@azure/msal-browser 5.4.0 → 5.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (291) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  4. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  7. package/dist/cache/AccountManager.mjs +1 -1
  8. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  9. package/dist/cache/BrowserCacheManager.mjs +1 -1
  10. package/dist/cache/CacheHelpers.mjs +1 -1
  11. package/dist/cache/CacheKeys.mjs +1 -1
  12. package/dist/cache/CookieStorage.mjs +1 -1
  13. package/dist/cache/DatabaseStorage.mjs +1 -1
  14. package/dist/cache/EncryptedData.mjs +1 -1
  15. package/dist/cache/LocalStorage.mjs +1 -1
  16. package/dist/cache/MemoryStorage.mjs +1 -1
  17. package/dist/cache/SessionStorage.mjs +1 -1
  18. package/dist/cache/TokenCache.d.ts.map +1 -1
  19. package/dist/cache/TokenCache.mjs +9 -9
  20. package/dist/cache/TokenCache.mjs.map +1 -1
  21. package/dist/config/Configuration.mjs +1 -1
  22. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  23. package/dist/controllers/StandardController.mjs +1 -1
  24. package/dist/crypto/BrowserCrypto.mjs +1 -1
  25. package/dist/crypto/CryptoOps.mjs +1 -1
  26. package/dist/crypto/PkceGenerator.mjs +1 -1
  27. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  28. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  29. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  30. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  31. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  32. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  33. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  34. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  35. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  36. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  37. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  38. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  39. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  40. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  41. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  42. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  43. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  44. package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
  45. package/dist/custom-auth-path/config/Configuration.mjs +1 -1
  46. package/dist/custom-auth-path/controllers/StandardController.mjs +1 -1
  47. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  48. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  49. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  50. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  51. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  52. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  53. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  54. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  55. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  56. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  57. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  58. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  59. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  60. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  61. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  62. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  63. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  64. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  65. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  157. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  158. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  159. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  160. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  161. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  162. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  163. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  164. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  165. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  166. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  167. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  168. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  169. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  170. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  171. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
  172. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  173. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  174. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  175. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  176. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  177. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
  178. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  179. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
  180. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  181. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
  182. package/dist/custom-auth-path/log-strings-mapping.json +2 -2
  183. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  184. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  185. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  186. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  187. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  188. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  189. package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
  190. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  191. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  192. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +1 -1
  193. package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  194. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  195. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  196. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  197. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  198. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
  199. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  200. package/dist/encode/Base64Decode.mjs +1 -1
  201. package/dist/encode/Base64Encode.mjs +1 -1
  202. package/dist/error/BrowserAuthError.mjs +1 -1
  203. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  204. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  205. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  206. package/dist/error/NativeAuthError.mjs +1 -1
  207. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  208. package/dist/error/NestedAppAuthError.mjs +1 -1
  209. package/dist/event/EventHandler.mjs +1 -1
  210. package/dist/event/EventMessage.mjs +1 -1
  211. package/dist/event/EventType.mjs +1 -1
  212. package/dist/index.mjs +1 -1
  213. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  214. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  215. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  216. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  217. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
  218. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  219. package/dist/interaction_client/PopupClient.mjs +1 -1
  220. package/dist/interaction_client/RedirectClient.mjs +1 -1
  221. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  222. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  223. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  224. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  225. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  226. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  227. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  228. package/dist/log-strings-mapping.json +10 -10
  229. package/dist/naa/BridgeError.mjs +1 -1
  230. package/dist/naa/BridgeProxy.mjs +1 -1
  231. package/dist/naa/BridgeStatusCode.mjs +1 -1
  232. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  233. package/dist/navigation/NavigationClient.mjs +1 -1
  234. package/dist/network/FetchClient.mjs +1 -1
  235. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  236. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  237. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  238. package/dist/packageMetadata.d.ts +1 -1
  239. package/dist/packageMetadata.mjs +2 -2
  240. package/dist/protocol/Authorize.mjs +1 -1
  241. package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
  242. package/dist/redirect-bridge/cache/TokenCache.d.ts.map +1 -1
  243. package/dist/redirect-bridge/config/Configuration.mjs +1 -1
  244. package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
  245. package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
  246. package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
  247. package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
  248. package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  249. package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  250. package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
  251. package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
  252. package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
  253. package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
  254. package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
  255. package/dist/request/RequestHelpers.mjs +1 -1
  256. package/dist/response/ResponseHandler.mjs +1 -1
  257. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  258. package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
  259. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  260. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  261. package/dist/utils/BrowserConstants.mjs +1 -1
  262. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  263. package/dist/utils/BrowserUtils.mjs +1 -1
  264. package/dist/utils/Helpers.mjs +1 -1
  265. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  266. package/lib/custom-auth-path/log-strings-mapping.json +2 -2
  267. package/lib/custom-auth-path/msal-custom-auth.cjs +523 -516
  268. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  269. package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
  270. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  271. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  272. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  273. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  274. package/lib/log-strings-mapping.json +10 -10
  275. package/lib/msal-browser.cjs +542 -534
  276. package/lib/msal-browser.cjs.map +1 -1
  277. package/lib/msal-browser.js +542 -534
  278. package/lib/msal-browser.js.map +1 -1
  279. package/lib/msal-browser.min.js +2 -2
  280. package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
  281. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
  282. package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
  283. package/lib/types/cache/TokenCache.d.ts.map +1 -1
  284. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  285. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  286. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  287. package/lib/types/packageMetadata.d.ts +1 -1
  288. package/package.json +2 -2
  289. package/src/cache/TokenCache.ts +27 -24
  290. package/src/interaction_client/PlatformAuthInteractionClient.ts +55 -53
  291. package/src/packageMetadata.ts +1 -1
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-browser v5.4.0 2026-03-02 */
1
+ /*! @azure/msal-browser v5.4.1 2026-04-01 */
2
2
  'use strict';
3
3
  (function (global, factory) {
4
4
  typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
@@ -6,7 +6,7 @@
6
6
  (global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
7
7
  })(this, (function (exports) { 'use strict';
8
8
 
9
- /*! @azure/msal-common v16.2.0 2026-03-02 */
9
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
10
10
  /*
11
11
  * Copyright (c) Microsoft Corporation. All rights reserved.
12
12
  * Licensed under the MIT License.
@@ -238,7 +238,7 @@
238
238
  // Token renewal offset default in seconds
239
239
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
240
240
 
241
- /*! @azure/msal-common v16.2.0 2026-03-02 */
241
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
242
242
  /*
243
243
  * Copyright (c) Microsoft Corporation. All rights reserved.
244
244
  * Licensed under the MIT License.
@@ -288,7 +288,7 @@
288
288
  const EAR_JWK = "ear_jwk";
289
289
  const EAR_JWE_CRYPTO = "ear_jwe_crypto";
290
290
 
291
- /*! @azure/msal-common v16.2.0 2026-03-02 */
291
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
292
292
  /*
293
293
  * Copyright (c) Microsoft Corporation. All rights reserved.
294
294
  * Licensed under the MIT License.
@@ -319,7 +319,7 @@
319
319
  return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
320
320
  }
321
321
 
322
- /*! @azure/msal-common v16.2.0 2026-03-02 */
322
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
323
323
 
324
324
  /*
325
325
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -339,7 +339,7 @@
339
339
  return new ClientConfigurationError(errorCode);
340
340
  }
341
341
 
342
- /*! @azure/msal-common v16.2.0 2026-03-02 */
342
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
343
343
  /*
344
344
  * Copyright (c) Microsoft Corporation. All rights reserved.
345
345
  * Licensed under the MIT License.
@@ -419,7 +419,7 @@
419
419
  }
420
420
  }
421
421
 
422
- /*! @azure/msal-common v16.2.0 2026-03-02 */
422
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
423
423
 
424
424
  /*
425
425
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -442,7 +442,7 @@
442
442
  return new ClientAuthError(errorCode, additionalMessage);
443
443
  }
444
444
 
445
- /*! @azure/msal-common v16.2.0 2026-03-02 */
445
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
446
446
  /*
447
447
  * Copyright (c) Microsoft Corporation. All rights reserved.
448
448
  * Licensed under the MIT License.
@@ -496,7 +496,7 @@
496
496
  urlParseError: urlParseError
497
497
  });
498
498
 
499
- /*! @azure/msal-common v16.2.0 2026-03-02 */
499
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
500
500
  /*
501
501
  * Copyright (c) Microsoft Corporation. All rights reserved.
502
502
  * Licensed under the MIT License.
@@ -580,7 +580,7 @@
580
580
  userCanceled: userCanceled
581
581
  });
582
582
 
583
- /*! @azure/msal-common v16.2.0 2026-03-02 */
583
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
584
584
 
585
585
  /*
586
586
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -775,7 +775,7 @@
775
775
  }
776
776
  }
777
777
 
