@azure/msal-browser 5.4.0 → 5.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.d.ts.map +1 -1
- package/dist/cache/TokenCache.mjs +9 -9
- package/dist/cache/TokenCache.mjs.map +1 -1
- package/dist/config/Configuration.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +2 -2
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +10 -10
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/cache/TokenCache.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +2 -2
- package/lib/custom-auth-path/msal-custom-auth.cjs +523 -516
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/log-strings-mapping.json +10 -10
- package/lib/msal-browser.cjs +542 -534
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +542 -534
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
- package/lib/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/package.json +2 -2
- package/src/cache/TokenCache.ts +27 -24
- package/src/interaction_client/PlatformAuthInteractionClient.ts +55 -53
- package/src/packageMetadata.ts +1 -1
package/lib/msal-browser.cjs
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.4.
|
|
1
|
+
/*! @azure/msal-browser v5.4.1 2026-04-01 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v16.2.
|
|
5
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -234,7 +234,7 @@ const JsonWebTokenTypes$1 = {
|
|
|
234
234
|
// Token renewal offset default in seconds
|
|
235
235
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
236
236
|
|
|
237
|
-
/*! @azure/msal-common v16.2.
|
|
237
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
238
238
|
/*
|
|
239
239
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
240
240
|
* Licensed under the MIT License.
|
|
@@ -284,7 +284,7 @@ const INSTANCE_AWARE = "instance_aware";
|
|
|
284
284
|
const EAR_JWK = "ear_jwk";
|
|
285
285
|
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
286
286
|
|
|
287
|
-
/*! @azure/msal-common v16.2.
|
|
287
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
288
288
|
/*
|
|
289
289
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
290
290
|
* Licensed under the MIT License.
|
|
@@ -315,7 +315,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
315
315
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
316
316
|
}
|
|
317
317
|
|
|
318
|
-
/*! @azure/msal-common v16.2.
|
|
318
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
319
319
|
|
|
320
320
|
/*
|
|
321
321
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -335,7 +335,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
335
335
|
return new ClientConfigurationError(errorCode);
|
|
336
336
|
}
|
|
337
337
|
|
|
338
|
-
/*! @azure/msal-common v16.2.
|
|
338
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
339
339
|
/*
|
|
340
340
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
341
341
|
* Licensed under the MIT License.
|
|
@@ -415,7 +415,7 @@ class StringUtils {
|
|
|
415
415
|
}
|
|
416
416
|
}
|
|
417
417
|
|
|
418
|
-
/*! @azure/msal-common v16.2.
|
|
418
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
419
419
|
|
|
420
420
|
/*
|
|
421
421
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -438,7 +438,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
438
438
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
439
439
|
}
|
|
440
440
|
|
|
441
|
-
/*! @azure/msal-common v16.2.
|
|
441
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
442
442
|
/*
|
|
443
443
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
444
444
|
* Licensed under the MIT License.
|
|
@@ -492,7 +492,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
492
492
|
urlParseError: urlParseError
|
|
493
493
|
});
|
|
494
494
|
|
|
495
|
-
/*! @azure/msal-common v16.2.
|
|
495
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
496
496
|
/*
|
|
497
497
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
498
498
|
* Licensed under the MIT License.
|
|
@@ -576,7 +576,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
576
576
|
userCanceled: userCanceled
|
|
577
577
|
});
|
|
578
578
|
|
|
579
|
-
/*! @azure/msal-common v16.2.
|
|
579
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
580
580
|
|
|
581
581
|
/*
|
|
582
582
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -771,7 +771,7 @@ class ScopeSet {
|
|
|
771
771
|
}
|
|
772
772
|
}
|
|
773
773
|
|
|
774
|
-
/*! @azure/msal-common v16.2.
|
|
774
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
775
775
|
|
|
776
776
|
/*
|
|
777
777
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1138,7 +1138,7 @@ function addEARParameters(parameters, jwk) {
|
|
|
1138
1138
|
parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
1139
1139
|
}
|
|
1140
1140
|
|
|
1141
|
-
/*! @azure/msal-common v16.2.
|
|
1141
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1142
1142
|
|
|
1143
1143
|
/*
|
|
1144
1144
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1247,7 +1247,7 @@ function normalizeUrlForComparison(url) {
|
|
|
1247
1247
|
}
|
|
1248
1248
|
}
|
|
1249
1249
|
|
|
1250
|
-
/*! @azure/msal-common v16.2.
|
|
1250
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1251
1251
|
|
|
1252
1252
|
/*
|
|
1253
1253
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1286,7 +1286,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
1286
1286
|
},
|
|
1287
1287
|
};
|
|
1288
1288
|
|
|
1289
|
-
/*! @azure/msal-common v16.2.
|
|
1289
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1290
1290
|
/*
|
|
1291
1291
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1292
1292
|
* Licensed under the MIT License.
|
|
@@ -1561,12 +1561,12 @@ class Logger {
|
|
|
1561
1561
|
}
|
|
1562
1562
|
}
|
|
1563
1563
|
|
|
1564
|
-
/*! @azure/msal-common v16.2.
|
|
1564
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1565
1565
|
/* eslint-disable header/header */
|
|
1566
1566
|
const name$1 = "@azure/msal-common";
|
|
1567
|
-
const version$1 = "16.2.
|
|
1567
|
+
const version$1 = "16.2.1";
|
|
1568
1568
|
|
|
1569
|
-
/*! @azure/msal-common v16.2.
|
|
1569
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1570
1570
|
/*
|
|
1571
1571
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1572
1572
|
* Licensed under the MIT License.
|
|
@@ -1586,7 +1586,7 @@ const AzureCloudInstance = {
|
|
|
1586
1586
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
1587
1587
|
};
|
|
1588
1588
|
|
|
1589
|
-
/*! @azure/msal-common v16.2.
|
|
1589
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1590
1590
|
/*
|
|
1591
1591
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1592
1592
|
* Licensed under the MIT License.
|
|
@@ -1668,7 +1668,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1668
1668
|
return updatedAccountInfo;
|
|
1669
1669
|
}
|
|
1670
1670
|
|
|
1671
|
-
/*! @azure/msal-common v16.2.
|
|
1671
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1672
1672
|
|
|
1673
1673
|
/*
|
|
1674
1674
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1748,7 +1748,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1748
1748
|
}
|
|
1749
1749
|
}
|
|
1750
1750
|
|
|
1751
|
-
/*! @azure/msal-common v16.2.
|
|
1751
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1752
1752
|
|
|
1753
1753
|
/*
|
|
1754
1754
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1905,7 +1905,7 @@ class UrlString {
|
|
|
1905
1905
|
}
|
|
1906
1906
|
}
|
|
1907
1907
|
|
|
1908
|
-
/*! @azure/msal-common v16.2.
|
|
1908
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
1909
1909
|
|
|
1910
1910
|
/*
|
|
1911
1911
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2062,7 +2062,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2062
2062
|
return null;
|
|
2063
2063
|
}
|
|
2064
2064
|
|
|
2065
|
-
/*! @azure/msal-common v16.2.
|
|
2065
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2066
2066
|
/*
|
|
2067
2067
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2068
2068
|
* Licensed under the MIT License.
|
|
@@ -2070,7 +2070,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2070
2070
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2071
2071
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2072
2072
|
|
|
2073
|
-
/*! @azure/msal-common v16.2.
|
|
2073
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2074
2074
|
|
|
2075
2075
|
/*
|
|
2076
2076
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2108,7 +2108,7 @@ function createCacheError(e) {
|
|
|
2108
2108
|
}
|
|
2109
2109
|
}
|
|
2110
2110
|
|
|
2111
|
-
/*! @azure/msal-common v16.2.
|
|
2111
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2112
2112
|
|
|
2113
2113
|
/*
|
|
2114
2114
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2146,7 +2146,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
2146
2146
|
};
|
|
2147
2147
|
}
|
|
2148
2148
|
|
|
2149
|
-
/*! @azure/msal-common v16.2.
|
|
2149
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2150
2150
|
/*
|
|
2151
2151
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2152
2152
|
* Licensed under the MIT License.
|
|
@@ -2161,7 +2161,7 @@ const AuthorityType = {
|
|
|
2161
2161
|
Ciam: 3,
|
|
2162
2162
|
};
|
|
2163
2163
|
|
|
2164
|
-
/*! @azure/msal-common v16.2.
|
|
2164
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2165
2165
|
/*
|
|
2166
2166
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2167
2167
|
* Licensed under the MIT License.
|
|
@@ -2183,7 +2183,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
2183
2183
|
return null;
|
|
2184
2184
|
}
|
|
2185
2185
|
|
|
2186
|
-
/*! @azure/msal-common v16.2.
|
|
2186
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2187
2187
|
/*
|
|
2188
2188
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2189
2189
|
* Licensed under the MIT License.
|
|
@@ -2207,7 +2207,7 @@ const ProtocolMode = {
|
|
|
2207
2207
|
EAR: "EAR",
|
|
2208
2208
|
};
|
|
2209
2209
|
|
|
2210
|
-
/*! @azure/msal-common v16.2.
|
|
2210
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2211
2211
|
/**
|
|
2212
2212
|
* Returns the AccountInfo interface for this account.
|
|
2213
2213
|
*/
|
|
@@ -2382,7 +2382,7 @@ function isAccountEntity(entity) {
|
|
|
2382
2382
|
entity.hasOwnProperty("authorityType"));
|
|
2383
2383
|
}
|
|
2384
2384
|
|
|
2385
|
-
/*! @azure/msal-common v16.2.
|
|
2385
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
2386
2386
|
|
|
2387
2387
|
/*
|
|
2388
2388
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3479,7 +3479,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3479
3479
|
}
|
|
3480
3480
|
}
|
|
3481
3481
|
|
|
3482
|
-
/*! @azure/msal-common v16.2.
