@azure/msal-browser 5.4.0 → 5.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/cache/AccountManager.d.ts.map +1 -1
- package/dist/cache/AccountManager.mjs +1 -5
- package/dist/cache/AccountManager.mjs.map +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +4 -1
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +4 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +12 -2
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +11 -8
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/AccountManager.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -5
- package/dist/custom-auth-path/cache/AccountManager.mjs.map +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +4 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +4 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +11 -8
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/index.d.ts +1 -1
- package/dist/custom-auth-path/index.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +5 -5
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +6 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +19 -7
- package/dist/custom-auth-path/naa/TokenRequest.d.ts +1 -0
- package/dist/custom-auth-path/naa/TokenRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts +33 -0
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +62 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts +2 -2
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +12 -2
- package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +2 -2
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +5 -5
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +6 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +23 -11
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/TokenRequest.d.ts +1 -0
- package/dist/naa/TokenRequest.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +2 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +33 -0
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +62 -2
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/AccountManager.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/config/Configuration.d.ts +4 -0
- package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/index.d.ts +1 -1
- package/dist/redirect-bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/naa/TokenRequest.d.ts +1 -0
- package/dist/redirect-bridge/naa/TokenRequest.d.ts.map +1 -1
- package/dist/redirect-bridge/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/protocol/Authorize.d.ts +33 -0
- package/dist/redirect-bridge/protocol/Authorize.d.ts.map +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts +2 -2
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -1
- package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +5 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.d.ts +2 -2
- package/dist/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/utils/BrowserUtils.mjs +12 -2
- package/dist/utils/BrowserUtils.mjs.map +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +19 -7
- package/lib/custom-auth-path/msal-custom-auth.cjs +264 -96
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/AccountManager.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +4 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/naa/TokenRequest.d.ts +1 -0
- package/lib/custom-auth-path/types/naa/TokenRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts +33 -0
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/lib/log-strings-mapping.json +23 -11
- package/lib/msal-browser.cjs +302 -100
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +302 -100
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/lib/types/cache/AccountManager.d.ts.map +1 -1
- package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +4 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/index.d.ts +1 -1
- package/lib/types/index.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/naa/TokenRequest.d.ts +1 -0
- package/lib/types/naa/TokenRequest.d.ts.map +1 -1
- package/lib/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts +33 -0
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +34 -17
- package/src/broker/nativeBroker/PlatformAuthRequest.ts +1 -0
- package/src/cache/AccountManager.ts +0 -5
- package/src/cache/BrowserCacheManager.ts +4 -0
- package/src/config/Configuration.ts +5 -0
- package/src/controllers/NestedAppAuthController.ts +14 -0
- package/src/controllers/StandardController.ts +13 -6
- package/src/index.ts +1 -0
- package/src/interaction_client/PlatformAuthInteractionClient.ts +1 -0
- package/src/interaction_client/PopupClient.ts +8 -4
- package/src/interaction_client/SilentIframeClient.ts +4 -2
- package/src/interaction_client/StandardInteractionClient.ts +11 -0
- package/src/naa/TokenRequest.ts +1 -0
- package/src/naa/mapping/NestedAppAuthAdapter.ts +1 -0
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +100 -0
- package/src/telemetry/BrowserPerformanceClient.ts +4 -0
- package/src/utils/BrowserUtils.ts +24 -1
- package/src/utils/MsalFrameStatsUtils.ts +27 -0
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.
|
|
1
|
+
/*! @azure/msal-browser v5.6.0 2026-03-18 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v16.
|
|
5
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -229,7 +229,7 @@ const JsonWebTokenTypes = {
|
|
|
229
229
|
// Token renewal offset default in seconds
|
|
230
230
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
231
231
|
|
|
232
|
-
/*! @azure/msal-common v16.
|
|
232
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
233
233
|
/*
|
|
234
234
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
235
235
|
* Licensed under the MIT License.
|
|
@@ -277,9 +277,11 @@ const BROKER_CLIENT_ID = "brk_client_id";
|
|
|
277
277
|
const BROKER_REDIRECT_URI = "brk_redirect_uri";
|
|
278
278
|
const INSTANCE_AWARE = "instance_aware";
|
|
279
279
|
const EAR_JWK = "ear_jwk";
|
|
280
|
-
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
280
|
+
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
281
|
+
const RESOURCE = "resource";
|
|
282
|
+
const CLI_DATA = "clidata";
|
|
281
283
|
|
|
282
|
-
/*! @azure/msal-common v16.
