@azure/msal-browser 5.4.0 → 5.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.d.ts.map +1 -1
- package/dist/cache/TokenCache.mjs +9 -9
- package/dist/cache/TokenCache.mjs.map +1 -1
- package/dist/config/Configuration.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +2 -2
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +10 -10
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/cache/TokenCache.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +2 -2
- package/lib/custom-auth-path/msal-custom-auth.cjs +523 -516
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/log-strings-mapping.json +10 -10
- package/lib/msal-browser.cjs +542 -534
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +542 -534
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
- package/lib/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/package.json +2 -2
- package/src/cache/TokenCache.ts +27 -24
- package/src/interaction_client/PlatformAuthInteractionClient.ts +55 -53
- package/src/packageMetadata.ts +1 -1
package/lib/msal-browser.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.4.
|
|
1
|
+
/*! @azure/msal-browser v5.4.1 2026-04-01 */
|
|
2
2
|
'use strict';
|
|
3
3
|
(function (global, factory) {
|
|
4
4
|
typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
(global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
|
|
7
7
|
})(this, (function (exports) { 'use strict';
|
|
8
8
|
|
|
9
|
-
/*! @azure/msal-common v16.2.
|
|
9
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
10
10
|
/*
|
|
11
11
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
12
12
|
* Licensed under the MIT License.
|
|
@@ -238,7 +238,7 @@
|
|
|
238
238
|
// Token renewal offset default in seconds
|
|
239
239
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
240
240
|
|
|
241
|
-
/*! @azure/msal-common v16.2.
|
|
241
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
242
242
|
/*
|
|
243
243
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
244
244
|
* Licensed under the MIT License.
|
|
@@ -288,7 +288,7 @@
|
|
|
288
288
|
const EAR_JWK = "ear_jwk";
|
|
289
289
|
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
290
290
|
|
|
291
|
-
/*! @azure/msal-common v16.2.
|
|
291
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
292
292
|
/*
|
|
293
293
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
294
294
|
* Licensed under the MIT License.
|
|
@@ -319,7 +319,7 @@
|
|
|
319
319
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
320
320
|
}
|
|
321
321
|
|
|
322
|
-
/*! @azure/msal-common v16.2.
|
|
322
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
323
323
|
|
|
324
324
|
/*
|
|
325
325
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -339,7 +339,7 @@
|
|
|
339
339
|
return new ClientConfigurationError(errorCode);
|
|
340
340
|
}
|
|
341
341
|
|
|
342
|
-
/*! @azure/msal-common v16.2.
|
|
342
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
343
343
|
/*
|
|
344
344
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
345
345
|
* Licensed under the MIT License.
|
|
@@ -419,7 +419,7 @@
|
|
|
419
419
|
}
|
|
420
420
|
}
|
|
421
421
|
|
|
422
|
-
/*! @azure/msal-common v16.2.
|
|
422
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
423
423
|
|
|
424
424
|
/*
|
|
425
425
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -442,7 +442,7 @@
|
|
|
442
442
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
443
443
|
}
|
|
444
444
|
|
|
445
|
-
/*! @azure/msal-common v16.2.
|
|
445
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
446
446
|
/*
|
|
447
447
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
448
448
|
* Licensed under the MIT License.
|
|
@@ -496,7 +496,7 @@
|
|
|
496
496
|
urlParseError: urlParseError
|
|
497
497
|
});
|
|
498
498
|
|
|
499
|
-
/*! @azure/msal-common v16.2.
|
|
499
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
500
500
|
/*
|
|
501
501
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
502
502
|
* Licensed under the MIT License.
|
|
@@ -580,7 +580,7 @@
|
|
|
580
580
|
userCanceled: userCanceled
|
|
581
581
|
});
|
|
582
582
|
|
|
583
|
-
/*! @azure/msal-common v16.2.
|
|
583
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
584
584
|
|
|
585
585
|
/*
|
|
586
586
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -775,7 +775,7 @@
|
|
|
775
775
|
}
|
|
776
776
|
}
|
|
777
777
|
|
|
778
|
-
/*! @azure/msal-common v16.2.
|
|
778
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
779
779
|
|
|
780
780
|
/*
|
|
781
781
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1142,7 +1142,7 @@
|
|
|
1142
1142
|
parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
1143
1143
|
}
|
|
1144
1144
|
|
|
1145
|
-
/*! @azure/msal-common v16.2.
|
|
1145
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1146
1146
|
|
|
1147
1147
|
/*
|
|
1148
1148
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1251,7 +1251,7 @@
|
|
|
1251
1251
|
}
|
|
1252
1252
|
}
|
|
1253
1253
|
|
|
1254
|
-
/*! @azure/msal-common v16.2.
|
|
1254
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1255
1255
|
|
|
1256
1256
|
/*
|
|
1257
1257
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1290,7 +1290,7 @@
|
|
|
1290
1290
|
},
|
|
1291
1291
|
};
|
|
1292
1292
|
|
|
1293
|
-
/*! @azure/msal-common v16.2.
|
|
1293
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1294
1294
|
/*
|
|
1295
1295
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1296
1296
|
* Licensed under the MIT License.
|
|
@@ -1565,12 +1565,12 @@
|
|
|
1565
1565
|
}
|
|
1566
1566
|
}
|
|
1567
1567
|
|
|
1568
|
-
/*! @azure/msal-common v16.2.
|
|
1568
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1569
1569
|
/* eslint-disable header/header */
|
|
1570
1570
|
const name$1 = "@azure/msal-common";
|
|
1571
|
-
const version$1 = "16.2.
|
|
1571
|
+
const version$1 = "16.2.1";
|
|
1572
1572
|
|
|
1573
|
-
/*! @azure/msal-common v16.2.
|
|
1573
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1574
1574
|
/*
|
|
1575
1575
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1576
1576
|
* Licensed under the MIT License.
|
|
@@ -1590,7 +1590,7 @@
|
|
|
1590
1590
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
1591
1591
|
};
|
|
1592
1592
|
|
|
1593
|
-
/*! @azure/msal-common v16.2.
|
|
1593
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1594
1594
|
/*
|
|
1595
1595
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1596
1596
|
* Licensed under the MIT License.
|
|
@@ -1672,7 +1672,7 @@
|
|
|
1672
1672
|
return updatedAccountInfo;
|
|
1673
1673
|
}
|
|
1674
1674
|
|
|
1675
|
-
/*! @azure/msal-common v16.2.
|
|
1675
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1676
1676
|
|
|
1677
1677
|
/*
|
|
1678
1678
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1752,7 +1752,7 @@
|
|
|
1752
1752
|
}
|
|
1753
1753
|
}
|
|
1754
1754
|
|
|
1755
|
-
/*! @azure/msal-common v16.2.
|
|
1755
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1756
1756
|
|
|
1757
1757
|
/*
|
|
1758
1758
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1909,7 +1909,7 @@
|
|
|
1909
1909
|
}
|
|
1910
1910
|
}
|
|
1911
1911
|
|
|
1912
|
-
/*! @azure/msal-common v16.2.
|
|
1912
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1913
1913
|
|
|
1914
1914
|
/*
|
|
1915
1915
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2066,7 +2066,7 @@
|
|
|
2066
2066
|
return null;
|
|
2067
2067
|
}
|
|
2068
2068
|
|
|
2069
|
-
/*! @azure/msal-common v16.2.
|
|
2069
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2070
2070
|
/*
|
|
2071
2071
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2072
2072
|
* Licensed under the MIT License.
|
|
@@ -2074,7 +2074,7 @@
|
|
|
2074
2074
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2075
2075
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2076
2076
|
|
|
2077
|
-
/*! @azure/msal-common v16.2.
|
|
2077
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2078
2078
|
|
|
2079
2079
|
/*
|
|
2080
2080
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2112,7 +2112,7 @@
|
|
|
2112
2112
|
}
|
|
2113
2113
|
}
|
|
2114
2114
|
|
|
2115
|
-
/*! @azure/msal-common v16.2.
|
|
2115
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2116
2116
|
|
|
2117
2117
|
/*
|
|
2118
2118
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2150,7 +2150,7 @@
|
|
|
2150
2150
|
};
|
|
2151
2151
|
}
|
|
2152
2152
|
|
|
2153
|
-
/*! @azure/msal-common v16.2.
|
|
2153
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2154
2154
|
/*
|
|
2155
2155
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2156
2156
|
* Licensed under the MIT License.
|
|
@@ -2165,7 +2165,7 @@
|
|
|
2165
2165
|
Ciam: 3,
|
|
2166
2166
|
};
|
|
2167
2167
|
|
|
2168
|
-
/*! @azure/msal-common v16.2.
|
|
2168
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2169
2169
|
/*
|
|
2170
2170
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2171
2171
|
* Licensed under the MIT License.
|
|
@@ -2187,7 +2187,7 @@
|
|
|
2187
2187
|
return null;
|
|
2188
2188
|
}
|
|
2189
2189
|
|
|
2190
|
-
/*! @azure/msal-common v16.2.
|
|
2190
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2191
2191
|
/*
|
|
2192
2192
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2193
2193
|
* Licensed under the MIT License.
|
|
@@ -2211,7 +2211,7 @@
|
|
|
2211
2211
|
EAR: "EAR",
|
|
2212
2212
|
};
|
|
2213
2213
|
|
|
2214
|
-
/*! @azure/msal-common v16.2.
|
|
2214
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2215
2215
|
/**
|
|
2216
2216
|
* Returns the AccountInfo interface for this account.
|
|
2217
2217
|
*/
|
|
@@ -2386,7 +2386,7 @@
|
|
|
2386
2386
|
entity.hasOwnProperty("authorityType"));
|
|
2387
2387
|
}
|
|
2388
2388
|
|
|
2389
|
-
/*! @azure/msal-common v16.2.