|
|
3482
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3483
3483
|
/*
|
|
3484
3484
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3485
3485
|
* Licensed under the MIT License.
|
|
@@ -3524,9 +3524,10 @@ const IntFields = new Set([
|
|
|
3524
3524
|
"currRefreshCount",
|
|
3525
3525
|
"expiredCacheRemovedCount",
|
|
3526
3526
|
"upgradedCacheCount",
|
|
3527
|
+
"cacheMatchedAccounts",
|
|
3527
3528
|
]);
|
|
3528
3529
|
|
|
3529
|
-
/*! @azure/msal-common v16.2.
|
|
3530
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3530
3531
|
|
|
3531
3532
|
/*
|
|
3532
3533
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3581,7 +3582,7 @@ class StubPerformanceClient {
|
|
|
3581
3582
|
}
|
|
3582
3583
|
}
|
|
3583
3584
|
|
|
3584
|
-
/*! @azure/msal-common v16.2.
|
|
3585
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3585
3586
|
|
|
3586
3587
|
/*
|
|
3587
3588
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3675,291 +3676,358 @@ function isOidcProtocolMode(config) {
|
|
|
3675
3676
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3676
3677
|
}
|
|
3677
3678
|
|
|
3678
|
-
/*! @azure/msal-common v16.2.
|
|
3679
|
-
|
|
3679
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3680
3680
|
/*
|
|
3681
3681
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3682
3682
|
* Licensed under the MIT License.
|
|
3683
3683
|
*/
|
|
3684
3684
|
/**
|
|
3685
|
-
*
|
|
3686
|
-
|
|
3687
|
-
|
|
3688
|
-
constructor(
|
|
3689
|
-
|
|
3690
|
-
this.
|
|
3691
|
-
|
|
3692
|
-
|
|
3693
|
-
|
|
3685
|
+
* This class instance helps track the memory changes facilitating
|
|
3686
|
+
* decisions to read from and write to the persistent cache
|
|
3687
|
+
*/ class TokenCacheContext {
|
|
3688
|
+
constructor(tokenCache, hasChanged) {
|
|
3689
|
+
this.cache = tokenCache;
|
|
3690
|
+
this.hasChanged = hasChanged;
|
|
3691
|
+
}
|
|
3692
|
+
/**
|
|
3693
|
+
* boolean which indicates the changes in cache
|
|
3694
|
+
*/
|
|
3695
|
+
get cacheHasChanged() {
|
|
3696
|
+
return this.hasChanged;
|
|
3697
|
+
}
|
|
3698
|
+
/**
|
|
3699
|
+
* function to retrieve the token cache
|
|
3700
|
+
*/
|
|
3701
|
+
get tokenCache() {
|
|
3702
|
+
return this.cache;
|
|
3694
3703
|
}
|
|
3695
3704
|
}
|
|
3696
3705
|
|
|
3697
|
-
/*! @azure/msal-common v16.2.
|
|
3706
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3698
3707
|
/*
|
|
3699
3708
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3700
3709
|
* Licensed under the MIT License.
|
|
3701
3710
|
*/
|
|
3702
3711
|
/**
|
|
3703
|
-
*
|
|
3704
|
-
* @public
|
|
3705
|
-
*/
|
|
3706
|
-
const noTokensFound = "no_tokens_found";
|
|
3707
|
-
/**
|
|
3708
|
-
* MSAL-defined error code indicating a native account is unavailable on the platform.
|
|
3709
|
-
* @public
|
|
3710
|
-
*/
|
|
3711
|
-
const nativeAccountUnavailable = "native_account_unavailable";
|
|
3712
|
-
/**
|
|
3713
|
-
* MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
|
|
3714
|
-
* @public
|
|
3715
|
-
*/
|
|
3716
|
-
const refreshTokenExpired = "refresh_token_expired";
|
|
3717
|
-
/**
|
|
3718
|
-
* MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
|
|
3719
|
-
* @public
|
|
3720
|
-
*/
|
|
3721
|
-
const uxNotAllowed = "ux_not_allowed";
|
|
3722
|
-
/**
|
|
3723
|
-
* Server-originated error code indicating interaction is required to complete the request.
|
|
3724
|
-
* @public
|
|
3725
|
-
*/
|
|
3726
|
-
const interactionRequired = "interaction_required";
|
|
3727
|
-
/**
|
|
3728
|
-
* Server-originated error code indicating user consent is required.
|
|
3729
|
-
* @public
|
|
3730
|
-
*/
|
|
3731
|
-
const consentRequired = "consent_required";
|
|
3732
|
-
/**
|
|
3733
|
-
* Server-originated error code indicating user login is required.
|
|
3734
|
-
* @public
|
|
3712
|
+
* Utility functions for managing date and time operations.
|
|
3735
3713
|
*/
|
|
3736
|
-
const loginRequired = "login_required";
|
|
3737
3714
|
/**
|
|
3738
|
-
*
|
|
3739
|
-
* @public
|
|
3715
|
+
* return the current time in Unix time (seconds).
|
|
3740
3716
|
*/
|
|
3741
|
-
|
|
3717
|
+
function nowSeconds() {
|
|
3718
|
+
// Date.getTime() returns in milliseconds.
|
|
3719
|
+
return Math.round(new Date().getTime() / 1000.0);
|
|
3720
|
+
}
|
|
3742
3721
|
/**
|
|
3743
|
-
*
|
|
3744
|
-
* @
|
|
3745
|
-
*/
|
|
3746
|
-
const interruptedUser = "interrupted_user";
|
|
3747
|
-
|
|
3748
|
-
var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
3749
|
-
__proto__: null,
|
|
3750
|
-
badToken: badToken,
|
|
3751
|
-
consentRequired: consentRequired,
|
|
3752
|
-
interactionRequired: interactionRequired,
|
|
3753
|
-
interruptedUser: interruptedUser,
|
|
3754
|
-
loginRequired: loginRequired,
|
|
3755
|
-
nativeAccountUnavailable: nativeAccountUnavailable,
|
|
3756
|
-
noTokensFound: noTokensFound,
|
|
3757
|
-
refreshTokenExpired: refreshTokenExpired,
|
|
3758
|
-
uxNotAllowed: uxNotAllowed
|
|
3759
|
-
});
|
|
3760
|
-
|
|
3761
|
-
/*! @azure/msal-common v16.2.0 2026-03-02 */
|
|
3762
|
-
|
|
3763
|
-
/*
|
|
3764
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3765
|
-
* Licensed under the MIT License.
|
|
3722
|
+
* Converts JS Date object to seconds
|
|
3723
|
+
* @param date Date
|
|
3766
3724
|
*/
|
|
3725
|
+
function toSecondsFromDate(date) {
|
|
3726
|
+
// Convert date to seconds
|
|
3727
|
+
return date.getTime() / 1000;
|
|
3728
|
+
}
|
|
3767
3729
|
/**
|
|
3768
|
-
*
|
|
3730
|
+
* Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
|
|
3731
|
+
* @param seconds
|
|
3769
3732
|
*/
|
|
3770
|
-
|
|
3771
|
-
|
|
3772
|
-
|
|
3773
|
-
|
|
3774
|
-
|
|
3775
|
-
|
|
3776
|
-
interruptedUser,
|
|
3777
|
-
];
|
|
3778
|
-
const InteractionRequiredAuthSubErrorMessage = [
|
|
3779
|
-
"message_only",
|
|
3780
|
-
"additional_action",
|
|
3781
|
-
"basic_action",
|
|
3782
|
-
"user_password_expired",
|
|
3783
|
-
"consent_required",
|
|
3784
|
-
"bad_token",
|
|
3785
|
-
"ux_not_allowed",
|
|
3786
|
-
"interrupted_user",
|
|
3787
|
-
];
|
|
3733
|
+
function toDateFromSeconds(seconds) {
|
|
3734
|
+
if (seconds) {
|
|
3735
|
+
return new Date(Number(seconds) * 1000);
|
|
3736
|
+
}
|
|
3737
|
+
return new Date();
|
|
3738
|
+
}
|
|
3788
3739
|
/**
|
|
3789
|
-
*
|
|
3740
|
+
* check if a token is expired based on given UTC time in seconds.
|
|
3741
|
+
* @param expiresOn
|
|
3790
3742
|
*/
|
|
3791
|
-
|
|
3792
|
-
|
|
3793
|
-
|
|
3794
|
-
|
|
3795
|
-
|
|
3796
|
-
|
|
3797
|
-
this.correlationId = correlationId || "";
|
|
3798
|
-
this.claims = claims || "";
|
|
3799
|
-
this.name = "InteractionRequiredAuthError";
|
|
3800
|
-
this.errorNo = errorNo;
|
|
3801
|
-
}
|
|
3743
|
+
function isTokenExpired(expiresOn, offset) {
|
|
3744
|
+
// check for access token expiry
|
|
3745
|
+
const expirationSec = Number(expiresOn) || 0;
|
|
3746
|
+
const offsetCurrentTimeSec = nowSeconds() + offset;
|
|
3747
|
+
// If current time + offset is greater than token expiration time, then token is expired.
|
|
3748
|
+
return offsetCurrentTimeSec > expirationSec;
|
|
3802
3749
|
}
|
|
3803
3750
|
/**
|
|
3804
|
-
*
|
|
3805
|
-
* @param
|
|
3806
|
-
* @param
|
|
3807
|
-
* @
|
|
3751
|
+
* Checks if a cache entry is expired based on the last updated time and cache retention days.
