@azure/msal-browser 5.4.0 → 5.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +4 -1
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +4 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +12 -2
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +11 -8
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +4 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +4 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +11 -8
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/index.d.ts +1 -1
- package/dist/custom-auth-path/index.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +5 -5
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +6 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +19 -3
- package/dist/custom-auth-path/naa/TokenRequest.d.ts +1 -0
- package/dist/custom-auth-path/naa/TokenRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts +2 -2
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +12 -2
- package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +2 -2
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +5 -5
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +6 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +23 -7
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/TokenRequest.d.ts +1 -0
- package/dist/naa/TokenRequest.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +2 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/config/Configuration.d.ts +4 -0
- package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/index.d.ts +1 -1
- package/dist/redirect-bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/naa/TokenRequest.d.ts +1 -0
- package/dist/redirect-bridge/naa/TokenRequest.d.ts.map +1 -1
- package/dist/redirect-bridge/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts +2 -2
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -1
- package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +5 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.d.ts +2 -2
- package/dist/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/utils/BrowserUtils.mjs +12 -2
- package/dist/utils/BrowserUtils.mjs.map +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +19 -3
- package/lib/custom-auth-path/msal-custom-auth.cjs +190 -92
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +4 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/naa/TokenRequest.d.ts +1 -0
- package/lib/custom-auth-path/types/naa/TokenRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/lib/log-strings-mapping.json +23 -7
- package/lib/msal-browser.cjs +224 -94
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +224 -94
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +4 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/index.d.ts +1 -1
- package/lib/types/index.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/naa/TokenRequest.d.ts +1 -0
- package/lib/types/naa/TokenRequest.d.ts.map +1 -1
- package/lib/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +34 -17
- package/src/broker/nativeBroker/PlatformAuthRequest.ts +1 -0
- package/src/cache/BrowserCacheManager.ts +4 -0
- package/src/config/Configuration.ts +5 -0
- package/src/controllers/NestedAppAuthController.ts +14 -0
- package/src/controllers/StandardController.ts +13 -6
- package/src/index.ts +1 -0
- package/src/interaction_client/PlatformAuthInteractionClient.ts +1 -0
- package/src/interaction_client/PopupClient.ts +8 -4
- package/src/interaction_client/SilentIframeClient.ts +4 -2
- package/src/interaction_client/StandardInteractionClient.ts +11 -0
- package/src/naa/TokenRequest.ts +1 -0
- package/src/naa/mapping/NestedAppAuthAdapter.ts +1 -0
- package/src/packageMetadata.ts +1 -1
- package/src/telemetry/BrowserPerformanceClient.ts +4 -0
- package/src/utils/BrowserUtils.ts +24 -1
- package/src/utils/MsalFrameStatsUtils.ts +27 -0
package/lib/msal-browser.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.
|
|
1
|
+
/*! @azure/msal-browser v5.5.0 2026-03-13 */
|
|
2
2
|
'use strict';
|
|
3
3
|
(function (global, factory) {
|
|
4
4
|
typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
(global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
|
|
7
7
|
})(this, (function (exports) { 'use strict';
|
|
8
8
|
|
|
9
|
-
/*! @azure/msal-common v16.
|
|
9
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
10
10
|
/*
|
|
11
11
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
12
12
|
* Licensed under the MIT License.
|
|
@@ -238,7 +238,7 @@
|
|
|
238
238
|
// Token renewal offset default in seconds
|
|
239
239
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
240
240
|
|
|
241
|
-
/*! @azure/msal-common v16.
|
|
241
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
242
242
|
/*
|
|
243
243
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
244
244
|
* Licensed under the MIT License.
|
|
@@ -286,9 +286,10 @@
|
|
|
286
286
|
const BROKER_REDIRECT_URI = "brk_redirect_uri";
|
|
287
287
|
const INSTANCE_AWARE = "instance_aware";
|
|
288
288
|
const EAR_JWK = "ear_jwk";
|
|
289
|
-
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
289
|
+
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
290
|
+
const RESOURCE = "resource";
|
|
290
291
|
|
|
291
|
-
/*! @azure/msal-common v16.
|
|
292
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
292
293
|
/*
|
|
293
294
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
294
295
|
* Licensed under the MIT License.
|
|
@@ -319,7 +320,7 @@
|
|
|
319
320
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
320
321
|
}
|
|
321
322
|
|
|
322
|
-
/*! @azure/msal-common v16.
|
|
323
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
323
324
|
|
|
324
325
|
/*
|
|
325
326
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -339,7 +340,7 @@
|
|
|
339
340
|
return new ClientConfigurationError(errorCode);
|
|
340
341
|
}
|
|
341
342
|
|
|
342
|
-
/*! @azure/msal-common v16.
|
|
343
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
343
344
|
/*
|
|
344
345
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
345
346
|
* Licensed under the MIT License.
|
|
@@ -419,7 +420,7 @@
|
|
|
419
420
|
}
|
|
420
421
|
}
|
|
421
422
|
|
|
422
|
-
/*! @azure/msal-common v16.
|
|
423
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
423
424
|
|
|
424
425
|
/*
|
|
425
426
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -442,7 +443,7 @@
|
|
|
442
443
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
443
444
|
}
|
|
444
445
|
|
|
445
|
-
/*! @azure/msal-common v16.
|
|
446
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
446
447
|
/*
|
|
447
448
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
448
449
|
* Licensed under the MIT License.
|
|
@@ -496,7 +497,7 @@
|
|
|
496
497
|
urlParseError: urlParseError
|
|
497
498
|
});
|
|
498
499
|
|
|
499
|
-
/*! @azure/msal-common v16.
|
|
500
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
500
501
|
/*
|
|
501
502
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
502
503
|
* Licensed under the MIT License.