|
|
2389
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2390
2390
|
|
|
2391
2391
|
/*
|
|
2392
2392
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3483,7 +3483,7 @@
|
|
|
3483
3483
|
}
|
|
3484
3484
|
}
|
|
3485
3485
|
|
|
3486
|
-
/*! @azure/msal-common v16.2.
|
|
3486
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3487
3487
|
/*
|
|
3488
3488
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3489
3489
|
* Licensed under the MIT License.
|
|
@@ -3528,9 +3528,10 @@
|
|
|
3528
3528
|
"currRefreshCount",
|
|
3529
3529
|
"expiredCacheRemovedCount",
|
|
3530
3530
|
"upgradedCacheCount",
|
|
3531
|
+
"cacheMatchedAccounts",
|
|
3531
3532
|
]);
|
|
3532
3533
|
|
|
3533
|
-
/*! @azure/msal-common v16.2.
|
|
3534
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3534
3535
|
|
|
3535
3536
|
/*
|
|
3536
3537
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3585,7 +3586,7 @@
|
|
|
3585
3586
|
}
|
|
3586
3587
|
}
|
|
3587
3588
|
|
|
3588
|
-
/*! @azure/msal-common v16.2.
|
|
3589
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3589
3590
|
|
|
3590
3591
|
/*
|
|
3591
3592
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3679,291 +3680,358 @@
|
|
|
3679
3680
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3680
3681
|
}
|
|
3681
3682
|
|
|
3682
|
-
/*! @azure/msal-common v16.2.
|
|
3683
|
-
|
|
3683
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3684
3684
|
/*
|
|
3685
3685
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3686
3686
|
* Licensed under the MIT License.
|
|
3687
3687
|
*/
|
|
3688
3688
|
/**
|
|
3689
|
-
*
|
|
3690
|
-
|
|
3691
|
-
|
|
3692
|
-
constructor(
|
|
3693
|
-
|
|
3694
|
-
this.
|
|
3695
|
-
|
|
3696
|
-
|
|
3697
|
-
|
|
3689
|
+
* This class instance helps track the memory changes facilitating
|
|
3690
|
+
* decisions to read from and write to the persistent cache
|
|
3691
|
+
*/ class TokenCacheContext {
|
|
3692
|
+
constructor(tokenCache, hasChanged) {
|
|
3693
|
+
this.cache = tokenCache;
|
|
3694
|
+
this.hasChanged = hasChanged;
|
|
3695
|
+
}
|
|
3696
|
+
/**
|
|
3697
|
+
* boolean which indicates the changes in cache
|
|
3698
|
+
*/
|
|
3699
|
+
get cacheHasChanged() {
|
|
3700
|
+
return this.hasChanged;
|
|
3701
|
+
}
|
|
3702
|
+
/**
|
|
3703
|
+
* function to retrieve the token cache
|
|
3704
|
+
*/
|
|
3705
|
+
get tokenCache() {
|
|
3706
|
+
return this.cache;
|
|
3698
3707
|
}
|
|
3699
3708
|
}
|
|
3700
3709
|
|
|
3701
|
-
/*! @azure/msal-common v16.2.
|
|
3710
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3702
3711
|
/*
|
|
3703
3712
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3704
3713
|
* Licensed under the MIT License.
|
|
3705
3714
|
*/
|
|
3706
3715
|
/**
|
|
3707
|
-
*
|
|
3708
|
-
* @public
|
|
3709
|
-
*/
|
|
3710
|
-
const noTokensFound = "no_tokens_found";
|
|
3711
|
-
/**
|
|
3712
|
-
* MSAL-defined error code indicating a native account is unavailable on the platform.
|
|
3713
|
-
* @public
|
|
3714
|
-
*/
|
|
3715
|
-
const nativeAccountUnavailable = "native_account_unavailable";
|
|
3716
|
-
/**
|
|
3717
|
-
* MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
|
|
3718
|
-
* @public
|
|
3719
|
-
*/
|
|
3720
|
-
const refreshTokenExpired = "refresh_token_expired";
|
|
3721
|
-
/**
|
|
3722
|
-
* MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
|
|
3723
|
-
* @public
|
|
3724
|
-
*/
|
|
3725
|
-
const uxNotAllowed = "ux_not_allowed";
|
|
3726
|
-
/**
|
|
3727
|
-
* Server-originated error code indicating interaction is required to complete the request.
|
|
3728
|
-
* @public
|
|
3729
|
-
*/
|
|
3730
|
-
const interactionRequired = "interaction_required";
|
|
3731
|
-
/**
|
|
3732
|
-
* Server-originated error code indicating user consent is required.
|
|
3733
|
-
* @public
|
|
3734
|
-
*/
|
|
3735
|
-
const consentRequired = "consent_required";
|
|
3736
|
-
/**
|
|
3737
|
-
* Server-originated error code indicating user login is required.
|
|
3738
|
-
* @public
|
|
3716
|
+
* Utility functions for managing date and time operations.
|
|
3739
3717
|
*/
|
|
3740
|
-
const loginRequired = "login_required";
|
|
3741
3718
|
/**
|
|
3742
|
-
*
|
|
3743
|
-
* @public
|
|
3719
|
+
* return the current time in Unix time (seconds).
|
|
3744
3720
|
*/
|
|
3745
|
-
|
|
3721
|
+
function nowSeconds() {
|
|
3722
|
+
// Date.getTime() returns in milliseconds.
|
|
3723
|
+
return Math.round(new Date().getTime() / 1000.0);
|
|
3724
|
+
}
|
|
3746
3725
|
/**
|
|
3747
|
-
*
|
|
3748
|
-
* @
|
|
3749
|
-
*/
|
|
3750
|
-
const interruptedUser = "interrupted_user";
|
|
3751
|
-
|
|
3752
|
-
var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
3753
|
-
__proto__: null,
|
|
3754
|
-
badToken: badToken,
|
|
3755
|
-
consentRequired: consentRequired,
|
|
3756
|
-
interactionRequired: interactionRequired,
|
|
3757
|
-
interruptedUser: interruptedUser,
|
|
3758
|
-
loginRequired: loginRequired,
|
|
3759
|
-
nativeAccountUnavailable: nativeAccountUnavailable,
|
|
3760
|
-
noTokensFound: noTokensFound,
|
|
3761
|
-
refreshTokenExpired: refreshTokenExpired,
|
|
3762
|
-
uxNotAllowed: uxNotAllowed
|
|
3763
|
-
});
|
|
3764
|
-
|
|
3765
|
-
/*! @azure/msal-common v16.2.0 2026-03-02 */
|
|
3766
|
-
|
|
3767
|
-
/*
|
|
3768
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3769
|
-
* Licensed under the MIT License.
|
|
3726
|
+
* Converts JS Date object to seconds
|
|
3727
|
+
* @param date Date
|
|
3770
3728
|
*/
|
|
3729
|
+
function toSecondsFromDate(date) {
|
|
3730
|
+
// Convert date to seconds
|
|
3731
|
+
return date.getTime() / 1000;
|
|
3732
|
+
}
|
|
3771
3733
|
/**
|
|
3772
|
-
*
|
|
3734
|
+
* Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
|
|
3735
|
+
* @param seconds
|
|
3773
3736
|
*/
|
|
3774
|
-
|
|
3775
|
-
|
|
3776
|
-
|
|
3777
|
-
|
|
3778
|
-
|
|
3779
|
-
|
|
3780
|
-
interruptedUser,
|
|
3781
|
-
];
|
|
3782
|
-
const InteractionRequiredAuthSubErrorMessage = [
|
|
3783
|
-
"message_only",
|
|
3784
|
-
"additional_action",
|
|
3785
|
-
"basic_action",
|
|
3786
|
-
"user_password_expired",
|
|
3787
|
-
"consent_required",
|
|
3788
|
-
"bad_token",
|
|
3789
|
-
"ux_not_allowed",
|
|
3790
|
-
"interrupted_user",
|
|
3791
|
-
];
|
|
3737
|
+
function toDateFromSeconds(seconds) {
|
|
3738
|
+
if (seconds) {
|
|
3739
|
+
return new Date(Number(seconds) * 1000);
|
|
3740
|
+
}
|
|
3741
|
+
return new Date();
|
|
3742
|
+
}
|
|
3792
3743
|
/**
|
|
3793
|
-
*
|
|
3744
|
+
* check if a token is expired based on given UTC time in seconds.
|
|
3745
|
+
* @param expiresOn
|
|
3794
3746
|
*/
|
|
3795
|
-
|
|
3796
|
-
|
|
3797
|
-
|
|
3798
|
-
|
|
3799
|
-
|
|
3800
|
-
|
|
3801
|
-
this.correlationId = correlationId || "";
|
|
3802
|
-
this.claims = claims || "";
|
|
3803
|
-
this.name = "InteractionRequiredAuthError";
|
|
3804
|
-
this.errorNo = errorNo;
|
|
3805
|
-
}
|
|
3747
|
+
function isTokenExpired(expiresOn, offset) {
|
|
3748
|
+
// check for access token expiry
|
|
3749
|
+
const expirationSec = Number(expiresOn) || 0;
|
|
3750
|
+
const offsetCurrentTimeSec = nowSeconds() + offset;
|
|
3751
|
+
// If current time + offset is greater than token expiration time, then token is expired.
|
|
3752
|
+
return offsetCurrentTimeSec > expirationSec;
|
|
3806
3753
|
}
|
|
3807
3754
|
/**
|
|
3808
|
-
*
|
|
3809
|
-
* @param
|
|
3810
|
-
* @param
|
|
3811
|
-
* @
|
|
3755
|
+
* Checks if a cache entry is expired based on the last updated time and cache retention days.