778
- /*! @azure/msal-common v16.2.0 2026-03-02 */
778
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
779
779
 
780
780
  /*
781
781
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1142,7 +1142,7 @@
1142
1142
  parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
1143
1143
  }
1144
1144
 
1145
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1145
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
1146
1146
 
1147
1147
  /*
1148
1148
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1251,7 +1251,7 @@
1251
1251
  }
1252
1252
  }
1253
1253
 
1254
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1254
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
1255
1255
 
1256
1256
  /*
1257
1257
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1290,7 +1290,7 @@
1290
1290
  },
1291
1291
  };
1292
1292
 
1293
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1293
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
1294
1294
  /*
1295
1295
  * Copyright (c) Microsoft Corporation. All rights reserved.
1296
1296
  * Licensed under the MIT License.
@@ -1565,12 +1565,12 @@
1565
1565
  }
1566
1566
  }
1567
1567
 
1568
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1568
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
1569
1569
  /* eslint-disable header/header */
1570
1570
  const name$1 = "@azure/msal-common";
1571
- const version$1 = "16.2.0";
1571
+ const version$1 = "16.2.1";
1572
1572
 
1573
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1573
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
1574
1574
  /*
1575
1575
  * Copyright (c) Microsoft Corporation. All rights reserved.
1576
1576
  * Licensed under the MIT License.
@@ -1590,7 +1590,7 @@
1590
1590
  AzureUsGovernment: "https://login.microsoftonline.us",
1591
1591
  };
1592
1592
 
1593
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1593
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
1594
1594
  /*
1595
1595
  * Copyright (c) Microsoft Corporation. All rights reserved.
1596
1596
  * Licensed under the MIT License.
@@ -1672,7 +1672,7 @@
1672
1672
  return updatedAccountInfo;
1673
1673
  }
1674
1674
 
1675
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1675
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
1676
1676
 
1677
1677
  /*
1678
1678
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1752,7 +1752,7 @@
1752
1752
  }
1753
1753
  }
1754
1754
 
1755
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1755
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
1756
1756
 
1757
1757
  /*
1758
1758
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1909,7 +1909,7 @@
1909
1909
  }
1910
1910
  }
1911
1911
 
1912
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1912
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
1913
1913
 
1914
1914
  /*
1915
1915
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2066,7 +2066,7 @@
2066
2066
  return null;
2067
2067
  }
2068
2068
 
2069
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2069
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
2070
2070
  /*
2071
2071
  * Copyright (c) Microsoft Corporation. All rights reserved.
2072
2072
  * Licensed under the MIT License.
@@ -2074,7 +2074,7 @@
2074
2074
  const cacheQuotaExceeded = "cache_quota_exceeded";
2075
2075
  const cacheErrorUnknown = "cache_error_unknown";
2076
2076
 
2077
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2077
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
2078
2078
 
2079
2079
  /*
2080
2080
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2112,7 +2112,7 @@
2112
2112
  }
2113
2113
  }
2114
2114
 
2115
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2115
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
2116
2116
 
2117
2117
  /*
2118
2118
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2150,7 +2150,7 @@
2150
2150
  };
2151
2151
  }
2152
2152
 
2153
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2153
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
2154
2154
  /*
2155
2155
  * Copyright (c) Microsoft Corporation. All rights reserved.
2156
2156
  * Licensed under the MIT License.
@@ -2165,7 +2165,7 @@
2165
2165
  Ciam: 3,
2166
2166
  };
2167
2167
 
2168
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2168
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
2169
2169
  /*
2170
2170
  * Copyright (c) Microsoft Corporation. All rights reserved.
2171
2171
  * Licensed under the MIT License.
@@ -2187,7 +2187,7 @@
2187
2187
  return null;
2188
2188
  }
2189
2189
 
2190
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2190
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
2191
2191
  /*
2192
2192
  * Copyright (c) Microsoft Corporation. All rights reserved.
2193
2193
  * Licensed under the MIT License.
@@ -2211,7 +2211,7 @@
2211
2211
  EAR: "EAR",
2212
2212
  };
2213
2213
 
2214
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2214
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
2215
2215
  /**
2216
2216
  * Returns the AccountInfo interface for this account.
2217
2217
  */
@@ -2386,7 +2386,7 @@
2386
2386
  entity.hasOwnProperty("authorityType"));
2387
2387
  }
2388
2388
 
2389
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2389
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
2390
2390
 
2391
2391
  /*
2392
2392
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3483,7 +3483,7 @@
3483
3483
  }
3484
3484
  }
3485
3485
 
3486
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3486
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
3487
3487
  /*
3488
3488
  * Copyright (c) Microsoft Corporation. All rights reserved.
3489
3489
  * Licensed under the MIT License.
@@ -3528,9 +3528,10 @@
3528
3528
  "currRefreshCount",
3529
3529
  "expiredCacheRemovedCount",
3530
3530
  "upgradedCacheCount",
3531
+ "cacheMatchedAccounts",
3531
3532
  ]);
3532
3533
 
3533
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3534
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
3534
3535
 
3535
3536
  /*
3536
3537
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3585,7 +3586,7 @@
3585
3586
  }
3586
3587
  }
3587
3588
 
3588
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3589
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
3589
3590
 
3590
3591
  /*
3591
3592
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3679,291 +3680,358 @@
3679
3680
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3680
3681
  }
3681
3682
 
3682
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3683
-
3683
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
3684
3684
  /*
3685
3685
  * Copyright (c) Microsoft Corporation. All rights reserved.
3686
3686
  * Licensed under the MIT License.
3687
3687
  */
3688
3688
  /**
3689
- * Error thrown when there is an error with the server code, for example, unavailability.
3690
- */
3691
- class ServerError extends AuthError {
3692
- constructor(errorCode, errorMessage, subError, errorNo, status) {
3693
- super(errorCode, errorMessage, subError);
3694
- this.name = "ServerError";
3695
- this.errorNo = errorNo;
3696
- this.status = status;
3697
- Object.setPrototypeOf(this, ServerError.prototype);
3689
+ * This class instance helps track the memory changes facilitating
3690
+ * decisions to read from and write to the persistent cache
3691
+ */ class TokenCacheContext {
3692
+ constructor(tokenCache, hasChanged) {
3693
+ this.cache = tokenCache;
3694
+ this.hasChanged = hasChanged;
3695
+ }
3696
+ /**
3697
+ * boolean which indicates the changes in cache
3698
+ */
3699
+ get cacheHasChanged() {
3700
+ return this.hasChanged;
3701
+ }
3702
+ /**
3703
+ * function to retrieve the token cache
3704
+ */
3705
+ get tokenCache() {
3706
+ return this.cache;
3698
3707
  }
3699
3708
  }
3700
3709
 
