@azure/msal-browser 5.4.0 → 5.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +4 -1
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +4 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +12 -2
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +11 -8
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +4 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +4 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +11 -8
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/index.d.ts +1 -1
- package/dist/custom-auth-path/index.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +5 -5
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +6 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +19 -3
- package/dist/custom-auth-path/naa/TokenRequest.d.ts +1 -0
- package/dist/custom-auth-path/naa/TokenRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts +2 -2
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +12 -2
- package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +2 -2
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +5 -5
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +6 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +23 -7
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/TokenRequest.d.ts +1 -0
- package/dist/naa/TokenRequest.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +2 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/config/Configuration.d.ts +4 -0
- package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/index.d.ts +1 -1
- package/dist/redirect-bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/naa/TokenRequest.d.ts +1 -0
- package/dist/redirect-bridge/naa/TokenRequest.d.ts.map +1 -1
- package/dist/redirect-bridge/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts +2 -2
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -1
- package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +5 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.d.ts +2 -2
- package/dist/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/utils/BrowserUtils.mjs +12 -2
- package/dist/utils/BrowserUtils.mjs.map +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +19 -3
- package/lib/custom-auth-path/msal-custom-auth.cjs +190 -92
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +4 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/naa/TokenRequest.d.ts +1 -0
- package/lib/custom-auth-path/types/naa/TokenRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/lib/log-strings-mapping.json +23 -7
- package/lib/msal-browser.cjs +224 -94
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +224 -94
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +4 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/index.d.ts +1 -1
- package/lib/types/index.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/naa/TokenRequest.d.ts +1 -0
- package/lib/types/naa/TokenRequest.d.ts.map +1 -1
- package/lib/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +34 -17
- package/src/broker/nativeBroker/PlatformAuthRequest.ts +1 -0
- package/src/cache/BrowserCacheManager.ts +4 -0
- package/src/config/Configuration.ts +5 -0
- package/src/controllers/NestedAppAuthController.ts +14 -0
- package/src/controllers/StandardController.ts +13 -6
- package/src/index.ts +1 -0
- package/src/interaction_client/PlatformAuthInteractionClient.ts +1 -0
- package/src/interaction_client/PopupClient.ts +8 -4
- package/src/interaction_client/SilentIframeClient.ts +4 -2
- package/src/interaction_client/StandardInteractionClient.ts +11 -0
- package/src/naa/TokenRequest.ts +1 -0
- package/src/naa/mapping/NestedAppAuthAdapter.ts +1 -0
- package/src/packageMetadata.ts +1 -1
- package/src/telemetry/BrowserPerformanceClient.ts +4 -0
- package/src/utils/BrowserUtils.ts +24 -1
- package/src/utils/MsalFrameStatsUtils.ts +27 -0
package/lib/msal-browser.cjs
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.
|
|
1
|
+
/*! @azure/msal-browser v5.5.0 2026-03-13 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v16.
|
|
5
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -234,7 +234,7 @@ const JsonWebTokenTypes$1 = {
|
|
|
234
234
|
// Token renewal offset default in seconds
|
|
235
235
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
236
236
|
|
|
237
|
-
/*! @azure/msal-common v16.
|
|
237
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
238
238
|
/*
|
|
239
239
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
240
240
|
* Licensed under the MIT License.
|
|
@@ -282,9 +282,10 @@ const BROKER_CLIENT_ID = "brk_client_id";
|
|
|
282
282
|
const BROKER_REDIRECT_URI = "brk_redirect_uri";
|
|
283
283
|
const INSTANCE_AWARE = "instance_aware";
|
|
284
284
|
const EAR_JWK = "ear_jwk";
|
|
285
|
-
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
285
|
+
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
286
|
+
const RESOURCE = "resource";
|
|
286
287
|
|
|
287
|
-
/*! @azure/msal-common v16.
|
|
288
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
288
289
|
/*
|
|
289
290
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
290
291
|
* Licensed under the MIT License.
|
|
@@ -315,7 +316,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
315
316
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
316
317
|
}
|
|
317
318
|
|
|
318
|
-
/*! @azure/msal-common v16.
|
|
319
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
319
320
|
|
|
320
321
|
/*
|
|
321
322
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -335,7 +336,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
335
336
|
return new ClientConfigurationError(errorCode);
|
|
336
337
|
}
|
|
337
338
|
|
|
338
|
-
/*! @azure/msal-common v16.
|
|
339
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
339
340
|
/*
|
|
340
341
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
341
342
|
* Licensed under the MIT License.
|
|
@@ -415,7 +416,7 @@ class StringUtils {
|
|
|
415
416
|
}
|
|
416
417
|
}
|
|
417
418
|
|
|
418
|
-
/*! @azure/msal-common v16.
|
|
419
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
419
420
|
|
|
420
421
|
/*
|
|
421
422
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -438,7 +439,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
438
439
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
439
440
|
}
|
|
440
441
|
|
|
441
|
-
/*! @azure/msal-common v16.
|
|
442
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
442
443
|
/*
|
|
443
444
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
444
445
|
* Licensed under the MIT License.
|
|
@@ -492,7 +493,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
492
493
|
urlParseError: urlParseError
|
|
493
494
|
});
|
|
494
495
|
|
|
495
|
-
/*! @azure/msal-common v16.
|
|
496
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
496
497
|
/*
|
|
497
498
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
498
499
|
* Licensed under the MIT License.
|
|
@@ -533,7 +534,9 @@ const noNetworkConnectivity$1 = "no_network_connectivity";
|
|
|
533
534
|
const userCanceled = "user_canceled";
|
|
534
535
|
const methodNotImplemented = "method_not_implemented";
|
|
535
536
|
const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
|
|
536
|
-
const platformBrokerError = "platform_broker_error";
|
|
537
|
+
const platformBrokerError = "platform_broker_error";
|
|
538
|
+
const resourceParameterRequired = "resource_parameter_required";
|
|
539
|
+
const misplacedResourceParam = "misplaced_resource_parameter";
|
|
537
540
|
|
|
538
541
|
var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
539
542
|
__proto__: null,
|
|
@@ -554,6 +557,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
554
557
|
keyIdMissing: keyIdMissing,
|
|
555
558
|
maxAgeTranspired: maxAgeTranspired,
|
|
556
559
|
methodNotImplemented: methodNotImplemented,
|
|
560
|
+
misplacedResourceParam: misplacedResourceParam,
|
|
557
561
|
multipleMatchingAppMetadata: multipleMatchingAppMetadata,
|
|
558
562
|
multipleMatchingTokens: multipleMatchingTokens,
|
|
559
563
|
nestedAppAuthBridgeDisabled: nestedAppAuthBridgeDisabled,
|
|
@@ -567,6 +571,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
567
571
|
openIdConfigError: openIdConfigError,
|
|
568
572
|
platformBrokerError: platformBrokerError,
|
|
569
573
|
requestCannotBeMade: requestCannotBeMade,
|
|
574
|
+
resourceParameterRequired: resourceParameterRequired,
|
|
570
575
|
stateMismatch: stateMismatch,
|
|
571
576
|
stateNotFound: stateNotFound,
|
|
572
577
|
tokenClaimsCnfRequiredForSignedJwt: tokenClaimsCnfRequiredForSignedJwt,
|
|
@@ -576,7 +581,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
576
581
|
userCanceled: userCanceled
|
|
577
582
|
});
|
|
578
583
|
|
|
579
|
-
/*! @azure/msal-common v16.