|
|
3756
|
+
* @param lastUpdatedAt
|
|
3757
|
+
* @param cacheRetentionDays
|
|
3758
|
+
* @returns
|
|
3812
3759
|
*/
|
|
3813
|
-
function
|
|
3814
|
-
const
|
|
3815
|
-
|
|
3816
|
-
const isInteractionRequiredSubError = !!subError &&
|
|
3817
|
-
InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
|
|
3818
|
-
const isInteractionRequiredErrorDesc = !!errorString &&
|
|
3819
|
-
InteractionRequiredServerErrorMessage.some((irErrorCode) => {
|
|
3820
|
-
return errorString.indexOf(irErrorCode) > -1;
|
|
3821
|
-
});
|
|
3822
|
-
return (isInteractionRequiredErrorCode ||
|
|
3823
|
-
isInteractionRequiredErrorDesc ||
|
|
3824
|
-
isInteractionRequiredSubError);
|
|
3760
|
+
function isCacheExpired(lastUpdatedAt, cacheRetentionDays) {
|
|
3761
|
+
const cacheExpirationTimestamp = Number(lastUpdatedAt) + cacheRetentionDays * 24 * 60 * 60 * 1000;
|
|
3762
|
+
return Date.now() > cacheExpirationTimestamp;
|
|
3825
3763
|
}
|
|
3826
3764
|
/**
|
|
3827
|
-
*
|
|
3765
|
+
* If the current time is earlier than the time that a token was cached at, we must discard the token
|
|
3766
|
+
* i.e. The system clock was turned back after acquiring the cached token
|
|
3767
|
+
* @param cachedAt
|
|
3768
|
+
* @param offset
|
|
3828
3769
|
*/
|
|
3829
|
-
function
|
|
3830
|
-
|
|
3770
|
+
function wasClockTurnedBack(cachedAt) {
|
|
3771
|
+
const cachedAtSec = Number(cachedAt);
|
|
3772
|
+
return cachedAtSec > nowSeconds();
|
|
3831
3773
|
}
|
|
3832
3774
|
|
|
3833
|
-
/*! @azure/msal-common v16.2.
|
|
3775
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3834
3776
|
|
|
3835
3777
|
/*
|
|
3836
3778
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3837
3779
|
* Licensed under the MIT License.
|
|
3838
3780
|
*/
|
|
3839
3781
|
/**
|
|
3840
|
-
*
|
|
3841
|
-
* @param
|
|
3842
|
-
* @param
|
|
3843
|
-
* @param
|
|
3782
|
+
* Create IdTokenEntity
|
|
3783
|
+
* @param homeAccountId
|
|
3784
|
+
* @param authenticationResult
|
|
3785
|
+
* @param clientId
|
|
3786
|
+
* @param authority
|
|
3844
3787
|
*/
|
|
3845
|
-
function
|
|
3846
|
-
const
|
|
3847
|
-
|
|
3848
|
-
|
|
3849
|
-
:
|
|
3788
|
+
function createIdTokenEntity(homeAccountId, environment, idToken, clientId, tenantId) {
|
|
3789
|
+
const idTokenEntity = {
|
|
3790
|
+
credentialType: CredentialType.ID_TOKEN,
|
|
3791
|
+
homeAccountId: homeAccountId,
|
|
3792
|
+
environment: environment,
|
|
3793
|
+
clientId: clientId,
|
|
3794
|
+
secret: idToken,
|
|
3795
|
+
realm: tenantId,
|
|
3796
|
+
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
3797
|
+
};
|
|
3798
|
+
return idTokenEntity;
|
|
3850
3799
|
}
|
|
3851
3800
|
/**
|
|
3852
|
-
*
|
|
3853
|
-
* @param
|
|
3854
|
-
* @param
|
|
3801
|
+
* Create AccessTokenEntity
|
|
3802
|
+
* @param homeAccountId
|
|
3803
|
+
* @param environment
|
|
3804
|
+
* @param accessToken
|
|
3805
|
+
* @param clientId
|
|
3806
|
+
* @param tenantId
|
|
3807
|
+
* @param scopes
|
|
3808
|
+
* @param expiresOn
|
|
3809
|
+
* @param extExpiresOn
|
|
3855
3810
|
*/
|
|
3856
|
-
function
|
|
3857
|
-
|
|
3858
|
-
|
|
3859
|
-
|
|
3860
|
-
|
|
3861
|
-
|
|
3862
|
-
|
|
3811
|
+
function createAccessTokenEntity(homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, base64Decode, refreshOn, tokenType, userAssertionHash, keyId) {
|
|
3812
|
+
const atEntity = {
|
|
3813
|
+
homeAccountId: homeAccountId,
|
|
3814
|
+
credentialType: CredentialType.ACCESS_TOKEN,
|
|
3815
|
+
secret: accessToken,
|
|
3816
|
+
cachedAt: nowSeconds().toString(),
|
|
3817
|
+
expiresOn: expiresOn.toString(),
|
|
3818
|
+
extendedExpiresOn: extExpiresOn.toString(),
|
|
3819
|
+
environment: environment,
|
|
3820
|
+
clientId: clientId,
|
|
3821
|
+
realm: tenantId,
|
|
3822
|
+
target: scopes,
|
|
3823
|
+
tokenType: tokenType || AuthenticationScheme$1.BEARER,
|
|
3824
|
+
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
3863
3825
|
};
|
|
3864
|
-
if (
|
|
3865
|
-
|
|
3826
|
+
if (userAssertionHash) {
|
|
3827
|
+
atEntity.userAssertionHash = userAssertionHash;
|
|
3866
3828
|
}
|
|
3867
|
-
|
|
3868
|
-
|
|
3829
|
+
if (refreshOn) {
|
|
3830
|
+
atEntity.refreshOn = refreshOn.toString();
|
|
3831
|
+
}
|
|
3832
|
+
/*
|
|
3833
|
+
* Create Access Token With Auth Scheme instead of regular access token
|
|
3834
|
+
* Cast to lower to handle "bearer" from ADFS
|
|
3835
|
+
*/
|
|
3836
|
+
if (atEntity.tokenType?.toLowerCase() !==
|
|
3837
|
+
AuthenticationScheme$1.BEARER.toLowerCase()) {
|
|
3838
|
+
atEntity.credentialType =
|
|
3839
|
+
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
|
|
3840
|
+
switch (atEntity.tokenType) {
|
|
3841
|
+
case AuthenticationScheme$1.POP:
|
|
3842
|
+
// Make sure keyId is present and add it to credential
|
|
3843
|
+
const tokenClaims = extractTokenClaims(accessToken, base64Decode);
|
|
3844
|
+
if (!tokenClaims?.cnf?.kid) {
|
|
3845
|
+
throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
|
|
3846
|
+
}
|
|
3847
|
+
atEntity.keyId = tokenClaims.cnf.kid;
|
|
3848
|
+
break;
|
|
3849
|
+
case AuthenticationScheme$1.SSH:
|
|
3850
|
+
atEntity.keyId = keyId;
|
|
3851
|
+
}
|
|
3852
|
+
}
|
|
3853
|
+
return atEntity;
|
|
3869
3854
|
}
|
|
3870
3855
|
/**
|
|
3871
|
-
*
|
|
3872
|
-
* @param
|
|
3873
|
-
* @param
|
|
3856
|
+
* Create RefreshTokenEntity
|
|
3857
|
+
* @param homeAccountId
|
|
3858
|
+
* @param authenticationResult
|
|
3859
|
+
* @param clientId
|
|
3860
|
+
* @param authority
|
|
3874
3861
|
*/
|
|
3875
|
-
function
|
|
3876
|
-
|
|
3877
|
-
|
|
3862
|
+
function createRefreshTokenEntity(homeAccountId, environment, refreshToken, clientId, familyId, userAssertionHash, expiresOn) {
|
|
3863
|
+
const rtEntity = {
|
|
3864
|
+
credentialType: CredentialType.REFRESH_TOKEN,
|
|
3865
|
+
homeAccountId: homeAccountId,
|
|
3866
|
+
environment: environment,
|
|
3867
|
+
clientId: clientId,
|
|
3868
|
+
secret: refreshToken,
|
|
3869
|
+
lastUpdatedAt: Date.now().toString(),
|
|
3870
|
+
};
|
|
3871
|
+
if (userAssertionHash) {
|
|
3872
|
+
rtEntity.userAssertionHash = userAssertionHash;
|
|
3878
3873
|
}
|
|
3879
|
-
if (
|
|
3880
|
-
|
|
3874
|
+
if (familyId) {
|
|
3875
|
+
rtEntity.familyId = familyId;
|
|
3881
3876
|
}
|
|
3882
|
-
|
|
3883
|
-
|
|
3884
|
-
const splitState = state.split(RESOURCE_DELIM);
|
|
3885
|
-
const libraryState = splitState[0];
|
|
3886
|
-
const userState = splitState.length > 1
|
|
3887
|
-
? splitState.slice(1).join(RESOURCE_DELIM)
|
|
3888
|
-
: "";
|
|
3889
|
-
const libraryStateString = base64Decode(libraryState);
|
|
3890
|
-
const libraryStateObj = JSON.parse(libraryStateString);
|
|
3891
|
-
return {
|
|
3892
|
-
userRequestState: userState || "",
|
|
3893
|
-
libraryState: libraryStateObj,
|
|
3894
|
-
};
|
|
3877
|
+
if (expiresOn) {
|
|
3878
|
+
rtEntity.expiresOn = expiresOn.toString();
|
|
3895
3879
|
}
|
|
3896
|
-
|
|
3897
|
-
|
|
3880
|
+
return rtEntity;
|
|
3881
|
+
}
|
|
3882
|
+
function isCredentialEntity(entity) {
|
|
3883
|
+
return (entity.hasOwnProperty("homeAccountId") &&
|
|
3884
|
+
entity.hasOwnProperty("environment") &&
|
|
3885
|
+
entity.hasOwnProperty("credentialType") &&