3701
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3710
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
3702
3711
  /*
3703
3712
  * Copyright (c) Microsoft Corporation. All rights reserved.
3704
3713
  * Licensed under the MIT License.
3705
3714
  */
3706
3715
  /**
3707
- * MSAL-defined interaction required error code indicating no tokens are found in cache.
3708
- * @public
3709
- */
3710
- const noTokensFound = "no_tokens_found";
3711
- /**
3712
- * MSAL-defined error code indicating a native account is unavailable on the platform.
3713
- * @public
3714
- */
3715
- const nativeAccountUnavailable = "native_account_unavailable";
3716
- /**
3717
- * MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
3718
- * @public
3719
- */
3720
- const refreshTokenExpired = "refresh_token_expired";
3721
- /**
3722
- * MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
3723
- * @public
3724
- */
3725
- const uxNotAllowed = "ux_not_allowed";
3726
- /**
3727
- * Server-originated error code indicating interaction is required to complete the request.
3728
- * @public
3729
- */
3730
- const interactionRequired = "interaction_required";
3731
- /**
3732
- * Server-originated error code indicating user consent is required.
3733
- * @public
3734
- */
3735
- const consentRequired = "consent_required";
3736
- /**
3737
- * Server-originated error code indicating user login is required.
3738
- * @public
3716
+ * Utility functions for managing date and time operations.
3739
3717
  */
3740
- const loginRequired = "login_required";
3741
3718
  /**
3742
- * Server-originated error code indicating the token is invalid or corrupted.
3743
- * @public
3719
+ * return the current time in Unix time (seconds).
3744
3720
  */
3745
- const badToken = "bad_token";
3721
+ function nowSeconds() {
3722
+ // Date.getTime() returns in milliseconds.
3723
+ return Math.round(new Date().getTime() / 1000.0);
3724
+ }
3746
3725
  /**
3747
- * Server-originated error code indicating the user is in an interrupted state and interaction is required.
3748
- * @public
3749
- */
3750
- const interruptedUser = "interrupted_user";
3751
-
3752
- var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
3753
- __proto__: null,
3754
- badToken: badToken,
3755
- consentRequired: consentRequired,
3756
- interactionRequired: interactionRequired,
3757
- interruptedUser: interruptedUser,
3758
- loginRequired: loginRequired,
3759
- nativeAccountUnavailable: nativeAccountUnavailable,
3760
- noTokensFound: noTokensFound,
3761
- refreshTokenExpired: refreshTokenExpired,
3762
- uxNotAllowed: uxNotAllowed
3763
- });
3764
-
3765
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3766
-
3767
- /*
3768
- * Copyright (c) Microsoft Corporation. All rights reserved.
3769
- * Licensed under the MIT License.
3726
+ * Converts JS Date object to seconds
3727
+ * @param date Date
3770
3728
  */
3729
+ function toSecondsFromDate(date) {
3730
+ // Convert date to seconds
3731
+ return date.getTime() / 1000;
3732
+ }
3771
3733
  /**
3772
- * InteractionRequiredServerErrorMessage contains string constants used by error codes and messages returned by the server indicating interaction is required
3734
+ * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
3735
+ * @param seconds
3773
3736
  */
3774
- const InteractionRequiredServerErrorMessage = [
3775
- interactionRequired,
3776
- consentRequired,
3777
- loginRequired,
3778
- badToken,
3779
- uxNotAllowed,
3780
- interruptedUser,
3781
- ];
3782
- const InteractionRequiredAuthSubErrorMessage = [
3783
- "message_only",
3784
- "additional_action",
3785
- "basic_action",
3786
- "user_password_expired",
3787
- "consent_required",
3788
- "bad_token",
3789
- "ux_not_allowed",
3790
- "interrupted_user",
3791
- ];
3737
+ function toDateFromSeconds(seconds) {
3738
+ if (seconds) {
3739
+ return new Date(Number(seconds) * 1000);
3740
+ }
3741
+ return new Date();
3742
+ }
3792
3743
  /**
3793
- * Error thrown when user interaction is required.
3744
+ * check if a token is expired based on given UTC time in seconds.
3745
+ * @param expiresOn
3794
3746
  */
3795
- class InteractionRequiredAuthError extends AuthError {
3796
- constructor(errorCode, errorMessage, subError, timestamp, traceId, correlationId, claims, errorNo) {
3797
- super(errorCode, errorMessage, subError);
3798
- Object.setPrototypeOf(this, InteractionRequiredAuthError.prototype);
3799
- this.timestamp = timestamp || "";
3800
- this.traceId = traceId || "";
3801
- this.correlationId = correlationId || "";
3802
- this.claims = claims || "";
3803
- this.name = "InteractionRequiredAuthError";
3804
- this.errorNo = errorNo;
3805
- }
3747
+ function isTokenExpired(expiresOn, offset) {
3748
+ // check for access token expiry
3749
+ const expirationSec = Number(expiresOn) || 0;
3750
+ const offsetCurrentTimeSec = nowSeconds() + offset;
3751
+ // If current time + offset is greater than token expiration time, then token is expired.
3752
+ return offsetCurrentTimeSec > expirationSec;
3806
3753
  }
3807
3754
  /**
3808
- * Helper function used to determine if an error thrown by the server requires interaction to resolve
3809
- * @param errorCode
3810
- * @param errorString
3811
- * @param subError
3755
+ * Checks if a cache entry is expired based on the last updated time and cache retention days.
3756
+ * @param lastUpdatedAt
3757
+ * @param cacheRetentionDays
3758
+ * @returns
3812
3759
  */
3813
- function isInteractionRequiredError(errorCode, errorString, subError) {
3814
- const isInteractionRequiredErrorCode = !!errorCode &&
3815
- InteractionRequiredServerErrorMessage.indexOf(errorCode) > -1;
3816
- const isInteractionRequiredSubError = !!subError &&
3817
- InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
3818
- const isInteractionRequiredErrorDesc = !!errorString &&
3819
- InteractionRequiredServerErrorMessage.some((irErrorCode) => {
3820
- return errorString.indexOf(irErrorCode) > -1;
3821
- });
3822
- return (isInteractionRequiredErrorCode ||
3823
- isInteractionRequiredErrorDesc ||
3824
- isInteractionRequiredSubError);
3760
+ function isCacheExpired(lastUpdatedAt, cacheRetentionDays) {
3761
+ const cacheExpirationTimestamp = Number(lastUpdatedAt) + cacheRetentionDays * 24 * 60 * 60 * 1000;
3762
+ return Date.now() > cacheExpirationTimestamp;
3825
3763
  }
3826
3764
  /**
3827
- * Creates an InteractionRequiredAuthError
3765
+ * If the current time is earlier than the time that a token was cached at, we must discard the token
3766
+ * i.e. The system clock was turned back after acquiring the cached token
3767
+ * @param cachedAt
3768
+ * @param offset
3828
3769
  */
3829
- function createInteractionRequiredAuthError(errorCode, errorMessage) {
3830
- return new InteractionRequiredAuthError(errorCode, errorMessage);
3770
+ function wasClockTurnedBack(cachedAt) {
3771
+ const cachedAtSec = Number(cachedAt);
3772
+ return cachedAtSec > nowSeconds();
3831
3773
  }
3832
3774
 
3833
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3775
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
3834
3776
 
