@azure/msal-browser 5.4.0 → 5.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (422) hide show
  1. package/README.md +1 -0
  2. package/dist/app/IPublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientApplication.mjs +1 -1
  4. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
  7. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  8. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  9. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  10. package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
  11. package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
  12. package/dist/cache/AccountManager.mjs +1 -1
  13. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  14. package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
  15. package/dist/cache/BrowserCacheManager.mjs +4 -1
  16. package/dist/cache/BrowserCacheManager.mjs.map +1 -1
  17. package/dist/cache/CacheHelpers.mjs +1 -1
  18. package/dist/cache/CacheKeys.mjs +1 -1
  19. package/dist/cache/CookieStorage.mjs +1 -1
  20. package/dist/cache/DatabaseStorage.mjs +1 -1
  21. package/dist/cache/EncryptedData.mjs +1 -1
  22. package/dist/cache/LocalStorage.mjs +1 -1
  23. package/dist/cache/MemoryStorage.mjs +1 -1
  24. package/dist/cache/SessionStorage.mjs +1 -1
  25. package/dist/cache/TokenCache.mjs +1 -1
  26. package/dist/config/Configuration.d.ts +4 -0
  27. package/dist/config/Configuration.d.ts.map +1 -1
  28. package/dist/config/Configuration.mjs +2 -1
  29. package/dist/config/Configuration.mjs.map +1 -1
  30. package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
  31. package/dist/controllers/NestedAppAuthController.mjs +12 -2
  32. package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
  33. package/dist/controllers/StandardController.d.ts.map +1 -1
  34. package/dist/controllers/StandardController.mjs +11 -8
  35. package/dist/controllers/StandardController.mjs.map +1 -1
  36. package/dist/crypto/BrowserCrypto.mjs +1 -1
  37. package/dist/crypto/CryptoOps.mjs +1 -1
  38. package/dist/crypto/PkceGenerator.mjs +1 -1
  39. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  40. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  41. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  42. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  43. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
  44. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
  45. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  46. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  47. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
  48. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
  49. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  50. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  51. package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts.map +1 -1
  52. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +4 -1
  53. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs.map +1 -1
  54. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  55. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  56. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  57. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  58. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  59. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  60. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  61. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  62. package/dist/custom-auth-path/config/Configuration.d.ts +4 -0
  63. package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
  64. package/dist/custom-auth-path/config/Configuration.mjs +2 -1
  65. package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
  66. package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
  67. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  68. package/dist/custom-auth-path/controllers/StandardController.mjs +11 -8
  69. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  70. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  71. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  72. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  74. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  166. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  167. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  169. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  170. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  171. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  172. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  173. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  174. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  175. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  176. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  177. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  178. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  179. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  180. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  181. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  182. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  183. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  184. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  185. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  186. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  187. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  188. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  189. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  190. package/dist/custom-auth-path/index.d.ts +1 -1
  191. package/dist/custom-auth-path/index.d.ts.map +1 -1
  192. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  193. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  194. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  195. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
  196. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  197. package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
  198. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +5 -5
  199. package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
  200. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  201. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  202. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  203. package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
  204. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +3 -3
  205. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
  206. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  207. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  208. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +6 -1
  209. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
  210. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  211. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
  212. package/dist/custom-auth-path/log-strings-mapping.json +19 -3
  213. package/dist/custom-auth-path/naa/TokenRequest.d.ts +1 -0
  214. package/dist/custom-auth-path/naa/TokenRequest.d.ts.map +1 -1
  215. package/dist/custom-auth-path/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  216. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  217. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  218. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  219. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  220. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  221. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  222. package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
  223. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  224. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  225. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  226. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +1 -1
  227. package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  228. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  229. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  230. package/dist/custom-auth-path/utils/BrowserUtils.d.ts +2 -2
  231. package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
  232. package/dist/custom-auth-path/utils/BrowserUtils.mjs +12 -2
  233. package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
  234. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  235. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
  236. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  237. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
  238. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
  239. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  240. package/dist/encode/Base64Decode.mjs +1 -1
  241. package/dist/encode/Base64Encode.mjs +1 -1
  242. package/dist/error/BrowserAuthError.mjs +1 -1
  243. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  244. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  245. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  246. package/dist/error/NativeAuthError.mjs +1 -1
  247. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  248. package/dist/error/NestedAppAuthError.mjs +1 -1
  249. package/dist/event/EventHandler.mjs +1 -1
  250. package/dist/event/EventMessage.mjs +1 -1
  251. package/dist/event/EventType.mjs +1 -1
  252. package/dist/index.d.ts +1 -1
  253. package/dist/index.d.ts.map +1 -1
  254. package/dist/index.mjs +2 -2
  255. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  256. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  257. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  258. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
  259. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  260. package/dist/interaction_client/PopupClient.d.ts.map +1 -1
  261. package/dist/interaction_client/PopupClient.mjs +5 -5
  262. package/dist/interaction_client/PopupClient.mjs.map +1 -1
  263. package/dist/interaction_client/RedirectClient.mjs +1 -1
  264. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  265. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  266. package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