|
|
3886
|
+
entity.hasOwnProperty("clientId") &&
|
|
3887
|
+
entity.hasOwnProperty("secret"));
|
|
3888
|
+
}
|
|
3889
|
+
/**
|
|
3890
|
+
* Validates an entity: checks for all expected params
|
|
3891
|
+
* @param entity
|
|
3892
|
+
*/
|
|
3893
|
+
function isAccessTokenEntity(entity) {
|
|
3894
|
+
if (!entity) {
|
|
3895
|
+
return false;
|
|
3898
3896
|
}
|
|
3899
|
-
|
|
3900
|
-
|
|
3901
|
-
|
|
3902
|
-
|
|
3903
|
-
|
|
3904
|
-
|
|
3897
|
+
return (isCredentialEntity(entity) &&
|
|
3898
|
+
entity.hasOwnProperty("realm") &&
|
|
3899
|
+
entity.hasOwnProperty("target") &&
|
|
3900
|
+
(entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
|
|
3901
|
+
entity["credentialType"] ===
|
|
3902
|
+
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
|
|
3903
|
+
}
|
|
3904
|
+
/**
|
|
3905
|
+
* Validates an entity: checks for all expected params
|
|
3906
|
+
* @param entity
|
|
3905
3907
|
*/
|
|
3908
|
+
function isIdTokenEntity(entity) {
|
|
3909
|
+
if (!entity) {
|
|
3910
|
+
return false;
|
|
3911
|
+
}
|
|
3912
|
+
return (isCredentialEntity(entity) &&
|
|
3913
|
+
entity.hasOwnProperty("realm") &&
|
|
3914
|
+
entity["credentialType"] === CredentialType.ID_TOKEN);
|
|
3915
|
+
}
|
|
3906
3916
|
/**
|
|
3907
|
-
*
|
|
3917
|
+
* Validates an entity: checks for all expected params
|
|
3918
|
+
* @param entity
|
|
3908
3919
|
*/
|
|
3920
|
+
function isRefreshTokenEntity(entity) {
|
|
3921
|
+
if (!entity) {
|
|
3922
|
+
return false;
|
|
3923
|
+
}
|
|
3924
|
+
return (isCredentialEntity(entity) &&
|
|
3925
|
+
entity["credentialType"] === CredentialType.REFRESH_TOKEN);
|
|
3926
|
+
}
|
|
3909
3927
|
/**
|
|
3910
|
-
*
|
|
3928
|
+
* validates if a given cache entry is "Telemetry", parses <key,value>
|
|
3929
|
+
* @param key
|
|
3930
|
+
* @param entity
|
|
3911
3931
|
*/
|
|
3912
|
-
function
|
|
3913
|
-
|
|
3914
|
-
|
|
3932
|
+
function isServerTelemetryEntity(key, entity) {
|
|
3933
|
+
const validateKey = key.indexOf(SERVER_TELEM_CACHE_KEY) === 0;
|
|
3934
|
+
let validateEntity = true;
|
|
3935
|
+
if (entity) {
|
|
3936
|
+
validateEntity =
|
|
3937
|
+
entity.hasOwnProperty("failedRequests") &&
|
|
3938
|
+
entity.hasOwnProperty("errors") &&
|
|
3939
|
+
entity.hasOwnProperty("cacheHits");
|
|
3940
|
+
}
|
|
3941
|
+
return validateKey && validateEntity;
|
|
3915
3942
|
}
|
|
3916
3943
|
/**
|
|
3917
|
-
*
|
|
3918
|
-
* @param
|
|
3944
|
+
* validates if a given cache entry is "Throttling", parses <key,value>
|
|
3945
|
+
* @param key
|
|
3946
|
+
* @param entity
|
|
3919
3947
|
*/
|
|
3920
|
-
function
|
|
3921
|
-
|
|
3922
|
-
|
|
3948
|
+
function isThrottlingEntity(key, entity) {
|
|
3949
|
+
let validateKey = false;
|
|
3950
|
+
if (key) {
|
|
3951
|
+
validateKey = key.indexOf(THROTTLING_PREFIX) === 0;
|
|
3952
|
+
}
|
|
3953
|
+
let validateEntity = true;
|
|
3954
|
+
if (entity) {
|
|
3955
|
+
validateEntity = entity.hasOwnProperty("throttleTime");
|
|
3956
|
+
}
|
|
3957
|
+
return validateKey && validateEntity;
|
|
3923
3958
|
}
|
|
3924
3959
|
/**
|
|
3925
|
-
*
|
|
3926
|
-
* @param seconds
|
|
3960
|
+
* Generate AppMetadata Cache Key as per the schema: appmetadata-<environment>-<client_id>
|
|
3927
3961
|
*/
|
|
3928
|
-
function
|
|
3929
|
-
|
|
3930
|
-
|
|
3962
|
+
function generateAppMetadataKey({ environment, clientId, }) {
|
|
3963
|
+
const appMetaDataKeyArray = [
|
|
3964
|
+
APP_METADATA,
|
|
3965
|
+
environment,
|
|
3966
|
+
clientId,
|
|
3967
|
+
];
|
|
3968
|
+
return appMetaDataKeyArray
|
|
3969
|
+
.join(CACHE_KEY_SEPARATOR$1)
|
|
3970
|
+
.toLowerCase();
|
|
3971
|
+
}
|
|
3972
|
+
/*
|
|
3973
|
+
* Validates an entity: checks for all expected params
|
|
3974
|
+
* @param entity
|
|
3975
|
+
*/
|
|
3976
|
+
function isAppMetadataEntity(key, entity) {
|
|
3977
|
+
if (!entity) {
|
|
3978
|
+
return false;
|
|
3931
3979
|
}
|
|
3932
|
-
return
|
|
3980
|
+
return (key.indexOf(APP_METADATA) === 0 &&
|
|
3981
|
+
entity.hasOwnProperty("clientId") &&
|
|
3982
|
+
entity.hasOwnProperty("environment"));
|
|
3933
3983
|
}
|
|
3934
3984
|
/**
|
|
3935
|
-
*
|
|
3936
|
-
* @param
|
|
3985
|
+
* Validates an entity: checks for all expected params
|
|
3986
|
+
* @param entity
|
|
3937
3987
|
*/
|
|
3938
|
-
function
|
|
3939
|
-
|
|
3940
|
-
|
|
3941
|
-
|
|
3942
|
-
|
|
3943
|
-
|
|
3988
|
+
function isAuthorityMetadataEntity(key, entity) {
|
|
3989
|
+
if (!entity) {
|
|
3990
|
+
return false;
|
|
3991
|
+
}
|
|
3992
|
+
return (key.indexOf(AUTHORITY_METADATA_CACHE_KEY) === 0 &&
|
|
3993
|
+
entity.hasOwnProperty("aliases") &&
|
|
3994
|
+
entity.hasOwnProperty("preferred_cache") &&
|
|
3995
|
+
entity.hasOwnProperty("preferred_network") &&
|
|
3996
|
+
entity.hasOwnProperty("canonical_authority") &&
|
|
3997
|
+
entity.hasOwnProperty("authorization_endpoint") &&
|
|
3998
|
+
entity.hasOwnProperty("token_endpoint") &&
|
|
3999
|
+
entity.hasOwnProperty("issuer") &&
|
|
4000
|
+
entity.hasOwnProperty("aliasesFromNetwork") &&
|
|
4001
|
+
entity.hasOwnProperty("endpointsFromNetwork") &&
|
|
4002
|
+
entity.hasOwnProperty("expiresAt") &&
|
|
4003
|
+
entity.hasOwnProperty("jwks_uri"));
|
|
3944
4004
|
}
|
|
3945
4005
|
/**
|
|
3946
|
-
*
|
|
3947
|
-
* @param lastUpdatedAt
|
|
3948
|
-
* @param cacheRetentionDays
|
|
3949
|
-
* @returns
|
|
4006
|
+
* Reset the exiresAt value
|
|
3950
4007
|
*/
|
|
3951
|
-
function
|
|
3952
|
-
|
|
3953
|
-
|
|
4008
|
+
function generateAuthorityMetadataExpiresAt() {
|
|
4009
|
+
return (nowSeconds() +
|
|
4010
|
+
AUTHORITY_METADATA_REFRESH_TIME_SECONDS);
|
|
4011
|
+
}
|
|
4012
|
+
function updateAuthorityEndpointMetadata(authorityMetadata, updatedValues, fromNetwork) {
|
|
4013
|
+
authorityMetadata.authorization_endpoint =
|
|
4014
|
+
updatedValues.authorization_endpoint;
|
|
4015
|
+
authorityMetadata.token_endpoint = updatedValues.token_endpoint;
|
|
4016
|
+
authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
|
|
4017
|
+
authorityMetadata.issuer = updatedValues.issuer;
|
|
4018
|
+
authorityMetadata.endpointsFromNetwork = fromNetwork;
|
|
4019
|
+
authorityMetadata.jwks_uri = updatedValues.jwks_uri;
|
|
4020
|
+
}
|
|
4021
|
+
function updateCloudDiscoveryMetadata(authorityMetadata, updatedValues, fromNetwork) {
|
|
4022
|
+
authorityMetadata.aliases = updatedValues.aliases;
|
|
4023
|
+
authorityMetadata.preferred_cache = updatedValues.preferred_cache;
|
|
4024
|
+
authorityMetadata.preferred_network = updatedValues.preferred_network;
|
|
4025
|
+
authorityMetadata.aliasesFromNetwork = fromNetwork;
|
|
3954
4026
|
}
|
|
3955
4027
|
/**
|
|
3956
|
-
*
|
|
3957
|
-
* i.e. The system clock was turned back after acquiring the cached token
|
|
3958
|
-
* @param cachedAt
|
|
3959
|
-
* @param offset
|
|
4028
|
+
* Returns whether or not the data needs to be refreshed
|
|
3960
4029
|
*/
|
|
3961
|
-
function
|
|
3962
|
-
|
|
3963
|
-
return cachedAtSec > nowSeconds();
|
|
4030
|
+
function isAuthorityMetadataExpired(metadata) {
|
|
4031
|
+
return metadata.expiresAt <= nowSeconds();
|
|
3964
4032
|
}
|
|
3965
4033
|
|
|
3966
|
-
/*! @azure/msal-common v16.2.