3835
3777
  /*
3836
3778
  * Copyright (c) Microsoft Corporation. All rights reserved.
3837
3779
  * Licensed under the MIT License.
3838
3780
  */
3839
3781
  /**
3840
- * Appends user state with random guid, or returns random guid.
3841
- * @param cryptoObj
3842
- * @param userState
3843
- * @param meta
3782
+ * Create IdTokenEntity
3783
+ * @param homeAccountId
3784
+ * @param authenticationResult
3785
+ * @param clientId
3786
+ * @param authority
3844
3787
  */
3845
- function setRequestState(cryptoObj, userState, meta) {
3846
- const libraryState = generateLibraryState(cryptoObj, meta);
3847
- return userState
3848
- ? `${libraryState}${RESOURCE_DELIM}${userState}`
3849
- : libraryState;
3788
+ function createIdTokenEntity(homeAccountId, environment, idToken, clientId, tenantId) {
3789
+ const idTokenEntity = {
3790
+ credentialType: CredentialType.ID_TOKEN,
3791
+ homeAccountId: homeAccountId,
3792
+ environment: environment,
3793
+ clientId: clientId,
3794
+ secret: idToken,
3795
+ realm: tenantId,
3796
+ lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
3797
+ };
3798
+ return idTokenEntity;
3850
3799
  }
3851
3800
  /**
3852
- * Generates the state value used by the common library.
3853
- * @param cryptoObj
3854
- * @param meta
3801
+ * Create AccessTokenEntity
3802
+ * @param homeAccountId
3803
+ * @param environment
3804
+ * @param accessToken
3805
+ * @param clientId
3806
+ * @param tenantId
3807
+ * @param scopes
3808
+ * @param expiresOn
3809
+ * @param extExpiresOn
3855
3810
  */
3856
- function generateLibraryState(cryptoObj, meta) {
3857
- if (!cryptoObj) {
3858
- throw createClientAuthError(noCryptoObject);
3859
- }
3860
- // Create a state object containing a unique id and the timestamp of the request creation
3861
- const stateObj = {
3862
- id: cryptoObj.createNewGuid(),
3811
+ function createAccessTokenEntity(homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, base64Decode, refreshOn, tokenType, userAssertionHash, keyId) {
3812
+ const atEntity = {
3813
+ homeAccountId: homeAccountId,
3814
+ credentialType: CredentialType.ACCESS_TOKEN,
3815
+ secret: accessToken,
3816
+ cachedAt: nowSeconds().toString(),
3817
+ expiresOn: expiresOn.toString(),
3818
+ extendedExpiresOn: extExpiresOn.toString(),
3819
+ environment: environment,
3820
+ clientId: clientId,
3821
+ realm: tenantId,
3822
+ target: scopes,
3823
+ tokenType: tokenType || AuthenticationScheme$1.BEARER,
3824
+ lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
3863
3825
  };
3864
- if (meta) {
3865
- stateObj.meta = meta;
3826
+ if (userAssertionHash) {
3827
+ atEntity.userAssertionHash = userAssertionHash;
3866
3828
  }
3867
- const stateString = JSON.stringify(stateObj);
3868
- return cryptoObj.base64Encode(stateString);
3829
+ if (refreshOn) {
3830
+ atEntity.refreshOn = refreshOn.toString();
3831
+ }
3832
+ /*
3833
+ * Create Access Token With Auth Scheme instead of regular access token
3834
+ * Cast to lower to handle "bearer" from ADFS
3835
+ */
3836
+ if (atEntity.tokenType?.toLowerCase() !==
3837
+ AuthenticationScheme$1.BEARER.toLowerCase()) {
3838
+ atEntity.credentialType =
3839
+ CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
3840
+ switch (atEntity.tokenType) {
3841
+ case AuthenticationScheme$1.POP:
3842
+ // Make sure keyId is present and add it to credential
3843
+ const tokenClaims = extractTokenClaims(accessToken, base64Decode);
3844
+ if (!tokenClaims?.cnf?.kid) {
3845
+ throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
3846
+ }
3847
+ atEntity.keyId = tokenClaims.cnf.kid;
3848
+ break;
3849
+ case AuthenticationScheme$1.SSH:
3850
+ atEntity.keyId = keyId;
3851
+ }
3852
+ }
3853
+ return atEntity;
3869
3854
  }
3870
3855
  /**
3871
- * Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.
3872
- * @param base64Decode
3873
- * @param state
3856
+ * Create RefreshTokenEntity
3857
+ * @param homeAccountId
3858
+ * @param authenticationResult
3859
+ * @param clientId
3860
+ * @param authority
3874
3861
  */
3875
- function parseRequestState(base64Decode, state) {
3876
- if (!base64Decode) {
3877
- throw createClientAuthError(noCryptoObject);
3862
+ function createRefreshTokenEntity(homeAccountId, environment, refreshToken, clientId, familyId, userAssertionHash, expiresOn) {
3863
+ const rtEntity = {
3864
+ credentialType: CredentialType.REFRESH_TOKEN,
3865
+ homeAccountId: homeAccountId,
3866
+ environment: environment,
3867
+ clientId: clientId,
3868
+ secret: refreshToken,
3869
+ lastUpdatedAt: Date.now().toString(),
3870
+ };
3871
+ if (userAssertionHash) {
3872
+ rtEntity.userAssertionHash = userAssertionHash;
3878
3873
  }
3879
- if (!state) {
3880
- throw createClientAuthError(invalidState);
3874
+ if (familyId) {
3875
+ rtEntity.familyId = familyId;
3881
3876
  }
3882
- try {
3883
- // Split the state between library state and user passed state and decode them separately
3884
- const splitState = state.split(RESOURCE_DELIM);
3885
- const libraryState = splitState[0];
3886
- const userState = splitState.length > 1
3887
- ? splitState.slice(1).join(RESOURCE_DELIM)
3888
- : "";
3889
- const libraryStateString = base64Decode(libraryState);
3890
- const libraryStateObj = JSON.parse(libraryStateString);
3891
- return {
3892
- userRequestState: userState || "",
3893
- libraryState: libraryStateObj,
3894
- };
3877
+ if (expiresOn) {
3878
+ rtEntity.expiresOn = expiresOn.toString();
3895
3879
  }
3896
- catch (e) {
3897
- throw createClientAuthError(invalidState);
3880
+ return rtEntity;
3881
+ }
3882
+ function isCredentialEntity(entity) {
3883
+ return (entity.hasOwnProperty("homeAccountId") &&
3884
+ entity.hasOwnProperty("environment") &&
3885
+ entity.hasOwnProperty("credentialType") &&
3886
+ entity.hasOwnProperty("clientId") &&
3887
+ entity.hasOwnProperty("secret"));
3888
+ }
3889
+ /**
3890
+ * Validates an entity: checks for all expected params
3891
+ * @param entity
3892
+ */
3893
+ function isAccessTokenEntity(entity) {
3894
+ if (!entity) {
3895
+ return false;
3898
3896
  }
3899
- }
3900
-
3901
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3902
- /*
3903
- * Copyright (c) Microsoft Corporation. All rights reserved.
3904
- * Licensed under the MIT License.
3897
+ return (isCredentialEntity(entity) &&
3898
+ entity.hasOwnProperty("realm") &&
3899
+ entity.hasOwnProperty("target") &&
3900
+ (entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
3901
+ entity["credentialType"] ===
3902
+ CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
3903
+ }
3904
+ /**
3905
+ * Validates an entity: checks for all expected params
3906
+ * @param entity
3905
3907
  */
3908
+ function isIdTokenEntity(entity) {
3909
+ if (!entity) {
3910
+ return false;
3911
+ }
3912
+ return (isCredentialEntity(entity) &&
3913
+ entity.hasOwnProperty("realm") &&
3914
+ entity["credentialType"] === CredentialType.ID_TOKEN);
3915
+ }
3906
3916
  /**
3907
- * Utility functions for managing date and time operations.
3917
+ * Validates an entity: checks for all expected params
3918
+ * @param entity
3908
3919
  */
3920
+ function isRefreshTokenEntity(entity) {
3921
+ if (!entity) {
3922
+ return false;
3923
+ }
3924
+ return (isCredentialEntity(entity) &&
3925
+ entity["credentialType"] === CredentialType.REFRESH_TOKEN);
3926
+ }
3909
3927
  /**
3910
- * return the current time in Unix time (seconds).
3928
+ * validates if a given cache entry is "Telemetry", parses <key,value>
3929
+ * @param key
3930
+ * @param entity
3911
3931
  */
3912
- function nowSeconds() {
3913
- // Date.getTime() returns in milliseconds.
3914
- return Math.round(new Date().getTime() / 1000.0);
3932
+ function isServerTelemetryEntity(key, entity) {
3933
+ const validateKey = key.indexOf(SERVER_TELEM_CACHE_KEY) === 0;
3934
+ let validateEntity = true;
3935
+ if (entity) {
3936
+ validateEntity =
3937
+ entity.hasOwnProperty("failedRequests") &&
3938
+ entity.hasOwnProperty("errors") &&
3939
+ entity.hasOwnProperty("cacheHits");
3940
+ }
3941
+ return validateKey && validateEntity;
3915
3942
  }
3916
3943
  /**
3917
- * Converts JS Date object to seconds
3918
- * @param date Date
3944
+ * validates if a given cache entry is "Throttling", parses <key,value>
3945
+ * @param key
3946
+ * @param entity
3919
3947
  */
3920
- function toSecondsFromDate(date) {
3921
- // Convert date to seconds
3922
- return date.getTime() / 1000;
3948
+ function isThrottlingEntity(key, entity) {
3949
+ let validateKey = false;
3950
+ if (key) {
3951
+ validateKey = key.indexOf(THROTTLING_PREFIX) === 0;
3952
+ }
3953
+ let validateEntity = true;
3954
+ if (entity) {
3955
+ validateEntity = entity.hasOwnProperty("throttleTime");
3956
+ }
3957
+ return validateKey && validateEntity;
3923
3958
  }
3924
3959
  /**
3925
- * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
3926
- * @param seconds
3960
+ * Generate AppMetadata Cache Key as per the schema: appmetadata-<environment>-<client_id>
3927
3961
  */
3928
- function toDateFromSeconds(seconds) {
3929
- if (seconds) {
3930
- return new Date(Number(seconds) * 1000);
3962
+ function generateAppMetadataKey({ environment, clientId, }) {
3963
+ const appMetaDataKeyArray = [
3964
+ APP_METADATA,
3965
+ environment,
3966
+ clientId,
3967
+ ];
3968
+ return appMetaDataKeyArray
3969
+ .join(CACHE_KEY_SEPARATOR$1)
3970
+ .toLowerCase();
3971
+ }
3972
+ /*
3973
+ * Validates an entity: checks for all expected params
3974
+ * @param entity
3975
+ */
3976
+ function isAppMetadataEntity(key, entity) {
3977
+ if (!entity) {
3978
+ return false;
3931
3979
  }
3932
- return new Date();
3980
+ return (key.indexOf(APP_METADATA) === 0 &&
3981
+ entity.hasOwnProperty("clientId") &&
3982
+ entity.hasOwnProperty("environment"));
3933
3983
  }
3934
3984
  /**
3935
- * check if a token is expired based on given UTC time in seconds.
3936
- * @param expiresOn
3985
+ * Validates an entity: checks for all expected params
3986
+ * @param entity
3937
3987
  */
3938
- function isTokenExpired(expiresOn, offset) {
3939
- // check for access token expiry
3940
- const expirationSec = Number(expiresOn) || 0;
3941
- const offsetCurrentTimeSec = nowSeconds() + offset;
3942
- // If current time + offset is greater than token expiration time, then token is expired.
3943
- return offsetCurrentTimeSec > expirationSec;
3988
+ function isAuthorityMetadataEntity(key, entity) {
3989
+ if (!entity) {
3990
+ return false;
3991
+ }
3992
+ return (key.indexOf(AUTHORITY_METADATA_CACHE_KEY) === 0 &&
3993
+ entity.hasOwnProperty("aliases") &&
3994
+ entity.hasOwnProperty("preferred_cache") &&
3995
+ entity.hasOwnProperty("preferred_network") &&
3996
+ entity.hasOwnProperty("canonical_authority") &&
3997
+ entity.hasOwnProperty("authorization_endpoint") &&
3998
+ entity.hasOwnProperty("token_endpoint") &&
3999
+ entity.hasOwnProperty("issuer") &&
4000
+ entity.hasOwnProperty("aliasesFromNetwork") &&
4001
+ entity.hasOwnProperty("endpointsFromNetwork") &&
4002
+ entity.hasOwnProperty("expiresAt") &&
4003
+ entity.hasOwnProperty("jwks_uri"));
3944
4004
  }
3945
4005
  /**
3946
- * Checks if a cache entry is expired based on the last updated time and cache retention days.
3947
- * @param lastUpdatedAt
3948
- * @param cacheRetentionDays
3949
- * @returns
4006
+ * Reset the exiresAt value
3950
4007
  */
3951
- function isCacheExpired(lastUpdatedAt, cacheRetentionDays) {
3952
- const cacheExpirationTimestamp = Number(lastUpdatedAt) + cacheRetentionDays * 24 * 60 * 60 * 1000;
3953
- return Date.now() > cacheExpirationTimestamp;
4008
+ function generateAuthorityMetadataExpiresAt() {
4009
+ return (nowSeconds() +
4010
+ AUTHORITY_METADATA_REFRESH_TIME_SECONDS);
4011
+ }
4012
+ function updateAuthorityEndpointMetadata(authorityMetadata, updatedValues, fromNetwork) {
4013
+ authorityMetadata.authorization_endpoint =
4014
+ updatedValues.authorization_endpoint;
4015
+ authorityMetadata.token_endpoint = updatedValues.token_endpoint;
4016
+ authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
4017
+ authorityMetadata.issuer = updatedValues.issuer;
4018
+ authorityMetadata.endpointsFromNetwork = fromNetwork;
4019
+ authorityMetadata.jwks_uri = updatedValues.jwks_uri;
4020
+ }
4021
+ function updateCloudDiscoveryMetadata(authorityMetadata, updatedValues, fromNetwork) {
4022
+ authorityMetadata.aliases = updatedValues.aliases;
4023
+ authorityMetadata.preferred_cache = updatedValues.preferred_cache;
4024
+ authorityMetadata.preferred_network = updatedValues.preferred_network;
4025
+ authorityMetadata.aliasesFromNetwork = fromNetwork;
3954
4026
  }
3955
4027
  /**
3956
- * If the current time is earlier than the time that a token was cached at, we must discard the token
3957
- * i.e. The system clock was turned back after acquiring the cached token
3958
- * @param cachedAt
3959
- * @param offset
4028
+ * Returns whether or not the data needs to be refreshed
3960
4029
  */
3961
- function wasClockTurnedBack(cachedAt) {
3962
- const cachedAtSec = Number(cachedAt);
3963
- return cachedAtSec > nowSeconds();
4030
+ function isAuthorityMetadataExpired(metadata) {
4031
+ return metadata.expiresAt <= nowSeconds();
3964
4032
  }
3965
4033
 