|
|
584
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
580
585
|
|
|
581
586
|
/*
|
|
582
587
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -771,7 +776,7 @@ class ScopeSet {
|
|
|
771
776
|
}
|
|
772
777
|
}
|
|
773
778
|
|
|
774
|
-
/*! @azure/msal-common v16.
|
|
779
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
775
780
|
|
|
776
781
|
/*
|
|
777
782
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1136,9 +1141,14 @@ function addEARParameters(parameters, jwk) {
|
|
|
1136
1141
|
// ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
|
|
1137
1142
|
const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
|
|
1138
1143
|
parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
1144
|
+
}
|
|
1145
|
+
function addResource(parameters, resource) {
|
|
1146
|
+
if (resource) {
|
|
1147
|
+
parameters.set(RESOURCE, resource);
|
|
1148
|
+
}
|
|
1139
1149
|
}
|
|
1140
1150
|
|
|
1141
|
-
/*! @azure/msal-common v16.
|
|
1151
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1142
1152
|
|
|
1143
1153
|
/*
|
|
1144
1154
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1247,7 +1257,7 @@ function normalizeUrlForComparison(url) {
|
|
|
1247
1257
|
}
|
|
1248
1258
|
}
|
|
1249
1259
|
|
|
1250
|
-
/*! @azure/msal-common v16.
|
|
1260
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1251
1261
|
|
|
1252
1262
|
/*
|
|
1253
1263
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1286,7 +1296,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
1286
1296
|
},
|
|
1287
1297
|
};
|
|
1288
1298
|
|
|
1289
|
-
/*! @azure/msal-common v16.
|
|
1299
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1290
1300
|
/*
|
|
1291
1301
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1292
1302
|
* Licensed under the MIT License.
|
|
@@ -1561,12 +1571,12 @@ class Logger {
|
|
|
1561
1571
|
}
|
|
1562
1572
|
}
|
|
1563
1573
|
|
|
1564
|
-
/*! @azure/msal-common v16.
|
|
1574
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1565
1575
|
/* eslint-disable header/header */
|
|
1566
1576
|
const name$1 = "@azure/msal-common";
|
|
1567
|
-
const version$1 = "16.
|
|
1577
|
+
const version$1 = "16.3.0";
|
|
1568
1578
|
|
|
1569
|
-
/*! @azure/msal-common v16.
|
|
1579
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1570
1580
|
/*
|
|
1571
1581
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1572
1582
|
* Licensed under the MIT License.
|
|
@@ -1586,7 +1596,7 @@ const AzureCloudInstance = {
|
|
|
1586
1596
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
1587
1597
|
};
|
|
1588
1598
|
|
|
1589
|
-
/*! @azure/msal-common v16.
|
|
1599
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1590
1600
|
/*
|
|
1591
1601
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1592
1602
|
* Licensed under the MIT License.
|
|
@@ -1668,7 +1678,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1668
1678
|
return updatedAccountInfo;
|
|
1669
1679
|
}
|
|
1670
1680
|
|
|
1671
|
-
/*! @azure/msal-common v16.
|
|
1681
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1672
1682
|
|
|
1673
1683
|
/*
|
|
1674
1684
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1748,7 +1758,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1748
1758
|
}
|
|
1749
1759
|
}
|
|
1750
1760
|
|
|
1751
|
-
/*! @azure/msal-common v16.
|
|
1761
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1752
1762
|
|
|
1753
1763
|
/*
|
|
1754
1764
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1905,7 +1915,7 @@ class UrlString {
|
|
|
1905
1915
|
}
|
|
1906
1916
|
}
|
|
1907
1917
|
|
|
1908
|
-
/*! @azure/msal-common v16.
|
|
1918
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1909
1919
|
|
|
1910
1920
|
/*
|
|
1911
1921
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2062,7 +2072,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2062
2072
|
return null;
|
|
2063
2073
|
}
|
|
2064
2074
|
|
|
2065
|
-
/*! @azure/msal-common v16.
|
|
2075
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2066
2076
|
/*
|
|
2067
2077
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2068
2078
|
* Licensed under the MIT License.
|
|
@@ -2070,7 +2080,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2070
2080
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2071
2081
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2072
2082
|
|
|
2073
|
-
/*! @azure/msal-common v16.
|
|
2083
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2074
2084
|
|
|
2075
2085
|
/*
|
|
2076
2086
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2108,7 +2118,7 @@ function createCacheError(e) {
|
|
|
2108
2118
|
}
|
|
2109
2119
|
}
|
|
2110
2120
|
|
|
2111
|
-
/*! @azure/msal-common v16.
|
|
2121
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2112
2122
|
|
|
2113
2123
|
/*
|
|
2114
2124
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2146,7 +2156,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
2146
2156
|
};
|
|
2147
2157
|
}
|
|
2148
2158
|
|
|
2149
|
-
/*! @azure/msal-common v16.
|
|
2159
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2150
2160
|
/*
|
|
2151
2161
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2152
2162
|
* Licensed under the MIT License.
|
|
@@ -2161,7 +2171,7 @@ const AuthorityType = {
|
|
|
2161
2171
|
Ciam: 3,
|
|
2162
2172
|
};
|
|
2163
2173
|
|
|
2164
|
-
/*! @azure/msal-common v16.
|
|
2174
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2165
2175
|
/*
|
|
2166
2176
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2167
2177
|
* Licensed under the MIT License.
|
|
@@ -2183,7 +2193,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
2183
2193
|
return null;
|
|
2184
2194
|
}
|
|
2185
2195
|
|
|
2186
|
-
/*! @azure/msal-common v16.
|
|
2196
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2187
2197
|
/*
|
|
2188
2198
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2189
2199
|
* Licensed under the MIT License.
|
|
@@ -2207,7 +2217,7 @@ const ProtocolMode = {
|
|
|
2207
2217
|
EAR: "EAR",
|
|
2208
2218
|
};
|
|
2209
2219
|
|
|
2210
|
-
/*! @azure/msal-common v16.
|
|
2220
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2211
2221
|
/**
|
|
2212
2222
|
* Returns the AccountInfo interface for this account.