|
|
3752
|
+
* @param lastUpdatedAt
|
|
3753
|
+
* @param cacheRetentionDays
|
|
3754
|
+
* @returns
|
|
3808
3755
|
*/
|
|
3809
|
-
function
|
|
3810
|
-
const
|
|
3811
|
-
|
|
3812
|
-
const isInteractionRequiredSubError = !!subError &&
|
|
3813
|
-
InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
|
|
3814
|
-
const isInteractionRequiredErrorDesc = !!errorString &&
|
|
3815
|
-
InteractionRequiredServerErrorMessage.some((irErrorCode) => {
|
|
3816
|
-
return errorString.indexOf(irErrorCode) > -1;
|
|
3817
|
-
});
|
|
3818
|
-
return (isInteractionRequiredErrorCode ||
|
|
3819
|
-
isInteractionRequiredErrorDesc ||
|
|
3820
|
-
isInteractionRequiredSubError);
|
|
3756
|
+
function isCacheExpired(lastUpdatedAt, cacheRetentionDays) {
|
|
3757
|
+
const cacheExpirationTimestamp = Number(lastUpdatedAt) + cacheRetentionDays * 24 * 60 * 60 * 1000;
|
|
3758
|
+
return Date.now() > cacheExpirationTimestamp;
|
|
3821
3759
|
}
|
|
3822
3760
|
/**
|
|
3823
|
-
*
|
|
3761
|
+
* If the current time is earlier than the time that a token was cached at, we must discard the token
|
|
3762
|
+
* i.e. The system clock was turned back after acquiring the cached token
|
|
3763
|
+
* @param cachedAt
|
|
3764
|
+
* @param offset
|
|
3824
3765
|
*/
|
|
3825
|
-
function
|
|
3826
|
-
|
|
3766
|
+
function wasClockTurnedBack(cachedAt) {
|
|
3767
|
+
const cachedAtSec = Number(cachedAt);
|
|
3768
|
+
return cachedAtSec > nowSeconds();
|
|
3827
3769
|
}
|
|
3828
3770
|
|
|
3829
|
-
/*! @azure/msal-common v16.2.
|
|
3771
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3830
3772
|
|
|
3831
3773
|
/*
|
|
3832
3774
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3833
3775
|
* Licensed under the MIT License.
|
|
3834
3776
|
*/
|
|
3835
3777
|
/**
|
|
3836
|
-
*
|
|
3837
|
-
* @param
|
|
3838
|
-
* @param
|
|
3839
|
-
* @param
|
|
3778
|
+
* Create IdTokenEntity
|
|
3779
|
+
* @param homeAccountId
|
|
3780
|
+
* @param authenticationResult
|
|
3781
|
+
* @param clientId
|
|
3782
|
+
* @param authority
|
|
3840
3783
|
*/
|
|
3841
|
-
function
|
|
3842
|
-
const
|
|
3843
|
-
|
|
3844
|
-
|
|
3845
|
-
:
|
|
3784
|
+
function createIdTokenEntity(homeAccountId, environment, idToken, clientId, tenantId) {
|
|
3785
|
+
const idTokenEntity = {
|
|
3786
|
+
credentialType: CredentialType.ID_TOKEN,
|
|
3787
|
+
homeAccountId: homeAccountId,
|
|
3788
|
+
environment: environment,
|
|
3789
|
+
clientId: clientId,
|
|
3790
|
+
secret: idToken,
|
|
3791
|
+
realm: tenantId,
|
|
3792
|
+
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
3793
|
+
};
|
|
3794
|
+
return idTokenEntity;
|
|
3846
3795
|
}
|
|
3847
3796
|
/**
|
|
3848
|
-
*
|
|
3849
|
-
* @param
|
|
3850
|
-
* @param
|
|
3797
|
+
* Create AccessTokenEntity
|
|
3798
|
+
* @param homeAccountId
|
|
3799
|
+
* @param environment
|
|
3800
|
+
* @param accessToken
|
|
3801
|
+
* @param clientId
|
|
3802
|
+
* @param tenantId
|
|
3803
|
+
* @param scopes
|
|
3804
|
+
* @param expiresOn
|
|
3805
|
+
* @param extExpiresOn
|
|
3851
3806
|
*/
|
|
3852
|
-
function
|
|
3853
|
-
|
|
3854
|
-
|
|
3855
|
-
|
|
3856
|
-
|
|
3857
|
-
|
|
3858
|
-
|
|
3807
|
+
function createAccessTokenEntity(homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, base64Decode, refreshOn, tokenType, userAssertionHash, keyId) {
|
|
3808
|
+
const atEntity = {
|
|
3809
|
+
homeAccountId: homeAccountId,
|
|
3810
|
+
credentialType: CredentialType.ACCESS_TOKEN,
|
|
3811
|
+
secret: accessToken,
|
|
3812
|
+
cachedAt: nowSeconds().toString(),
|
|
3813
|
+
expiresOn: expiresOn.toString(),
|
|
3814
|
+
extendedExpiresOn: extExpiresOn.toString(),
|
|
3815
|
+
environment: environment,
|
|
3816
|
+
clientId: clientId,
|
|
3817
|
+
realm: tenantId,
|
|
3818
|
+
target: scopes,
|
|
3819
|
+
tokenType: tokenType || AuthenticationScheme$1.BEARER,
|
|
3820
|
+
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
3859
3821
|
};
|
|
3860
|
-
if (
|
|
3861
|
-
|
|
3822
|
+
if (userAssertionHash) {
|
|
3823
|
+
atEntity.userAssertionHash = userAssertionHash;
|
|
3862
3824
|
}
|
|
3863
|
-
|
|
3864
|
-
|
|
3825
|
+
if (refreshOn) {
|
|
3826
|
+
atEntity.refreshOn = refreshOn.toString();
|
|
3827
|
+
}
|
|
3828
|
+
/*
|
|
3829
|
+
* Create Access Token With Auth Scheme instead of regular access token
|
|
3830
|
+
* Cast to lower to handle "bearer" from ADFS
|
|
3831
|
+
*/
|
|
3832
|
+
if (atEntity.tokenType?.toLowerCase() !==
|
|
3833
|
+
AuthenticationScheme$1.BEARER.toLowerCase()) {
|
|
3834
|
+
atEntity.credentialType =
|
|
3835
|
+
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
|
|
3836
|
+
switch (atEntity.tokenType) {
|
|
3837
|
+
case AuthenticationScheme$1.POP:
|
|
3838
|
+
// Make sure keyId is present and add it to credential
|
|
3839
|
+
const tokenClaims = extractTokenClaims(accessToken, base64Decode);
|
|
3840
|
+
if (!tokenClaims?.cnf?.kid) {
|
|
3841
|
+
throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
|
|
3842
|
+
}
|
|
3843
|
+
atEntity.keyId = tokenClaims.cnf.kid;
|
|
3844
|
+
break;
|
|
3845
|
+
case AuthenticationScheme$1.SSH:
|
|
3846
|
+
atEntity.keyId = keyId;
|
|
3847
|
+
}
|
|
3848
|
+
}
|
|
3849
|
+
return atEntity;
|
|
3865
3850
|
}
|
|
3866
3851
|
/**
|
|
3867
|
-
*
|
|
3868
|
-
* @param
|
|
3869
|
-
* @param
|
|
3852
|
+
* Create RefreshTokenEntity
|
|
3853
|
+
* @param homeAccountId
|
|
3854
|
+
* @param authenticationResult
|
|
3855
|
+
* @param clientId
|
|
3856
|
+
* @param authority
|
|
3870
3857
|
*/
|
|
3871
|
-
function
|
|
3872
|
-
|
|
3873
|
-
|
|
3858
|
+
function createRefreshTokenEntity(homeAccountId, environment, refreshToken, clientId, familyId, userAssertionHash, expiresOn) {
|
|
3859
|
+
const rtEntity = {
|
|
3860
|
+
credentialType: CredentialType.REFRESH_TOKEN,
|
|
3861
|
+
homeAccountId: homeAccountId,
|
|
3862
|
+
environment: environment,
|
|
3863
|
+
clientId: clientId,
|
|
3864
|
+
secret: refreshToken,
|
|
3865
|
+
lastUpdatedAt: Date.now().toString(),
|
|
3866
|
+
};
|
|
3867
|
+
if (userAssertionHash) {
|
|
3868
|
+
rtEntity.userAssertionHash = userAssertionHash;
|
|
3874
3869
|
}
|
|
3875
|
-
if (
|
|
3876
|
-
|
|
3870
|
+
if (familyId) {
|
|
3871
|
+
rtEntity.familyId = familyId;
|
|
3877
3872
|
}
|
|
3878
|
-
|
|
3879
|
-
|
|
3880
|
-
const splitState = state.split(RESOURCE_DELIM);
|
|
3881
|
-
const libraryState = splitState[0];
|
|
3882
|
-
const userState = splitState.length > 1
|
|
3883
|
-
? splitState.slice(1).join(RESOURCE_DELIM)
|
|
3884
|
-
: "";
|
|
3885
|
-
const libraryStateString = base64Decode(libraryState);
|
|
3886
|
-
const libraryStateObj = JSON.parse(libraryStateString);
|
|
3887
|
-
return {
|
|
3888
|
-
userRequestState: userState || "",
|
|
3889
|
-
libraryState: libraryStateObj,
|
|
3890
|
-
};
|
|
3873
|
+
if (expiresOn) {
|
|
3874
|
+
rtEntity.expiresOn = expiresOn.toString();
|
|
3891
3875
|
}
|
|
3892
|
-
|
|
3893
|
-
|
|
3876
|
+
return rtEntity;
|
|
3877
|
+
}
|
|
3878
|
+
function isCredentialEntity(entity) {
|
|
3879
|
+
return (entity.hasOwnProperty("homeAccountId") &&
|
|
3880
|
+
entity.hasOwnProperty("environment") &&
|
|
3881
|
+
entity.hasOwnProperty("credentialType") &&