3966
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4034
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
3967
4035
  /*
3968
4036
  * Copyright (c) Microsoft Corporation. All rights reserved.
3969
4037
  * Licensed under the MIT License.
@@ -4034,7 +4102,7 @@
4034
4102
  const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
4035
4103
  const SetUserData = "setUserData";
4036
4104
 
4037
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4105
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
4038
4106
  /*
4039
4107
  * Copyright (c) Microsoft Corporation. All rights reserved.
4040
4108
  * Licensed under the MIT License.
@@ -4127,7 +4195,7 @@
4127
4195
  };
4128
4196
  };
4129
4197
 
4130
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4198
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
4131
4199
 
4132
4200
  /*
4133
4201
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4207,293 +4275,226 @@
4207
4275
  }
4208
4276
  }
4209
4277
 
4210
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4278
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
4211
4279
  /*
4212
4280
  * Copyright (c) Microsoft Corporation. All rights reserved.
4213
4281
  * Licensed under the MIT License.
4214
4282
  */
4215
4283
  /**
4216
- * This class instance helps track the memory changes facilitating
4217
- * decisions to read from and write to the persistent cache
4218
- */ class TokenCacheContext {
4219
- constructor(tokenCache, hasChanged) {
4220
- this.cache = tokenCache;
4221
- this.hasChanged = hasChanged;
4222
- }
4223
- /**
4224
- * boolean which indicates the changes in cache
4225
- */
4226
- get cacheHasChanged() {
4227
- return this.hasChanged;
4228
- }
4229
- /**
4230
- * function to retrieve the token cache
4231
- */
4232
- get tokenCache() {
4233
- return this.cache;
4234
- }
4235
- }
4236
-
4237
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4238
-
4239
- /*
4240
- * Copyright (c) Microsoft Corporation. All rights reserved.
4241
- * Licensed under the MIT License.
4284
+ * MSAL-defined interaction required error code indicating no tokens are found in cache.
4285
+ * @public
4242
4286
  */
4287
+ const noTokensFound = "no_tokens_found";
4243
4288
  /**
4244
- * Create IdTokenEntity
4245
- * @param homeAccountId
4246
- * @param authenticationResult
4247
- * @param clientId
4248
- * @param authority
4289
+ * MSAL-defined error code indicating a native account is unavailable on the platform.
4290
+ * @public
4249
4291
  */
4250
- function createIdTokenEntity(homeAccountId, environment, idToken, clientId, tenantId) {
4251
- const idTokenEntity = {
4252
- credentialType: CredentialType.ID_TOKEN,
4253
- homeAccountId: homeAccountId,
4254
- environment: environment,
4255
- clientId: clientId,
4256
- secret: idToken,
4257
- realm: tenantId,
4258
- lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
4259
- };
4260
- return idTokenEntity;
4261
- }
4292
+ const nativeAccountUnavailable = "native_account_unavailable";
4262
4293
  /**
4263
- * Create AccessTokenEntity
4264
- * @param homeAccountId
4265
- * @param environment
4266
- * @param accessToken
4267
- * @param clientId
4268
- * @param tenantId
4269
- * @param scopes
4270
- * @param expiresOn
4271
- * @param extExpiresOn
4294
+ * MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
4295
+ * @public
4272
4296
  */
4273
- function createAccessTokenEntity(homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, base64Decode, refreshOn, tokenType, userAssertionHash, keyId) {
4274
- const atEntity = {
4275
- homeAccountId: homeAccountId,
4276
- credentialType: CredentialType.ACCESS_TOKEN,
4277
- secret: accessToken,
4278
- cachedAt: nowSeconds().toString(),
4279
- expiresOn: expiresOn.toString(),
4280
- extendedExpiresOn: extExpiresOn.toString(),
4281
- environment: environment,
4282
- clientId: clientId,
4283
- realm: tenantId,
4284
- target: scopes,
4285
- tokenType: tokenType || AuthenticationScheme$1.BEARER,
4286
- lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
4287
- };
4288
- if (userAssertionHash) {
4289
- atEntity.userAssertionHash = userAssertionHash;
4290
- }
4291
- if (refreshOn) {
4292
- atEntity.refreshOn = refreshOn.toString();
4293
- }
4294
- /*
4295
- * Create Access Token With Auth Scheme instead of regular access token
4296
- * Cast to lower to handle "bearer" from ADFS
4297
- */
4298
- if (atEntity.tokenType?.toLowerCase() !==
4299
- AuthenticationScheme$1.BEARER.toLowerCase()) {
4300
- atEntity.credentialType =
4301
- CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
4302
- switch (atEntity.tokenType) {
4303
- case AuthenticationScheme$1.POP:
4304
- // Make sure keyId is present and add it to credential
4305
- const tokenClaims = extractTokenClaims(accessToken, base64Decode);
4306
- if (!tokenClaims?.cnf?.kid) {
4307
- throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
4308
- }
4309
- atEntity.keyId = tokenClaims.cnf.kid;
4310
- break;
4311
- case AuthenticationScheme$1.SSH:
4312
- atEntity.keyId = keyId;
4313
- }
4314
- }
4315
- return atEntity;
4316
- }
4297
+ const refreshTokenExpired = "refresh_token_expired";
4317
4298
  /**
4318
- * Create RefreshTokenEntity
4319
- * @param homeAccountId
4320
- * @param authenticationResult
4321
- * @param clientId
4322
- * @param authority
4299
+ * MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
4300
+ * @public
4323
4301
  */
4324
- function createRefreshTokenEntity(homeAccountId, environment, refreshToken, clientId, familyId, userAssertionHash, expiresOn) {
4325
- const rtEntity = {
4326
- credentialType: CredentialType.REFRESH_TOKEN,
4327
- homeAccountId: homeAccountId,
4328
- environment: environment,
4329
- clientId: clientId,
4330
- secret: refreshToken,
4331
- lastUpdatedAt: Date.now().toString(),
4332
- };
4333
- if (userAssertionHash) {
4334
- rtEntity.userAssertionHash = userAssertionHash;
4335
- }
4336
- if (familyId) {
4337
- rtEntity.familyId = familyId;
4338
- }
4339
- if (expiresOn) {
4340
- rtEntity.expiresOn = expiresOn.toString();
4341
- }
4342
- return rtEntity;
4343
- }
4344
- function isCredentialEntity(entity) {
4345
- return (entity.hasOwnProperty("homeAccountId") &&
4346
- entity.hasOwnProperty("environment") &&
4347
- entity.hasOwnProperty("credentialType") &&
4348
- entity.hasOwnProperty("clientId") &&
4349
- entity.hasOwnProperty("secret"));
4350
- }
4302
+ const uxNotAllowed = "ux_not_allowed";
4351
4303
  /**
4352
- * Validates an entity: checks for all expected params
4353
- * @param entity
4304
+ * Server-originated error code indicating interaction is required to complete the request.
4305
+ * @public
4354
4306
  */
4355
- function isAccessTokenEntity(entity) {
4356
- if (!entity) {
4357
- return false;
4358
- }
4359
- return (isCredentialEntity(entity) &&
4360
- entity.hasOwnProperty("realm") &&
4361
- entity.hasOwnProperty("target") &&
4362
- (entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
4363
- entity["credentialType"] ===
4364
- CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
4365
- }
4307
+ const interactionRequired = "interaction_required";
4308
+ /**
4309
+ * Server-originated error code indicating user consent is required.
4310
+ * @public
4311
+ */
4312
+ const consentRequired = "consent_required";
4313
+ /**
4314
+ * Server-originated error code indicating user login is required.
4315
+ * @public
4316
+ */
4317
+ const loginRequired = "login_required";
4318
+ /**
4319
+ * Server-originated error code indicating the token is invalid or corrupted.
4320
+ * @public
4321
+ */
4322
+ const badToken = "bad_token";
4366
4323
  /**
4367
- * Validates an entity: checks for all expected params
4368
- * @param entity
4324
+ * Server-originated error code indicating the user is in an interrupted state and interaction is required.
4325
+ * @public
4326
+ */
4327
+ const interruptedUser = "interrupted_user";
4328
+
4329
+ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
4330
+ __proto__: null,
4331
+ badToken: badToken,
4332
+ consentRequired: consentRequired,
4333
+ interactionRequired: interactionRequired,
4334
+ interruptedUser: interruptedUser,
4335
+ loginRequired: loginRequired,
4336
+ nativeAccountUnavailable: nativeAccountUnavailable,
4337
+ noTokensFound: noTokensFound,
4338
+ refreshTokenExpired: refreshTokenExpired,
4339
+ uxNotAllowed: uxNotAllowed
4340
+ });
4341
+
4342
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
4343
+
4344
+ /*
4345
+ * Copyright (c) Microsoft Corporation. All rights reserved.
4346
+ * Licensed under the MIT License.
4369
4347
  */
4370
- function isIdTokenEntity(entity) {
4371
- if (!entity) {
4372
- return false;
4373
- }
4374
- return (isCredentialEntity(entity) &&
4375
- entity.hasOwnProperty("realm") &&
4376
- entity["credentialType"] === CredentialType.ID_TOKEN);
4377
- }
4378
4348
  /**
4379
- * Validates an entity: checks for all expected params
4380
- * @param entity
4349
+ * InteractionRequiredServerErrorMessage contains string constants used by error codes and messages returned by the server indicating interaction is required
4381
4350
  */
4382