|
|
2213
2223
|
*/
|
|
@@ -2382,7 +2392,7 @@ function isAccountEntity(entity) {
|
|
|
2382
2392
|
entity.hasOwnProperty("authorityType"));
|
|
2383
2393
|
}
|
|
2384
2394
|
|
|
2385
|
-
/*! @azure/msal-common v16.
|
|
2395
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2386
2396
|
|
|
2387
2397
|
/*
|
|
2388
2398
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3479,7 +3489,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3479
3489
|
}
|
|
3480
3490
|
}
|
|
3481
3491
|
|
|
3482
|
-
/*! @azure/msal-common v16.
|
|
3492
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3483
3493
|
/*
|
|
3484
3494
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3485
3495
|
* Licensed under the MIT License.
|
|
@@ -3524,9 +3534,12 @@ const IntFields = new Set([
|
|
|
3524
3534
|
"currRefreshCount",
|
|
3525
3535
|
"expiredCacheRemovedCount",
|
|
3526
3536
|
"upgradedCacheCount",
|
|
3537
|
+
"networkRtt",
|
|
3538
|
+
"redirectBridgeTimeoutMs",
|
|
3539
|
+
"redirectBridgeMessageVersion",
|
|
3527
3540
|
]);
|
|
3528
3541
|
|
|
3529
|
-
/*! @azure/msal-common v16.
|
|
3542
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3530
3543
|
|
|
3531
3544
|
/*
|
|
3532
3545
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3581,7 +3594,7 @@ class StubPerformanceClient {
|
|
|
3581
3594
|
}
|
|
3582
3595
|
}
|
|
3583
3596
|
|
|
3584
|
-
/*! @azure/msal-common v16.
|
|
3597
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3585
3598
|
|
|
3586
3599
|
/*
|
|
3587
3600
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3664,6 +3677,7 @@ function buildAuthOptions(authOptions) {
|
|
|
3664
3677
|
clientCapabilities: [],
|
|
3665
3678
|
azureCloudOptions: DEFAULT_AZURE_CLOUD_OPTIONS,
|
|
3666
3679
|
instanceAware: false,
|
|
3680
|
+
isMcp: false,
|
|
3667
3681
|
...authOptions,
|
|
3668
3682
|
};
|
|
3669
3683
|
}
|
|
@@ -3675,7 +3689,7 @@ function isOidcProtocolMode(config) {
|
|
|
3675
3689
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3676
3690
|
}
|
|
3677
3691
|
|
|
3678
|
-
/*! @azure/msal-common v16.
|
|
3692
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3679
3693
|
|
|
3680
3694
|
/*
|
|
3681
3695
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3694,7 +3708,7 @@ class ServerError extends AuthError {
|
|
|
3694
3708
|
}
|
|
3695
3709
|
}
|
|
3696
3710
|
|
|
3697
|
-
/*! @azure/msal-common v16.
|
|
3711
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3698
3712
|
/*
|
|
3699
3713
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3700
3714
|
* Licensed under the MIT License.
|
|
@@ -3758,7 +3772,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
3758
3772
|
uxNotAllowed: uxNotAllowed
|
|
3759
3773
|
});
|
|
3760
3774
|
|
|
3761
|
-
/*! @azure/msal-common v16.
|
|
3775
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3762
3776
|
|
|
3763
3777
|
/*
|
|
3764
3778
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3826,7 +3840,7 @@ function createInteractionRequiredAuthError(errorCode, errorMessage) {
|
|
|
3826
3840
|
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
3827
3841
|
}
|
|
3828
3842
|
|
|
3829
|
-
/*! @azure/msal-common v16.
|
|
3843
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3830
3844
|
|
|
3831
3845
|
/*
|
|
3832
3846
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3894,7 +3908,7 @@ function parseRequestState(base64Decode, state) {
|
|
|
3894
3908
|
}
|
|
3895
3909
|
}
|
|
3896
3910
|
|
|
3897
|
-
/*! @azure/msal-common v16.
|
|
3911
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3898
3912
|
/*
|
|
3899
3913
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3900
3914
|
* Licensed under the MIT License.
|
|
@@ -3959,7 +3973,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
3959
3973
|
return cachedAtSec > nowSeconds();
|
|
3960
3974
|
}
|
|
3961
3975
|
|
|
3962
|
-
/*! @azure/msal-common v16.
|
|
3976
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3963
3977
|
/*
|
|
3964
3978
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3965
3979
|
* Licensed under the MIT License.
|
|
@@ -4030,7 +4044,7 @@ const RegionDiscoveryGetCurrentVersion = "regionDiscoveryGetCurrentVersion";
|
|
|
4030
4044
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
4031
4045
|
const SetUserData = "setUserData";
|
|
4032
4046
|
|
|
4033
|
-
/*! @azure/msal-common v16.
|
|
4047
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4034
4048
|
/*
|
|
4035
4049
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4036
4050
|
* Licensed under the MIT License.
|
|
@@ -4123,7 +4137,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
4123
4137
|
};
|
|
4124
4138
|
};
|
|
4125
4139
|
|
|
4126
|
-
/*! @azure/msal-common v16.
|
|
4140
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4127
4141
|
|
|
4128
4142
|
/*
|
|
4129
4143
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4203,7 +4217,7 @@ class PopTokenGenerator {
|
|
|
4203
4217
|
}
|
|
4204
4218
|
}
|
|
4205
4219
|
|
|
4206
|
-
/*! @azure/msal-common v16.
|
|
4220
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4207
4221
|
/*
|
|
4208
4222
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4209
4223
|
* Licensed under the MIT License.
|
|
@@ -4230,7 +4244,7 @@ class PopTokenGenerator {
|
|
|
4230
4244
|
}
|
|
4231
4245
|
}
|
|
4232
4246
|
|
|
4233
|
-
/*! @azure/msal-common v16.
|
|
4247
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4234
4248
|
|
|
4235
4249
|
/*
|
|
4236
4250
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4489,7 +4503,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
4489
4503
|
return metadata.expiresAt <= nowSeconds();
|
|
4490
4504
|
}
|
|
4491
4505
|
|
|
4492
|
-
/*! @azure/msal-common v16.
|
|
4506
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4493
4507
|
|
|
4494
4508
|
/*
|
|
4495
4509
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4674,6 +4688,11 @@ class ResponseHandler {
|
|
|
4674
4688
|
: undefined;
|
|
4675
4689
|
// non AAD scenarios can have empty realm
|
|
4676
4690
|
cachedAccessToken = createAccessTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.access_token, this.clientId, claimsTenantId || authority.tenant || "", responseScopes.printScopes(), tokenExpirationSeconds, extendedTokenExpirationSeconds, this.cryptoObj.base64Decode, refreshOnSeconds, serverTokenResponse.token_type, userAssertionHash, serverTokenResponse.key_id);
|
|
4691
|
+
// Set resource (to be used for MCP scenarios)
|
|
4692
|
+
const resource = request.resource || null;
|
|
4693
|
+
if (resource) {
|
|
4694
|
+
cachedAccessToken.resource = resource;
|
|
4695
|
+
}
|
|
4677
4696
|
}
|
|
4678
4697
|
// refreshToken
|
|
4679
4698
|
let cachedRefreshToken = null;
|
|
@@ -4825,7 +4844,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
4825
4844
|
return baseAccount;
|
|
4826
4845
|
}
|
|
4827
4846
|
|
|
4828
|
-
/*! @azure/msal-common v16.