|
|
3882
|
+
entity.hasOwnProperty("clientId") &&
|
|
3883
|
+
entity.hasOwnProperty("secret"));
|
|
3884
|
+
}
|
|
3885
|
+
/**
|
|
3886
|
+
* Validates an entity: checks for all expected params
|
|
3887
|
+
* @param entity
|
|
3888
|
+
*/
|
|
3889
|
+
function isAccessTokenEntity(entity) {
|
|
3890
|
+
if (!entity) {
|
|
3891
|
+
return false;
|
|
3894
3892
|
}
|
|
3895
|
-
|
|
3896
|
-
|
|
3897
|
-
|
|
3898
|
-
|
|
3899
|
-
|
|
3900
|
-
|
|
3893
|
+
return (isCredentialEntity(entity) &&
|
|
3894
|
+
entity.hasOwnProperty("realm") &&
|
|
3895
|
+
entity.hasOwnProperty("target") &&
|
|
3896
|
+
(entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
|
|
3897
|
+
entity["credentialType"] ===
|
|
3898
|
+
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
|
|
3899
|
+
}
|
|
3900
|
+
/**
|
|
3901
|
+
* Validates an entity: checks for all expected params
|
|
3902
|
+
* @param entity
|
|
3901
3903
|
*/
|
|
3904
|
+
function isIdTokenEntity(entity) {
|
|
3905
|
+
if (!entity) {
|
|
3906
|
+
return false;
|
|
3907
|
+
}
|
|
3908
|
+
return (isCredentialEntity(entity) &&
|
|
3909
|
+
entity.hasOwnProperty("realm") &&
|
|
3910
|
+
entity["credentialType"] === CredentialType.ID_TOKEN);
|
|
3911
|
+
}
|
|
3902
3912
|
/**
|
|
3903
|
-
*
|
|
3913
|
+
* Validates an entity: checks for all expected params
|
|
3914
|
+
* @param entity
|
|
3904
3915
|
*/
|
|
3916
|
+
function isRefreshTokenEntity(entity) {
|
|
3917
|
+
if (!entity) {
|
|
3918
|
+
return false;
|
|
3919
|
+
}
|
|
3920
|
+
return (isCredentialEntity(entity) &&
|
|
3921
|
+
entity["credentialType"] === CredentialType.REFRESH_TOKEN);
|
|
3922
|
+
}
|
|
3905
3923
|
/**
|
|
3906
|
-
*
|
|
3924
|
+
* validates if a given cache entry is "Telemetry", parses <key,value>
|
|
3925
|
+
* @param key
|
|
3926
|
+
* @param entity
|
|
3907
3927
|
*/
|
|
3908
|
-
function
|
|
3909
|
-
|
|
3910
|
-
|
|
3928
|
+
function isServerTelemetryEntity(key, entity) {
|
|
3929
|
+
const validateKey = key.indexOf(SERVER_TELEM_CACHE_KEY) === 0;
|
|
3930
|
+
let validateEntity = true;
|
|
3931
|
+
if (entity) {
|
|
3932
|
+
validateEntity =
|
|
3933
|
+
entity.hasOwnProperty("failedRequests") &&
|
|
3934
|
+
entity.hasOwnProperty("errors") &&
|
|
3935
|
+
entity.hasOwnProperty("cacheHits");
|
|
3936
|
+
}
|
|
3937
|
+
return validateKey && validateEntity;
|
|
3911
3938
|
}
|
|
3912
3939
|
/**
|
|
3913
|
-
*
|
|
3914
|
-
* @param
|
|
3940
|
+
* validates if a given cache entry is "Throttling", parses <key,value>
|
|
3941
|
+
* @param key
|
|
3942
|
+
* @param entity
|
|
3915
3943
|
*/
|
|
3916
|
-
function
|
|
3917
|
-
|
|
3918
|
-
|
|
3944
|
+
function isThrottlingEntity(key, entity) {
|
|
3945
|
+
let validateKey = false;
|
|
3946
|
+
if (key) {
|
|
3947
|
+
validateKey = key.indexOf(THROTTLING_PREFIX) === 0;
|
|
3948
|
+
}
|
|
3949
|
+
let validateEntity = true;
|
|
3950
|
+
if (entity) {
|
|
3951
|
+
validateEntity = entity.hasOwnProperty("throttleTime");
|
|
3952
|
+
}
|
|
3953
|
+
return validateKey && validateEntity;
|
|
3919
3954
|
}
|
|
3920
3955
|
/**
|
|
3921
|
-
*
|
|
3922
|
-
* @param seconds
|
|
3956
|
+
* Generate AppMetadata Cache Key as per the schema: appmetadata-<environment>-<client_id>
|
|
3923
3957
|
*/
|
|
3924
|
-
function
|
|
3925
|
-
|
|
3926
|
-
|
|
3958
|
+
function generateAppMetadataKey({ environment, clientId, }) {
|
|
3959
|
+
const appMetaDataKeyArray = [
|
|
3960
|
+
APP_METADATA,
|
|
3961
|
+
environment,
|
|
3962
|
+
clientId,
|
|
3963
|
+
];
|
|
3964
|
+
return appMetaDataKeyArray
|
|
3965
|
+
.join(CACHE_KEY_SEPARATOR$1)
|
|
3966
|
+
.toLowerCase();
|
|
3967
|
+
}
|
|
3968
|
+
/*
|
|
3969
|
+
* Validates an entity: checks for all expected params
|
|
3970
|
+
* @param entity
|
|
3971
|
+
*/
|
|
3972
|
+
function isAppMetadataEntity(key, entity) {
|
|
3973
|
+
if (!entity) {
|
|
3974
|
+
return false;
|
|
3927
3975
|
}
|
|
3928
|
-
return
|
|
3976
|
+
return (key.indexOf(APP_METADATA) === 0 &&
|
|
3977
|
+
entity.hasOwnProperty("clientId") &&
|
|
3978
|
+
entity.hasOwnProperty("environment"));
|
|
3929
3979
|
}
|
|
3930
3980
|
/**
|
|
3931
|
-
*
|
|
3932
|
-
* @param
|
|
3981
|
+
* Validates an entity: checks for all expected params
|
|
3982
|
+
* @param entity
|
|
3933
3983
|
*/
|
|
3934
|
-
function
|
|
3935
|
-
|
|
3936
|
-
|
|
3937
|
-
|
|
3938
|
-
|
|
3939
|
-
|
|
3984
|
+
function isAuthorityMetadataEntity(key, entity) {
|
|
3985
|
+
if (!entity) {
|
|
3986
|
+
return false;
|
|
3987
|
+
}
|
|
3988
|
+
return (key.indexOf(AUTHORITY_METADATA_CACHE_KEY) === 0 &&
|
|
3989
|
+
entity.hasOwnProperty("aliases") &&
|
|
3990
|
+
entity.hasOwnProperty("preferred_cache") &&
|
|
3991
|
+
entity.hasOwnProperty("preferred_network") &&
|
|
3992
|
+
entity.hasOwnProperty("canonical_authority") &&
|
|
3993
|
+
entity.hasOwnProperty("authorization_endpoint") &&
|
|
3994
|
+
entity.hasOwnProperty("token_endpoint") &&
|
|
3995
|
+
entity.hasOwnProperty("issuer") &&
|
|
3996
|
+
entity.hasOwnProperty("aliasesFromNetwork") &&
|
|
3997
|
+
entity.hasOwnProperty("endpointsFromNetwork") &&
|
|
3998
|
+
entity.hasOwnProperty("expiresAt") &&
|
|
3999
|
+
entity.hasOwnProperty("jwks_uri"));
|
|
3940
4000
|
}
|
|
3941
4001
|
/**
|
|
3942
|
-
*
|
|
3943
|
-
* @param lastUpdatedAt
|
|
3944
|
-
* @param cacheRetentionDays
|
|
3945
|
-
* @returns
|
|
4002
|
+
* Reset the exiresAt value
|
|
3946
4003
|
*/
|
|
3947
|
-
function
|
|
3948
|
-
|
|
3949
|
-
|
|
4004
|
+
function generateAuthorityMetadataExpiresAt() {
|
|
4005
|
+
return (nowSeconds() +
|
|
4006
|
+
AUTHORITY_METADATA_REFRESH_TIME_SECONDS);
|
|
4007
|
+
}
|
|
4008
|
+
function updateAuthorityEndpointMetadata(authorityMetadata, updatedValues, fromNetwork) {
|
|
4009
|
+
authorityMetadata.authorization_endpoint =
|
|
4010
|
+
updatedValues.authorization_endpoint;
|
|
4011
|
+
authorityMetadata.token_endpoint = updatedValues.token_endpoint;
|
|
4012
|
+
authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
|
|
4013
|
+
authorityMetadata.issuer = updatedValues.issuer;
|
|
4014
|
+
authorityMetadata.endpointsFromNetwork = fromNetwork;
|
|
4015
|
+
authorityMetadata.jwks_uri = updatedValues.jwks_uri;
|
|
4016
|
+
}
|
|
4017
|
+
function updateCloudDiscoveryMetadata(authorityMetadata, updatedValues, fromNetwork) {
|
|
4018
|
+
authorityMetadata.aliases = updatedValues.aliases;
|
|
4019
|
+
authorityMetadata.preferred_cache = updatedValues.preferred_cache;
|
|
4020
|
+
authorityMetadata.preferred_network = updatedValues.preferred_network;
|
|
4021
|
+
authorityMetadata.aliasesFromNetwork = fromNetwork;
|
|
3950
4022
|
}
|
|
3951
4023
|
/**
|
|
3952
|
-
*
|
|
3953
|
-
* i.e. The system clock was turned back after acquiring the cached token
|
|
3954
|
-
* @param cachedAt
|
|
3955
|
-
* @param offset
|
|
4024
|
+
* Returns whether or not the data needs to be refreshed
|
|
3956
4025
|
*/
|
|
3957
|
-
function
|
|
3958
|
-
|
|
3959
|
-
return cachedAtSec > nowSeconds();
|
|
4026
|
+
function isAuthorityMetadataExpired(metadata) {
|
|
4027
|
+
return metadata.expiresAt <= nowSeconds();
|
|
3960
4028
|
}
|
|
3961
4029
|
|
|
3962
|
-
/*! @azure/msal-common v16.2.