  267. package/dist/interaction_client/SilentIframeClient.mjs +3 -3
  268. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  269. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  270. package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  271. package/dist/interaction_client/StandardInteractionClient.mjs +6 -1
  272. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  273. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  274. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  275. package/dist/log-strings-mapping.json +23 -7
  276. package/dist/naa/BridgeError.mjs +1 -1
  277. package/dist/naa/BridgeProxy.mjs +1 -1
  278. package/dist/naa/BridgeStatusCode.mjs +1 -1
  279. package/dist/naa/TokenRequest.d.ts +1 -0
  280. package/dist/naa/TokenRequest.d.ts.map +1 -1
  281. package/dist/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  282. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +2 -1
  283. package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
  284. package/dist/navigation/NavigationClient.mjs +1 -1
  285. package/dist/network/FetchClient.mjs +1 -1
  286. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  287. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  288. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  289. package/dist/packageMetadata.d.ts +1 -1
  290. package/dist/packageMetadata.mjs +2 -2
  291. package/dist/protocol/Authorize.mjs +1 -1
  292. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  293. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
  294. package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
  295. package/dist/redirect-bridge/cache/BrowserCacheManager.d.ts.map +1 -1
  296. package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
  297. package/dist/redirect-bridge/config/Configuration.d.ts +4 -0
  298. package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
  299. package/dist/redirect-bridge/config/Configuration.mjs +1 -1
  300. package/dist/redirect-bridge/controllers/NestedAppAuthController.d.ts.map +1 -1
  301. package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
  302. package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
  303. package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
  304. package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
  305. package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
  306. package/dist/redirect-bridge/index.d.ts +1 -1
  307. package/dist/redirect-bridge/index.d.ts.map +1 -1
  308. package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  309. package/dist/redirect-bridge/interaction_client/PopupClient.d.ts.map +1 -1
  310. package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
  311. package/dist/redirect-bridge/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  312. package/dist/redirect-bridge/naa/TokenRequest.d.ts +1 -0
  313. package/dist/redirect-bridge/naa/TokenRequest.d.ts.map +1 -1
  314. package/dist/redirect-bridge/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  315. package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
  316. package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
  317. package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
  318. package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  319. package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
  320. package/dist/redirect-bridge/utils/BrowserUtils.d.ts +2 -2
  321. package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -1
  322. package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
  323. package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -1
  324. package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts +10 -0
  325. package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  326. package/dist/request/RequestHelpers.mjs +1 -1
  327. package/dist/response/ResponseHandler.mjs +1 -1
  328. package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  329. package/dist/telemetry/BrowserPerformanceClient.mjs +5 -1
  330. package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
  331. package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
  332. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  333. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  334. package/dist/utils/BrowserConstants.mjs +1 -1
  335. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  336. package/dist/utils/BrowserUtils.d.ts +2 -2
  337. package/dist/utils/BrowserUtils.d.ts.map +1 -1
  338. package/dist/utils/BrowserUtils.mjs +12 -2
  339. package/dist/utils/BrowserUtils.mjs.map +1 -1
  340. package/dist/utils/Helpers.mjs +1 -1
  341. package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
  342. package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  343. package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
  344. package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
  345. package/lib/custom-auth-path/log-strings-mapping.json +19 -3
  346. package/lib/custom-auth-path/msal-custom-auth.cjs +190 -92
  347. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  348. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  349. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
  350. package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
  351. package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts.map +1 -1
  352. package/lib/custom-auth-path/types/config/Configuration.d.ts +4 -0
  353. package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
  354. package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  355. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  356. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  357. package/lib/custom-auth-path/types/index.d.ts +1 -1
  358. package/lib/custom-auth-path/types/index.d.ts.map +1 -1
  359. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  360. package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
  361. package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  362. package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  363. package/lib/custom-auth-path/types/naa/TokenRequest.d.ts +1 -0
  364. package/lib/custom-auth-path/types/naa/TokenRequest.d.ts.map +1 -1
  365. package/lib/custom-auth-path/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  366. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  367. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  368. package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +2 -2
  369. package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
  370. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  371. package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  372. package/lib/log-strings-mapping.json +23 -7
  373. package/lib/msal-browser.cjs +224 -94
  374. package/lib/msal-browser.cjs.map +1 -1
  375. package/lib/msal-browser.js +224 -94
  376. package/lib/msal-browser.js.map +1 -1
  377. package/lib/msal-browser.min.js +2 -2
  378. package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
  379. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
  380. package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
  381. package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
  382. package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
  383. package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
  384. package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
  385. package/lib/types/config/Configuration.d.ts +4 -0
  386. package/lib/types/config/Configuration.d.ts.map +1 -1
  387. package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  388. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  389. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  390. package/lib/types/index.d.ts +1 -1
  391. package/lib/types/index.d.ts.map +1 -1
  392. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  393. package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
  394. package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  395. package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  396. package/lib/types/naa/TokenRequest.d.ts +1 -0
  397. package/lib/types/naa/TokenRequest.d.ts.map +1 -1
  398. package/lib/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
  399. package/lib/types/packageMetadata.d.ts +1 -1
  400. package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  401. package/lib/types/utils/BrowserUtils.d.ts +2 -2
  402. package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
  403. package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
  404. package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
  405. package/package.json +2 -2
  406. package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +34 -17
  407. package/src/broker/nativeBroker/PlatformAuthRequest.ts +1 -0
  408. package/src/cache/BrowserCacheManager.ts +4 -0
  409. package/src/config/Configuration.ts +5 -0
  410. package/src/controllers/NestedAppAuthController.ts +14 -0
  411. package/src/controllers/StandardController.ts +13 -6
  412. package/src/index.ts +1 -0
  413. package/src/interaction_client/PlatformAuthInteractionClient.ts +1 -0
  414. package/src/interaction_client/PopupClient.ts +8 -4
  415. package/src/interaction_client/SilentIframeClient.ts +4 -2
  416. package/src/interaction_client/StandardInteractionClient.ts +11 -0
  417. package/src/naa/TokenRequest.ts +1 -0
  418. package/src/naa/mapping/NestedAppAuthAdapter.ts +1 -0
  419. package/src/packageMetadata.ts +1 -1
  420. package/src/telemetry/BrowserPerformanceClient.ts +4 -0
  421. package/src/utils/BrowserUtils.ts +24 -1
  422. package/src/utils/MsalFrameStatsUtils.ts +27 -0
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-browser v5.4.0 2026-03-02 */
1
+ /*! @azure/msal-browser v5.5.0 2026-03-13 */
2
2
  'use strict';
3
3
  (function (global, factory) {
4
4
  typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
@@ -6,7 +6,7 @@
6
6
  (global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
7
7
  })(this, (function (exports) { 'use strict';
8
8
 