|
|
4847
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4829
4848
|
/*
|
|
4830
4849
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4831
4850
|
* Licensed under the MIT License.
|
|
@@ -4835,7 +4854,7 @@ const CcsCredentialType = {
|
|
|
4835
4854
|
UPN: "UPN",
|
|
4836
4855
|
};
|
|
4837
4856
|
|
|
4838
|
-
/*! @azure/msal-common v16.
|
|
4857
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4839
4858
|
/*
|
|
4840
4859
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4841
4860
|
* Licensed under the MIT License.
|
|
@@ -4853,7 +4872,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
4853
4872
|
}
|
|
4854
4873
|
}
|
|
4855
4874
|
|
|
4856
|
-
/*! @azure/msal-common v16.
|
|
4875
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4857
4876
|
/*
|
|
4858
4877
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4859
4878
|
* Licensed under the MIT License.
|
|
@@ -4874,7 +4893,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
4874
4893
|
};
|
|
4875
4894
|
}
|
|
4876
4895
|
|
|
4877
|
-
/*! @azure/msal-common v16.
|
|
4896
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4878
4897
|
|
|
4879
4898
|
/*
|
|
4880
4899
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4960,7 +4979,7 @@ class ThrottlingUtils {
|
|
|
4960
4979
|
}
|
|
4961
4980
|
}
|
|
4962
4981
|
|
|
4963
|
-
/*! @azure/msal-common v16.
|
|
4982
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4964
4983
|
|
|
4965
4984
|
/*
|
|
4966
4985
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4991,7 +5010,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
4991
5010
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
4992
5011
|
}
|
|
4993
5012
|
|
|
4994
|
-
/*! @azure/msal-common v16.
|
|
5013
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4995
5014
|
|
|
4996
5015
|
/*
|
|
4997
5016
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5105,7 +5124,7 @@ async function sendPostRequest(thumbprint, tokenEndpoint, options, correlationId
|
|
|
5105
5124
|
return response;
|
|
5106
5125
|
}
|
|
5107
5126
|
|
|
5108
|
-
/*! @azure/msal-common v16.
|
|
5127
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5109
5128
|
/*
|
|
5110
5129
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5111
5130
|
* Licensed under the MIT License.
|
|
@@ -5117,7 +5136,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
5117
5136
|
response.hasOwnProperty("jwks_uri"));
|
|
5118
5137
|
}
|
|
5119
5138
|
|
|
5120
|
-
/*! @azure/msal-common v16.
|
|
5139
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5121
5140
|
/*
|
|
5122
5141
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5123
5142
|
* Licensed under the MIT License.
|
|
@@ -5127,7 +5146,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
5127
5146
|
response.hasOwnProperty("metadata"));
|
|
5128
5147
|
}
|
|
5129
5148
|
|
|
5130
|
-
/*! @azure/msal-common v16.
|
|
5149
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5131
5150
|
/*
|
|
5132
5151
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5133
5152
|
* Licensed under the MIT License.
|
|
@@ -5137,7 +5156,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
5137
5156
|
response.hasOwnProperty("error_description"));
|
|
5138
5157
|
}
|
|
5139
5158
|
|
|
5140
|
-
/*! @azure/msal-common v16.
|
|
5159
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5141
5160
|
|
|
5142
5161
|
/*
|
|
5143
5162
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5242,7 +5261,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
5242
5261
|
},
|
|
5243
5262
|
};
|
|
5244
5263
|
|
|
5245
|
-
/*! @azure/msal-common v16.
|
|
5264
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5246
5265
|
|
|
5247
5266
|
/*
|
|
5248
5267
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6062,7 +6081,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
6062
6081
|
};
|
|
6063
6082
|
}
|
|
6064
6083
|
|
|
6065
|
-
/*! @azure/msal-common v16.
|
|
6084
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6066
6085
|
|
|
6067
6086
|
/*
|
|
6068
6087
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6096,7 +6115,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
6096
6115
|
}
|
|
6097
6116
|
}
|
|
6098
6117
|
|
|
6099
|
-
/*! @azure/msal-common v16.
|
|
6118
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6100
6119
|
|
|
6101
6120
|
/*
|
|
6102
6121
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6216,6 +6235,7 @@ class AuthorizationCodeClient {
|
|
|
6216
6235
|
}
|
|
6217
6236
|
// Add scope array, parameter builder will add default scopes and dedupe
|
|
6218
6237
|
addScopes(parameters, request.scopes, true, this.oidcDefaultScopes);
|
|
6238
|
+
addResource(parameters, request.resource);
|
|
6219
6239
|
// add code: user set, not validated
|
|
6220
6240
|
addAuthorizationCode(parameters, request.code);
|
|
6221
6241
|
// Add library metadata
|
|
@@ -6356,7 +6376,7 @@ class AuthorizationCodeClient {
|
|
|
6356
6376
|
}
|
|
6357
6377
|
}
|
|
6358
6378
|
|
|
6359
|
-
/*! @azure/msal-common v16.
|
|
6379
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6360
6380
|
|
|
6361
6381
|
/*
|
|
6362
6382
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6581,7 +6601,7 @@ class RefreshTokenClient {
|
|
|
6581
6601
|
}
|
|
6582
6602
|
}
|
|
6583
6603
|
|
|
6584
|
-
/*! @azure/msal-common v16.
|
|
6604
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6585
6605
|
|
|
6586
6606
|
/*
|
|
6587
6607
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6637,6 +6657,13 @@ class SilentFlowClient {
|
|
|
6637
6657
|
this.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED, request.correlationId);
|
|
6638
6658
|
throw createClientAuthError(tokenRefreshRequired);
|
|
6639
6659
|
}
|
|
6660
|
+
else if (request.resource) {
|
|
6661
|
+
// cached access token must have a resource that matches the request resource for MCP scenarios
|
|
6662
|
+
if (cachedAccessToken.resource !== request.resource) {
|
|
6663
|
+
this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
|
|
6664
|
+
throw createClientAuthError(tokenRefreshRequired);
|
|
6665
|
+
}
|
|
6666
|
+
}
|
|
6640
6667
|
else if (cachedAccessToken.refreshOn &&
|
|
6641
6668
|
isTokenExpired(cachedAccessToken.refreshOn, 0)) {
|
|
6642
6669
|
// must refresh (in the background) due to the refresh_in value
|
|
@@ -6690,7 +6717,7 @@ class SilentFlowClient {
|
|
|
6690
6717
|
}
|
|
6691
6718
|
}
|
|
6692
6719
|
|
|
6693
|
-
/*! @azure/msal-common v16.