|
|
284
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
283
285
|
/*
|
|
284
286
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
285
287
|
* Licensed under the MIT License.
|
|
@@ -310,7 +312,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
310
312
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
311
313
|
}
|
|
312
314
|
|
|
313
|
-
/*! @azure/msal-common v16.
|
|
315
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
314
316
|
|
|
315
317
|
/*
|
|
316
318
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -330,7 +332,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
330
332
|
return new ClientConfigurationError(errorCode);
|
|
331
333
|
}
|
|
332
334
|
|
|
333
|
-
/*! @azure/msal-common v16.
|
|
335
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
334
336
|
/*
|
|
335
337
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
336
338
|
* Licensed under the MIT License.
|
|
@@ -410,7 +412,7 @@ class StringUtils {
|
|
|
410
412
|
}
|
|
411
413
|
}
|
|
412
414
|
|
|
413
|
-
/*! @azure/msal-common v16.
|
|
415
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
414
416
|
|
|
415
417
|
/*
|
|
416
418
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -433,7 +435,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
433
435
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
434
436
|
}
|
|
435
437
|
|
|
436
|
-
/*! @azure/msal-common v16.
|
|
438
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
437
439
|
/*
|
|
438
440
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
439
441
|
* Licensed under the MIT License.
|
|
@@ -457,7 +459,7 @@ const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
|
457
459
|
const authorityMismatch = "authority_mismatch";
|
|
458
460
|
const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
459
461
|
|
|
460
|
-
/*! @azure/msal-common v16.
|
|
462
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
461
463
|
/*
|
|
462
464
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
463
465
|
* Licensed under the MIT License.
|
|
@@ -492,9 +494,11 @@ const authorizationCodeMissingFromServerResponse = "authorization_code_missing_f
|
|
|
492
494
|
const bindingKeyNotRemoved = "binding_key_not_removed";
|
|
493
495
|
const endSessionEndpointNotSupported = "end_session_endpoint_not_supported";
|
|
494
496
|
const keyIdMissing = "key_id_missing";
|
|
495
|
-
const methodNotImplemented = "method_not_implemented";
|
|
497
|
+
const methodNotImplemented = "method_not_implemented";
|
|
498
|
+
const resourceParameterRequired = "resource_parameter_required";
|
|
499
|
+
const misplacedResourceParam = "misplaced_resource_parameter";
|
|
496
500
|
|
|
497
|
-
/*! @azure/msal-common v16.
|
|
501
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
498
502
|
|
|
499
503
|
/*
|
|
500
504
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -689,7 +693,7 @@ class ScopeSet {
|
|
|
689
693
|
}
|
|
690
694
|
}
|
|
691
695
|
|
|
692
|
-
/*! @azure/msal-common v16.
|
|
696
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
693
697
|
|
|
694
698
|
/*
|
|
695
699
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -955,6 +959,12 @@ function addGrantType(parameters, grantType) {
|
|
|
955
959
|
function addClientInfo(parameters) {
|
|
956
960
|
parameters.set(CLIENT_INFO, "1");
|
|
957
961
|
}
|
|
962
|
+
/**
|
|
963
|
+
* add clidata=1 to request to indicate client data support
|
|
964
|
+
*/
|
|
965
|
+
function addCliData(parameters) {
|
|
966
|
+
parameters.set(CLI_DATA, "1");
|
|
967
|
+
}
|
|
958
968
|
function addInstanceAware(parameters) {
|
|
959
969
|
if (!parameters.has(INSTANCE_AWARE)) {
|
|
960
970
|
parameters.set(INSTANCE_AWARE, "true");
|
|
@@ -1054,9 +1064,14 @@ function addEARParameters(parameters, jwk) {
|
|
|
1054
1064
|
// ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
|
|
1055
1065
|
const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
|
|
1056
1066
|
parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
1067
|
+
}
|
|
1068
|
+
function addResource(parameters, resource) {
|
|
1069
|
+
if (resource) {
|
|
1070
|
+
parameters.set(RESOURCE, resource);
|
|
1071
|
+
}
|
|
1057
1072
|
}
|
|
1058
1073
|
|
|
1059
|
-
/*! @azure/msal-common v16.