|
|
4030
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
3963
4031
|
/*
|
|
3964
4032
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3965
4033
|
* Licensed under the MIT License.
|
|
@@ -4030,7 +4098,7 @@ const RegionDiscoveryGetCurrentVersion = "regionDiscoveryGetCurrentVersion";
|
|
|
4030
4098
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
4031
4099
|
const SetUserData = "setUserData";
|
|
4032
4100
|
|
|
4033
|
-
/*! @azure/msal-common v16.2.
|
|
4101
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4034
4102
|
/*
|
|
4035
4103
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4036
4104
|
* Licensed under the MIT License.
|
|
@@ -4123,7 +4191,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
4123
4191
|
};
|
|
4124
4192
|
};
|
|
4125
4193
|
|
|
4126
|
-
/*! @azure/msal-common v16.2.
|
|
4194
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4127
4195
|
|
|
4128
4196
|
/*
|
|
4129
4197
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4203,293 +4271,226 @@ class PopTokenGenerator {
|
|
|
4203
4271
|
}
|
|
4204
4272
|
}
|
|
4205
4273
|
|
|
4206
|
-
/*! @azure/msal-common v16.2.
|
|
4274
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4207
4275
|
/*
|
|
4208
4276
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4209
4277
|
* Licensed under the MIT License.
|
|
4210
4278
|
*/
|
|
4211
4279
|
/**
|
|
4212
|
-
*
|
|
4213
|
-
*
|
|
4214
|
-
*/ class TokenCacheContext {
|
|
4215
|
-
constructor(tokenCache, hasChanged) {
|
|
4216
|
-
this.cache = tokenCache;
|
|
4217
|
-
this.hasChanged = hasChanged;
|
|
4218
|
-
}
|
|
4219
|
-
/**
|
|
4220
|
-
* boolean which indicates the changes in cache
|
|
4221
|
-
*/
|
|
4222
|
-
get cacheHasChanged() {
|
|
4223
|
-
return this.hasChanged;
|
|
4224
|
-
}
|
|
4225
|
-
/**
|
|
4226
|
-
* function to retrieve the token cache
|
|
4227
|
-
*/
|
|
4228
|
-
get tokenCache() {
|
|
4229
|
-
return this.cache;
|
|
4230
|
-
}
|
|
4231
|
-
}
|
|
4232
|
-
|
|
4233
|
-
/*! @azure/msal-common v16.2.0 2026-03-02 */
|
|
4234
|
-
|
|
4235
|
-
/*
|
|
4236
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4237
|
-
* Licensed under the MIT License.
|
|
4280
|
+
* MSAL-defined interaction required error code indicating no tokens are found in cache.
|
|
4281
|
+
* @public
|
|
4238
4282
|
*/
|
|
4283
|
+
const noTokensFound = "no_tokens_found";
|
|
4239
4284
|
/**
|
|
4240
|
-
*
|
|
4241
|
-
* @
|
|
4242
|
-
* @param authenticationResult
|
|
4243
|
-
* @param clientId
|
|
4244
|
-
* @param authority
|
|
4285
|
+
* MSAL-defined error code indicating a native account is unavailable on the platform.
|
|
4286
|
+
* @public
|
|
4245
4287
|
*/
|
|
4246
|
-
|
|
4247
|
-
const idTokenEntity = {
|
|
4248
|
-
credentialType: CredentialType.ID_TOKEN,
|
|
4249
|
-
homeAccountId: homeAccountId,
|
|
4250
|
-
environment: environment,
|
|
4251
|
-
clientId: clientId,
|
|
4252
|
-
secret: idToken,
|
|
4253
|
-
realm: tenantId,
|
|
4254
|
-
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
4255
|
-
};
|
|
4256
|
-
return idTokenEntity;
|
|
4257
|
-
}
|
|
4288
|
+
const nativeAccountUnavailable = "native_account_unavailable";
|
|
4258
4289
|
/**
|
|
4259
|
-
*
|
|
4260
|
-
* @
|
|
4261
|
-
* @param environment
|
|
4262
|
-
* @param accessToken
|
|
4263
|
-
* @param clientId
|
|
4264
|
-
* @param tenantId
|
|
4265
|
-
* @param scopes
|
|
4266
|
-
* @param expiresOn
|
|
4267
|
-
* @param extExpiresOn
|
|
4290
|
+
* MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
|
|
4291
|
+
* @public
|
|
4268
4292
|
*/
|
|
4269
|
-
|
|
4270
|
-
const atEntity = {
|
|
4271
|
-
homeAccountId: homeAccountId,
|
|
4272
|
-
credentialType: CredentialType.ACCESS_TOKEN,
|
|
4273
|
-
secret: accessToken,
|
|
4274
|
-
cachedAt: nowSeconds().toString(),
|
|
4275
|
-
expiresOn: expiresOn.toString(),
|
|
4276
|
-
extendedExpiresOn: extExpiresOn.toString(),
|
|
4277
|
-
environment: environment,
|
|
4278
|
-
clientId: clientId,
|
|
4279
|
-
realm: tenantId,
|
|
4280
|
-
target: scopes,
|
|
4281
|
-
tokenType: tokenType || AuthenticationScheme$1.BEARER,
|
|
4282
|
-
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
4283
|
-
};
|
|
4284
|
-
if (userAssertionHash) {
|
|
4285
|
-
atEntity.userAssertionHash = userAssertionHash;
|
|
4286
|
-
}
|
|
4287
|
-
if (refreshOn) {
|
|
4288
|
-
atEntity.refreshOn = refreshOn.toString();
|
|
4289
|
-
}
|
|
4290
|
-
/*
|
|
4291
|
-
* Create Access Token With Auth Scheme instead of regular access token
|
|
4292
|
-
* Cast to lower to handle "bearer" from ADFS
|
|
4293
|
-
*/
|
|
4294
|
-
if (atEntity.tokenType?.toLowerCase() !==
|
|
4295
|
-
AuthenticationScheme$1.BEARER.toLowerCase()) {
|
|
4296
|
-
atEntity.credentialType =
|
|
4297
|
-
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
|
|
4298
|
-
switch (atEntity.tokenType) {
|
|
4299
|
-
case AuthenticationScheme$1.POP:
|
|
4300
|
-
// Make sure keyId is present and add it to credential
|
|
4301
|
-
const tokenClaims = extractTokenClaims(accessToken, base64Decode);
|
|
4302
|
-
if (!tokenClaims?.cnf?.kid) {
|
|
4303
|
-
throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
|
|
4304
|
-
}
|
|
4305
|
-
atEntity.keyId = tokenClaims.cnf.kid;
|
|
4306
|
-
break;
|
|
4307
|
-
case AuthenticationScheme$1.SSH:
|
|
4308
|
-
atEntity.keyId = keyId;
|
|
4309
|
-
}
|
|
4310
|
-
}
|
|
4311
|
-
return atEntity;
|
|
4312
|
-
}
|
|
4293
|
+
const refreshTokenExpired = "refresh_token_expired";
|
|
4313
4294
|
/**
|
|
4314
|
-
*
|
|
4315
|
-
* @
|
|
4316
|
-
* @param authenticationResult
|
|
4317
|
-
* @param clientId
|
|
4318
|
-
* @param authority
|
|
4295
|
+
* MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
|
|
4296
|
+
* @public
|
|
4319
4297
|
*/
|
|
4320
|
-
|
|
4321
|
-
const rtEntity = {
|
|
4322
|
-
credentialType: CredentialType.REFRESH_TOKEN,
|
|
4323
|
-
homeAccountId: homeAccountId,
|
|
4324
|
-
environment: environment,
|
|
4325
|
-
clientId: clientId,
|
|
4326
|
-
secret: refreshToken,
|
|
4327
|
-
lastUpdatedAt: Date.now().toString(),
|
|
4328
|
-
};
|
|
4329
|
-
if (userAssertionHash) {
|
|
4330
|
-
rtEntity.userAssertionHash = userAssertionHash;
|
|
4331
|
-
}
|
|
4332
|
-
if (familyId) {
|
|
4333
|
-
rtEntity.familyId = familyId;
|
|
4334
|
-
}
|
|
4335
|
-
if (expiresOn) {
|
|
4336
|
-
rtEntity.expiresOn = expiresOn.toString();
|
|
4337
|
-
}
|
|
4338
|
-
return rtEntity;
|
|
4339
|
-
}
|
|
4340
|
-
function isCredentialEntity(entity) {
|
|
4341
|
-
return (entity.hasOwnProperty("homeAccountId") &&
|
|
4342
|
-
entity.hasOwnProperty("environment") &&
|
|
4343
|
-
entity.hasOwnProperty("credentialType") &&
|
|
4344
|
-
entity.hasOwnProperty("clientId") &&
|
|
4345
|
-
entity.hasOwnProperty("secret"));
|
|
4346
|
-
}
|
|
4298
|
+
const uxNotAllowed = "ux_not_allowed";
|
|
4347
4299
|
/**
|
|
4348
|
-
*
|
|
4349
|
-
* @
|
|
4300
|
+
* Server-originated error code indicating interaction is required to complete the request.
|
|
4301
|
+
* @public
|
|
4350
4302
|
*/
|
|
4351
|
-
|
|
4352
|
-
|
|
4353
|
-
|
|
4354
|
-
|
|
4355
|
-
|
|
4356
|
-
|
|
4357
|
-
|
|
4358
|
-
|
|
4359
|
-
|
|
4360
|
-
|
|
4361
|
-
|
|
4303
|
+
const interactionRequired = "interaction_required";
|
|
4304
|
+
/**
|
|
4305
|
+
* Server-originated error code indicating user consent is required.
|
|
4306
|
+
* @public
|
|
4307
|
+
*/
|
|
4308
|
+
const consentRequired = "consent_required";
|
|
4309
|
+
/**
|
|
4310
|
+
* Server-originated error code indicating user login is required.