|
|
4034
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3967
4035
|
/*
|
|
3968
4036
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3969
4037
|
* Licensed under the MIT License.
|
|
@@ -4034,7 +4102,7 @@
|
|
|
4034
4102
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
4035
4103
|
const SetUserData = "setUserData";
|
|
4036
4104
|
|
|
4037
|
-
/*! @azure/msal-common v16.2.
|
|
4105
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4038
4106
|
/*
|
|
4039
4107
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4040
4108
|
* Licensed under the MIT License.
|
|
@@ -4127,7 +4195,7 @@
|
|
|
4127
4195
|
};
|
|
4128
4196
|
};
|
|
4129
4197
|
|
|
4130
|
-
/*! @azure/msal-common v16.2.
|
|
4198
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4131
4199
|
|
|
4132
4200
|
/*
|
|
4133
4201
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4207,293 +4275,226 @@
|
|
|
4207
4275
|
}
|
|
4208
4276
|
}
|
|
4209
4277
|
|
|
4210
|
-
/*! @azure/msal-common v16.2.
|
|
4278
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4211
4279
|
/*
|
|
4212
4280
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4213
4281
|
* Licensed under the MIT License.
|
|
4214
4282
|
*/
|
|
4215
4283
|
/**
|
|
4216
|
-
*
|
|
4217
|
-
*
|
|
4218
|
-
*/ class TokenCacheContext {
|
|
4219
|
-
constructor(tokenCache, hasChanged) {
|
|
4220
|
-
this.cache = tokenCache;
|
|
4221
|
-
this.hasChanged = hasChanged;
|
|
4222
|
-
}
|
|
4223
|
-
/**
|
|
4224
|
-
* boolean which indicates the changes in cache
|
|
4225
|
-
*/
|
|
4226
|
-
get cacheHasChanged() {
|
|
4227
|
-
return this.hasChanged;
|
|
4228
|
-
}
|
|
4229
|
-
/**
|
|
4230
|
-
* function to retrieve the token cache
|
|
4231
|
-
*/
|
|
4232
|
-
get tokenCache() {
|
|
4233
|
-
return this.cache;
|
|
4234
|
-
}
|
|
4235
|
-
}
|
|
4236
|
-
|
|
4237
|
-
/*! @azure/msal-common v16.2.0 2026-03-02 */
|
|
4238
|
-
|
|
4239
|
-
/*
|
|
4240
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4241
|
-
* Licensed under the MIT License.
|
|
4284
|
+
* MSAL-defined interaction required error code indicating no tokens are found in cache.
|
|
4285
|
+
* @public
|
|
4242
4286
|
*/
|
|
4287
|
+
const noTokensFound = "no_tokens_found";
|
|
4243
4288
|
/**
|
|
4244
|
-
*
|
|
4245
|
-
* @
|
|
4246
|
-
* @param authenticationResult
|
|
4247
|
-
* @param clientId
|
|
4248
|
-
* @param authority
|
|
4289
|
+
* MSAL-defined error code indicating a native account is unavailable on the platform.
|
|
4290
|
+
* @public
|
|
4249
4291
|
*/
|
|
4250
|
-
|
|
4251
|
-
const idTokenEntity = {
|
|
4252
|
-
credentialType: CredentialType.ID_TOKEN,
|
|
4253
|
-
homeAccountId: homeAccountId,
|
|
4254
|
-
environment: environment,
|
|
4255
|
-
clientId: clientId,
|
|
4256
|
-
secret: idToken,
|
|
4257
|
-
realm: tenantId,
|
|
4258
|
-
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
4259
|
-
};
|
|
4260
|
-
return idTokenEntity;
|
|
4261
|
-
}
|
|
4292
|
+
const nativeAccountUnavailable = "native_account_unavailable";
|
|
4262
4293
|
/**
|
|
4263
|
-
*
|
|
4264
|
-
* @
|
|
4265
|
-
* @param environment
|
|
4266
|
-
* @param accessToken
|
|
4267
|
-
* @param clientId
|
|
4268
|
-
* @param tenantId
|
|
4269
|
-
* @param scopes
|
|
4270
|
-
* @param expiresOn
|
|
4271
|
-
* @param extExpiresOn
|
|
4294
|
+
* MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
|
|
4295
|
+
* @public
|
|
4272
4296
|
*/
|
|
4273
|
-
|
|
4274
|
-
const atEntity = {
|
|
4275
|
-
homeAccountId: homeAccountId,
|
|
4276
|
-
credentialType: CredentialType.ACCESS_TOKEN,
|
|
4277
|
-
secret: accessToken,
|
|
4278
|
-
cachedAt: nowSeconds().toString(),
|
|
4279
|
-
expiresOn: expiresOn.toString(),
|
|
4280
|
-
extendedExpiresOn: extExpiresOn.toString(),
|
|
4281
|
-
environment: environment,
|
|
4282
|
-
clientId: clientId,
|
|
4283
|
-
realm: tenantId,
|
|
4284
|
-
target: scopes,
|
|
4285
|
-
tokenType: tokenType || AuthenticationScheme$1.BEARER,
|
|
4286
|
-
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
4287
|
-
};
|
|
4288
|
-
if (userAssertionHash) {
|
|
4289
|
-
atEntity.userAssertionHash = userAssertionHash;
|
|
4290
|
-
}
|
|
4291
|
-
if (refreshOn) {
|
|
4292
|
-
atEntity.refreshOn = refreshOn.toString();
|
|
4293
|
-
}
|
|
4294
|
-
/*
|
|
4295
|
-
* Create Access Token With Auth Scheme instead of regular access token
|
|
4296
|
-
* Cast to lower to handle "bearer" from ADFS
|
|
4297
|
-
*/
|
|
4298
|
-
if (atEntity.tokenType?.toLowerCase() !==
|
|
4299
|
-
AuthenticationScheme$1.BEARER.toLowerCase()) {
|
|
4300
|
-
atEntity.credentialType =
|
|
4301
|
-
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
|
|
4302
|
-
switch (atEntity.tokenType) {
|
|
4303
|
-
case AuthenticationScheme$1.POP:
|
|
4304
|
-
// Make sure keyId is present and add it to credential
|
|
4305
|
-
const tokenClaims = extractTokenClaims(accessToken, base64Decode);
|
|
4306
|
-
if (!tokenClaims?.cnf?.kid) {
|
|
4307
|
-
throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
|
|
4308
|
-
}
|
|
4309
|
-
atEntity.keyId = tokenClaims.cnf.kid;
|
|
4310
|
-
break;
|
|
4311
|
-
case AuthenticationScheme$1.SSH:
|
|
4312
|
-
atEntity.keyId = keyId;
|
|
4313
|
-
}
|
|
4314
|
-
}
|
|
4315
|
-
return atEntity;
|
|
4316
|
-
}
|
|
4297
|
+
const refreshTokenExpired = "refresh_token_expired";
|
|
4317
4298
|
/**
|
|
4318
|
-
*
|
|
4319
|
-
* @
|
|
4320
|
-
* @param authenticationResult
|
|
4321
|
-
* @param clientId
|
|
4322
|
-
* @param authority
|
|
4299
|
+
* MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
|
|
4300
|
+
* @public
|
|
4323
4301
|
*/
|
|
4324
|
-
|
|
4325
|
-
const rtEntity = {
|
|
4326
|
-
credentialType: CredentialType.REFRESH_TOKEN,
|
|
4327
|
-
homeAccountId: homeAccountId,
|
|
4328
|
-
environment: environment,
|
|
4329
|
-
clientId: clientId,
|
|
4330
|
-
secret: refreshToken,
|
|
4331
|
-
lastUpdatedAt: Date.now().toString(),
|
|
4332
|
-
};
|
|
4333
|
-
if (userAssertionHash) {
|
|
4334
|
-
rtEntity.userAssertionHash = userAssertionHash;
|
|
4335
|
-
}
|
|
4336
|
-
if (familyId) {
|
|
4337
|
-
rtEntity.familyId = familyId;
|
|
4338
|
-
}
|
|
4339
|
-
if (expiresOn) {
|
|
4340
|
-
rtEntity.expiresOn = expiresOn.toString();
|
|
4341
|
-
}
|
|
4342
|
-
return rtEntity;
|
|
4343
|
-
}
|
|
4344
|
-
function isCredentialEntity(entity) {
|
|
4345
|
-
return (entity.hasOwnProperty("homeAccountId") &&
|
|
4346
|
-
entity.hasOwnProperty("environment") &&
|
|
4347
|
-
entity.hasOwnProperty("credentialType") &&
|
|
4348
|
-
entity.hasOwnProperty("clientId") &&
|
|
4349
|
-
entity.hasOwnProperty("secret"));
|
|
4350
|
-
}
|
|
4302
|
+
const uxNotAllowed = "ux_not_allowed";
|
|
4351
4303
|
/**
|
|
4352
|
-
*
|
|
4353
|
-
* @
|
|
4304
|
+
* Server-originated error code indicating interaction is required to complete the request.
|
|
4305
|
+
* @public
|
|
4354
4306
|
*/
|
|
4355
|
-
|
|
4356
|
-
|
|
4357
|
-
|
|
4358
|
-
|
|
4359
|
-
|
|
4360
|
-
|
|
4361
|
-
|
|
4362
|
-
|
|
4363
|
-
|
|
4364
|
-
|
|
4365
|
-
|
|
4307
|
+
const interactionRequired = "interaction_required";
|
|
4308
|
+
/**
|
|
4309
|
+
* Server-originated error code indicating user consent is required.