|
|
6720
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6694
6721
|
|
|
6695
6722
|
/*
|
|
6696
6723
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6705,7 +6732,7 @@ const StubbedNetworkModule = {
|
|
|
6705
6732
|
},
|
|
6706
6733
|
};
|
|
6707
6734
|
|
|
6708
|
-
/*! @azure/msal-common v16.
|
|
6735
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6709
6736
|
|
|
6710
6737
|
/*
|
|
6711
6738
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6731,6 +6758,7 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
|
|
|
6731
6758
|
...(request.extraScopesToConsent || []),
|
|
6732
6759
|
];
|
|
6733
6760
|
addScopes(parameters, requestScopes, true, authOptions.authority.options.OIDCOptions?.defaultScopes);
|
|
6761
|
+
addResource(parameters, request.resource);
|
|
6734
6762
|
addRedirectUri(parameters, request.redirectUri);
|
|
6735
6763
|
addCorrelationId(parameters, correlationId);
|
|
6736
6764
|
// add response_mode. If not passed in it defaults to query.
|
|
@@ -6929,7 +6957,40 @@ function extractLoginHint(account) {
|
|
|
6929
6957
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
6930
6958
|
}
|
|
6931
6959
|
|
|
6932
|
-
/*! @azure/msal-common v16.
|
|
6960
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6961
|
+
|
|
6962
|
+
/*
|
|
6963
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6964
|
+
* Licensed under the MIT License.
|
|
6965
|
+
*/
|
|
6966
|
+
/**
|
|
6967
|
+
* Helper to enforce resource parameter presence in token requests when isMcp is set in the configuration.
|
|
6968
|
+
* If resource parameter is set in both the request and in extraQueryParameters or extraParameters, an error will be thrown.
|
|
6969
|
+
* This is used for MCP flows.
|
|
6970
|
+
* @param isMcp - Flag indicating if application is an MCP app, from configuration
|
|
6971
|
+
* @param request - Auth request
|
|
6972
|
+
*/
|
|
6973
|
+
function enforceResourceParameter(isMcp, request) {
|
|
6974
|
+
if (!isMcp) {
|
|
6975
|
+
return;
|
|
6976
|
+
}
|
|
6977
|
+
if (request.resource &&
|
|
6978
|
+
(containsResourceParam(request.extraParameters) ||
|
|
6979
|
+
containsResourceParam(request.extraQueryParameters))) {
|
|
6980
|
+
throw createClientAuthError(misplacedResourceParam);
|
|
6981
|
+
}
|
|
6982
|
+
if (!request.resource) {
|
|
6983
|
+
throw createClientAuthError(resourceParameterRequired);
|
|
6984
|
+
}
|
|
6985
|
+
}
|
|
6986
|
+
function containsResourceParam(params) {
|
|
6987
|
+
if (!params) {
|
|
6988
|
+
return false;
|
|
6989
|
+
}
|
|
6990
|
+
return Object.prototype.hasOwnProperty.call(params, "resource");
|
|
6991
|
+
}
|
|
6992
|
+
|
|
6993
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6933
6994
|
|
|
6934
6995
|
/*
|
|
6935
6996
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6987,7 +7048,7 @@ class AuthenticationHeaderParser {
|
|
|
6987
7048
|
}
|
|
6988
7049
|
}
|
|
6989
7050
|
|
|
6990
|
-
/*! @azure/msal-common v16.
|
|
7051
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6991
7052
|
/*
|
|
6992
7053
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6993
7054
|
* Licensed under the MIT License.
|
|
@@ -7004,7 +7065,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
7004
7065
|
unexpectedError: unexpectedError
|
|
7005
7066
|
});
|
|
7006
7067
|
|
|
7007
|
-
/*! @azure/msal-common v16.
|
|
7068
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7008
7069
|
|
|
7009
7070
|
/*
|
|
7010
7071
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7265,7 +7326,7 @@ class ServerTelemetryManager {
|
|
|
7265
7326
|
}
|
|
7266
7327
|
}
|
|
7267
7328
|
|
|
7268
|
-
/*! @azure/msal-common v16.
|
|
7329
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7269
7330
|
|
|
7270
7331
|
/*
|
|
7271
7332
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7286,7 +7347,7 @@ function createJoseHeaderError(code) {
|
|
|
7286
7347
|
return new JoseHeaderError(code);
|
|
7287
7348
|
}
|
|
7288
7349
|
|
|
7289
|
-
/*! @azure/msal-common v16.
|
|
7350
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7290
7351
|
/*
|
|
7291
7352
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7292
7353
|
* Licensed under the MIT License.
|
|
@@ -7294,7 +7355,7 @@ function createJoseHeaderError(code) {
|
|
|
7294
7355
|
const missingKidError = "missing_kid_error";
|
|
7295
7356
|
const missingAlgError = "missing_alg_error";
|
|
7296
7357
|
|
|
7297
|
-
/*! @azure/msal-common v16.
|
|
7358
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7298
7359
|
|
|
7299
7360
|
/*
|
|
7300
7361
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7334,7 +7395,7 @@ class JoseHeader {
|
|
|
7334
7395
|
}
|
|
7335
7396
|
}
|
|
7336
7397
|
|
|
7337
|
-
/*! @azure/msal-common v16.
|
|
7398
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7338
7399
|
|
|
7339
7400
|
/*
|
|
7340
7401
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8768,9 +8829,13 @@ function cancelPendingBridgeResponse(logger, correlationId) {
|
|
|
8768
8829
|
activeBridgeMonitor = null;
|
|
8769
8830
|
}
|
|
8770
8831
|
}
|
|
8771
|
-
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request) {
|
|
8832
|
+
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient) {
|
|
8772
8833
|
return new Promise((resolve, reject) => {
|
|
8773
8834
|
logger.verbose("1rf6em", request.correlationId);
|
|
8835
|
+
const correlationId = request.correlationId;
|
|
8836
|
+
performanceClient.addFields({
|
|
8837
|
+
redirectBridgeTimeoutMs: timeoutMs,
|
|
8838
|
+
}, correlationId);
|
|
8774
8839
|
const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
|
|
8775
8840
|
const channel = new BroadcastChannel(libraryState.id);
|
|
8776
8841
|
let responseString = undefined;
|
|
@@ -8788,6 +8853,12 @@ async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request)
|
|
|
8788
8853
|
};
|
|
8789
8854
|
channel.onmessage = (event) => {
|
|
8790
8855
|
responseString = event.data.payload;
|
|
8856
|
+
const messageVersion = event?.data && typeof event.data.v === "number"
|
|
8857
|
+
? event.data.v
|
|
8858
|
+
: undefined;
|
|
8859
|
+
performanceClient.addFields({
|
|
8860
|
+
redirectBridgeMessageVersion: messageVersion,
|
|
8861
|
+
}, correlationId);
|
|
8791
8862
|
// Clear the active monitor
|
|
8792
8863
|
activeBridgeMonitor = null;
|
|
8793
8864
|
clearTimeout(timeoutId);
|
|
@@ -10207,7 +10278,7 @@ const EventType = {
|
|
|
10207
10278
|
|
|
10208
10279
|
/* eslint-disable header/header */
|
|
10209
10280
|
const name = "@azure/msal-browser";
|
|
10210
|
-
const version = "5.