9
- /*! @azure/msal-common v16.2.0 2026-03-02 */
9
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
10
10
  /*
11
11
  * Copyright (c) Microsoft Corporation. All rights reserved.
12
12
  * Licensed under the MIT License.
@@ -238,7 +238,7 @@
238
238
  // Token renewal offset default in seconds
239
239
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
240
240
 
241
- /*! @azure/msal-common v16.2.0 2026-03-02 */
241
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
242
242
  /*
243
243
  * Copyright (c) Microsoft Corporation. All rights reserved.
244
244
  * Licensed under the MIT License.
@@ -286,9 +286,10 @@
286
286
  const BROKER_REDIRECT_URI = "brk_redirect_uri";
287
287
  const INSTANCE_AWARE = "instance_aware";
288
288
  const EAR_JWK = "ear_jwk";
289
- const EAR_JWE_CRYPTO = "ear_jwe_crypto";
289
+ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
290
+ const RESOURCE = "resource";
290
291
 
291
- /*! @azure/msal-common v16.2.0 2026-03-02 */
292
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
292
293
  /*
293
294
  * Copyright (c) Microsoft Corporation. All rights reserved.
294
295
  * Licensed under the MIT License.
@@ -319,7 +320,7 @@
319
320
  return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
320
321
  }
321
322
 