|
|
1074
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1060
1075
|
|
|
1061
1076
|
/*
|
|
1062
1077
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1165,7 +1180,7 @@ function normalizeUrlForComparison(url) {
|
|
|
1165
1180
|
}
|
|
1166
1181
|
}
|
|
1167
1182
|
|
|
1168
|
-
/*! @azure/msal-common v16.
|
|
1183
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1169
1184
|
|
|
1170
1185
|
/*
|
|
1171
1186
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1204,7 +1219,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
1204
1219
|
},
|
|
1205
1220
|
};
|
|
1206
1221
|
|
|
1207
|
-
/*! @azure/msal-common v16.
|
|
1222
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1208
1223
|
/*
|
|
1209
1224
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1210
1225
|
* Licensed under the MIT License.
|
|
@@ -1465,12 +1480,12 @@ class Logger {
|
|
|
1465
1480
|
}
|
|
1466
1481
|
}
|
|
1467
1482
|
|
|
1468
|
-
/*! @azure/msal-common v16.
|
|
1483
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1469
1484
|
/* eslint-disable header/header */
|
|
1470
1485
|
const name$1 = "@azure/msal-common";
|
|
1471
|
-
const version$1 = "16.
|
|
1486
|
+
const version$1 = "16.4.0";
|
|
1472
1487
|
|
|
1473
|
-
/*! @azure/msal-common v16.
|
|
1488
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1474
1489
|
/*
|
|
1475
1490
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1476
1491
|
* Licensed under the MIT License.
|
|
@@ -1479,7 +1494,7 @@ const AzureCloudInstance = {
|
|
|
1479
1494
|
// AzureCloudInstance is not specified.
|
|
1480
1495
|
None: "none"};
|
|
1481
1496
|
|
|
1482
|
-
/*! @azure/msal-common v16.
|
|
1497
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1483
1498
|
/*
|
|
1484
1499
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1485
1500
|
* Licensed under the MIT License.
|
|
@@ -1561,7 +1576,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1561
1576
|
return updatedAccountInfo;
|
|
1562
1577
|
}
|
|
1563
1578
|
|
|
1564
|
-
/*! @azure/msal-common v16.
|
|
1579
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1565
1580
|
|
|
1566
1581
|
/*
|
|
1567
1582
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1641,7 +1656,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1641
1656
|
}
|
|
1642
1657
|
}
|
|
1643
1658
|
|
|
1644
|
-
/*! @azure/msal-common v16.
|
|
1659
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1645
1660
|
|
|
1646
1661
|
/*
|
|
1647
1662
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1798,7 +1813,7 @@ class UrlString {
|
|
|
1798
1813
|
}
|
|
1799
1814
|
}
|
|
1800
1815
|
|
|
1801
|
-
/*! @azure/msal-common v16.
|
|
1816
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1802
1817
|
|
|
1803
1818
|
/*
|
|
1804
1819
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1955,7 +1970,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
1955
1970
|
return null;
|
|
1956
1971
|
}
|
|
1957
1972
|
|
|
1958
|
-
/*! @azure/msal-common v16.
|
|
1973
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1959
1974
|
/*
|
|
1960
1975
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1961
1976
|
* Licensed under the MIT License.
|
|
@@ -1963,7 +1978,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
1963
1978
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
1964
1979
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
1965
1980
|
|
|
1966
|
-
/*! @azure/msal-common v16.
|
|
1981
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1967
1982
|
|
|
1968
1983
|
/*
|
|
1969
1984
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2001,7 +2016,7 @@ function createCacheError(e) {
|
|
|
2001
2016
|
}
|
|
2002
2017
|
}
|
|
2003
2018
|
|
|
2004
|
-
/*! @azure/msal-common v16.
|
|
2019
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2005
2020
|
|
|
2006
2021
|
/*
|
|
2007
2022
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2039,7 +2054,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
2039
2054
|
};
|
|
2040
2055
|
}
|
|
2041
2056
|
|
|
2042
|
-
/*! @azure/msal-common v16.
|
|
2057
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2043
2058
|
/*
|
|
2044
2059
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2045
2060
|
* Licensed under the MIT License.
|
|
@@ -2054,7 +2069,7 @@ const AuthorityType = {
|
|
|
2054
2069
|
Ciam: 3,
|
|
2055
2070
|
};
|
|
2056
2071
|
|
|
2057
|
-
/*! @azure/msal-common v16.
|
|
2072
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2058
2073
|
/*
|
|
2059
2074
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2060
2075
|
* Licensed under the MIT License.