|
|
10281
|
+
const version = "5.5.0";
|
|
10211
10282
|
|
|
10212
10283
|
/*
|
|
10213
10284
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -11522,6 +11593,9 @@ class BrowserCacheManager extends CacheManager {
|
|
|
11522
11593
|
: 0, base64Decode, undefined, // refreshOn
|
|
11523
11594
|
result.tokenType, undefined, // userAssertionHash
|
|
11524
11595
|
request.sshKid);
|
|
11596
|
+
if (request.resource) {
|
|
11597
|
+
accessTokenEntity.resource = request.resource;
|
|
11598
|
+
}
|
|
11525
11599
|
const cacheRecord = {
|
|
11526
11600
|
idToken: idTokenEntity,
|
|
11527
11601
|
accessToken: accessTokenEntity,
|
|
@@ -12074,6 +12148,7 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
12074
12148
|
authority: discoveredAuthority,
|
|
12075
12149
|
clientCapabilities: this.config.auth.clientCapabilities,
|
|
12076
12150
|
redirectUri: this.config.auth.redirectUri,
|
|
12151
|
+
isMcp: this.config.auth.isMcp,
|
|
12077
12152
|
},
|
|
12078
12153
|
systemOptions: {
|
|
12079
12154
|
tokenRenewalOffsetSeconds: this.config.system.tokenRenewalOffsetSeconds,
|
|
@@ -12114,6 +12189,10 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
12114
12189
|
*/
|
|
12115
12190
|
async function initializeAuthorizationRequest(request, interactionType, config, browserCrypto, browserStorage, logger, performanceClient, correlationId) {
|
|
12116
12191
|
const redirectUri = getRedirectUri(request.redirectUri, config.auth.redirectUri, logger, correlationId);
|
|
12192
|
+
if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
|
|
12193
|
+
logger.warning("08qbvw", correlationId);
|
|
12194
|
+
performanceClient.addFields({ isRedirectUriCrossOrigin: true }, correlationId);
|
|
12195
|
+
}
|
|
12117
12196
|
const browserState = {
|
|
12118
12197
|
interactionType: interactionType,
|
|
12119
12198
|
};
|
|
@@ -12791,6 +12870,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
12791
12870
|
correlationId: this.correlationId,
|
|
12792
12871
|
state: response.state,
|
|
12793
12872
|
fromPlatformBroker: true,
|
|
12873
|
+
...(request.resource && { resource: request.resource }),
|
|
12794
12874
|
};
|
|
12795
12875
|
return result;
|
|
12796
12876
|
}
|
|
@@ -13519,6 +13599,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
13519
13599
|
tenant: "",
|
|
13520
13600
|
},
|
|
13521
13601
|
instanceAware: false,
|
|
13602
|
+
isMcp: false,
|
|
13522
13603
|
};
|
|
13523
13604
|
// Default cache options for browser
|
|
13524
13605
|
const DEFAULT_CACHE_OPTIONS = {
|
|
@@ -13911,14 +13992,17 @@ class PlatformAuthDOMHandler {
|
|
|
13911
13992
|
initializePlatformDOMRequest(request) {
|
|
13912
13993
|
this.logger.trace("15d6yv", request.correlationId);
|
|
13913
13994
|
const { accountId, clientId, authority, scope, redirectUri, correlationId, state, storeInCache, embeddedClientId, extraParameters, ...remainingProperties } = request;
|
|
13914
|
-
const validExtraParameters = this.getDOMExtraParams(remainingProperties);
|
|
13995
|
+
const validExtraParameters = this.getDOMExtraParams(remainingProperties, correlationId);
|
|
13915
13996
|
const platformDOMRequest = {
|
|
13916
13997
|
accountId: accountId,
|
|
13917
13998
|
brokerId: this.getExtensionId(),
|
|
13918
13999
|
authority: authority,
|
|
13919
14000
|
clientId: clientId,
|
|
13920
14001
|
correlationId: correlationId || this.correlationId,
|
|
13921
|
-
extraParameters: {
|
|
14002
|
+
extraParameters: {
|
|
14003
|
+
...extraParameters,
|
|
14004
|
+
...validExtraParameters,
|
|
14005
|
+
},
|
|
13922
14006
|
isSecurityTokenService: false,
|
|
13923
14007
|
redirectUri: redirectUri,
|
|
13924
14008
|
scope: scope,
|
|
@@ -13972,15 +14056,27 @@ class PlatformAuthDOMHandler {
|
|
|
13972
14056
|
};
|
|
13973
14057
|
return nativeResponse;
|
|
13974
14058
|
}
|
|
13975
|
-
getDOMExtraParams(extraParameters) {
|
|
13976
|
-
|
|
13977
|
-
|
|
13978
|
-
|
|
13979
|
-
|
|
13980
|
-
|
|
13981
|
-
|
|
13982
|
-
|
|
13983
|
-
|
|
14059
|
+
getDOMExtraParams(extraParameters, correlationId) {
|
|
14060
|
+
try {
|
|
14061
|
+
const stringifiedProperties = {};
|
|
14062
|
+
for (const [key, value] of Object.entries(extraParameters)) {
|
|
14063
|
+
if (!value) {
|
|
14064
|
+
continue;
|
|
14065
|
+
}
|
|
14066
|
+
if (typeof value === "object") {
|
|
14067
|
+
stringifiedProperties[key] = JSON.stringify(value);
|
|
14068
|
+
}
|
|
14069
|
+
else {
|
|
14070
|
+
stringifiedProperties[key] = String(value);
|
|
14071
|
+
}
|
|
14072
|
+
}
|
|
14073
|
+
return stringifiedProperties;
|
|
14074
|
+
}
|
|
14075
|
+
catch (e) {
|
|
14076
|
+
this.logger.error("0eu9o3", correlationId);
|
|
14077
|
+
this.logger.errorPii("17rpl5", correlationId);
|
|
14078
|
+
return {};
|
|
14079
|
+
}
|
|
13984
14080
|
}
|
|
13985
14081
|
}
|
|
13986
14082
|
|
|
@@ -14224,7 +14320,7 @@ class PopupClient extends StandardInteractionClient {
|
|
|
14224
14320
|
const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
|
|
14225
14321
|
this.eventHandler.emitEvent(EventType.POPUP_OPENED, correlationId, exports.InteractionType.Popup, { popupWindow }, null);
|
|
14226
14322
|
// Wait for the redirect bridge response
|
|
14227
|
-
const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
14323
|
+
const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
14228
14324
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14229
14325
|
return await invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
14230
14326
|
}
|
|
@@ -14259,7 +14355,7 @@ class PopupClient extends StandardInteractionClient {
|
|
|
14259
14355
|
const form = await getEARForm(popupWindow.document, this.config, discoveredAuthority, popupRequest, this.logger, this.performanceClient);
|
|
14260
14356
|
form.submit();
|
|
14261
14357
|
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
14262
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest);
|
|
14358
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest, this.performanceClient);
|
|
14263
14359
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14264
14360
|
if (!serverParams.ear_jwe && serverParams.code) {
|
|
14265
14361
|
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, correlationId)({
|
|
@@ -14284,7 +14380,7 @@ class PopupClient extends StandardInteractionClient {
|
|
|
14284
14380
|
const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
14285
14381
|
form.submit();
|
|
14286
14382
|
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
14287
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
14383
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
14288
14384
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14289
14385
|
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
14290
14386
|
}
|
|
@@ -14337,7 +14433,7 @@ class PopupClient extends StandardInteractionClient {
|
|
|
14337
14433
|
// Open the popup window to requestUrl.