|
|
4311
|
+
* @public
|
|
4312
|
+
*/
|
|
4313
|
+
const loginRequired = "login_required";
|
|
4314
|
+
/**
|
|
4315
|
+
* Server-originated error code indicating the token is invalid or corrupted.
|
|
4316
|
+
* @public
|
|
4317
|
+
*/
|
|
4318
|
+
const badToken = "bad_token";
|
|
4362
4319
|
/**
|
|
4363
|
-
*
|
|
4364
|
-
* @
|
|
4320
|
+
* Server-originated error code indicating the user is in an interrupted state and interaction is required.
|
|
4321
|
+
* @public
|
|
4322
|
+
*/
|
|
4323
|
+
const interruptedUser = "interrupted_user";
|
|
4324
|
+
|
|
4325
|
+
var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
4326
|
+
__proto__: null,
|
|
4327
|
+
badToken: badToken,
|
|
4328
|
+
consentRequired: consentRequired,
|
|
4329
|
+
interactionRequired: interactionRequired,
|
|
4330
|
+
interruptedUser: interruptedUser,
|
|
4331
|
+
loginRequired: loginRequired,
|
|
4332
|
+
nativeAccountUnavailable: nativeAccountUnavailable,
|
|
4333
|
+
noTokensFound: noTokensFound,
|
|
4334
|
+
refreshTokenExpired: refreshTokenExpired,
|
|
4335
|
+
uxNotAllowed: uxNotAllowed
|
|
4336
|
+
});
|
|
4337
|
+
|
|
4338
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4339
|
+
|
|
4340
|
+
/*
|
|
4341
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4342
|
+
* Licensed under the MIT License.
|
|
4365
4343
|
*/
|
|
4366
|
-
function isIdTokenEntity(entity) {
|
|
4367
|
-
if (!entity) {
|
|
4368
|
-
return false;
|
|
4369
|
-
}
|
|
4370
|
-
return (isCredentialEntity(entity) &&
|
|
4371
|
-
entity.hasOwnProperty("realm") &&
|
|
4372
|
-
entity["credentialType"] === CredentialType.ID_TOKEN);
|
|
4373
|
-
}
|
|
4374
4344
|
/**
|
|
4375
|
-
*
|
|
4376
|
-
* @param entity
|
|
4345
|
+
* InteractionRequiredServerErrorMessage contains string constants used by error codes and messages returned by the server indicating interaction is required
|
|
4377
4346
|
*/
|
|
4378
|
-
|
|
4379
|
-
|
|
4380
|
-
|
|
4381
|
-
|
|
4382
|
-
|
|
4383
|
-
|
|
4384
|
-
|
|
4347
|
+
const InteractionRequiredServerErrorMessage = [
|
|
4348
|
+
interactionRequired,
|
|
4349
|
+
consentRequired,
|
|
4350
|
+
loginRequired,
|
|
4351
|
+
badToken,
|
|
4352
|
+
uxNotAllowed,
|
|
4353
|
+
interruptedUser,
|
|
4354
|
+
];
|
|
4355
|
+
const InteractionRequiredAuthSubErrorMessage = [
|
|
4356
|
+
"message_only",
|
|
4357
|
+
"additional_action",
|
|
4358
|
+
"basic_action",
|
|
4359
|
+
"user_password_expired",
|
|
4360
|
+
"consent_required",
|
|
4361
|
+
"bad_token",
|
|
4362
|
+
"ux_not_allowed",
|
|
4363
|
+
"interrupted_user",
|
|
4364
|
+
];
|
|
4385
4365
|
/**
|
|
4386
|
-
*
|
|
4387
|
-
* @param key
|
|
4388
|
-
* @param entity
|
|
4366
|
+
* Error thrown when user interaction is required.
|
|
4389
4367
|
*/
|
|
4390
|
-
|
|
4391
|
-
|
|
4392
|
-
|
|
4393
|
-
|
|
4394
|
-
|
|
4395
|
-
|
|
4396
|
-
|
|
4397
|
-
|
|
4368
|
+
class InteractionRequiredAuthError extends AuthError {
|
|
4369
|
+
constructor(errorCode, errorMessage, subError, timestamp, traceId, correlationId, claims, errorNo) {
|
|
4370
|
+
super(errorCode, errorMessage, subError);
|
|
4371
|
+
Object.setPrototypeOf(this, InteractionRequiredAuthError.prototype);
|
|
4372
|
+
this.timestamp = timestamp || "";
|
|
4373
|
+
this.traceId = traceId || "";
|
|
4374
|
+
this.correlationId = correlationId || "";
|
|
4375
|
+
this.claims = claims || "";
|
|
4376
|
+
this.name = "InteractionRequiredAuthError";
|
|
4377
|
+
this.errorNo = errorNo;
|
|
4398
4378
|
}
|
|
4399
|
-
return validateKey && validateEntity;
|
|
4400
4379
|
}
|
|
4401
4380
|
/**
|
|
4402
|
-
*
|
|
4403
|
-
* @param
|
|
4404
|
-
* @param
|
|
4381
|
+
* Helper function used to determine if an error thrown by the server requires interaction to resolve
|
|
4382
|
+
* @param errorCode
|
|
4383
|
+
* @param errorString
|
|
4384
|
+
* @param subError
|
|
4405
4385
|
*/
|
|
4406
|
-
function
|
|
4407
|
-
|
|
4408
|
-
|
|
4409
|
-
|
|
4410
|
-
|
|
4411
|
-
|
|
4412
|
-
|
|
4413
|
-
|
|
4414
|
-
|
|
4415
|
-
return
|
|
4386
|
+
function isInteractionRequiredError(errorCode, errorString, subError) {
|
|
4387
|
+
const isInteractionRequiredErrorCode = !!errorCode &&
|
|
4388
|
+
InteractionRequiredServerErrorMessage.indexOf(errorCode) > -1;
|
|
4389
|
+
const isInteractionRequiredSubError = !!subError &&
|
|
4390
|
+
InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
|
|
4391
|
+
const isInteractionRequiredErrorDesc = !!errorString &&
|
|
4392
|
+
InteractionRequiredServerErrorMessage.some((irErrorCode) => {
|
|
4393
|
+
return errorString.indexOf(irErrorCode) > -1;
|
|
4394
|
+
});
|
|
4395
|
+
return (isInteractionRequiredErrorCode ||
|
|
4396
|
+
isInteractionRequiredErrorDesc ||
|
|
4397
|
+
isInteractionRequiredSubError);
|
|
4416
4398
|
}
|
|
4417
4399
|
/**
|
|
4418
|
-
*
|
|
4400
|
+
* Creates an InteractionRequiredAuthError
|
|
4419
4401
|
*/
|
|
4420
|
-
function
|
|
4421
|
-
|
|
4422
|
-
|
|
4423
|
-
|
|
4424
|
-
|
|
4425
|
-
|
|
4426
|
-
return appMetaDataKeyArray
|
|
4427
|
-
.join(CACHE_KEY_SEPARATOR$1)
|
|
4428
|
-
.toLowerCase();
|
|
4429
|
-
}
|
|
4402
|
+
function createInteractionRequiredAuthError(errorCode, errorMessage) {
|
|
4403
|
+
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
4404
|
+
}
|
|
4405
|
+
|
|
4406
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4407
|
+
|
|
4430
4408
|
/*
|
|
4431
|
-
*
|
|
4432
|
-
*
|
|
4409
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4410
|
+
* Licensed under the MIT License.
|
|
4433
4411
|
*/
|
|
4434
|
-
function isAppMetadataEntity(key, entity) {
|
|
4435
|
-
if (!entity) {
|
|
4436
|
-
return false;
|
|
4437
|
-
}
|
|
4438
|
-
return (key.indexOf(APP_METADATA) === 0 &&
|
|
4439
|
-
entity.hasOwnProperty("clientId") &&
|
|
4440
|
-
entity.hasOwnProperty("environment"));
|
|
4441
|
-
}
|
|
4442
4412
|
/**
|
|
4443
|
-
*
|
|
4444
|
-
* @param entity
|
|
4413
|
+
* Error thrown when there is an error with the server code, for example, unavailability.
|
|
4445
4414
|
*/
|
|
4446
|
-
|
|
4447
|
-
|
|
4448
|
-
|
|
4415
|
+
class ServerError extends AuthError {
|
|
4416
|
+
constructor(errorCode, errorMessage, subError, errorNo, status) {
|
|
4417
|
+
super(errorCode, errorMessage, subError);
|
|
4418
|
+
this.name = "ServerError";
|
|
4419
|
+
this.errorNo = errorNo;
|
|
4420
|
+
this.status = status;
|
|
4421
|
+
Object.setPrototypeOf(this, ServerError.prototype);
|
|
4449
4422
|
}
|
|
4450
|
-
|
|
4451
|
-
|
|
4452
|
-
|
|
4453
|
-
|
|
4454
|
-
|
|
4455
|
-
|
|
4456
|
-
|
|
4457
|
-
|
|
4458
|
-
entity.hasOwnProperty("aliasesFromNetwork") &&
|
|
4459
|
-
entity.hasOwnProperty("endpointsFromNetwork") &&
|
|
4460
|
-
entity.hasOwnProperty("expiresAt") &&
|
|
4461
|
-
entity.hasOwnProperty("jwks_uri"));
|
|
4462
|
-
}
|
|
4423
|
+
}
|
|
4424
|
+
|
|
4425
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4426
|
+
|
|
4427
|
+
/*
|
|
4428
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4429
|
+
* Licensed under the MIT License.
|
|
4430
|
+
*/
|
|
4463
4431
|
/**
|
|
4464
|
-
*
|
|
4432
|
+
* Appends user state with random guid, or returns random guid.