|
|
@@ -2076,7 +2091,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
2076
2091
|
return null;
|
|
2077
2092
|
}
|
|
2078
2093
|
|
|
2079
|
-
/*! @azure/msal-common v16.
|
|
2094
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2080
2095
|
/*
|
|
2081
2096
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2082
2097
|
* Licensed under the MIT License.
|
|
@@ -2100,7 +2115,7 @@ const ProtocolMode = {
|
|
|
2100
2115
|
EAR: "EAR",
|
|
2101
2116
|
};
|
|
2102
2117
|
|
|
2103
|
-
/*! @azure/msal-common v16.
|
|
2118
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2104
2119
|
/**
|
|
2105
2120
|
* Returns the AccountInfo interface for this account.
|
|
2106
2121
|
*/
|
|
@@ -2275,7 +2290,7 @@ function isAccountEntity(entity) {
|
|
|
2275
2290
|
entity.hasOwnProperty("authorityType"));
|
|
2276
2291
|
}
|
|
2277
2292
|
|
|
2278
|
-
/*! @azure/msal-common v16.
|
|
2293
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2279
2294
|
|
|
2280
2295
|
/*
|
|
2281
2296
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2305,6 +2320,11 @@ class CacheManager {
|
|
|
2305
2320
|
* Gets first tenanted AccountInfo object found based on provided filters
|
|
2306
2321
|
*/
|
|
2307
2322
|
getAccountInfoFilteredBy(accountFilter, correlationId) {
|
|
2323
|
+
if (Object.keys(accountFilter).length === 0 ||
|
|
2324
|
+
Object.values(accountFilter).every((value) => value === null || value === undefined || value === "")) {
|
|
2325
|
+
this.commonLogger.warning("1skb02", correlationId);
|
|
2326
|
+
return null;
|
|
2327
|
+
}
|
|
2308
2328
|
const allAccounts = this.getAllAccounts(accountFilter, correlationId);
|
|
2309
2329
|
if (allAccounts.length > 1) {
|
|
2310
2330
|
// If one or more accounts are found, prioritize accounts that have an ID token
|
|
@@ -3371,7 +3391,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3371
3391
|
}
|
|
3372
3392
|
}
|
|
3373
3393
|
|
|
3374
|
-
/*! @azure/msal-common v16.
|
|
3394
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3375
3395
|
/*
|
|
3376
3396
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3377
3397
|
* Licensed under the MIT License.
|
|
@@ -3385,7 +3405,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3385
3405
|
const PerformanceEventStatus = {
|
|
3386
3406
|
InProgress: 1};
|
|
3387
3407
|
|
|
3388
|
-
/*! @azure/msal-common v16.
|
|
3408
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3389
3409
|
|
|
3390
3410
|
/*
|
|
3391
3411
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3440,7 +3460,7 @@ class StubPerformanceClient {
|
|
|
3440
3460
|
}
|
|
3441
3461
|
}
|
|
3442
3462
|
|
|
3443
|
-
/*! @azure/msal-common v16.
|
|
3463
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3444
3464
|
|
|
3445
3465
|
/*
|
|
3446
3466
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3523,6 +3543,7 @@ function buildAuthOptions(authOptions) {
|
|
|
3523
3543
|
clientCapabilities: [],
|
|
3524
3544
|
azureCloudOptions: DEFAULT_AZURE_CLOUD_OPTIONS,
|
|
3525
3545
|
instanceAware: false,
|
|
3546
|
+
isMcp: false,
|
|
3526
3547
|
...authOptions,
|
|
3527
3548
|
};
|
|
3528
3549
|
}
|
|
@@ -3534,7 +3555,7 @@ function isOidcProtocolMode(config) {
|
|
|
3534
3555
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3535
3556
|
}
|
|
3536
3557
|
|
|
3537
|
-
/*! @azure/msal-common v16.
|
|
3558
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3538
3559
|
|
|
3539
3560
|
/*
|
|
3540
3561
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3553,7 +3574,7 @@ class ServerError extends AuthError {
|
|
|
3553
3574
|
}
|
|
3554
3575
|
}
|
|
3555
3576
|
|
|
3556
|
-
/*! @azure/msal-common v16.
|
|
3577
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3557
3578
|
/*
|
|
3558
3579
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3559
3580
|
* Licensed under the MIT License.