|
|
14338
14434
|
const popupWindow = this.openPopup(logoutUri, popupParams);
|
|
14339
14435
|
this.eventHandler.emitEvent(EventType.POPUP_OPENED, validRequest.correlationId, exports.InteractionType.Popup, { popupWindow }, null);
|
|
14340
|
-
await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest).catch(() => {
|
|
14436
|
+
await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest, this.performanceClient).catch(() => {
|
|
14341
14437
|
// Swallow any errors related to monitoring the window. Server logout is best effort
|
|
14342
14438
|
});
|
|
14343
14439
|
if (mainWindowRedirectUri) {
|
|
@@ -15085,7 +15181,7 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
15085
15181
|
};
|
|
15086
15182
|
await invokeAsync(initiateEarRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, discoveredAuthority, silentRequest, this.logger, this.performanceClient);
|
|
15087
15183
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
15088
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
15184
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
15089
15185
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
15090
15186
|
if (!serverParams.ear_jwe && serverParams.code) {
|
|
15091
15187
|
// If server doesn't support EAR, they may fallback to auth code flow instead
|
|
@@ -15134,7 +15230,7 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
15134
15230
|
}
|
|
15135
15231
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
15136
15232
|
// Wait for response from the redirect bridge.
|
|
15137
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
15233
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
15138
15234
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
15139
15235
|
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceCodes.verifier, this.apiId, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15140
15236
|
}
|
|
@@ -15287,6 +15383,22 @@ class SilentAuthCodeClient extends StandardInteractionClient {
|
|
|
15287
15383
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
15288
15384
|
* Licensed under the MIT License.
|
|
15289
15385
|
*/
|
|
15386
|
+
/**
|
|
15387
|
+
* Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
|
|
15388
|
+
* @returns Network connection information, or an empty object if not available.
|
|
15389
|
+
*/
|
|
15390
|
+
function getNetworkInfo() {
|
|
15391
|
+
if (typeof window === "undefined" || !window.navigator) {
|
|
15392
|
+
return {};
|
|
15393
|
+
}
|
|
15394
|
+
const connection = "connection" in window.navigator
|
|
15395
|
+
? window.navigator.connection
|
|
15396
|
+
: undefined;
|
|
15397
|
+
return {
|
|
15398
|
+
effectiveType: connection?.effectiveType,
|
|
15399
|
+
rtt: connection?.rtt,
|
|
15400
|
+
};
|
|
15401
|
+
}
|
|
15290
15402
|
function collectInstanceStats(currentClientId, performanceEvent, logger, correlationId) {
|
|
15291
15403
|
const frameInstances =
|
|
15292
15404
|
// @ts-ignore
|
|
@@ -15306,12 +15418,13 @@ function collectInstanceStats(currentClientId, performanceEvent, logger, correla
|
|
|
15306
15418
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
15307
15419
|
* Licensed under the MIT License.
|
|
15308
15420
|
*/
|
|
15309
|
-
function preflightCheck(initialized, performanceEvent,
|
|
15421
|
+
function preflightCheck(initialized, performanceEvent, config, request) {
|
|
15310
15422
|
try {
|
|
15311
15423
|
preflightCheck$1(initialized);
|
|
15424
|
+
enforceResourceParameter(config.auth.isMcp, request);
|
|
15312
15425
|
}
|
|
15313
15426
|
catch (e) {
|
|
15314
|
-
performanceEvent.end({ success: false }, e, account);
|
|
15427
|
+
performanceEvent.end({ success: false }, e, request.account);
|
|
15315
15428
|
throw e;
|
|
15316
15429
|
}
|
|
15317
15430
|
}
|
|
@@ -15412,6 +15525,7 @@ class StandardController {
|
|
|
15412
15525
|
this.eventHandler.emitEvent(EventType.INITIALIZE_START, correlationId);
|
|
15413
15526
|
// Broker applications are initialized twice, so we avoid double-counting it
|
|
15414
15527
|
this.logMultipleInstances(initMeasurement, correlationId);
|
|
15528
|
+
initMeasurement.add({ isMcp: this.config.auth.isMcp });
|
|
15415
15529
|
await invokeAsync(this.browserStorage.initialize.bind(this.browserStorage), InitializeCache, this.logger, this.performanceClient, correlationId)(correlationId);
|
|
15416
15530
|
if (allowPlatformBroker) {
|
|
15417
15531
|
try {
|
|
@@ -15589,6 +15703,7 @@ class StandardController {
|
|
|
15589
15703
|
};
|
|
15590
15704
|
try {
|
|
15591
15705
|
redirectPreflightCheck(this.initialized, this.config);
|
|
15706
|
+
enforceResourceParameter(this.config.auth.isMcp, request);
|
|
15592
15707
|
this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN);
|
|
15593
15708
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Redirect, request);
|
|
15594
15709
|
let result;
|
|
@@ -15653,7 +15768,7 @@ class StandardController {
|
|
|
15653
15768
|
});
|
|
15654
15769
|
try {
|
|
15655
15770
|
this.logger.verbose("0ch87b", correlationId);
|
|
15656
|
-
preflightCheck(this.initialized, atPopupMeasurement, request
|
|
15771
|
+
preflightCheck(this.initialized, atPopupMeasurement, this.config, request);
|
|
15657
15772
|
this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN, request.overrideInteractionInProgress, correlationId);
|
|
15658
15773
|
}
|
|
15659
15774
|
catch (e) {
|
|