|
|
4433
|
+
* @param cryptoObj
|
|
4434
|
+
* @param userState
|
|
4435
|
+
* @param meta
|
|
4465
4436
|
*/
|
|
4466
|
-
function
|
|
4467
|
-
|
|
4468
|
-
|
|
4469
|
-
}
|
|
4470
|
-
|
|
4471
|
-
authorityMetadata.authorization_endpoint =
|
|
4472
|
-
updatedValues.authorization_endpoint;
|
|
4473
|
-
authorityMetadata.token_endpoint = updatedValues.token_endpoint;
|
|
4474
|
-
authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
|
|
4475
|
-
authorityMetadata.issuer = updatedValues.issuer;
|
|
4476
|
-
authorityMetadata.endpointsFromNetwork = fromNetwork;
|
|
4477
|
-
authorityMetadata.jwks_uri = updatedValues.jwks_uri;
|
|
4437
|
+
function setRequestState(cryptoObj, userState, meta) {
|
|
4438
|
+
const libraryState = generateLibraryState(cryptoObj, meta);
|
|
4439
|
+
return userState
|
|
4440
|
+
? `${libraryState}${RESOURCE_DELIM}${userState}`
|
|
4441
|
+
: libraryState;
|
|
4478
4442
|
}
|
|
4479
|
-
|
|
4480
|
-
|
|
4481
|
-
|
|
4482
|
-
|
|
4483
|
-
|
|
4443
|
+
/**
|
|
4444
|
+
* Generates the state value used by the common library.
|
|
4445
|
+
* @param cryptoObj
|
|
4446
|
+
* @param meta
|
|
4447
|
+
*/
|
|
4448
|
+
function generateLibraryState(cryptoObj, meta) {
|
|
4449
|
+
if (!cryptoObj) {
|
|
4450
|
+
throw createClientAuthError(noCryptoObject);
|
|
4451
|
+
}
|
|
4452
|
+
// Create a state object containing a unique id and the timestamp of the request creation
|
|
4453
|
+
const stateObj = {
|
|
4454
|
+
id: cryptoObj.createNewGuid(),
|
|
4455
|
+
};
|
|
4456
|
+
if (meta) {
|
|
4457
|
+
stateObj.meta = meta;
|
|
4458
|
+
}
|
|
4459
|
+
const stateString = JSON.stringify(stateObj);
|
|
4460
|
+
return cryptoObj.base64Encode(stateString);
|
|
4484
4461
|
}
|
|
4485
4462
|
/**
|
|
4486
|
-
*
|
|
4463
|
+
* Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.
|
|
4464
|
+
* @param base64Decode
|
|
4465
|
+
* @param state
|
|
4487
4466
|
*/
|
|
4488
|
-
function
|
|
4489
|
-
|
|
4467
|
+
function parseRequestState(base64Decode, state) {
|
|
4468
|
+
if (!base64Decode) {
|
|
4469
|
+
throw createClientAuthError(noCryptoObject);
|
|
4470
|
+
}
|
|
4471
|
+
if (!state) {
|
|
4472
|
+
throw createClientAuthError(invalidState);
|
|
4473
|
+
}
|
|
4474
|
+
try {
|
|
4475
|
+
// Split the state between library state and user passed state and decode them separately
|
|
4476
|
+
const splitState = state.split(RESOURCE_DELIM);
|
|
4477
|
+
const libraryState = splitState[0];
|
|
4478
|
+
const userState = splitState.length > 1
|
|
4479
|
+
? splitState.slice(1).join(RESOURCE_DELIM)
|
|
4480
|
+
: "";
|
|
4481
|
+
const libraryStateString = base64Decode(libraryState);
|
|
4482
|
+
const libraryStateObj = JSON.parse(libraryStateString);
|
|
4483
|
+
return {
|
|
4484
|
+
userRequestState: userState || "",
|
|
4485
|
+
libraryState: libraryStateObj,
|
|
4486
|
+
};
|
|
4487
|
+
}
|
|
4488
|
+
catch (e) {
|
|
4489
|
+
throw createClientAuthError(invalidState);
|
|
4490
|
+
}
|
|
4490
4491
|
}
|
|
4491
4492
|
|
|
4492
|
-
/*! @azure/msal-common v16.2.
|
|
4493
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4493
4494
|
|
|
4494
4495
|
/*
|
|
4495
4496
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4645,7 +4646,7 @@ class ResponseHandler {
|
|
|
4645
4646
|
if (serverTokenResponse.id_token && !!idTokenClaims) {
|
|
4646
4647
|
cachedIdToken = createIdTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.id_token, this.clientId, claimsTenantId || "");
|
|
4647
4648
|
cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, request.correlationId, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
|
|
4648
|
-
this.logger);
|
|
4649
|
+
this.logger, this.performanceClient);
|
|
4649
4650
|
}
|
|
4650
4651
|
// AccessToken
|
|
4651
4652
|
let cachedAccessToken = null;
|
|
@@ -4791,17 +4792,24 @@ class ResponseHandler {
|
|
|
4791
4792
|
};
|
|
4792
4793
|
}
|
|
4793
4794
|
}
|
|
4794
|
-
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
|
|
4795
|
+
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger, performanceClient) {
|
|
4795
4796
|
logger?.verbose("09jz0t", correlationId);
|
|
4796
|
-
|
|
4797
|
-
|
|
4798
|
-
|
|
4799
|
-
|
|
4800
|
-
|
|
4801
|
-
|
|
4802
|
-
|
|
4803
|
-
|
|
4797
|
+
/*
|
|
4798
|
+
* Check if base account is already cached. Filter by homeAccountId (identifies
|
|
4799
|
+
* the user's home identity) and environment (identifies the cloud) — the two
|
|
4800
|
+
* tenant-agnostic properties that uniquely locate a base AccountEntity.
|
|
4801
|
+
*/
|
|
4802
|
+
const accountEnvironment = environment || authority.getPreferredCache();
|
|
4803
|
+
const matchedAccounts = cacheStorage.getAccountsFilteredBy({ homeAccountId, environment: accountEnvironment }, correlationId);
|
|
4804
|
+
performanceClient?.addFields({ cacheMatchedAccounts: matchedAccounts.length }, correlationId);
|
|
4805
|
+
if (matchedAccounts.length > 1) {
|
|
4806
|
+
/*
|
|
4807
|
+
* Base accounts are expected to be unique for a given homeAccountId in normal cache usage.
|
|
4808
|
+
* If multiple matches exist, ignore the cache hit rather than arbitrarily choosing one.
|
|
4809
|
+
*/
|
|
4810
|
+
logger?.warning("0x7ad1", correlationId);
|
|
4804
4811
|
}
|
|
4812
|
+
const cachedAccount = matchedAccounts.length === 1 ? matchedAccounts[0] : null;
|
|
4805
4813
|
const baseAccount = cachedAccount ||
|
|
4806
4814
|
createAccountEntity({
|
|
4807
4815
|
homeAccountId,
|
|
@@ -4825,7 +4833,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
4825
4833
|
return baseAccount;
|
|
4826
4834
|
}
|
|
4827
4835
|
|
|
4828
|
-
/*! @azure/msal-common v16.2.
|
|
4836
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4829
4837
|
/*
|
|
4830
4838
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4831
4839
|
* Licensed under the MIT License.
|
|
@@ -4835,7 +4843,7 @@ const CcsCredentialType = {
|
|
|
4835
4843
|
UPN: "UPN",
|
|
4836
4844
|
};
|
|
4837
4845
|
|
|
4838
|
-
/*! @azure/msal-common v16.2.
|
|
4846
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4839
4847
|
/*
|
|
4840
4848
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4841
4849
|
* Licensed under the MIT License.
|
|
@@ -4853,7 +4861,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
4853
4861
|
}
|
|
4854
4862
|
}
|
|
4855
4863
|
|
|
4856
|
-
/*! @azure/msal-common v16.2.
|
|
4864
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4857
4865
|
/*
|
|
4858
4866
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4859
4867
|
* Licensed under the MIT License.
|
|
@@ -4874,7 +4882,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
4874
4882
|
};
|
|
4875
4883
|
}
|
|
4876
4884
|
|
|
4877
|
-
/*! @azure/msal-common v16.2.
|
|
4885
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4878
4886
|
|
|
4879
4887
|
/*
|
|
4880
4888
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4960,7 +4968,7 @@ class ThrottlingUtils {
|
|
|
4960
4968
|
}
|
|
4961
4969
|
}
|
|
4962
4970
|
|
|
4963
|
-
/*! @azure/msal-common v16.2.
|
|
4971
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4964
4972
|
|
|
4965
4973
|
/*
|
|
4966
4974
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4991,7 +4999,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
4991
4999
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
4992
5000
|
}
|
|
4993
5001
|
|
|
4994
|
-
/*! @azure/msal-common v16.2.
|
|
5002
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
4995
5003
|
|
|
4996
5004
|
/*
|
|
4997
5005
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5105,7 +5113,7 @@ async function sendPostRequest(thumbprint, tokenEndpoint, options, correlationId
|
|
|
5105
5113
|
return response;
|
|
5106
5114
|
}
|
|
5107
5115
|
|
|
5108
|
-
/*! @azure/msal-common v16.2.
|
|
5116
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
5109
5117
|
/*
|
|
5110
5118
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5111
5119
|
* Licensed under the MIT License.
|
|
@@ -5117,7 +5125,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
5117
5125
|
response.hasOwnProperty("jwks_uri"));
|
|
5118
5126
|
}
|
|
5119
5127
|
|
|
5120
|
-
/*! @azure/msal-common v16.2.
|
|
5128
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
5121
5129
|
/*
|
|
5122
5130
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5123
5131
|
* Licensed under the MIT License.
|
|
@@ -5127,7 +5135,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
5127
5135
|
response.hasOwnProperty("metadata"));
|
|
5128
5136
|
}
|
|
5129
5137
|
|
|
5130
|
-
/*! @azure/msal-common v16.2.