|
|
@@ -3604,7 +3625,7 @@ const badToken = "bad_token";
|
|
|
3604
3625
|
*/
|
|
3605
3626
|
const interruptedUser = "interrupted_user";
|
|
3606
3627
|
|
|
3607
|
-
/*! @azure/msal-common v16.
|
|
3628
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3608
3629
|
|
|
3609
3630
|
/*
|
|
3610
3631
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3672,7 +3693,7 @@ function createInteractionRequiredAuthError(errorCode, errorMessage) {
|
|
|
3672
3693
|
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
3673
3694
|
}
|
|
3674
3695
|
|
|
3675
|
-
/*! @azure/msal-common v16.
|
|
3696
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3676
3697
|
|
|
3677
3698
|
/*
|
|
3678
3699
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3740,7 +3761,7 @@ function parseRequestState(base64Decode, state) {
|
|
|
3740
3761
|
}
|
|
3741
3762
|
}
|
|
3742
3763
|
|
|
3743
|
-
/*! @azure/msal-common v16.
|
|
3764
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3744
3765
|
/*
|
|
3745
3766
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3746
3767
|
* Licensed under the MIT License.
|
|
@@ -3805,7 +3826,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
3805
3826
|
return cachedAtSec > nowSeconds();
|
|
3806
3827
|
}
|
|
3807
3828
|
|
|
3808
|
-
/*! @azure/msal-common v16.
|
|
3829
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3809
3830
|
/*
|
|
3810
3831
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3811
3832
|
* Licensed under the MIT License.
|
|
@@ -3876,7 +3897,7 @@ const RegionDiscoveryGetCurrentVersion = "regionDiscoveryGetCurrentVersion";
|
|
|
3876
3897
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
3877
3898
|
const SetUserData = "setUserData";
|
|
3878
3899
|
|
|
3879
|
-
/*! @azure/msal-common v16.
|
|
3900
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3880
3901
|
/*
|
|
3881
3902
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3882
3903
|
* Licensed under the MIT License.
|
|
@@ -3969,7 +3990,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
3969
3990
|
};
|
|
3970
3991
|
};
|
|
3971
3992
|
|
|
3972
|
-
/*! @azure/msal-common v16.
|
|
3993
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3973
3994
|
|
|
3974
3995
|
/*
|
|
3975
3996
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4049,7 +4070,7 @@ class PopTokenGenerator {
|
|
|
4049
4070
|
}
|
|
4050
4071
|
}
|
|
4051
4072
|
|
|
4052
|
-
/*! @azure/msal-common v16.
|
|
4073
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4053
4074
|
/*
|
|
4054
4075
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4055
4076
|
* Licensed under the MIT License.
|
|
@@ -4076,7 +4097,7 @@ class PopTokenGenerator {
|
|
|
4076
4097
|
}
|
|
4077
4098
|
}
|
|
4078
4099
|
|
|
4079
|
-
/*! @azure/msal-common v16.
|
|
4100
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4080
4101
|
|
|
4081
4102
|
/*
|
|
4082
4103
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4335,7 +4356,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
4335
4356
|
return metadata.expiresAt <= nowSeconds();
|
|
4336
4357
|
}
|
|
4337
4358
|
|
|
4338
|
-
/*! @azure/msal-common v16.
|
|
4359
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4339
4360
|
|
|
4340
4361
|
/*
|
|
4341
4362
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4520,6 +4541,11 @@ class ResponseHandler {
|
|
|
4520
4541
|
: undefined;
|
|
4521
4542
|
// non AAD scenarios can have empty realm
|
|
4522
4543
|
cachedAccessToken = createAccessTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.access_token, this.clientId, claimsTenantId || authority.tenant || "", responseScopes.printScopes(), tokenExpirationSeconds, extendedTokenExpirationSeconds, this.cryptoObj.base64Decode, refreshOnSeconds, serverTokenResponse.token_type, userAssertionHash, serverTokenResponse.key_id);
|
|
4544
|
+
// Set resource (to be used for MCP scenarios)
|
|
4545
|
+
const resource = request.resource || null;
|
|
4546
|
+
if (resource) {
|
|
4547
|
+
cachedAccessToken.resource = resource;
|
|
4548
|
+
}
|
|
4523
4549
|
}
|
|
4524
4550
|
// refreshToken
|
|
4525
4551
|
let cachedRefreshToken = null;
|
|
@@ -4671,7 +4697,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
4671
4697
|
return baseAccount;
|
|
4672
4698
|
}
|
|
4673
4699
|
|
|
4674
|
-
/*! @azure/msal-common v16.
