublicClientApplication;
18559
18739
  exports.createStandardPublicClientApplication = createStandardPublicClientApplication;
18740
+ exports.enforceResourceParameter = enforceResourceParameter;
18560
18741
  exports.isPlatformBrokerAvailable = isPlatformBrokerAvailable;
18561
18742
  exports.loadExternalTokens = loadExternalTokens;
18562
18743
  exports.stubbedPublicClientApplication = stubbedPublicClientApplication;