|
|
5138
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
5131
5139
|
/*
|
|
5132
5140
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5133
5141
|
* Licensed under the MIT License.
|
|
@@ -5137,7 +5145,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
5137
5145
|
response.hasOwnProperty("error_description"));
|
|
5138
5146
|
}
|
|
5139
5147
|
|
|
5140
|
-
/*! @azure/msal-common v16.2.
|
|
5148
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
5141
5149
|
|
|
5142
5150
|
/*
|
|
5143
5151
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5242,7 +5250,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
5242
5250
|
},
|
|
5243
5251
|
};
|
|
5244
5252
|
|
|
5245
|
-
/*! @azure/msal-common v16.2.
|
|
5253
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
5246
5254
|
|
|
5247
5255
|
/*
|
|
5248
5256
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6062,7 +6070,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
6062
6070
|
};
|
|
6063
6071
|
}
|
|
6064
6072
|
|
|
6065
|
-
/*! @azure/msal-common v16.2.
|
|
6073
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6066
6074
|
|
|
6067
6075
|
/*
|
|
6068
6076
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6096,7 +6104,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
6096
6104
|
}
|
|
6097
6105
|
}
|
|
6098
6106
|
|
|
6099
|
-
/*! @azure/msal-common v16.2.
|
|
6107
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6100
6108
|
|
|
6101
6109
|
/*
|
|
6102
6110
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6356,7 +6364,7 @@ class AuthorizationCodeClient {
|
|
|
6356
6364
|
}
|
|
6357
6365
|
}
|
|
6358
6366
|
|
|
6359
|
-
/*! @azure/msal-common v16.2.
|
|
6367
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6360
6368
|
|
|
6361
6369
|
/*
|
|
6362
6370
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6581,7 +6589,7 @@ class RefreshTokenClient {
|
|
|
6581
6589
|
}
|
|
6582
6590
|
}
|
|
6583
6591
|
|
|
6584
|
-
/*! @azure/msal-common v16.2.
|
|
6592
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6585
6593
|
|
|
6586
6594
|
/*
|
|
6587
6595
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6690,7 +6698,7 @@ class SilentFlowClient {
|
|
|
6690
6698
|
}
|
|
6691
6699
|
}
|
|
6692
6700
|
|
|
6693
|
-
/*! @azure/msal-common v16.2.
|
|
6701
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6694
6702
|
|
|
6695
6703
|
/*
|
|
6696
6704
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6705,7 +6713,7 @@ const StubbedNetworkModule = {
|
|
|
6705
6713
|
},
|
|
6706
6714
|
};
|
|
6707
6715
|
|
|
6708
|
-
/*! @azure/msal-common v16.2.
|
|
6716
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6709
6717
|
|
|
6710
6718
|
/*
|
|
6711
6719
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6929,7 +6937,7 @@ function extractLoginHint(account) {
|
|
|
6929
6937
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
6930
6938
|
}
|
|
6931
6939
|
|
|
6932
|
-
/*! @azure/msal-common v16.2.
|
|
6940
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6933
6941
|
|
|
6934
6942
|
/*
|
|
6935
6943
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6987,7 +6995,7 @@ class AuthenticationHeaderParser {
|
|
|
6987
6995
|
}
|
|
6988
6996
|
}
|
|
6989
6997
|
|
|
6990
|
-
/*! @azure/msal-common v16.2.
|
|
6998
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
6991
6999
|
/*
|
|
6992
7000
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6993
7001
|
* Licensed under the MIT License.
|
|
@@ -7004,7 +7012,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
7004
7012
|
unexpectedError: unexpectedError
|
|
7005
7013
|
});
|
|
7006
7014
|
|
|
7007
|
-
/*! @azure/msal-common v16.2.
|
|
7015
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
7008
7016
|
|
|
7009
7017
|
/*
|
|
7010
7018
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7265,7 +7273,7 @@ class ServerTelemetryManager {
|
|
|
7265
7273
|
}
|
|
7266
7274
|
}
|
|
7267
7275
|
|
|
7268
|
-
/*! @azure/msal-common v16.2.
|
|
7276
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
7269
7277
|
|
|
7270
7278
|
/*
|
|
7271
7279
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7286,7 +7294,7 @@ function createJoseHeaderError(code) {
|
|
|
7286
7294
|
return new JoseHeaderError(code);
|
|
7287
7295
|
}
|
|
7288
7296
|
|
|
7289
|
-
/*! @azure/msal-common v16.2.
|
|
7297
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
7290
7298
|
/*
|
|
7291
7299
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7292
7300
|
* Licensed under the MIT License.
|
|
@@ -7294,7 +7302,7 @@ function createJoseHeaderError(code) {
|
|
|
7294
7302
|
const missingKidError = "missing_kid_error";
|
|
7295
7303
|
const missingAlgError = "missing_alg_error";
|
|
7296
7304
|
|
|
7297
|
-
/*! @azure/msal-common v16.2.
|
|
7305
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
7298
7306
|
|
|
7299
7307
|
/*
|
|
7300
7308
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7334,7 +7342,7 @@ class JoseHeader {
|
|
|
7334
7342
|
}
|
|
7335
7343
|
}
|
|
7336
7344
|
|
|
7337
|
-
/*! @azure/msal-common v16.2.
|
|
7345
|
+
/*! @azure/msal-common v16.2.1 2026-04-01 */
|
|
7338
7346
|
|
|
7339
7347
|
/*
|
|
7340
7348
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -10207,7 +10215,7 @@ const EventType = {
|
|
|
10207
10215
|
|
|
10208
10216
|
/* eslint-disable header/header */
|
|
10209
10217
|
const name = "@azure/msal-browser";
|
|
10210
|
-
const version = "5.4.
|
|
10218
|
+
const version = "5.4.1";
|
|
10211
10219
|
|
|
10212
10220
|
/*
|
|
10213
10221
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -12667,9 +12675,9 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
12667
12675
|
}
|
|
12668
12676
|
// Get the preferred_cache domain for the given authority
|
|
12669
12677
|
const authority = await getDiscoveredAuthority(this.config, this.correlationId, this.performanceClient, this.browserStorage, this.logger, request.authority);
|
|
12670
|
-
const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info,
|
|
12678
|
+
const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info, authority.getPreferredCache(), // environment
|
|
12671
12679
|
idTokenClaims.tid, undefined, // auth code payload
|
|
12672
|
-
response.account.id);
|
|
12680
|
+
response.account.id, this.logger, this.performanceClient);
|
|
12673
12681
|
// Ensure expires_in is in number format
|
|
12674
12682
|
response.expires_in = Number(response.expires_in);
|
|
12675
12683
|
// generate authenticationResult
|
|
@@ -18078,7 +18086,7 @@ async function loadExternalTokens(config, request, response, options, performanc
|
|
|
18078
18086
|
const storage = new BrowserCacheManager(browserConfig.auth.clientId, browserConfig.cache, cryptoOps, logger, browserConfig.telemetry.client, new EventHandler(logger), buildStaticAuthorityOptions(browserConfig.auth));
|
|
18079
18087
|
const authorityString = request.authority || browserConfig.auth.authority;
|
|
18080
18088
|
const authority = await createDiscoveredInstance(Authority.generateAuthority(authorityString, request.azureCloudOptions), browserConfig.system.networkClient, storage, authorityOptions, logger, correlationId, performanceClient);
|
|
18081
|
-
const cacheRecordAccount = await invokeAsync(loadAccount, LoadAccount, logger, performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, storage, logger, cryptoOps, authority, idTokenClaims);
|
|
18089
|
+
const cacheRecordAccount = await invokeAsync(loadAccount, LoadAccount, logger, performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, storage, logger, cryptoOps, authority, idTokenClaims, performanceClient);
|
|
18082
18090
|
const idToken = await invokeAsync(loadIdToken, LoadIdToken, logger, performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, kmsi, correlationId, storage, logger, config.auth.clientId);
|
|
18083
18091
|
const accessToken = await invokeAsync(loadAccessToken, LoadAccessToken, logger, performanceClient, correlationId)(request, response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, kmsi, options, correlationId, storage, logger, config.auth.clientId);
|
|
18084
18092
|
const refreshToken = await invokeAsync(loadRefreshToken, LoadRefreshToken, logger, performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, kmsi, correlationId, storage, logger, config.auth.clientId, performanceClient);
|
|
@@ -18104,7 +18112,7 @@ async function loadExternalTokens(config, request, response, options, performanc
|
|
|
18104
18112
|
* @param requestHomeAccountId
|
|
18105
18113
|
* @returns `AccountEntity`
|
|
18106
18114
|
*/
|
|
18107
|
-
async function loadAccount(request, clientInfo, correlationId, storage, logger, cryptoObj, authority, idTokenClaims) {
|
|
18115
|
+
async function loadAccount(request, clientInfo, correlationId, storage, logger, cryptoObj, authority, idTokenClaims, performanceClient) {
|
|
18108
18116
|
logger.verbose("0ke46k", correlationId);
|
|
18109
18117
|
if (request.account) {
|
|
18110
18118
|
const accountEntity = createAccountEntityFromAccountInfo(request.account);
|
|
@@ -18119,7 +18127,7 @@ async function loadAccount(request, clientInfo, correlationId, storage, logger,
|
|
|
18119
18127
|
const claimsTenantId = idTokenClaims?.tid;
|
|
18120
18128
|
const cachedAccount = buildAccountToCache(storage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, authority.getPreferredCache(), claimsTenantId, undefined, // authCodePayload
|
|
18121
18129
|
undefined, // nativeAccountId
|
|
18122
|
-
logger);
|
|
18130
|
+
logger, performanceClient);
|
|
18123
18131
|
await storage.setAccount(cachedAccount, correlationId, isKmsi(idTokenClaims || {}), ApiId.loadExternalTokens);
|
|
18124
18132
|
return cachedAccount;
|
|
18125
18133
|
}
|