322
- /*! @azure/msal-common v16.2.0 2026-03-02 */
323
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
323
324
 
324
325
  /*
325
326
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -339,7 +340,7 @@
339
340
  return new ClientConfigurationError(errorCode);
340
341
  }
341
342
 
342
- /*! @azure/msal-common v16.2.0 2026-03-02 */
343
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
343
344
  /*
344
345
  * Copyright (c) Microsoft Corporation. All rights reserved.
345
346
  * Licensed under the MIT License.
@@ -419,7 +420,7 @@
419
420
  }
420
421
  }
421
422
 
422
- /*! @azure/msal-common v16.2.0 2026-03-02 */
423
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
423
424
 
424
425
  /*
425
426
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -442,7 +443,7 @@
442
443
  return new ClientAuthError(errorCode, additionalMessage);
443
444
  }
444
445
 
445
- /*! @azure/msal-common v16.2.0 2026-03-02 */
446
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
446
447
  /*
447
448
  * Copyright (c) Microsoft Corporation. All rights reserved.
448
449
  * Licensed under the MIT License.
@@ -496,7 +497,7 @@
496
497
  urlParseError: urlParseError
497
498
  });
498
499
 
499
- /*! @azure/msal-common v16.2.0 2026-03-02 */
500
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
500
501
  /*
501
502
  * Copyright (c) Microsoft Corporation. All rights reserved.
502
503
  * Licensed under the MIT License.
@@ -537,7 +538,9 @@
537
538
  const userCanceled = "user_canceled";
538
539
  const methodNotImplemented = "method_not_implemented";
539
540
  const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
540
- const platformBrokerError = "platform_broker_error";
541
+ const platformBrokerError = "platform_broker_error";
542
+ const resourceParameterRequired = "resource_parameter_required";
543
+ const misplacedResourceParam = "misplaced_resource_parameter";
541
544
 
542
545
  var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
543
546
  __proto__: null,
@@ -558,6 +561,7 @@
558
561
  keyIdMissing: keyIdMissing,
559
562
  maxAgeTranspired: maxAgeTranspired,
560
563
  methodNotImplemented: methodNotImplemented,
564
+ misplacedResourceParam: misplacedResourceParam,
561
565
  multipleMatchingAppMetadata: multipleMatchingAppMetadata,
562
566
  multipleMatchingTokens: multipleMatchingTokens,
563
567
  nestedAppAuthBridgeDisabled: nestedAppAuthBridgeDisabled,
@@ -571,6 +575,7 @@
571
575
  openIdConfigError: openIdConfigError,
572
576
  platformBrokerError: platformBrokerError,
573
577
  requestCannotBeMade: requestCannotBeMade,
578
+ resourceParameterRequired: resourceParameterRequired,
574
579
  stateMismatch: stateMismatch,
575
580
  stateNotFound: stateNotFound,
576
581
  tokenClaimsCnfRequiredForSignedJwt: tokenClaimsCnfRequiredForSignedJwt,
@@ -580,7 +585,7 @@
580
585
  userCanceled: userCanceled
581
586
  });
582
587
 
583
- /*! @azure/msal-common v16.2.0 2026-03-02 */
588
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
584
589
 
585
590
  /*
586
591
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -775,7 +780,7 @@
775
780
  }
776
781
  }
777
782
 
778
- /*! @azure/msal-common v16.2.0 2026-03-02 */
783
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
779
784
 
780
785
  /*
781
786
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1140,9 +1145,14 @@
1140
1145
  // ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
1141
1146
  const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
1142
1147
  parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
1148
+ }
1149
+ function addResource(parameters, resource) {
1150
+ if (resource) {
1151
+ parameters.set(RESOURCE, resource);
1152
+ }
1143
1153
  }
1144
1154
 
1145
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1155
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1146
1156
 
1147
1157
  /*
1148
1158
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1251,7 +1261,7 @@
1251
1261
  }
1252
1262
  }
1253
1263
 
1254
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1264
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1255
1265
 
1256
1266
  /*
1257
1267
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1290,7 +1300,7 @@
1290
1300
  },
1291
1301
  };
1292
1302
 
1293
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1303
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1294
1304
  /*
1295
1305
  * Copyright (c) Microsoft Corporation. All rights reserved.
1296
1306
  * Licensed under the MIT License.
@@ -1565,12 +1575,12 @@
1565
1575
  }
1566
1576
  }
1567
1577
 
1568
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1578
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1569
1579
  /* eslint-disable header/header */
1570
1580
  const name$1 = "@azure/msal-common";
1571
- const version$1 = "16.2.0";
1581
+ const version$1 = "16.3.0";
1572
1582
 
1573
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1583
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1574
1584
  /*
1575
1585
  * Copyright (c) Microsoft Corporation. All rights reserved.
1576
1586
  * Licensed under the MIT License.
@@ -1590,7 +1600,7 @@
1590
1600
  AzureUsGovernment: "https://login.microsoftonline.us",
1591
1601
  };
1592
1602
 
1593
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1603
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1594
1604
  /*
1595
1605
  * Copyright (c) Microsoft Corporation. All rights reserved.
1596
1606
  * Licensed under the MIT License.
@@ -1672,7 +1682,7 @@
1672
1682
  return updatedAccountInfo;
1673
1683
  }
1674
1684
 
1675
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1685
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1676
1686
 
1677
1687
  /*
1678
1688
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1752,7 +1762,7 @@
1752
1762
  }
1753
1763
  }
1754
1764
 
1755
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1765
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1756
1766
 
1757
1767
  /*
1758
1768
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1909,7 +1919,7 @@
1909
1919
  }
1910
1920
  }
1911
1921
 
1912
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1922
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
1913
1923
 
1914
1924
  /*
1915
1925
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2066,7 +2076,7 @@
2066
2076
  return null;
2067
2077
  }
2068
2078
 
2069
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2079
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2070
2080
  /*
2071
2081
  * Copyright (c) Microsoft Corporation. All rights reserved.
2072
2082
  * Licensed under the MIT License.
@@ -2074,7 +2084,7 @@
2074
2084
  const cacheQuotaExceeded = "cache_quota_exceeded";
2075
2085
  const cacheErrorUnknown = "cache_error_unknown";
2076
2086
 
2077
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2087
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2078
2088
 
2079
2089
  /*
2080
2090
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2112,7 +2122,7 @@
2112
2122
  }
2113
2123
  }
2114
2124
 
2115
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2125
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2116
2126
 
2117
2127
  /*
2118
2128
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2150,7 +2160,7 @@
2150
2160
  };
2151
2161
  }
2152
2162
 