- function isRefreshTokenEntity(entity) {
4383
- if (!entity) {
4384
- return false;
4385
- }
4386
- return (isCredentialEntity(entity) &&
4387
- entity["credentialType"] === CredentialType.REFRESH_TOKEN);
4388
- }
4351
+ const InteractionRequiredServerErrorMessage = [
4352
+ interactionRequired,
4353
+ consentRequired,
4354
+ loginRequired,
4355
+ badToken,
4356
+ uxNotAllowed,
4357
+ interruptedUser,
4358
+ ];
4359
+ const InteractionRequiredAuthSubErrorMessage = [
4360
+ "message_only",
4361
+ "additional_action",
4362
+ "basic_action",
4363
+ "user_password_expired",
4364
+ "consent_required",
4365
+ "bad_token",
4366
+ "ux_not_allowed",
4367
+ "interrupted_user",
4368
+ ];
4389
4369
  /**
4390
- * validates if a given cache entry is "Telemetry", parses <key,value>
4391
- * @param key
4392
- * @param entity
4370
+ * Error thrown when user interaction is required.
4393
4371
  */
4394
- function isServerTelemetryEntity(key, entity) {
4395
- const validateKey = key.indexOf(SERVER_TELEM_CACHE_KEY) === 0;
4396
- let validateEntity = true;
4397
- if (entity) {
4398
- validateEntity =
4399
- entity.hasOwnProperty("failedRequests") &&
4400
- entity.hasOwnProperty("errors") &&
4401
- entity.hasOwnProperty("cacheHits");
4372
+ class InteractionRequiredAuthError extends AuthError {
4373
+ constructor(errorCode, errorMessage, subError, timestamp, traceId, correlationId, claims, errorNo) {
4374
+ super(errorCode, errorMessage, subError);
4375
+ Object.setPrototypeOf(this, InteractionRequiredAuthError.prototype);
4376
+ this.timestamp = timestamp || "";
4377
+ this.traceId = traceId || "";
4378
+ this.correlationId = correlationId || "";
4379
+ this.claims = claims || "";
4380
+ this.name = "InteractionRequiredAuthError";
4381
+ this.errorNo = errorNo;
4402
4382
  }
4403
- return validateKey && validateEntity;
4404
4383
  }
4405
4384
  /**
4406
- * validates if a given cache entry is "Throttling", parses <key,value>
4407
- * @param key
4408
- * @param entity
4385
+ * Helper function used to determine if an error thrown by the server requires interaction to resolve
4386
+ * @param errorCode
4387
+ * @param errorString
4388
+ * @param subError
4409
4389
  */
4410
- function isThrottlingEntity(key, entity) {
4411
- let validateKey = false;
4412
- if (key) {
4413
- validateKey = key.indexOf(THROTTLING_PREFIX) === 0;
4414
- }
4415
- let validateEntity = true;
4416
- if (entity) {
4417
- validateEntity = entity.hasOwnProperty("throttleTime");
4418
- }
4419
- return validateKey && validateEntity;
4390
+ function isInteractionRequiredError(errorCode, errorString, subError) {
4391
+ const isInteractionRequiredErrorCode = !!errorCode &&
4392
+ InteractionRequiredServerErrorMessage.indexOf(errorCode) > -1;
4393
+ const isInteractionRequiredSubError = !!subError &&
4394
+ InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
4395
+ const isInteractionRequiredErrorDesc = !!errorString &&
4396
+ InteractionRequiredServerErrorMessage.some((irErrorCode) => {
4397
+ return errorString.indexOf(irErrorCode) > -1;
4398
+ });
4399
+ return (isInteractionRequiredErrorCode ||
4400
+ isInteractionRequiredErrorDesc ||
4401
+ isInteractionRequiredSubError);
4420
4402
  }
4421
4403
  /**
4422
- * Generate AppMetadata Cache Key as per the schema: appmetadata-<environment>-<client_id>
4404
+ * Creates an InteractionRequiredAuthError
4423
4405
  */
4424
- function generateAppMetadataKey({ environment, clientId, }) {
4425
- const appMetaDataKeyArray = [
4426
- APP_METADATA,
4427
- environment,
4428
- clientId,
4429
- ];
4430
- return appMetaDataKeyArray
4431
- .join(CACHE_KEY_SEPARATOR$1)
4432
- .toLowerCase();
4433
- }
4406
+ function createInteractionRequiredAuthError(errorCode, errorMessage) {
4407
+ return new InteractionRequiredAuthError(errorCode, errorMessage);
4408
+ }
4409
+
4410
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
4411
+
4434
4412
  /*
4435
- * Validates an entity: checks for all expected params
4436
- * @param entity
4413
+ * Copyright (c) Microsoft Corporation. All rights reserved.
4414
+ * Licensed under the MIT License.
4437
4415
  */
4438
- function isAppMetadataEntity(key, entity) {
4439
- if (!entity) {
4440
- return false;
4441
- }
4442
- return (key.indexOf(APP_METADATA) === 0 &&
4443
- entity.hasOwnProperty("clientId") &&
4444
- entity.hasOwnProperty("environment"));
4445
- }
4446
4416
  /**
4447
- * Validates an entity: checks for all expected params
4448
- * @param entity
4417
+ * Error thrown when there is an error with the server code, for example, unavailability.
4449
4418
  */
4450
- function isAuthorityMetadataEntity(key, entity) {
4451
- if (!entity) {
4452
- return false;
4419
+ class ServerError extends AuthError {
4420
+ constructor(errorCode, errorMessage, subError, errorNo, status) {
4421
+ super(errorCode, errorMessage, subError);
4422
+ this.name = "ServerError";
4423
+ this.errorNo = errorNo;
4424
+ this.status = status;
4425
+ Object.setPrototypeOf(this, ServerError.prototype);
4453
4426
  }
4454
- return (key.indexOf(AUTHORITY_METADATA_CACHE_KEY) === 0 &&
4455
- entity.hasOwnProperty("aliases") &&
4456
- entity.hasOwnProperty("preferred_cache") &&
4457
- entity.hasOwnProperty("preferred_network") &&
4458
- entity.hasOwnProperty("canonical_authority") &&
4459
- entity.hasOwnProperty("authorization_endpoint") &&
4460
- entity.hasOwnProperty("token_endpoint") &&
4461
- entity.hasOwnProperty("issuer") &&
4462
- entity.hasOwnProperty("aliasesFromNetwork") &&
4463
- entity.hasOwnProperty("endpointsFromNetwork") &&
4464
- entity.hasOwnProperty("expiresAt") &&
4465
- entity.hasOwnProperty("jwks_uri"));
4466
- }
4427
+ }
4428
+
4429
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
4430
+
4431
+ /*
4432
+ * Copyright (c) Microsoft Corporation. All rights reserved.
4433
+ * Licensed under the MIT License.
4434
+ */
4467
4435
  /**
4468
- * Reset the exiresAt value
4436
+ * Appends user state with random guid, or returns random guid.
4437
+ * @param cryptoObj
4438
+ * @param userState
4439
+ * @param meta
4469
4440
  */
4470
- function generateAuthorityMetadataExpiresAt() {
4471
- return (nowSeconds() +
4472
- AUTHORITY_METADATA_REFRESH_TIME_SECONDS);
4473
- }
4474
- function updateAuthorityEndpointMetadata(authorityMetadata, updatedValues, fromNetwork) {
4475
- authorityMetadata.authorization_endpoint =
4476
- updatedValues.authorization_endpoint;
4477
- authorityMetadata.token_endpoint = updatedValues.token_endpoint;
4478
- authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
4479
- authorityMetadata.issuer = updatedValues.issuer;
4480
- authorityMetadata.endpointsFromNetwork = fromNetwork;
4481
- authorityMetadata.jwks_uri = updatedValues.jwks_uri;
4441
+ function setRequestState(cryptoObj, userState, meta) {
4442
+ const libraryState = generateLibraryState(cryptoObj, meta);
4443
+ return userState
4444
+ ? `${libraryState}${RESOURCE_DELIM}${userState}`
4445
+ : libraryState;
4482
4446
  }
4483
- function updateCloudDiscoveryMetadata(authorityMetadata, updatedValues, fromNetwork) {
4484
- authorityMetadata.aliases = updatedValues.aliases;
4485
- authorityMetadata.preferred_cache = updatedValues.preferred_cache;
4486
- authorityMetadata.preferred_network = updatedValues.preferred_network;
4487
- authorityMetadata.aliasesFromNetwork = fromNetwork;
4447
+ /**
4448
+ * Generates the state value used by the common library.
4449
+ * @param cryptoObj
4450
+ * @param meta
4451
+ */
4452
+ function generateLibraryState(cryptoObj, meta) {
4453
+ if (!cryptoObj) {
4454
+ throw createClientAuthError(noCryptoObject);
4455
+ }
4456
+ // Create a state object containing a unique id and the timestamp of the request creation
4457
+ const stateObj = {
4458
+ id: cryptoObj.createNewGuid(),
4459
+ };
4460
+ if (meta) {
4461
+ stateObj.meta = meta;
4462
+ }
4463
+ const stateString = JSON.stringify(stateObj);
4464
+ return cryptoObj.base64Encode(stateString);
4488
4465
  }
4489
4466
  /**
4490
- * Returns whether or not the data needs to be refreshed
4467
+ * Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.
4468
+ * @param base64Decode
4469
+ * @param state
4491
4470
  */
4492
- function isAuthorityMetadataExpired(metadata) {
4493
- return metadata.expiresAt <= nowSeconds();
4471
+ function parseRequestState(base64Decode, state) {
4472
+ if (!base64Decode) {
4473
+ throw createClientAuthError(noCryptoObject);
4474
+ }
4475
+ if (!state) {
4476
+ throw createClientAuthError(invalidState);
4477
+ }
4478
+ try {
4479
+ // Split the state between library state and user passed state and decode them separately
4480
+ const splitState = state.split(RESOURCE_DELIM);
4481
+ const libraryState = splitState[0];
4482
+ const userState = splitState.length > 1
4483
+ ? splitState.slice(1).join(RESOURCE_DELIM)
4484
+ : "";
4485
+ const libraryStateString = base64Decode(libraryState);
4486
+ const libraryStateObj = JSON.parse(libraryStateString);
4487
+ return {
4488
+ userRequestState: userState || "",
4489
+ libraryState: libraryStateObj,
4490
+ };
4491
+ }
4492
+ catch (e) {
4493
+ throw createClientAuthError(invalidState);
4494
+ }
4494
4495
  }
4495
4496
 