|
|
4700
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4675
4701
|
/*
|
|
4676
4702
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4677
4703
|
* Licensed under the MIT License.
|
|
@@ -4681,7 +4707,7 @@ const CcsCredentialType = {
|
|
|
4681
4707
|
UPN: "UPN",
|
|
4682
4708
|
};
|
|
4683
4709
|
|
|
4684
|
-
/*! @azure/msal-common v16.
|
|
4710
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4685
4711
|
/*
|
|
4686
4712
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4687
4713
|
* Licensed under the MIT License.
|
|
@@ -4699,7 +4725,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
4699
4725
|
}
|
|
4700
4726
|
}
|
|
4701
4727
|
|
|
4702
|
-
/*! @azure/msal-common v16.
|
|
4728
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4703
4729
|
/*
|
|
4704
4730
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4705
4731
|
* Licensed under the MIT License.
|
|
@@ -4720,7 +4746,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
4720
4746
|
};
|
|
4721
4747
|
}
|
|
4722
4748
|
|
|
4723
|
-
/*! @azure/msal-common v16.
|
|
4749
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4724
4750
|
|
|
4725
4751
|
/*
|
|
4726
4752
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4806,7 +4832,7 @@ class ThrottlingUtils {
|
|
|
4806
4832
|
}
|
|
4807
4833
|
}
|
|
4808
4834
|
|
|
4809
|
-
/*! @azure/msal-common v16.
|
|
4835
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4810
4836
|
|
|
4811
4837
|
/*
|
|
4812
4838
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4837,7 +4863,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
4837
4863
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
4838
4864
|
}
|
|
4839
4865
|
|
|
4840
|
-
/*! @azure/msal-common v16.
|
|
4866
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4841
4867
|
|
|
4842
4868
|
/*
|
|
4843
4869
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4951,7 +4977,7 @@ async function sendPostRequest(thumbprint, tokenEndpoint, options, correlationId
|
|
|
4951
4977
|
return response;
|
|
4952
4978
|
}
|
|
4953
4979
|
|
|
4954
|
-
/*! @azure/msal-common v16.
|
|
4980
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4955
4981
|
/*
|
|
4956
4982
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4957
4983
|
* Licensed under the MIT License.
|
|
@@ -4963,7 +4989,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
4963
4989
|
response.hasOwnProperty("jwks_uri"));
|
|
4964
4990
|
}
|
|
4965
4991
|
|
|
4966
|
-
/*! @azure/msal-common v16.
|
|
4992
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4967
4993
|
/*
|
|
4968
4994
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4969
4995
|
* Licensed under the MIT License.
|
|
@@ -4973,7 +4999,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
4973
4999
|
response.hasOwnProperty("metadata"));
|
|
4974
5000
|
}
|
|
4975
5001
|
|
|
4976
|
-
/*! @azure/msal-common v16.
|
|
5002
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4977
5003
|
/*
|
|
4978
5004
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4979
5005
|
* Licensed under the MIT License.
|
|
@@ -4983,7 +5009,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
4983
5009
|
response.hasOwnProperty("error_description"));
|
|
4984
5010
|
}
|
|
4985
5011
|
|
|
4986
|
-
/*! @azure/msal-common v16.
|
|
5012
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4987
5013
|
|
|
4988
5014
|
/*
|
|
4989
5015
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5088,7 +5114,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
5088
5114
|
},
|
|
5089
5115
|
};
|
|
5090
5116
|
|
|
5091
|
-
/*! @azure/msal-common v16.
|
|
5117
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
5092
5118
|
|
|
5093
5119
|
/*
|
|
5094
5120
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5908,7 +5934,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
5908
5934
|
};
|
|
5909
5935
|
}
|
|
5910
5936
|
|
|
5911
|
-
/*! @azure/msal-common v16.
|
|
5937
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
5912
5938
|
|
|
5913
5939
|
/*
|
|
5914
5940
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5942,7 +5968,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
5942
5968
|
}
|
|
5943
5969
|
}
|
|
5944
5970
|
|
|
5945
|
-
/*! @azure/msal-common v16.