|
|
@@ -537,7 +538,9 @@
|
|
|
537
538
|
const userCanceled = "user_canceled";
|
|
538
539
|
const methodNotImplemented = "method_not_implemented";
|
|
539
540
|
const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
|
|
540
|
-
const platformBrokerError = "platform_broker_error";
|
|
541
|
+
const platformBrokerError = "platform_broker_error";
|
|
542
|
+
const resourceParameterRequired = "resource_parameter_required";
|
|
543
|
+
const misplacedResourceParam = "misplaced_resource_parameter";
|
|
541
544
|
|
|
542
545
|
var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
543
546
|
__proto__: null,
|
|
@@ -558,6 +561,7 @@
|
|
|
558
561
|
keyIdMissing: keyIdMissing,
|
|
559
562
|
maxAgeTranspired: maxAgeTranspired,
|
|
560
563
|
methodNotImplemented: methodNotImplemented,
|
|
564
|
+
misplacedResourceParam: misplacedResourceParam,
|
|
561
565
|
multipleMatchingAppMetadata: multipleMatchingAppMetadata,
|
|
562
566
|
multipleMatchingTokens: multipleMatchingTokens,
|
|
563
567
|
nestedAppAuthBridgeDisabled: nestedAppAuthBridgeDisabled,
|
|
@@ -571,6 +575,7 @@
|
|
|
571
575
|
openIdConfigError: openIdConfigError,
|
|
572
576
|
platformBrokerError: platformBrokerError,
|
|
573
577
|
requestCannotBeMade: requestCannotBeMade,
|
|
578
|
+
resourceParameterRequired: resourceParameterRequired,
|
|
574
579
|
stateMismatch: stateMismatch,
|
|
575
580
|
stateNotFound: stateNotFound,
|
|
576
581
|
tokenClaimsCnfRequiredForSignedJwt: tokenClaimsCnfRequiredForSignedJwt,
|
|
@@ -580,7 +585,7 @@
|
|
|
580
585
|
userCanceled: userCanceled
|
|
581
586
|
});
|
|
582
587
|
|
|
583
|
-
/*! @azure/msal-common v16.
|
|
588
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
584
589
|
|
|
585
590
|
/*
|
|
586
591
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -775,7 +780,7 @@
|
|
|
775
780
|
}
|
|
776
781
|
}
|
|
777
782
|
|
|
778
|
-
/*! @azure/msal-common v16.
|
|
783
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
779
784
|
|
|
780
785
|
/*
|
|
781
786
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1140,9 +1145,14 @@
|
|
|
1140
1145
|
// ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
|
|
1141
1146
|
const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
|
|
1142
1147
|
parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
1148
|
+
}
|
|
1149
|
+
function addResource(parameters, resource) {
|
|
1150
|
+
if (resource) {
|
|
1151
|
+
parameters.set(RESOURCE, resource);
|
|
1152
|
+
}
|
|
1143
1153
|
}
|
|
1144
1154
|
|
|
1145
|
-
/*! @azure/msal-common v16.
|
|
1155
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1146
1156
|
|
|
1147
1157
|
/*
|
|
1148
1158
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1251,7 +1261,7 @@
|
|
|
1251
1261
|
}
|
|
1252
1262
|
}
|
|
1253
1263
|
|
|
1254
|
-
/*! @azure/msal-common v16.
|
|
1264
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1255
1265
|
|
|
1256
1266
|
/*
|
|
1257
1267
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1290,7 +1300,7 @@
|
|
|
1290
1300
|
},
|
|
1291
1301
|
};
|
|
1292
1302
|
|
|
1293
|
-
/*! @azure/msal-common v16.
|
|
1303
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1294
1304
|
/*
|
|
1295
1305
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1296
1306
|
* Licensed under the MIT License.
|
|
@@ -1565,12 +1575,12 @@
|
|
|
1565
1575
|
}
|
|
1566
1576
|
}
|
|
1567
1577
|
|
|
1568
|
-
/*! @azure/msal-common v16.
|
|
1578
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1569
1579
|
/* eslint-disable header/header */
|
|
1570
1580
|
const name$1 = "@azure/msal-common";
|
|
1571
|
-
const version$1 = "16.
|
|
1581
|
+
const version$1 = "16.3.0";
|
|
1572
1582
|
|
|
1573
|
-
/*! @azure/msal-common v16.
|
|
1583
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1574
1584
|
/*
|
|
1575
1585
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1576
1586
|
* Licensed under the MIT License.
|
|
@@ -1590,7 +1600,7 @@
|
|
|
1590
1600
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
1591
1601
|
};
|
|
1592
1602
|
|
|
1593
|
-
/*! @azure/msal-common v16.
|
|
1603
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1594
1604
|
/*
|
|
1595
1605
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1596
1606
|
* Licensed under the MIT License.
|
|
@@ -1672,7 +1682,7 @@
|
|
|
1672
1682
|
return updatedAccountInfo;
|
|
1673
1683
|
}
|
|
1674
1684
|
|
|
1675
|
-
/*! @azure/msal-common v16.
|
|
1685
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1676
1686
|
|
|
1677
1687
|
/*
|
|
1678
1688
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1752,7 +1762,7 @@
|
|
|
1752
1762
|
}
|
|
1753
1763
|
}
|
|
1754
1764
|
|
|
1755
|
-
/*! @azure/msal-common v16.
|
|
1765
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1756
1766
|
|
|
1757
1767
|
/*
|
|
1758
1768
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1909,7 +1919,7 @@
|
|
|
1909
1919
|
}
|
|
1910
1920
|
}
|
|
1911
1921
|
|
|
1912
|
-
/*! @azure/msal-common v16.
|
|
1922
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
1913
1923
|
|
|
1914
1924
|
/*
|
|
1915
1925
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2066,7 +2076,7 @@
|
|
|
2066
2076
|
return null;
|
|
2067
2077
|
}
|
|
2068
2078
|
|
|
2069
|
-
/*! @azure/msal-common v16.
|
|
2079
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2070
2080
|
/*
|
|
2071
2081
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2072
2082
|
* Licensed under the MIT License.
|
|
@@ -2074,7 +2084,7 @@
|
|
|
2074
2084
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2075
2085
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2076
2086
|
|
|
2077
|
-
/*! @azure/msal-common v16.
|
|
2087
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2078
2088
|
|
|
2079
2089
|
/*
|
|
2080
2090
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2112,7 +2122,7 @@
|
|
|
2112
2122
|
}
|
|
2113
2123
|
}
|
|
2114
2124
|
|
|
2115
|
-
/*! @azure/msal-common v16.
|
|
2125
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2116
2126
|
|
|
2117
2127
|
/*
|
|
2118
2128
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2150,7 +2160,7 @@
|
|
|
2150
2160
|
};
|
|
2151
2161
|
}
|
|
2152
2162
|
|
|
2153
|
-
/*! @azure/msal-common v16.
|
|
2163
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2154
2164
|
/*
|
|
2155
2165
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2156
2166
|
* Licensed under the MIT License.
|
|
@@ -2165,7 +2175,7 @@
|
|
|
2165
2175
|
Ciam: 3,
|
|
2166
2176
|
};
|
|
2167
2177
|
|
|
2168
|
-
/*! @azure/msal-common v16.
|
|
2178
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2169
2179
|
/*
|
|
2170
2180
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2171
2181
|
* Licensed under the MIT License.
|
|
@@ -2187,7 +2197,7 @@
|
|
|
2187
2197
|
return null;
|
|
2188
2198
|
}
|
|
2189
2199
|
|
|
2190
|
-
/*! @azure/msal-common v16.