@@ -15767,7 +15882,7 @@ class StandardController {
|
|
|
15767
15882
|
this.ssoSilentMeasurement?.add({
|
|
15768
15883
|
scenarioId: request.scenarioId,
|
|
15769
15884
|
});
|
|
15770
|
-
preflightCheck(this.initialized, this.ssoSilentMeasurement,
|
|
15885
|
+
preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
|
|
15771
15886
|
this.ssoSilentMeasurement?.increment({
|
|
15772
15887
|
visibilityChangeCount: 0,
|
|
15773
15888
|
});
|
|
@@ -15831,7 +15946,7 @@ class StandardController {
|
|
|
15831
15946
|
const correlationId = this.getRequestCorrelationId(request);
|
|
15832
15947
|
this.logger.trace("0ch6ga", correlationId);
|
|
15833
15948
|
const atbcMeasurement = this.performanceClient.startMeasurement(AcquireTokenByCode, correlationId);
|
|
15834
|
-
preflightCheck(this.initialized, atbcMeasurement);
|
|
15949
|
+
preflightCheck(this.initialized, atbcMeasurement, this.config, request);
|
|
15835
15950
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Silent, request);
|
|
15836
15951
|
atbcMeasurement.add({ scenarioId: request.scenarioId });
|
|
15837
15952
|
try {
|
|
@@ -16333,7 +16448,7 @@ class StandardController {
|
|
|
16333
16448
|
cacheLookupPolicy: request.cacheLookupPolicy,
|
|
16334
16449
|
scenarioId: request.scenarioId,
|
|
16335
16450
|
});
|
|
16336
|
-
preflightCheck(this.initialized, atsMeasurement, request
|
|
16451
|
+
preflightCheck(this.initialized, atsMeasurement, this.config, request);
|
|
16337
16452
|
this.logger.verbose("0x1c4s", correlationId);
|
|
16338
16453
|
const account = request.account || this.getActiveAccount();
|
|
16339
16454
|
if (!account) {
|
|
@@ -16789,6 +16904,7 @@ class NestedAppAuthAdapter {
|
|
|
16789
16904
|
platformBrokerId: request.account?.homeAccountId,
|
|
16790
16905
|
clientId: this.clientId,
|
|
16791
16906
|
authority: request.authority,
|
|
16907
|
+
resource: request.resource,
|
|
16792
16908
|
scope: scopes.join(" "),
|
|
16793
16909
|
correlationId,
|
|
16794
16910
|
claims: !StringUtils.isEmptyObj(claims) ? claims : undefined,
|
|
@@ -17059,6 +17175,7 @@ class NestedAppAuthController {
|
|
|
17059
17175
|
const atPopupMeasurement = this.performanceClient.startMeasurement(AcquireTokenPopup, correlationId);
|
|
17060
17176
|
atPopupMeasurement.add({ nestedAppAuthRequest: true });
|
|
17061
17177
|
try {
|
|
17178
|
+
enforceResourceParameter(this.config.auth.isMcp, validRequest);
|
|
17062
17179
|
const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
|
|
17063
17180
|
const reqTimestamp = nowSeconds();
|
|
17064
17181
|
const response = await this.bridgeProxy.getTokenInteractive(naaRequest);
|
|
@@ -17125,6 +17242,7 @@ class NestedAppAuthController {
|
|
|
17125
17242
|
nestedAppAuthRequest: true,
|
|
17126
17243
|
});
|
|
17127
17244
|
try {
|
|
17245
|
+
enforceResourceParameter(this.config.auth.isMcp, validRequest);
|
|
17128
17246
|
const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
|
|
17129
17247
|
naaRequest.forceRefresh = validRequest.forceRefresh;
|
|
17130
17248
|
const reqTimestamp = nowSeconds();
|
|
@@ -17259,6 +17377,14 @@ class NestedAppAuthController {
|
|
|
17259
17377
|
this.logger.verbose("18egye", correlationId);
|
|
17260
17378
|
return Promise.resolve(null);
|
|
17261
17379
|
}
|
|
17380
|
+
else if (authRequest.resource) {
|
|
17381
|
+
const requestedResource = authRequest.resource;
|
|
17382
|
+
const cachedResource = cachedAccessToken.resource;
|
|
17383
|
+
if (!cachedResource || cachedResource !== requestedResource) {
|
|
17384
|
+
this.logger.verbose("0qraxd", correlationId);
|
|
17385
|
+
return Promise.resolve(null);
|
|
17386
|
+
}
|
|
17387
|
+
}
|
|
17262
17388
|
const cachedIdToken = this.browserStorage.getIdToken(currentAccount, authRequest.correlationId, tokenKeys, currentAccount.tenantId);
|
|
17263
17389
|
if (!cachedIdToken) {
|
|
17264
17390
|
this.logger.verbose("0d68kd", correlationId);
|
|
@@ -18428,11 +18554,14 @@ class BrowserPerformanceClient extends PerformanceClient {
|
|
|
18428
18554
|
return {
|
|
18429
18555
|
...inProgressEvent,
|
|
18430
18556
|
end: (event, error, account) => {
|
|
18557
|
+
const networkInfo = getNetworkInfo();
|
|
18431
18558
|
const res = inProgressEvent.end({
|
|
18432
18559
|
...event,
|
|
18433
18560
|
startPageVisibility,
|
|
18434
18561
|
endPageVisibility: this.getPageVisibility(),
|
|
18435
18562
|
durationMs: getPerfDurationMs(startTime),
|
|
18563
|
+
networkEffectiveType: networkInfo.effectiveType,
|
|
18564
|
+
networkRtt: networkInfo.rtt,
|
|
18436
18565
|
}, error, account);
|
|
18437
18566
|
void browserMeasurement?.then((measurement) => measurement.endMeasurement());
|
|
18438
18567
|
this.deleteIncompleteSubMeasurements(inProgressEvent);
|
|
@@ -18604,6 +18733,7 @@ exports.StubPerformanceClient = StubPerformanceClient;
|
|
|
18604
18733
|
exports.WrapperSKU = WrapperSKU;
|
|
18605
18734
|
exports.createNestablePublicClientApplication = createNestablePublicClientApplication;
|
|
18606
18735
|
exports.createStandardPublicClientApplication = createStandardPublicClientApplication;
|
|
18736
|
+
exports.enforceResourceParameter = enforceResourceParameter;
|
|
18607
18737
|
exports.isPlatformBrokerAvailable = isPlatformBrokerAvailable;
|
|
18608
18738
|
exports.loadExternalTokens = loadExternalTokens;
|
|
18609
18739
|
exports.stubbedPublicClientApplication = stubbedPublicClientApplication;
|