2153
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2163
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2154
2164
  /*
2155
2165
  * Copyright (c) Microsoft Corporation. All rights reserved.
2156
2166
  * Licensed under the MIT License.
@@ -2165,7 +2175,7 @@
2165
2175
  Ciam: 3,
2166
2176
  };
2167
2177
 
2168
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2178
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2169
2179
  /*
2170
2180
  * Copyright (c) Microsoft Corporation. All rights reserved.
2171
2181
  * Licensed under the MIT License.
@@ -2187,7 +2197,7 @@
2187
2197
  return null;
2188
2198
  }
2189
2199
 
2190
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2200
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2191
2201
  /*
2192
2202
  * Copyright (c) Microsoft Corporation. All rights reserved.
2193
2203
  * Licensed under the MIT License.
@@ -2211,7 +2221,7 @@
2211
2221
  EAR: "EAR",
2212
2222
  };
2213
2223
 
2214
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2224
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2215
2225
  /**
2216
2226
  * Returns the AccountInfo interface for this account.
2217
2227
  */
@@ -2386,7 +2396,7 @@
2386
2396
  entity.hasOwnProperty("authorityType"));
2387
2397
  }
2388
2398
 
2389
- /*! @azure/msal-common v16.2.0 2026-03-02 */
2399
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2390
2400
 
2391
2401
  /*
2392
2402
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3483,7 +3493,7 @@
3483
3493
  }
3484
3494
  }
3485
3495
 
3486
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3496
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3487
3497
  /*
3488
3498
  * Copyright (c) Microsoft Corporation. All rights reserved.
3489
3499
  * Licensed under the MIT License.
@@ -3528,9 +3538,12 @@
3528
3538
  "currRefreshCount",
3529
3539
  "expiredCacheRemovedCount",
3530
3540
  "upgradedCacheCount",
3541
+ "networkRtt",
3542
+ "redirectBridgeTimeoutMs",
3543
+ "redirectBridgeMessageVersion",
3531
3544
  ]);
3532
3545
 
3533
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3546
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3534
3547
 
3535
3548
  /*
3536
3549
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3585,7 +3598,7 @@
3585
3598
  }
3586
3599
  }
3587
3600
 
3588
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3601
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3589
3602
 
3590
3603
  /*
3591
3604
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3668,6 +3681,7 @@
3668
3681
  clientCapabilities: [],
3669
3682
  azureCloudOptions: DEFAULT_AZURE_CLOUD_OPTIONS,
3670
3683
  instanceAware: false,
3684
+ isMcp: false,
3671
3685
  ...authOptions,
3672
3686
  };
3673
3687
  }
@@ -3679,7 +3693,7 @@
3679
3693
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3680
3694
  }
3681
3695
 
3682
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3696
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3683
3697
 
3684
3698
  /*
3685
3699
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3698,7 +3712,7 @@
3698
3712
  }
3699
3713
  }
3700
3714
 
3701
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3715
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3702
3716
  /*
3703
3717
  * Copyright (c) Microsoft Corporation. All rights reserved.
3704
3718
  * Licensed under the MIT License.
@@ -3762,7 +3776,7 @@
3762
3776
  uxNotAllowed: uxNotAllowed
3763
3777
  });
3764
3778
 
3765
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3779
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3766
3780
 
3767
3781
  /*
3768
3782
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3830,7 +3844,7 @@
3830
3844
  return new InteractionRequiredAuthError(errorCode, errorMessage);
3831
3845
  }
3832
3846
 
3833
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3847
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3834
3848
 
3835
3849
  /*
3836
3850
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3898,7 +3912,7 @@
3898
3912
  }
3899
3913
  }
3900
3914
 
3901
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3915
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3902
3916
  /*
3903
3917
  * Copyright (c) Microsoft Corporation. All rights reserved.
3904
3918
  * Licensed under the MIT License.
@@ -3963,7 +3977,7 @@
3963
3977
  return cachedAtSec > nowSeconds();
3964
3978
  }
3965
3979
 
3966
- /*! @azure/msal-common v16.2.0 2026-03-02 */
3980
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
3967
3981
  /*
3968
3982
  * Copyright (c) Microsoft Corporation. All rights reserved.
3969
3983
  * Licensed under the MIT License.
@@ -4034,7 +4048,7 @@
4034
4048
  const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
4035
4049
  const SetUserData = "setUserData";
4036
4050
 
4037
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4051
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4038
4052
  /*
4039
4053
  * Copyright (c) Microsoft Corporation. All rights reserved.
4040
4054
  * Licensed under the MIT License.
@@ -4127,7 +4141,7 @@
4127
4141
  };
4128
4142
  };
4129
4143
 
4130
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4144
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4131
4145
 
4132
4146
  /*
4133
4147
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4207,7 +4221,7 @@
4207
4221
  }
4208
4222
  }
4209
4223
 
4210
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4224
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4211
4225
  /*
4212
4226
  * Copyright (c) Microsoft Corporation. All rights reserved.
4213
4227
  * Licensed under the MIT License.
@@ -4234,7 +4248,7 @@
4234
4248
  }
4235
4249
  }
4236
4250
 
4237
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4251
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4238
4252
 
4239
4253
  /*
4240
4254
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4493,7 +4507,7 @@
4493
4507
  return metadata.expiresAt <= nowSeconds();
4494
4508
  }
4495
4509
 
4496
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4510
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4497
4511
 
4498
4512
  /*
4499
4513
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4678,6 +4692,11 @@
4678
4692
  : undefined;
4679
4693
  // non AAD scenarios can have empty realm
4680
4694
  cachedAccessToken = createAccessTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.access_token, this.clientId, claimsTenantId || authority.tenant || "", responseScopes.printScopes(), tokenExpirationSeconds, extendedTokenExpirationSeconds, this.cryptoObj.base64Decode, refreshOnSeconds, serverTokenResponse.token_type, userAssertionHash, serverTokenResponse.key_id);
4695
+ // Set resource (to be used for MCP scenarios)
4696
+ const resource = request.resource || null;
4697
+ if (resource) {
4698
+ cachedAccessToken.resource = resource;
4699
+ }
4681
4700
  }
4682
4701
  // refreshToken
4683
4702
  let cachedRefreshToken = null;
@@ -4829,7 +4848,7 @@
4829
4848
  return baseAccount;
4830
4849
  }
4831
4850
 
4832
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4851
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4833
4852
  /*
4834
4853
  * Copyright (c) Microsoft Corporation. All rights reserved.
4835
4854
  * Licensed under the MIT License.
@@ -4839,7 +4858,7 @@
4839
4858
  UPN: "UPN",
4840
4859
  };
4841
4860
 