|
|
2200
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2191
2201
|
/*
|
|
2192
2202
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2193
2203
|
* Licensed under the MIT License.
|
|
@@ -2211,7 +2221,7 @@
|
|
|
2211
2221
|
EAR: "EAR",
|
|
2212
2222
|
};
|
|
2213
2223
|
|
|
2214
|
-
/*! @azure/msal-common v16.
|
|
2224
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2215
2225
|
/**
|
|
2216
2226
|
* Returns the AccountInfo interface for this account.
|
|
2217
2227
|
*/
|
|
@@ -2386,7 +2396,7 @@
|
|
|
2386
2396
|
entity.hasOwnProperty("authorityType"));
|
|
2387
2397
|
}
|
|
2388
2398
|
|
|
2389
|
-
/*! @azure/msal-common v16.
|
|
2399
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
2390
2400
|
|
|
2391
2401
|
/*
|
|
2392
2402
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3483,7 +3493,7 @@
|
|
|
3483
3493
|
}
|
|
3484
3494
|
}
|
|
3485
3495
|
|
|
3486
|
-
/*! @azure/msal-common v16.
|
|
3496
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3487
3497
|
/*
|
|
3488
3498
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3489
3499
|
* Licensed under the MIT License.
|
|
@@ -3528,9 +3538,12 @@
|
|
|
3528
3538
|
"currRefreshCount",
|
|
3529
3539
|
"expiredCacheRemovedCount",
|
|
3530
3540
|
"upgradedCacheCount",
|
|
3541
|
+
"networkRtt",
|
|
3542
|
+
"redirectBridgeTimeoutMs",
|
|
3543
|
+
"redirectBridgeMessageVersion",
|
|
3531
3544
|
]);
|
|
3532
3545
|
|
|
3533
|
-
/*! @azure/msal-common v16.
|
|
3546
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3534
3547
|
|
|
3535
3548
|
/*
|
|
3536
3549
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3585,7 +3598,7 @@
|
|
|
3585
3598
|
}
|
|
3586
3599
|
}
|
|
3587
3600
|
|
|
3588
|
-
/*! @azure/msal-common v16.
|
|
3601
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3589
3602
|
|
|
3590
3603
|
/*
|
|
3591
3604
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3668,6 +3681,7 @@
|
|
|
3668
3681
|
clientCapabilities: [],
|
|
3669
3682
|
azureCloudOptions: DEFAULT_AZURE_CLOUD_OPTIONS,
|
|
3670
3683
|
instanceAware: false,
|
|
3684
|
+
isMcp: false,
|
|
3671
3685
|
...authOptions,
|
|
3672
3686
|
};
|
|
3673
3687
|
}
|
|
@@ -3679,7 +3693,7 @@
|
|
|
3679
3693
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3680
3694
|
}
|
|
3681
3695
|
|
|
3682
|
-
/*! @azure/msal-common v16.
|
|
3696
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3683
3697
|
|
|
3684
3698
|
/*
|
|
3685
3699
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3698,7 +3712,7 @@
|
|
|
3698
3712
|
}
|
|
3699
3713
|
}
|
|
3700
3714
|
|
|
3701
|
-
/*! @azure/msal-common v16.
|
|
3715
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3702
3716
|
/*
|
|
3703
3717
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3704
3718
|
* Licensed under the MIT License.
|
|
@@ -3762,7 +3776,7 @@
|
|
|
3762
3776
|
uxNotAllowed: uxNotAllowed
|
|
3763
3777
|
});
|
|
3764
3778
|
|
|
3765
|
-
/*! @azure/msal-common v16.
|
|
3779
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3766
3780
|
|
|
3767
3781
|
/*
|
|
3768
3782
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3830,7 +3844,7 @@
|
|
|
3830
3844
|
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
3831
3845
|
}
|
|
3832
3846
|
|
|
3833
|
-
/*! @azure/msal-common v16.
|
|
3847
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3834
3848
|
|
|
3835
3849
|
/*
|
|
3836
3850
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3898,7 +3912,7 @@
|
|
|
3898
3912
|
}
|
|
3899
3913
|
}
|
|
3900
3914
|
|
|
3901
|
-
/*! @azure/msal-common v16.
|
|
3915
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3902
3916
|
/*
|
|
3903
3917
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3904
3918
|
* Licensed under the MIT License.
|
|
@@ -3963,7 +3977,7 @@
|
|
|
3963
3977
|
return cachedAtSec > nowSeconds();
|
|
3964
3978
|
}
|
|
3965
3979
|
|
|
3966
|
-
/*! @azure/msal-common v16.
|
|
3980
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
3967
3981
|
/*
|
|
3968
3982
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3969
3983
|
* Licensed under the MIT License.
|
|
@@ -4034,7 +4048,7 @@
|
|
|
4034
4048
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
4035
4049
|
const SetUserData = "setUserData";
|
|
4036
4050
|
|
|
4037
|
-
/*! @azure/msal-common v16.
|
|
4051
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4038
4052
|
/*
|
|
4039
4053
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4040
4054
|
* Licensed under the MIT License.
|
|
@@ -4127,7 +4141,7 @@
|
|
|
4127
4141
|
};
|
|
4128
4142
|
};
|
|
4129
4143
|
|
|
4130
|
-
/*! @azure/msal-common v16.
|
|
4144
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4131
4145
|
|
|
4132
4146
|
/*
|
|
4133
4147
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4207,7 +4221,7 @@
|
|
|
4207
4221
|
}
|
|
4208
4222
|
}
|
|
4209
4223
|
|
|
4210
|
-
/*! @azure/msal-common v16.
|
|
4224
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4211
4225
|
/*
|
|
4212
4226
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4213
4227
|
* Licensed under the MIT License.
|
|
@@ -4234,7 +4248,7 @@
|
|
|
4234
4248
|
}
|
|
4235
4249
|
}
|
|
4236
4250
|
|
|
4237
|
-
/*! @azure/msal-common v16.
|
|
4251
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4238
4252
|
|
|
4239
4253
|
/*
|
|
4240
4254
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4493,7 +4507,7 @@
|
|
|
4493
4507
|
return metadata.expiresAt <= nowSeconds();
|
|
4494
4508
|
}
|
|
4495
4509
|
|
|
4496
|
-
/*! @azure/msal-common v16.