4496
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4497
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
4497
4498
 
4498
4499
  /*
4499
4500
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4649,7 +4650,7 @@
4649
4650
  if (serverTokenResponse.id_token && !!idTokenClaims) {
4650
4651
  cachedIdToken = createIdTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.id_token, this.clientId, claimsTenantId || "");
4651
4652
  cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, request.correlationId, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
4652
- this.logger);
4653
+ this.logger, this.performanceClient);
4653
4654
  }
4654
4655
  // AccessToken
4655
4656
  let cachedAccessToken = null;
@@ -4795,17 +4796,24 @@
4795
4796
  };
4796
4797
  }
4797
4798
  }
4798
- function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
4799
+ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger, performanceClient) {
4799
4800
  logger?.verbose("09jz0t", correlationId);
4800
- // Check if base account is already cached
4801
- const accountKeys = cacheStorage.getAccountKeys();
4802
- const baseAccountKey = accountKeys.find((accountKey) => {
4803
- return accountKey.startsWith(homeAccountId);
4804
- });
4805
- let cachedAccount = null;
4806
- if (baseAccountKey) {
4807
- cachedAccount = cacheStorage.getAccount(baseAccountKey, correlationId);
4801
+ /*
4802
+ * Check if base account is already cached. Filter by homeAccountId (identifies
4803
+ * the user's home identity) and environment (identifies the cloud) the two
4804
+ * tenant-agnostic properties that uniquely locate a base AccountEntity.
4805
+ */
4806
+ const accountEnvironment = environment || authority.getPreferredCache();
4807
+ const matchedAccounts = cacheStorage.getAccountsFilteredBy({ homeAccountId, environment: accountEnvironment }, correlationId);
4808
+ performanceClient?.addFields({ cacheMatchedAccounts: matchedAccounts.length }, correlationId);
4809
+ if (matchedAccounts.length > 1) {
4810
+ /*
4811
+ * Base accounts are expected to be unique for a given homeAccountId in normal cache usage.
4812
+ * If multiple matches exist, ignore the cache hit rather than arbitrarily choosing one.
4813
+ */
4814
+ logger?.warning("0x7ad1", correlationId);
4808
4815
  }
4816
+ const cachedAccount = matchedAccounts.length === 1 ? matchedAccounts[0] : null;
4809
4817
  const baseAccount = cachedAccount ||
4810
4818
  createAccountEntity({
4811
4819
  homeAccountId,
@@ -4829,7 +4837,7 @@
4829
4837
  return baseAccount;
4830
4838
  }
4831
4839
 
4832
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4840
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
4833
4841
  /*
4834
4842
  * Copyright (c) Microsoft Corporation. All rights reserved.
4835
4843
  * Licensed under the MIT License.
@@ -4839,7 +4847,7 @@
4839
4847
  UPN: "UPN",
4840
4848
  };
4841
4849
 
4842
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4850
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
4843
4851
  /*
4844
4852
  * Copyright (c) Microsoft Corporation. All rights reserved.
4845
4853
  * Licensed under the MIT License.
@@ -4857,7 +4865,7 @@
4857
4865
  }
4858
4866
  }
4859
4867
 
4860
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4868
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
4861
4869
  /*
4862
4870
  * Copyright (c) Microsoft Corporation. All rights reserved.
4863
4871
  * Licensed under the MIT License.
@@ -4878,7 +4886,7 @@
4878
4886
  };
4879
4887
  }
4880
4888
 
4881
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4889
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
4882
4890
 
4883
4891
  /*
4884
4892
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4964,7 +4972,7 @@
4964
4972
  }
4965
4973
  }
4966
4974
 
4967
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4975
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
4968
4976
 
4969
4977
  /*
4970
4978
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4995,7 +5003,7 @@
4995
5003
  return new NetworkError(error, httpStatus, responseHeaders);
4996
5004
  }
4997
5005
 