|
|
4310
|
+
* @public
|
|
4311
|
+
*/
|
|
4312
|
+
const consentRequired = "consent_required";
|
|
4313
|
+
/**
|
|
4314
|
+
* Server-originated error code indicating user login is required.
|
|
4315
|
+
* @public
|
|
4316
|
+
*/
|
|
4317
|
+
const loginRequired = "login_required";
|
|
4318
|
+
/**
|
|
4319
|
+
* Server-originated error code indicating the token is invalid or corrupted.
|
|
4320
|
+
* @public
|
|
4321
|
+
*/
|
|
4322
|
+
const badToken = "bad_token";
|
|
4366
4323
|
/**
|
|
4367
|
-
*
|
|
4368
|
-
* @
|
|
4324
|
+
* Server-originated error code indicating the user is in an interrupted state and interaction is required.
|
|
4325
|
+
* @public
|
|
4326
|
+
*/
|
|
4327
|
+
const interruptedUser = "interrupted_user";
|
|
4328
|
+
|
|
4329
|
+
var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
4330
|
+
__proto__: null,
|
|
4331
|
+
badToken: badToken,
|
|
4332
|
+
consentRequired: consentRequired,
|
|
4333
|
+
interactionRequired: interactionRequired,
|
|
4334
|
+
interruptedUser: interruptedUser,
|
|
4335
|
+
loginRequired: loginRequired,
|
|
4336
|
+
nativeAccountUnavailable: nativeAccountUnavailable,
|
|
4337
|
+
noTokensFound: noTokensFound,
|
|
4338
|
+
refreshTokenExpired: refreshTokenExpired,
|
|
4339
|
+
uxNotAllowed: uxNotAllowed
|
|
4340
|
+
});
|
|
4341
|
+
|
|
4342
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4343
|
+
|
|
4344
|
+
/*
|
|
4345
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4346
|
+
* Licensed under the MIT License.
|
|
4369
4347
|
*/
|
|
4370
|
-
function isIdTokenEntity(entity) {
|
|
4371
|
-
if (!entity) {
|
|
4372
|
-
return false;
|
|
4373
|
-
}
|
|
4374
|
-
return (isCredentialEntity(entity) &&
|
|
4375
|
-
entity.hasOwnProperty("realm") &&
|
|
4376
|
-
entity["credentialType"] === CredentialType.ID_TOKEN);
|
|
4377
|
-
}
|
|
4378
4348
|
/**
|
|
4379
|
-
*
|
|
4380
|
-
* @param entity
|
|
4349
|
+
* InteractionRequiredServerErrorMessage contains string constants used by error codes and messages returned by the server indicating interaction is required
|
|
4381
4350
|
*/
|
|
4382
|
-
|
|
4383
|
-
|
|
4384
|
-
|
|
4385
|
-
|
|
4386
|
-
|
|
4387
|
-
|
|
4388
|
-
|
|
4351
|
+
const InteractionRequiredServerErrorMessage = [
|
|
4352
|
+
interactionRequired,
|
|
4353
|
+
consentRequired,
|
|
4354
|
+
loginRequired,
|
|
4355
|
+
badToken,
|
|
4356
|
+
uxNotAllowed,
|
|
4357
|
+
interruptedUser,
|
|
4358
|
+
];
|
|
4359
|
+
const InteractionRequiredAuthSubErrorMessage = [
|
|
4360
|
+
"message_only",
|
|
4361
|
+
"additional_action",
|
|
4362
|
+
"basic_action",
|
|
4363
|
+
"user_password_expired",
|
|
4364
|
+
"consent_required",
|
|
4365
|
+
"bad_token",
|
|
4366
|
+
"ux_not_allowed",
|
|
4367
|
+
"interrupted_user",
|
|
4368
|
+
];
|
|
4389
4369
|
/**
|
|
4390
|
-
*
|
|
4391
|
-
* @param key
|
|
4392
|
-
* @param entity
|
|
4370
|
+
* Error thrown when user interaction is required.
|
|
4393
4371
|
*/
|
|
4394
|
-
|
|
4395
|
-
|
|
4396
|
-
|
|
4397
|
-
|
|
4398
|
-
|
|
4399
|
-
|
|
4400
|
-
|
|
4401
|
-
|
|
4372
|
+
class InteractionRequiredAuthError extends AuthError {
|
|
4373
|
+
constructor(errorCode, errorMessage, subError, timestamp, traceId, correlationId, claims, errorNo) {
|
|
4374
|
+
super(errorCode, errorMessage, subError);
|
|
4375
|
+
Object.setPrototypeOf(this, InteractionRequiredAuthError.prototype);
|
|
4376
|
+
this.timestamp = timestamp || "";
|
|
4377
|
+
this.traceId = traceId || "";
|
|
4378
|
+
this.correlationId = correlationId || "";
|
|
4379
|
+
this.claims = claims || "";
|
|
4380
|
+
this.name = "InteractionRequiredAuthError";
|
|
4381
|
+
this.errorNo = errorNo;
|
|
4402
4382
|
}
|
|
4403
|
-
return validateKey && validateEntity;
|
|
4404
4383
|
}
|
|
4405
4384
|
/**
|
|
4406
|
-
*
|
|
4407
|
-
* @param
|
|
4408
|
-
* @param
|
|
4385
|
+
* Helper function used to determine if an error thrown by the server requires interaction to resolve
|
|
4386
|
+
* @param errorCode
|
|
4387
|
+
* @param errorString
|
|
4388
|
+
* @param subError
|
|
4409
4389
|
*/
|
|
4410
|
-
function
|
|
4411
|
-
|
|
4412
|
-
|
|
4413
|
-
|
|
4414
|
-
|
|
4415
|
-
|
|
4416
|
-
|
|
4417
|
-
|
|
4418
|
-
|
|
4419
|
-
return
|
|
4390
|
+
function isInteractionRequiredError(errorCode, errorString, subError) {
|
|
4391
|
+
const isInteractionRequiredErrorCode = !!errorCode &&
|
|
4392
|
+
InteractionRequiredServerErrorMessage.indexOf(errorCode) > -1;
|
|
4393
|
+
const isInteractionRequiredSubError = !!subError &&
|
|
4394
|
+
InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
|
|
4395
|
+
const isInteractionRequiredErrorDesc = !!errorString &&
|
|
4396
|
+
InteractionRequiredServerErrorMessage.some((irErrorCode) => {
|
|
4397
|
+
return errorString.indexOf(irErrorCode) > -1;
|
|
4398
|
+
});
|
|
4399
|
+
return (isInteractionRequiredErrorCode ||
|
|
4400
|
+
isInteractionRequiredErrorDesc ||
|
|
4401
|
+
isInteractionRequiredSubError);
|
|
4420
4402
|
}
|
|
4421
4403
|
/**
|
|
4422
|
-
*
|
|
4404
|
+
* Creates an InteractionRequiredAuthError
|
|
4423
4405
|
*/
|
|
4424
|
-
function
|
|
4425
|
-
|
|
4426
|
-
|
|
4427
|
-
|
|
4428
|
-
|
|
4429
|
-
|
|
4430
|
-
return appMetaDataKeyArray
|
|
4431
|
-
.join(CACHE_KEY_SEPARATOR$1)
|
|
4432
|
-
.toLowerCase();
|
|
4433
|
-
}
|
|
4406
|
+
function createInteractionRequiredAuthError(errorCode, errorMessage) {
|
|
4407
|
+
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
4408
|
+
}
|
|
4409
|
+
|
|
4410
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4411
|
+
|
|
4434
4412
|
/*
|
|
4435
|
-
*
|
|
4436
|
-
*
|
|
4413
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4414
|
+
* Licensed under the MIT License.
|
|
4437
4415
|
*/
|
|
4438
|
-
function isAppMetadataEntity(key, entity) {
|
|
4439
|
-
if (!entity) {
|
|
4440
|
-
return false;
|
|
4441
|
-
}
|
|
4442
|
-
return (key.indexOf(APP_METADATA) === 0 &&
|
|
4443
|
-
entity.hasOwnProperty("clientId") &&
|
|
4444
|
-
entity.hasOwnProperty("environment"));
|
|
4445
|
-
}
|
|
4446
4416
|
/**
|
|
4447
|
-
*
|
|
4448
|
-
* @param entity
|
|
4417
|
+
* Error thrown when there is an error with the server code, for example, unavailability.
|
|
4449
4418
|
*/
|
|
4450
|
-
|
|
4451
|
-
|
|
4452
|
-
|
|
4419
|
+
class ServerError extends AuthError {
|
|
4420
|
+
constructor(errorCode, errorMessage, subError, errorNo, status) {
|
|
4421
|
+
super(errorCode, errorMessage, subError);
|
|
4422
|
+
this.name = "ServerError";
|
|
4423
|
+
this.errorNo = errorNo;
|
|
4424
|
+
this.status = status;
|
|
4425
|
+
Object.setPrototypeOf(this, ServerError.prototype);
|
|
4453
4426
|
}
|
|
4454
|
-
|
|
4455
|
-
|
|
4456
|
-
|
|
4457
|
-
|
|
4458
|
-
|
|
4459
|
-
|
|
4460
|
-
|
|
4461
|
-
|
|
4462
|
-
entity.hasOwnProperty("aliasesFromNetwork") &&
|
|
4463
|
-
entity.hasOwnProperty("endpointsFromNetwork") &&
|
|
4464
|
-
entity.hasOwnProperty("expiresAt") &&
|
|
4465
|
-
entity.hasOwnProperty("jwks_uri"));
|
|
4466
|
-
}
|
|
4427
|
+
}
|
|
4428
|
+
|
|
4429
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4430
|
+
|
|
4431
|
+
/*
|
|
4432
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4433
|
+
* Licensed under the MIT License.