|
|
4510
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4497
4511
|
|
|
4498
4512
|
/*
|
|
4499
4513
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4678,6 +4692,11 @@
|
|
|
4678
4692
|
: undefined;
|
|
4679
4693
|
// non AAD scenarios can have empty realm
|
|
4680
4694
|
cachedAccessToken = createAccessTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.access_token, this.clientId, claimsTenantId || authority.tenant || "", responseScopes.printScopes(), tokenExpirationSeconds, extendedTokenExpirationSeconds, this.cryptoObj.base64Decode, refreshOnSeconds, serverTokenResponse.token_type, userAssertionHash, serverTokenResponse.key_id);
|
|
4695
|
+
// Set resource (to be used for MCP scenarios)
|
|
4696
|
+
const resource = request.resource || null;
|
|
4697
|
+
if (resource) {
|
|
4698
|
+
cachedAccessToken.resource = resource;
|
|
4699
|
+
}
|
|
4681
4700
|
}
|
|
4682
4701
|
// refreshToken
|
|
4683
4702
|
let cachedRefreshToken = null;
|
|
@@ -4829,7 +4848,7 @@
|
|
|
4829
4848
|
return baseAccount;
|
|
4830
4849
|
}
|
|
4831
4850
|
|
|
4832
|
-
/*! @azure/msal-common v16.
|
|
4851
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4833
4852
|
/*
|
|
4834
4853
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4835
4854
|
* Licensed under the MIT License.
|
|
@@ -4839,7 +4858,7 @@
|
|
|
4839
4858
|
UPN: "UPN",
|
|
4840
4859
|
};
|
|
4841
4860
|
|
|
4842
|
-
/*! @azure/msal-common v16.
|
|
4861
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4843
4862
|
/*
|
|
4844
4863
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4845
4864
|
* Licensed under the MIT License.
|
|
@@ -4857,7 +4876,7 @@
|
|
|
4857
4876
|
}
|
|
4858
4877
|
}
|
|
4859
4878
|
|
|
4860
|
-
/*! @azure/msal-common v16.
|
|
4879
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4861
4880
|
/*
|
|
4862
4881
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4863
4882
|
* Licensed under the MIT License.
|
|
@@ -4878,7 +4897,7 @@
|
|
|
4878
4897
|
};
|
|
4879
4898
|
}
|
|
4880
4899
|
|
|
4881
|
-
/*! @azure/msal-common v16.
|
|
4900
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4882
4901
|
|
|
4883
4902
|
/*
|
|
4884
4903
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4964,7 +4983,7 @@
|
|
|
4964
4983
|
}
|
|
4965
4984
|
}
|
|
4966
4985
|
|
|
4967
|
-
/*! @azure/msal-common v16.
|
|
4986
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4968
4987
|
|
|
4969
4988
|
/*
|
|
4970
4989
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4995,7 +5014,7 @@
|
|
|
4995
5014
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
4996
5015
|
}
|
|
4997
5016
|
|
|
4998
|
-
/*! @azure/msal-common v16.
|
|
5017
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
4999
5018
|
|
|
5000
5019
|
/*
|
|
5001
5020
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5109,7 +5128,7 @@
|
|
|
5109
5128
|
return response;
|
|
5110
5129
|
}
|
|
5111
5130
|
|
|
5112
|
-
/*! @azure/msal-common v16.
|
|
5131
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5113
5132
|
/*
|
|
5114
5133
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5115
5134
|
* Licensed under the MIT License.
|
|
@@ -5121,7 +5140,7 @@
|
|
|
5121
5140
|
response.hasOwnProperty("jwks_uri"));
|
|
5122
5141
|
}
|
|
5123
5142
|
|
|
5124
|
-
/*! @azure/msal-common v16.
|
|
5143
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5125
5144
|
/*
|
|
5126
5145
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5127
5146
|
* Licensed under the MIT License.
|
|
@@ -5131,7 +5150,7 @@
|
|
|
5131
5150
|
response.hasOwnProperty("metadata"));
|
|
5132
5151
|
}
|
|
5133
5152
|
|
|
5134
|
-
/*! @azure/msal-common v16.
|
|
5153
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5135
5154
|
/*
|
|
5136
5155
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5137
5156
|
* Licensed under the MIT License.
|
|
@@ -5141,7 +5160,7 @@
|
|
|
5141
5160
|
response.hasOwnProperty("error_description"));
|
|
5142
5161
|
}
|
|
5143
5162
|
|
|
5144
|
-
/*! @azure/msal-common v16.
|
|
5163
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5145
5164
|
|
|
5146
5165
|
/*
|
|
5147
5166
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5246,7 +5265,7 @@
|
|
|
5246
5265
|
},
|
|
5247
5266
|
};
|
|
5248
5267
|
|
|
5249
|
-
/*! @azure/msal-common v16.
|
|
5268
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
5250
5269
|
|
|
5251
5270
|
/*
|
|
5252
5271
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6066,7 +6085,7 @@
|
|
|
6066
6085
|
};
|
|
6067
6086
|
}
|
|
6068
6087
|
|
|
6069
|
-
/*! @azure/msal-common v16.
|
|
6088
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6070
6089
|
|
|
6071
6090
|
/*
|
|
6072
6091
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6100,7 +6119,7 @@
|
|
|
6100
6119
|
}
|
|
6101
6120
|
}
|
|
6102
6121
|
|
|
6103
|
-
/*! @azure/msal-common v16.
|
|
6122
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6104
6123
|
|
|
6105
6124
|
/*
|
|
6106
6125
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6220,6 +6239,7 @@
|
|
|
6220
6239
|
}
|
|
6221
6240
|
// Add scope array, parameter builder will add default scopes and dedupe
|
|
6222
6241
|
addScopes(parameters, request.scopes, true, this.oidcDefaultScopes);
|
|
6242
|
+
addResource(parameters, request.resource);
|
|
6223
6243
|
// add code: user set, not validated
|
|
6224
6244
|
addAuthorizationCode(parameters, request.code);
|
|
6225
6245
|
// Add library metadata
|
|
@@ -6360,7 +6380,7 @@
|
|
|
6360
6380
|
}
|
|
6361
6381
|
}
|
|
6362
6382
|
|
|
6363
|
-
/*! @azure/msal-common v16.
|
|
6383
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6364
6384
|
|
|
6365
6385
|
/*
|
|
6366
6386
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6585,7 +6605,7 @@
|
|
|
6585
6605
|
}
|
|
6586
6606
|
}
|
|
6587
6607
|
|
|
6588
|
-
/*! @azure/msal-common v16.