4842
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4861
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4843
4862
  /*
4844
4863
  * Copyright (c) Microsoft Corporation. All rights reserved.
4845
4864
  * Licensed under the MIT License.
@@ -4857,7 +4876,7 @@
4857
4876
  }
4858
4877
  }
4859
4878
 
4860
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4879
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4861
4880
  /*
4862
4881
  * Copyright (c) Microsoft Corporation. All rights reserved.
4863
4882
  * Licensed under the MIT License.
@@ -4878,7 +4897,7 @@
4878
4897
  };
4879
4898
  }
4880
4899
 
4881
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4900
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4882
4901
 
4883
4902
  /*
4884
4903
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4964,7 +4983,7 @@
4964
4983
  }
4965
4984
  }
4966
4985
 
4967
- /*! @azure/msal-common v16.2.0 2026-03-02 */
4986
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4968
4987
 
4969
4988
  /*
4970
4989
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4995,7 +5014,7 @@
4995
5014
  return new NetworkError(error, httpStatus, responseHeaders);
4996
5015
  }
4997
5016
 
4998
- /*! @azure/msal-common v16.2.0 2026-03-02 */
5017
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
4999
5018
 
5000
5019
  /*
5001
5020
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5109,7 +5128,7 @@
5109
5128
  return response;
5110
5129
  }
5111
5130
 
5112
- /*! @azure/msal-common v16.2.0 2026-03-02 */
5131
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
5113
5132
  /*
5114
5133
  * Copyright (c) Microsoft Corporation. All rights reserved.
5115
5134
  * Licensed under the MIT License.
@@ -5121,7 +5140,7 @@
5121
5140
  response.hasOwnProperty("jwks_uri"));
5122
5141
  }
5123
5142
 
5124
- /*! @azure/msal-common v16.2.0 2026-03-02 */
5143
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
5125
5144
  /*
5126
5145
  * Copyright (c) Microsoft Corporation. All rights reserved.
5127
5146
  * Licensed under the MIT License.
@@ -5131,7 +5150,7 @@
5131
5150
  response.hasOwnProperty("metadata"));
5132
5151
  }
5133
5152
 
5134
- /*! @azure/msal-common v16.2.0 2026-03-02 */
5153
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
5135
5154
  /*
5136
5155
  * Copyright (c) Microsoft Corporation. All rights reserved.
5137
5156
  * Licensed under the MIT License.
@@ -5141,7 +5160,7 @@
5141
5160
  response.hasOwnProperty("error_description"));
5142
5161
  }
5143
5162
 
5144
- /*! @azure/msal-common v16.2.0 2026-03-02 */
5163
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
5145
5164
 
5146
5165
  /*
5147
5166
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5246,7 +5265,7 @@
5246
5265
  },
5247
5266
  };
5248
5267
 
5249
- /*! @azure/msal-common v16.2.0 2026-03-02 */
5268
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
5250
5269
 
5251
5270
  /*
5252
5271
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6066,7 +6085,7 @@
6066
6085
  };
6067
6086
  }
6068
6087
 
6069
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6088
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6070
6089
 
6071
6090
  /*
6072
6091
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6100,7 +6119,7 @@
6100
6119
  }
6101
6120
  }
6102
6121
 
6103
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6122
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6104
6123
 
6105
6124
  /*
6106
6125
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6220,6 +6239,7 @@
6220
6239
  }
6221
6240
  // Add scope array, parameter builder will add default scopes and dedupe
6222
6241
  addScopes(parameters, request.scopes, true, this.oidcDefaultScopes);
6242
+ addResource(parameters, request.resource);
6223
6243
  // add code: user set, not validated
6224
6244
  addAuthorizationCode(parameters, request.code);
6225
6245
  // Add library metadata
@@ -6360,7 +6380,7 @@
6360
6380
  }
6361
6381
  }
6362
6382
 
6363
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6383
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6364
6384
 
6365
6385
  /*
6366
6386
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6585,7 +6605,7 @@
6585
6605
  }
6586
6606
  }
6587
6607
 
6588
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6608
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6589
6609
 
6590
6610
  /*
6591
6611
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6641,6 +6661,13 @@
6641
6661
  this.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED, request.correlationId);
6642
6662
  throw createClientAuthError(tokenRefreshRequired);
6643
6663
  }
6664
+ else if (request.resource) {
6665
+ // cached access token must have a resource that matches the request resource for MCP scenarios
6666
+ if (cachedAccessToken.resource !== request.resource) {
6667
+ this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
6668
+ throw createClientAuthError(tokenRefreshRequired);
6669
+ }
6670
+ }
6644
6671
  else if (cachedAccessToken.refreshOn &&
6645
6672
  isTokenExpired(cachedAccessToken.refreshOn, 0)) {
6646
6673
  // must refresh (in the background) due to the refresh_in value
@@ -6694,7 +6721,7 @@
6694
6721
  }
6695
6722
  }
6696
6723
 
6697
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6724
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6698
6725
 
6699
6726
  /*
6700
6727
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6709,7 +6736,7 @@
6709
6736
  },
6710
6737
  };
6711
6738
 
6712
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6739
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6713
6740
 
6714
6741
  /*
6715
6742
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6735,6 +6762,7 @@
6735
6762
  ...(request.extraScopesToConsent || []),
6736
6763
  ];
6737
6764
  addScopes(parameters, requestScopes, true, authOptions.authority.options.OIDCOptions?.defaultScopes);
6765
+ addResource(parameters, request.resource);
6738
6766
  addRedirectUri(parameters, request.redirectUri);
6739
6767
  addCorrelationId(parameters, correlationId);
6740
6768
  // add response_mode. If not passed in it defaults to query.
@@ -6933,7 +6961,40 @@
6933
6961
  return account.loginHint || account.idTokenClaims?.login_hint || null;
6934
6962
  }
6935
6963
 