|
|
5971
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
5946
5972
|
|
|
5947
5973
|
/*
|
|
5948
5974
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6062,6 +6088,7 @@ class AuthorizationCodeClient {
|
|
|
6062
6088
|
}
|
|
6063
6089
|
// Add scope array, parameter builder will add default scopes and dedupe
|
|
6064
6090
|
addScopes(parameters, request.scopes, true, this.oidcDefaultScopes);
|
|
6091
|
+
addResource(parameters, request.resource);
|
|
6065
6092
|
// add code: user set, not validated
|
|
6066
6093
|
addAuthorizationCode(parameters, request.code);
|
|
6067
6094
|
// Add library metadata
|
|
@@ -6202,7 +6229,7 @@ class AuthorizationCodeClient {
|
|
|
6202
6229
|
}
|
|
6203
6230
|
}
|
|
6204
6231
|
|
|
6205
|
-
/*! @azure/msal-common v16.
|
|
6232
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6206
6233
|
|
|
6207
6234
|
/*
|
|
6208
6235
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6427,7 +6454,7 @@ class RefreshTokenClient {
|
|
|
6427
6454
|
}
|
|
6428
6455
|
}
|
|
6429
6456
|
|
|
6430
|
-
/*! @azure/msal-common v16.
|
|
6457
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6431
6458
|
|
|
6432
6459
|
/*
|
|
6433
6460
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6483,6 +6510,13 @@ class SilentFlowClient {
|
|
|
6483
6510
|
this.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED, request.correlationId);
|
|
6484
6511
|
throw createClientAuthError(tokenRefreshRequired);
|
|
6485
6512
|
}
|
|
6513
|
+
else if (request.resource) {
|
|
6514
|
+
// cached access token must have a resource that matches the request resource for MCP scenarios
|
|
6515
|
+
if (cachedAccessToken.resource !== request.resource) {
|
|
6516
|
+
this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
|
|
6517
|
+
throw createClientAuthError(tokenRefreshRequired);
|
|
6518
|
+
}
|
|
6519
|
+
}
|
|
6486
6520
|
else if (cachedAccessToken.refreshOn &&
|
|
6487
6521
|
isTokenExpired(cachedAccessToken.refreshOn, 0)) {
|
|
6488
6522
|
// must refresh (in the background) due to the refresh_in value
|
|
@@ -6536,7 +6570,7 @@ class SilentFlowClient {
|
|
|
6536
6570
|
}
|
|
6537
6571
|
}
|
|
6538
6572
|
|
|
6539
|
-
/*! @azure/msal-common v16.
|
|
6573
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6540
6574
|
|
|
6541
6575
|
/*
|
|
6542
6576
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6551,7 +6585,7 @@ const StubbedNetworkModule = {
|
|
|
6551
6585
|
},
|
|
6552
6586
|
};
|
|
6553
6587
|
|
|
6554
|
-
/*! @azure/msal-common v16.
|
|
6588
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6555
6589
|
|
|
6556
6590
|
/*
|
|
6557
6591
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6577,12 +6611,15 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
|
|
|
6577
6611
|
...(request.extraScopesToConsent || []),
|
|
6578
6612
|
];
|
|
6579
6613
|
addScopes(parameters, requestScopes, true, authOptions.authority.options.OIDCOptions?.defaultScopes);
|
|
6614
|
+
addResource(parameters, request.resource);
|
|
6580
6615
|
addRedirectUri(parameters, request.redirectUri);
|
|
6581
6616
|
addCorrelationId(parameters, correlationId);
|
|
6582
6617
|
// add response_mode. If not passed in it defaults to query.
|
|
6583
6618
|
addResponseMode(parameters, request.responseMode);
|
|
6584
6619
|
// add client_info=1
|
|
6585
6620
|
addClientInfo(parameters);
|
|
6621
|
+
// add clidata=1
|
|
6622
|
+
addCliData(parameters);
|
|
6586
6623
|
if (request.prompt) {
|
|
6587
6624
|
addPrompt(parameters, request.prompt);
|
|
6588
6625
|
performanceClient?.addFields({ prompt: request.prompt }, correlationId);
|
|
@@ -6775,7 +6812,40 @@ function extractLoginHint(account) {
|
|
|
6775
6812
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
6776
6813
|
}
|
|
6777
6814
|
|
|
6778
|
-
/*! @azure/msal-common v16.
|
|
6815
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6816
|
+
|
|
6817
|
+
/*
|
|
6818
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6819
|
+
* Licensed under the MIT License.