|
|
6608
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6589
6609
|
|
|
6590
6610
|
/*
|
|
6591
6611
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6641,6 +6661,13 @@
|
|
|
6641
6661
|
this.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED, request.correlationId);
|
|
6642
6662
|
throw createClientAuthError(tokenRefreshRequired);
|
|
6643
6663
|
}
|
|
6664
|
+
else if (request.resource) {
|
|
6665
|
+
// cached access token must have a resource that matches the request resource for MCP scenarios
|
|
6666
|
+
if (cachedAccessToken.resource !== request.resource) {
|
|
6667
|
+
this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
|
|
6668
|
+
throw createClientAuthError(tokenRefreshRequired);
|
|
6669
|
+
}
|
|
6670
|
+
}
|
|
6644
6671
|
else if (cachedAccessToken.refreshOn &&
|
|
6645
6672
|
isTokenExpired(cachedAccessToken.refreshOn, 0)) {
|
|
6646
6673
|
// must refresh (in the background) due to the refresh_in value
|
|
@@ -6694,7 +6721,7 @@
|
|
|
6694
6721
|
}
|
|
6695
6722
|
}
|
|
6696
6723
|
|
|
6697
|
-
/*! @azure/msal-common v16.
|
|
6724
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6698
6725
|
|
|
6699
6726
|
/*
|
|
6700
6727
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6709,7 +6736,7 @@
|
|
|
6709
6736
|
},
|
|
6710
6737
|
};
|
|
6711
6738
|
|
|
6712
|
-
/*! @azure/msal-common v16.
|
|
6739
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6713
6740
|
|
|
6714
6741
|
/*
|
|
6715
6742
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6735,6 +6762,7 @@
|
|
|
6735
6762
|
...(request.extraScopesToConsent || []),
|
|
6736
6763
|
];
|
|
6737
6764
|
addScopes(parameters, requestScopes, true, authOptions.authority.options.OIDCOptions?.defaultScopes);
|
|
6765
|
+
addResource(parameters, request.resource);
|
|
6738
6766
|
addRedirectUri(parameters, request.redirectUri);
|
|
6739
6767
|
addCorrelationId(parameters, correlationId);
|
|
6740
6768
|
// add response_mode. If not passed in it defaults to query.
|
|
@@ -6933,7 +6961,40 @@
|
|
|
6933
6961
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
6934
6962
|
}
|
|
6935
6963
|
|
|
6936
|
-
/*! @azure/msal-common v16.
|
|
6964
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6965
|
+
|
|
6966
|
+
/*
|
|
6967
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6968
|
+
* Licensed under the MIT License.
|
|
6969
|
+
*/
|
|
6970
|
+
/**
|
|
6971
|
+
* Helper to enforce resource parameter presence in token requests when isMcp is set in the configuration.
|
|
6972
|
+
* If resource parameter is set in both the request and in extraQueryParameters or extraParameters, an error will be thrown.
|
|
6973
|
+
* This is used for MCP flows.
|
|
6974
|
+
* @param isMcp - Flag indicating if application is an MCP app, from configuration
|
|
6975
|
+
* @param request - Auth request
|
|
6976
|
+
*/
|
|
6977
|
+
function enforceResourceParameter(isMcp, request) {
|
|
6978
|
+
if (!isMcp) {
|
|
6979
|
+
return;
|
|
6980
|
+
}
|
|
6981
|
+
if (request.resource &&
|
|
6982
|
+
(containsResourceParam(request.extraParameters) ||
|
|
6983
|
+
containsResourceParam(request.extraQueryParameters))) {
|
|
6984
|
+
throw createClientAuthError(misplacedResourceParam);
|
|
6985
|
+
}
|
|
6986
|
+
if (!request.resource) {
|
|
6987
|
+
throw createClientAuthError(resourceParameterRequired);
|
|
6988
|
+
}
|
|
6989
|
+
}
|
|
6990
|
+
function containsResourceParam(params) {
|
|
6991
|
+
if (!params) {
|
|
6992
|
+
return false;
|
|
6993
|
+
}
|
|
6994
|
+
return Object.prototype.hasOwnProperty.call(params, "resource");
|
|
6995
|
+
}
|
|
6996
|
+
|
|
6997
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6937
6998
|
|
|
6938
6999
|
/*
|
|
6939
7000
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6991,7 +7052,7 @@
|
|
|
6991
7052
|
}
|
|
6992
7053
|
}
|
|
6993
7054
|
|
|
6994
|
-
/*! @azure/msal-common v16.
|
|
7055
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
6995
7056
|
/*
|
|
6996
7057
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6997
7058
|
* Licensed under the MIT License.
|
|
@@ -7008,7 +7069,7 @@
|
|
|
7008
7069
|
unexpectedError: unexpectedError
|
|
7009
7070
|
});
|
|
7010
7071
|
|
|
7011
|
-
/*! @azure/msal-common v16.
|
|
7072
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7012
7073
|
|
|
7013
7074
|
/*
|
|
7014
7075
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7269,7 +7330,7 @@
|
|
|
7269
7330
|
}
|
|
7270
7331
|
}
|
|
7271
7332
|
|
|
7272
|
-
/*! @azure/msal-common v16.
|
|
7333
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7273
7334
|
|
|
7274
7335
|
/*
|
|
7275
7336
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7290,7 +7351,7 @@
|
|
|
7290
7351
|
return new JoseHeaderError(code);
|
|
7291
7352
|
}
|
|
7292
7353
|
|
|
7293
|
-
/*! @azure/msal-common v16.
|
|
7354
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7294
7355
|
/*
|
|
7295
7356
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7296
7357
|
* Licensed under the MIT License.
|
|
@@ -7298,7 +7359,7 @@
|
|
|
7298
7359
|
const missingKidError = "missing_kid_error";
|
|
7299
7360
|
const missingAlgError = "missing_alg_error";
|
|
7300
7361
|
|
|
7301
|
-
/*! @azure/msal-common v16.
|
|
7362
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7302
7363
|
|
|
7303
7364
|
/*
|
|
7304
7365
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7338,7 +7399,7 @@
|
|
|
7338
7399
|
}
|
|
7339
7400
|
}
|
|
7340
7401
|
|
|
7341
|
-
/*! @azure/msal-common v16.