|
|
4434
|
+
*/
|
|
4467
4435
|
/**
|
|
4468
|
-
*
|
|
4436
|
+
* Appends user state with random guid, or returns random guid.
|
|
4437
|
+
* @param cryptoObj
|
|
4438
|
+
* @param userState
|
|
4439
|
+
* @param meta
|
|
4469
4440
|
*/
|
|
4470
|
-
function
|
|
4471
|
-
|
|
4472
|
-
|
|
4473
|
-
|
|
4474
|
-
|
|
4475
|
-
authorityMetadata.authorization_endpoint =
|
|
4476
|
-
updatedValues.authorization_endpoint;
|
|
4477
|
-
authorityMetadata.token_endpoint = updatedValues.token_endpoint;
|
|
4478
|
-
authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
|
|
4479
|
-
authorityMetadata.issuer = updatedValues.issuer;
|
|
4480
|
-
authorityMetadata.endpointsFromNetwork = fromNetwork;
|
|
4481
|
-
authorityMetadata.jwks_uri = updatedValues.jwks_uri;
|
|
4441
|
+
function setRequestState(cryptoObj, userState, meta) {
|
|
4442
|
+
const libraryState = generateLibraryState(cryptoObj, meta);
|
|
4443
|
+
return userState
|
|
4444
|
+
? `${libraryState}${RESOURCE_DELIM}${userState}`
|
|
4445
|
+
: libraryState;
|
|
4482
4446
|
}
|
|
4483
|
-
|
|
4484
|
-
|
|
4485
|
-
|
|
4486
|
-
|
|
4487
|
-
|
|
4447
|
+
/**
|
|
4448
|
+
* Generates the state value used by the common library.
|
|
4449
|
+
* @param cryptoObj
|
|
4450
|
+
* @param meta
|
|
4451
|
+
*/
|
|
4452
|
+
function generateLibraryState(cryptoObj, meta) {
|
|
4453
|
+
if (!cryptoObj) {
|
|
4454
|
+
throw createClientAuthError(noCryptoObject);
|
|
4455
|
+
}
|
|
4456
|
+
// Create a state object containing a unique id and the timestamp of the request creation
|
|
4457
|
+
const stateObj = {
|
|
4458
|
+
id: cryptoObj.createNewGuid(),
|
|
4459
|
+
};
|
|
4460
|
+
if (meta) {
|
|
4461
|
+
stateObj.meta = meta;
|
|
4462
|
+
}
|
|
4463
|
+
const stateString = JSON.stringify(stateObj);
|
|
4464
|
+
return cryptoObj.base64Encode(stateString);
|
|
4488
4465
|
}
|
|
4489
4466
|
/**
|
|
4490
|
-
*
|
|
4467
|
+
* Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.
|
|
4468
|
+
* @param base64Decode
|
|
4469
|
+
* @param state
|
|
4491
4470
|
*/
|
|
4492
|
-
function
|
|
4493
|
-
|
|
4471
|
+
function parseRequestState(base64Decode, state) {
|
|
4472
|
+
if (!base64Decode) {
|
|
4473
|
+
throw createClientAuthError(noCryptoObject);
|
|
4474
|
+
}
|
|
4475
|
+
if (!state) {
|
|
4476
|
+
throw createClientAuthError(invalidState);
|
|
4477
|
+
}
|
|
4478
|
+
try {
|
|
4479
|
+
// Split the state between library state and user passed state and decode them separately
|
|
4480
|
+
const splitState = state.split(RESOURCE_DELIM);
|
|
4481
|
+
const libraryState = splitState[0];
|
|
4482
|
+
const userState = splitState.length > 1
|
|
4483
|
+
? splitState.slice(1).join(RESOURCE_DELIM)
|
|
4484
|
+
: "";
|
|
4485
|
+
const libraryStateString = base64Decode(libraryState);
|
|
4486
|
+
const libraryStateObj = JSON.parse(libraryStateString);
|
|
4487
|
+
return {
|
|
4488
|
+
userRequestState: userState || "",
|
|
4489
|
+
libraryState: libraryStateObj,
|
|
4490
|
+
};
|
|
4491
|
+
}
|
|
4492
|
+
catch (e) {
|
|
4493
|
+
throw createClientAuthError(invalidState);
|
|
4494
|
+
}
|
|
4494
4495
|
}
|
|
4495
4496
|
|
|
4496
|
-
/*! @azure/msal-common v16.2.
|
|
4497
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4497
4498
|
|
|
4498
4499
|
/*
|
|
4499
4500
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4649,7 +4650,7 @@
|
|
|
4649
4650
|
if (serverTokenResponse.id_token && !!idTokenClaims) {
|
|
4650
4651
|
cachedIdToken = createIdTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.id_token, this.clientId, claimsTenantId || "");
|
|
4651
4652
|
cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, request.correlationId, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
|
|
4652
|
-
this.logger);
|
|
4653
|
+
this.logger, this.performanceClient);
|
|
4653
4654
|
}
|
|
4654
4655
|
// AccessToken
|
|
4655
4656
|
let cachedAccessToken = null;
|
|
@@ -4795,17 +4796,24 @@
|
|
|
4795
4796
|
};
|
|
4796
4797
|
}
|
|
4797
4798
|
}
|
|
4798
|
-
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
|
|
4799
|
+
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger, performanceClient) {
|
|
4799
4800
|
logger?.verbose("09jz0t", correlationId);
|
|
4800
|
-
|
|
4801
|
-
|
|
4802
|
-
|
|
4803
|
-
|
|
4804
|
-
|
|
4805
|
-
|
|
4806
|
-
|
|
4807
|
-
|
|
4801
|
+
/*
|
|
4802
|
+
* Check if base account is already cached. Filter by homeAccountId (identifies
|
|
4803
|
+
* the user's home identity) and environment (identifies the cloud) — the two
|
|
4804
|
+
* tenant-agnostic properties that uniquely locate a base AccountEntity.
|
|
4805
|
+
*/
|
|
4806
|
+
const accountEnvironment = environment || authority.getPreferredCache();
|
|
4807
|
+
const matchedAccounts = cacheStorage.getAccountsFilteredBy({ homeAccountId, environment: accountEnvironment }, correlationId);
|
|
4808
|
+
performanceClient?.addFields({ cacheMatchedAccounts: matchedAccounts.length }, correlationId);
|
|
4809
|
+
if (matchedAccounts.length > 1) {
|
|
4810
|
+
/*
|
|
4811
|
+
* Base accounts are expected to be unique for a given homeAccountId in normal cache usage.
|
|
4812
|
+
* If multiple matches exist, ignore the cache hit rather than arbitrarily choosing one.
|
|
4813
|
+
*/
|
|
4814
|
+
logger?.warning("0x7ad1", correlationId);
|
|
4808
4815
|
}
|
|
4816
|
+
const cachedAccount = matchedAccounts.length === 1 ? matchedAccounts[0] : null;
|
|
4809
4817
|
const baseAccount = cachedAccount ||
|
|
4810
4818
|
createAccountEntity({
|
|
4811
4819
|
homeAccountId,
|
|
@@ -4829,7 +4837,7 @@
|
|
|
4829
4837
|
return baseAccount;
|
|
4830
4838
|
}
|
|
4831
4839
|
|
|
4832
|
-
/*! @azure/msal-common v16.2.
|
|
4840
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4833
4841
|
/*
|
|
4834
4842
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4835
4843
|
* Licensed under the MIT License.
|
|
@@ -4839,7 +4847,7 @@
|
|
|
4839
4847
|
UPN: "UPN",
|
|
4840
4848
|
};
|
|
4841
4849
|
|
|
4842
|
-
/*! @azure/msal-common v16.2.
|
|
4850
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4843
4851
|
/*
|
|
4844
4852
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4845
4853
|
* Licensed under the MIT License.
|
|
@@ -4857,7 +4865,7 @@
|
|
|
4857
4865
|
}
|
|
4858
4866
|
}
|
|
4859
4867
|
|
|
4860
|
-
/*! @azure/msal-common v16.2.
|
|
4868
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4861
4869
|
/*
|
|
4862
4870
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4863
4871
|
* Licensed under the MIT License.
|
|
@@ -4878,7 +4886,7 @@
|
|
|
4878
4886
|
};
|
|
4879
4887
|
}
|
|
4880
4888
|
|
|
4881
|
-
/*! @azure/msal-common v16.2.
|
|
4889
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4882
4890
|
|
|
4883
4891
|
/*
|
|
4884
4892
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4964,7 +4972,7 @@
|
|
|
4964
4972
|
}
|
|
4965
4973
|
}
|
|
4966
4974
|
|
|
4967
|
-
/*! @azure/msal-common v16.2.
|
|
4975
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4968
4976
|
|
|
4969
4977
|
/*
|
|
4970
4978
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4995,7 +5003,7 @@
|
|
|
4995
5003
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
4996
5004
|
}
|
|
4997
5005
|
|
|
4998
|
-
/*! @azure/msal-common v16.2.
|
|
5006
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4999
5007
|
|
|
5000
5008
|
/*
|
|
5001
5009
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5109,7 +5117,7 @@
|
|
|
5109
5117
|
return response;
|
|
5110
5118
|
}
|
|
5111
5119
|
|
|
5112
|
-
/*! @azure/msal-common v16.2.
|
|
5120
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
5113
5121
|
/*
|
|
5114
5122
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5115
5123
|
* Licensed under the MIT License.
|
|
@@ -5121,7 +5129,7 @@
|
|
|
5121
5129
|
response.hasOwnProperty("jwks_uri"));
|
|
5122
5130
|
}
|
|
5123
5131
|
|
|
5124
|
-
/*! @azure/msal-common v16.2.