6936
- /*! @azure/msal-common v16.2.0 2026-03-02 */
6964
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6965
+
6966
+ /*
6967
+ * Copyright (c) Microsoft Corporation. All rights reserved.
6968
+ * Licensed under the MIT License.
6969
+ */
6970
+ /**
6971
+ * Helper to enforce resource parameter presence in token requests when isMcp is set in the configuration.
6972
+ * If resource parameter is set in both the request and in extraQueryParameters or extraParameters, an error will be thrown.
6973
+ * This is used for MCP flows.
6974
+ * @param isMcp - Flag indicating if application is an MCP app, from configuration
6975
+ * @param request - Auth request
6976
+ */
6977
+ function enforceResourceParameter(isMcp, request) {
6978
+ if (!isMcp) {
6979
+ return;
6980
+ }
6981
+ if (request.resource &&
6982
+ (containsResourceParam(request.extraParameters) ||
6983
+ containsResourceParam(request.extraQueryParameters))) {
6984
+ throw createClientAuthError(misplacedResourceParam);
6985
+ }
6986
+ if (!request.resource) {
6987
+ throw createClientAuthError(resourceParameterRequired);
6988
+ }
6989
+ }
6990
+ function containsResourceParam(params) {
6991
+ if (!params) {
6992
+ return false;
6993
+ }
6994
+ return Object.prototype.hasOwnProperty.call(params, "resource");
6995
+ }
6996
+
6997
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6937
6998
 
6938
6999
  /*
6939
7000
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6991,7 +7052,7 @@
6991
7052
  }
6992
7053
  }
6993
7054
 
6994
- /*! @azure/msal-common v16.2.0 2026-03-02 */
7055
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
6995
7056
  /*
6996
7057
  * Copyright (c) Microsoft Corporation. All rights reserved.
6997
7058
  * Licensed under the MIT License.
@@ -7008,7 +7069,7 @@
7008
7069
  unexpectedError: unexpectedError
7009
7070
  });
7010
7071
 
7011
- /*! @azure/msal-common v16.2.0 2026-03-02 */
7072
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
7012
7073
 
7013
7074
  /*
7014
7075
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7269,7 +7330,7 @@
7269
7330
  }
7270
7331
  }
7271
7332
 
7272
- /*! @azure/msal-common v16.2.0 2026-03-02 */
7333
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
7273
7334
 
7274
7335
  /*
7275
7336
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7290,7 +7351,7 @@
7290
7351
  return new JoseHeaderError(code);
7291
7352
  }
7292
7353
 
7293
- /*! @azure/msal-common v16.2.0 2026-03-02 */
7354
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
7294
7355
  /*
7295
7356
  * Copyright (c) Microsoft Corporation. All rights reserved.
7296
7357
  * Licensed under the MIT License.
@@ -7298,7 +7359,7 @@
7298
7359
  const missingKidError = "missing_kid_error";
7299
7360
  const missingAlgError = "missing_alg_error";
7300
7361
 
7301
- /*! @azure/msal-common v16.2.0 2026-03-02 */
7362
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
7302
7363
 
7303
7364
  /*
7304
7365
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7338,7 +7399,7 @@
7338
7399
  }
7339
7400
  }
7340
7401
 
7341
- /*! @azure/msal-common v16.2.0 2026-03-02 */
7402
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
7342
7403
 
7343
7404
  /*
7344
7405
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8772,9 +8833,13 @@
8772
8833
  activeBridgeMonitor = null;
8773
8834
  }
8774
8835
  }
8775
- async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request) {
8836
+ async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient) {
8776
8837
  return new Promise((resolve, reject) => {
8777
8838
  logger.verbose("1rf6em", request.correlationId);
8839
+ const correlationId = request.correlationId;
8840
+ performanceClient.addFields({
8841
+ redirectBridgeTimeoutMs: timeoutMs,
8842
+ }, correlationId);
8778
8843
  const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
8779
8844
  const channel = new BroadcastChannel(libraryState.id);
8780
8845
  let responseString = undefined;
@@ -8792,6 +8857,12 @@
8792
8857
  };
8793
8858
  channel.onmessage = (event) => {
8794
8859
  responseString = event.data.payload;
8860
+ const messageVersion = event?.data && typeof event.data.v === "number"
8861
+ ? event.data.v
8862
+ : undefined;
8863
+ performanceClient.addFields({
8864
+ redirectBridgeMessageVersion: messageVersion,
8865
+ }, correlationId);
8795
8866
  // Clear the active monitor
8796
8867
  activeBridgeMonitor = null;
8797
8868
  clearTimeout(timeoutId);
@@ -10211,7 +10282,7 @@
10211
10282
 
10212
10283
  /* eslint-disable header/header */
10213
10284
  const name = "@azure/msal-browser";
10214
- const version = "5.4.0";
10285
+ const version = "5.5.0";
10215
10286
 
10216
10287
  /*
10217
10288
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -11526,6 +11597,9 @@
11526
11597
  : 0, base64Decode, undefined, // refreshOn
11527
11598
  result.tokenType, undefined, // userAssertionHash
11528
11599
  request.sshKid);
11600
+ if (request.resource) {
11601
+ accessTokenEntity.resource = request.resource;
11602
+ }
11529
11603
  const cacheRecord = {
11530
11604
  idToken: idTokenEntity,
11531
11605
  accessToken: accessTokenEntity,
@@ -12078,6 +12152,7 @@
12078
12152
  authority: discoveredAuthority,
12079
12153
  clientCapabilities: this.config.auth.clientCapabilities,
12080
12154
  redirectUri: this.config.auth.redirectUri,
12155
+ isMcp: this.config.auth.isMcp,
12081
12156
  },
12082
12157
  systemOptions: {
12083
12158
  tokenRenewalOffsetSeconds: this.config.system.tokenRenewalOffsetSeconds,
@@ -12118,6 +12193,10 @@
12118
12193
  */
12119
12194
  async function initializeAuthorizationRequest(request, interactionType, config, browserCrypto, browserStorage, logger, performanceClient, correlationId) {
12120
12195
  const redirectUri = getRedirectUri(request.redirectUri, config.auth.redirectUri, logger, correlationId);
12196
+ if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
12197
+ logger.warning("08qbvw", correlationId);
12198
+ performanceClient.addFields({ isRedirectUriCrossOrigin: true }, correlationId);
12199
+ }
12121
12200
  const browserState = {
12122
12201
  interactionType: interactionType,
12123
12202
  };
@@ -12795,6 +12874,7 @@
12795
12874
  correlationId: this.correlationId,
12796
12875
  state: response.state,
12797
12876
  fromPlatformBroker: true,
12877
+ ...(request.resource && { resource: request.resource }),
12798
12878
  };
12799
12879
  return result;
12800
12880
  }
@@ -13523,6 +13603,7 @@
13523
13603
  tenant: "",
13524
13604
  },
13525
13605
  instanceAware: false,
13606
+ isMcp: false,
13526
13607
  };
13527
13608
  // Default cache options for browser
13528
13609
  const DEFAULT_CACHE_OPTIONS = {
@@ -13915,14 +13996,17 @@
13915
13996
  initializePlatformDOMRequest(request) {
13916
13997
  this.logger.trace("15d6yv", request.correlationId);
13917
13998
  const { accountId, clientId, authority, scope, redirectUri, correlationId, state, storeInCache, embeddedClientId, extraParameters, ...remainingProperties } = request;
13918
- const validExtraParameters = this.getDOMExtraParams(remainingProperties);
13999
+ const validExtraParameters = this.getDOMExtraParams(remainingProperties, correlationId);
13919
14000
  const platformDOMRequest = {
13920
14001
  accountId: accountId,
13921
14002
  brokerId: this.getExtensionId(),
13922
14003
  authority: authority,
13923
14004
  clientId: clientId,
13924
14005
  correlationId: correlationId || this.correlationId,
13925
- extraParameters: { ...extraParameters, ...validExtraParameters },
14006
+ extraParameters: {
14007
+ ...extraParameters,
14008
+ ...validExtraParameters,
14009
+ },
13926
14010
  isSecurityTokenService: false,
13927
14011
  redirectUri: redirectUri,
13928
14012
  scope: scope,
@@ -13976,15 +14060,27 @@
13976
14060
  };
13977
14061
  return nativeResponse;
13978
14062
  }
13979
- getDOMExtraParams(extraParameters) {
13980
- const stringifiedParams = Object.entries(extraParameters).reduce((record, [key, value]) => {
13981
- record[key] = String(value);
13982
- return record;
13983
- }, {});
13984
- const validExtraParams = {
13985
- ...stringifiedParams,
13986
- };
13987
- return validExtraParams;
14063
+ getDOMExtraParams(extraParameters, correlationId) {
14064
+ try {
14065
+ const stringifiedProperties = {};
14066
+ for (const [key, value] of Object.entries(extraParameters)) {
14067
+ if (!value) {
14068
+ continue;
14069
+ }
14070
+ if (typeof value === "object") {
14071
+ stringifiedProperties[key] = JSON.stringify(value);
14072
+ }
14073
+ else {
14074
+ stringifiedProperties[key] = String(value);
14075
+ }
14076
+ }
14077
+ return stringifiedProperties;
14078
+ }
14079
+ catch (e) {
14080
+ this.logger.error("0eu9o3", correlationId);
14081
+ this.logger.errorPii("17rpl5", correlationId);
14082
+ return {};
14083
+ }
13988
14084
  }
13989
14085
  }
13990
14086
 