|
|
7402
|
+
/*! @azure/msal-common v16.3.0 2026-03-13 */
|
|
7342
7403
|
|
|
7343
7404
|
/*
|
|
7344
7405
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8772,9 +8833,13 @@
|
|
|
8772
8833
|
activeBridgeMonitor = null;
|
|
8773
8834
|
}
|
|
8774
8835
|
}
|
|
8775
|
-
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request) {
|
|
8836
|
+
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient) {
|
|
8776
8837
|
return new Promise((resolve, reject) => {
|
|
8777
8838
|
logger.verbose("1rf6em", request.correlationId);
|
|
8839
|
+
const correlationId = request.correlationId;
|
|
8840
|
+
performanceClient.addFields({
|
|
8841
|
+
redirectBridgeTimeoutMs: timeoutMs,
|
|
8842
|
+
}, correlationId);
|
|
8778
8843
|
const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
|
|
8779
8844
|
const channel = new BroadcastChannel(libraryState.id);
|
|
8780
8845
|
let responseString = undefined;
|
|
@@ -8792,6 +8857,12 @@
|
|
|
8792
8857
|
};
|
|
8793
8858
|
channel.onmessage = (event) => {
|
|
8794
8859
|
responseString = event.data.payload;
|
|
8860
|
+
const messageVersion = event?.data && typeof event.data.v === "number"
|
|
8861
|
+
? event.data.v
|
|
8862
|
+
: undefined;
|
|
8863
|
+
performanceClient.addFields({
|
|
8864
|
+
redirectBridgeMessageVersion: messageVersion,
|
|
8865
|
+
}, correlationId);
|
|
8795
8866
|
// Clear the active monitor
|
|
8796
8867
|
activeBridgeMonitor = null;
|
|
8797
8868
|
clearTimeout(timeoutId);
|
|
@@ -10211,7 +10282,7 @@
|
|
|
10211
10282
|
|
|
10212
10283
|
/* eslint-disable header/header */
|
|
10213
10284
|
const name = "@azure/msal-browser";
|
|
10214
|
-
const version = "5.
|
|
10285
|
+
const version = "5.5.0";
|
|
10215
10286
|
|
|
10216
10287
|
/*
|
|
10217
10288
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -11526,6 +11597,9 @@
|
|
|
11526
11597
|
: 0, base64Decode, undefined, // refreshOn
|
|
11527
11598
|
result.tokenType, undefined, // userAssertionHash
|
|
11528
11599
|
request.sshKid);
|
|
11600
|
+
if (request.resource) {
|
|
11601
|
+
accessTokenEntity.resource = request.resource;
|
|
11602
|
+
}
|
|
11529
11603
|
const cacheRecord = {
|
|
11530
11604
|
idToken: idTokenEntity,
|
|
11531
11605
|
accessToken: accessTokenEntity,
|
|
@@ -12078,6 +12152,7 @@
|
|
|
12078
12152
|
authority: discoveredAuthority,
|
|
12079
12153
|
clientCapabilities: this.config.auth.clientCapabilities,
|
|
12080
12154
|
redirectUri: this.config.auth.redirectUri,
|
|
12155
|
+
isMcp: this.config.auth.isMcp,
|
|
12081
12156
|
},
|
|
12082
12157
|
systemOptions: {
|
|
12083
12158
|
tokenRenewalOffsetSeconds: this.config.system.tokenRenewalOffsetSeconds,
|
|
@@ -12118,6 +12193,10 @@
|
|
|
12118
12193
|
*/
|
|
12119
12194
|
async function initializeAuthorizationRequest(request, interactionType, config, browserCrypto, browserStorage, logger, performanceClient, correlationId) {
|
|
12120
12195
|
const redirectUri = getRedirectUri(request.redirectUri, config.auth.redirectUri, logger, correlationId);
|
|
12196
|
+
if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
|
|
12197
|
+
logger.warning("08qbvw", correlationId);
|
|
12198
|
+
performanceClient.addFields({ isRedirectUriCrossOrigin: true }, correlationId);
|
|
12199
|
+
}
|
|
12121
12200
|
const browserState = {
|
|
12122
12201
|
interactionType: interactionType,
|
|
12123
12202
|
};
|
|
@@ -12795,6 +12874,7 @@
|
|
|
12795
12874
|
correlationId: this.correlationId,
|
|
12796
12875
|
state: response.state,
|
|
12797
12876
|
fromPlatformBroker: true,
|
|
12877
|
+
...(request.resource && { resource: request.resource }),
|
|
12798
12878
|
};
|
|
12799
12879
|
return result;
|
|
12800
12880
|
}
|
|
@@ -13523,6 +13603,7 @@
|
|
|
13523
13603
|
tenant: "",
|
|
13524
13604
|
},
|
|
13525
13605
|
instanceAware: false,
|
|
13606
|
+
isMcp: false,
|
|
13526
13607
|
};
|
|
13527
13608
|
// Default cache options for browser
|
|
13528
13609
|
const DEFAULT_CACHE_OPTIONS = {
|
|
@@ -13915,14 +13996,17 @@
|
|
|
13915
13996
|
initializePlatformDOMRequest(request) {
|
|
13916
13997
|
this.logger.trace("15d6yv", request.correlationId);
|
|
13917
13998
|
const { accountId, clientId, authority, scope, redirectUri, correlationId, state, storeInCache, embeddedClientId, extraParameters, ...remainingProperties } = request;
|
|
13918
|
-
const validExtraParameters = this.getDOMExtraParams(remainingProperties);
|
|
13999
|
+
const validExtraParameters = this.getDOMExtraParams(remainingProperties, correlationId);
|
|
13919
14000
|
const platformDOMRequest = {
|
|
13920
14001
|
accountId: accountId,
|
|
13921
14002
|
brokerId: this.getExtensionId(),
|
|
13922
14003
|
authority: authority,
|
|
13923
14004
|
clientId: clientId,
|
|
13924
14005
|
correlationId: correlationId || this.correlationId,
|
|
13925
|
-
extraParameters: {
|
|
14006
|
+
extraParameters: {
|
|
14007
|
+
...extraParameters,
|
|
14008
|
+
...validExtraParameters,
|
|
14009
|
+
},
|
|
13926
14010
|
isSecurityTokenService: false,
|
|
13927
14011
|
redirectUri: redirectUri,
|
|
13928
14012
|
scope: scope,
|
|
@@ -13976,15 +14060,27 @@
|
|
|
13976
14060
|
};
|
|
13977
14061
|
return nativeResponse;
|
|
13978
14062
|
}
|
|
13979
|
-
getDOMExtraParams(extraParameters) {
|
|
13980
|
-
|
|
13981
|
-
|
|
13982
|
-
|
|
13983
|
-
|
|
13984
|
-
|
|
13985
|
-
|
|
13986
|
-
|
|
13987
|
-
|
|
14063
|
+
getDOMExtraParams(extraParameters, correlationId) {
|
|
14064
|
+
try {
|
|
14065
|
+
const stringifiedProperties = {};
|
|
14066
|
+
for (const [key, value] of Object.entries(extraParameters)) {
|
|
14067
|
+
if (!value) {
|
|
14068
|
+
continue;
|
|
14069
|
+
}
|
|
14070
|
+
if (typeof value === "object") {
|
|
14071
|
+
stringifiedProperties[key] = JSON.stringify(value);
|
|
14072
|
+
}
|
|
14073
|
+
else {
|
|
14074
|
+
stringifiedProperties[key] = String(value);
|
|
14075
|
+
}
|
|
14076
|
+
}
|
|
14077
|
+
return stringifiedProperties;
|
|
14078
|
+
}
|
|
14079
|
+
catch (e) {
|
|
14080
|
+
this.logger.error("0eu9o3", correlationId);
|
|
14081
|
+
this.logger.errorPii("17rpl5", correlationId);
|
|
14082
|
+
return {};
|
|
14083
|
+
}
|
|
13988
14084
|
}
|
|
13989
14085
|
}
|
|
13990
14086
|
|
|
@@ -14228,7 +14324,7 @@
|
|
|
14228
14324
|
const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
|
|
14229
14325
|
this.eventHandler.emitEvent(EventType.POPUP_OPENED, correlationId, exports.InteractionType.Popup, { popupWindow }, null);
|
|
14230
14326
|
// Wait for the redirect bridge response
|
|
14231
|
-
const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
14327
|
+
const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
14232
14328
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14233
14329
|
return await invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
14234
14330
|
}
|
|
@@ -14263,7 +14359,7 @@
|
|
|
14263
14359
|
const form = await getEARForm(popupWindow.document, this.config, discoveredAuthority, popupRequest, this.logger, this.performanceClient);
|
|
14264
14360
|
form.submit();
|
|
14265
14361
|
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
14266
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest);
|
|
14362
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest, this.performanceClient);
|
|
14267
14363
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14268
14364
|
if (!serverParams.ear_jwe && serverParams.code) {
|
|
14269
14365
|
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, correlationId)({
|
|
@@ -14288,7 +14384,7 @@
|
|
|
14288
14384
|
const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
14289
14385
|
form.submit();
|
|
14290
14386
|
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
14291
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
14387
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
14292
14388
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14293
14389
|
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
14294
14390
|
}
|
|
@@ -14341,7 +14437,7 @@
|
|
|
14341
14437
|
// Open the popup window to requestUrl.