4998
- /*! @azure/msal-common v16.2.0 2026-03-02 */
5006
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
4999
5007
 
5000
5008
  /*
5001
5009
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5109,7 +5117,7 @@
5109
5117
  return response;
5110
5118
  }
5111
5119
 
5112
- /*! @azure/msal-common v16.2.0 2026-03-02 */
5120
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
5113
5121
  /*
5114
5122
  * Copyright (c) Microsoft Corporation. All rights reserved.
5115
5123
  * Licensed under the MIT License.
@@ -5121,7 +5129,7 @@
5121
5129
  response.hasOwnProperty("jwks_uri"));
5122
5130
  }
5123
5131
 
5124
- /*! @azure/msal-common v16.2.0 2026-03-02 */
5132
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
5125
5133
  /*
5126
5134
  * Copyright (c) Microsoft Corporation. All rights reserved.
5127
5135
  * Licensed under the MIT License.
@@ -5131,7 +5139,7 @@
5131
5139
  response.hasOwnProperty("metadata"));
5132
5140
  }
5133
5141
 
5134
- /*! @azure/msal-common v16.2.0 2026-03-02 */
5142
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
5135
5143
  /*
5136
5144
  * Copyright (c) Microsoft Corporation. All rights reserved.
5137
5145
  * Licensed under the MIT License.
@@ -5141,7 +5149,7 @@
5141
5149
  response.hasOwnProperty("error_description"));
5142
5150
  }
5143
5151
 
5144
- /*! @azure/msal-common v16.2.0 2026-03-02 */
5152
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
5145
5153
 
5146
5154
  /*
5147
5155
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5246,7 +5254,7 @@
5246
5254
  },
5247
5255
  };
5248
5256
 
5249
- /*! @azure/msal-common v16.2.0 2026-03-02 */
5257
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
5250
5258
 
5251
5259
  /*
5252
5260
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6066,7 +6074,7 @@
6066
6074
  };
6067
6075
  }
6068
6076
 
6069
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6077
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
6070
6078
 
6071
6079
  /*
6072
6080
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6100,7 +6108,7 @@
6100
6108
  }
6101
6109
  }
6102
6110
 
6103
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6111
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
6104
6112
 
6105
6113
  /*
6106
6114
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6360,7 +6368,7 @@
6360
6368
  }
6361
6369
  }
6362
6370
 
6363
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6371
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
6364
6372
 
6365
6373
  /*
6366
6374
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6585,7 +6593,7 @@
6585
6593
  }
6586
6594
  }
6587
6595
 
6588
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6596
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
6589
6597
 
6590
6598
  /*
6591
6599
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6694,7 +6702,7 @@
6694
6702
  }
6695
6703
  }
6696
6704
 
6697
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6705
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
6698
6706
 
6699
6707
  /*
6700
6708
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6709,7 +6717,7 @@
6709
6717
  },
6710
6718
  };
6711
6719
 
6712
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6720
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
6713
6721
 
6714
6722
  /*
6715
6723
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6933,7 +6941,7 @@
6933
6941
  return account.loginHint || account.idTokenClaims?.login_hint || null;
6934
6942
  }
6935
6943
 
6936
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6944
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
6937
6945
 
6938
6946
  /*
6939
6947
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6991,7 +6999,7 @@
6991
6999
  }
6992
7000
  }
6993
7001
 
6994
- /*! @azure/msal-common v16.2.0 2026-03-02 */
7002
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
6995
7003
  /*
6996
7004
  * Copyright (c) Microsoft Corporation. All rights reserved.
6997
7005
  * Licensed under the MIT License.
@@ -7008,7 +7016,7 @@
7008
7016
  unexpectedError: unexpectedError
7009
7017
  });
7010
7018
 
7011
- /*! @azure/msal-common v16.2.0 2026-03-02 */
7019
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
7012
7020
 
7013
7021
  /*
7014
7022
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7269,7 +7277,7 @@
7269
7277
  }
7270
7278
  }
7271
7279
 
7272
- /*! @azure/msal-common v16.2.0 2026-03-02 */
7280
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
7273
7281
 
7274
7282
  /*
7275
7283
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7290,7 +7298,7 @@
7290
7298
  return new JoseHeaderError(code);
7291
7299
  }
7292
7300
 
7293
- /*! @azure/msal-common v16.2.0 2026-03-02 */
7301
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
7294
7302
  /*
7295
7303
  * Copyright (c) Microsoft Corporation. All rights reserved.
7296
7304
  * Licensed under the MIT License.
@@ -7298,7 +7306,7 @@
7298
7306
  const missingKidError = "missing_kid_error";
7299
7307
  const missingAlgError = "missing_alg_error";
7300
7308
 
7301
- /*! @azure/msal-common v16.2.0 2026-03-02 */
7309
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
7302
7310
 
7303
7311
  /*
7304
7312
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7338,7 +7346,7 @@
7338
7346
  }
7339
7347
  }
7340
7348
 
7341
- /*! @azure/msal-common v16.2.0 2026-03-02 */
7349
+ /*! @azure/msal-common v16.2.1 2026-04-01 */
7342
7350
 
7343
7351
  /*
7344
7352
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -10211,7 +10219,7 @@
10211
10219
 
10212
10220
  /* eslint-disable header/header */
10213
10221
  const name = "@azure/msal-browser";
10214
- const version = "5.4.0";
10222
+ const version = "5.4.1";
10215
10223
 
10216
10224
  /*
10217
10225
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -12671,9 +12679,9 @@
12671
12679
  }
12672
12680
  // Get the preferred_cache domain for the given authority
12673
12681
  const authority = await getDiscoveredAuthority(this.config, this.correlationId, this.performanceClient, this.browserStorage, this.logger, request.authority);
12674
- const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info, undefined, // environment
12682
+ const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info, authority.getPreferredCache(), // environment
12675
12683
  idTokenClaims.tid, undefined, // auth code payload
12676
- response.account.id);
12684
+ response.account.id, this.logger, this.performanceClient);
12677
12685
  // Ensure expires_in is in number format
12678
12686
  response.expires_in = Number(response.expires_in);
12679
12687
  // generate authenticationResult
@@ -18082,7 +18090,7 @@
18082
18090
  const storage = new BrowserCacheManager(browserConfig.auth.clientId, browserConfig.cache, cryptoOps, logger, browserConfig.telemetry.client, new EventHandler(logger), buildStaticAuthorityOptions(browserConfig.auth));
18083
18091
  const authorityString = request.authority || browserConfig.auth.authority;
18084
18092
  const authority = await createDiscoveredInstance(Authority.generateAuthority(authorityString, request.azureCloudOptions), browserConfig.system.networkClient, storage, authorityOptions, logger, correlationId, performanceClient);
18085
- const cacheRecordAccount = await invokeAsync(loadAccount, LoadAccount, logger, performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, storage, logger, cryptoOps, authority, idTokenClaims);
18093
+ const cacheRecordAccount = await invokeAsync(loadAccount, LoadAccount, logger, performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, storage, logger, cryptoOps, authority, idTokenClaims, performanceClient);
18086
18094
  const idToken = await invokeAsync(loadIdToken, LoadIdToken, logger, performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, kmsi, correlationId, storage, logger, config.auth.clientId);
18087
18095
  const accessToken = await invokeAsync(loadAccessToken, LoadAccessToken, logger, performanceClient, correlationId)(request, response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, kmsi, options, correlationId, storage, logger, config.auth.clientId);
18088
18096
  const refreshToken = await invokeAsync(loadRefreshToken, LoadRefreshToken, logger, performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, kmsi, correlationId, storage, logger, config.auth.clientId, performanceClient);
@@ -18108,7 +18116,7 @@
18108
18116
  * @param requestHomeAccountId
18109
18117
  * @returns `AccountEntity`
18110
18118
  */
18111
- async function loadAccount(request, clientInfo, correlationId, storage, logger, cryptoObj, authority, idTokenClaims) {
18119
+ async function loadAccount(request, clientInfo, correlationId, storage, logger, cryptoObj, authority, idTokenClaims, performanceClient) {
18112
18120
  logger.verbose("0ke46k", correlationId);
18113
18121
  if (request.account) {
18114
18122
  const accountEntity = createAccountEntityFromAccountInfo(request.account);
@@ -18123,7 +18131,7 @@
18123
18131
  const claimsTenantId = idTokenClaims?.tid;
18124
18132
  const cachedAccount = buildAccountToCache(storage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, authority.getPreferredCache(), claimsTenantId, undefined, // authCodePayload
18125
18133
  undefined, // nativeAccountId
18126
- logger);
18134
+ logger, performanceClient);
18127
18135
  await storage.setAccount(cachedAccount, correlationId, isKmsi(idTokenClaims || {}), ApiId.loadExternalTokens);
18128
18136
  return cachedAccount;
18129
18137
  }