|
|
5132
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
5125
5133
|
/*
|
|
5126
5134
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5127
5135
|
* Licensed under the MIT License.
|
|
@@ -5131,7 +5139,7 @@
|
|
|
5131
5139
|
response.hasOwnProperty("metadata"));
|
|
5132
5140
|
}
|
|
5133
5141
|
|
|
5134
|
-
/*! @azure/msal-common v16.2.
|
|
5142
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
5135
5143
|
/*
|
|
5136
5144
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5137
5145
|
* Licensed under the MIT License.
|
|
@@ -5141,7 +5149,7 @@
|
|
|
5141
5149
|
response.hasOwnProperty("error_description"));
|
|
5142
5150
|
}
|
|
5143
5151
|
|
|
5144
|
-
/*! @azure/msal-common v16.2.
|
|
5152
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
5145
5153
|
|
|
5146
5154
|
/*
|
|
5147
5155
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5246,7 +5254,7 @@
|
|
|
5246
5254
|
},
|
|
5247
5255
|
};
|
|
5248
5256
|
|
|
5249
|
-
/*! @azure/msal-common v16.2.
|
|
5257
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
5250
5258
|
|
|
5251
5259
|
/*
|
|
5252
5260
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6066,7 +6074,7 @@
|
|
|
6066
6074
|
};
|
|
6067
6075
|
}
|
|
6068
6076
|
|
|
6069
|
-
/*! @azure/msal-common v16.2.
|
|
6077
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6070
6078
|
|
|
6071
6079
|
/*
|
|
6072
6080
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6100,7 +6108,7 @@
|
|
|
6100
6108
|
}
|
|
6101
6109
|
}
|
|
6102
6110
|
|
|
6103
|
-
/*! @azure/msal-common v16.2.
|
|
6111
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6104
6112
|
|
|
6105
6113
|
/*
|
|
6106
6114
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6360,7 +6368,7 @@
|
|
|
6360
6368
|
}
|
|
6361
6369
|
}
|
|
6362
6370
|
|
|
6363
|
-
/*! @azure/msal-common v16.2.
|
|
6371
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6364
6372
|
|
|
6365
6373
|
/*
|
|
6366
6374
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6585,7 +6593,7 @@
|
|
|
6585
6593
|
}
|
|
6586
6594
|
}
|
|
6587
6595
|
|
|
6588
|
-
/*! @azure/msal-common v16.2.
|
|
6596
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6589
6597
|
|
|
6590
6598
|
/*
|
|
6591
6599
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6694,7 +6702,7 @@
|
|
|
6694
6702
|
}
|
|
6695
6703
|
}
|
|
6696
6704
|
|
|
6697
|
-
/*! @azure/msal-common v16.2.
|
|
6705
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6698
6706
|
|
|
6699
6707
|
/*
|
|
6700
6708
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6709,7 +6717,7 @@
|
|
|
6709
6717
|
},
|
|
6710
6718
|
};
|
|
6711
6719
|
|
|
6712
|
-
/*! @azure/msal-common v16.2.
|
|
6720
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6713
6721
|
|
|
6714
6722
|
/*
|
|
6715
6723
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6933,7 +6941,7 @@
|
|
|
6933
6941
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
6934
6942
|
}
|
|
6935
6943
|
|
|
6936
|
-
/*! @azure/msal-common v16.2.
|
|
6944
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6937
6945
|
|
|
6938
6946
|
/*
|
|
6939
6947
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6991,7 +6999,7 @@
|
|
|
6991
6999
|
}
|
|
6992
7000
|
}
|
|
6993
7001
|
|
|
6994
|
-
/*! @azure/msal-common v16.2.
|
|
7002
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6995
7003
|
/*
|
|
6996
7004
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6997
7005
|
* Licensed under the MIT License.
|
|
@@ -7008,7 +7016,7 @@
|
|
|
7008
7016
|
unexpectedError: unexpectedError
|
|
7009
7017
|
});
|
|
7010
7018
|
|
|
7011
|
-
/*! @azure/msal-common v16.2.
|
|
7019
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
7012
7020
|
|
|
7013
7021
|
/*
|
|
7014
7022
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7269,7 +7277,7 @@
|
|
|
7269
7277
|
}
|
|
7270
7278
|
}
|
|
7271
7279
|
|
|
7272
|
-
/*! @azure/msal-common v16.2.
|
|
7280
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
7273
7281
|
|
|
7274
7282
|
/*
|
|
7275
7283
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7290,7 +7298,7 @@
|
|
|
7290
7298
|
return new JoseHeaderError(code);
|
|
7291
7299
|
}
|
|
7292
7300
|
|
|
7293
|
-
/*! @azure/msal-common v16.2.
|
|
7301
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
7294
7302
|
/*
|
|
7295
7303
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7296
7304
|
* Licensed under the MIT License.
|
|
@@ -7298,7 +7306,7 @@
|
|
|
7298
7306
|
const missingKidError = "missing_kid_error";
|
|
7299
7307
|
const missingAlgError = "missing_alg_error";
|
|
7300
7308
|
|
|
7301
|
-
/*! @azure/msal-common v16.2.
|
|
7309
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
7302
7310
|
|
|
7303
7311
|
/*
|
|
7304
7312
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7338,7 +7346,7 @@
|
|
|
7338
7346
|
}
|
|
7339
7347
|
}
|
|
7340
7348
|
|
|
7341
|
-
/*! @azure/msal-common v16.2.
|
|
7349
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
7342
7350
|
|
|
7343
7351
|
/*
|
|
7344
7352
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -10211,7 +10219,7 @@
|
|
|
10211
10219
|
|
|
10212
10220
|
/* eslint-disable header/header */
|
|
10213
10221
|
const name = "@azure/msal-browser";
|
|
10214
|
-
const version = "5.4.
|
|
10222
|
+
const version = "5.4.1";
|
|
10215
10223
|
|
|
10216
10224
|
/*
|
|
10217
10225
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -12671,9 +12679,9 @@
|
|
|
12671
12679
|
}
|
|
12672
12680
|
// Get the preferred_cache domain for the given authority
|
|
12673
12681
|
const authority = await getDiscoveredAuthority(this.config, this.correlationId, this.performanceClient, this.browserStorage, this.logger, request.authority);
|
|
12674
|
-
const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info,
|
|
12682
|
+
const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info, authority.getPreferredCache(), // environment
|
|
12675
12683
|
idTokenClaims.tid, undefined, // auth code payload
|
|
12676
|
-
response.account.id);
|
|
12684
|
+
response.account.id, this.logger, this.performanceClient);
|
|
12677
12685
|
// Ensure expires_in is in number format
|
|
12678
12686
|
response.expires_in = Number(response.expires_in);
|
|
12679
12687
|
// generate authenticationResult
|
|
@@ -18082,7 +18090,7 @@
|
|
|
18082
18090
|
const storage = new BrowserCacheManager(browserConfig.auth.clientId, browserConfig.cache, cryptoOps, logger, browserConfig.telemetry.client, new EventHandler(logger), buildStaticAuthorityOptions(browserConfig.auth));
|
|
18083
18091
|
const authorityString = request.authority || browserConfig.auth.authority;
|
|
18084
18092
|
const authority = await createDiscoveredInstance(Authority.generateAuthority(authorityString, request.azureCloudOptions), browserConfig.system.networkClient, storage, authorityOptions, logger, correlationId, performanceClient);
|
|
18085
|
-
const cacheRecordAccount = await invokeAsync(loadAccount, LoadAccount, logger, performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, storage, logger, cryptoOps, authority, idTokenClaims);
|
|
18093
|
+
const cacheRecordAccount = await invokeAsync(loadAccount, LoadAccount, logger, performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, storage, logger, cryptoOps, authority, idTokenClaims, performanceClient);
|
|
18086
18094
|
const idToken = await invokeAsync(loadIdToken, LoadIdToken, logger, performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, kmsi, correlationId, storage, logger, config.auth.clientId);
|
|
18087
18095
|
const accessToken = await invokeAsync(loadAccessToken, LoadAccessToken, logger, performanceClient, correlationId)(request, response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, kmsi, options, correlationId, storage, logger, config.auth.clientId);
|
|
18088
18096
|
const refreshToken = await invokeAsync(loadRefreshToken, LoadRefreshToken, logger, performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, kmsi, correlationId, storage, logger, config.auth.clientId, performanceClient);
|
|
@@ -18108,7 +18116,7 @@
|
|
|
18108
18116
|
* @param requestHomeAccountId
|
|
18109
18117
|
* @returns `AccountEntity`
|
|
18110
18118
|
*/
|
|
18111
|
-
async function loadAccount(request, clientInfo, correlationId, storage, logger, cryptoObj, authority, idTokenClaims) {
|
|
18119
|
+
async function loadAccount(request, clientInfo, correlationId, storage, logger, cryptoObj, authority, idTokenClaims, performanceClient) {
|
|
18112
18120
|
logger.verbose("0ke46k", correlationId);
|
|
18113
18121
|
if (request.account) {
|
|
18114
18122
|
const accountEntity = createAccountEntityFromAccountInfo(request.account);
|
|
@@ -18123,7 +18131,7 @@
|
|
|
18123
18131
|
const claimsTenantId = idTokenClaims?.tid;
|
|
18124
18132
|
const cachedAccount = buildAccountToCache(storage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, authority.getPreferredCache(), claimsTenantId, undefined, // authCodePayload
|
|
18125
18133
|
undefined, // nativeAccountId
|
|
18126
|
-
logger);
|
|
18134
|
+
logger, performanceClient);
|
|
18127
18135
|
await storage.setAccount(cachedAccount, correlationId, isKmsi(idTokenClaims || {}), ApiId.loadExternalTokens);
|
|
18128
18136
|
return cachedAccount;
|
|
18129
18137
|
}
|