|
|
14342
14438
|
const popupWindow = this.openPopup(logoutUri, popupParams);
|
|
14343
14439
|
this.eventHandler.emitEvent(EventType.POPUP_OPENED, validRequest.correlationId, exports.InteractionType.Popup, { popupWindow }, null);
|
|
14344
|
-
await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest).catch(() => {
|
|
14440
|
+
await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest, this.performanceClient).catch(() => {
|
|
14345
14441
|
// Swallow any errors related to monitoring the window. Server logout is best effort
|
|
14346
14442
|
});
|
|
14347
14443
|
if (mainWindowRedirectUri) {
|
|
@@ -15089,7 +15185,7 @@
|
|
|
15089
15185
|
};
|
|
15090
15186
|
await invokeAsync(initiateEarRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, discoveredAuthority, silentRequest, this.logger, this.performanceClient);
|
|
15091
15187
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
15092
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
15188
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
15093
15189
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
15094
15190
|
if (!serverParams.ear_jwe && serverParams.code) {
|
|
15095
15191
|
// If server doesn't support EAR, they may fallback to auth code flow instead
|
|
@@ -15138,7 +15234,7 @@
|
|
|
15138
15234
|
}
|
|
15139
15235
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
15140
15236
|
// Wait for response from the redirect bridge.
|
|
15141
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
15237
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
15142
15238
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
15143
15239
|
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceCodes.verifier, this.apiId, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15144
15240
|
}
|
|
@@ -15291,6 +15387,22 @@
|
|
|
15291
15387
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
15292
15388
|
* Licensed under the MIT License.
|
|
15293
15389
|
*/
|
|
15390
|
+
/**
|
|
15391
|
+
* Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
|
|
15392
|
+
* @returns Network connection information, or an empty object if not available.
|
|
15393
|
+
*/
|
|
15394
|
+
function getNetworkInfo() {
|
|
15395
|
+
if (typeof window === "undefined" || !window.navigator) {
|
|
15396
|
+
return {};
|
|
15397
|
+
}
|
|
15398
|
+
const connection = "connection" in window.navigator
|
|
15399
|
+
? window.navigator.connection
|
|
15400
|
+
: undefined;
|
|
15401
|
+
return {
|
|
15402
|
+
effectiveType: connection?.effectiveType,
|
|
15403
|
+
rtt: connection?.rtt,
|
|
15404
|
+
};
|
|
15405
|
+
}
|
|
15294
15406
|
function collectInstanceStats(currentClientId, performanceEvent, logger, correlationId) {
|
|
15295
15407
|
const frameInstances =
|
|
15296
15408
|
// @ts-ignore
|
|
@@ -15310,12 +15422,13 @@
|
|
|
15310
15422
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
15311
15423
|
* Licensed under the MIT License.
|
|
15312
15424
|
*/
|
|
15313
|
-
function preflightCheck(initialized, performanceEvent,
|
|
15425
|
+
function preflightCheck(initialized, performanceEvent, config, request) {
|
|
15314
15426
|
try {
|
|
15315
15427
|
preflightCheck$1(initialized);
|
|
15428
|
+
enforceResourceParameter(config.auth.isMcp, request);
|
|
15316
15429
|
}
|
|
15317
15430
|
catch (e) {
|
|
15318
|
-
performanceEvent.end({ success: false }, e, account);
|
|
15431
|
+
performanceEvent.end({ success: false }, e, request.account);
|
|
15319
15432
|
throw e;
|
|
15320
15433
|
}
|
|
15321
15434
|
}
|
|
@@ -15416,6 +15529,7 @@
|
|
|
15416
15529
|
this.eventHandler.emitEvent(EventType.INITIALIZE_START, correlationId);
|
|
15417
15530
|
// Broker applications are initialized twice, so we avoid double-counting it
|
|
15418
15531
|
this.logMultipleInstances(initMeasurement, correlationId);
|
|
15532
|
+
initMeasurement.add({ isMcp: this.config.auth.isMcp });
|
|
15419
15533
|
await invokeAsync(this.browserStorage.initialize.bind(this.browserStorage), InitializeCache, this.logger, this.performanceClient, correlationId)(correlationId);
|
|
15420
15534
|
if (allowPlatformBroker) {
|
|
15421
15535
|
try {
|
|
@@ -15593,6 +15707,7 @@
|
|
|
15593
15707
|
};
|
|
15594
15708
|
try {
|
|
15595
15709
|
redirectPreflightCheck(this.initialized, this.config);
|
|
15710
|
+
enforceResourceParameter(this.config.auth.isMcp, request);
|
|
15596
15711
|
this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN);
|
|
15597
15712
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Redirect, request);
|
|
15598
15713
|
let result;
|
|
@@ -15657,7 +15772,7 @@
|
|
|
15657
15772
|
});
|
|
15658
15773
|
try {
|
|
15659
15774
|
this.logger.verbose("0ch87b", correlationId);
|
|
15660
|
-
preflightCheck(this.initialized, atPopupMeasurement, request
|
|
15775
|
+
preflightCheck(this.initialized, atPopupMeasurement, this.config, request);
|
|
15661
15776
|
this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN, request.overrideInteractionInProgress, correlationId);
|
|
15662
15777
|
}
|
|
15663
15778
|
catch (e) {
|
|