@@ -14228,7 +14324,7 @@
14228
14324
  const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
14229
14325
  this.eventHandler.emitEvent(EventType.POPUP_OPENED, correlationId, exports.InteractionType.Popup, { popupWindow }, null);
14230
14326
  // Wait for the redirect bridge response
14231
- const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
14327
+ const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
14232
14328
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
14233
14329
  return await invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
14234
14330
  }
@@ -14263,7 +14359,7 @@
14263
14359
  const form = await getEARForm(popupWindow.document, this.config, discoveredAuthority, popupRequest, this.logger, this.performanceClient);
14264
14360
  form.submit();
14265
14361
  // Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
14266
- const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest);
14362
+ const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest, this.performanceClient);
14267
14363
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
14268
14364
  if (!serverParams.ear_jwe && serverParams.code) {
14269
14365
  const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, correlationId)({
@@ -14288,7 +14384,7 @@
14288
14384
  const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
14289
14385
  form.submit();
14290
14386
  // Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
14291
- const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
14387
+ const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
14292
14388
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
14293
14389
  return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
14294
14390
  }
@@ -14341,7 +14437,7 @@
14341
14437
  // Open the popup window to requestUrl.
14342
14438
  const popupWindow = this.openPopup(logoutUri, popupParams);
14343
14439
  this.eventHandler.emitEvent(EventType.POPUP_OPENED, validRequest.correlationId, exports.InteractionType.Popup, { popupWindow }, null);
14344
- await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest).catch(() => {
14440
+ await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest, this.performanceClient).catch(() => {
14345
14441
  // Swallow any errors related to monitoring the window. Server logout is best effort
14346
14442
  });
14347
14443
  if (mainWindowRedirectUri) {
@@ -15089,7 +15185,7 @@
15089
15185
  };
15090
15186
  await invokeAsync(initiateEarRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, discoveredAuthority, silentRequest, this.logger, this.performanceClient);
15091
15187
  const responseType = this.config.auth.OIDCOptions.responseMode;
15092
- const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
15188
+ const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
15093
15189
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
15094
15190
  if (!serverParams.ear_jwe && serverParams.code) {
15095
15191
  // If server doesn't support EAR, they may fallback to auth code flow instead
@@ -15138,7 +15234,7 @@
15138
15234
  }
15139
15235
  const responseType = this.config.auth.OIDCOptions.responseMode;
15140
15236
  // Wait for response from the redirect bridge.
15141
- const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
15237
+ const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
15142
15238
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
15143
15239
  return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceCodes.verifier, this.apiId, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
15144
15240
  }
@@ -15291,6 +15387,22 @@
15291
15387
  * Copyright (c) Microsoft Corporation. All rights reserved.
15292
15388
  * Licensed under the MIT License.
15293
15389
  */
15390
+ /**
15391
+ * Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
15392
+ * @returns Network connection information, or an empty object if not available.
15393
+ */
15394
+ function getNetworkInfo() {
15395
+ if (typeof window === "undefined" || !window.navigator) {
15396
+ return {};
15397
+ }
15398
+ const connection = "connection" in window.navigator
15399
+ ? window.navigator.connection
15400
+ : undefined;
15401
+ return {
15402
+ effectiveType: connection?.effectiveType,
15403
+ rtt: connection?.rtt,
15404
+ };
15405
+ }
15294
15406
  function collectInstanceStats(currentClientId, performanceEvent, logger, correlationId) {
15295
15407
  const frameInstances =
15296
15408
  // @ts-ignore
@@ -15310,12 +15422,13 @@
15310
15422
  * Copyright (c) Microsoft Corporation. All rights reserved.
15311
15423
  * Licensed under the MIT License.
15312
15424
  */
15313
- function preflightCheck(initialized, performanceEvent, account) {
15425
+ function preflightCheck(initialized, performanceEvent, config, request) {
15314
15426
  try {
15315
15427
  preflightCheck$1(initialized);
15428
+ enforceResourceParameter(config.auth.isMcp, request);
15316
15429
  }
15317
15430
  catch (e) {
15318
- performanceEvent.end({ success: false }, e, account);
15431
+ performanceEvent.end({ success: false }, e, request.account);
15319
15432
  throw e;
15320
15433
  }
15321
15434
  }
@@ -15416,6 +15529,7 @@
15416
15529
  this.eventHandler.emitEvent(EventType.INITIALIZE_START, correlationId);
15417
15530
  // Broker applications are initialized twice, so we avoid double-counting it
15418
15531
  this.logMultipleInstances(initMeasurement, correlationId);
15532
+ initMeasurement.add({ isMcp: this.config.auth.isMcp });
15419
15533
  await invokeAsync(this.browserStorage.initialize.bind(this.browserStorage), InitializeCache, this.logger, this.performanceClient, correlationId)(correlationId);
15420
15534
  if (allowPlatformBroker) {
15421
15535
  try {
@@ -15593,6 +15707,7 @@
15593
15707
  };
15594
15708
  try {
15595
15709
  redirectPreflightCheck(this.initialized, this.config);
15710
+ enforceResourceParameter(this.config.auth.isMcp, request);
15596
15711
  this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN);
15597
15712
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Redirect, request);
15598
15713
  let result;
@@ -15657,7 +15772,7 @@
15657
15772
  });
15658
15773
  try {
15659
15774
  this.logger.verbose("0ch87b", correlationId);
15660
- preflightCheck(this.initialized, atPopupMeasurement, request.account);
15775
+ preflightCheck(this.initialized, atPopupMeasurement, this.config, request);
15661
15776
  this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN, request.overrideInteractionInProgress, correlationId);
15662
15777
  }
15663
15778
  catch (e) {
@@ -15771,7 +15886,7 @@
15771
15886
  this.ssoSilentMeasurement?.add({
15772
15887
  scenarioId: request.scenarioId,
15773
15888
  });
15774
- preflightCheck(this.initialized, this.ssoSilentMeasurement, request.account);
15889
+ preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
15775
15890
  this.ssoSilentMeasurement?.increment({
15776
15891
  visibilityChangeCount: 0,
15777
15892
  });
@@ -15835,7 +15950,7 @@
15835
15950
  const correlationId = this.getRequestCorrelationId(request);
15836
15951
  this.logger.trace("0ch6ga", correlationId);
15837
15952
  const atbcMeasurement = this.performanceClient.startMeasurement(AcquireTokenByCode, correlationId);
15838
- preflightCheck(this.initialized, atbcMeasurement);
15953
+ preflightCheck(this.initialized, atbcMeasurement, this.config, request);
15839
15954
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Silent, request);
15840
15955
  atbcMeasurement.add({ scenarioId: request.scenarioId });
15841
15956
  try {
@@ -16337,7 +16452,7 @@
16337
16452
  cacheLookupPolicy: request.cacheLookupPolicy,
16338
16453
  scenarioId: request.scenarioId,
16339
16454
  });
16340
- preflightCheck(this.initialized, atsMeasurement, request.account);
16455
+ preflightCheck(this.initialized, atsMeasurement, this.config, request);
16341
16456
  this.logger.verbose("0x1c4s", correlationId);
16342
16457
  const account = request.account || this.getActiveAccount();
16343
16458
  if (!account) {
@@ -16793,6 +16908,7 @@
16793
16908
  platformBrokerId: request.account?.homeAccountId,
16794
16909
  clientId: this.clientId,
16795
16910
  authority: request.authority,
16911
+ resource: request.resource,
16796
16912
  scope: scopes.join(" "),
16797
16913
  correlationId,
16798
16914
  claims: !StringUtils.isEmptyObj(claims) ? claims : undefined,
@@ -17063,6 +17179,7 @@
17063
17179
  const atPopupMeasurement = this.performanceClient.startMeasurement(AcquireTokenPopup, correlationId);
17064
17180
  atPopupMeasurement.add({ nestedAppAuthRequest: true });
17065
17181
  try {
17182
+ enforceResourceParameter(this.config.auth.isMcp, validRequest);
17066
17183
  const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
17067
17184
  const reqTimestamp = nowSeconds();
17068
17185
  const response = await this.bridgeProxy.getTokenInteractive(naaRequest);
@@ -17129,6 +17246,7 @@
17129
17246
  nestedAppAuthRequest: true,
17130
17247
  });
17131
17248
  try {
17249
+ enforceResourceParameter(this.config.auth.isMcp, validRequest);
17132
17250
  const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
17133
17251
  naaRequest.forceRefresh = validRequest.forceRefresh;
17134
17252
  const reqTimestamp = nowSeconds();
@@ -17263,6 +17381,14 @@
17263
17381
  this.logger.verbose("18egye", correlationId);
17264
17382
  return Promise.resolve(null);
17265
17383
  }
17384
+ else if (authRequest.resource) {
17385
+ const requestedResource = authRequest.resource;
17386
+ const cachedResource = cachedAccessToken.resource;
17387
+ if (!cachedResource || cachedResource !== requestedResource) {
17388
+ this.logger.verbose("0qraxd", correlationId);
17389
+ return Promise.resolve(null);
17390
+ }
17391
+ }
17266
17392
  const cachedIdToken = this.browserStorage.getIdToken(currentAccount, authRequest.correlationId, tokenKeys, currentAccount.tenantId);
17267
17393
  if (!cachedIdToken) {
17268
17394
  this.logger.verbose("0d68kd", correlationId);
@@ -18432,11 +18558,14 @@
18432
18558
  return {
18433
18559
  ...inProgressEvent,
18434
18560
  end: (event, error, account) => {
18561
+ const networkInfo = getNetworkInfo();
18435
18562
  const res = inProgressEvent.end({
18436
18563
  ...event,
18437
18564
  startPageVisibility,
18438
18565
  endPageVisibility: this.getPageVisibility(),
18439
18566
  durationMs: getPerfDurationMs(startTime),
18567
+ networkEffectiveType: networkInfo.effectiveType,
18568
+ networkRtt: networkInfo.rtt,
18440
18569
  }, error, account);
18441
18570
  void browserMeasurement?.then((measurement) => measurement.endMeasurement());
18442
18571
  this.deleteIncompleteSubMeasurements(inProgressEvent);
@@ -18608,6 +18737,7 @@
18608
18737
  exports.WrapperSKU = WrapperSKU;
18609
18738
  exports.createNestablePublicClientApplication = createNestablePublicClientApplication;
18610
18739
  exports.createStandardPublicClientApplication = createStandardPublicClientApplication;
18740
+ exports.enforceResourceParameter = enforceResourceParameter;
18611
18741
  exports.isPlatformBrokerAvailable = isPlatformBrokerAvailable;
18612
18742
  exports.loadExternalTokens = loadExternalTokens;
18613
18743
  exports.stubbedPublicClientApplication = stubbedPublicClientApplication;