@@ -15771,7 +15886,7 @@
|
|
|
15771
15886
|
this.ssoSilentMeasurement?.add({
|
|
15772
15887
|
scenarioId: request.scenarioId,
|
|
15773
15888
|
});
|
|
15774
|
-
preflightCheck(this.initialized, this.ssoSilentMeasurement,
|
|
15889
|
+
preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
|
|
15775
15890
|
this.ssoSilentMeasurement?.increment({
|
|
15776
15891
|
visibilityChangeCount: 0,
|
|
15777
15892
|
});
|
|
@@ -15835,7 +15950,7 @@
|
|
|
15835
15950
|
const correlationId = this.getRequestCorrelationId(request);
|
|
15836
15951
|
this.logger.trace("0ch6ga", correlationId);
|
|
15837
15952
|
const atbcMeasurement = this.performanceClient.startMeasurement(AcquireTokenByCode, correlationId);
|
|
15838
|
-
preflightCheck(this.initialized, atbcMeasurement);
|
|
15953
|
+
preflightCheck(this.initialized, atbcMeasurement, this.config, request);
|
|
15839
15954
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Silent, request);
|
|
15840
15955
|
atbcMeasurement.add({ scenarioId: request.scenarioId });
|
|
15841
15956
|
try {
|
|
@@ -16337,7 +16452,7 @@
|
|
|
16337
16452
|
cacheLookupPolicy: request.cacheLookupPolicy,
|
|
16338
16453
|
scenarioId: request.scenarioId,
|
|
16339
16454
|
});
|
|
16340
|
-
preflightCheck(this.initialized, atsMeasurement, request
|
|
16455
|
+
preflightCheck(this.initialized, atsMeasurement, this.config, request);
|
|
16341
16456
|
this.logger.verbose("0x1c4s", correlationId);
|
|
16342
16457
|
const account = request.account || this.getActiveAccount();
|
|
16343
16458
|
if (!account) {
|
|
@@ -16793,6 +16908,7 @@
|
|
|
16793
16908
|
platformBrokerId: request.account?.homeAccountId,
|
|
16794
16909
|
clientId: this.clientId,
|
|
16795
16910
|
authority: request.authority,
|
|
16911
|
+
resource: request.resource,
|
|
16796
16912
|
scope: scopes.join(" "),
|
|
16797
16913
|
correlationId,
|
|
16798
16914
|
claims: !StringUtils.isEmptyObj(claims) ? claims : undefined,
|
|
@@ -17063,6 +17179,7 @@
|
|
|
17063
17179
|
const atPopupMeasurement = this.performanceClient.startMeasurement(AcquireTokenPopup, correlationId);
|
|
17064
17180
|
atPopupMeasurement.add({ nestedAppAuthRequest: true });
|
|
17065
17181
|
try {
|
|
17182
|
+
enforceResourceParameter(this.config.auth.isMcp, validRequest);
|
|
17066
17183
|
const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
|
|
17067
17184
|
const reqTimestamp = nowSeconds();
|
|
17068
17185
|
const response = await this.bridgeProxy.getTokenInteractive(naaRequest);
|
|
@@ -17129,6 +17246,7 @@
|
|
|
17129
17246
|
nestedAppAuthRequest: true,
|
|
17130
17247
|
});
|
|
17131
17248
|
try {
|
|
17249
|
+
enforceResourceParameter(this.config.auth.isMcp, validRequest);
|
|
17132
17250
|
const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
|
|
17133
17251
|
naaRequest.forceRefresh = validRequest.forceRefresh;
|
|
17134
17252
|
const reqTimestamp = nowSeconds();
|
|
@@ -17263,6 +17381,14 @@
|
|
|
17263
17381
|
this.logger.verbose("18egye", correlationId);
|
|
17264
17382
|
return Promise.resolve(null);
|
|
17265
17383
|
}
|
|
17384
|
+
else if (authRequest.resource) {
|
|
17385
|
+
const requestedResource = authRequest.resource;
|
|
17386
|
+
const cachedResource = cachedAccessToken.resource;
|
|
17387
|
+
if (!cachedResource || cachedResource !== requestedResource) {
|
|
17388
|
+
this.logger.verbose("0qraxd", correlationId);
|
|
17389
|
+
return Promise.resolve(null);
|
|
17390
|
+
}
|
|
17391
|
+
}
|
|
17266
17392
|
const cachedIdToken = this.browserStorage.getIdToken(currentAccount, authRequest.correlationId, tokenKeys, currentAccount.tenantId);
|
|
17267
17393
|
if (!cachedIdToken) {
|
|
17268
17394
|
this.logger.verbose("0d68kd", correlationId);
|
|
@@ -18432,11 +18558,14 @@
|
|
|
18432
18558
|
return {
|
|
18433
18559
|
...inProgressEvent,
|
|
18434
18560
|
end: (event, error, account) => {
|
|
18561
|
+
const networkInfo = getNetworkInfo();
|
|
18435
18562
|
const res = inProgressEvent.end({
|
|
18436
18563
|
...event,
|
|
18437
18564
|
startPageVisibility,
|
|
18438
18565
|
endPageVisibility: this.getPageVisibility(),
|
|
18439
18566
|
durationMs: getPerfDurationMs(startTime),
|
|
18567
|
+
networkEffectiveType: networkInfo.effectiveType,
|
|
18568
|
+
networkRtt: networkInfo.rtt,
|
|
18440
18569
|
}, error, account);
|
|
18441
18570
|
void browserMeasurement?.then((measurement) => measurement.endMeasurement());
|
|
18442
18571
|
this.deleteIncompleteSubMeasurements(inProgressEvent);
|
|
@@ -18608,6 +18737,7 @@
|
|
|
18608
18737
|
exports.WrapperSKU = WrapperSKU;
|
|
18609
18738
|
exports.createNestablePublicClientApplication = createNestablePublicClientApplication;
|
|
18610
18739
|
exports.createStandardPublicClientApplication = createStandardPublicClientApplication;
|
|
18740
|
+
exports.enforceResourceParameter = enforceResourceParameter;
|
|
18611
18741
|
exports.isPlatformBrokerAvailable = isPlatformBrokerAvailable;
|
|
18612
18742
|
exports.loadExternalTokens = loadExternalTokens;
|
|
18613
18743
|
exports.stubbedPublicClientApplication = stubbedPublicClientApplication;
|