|
|
6820
|
+
*/
|
|
6821
|
+
/**
|
|
6822
|
+
* Helper to enforce resource parameter presence in token requests when isMcp is set in the configuration.
|
|
6823
|
+
* If resource parameter is set in both the request and in extraQueryParameters or extraParameters, an error will be thrown.
|
|
6824
|
+
* This is used for MCP flows.
|
|
6825
|
+
* @param isMcp - Flag indicating if application is an MCP app, from configuration
|
|
6826
|
+
* @param request - Auth request
|
|
6827
|
+
*/
|
|
6828
|
+
function enforceResourceParameter(isMcp, request) {
|
|
6829
|
+
if (!isMcp) {
|
|
6830
|
+
return;
|
|
6831
|
+
}
|
|
6832
|
+
if (request.resource &&
|
|
6833
|
+
(containsResourceParam(request.extraParameters) ||
|
|
6834
|
+
containsResourceParam(request.extraQueryParameters))) {
|
|
6835
|
+
throw createClientAuthError(misplacedResourceParam);
|
|
6836
|
+
}
|
|
6837
|
+
if (!request.resource) {
|
|
6838
|
+
throw createClientAuthError(resourceParameterRequired);
|
|
6839
|
+
}
|
|
6840
|
+
}
|
|
6841
|
+
function containsResourceParam(params) {
|
|
6842
|
+
if (!params) {
|
|
6843
|
+
return false;
|
|
6844
|
+
}
|
|
6845
|
+
return Object.prototype.hasOwnProperty.call(params, "resource");
|
|
6846
|
+
}
|
|
6847
|
+
|
|
6848
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6779
6849
|
/*
|
|
6780
6850
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6781
6851
|
* Licensed under the MIT License.
|
|
@@ -6785,7 +6855,7 @@ function extractLoginHint(account) {
|
|
|
6785
6855
|
*/
|
|
6786
6856
|
const unexpectedError = "unexpected_error";
|
|
6787
6857
|
|
|
6788
|
-
/*! @azure/msal-common v16.
|
|
6858
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6789
6859
|
|
|
6790
6860
|
/*
|
|
6791
6861
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7046,7 +7116,7 @@ class ServerTelemetryManager {
|
|
|
7046
7116
|
}
|
|
7047
7117
|
}
|
|
7048
7118
|
|
|
7049
|
-
/*! @azure/msal-common v16.
|
|
7119
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
7050
7120
|
|
|
7051
7121
|
/*
|
|
7052
7122
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7067,7 +7137,7 @@ function createJoseHeaderError(code) {
|
|
|
7067
7137
|
return new JoseHeaderError(code);
|
|
7068
7138
|
}
|
|
7069
7139
|
|
|
7070
|
-
/*! @azure/msal-common v16.
|
|
7140
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
7071
7141
|
/*
|
|
7072
7142
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7073
7143
|
* Licensed under the MIT License.
|
|
@@ -7075,7 +7145,7 @@ function createJoseHeaderError(code) {
|
|
|
7075
7145
|
const missingKidError = "missing_kid_error";
|
|
7076
7146
|
const missingAlgError = "missing_alg_error";
|
|
7077
7147
|
|
|
7078
|
-
/*! @azure/msal-common v16.
|
|
7148
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
7079
7149
|
|
|
7080
7150
|
/*
|
|
7081
7151
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7510,7 +7580,7 @@ function ensureArgumentIsJSONString(argName, argValue, correlationId) {
|
|
|
7510
7580
|
|
|
7511
7581
|
/* eslint-disable header/header */
|
|
7512
7582
|
const name = "@azure/msal-browser";
|
|
7513
|
-
const version = "5.
|
|
7583
|
+
const version = "5.6.0";
|
|
7514
7584
|
|
|
7515
7585
|
/*
|
|
7516
7586
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8937,9 +9007,13 @@ function cancelPendingBridgeResponse(logger, correlationId) {
|
|
|
8937
9007
|
activeBridgeMonitor = null;
|
|
8938
9008
|
}
|
|
8939
9009
|
}
|
|
8940
|
-
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request) {
|
|
9010
|
+
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient) {
|
|
8941
9011
|
return new Promise((resolve, reject) => {
|
|
8942
9012
|
logger.verbose("1rf6em", request.correlationId);
|
|
9013
|
+
const correlationId = request.correlationId;
|
|
9014
|
+
performanceClient.addFields({
|
|
9015
|
+
redirectBridgeTimeoutMs: timeoutMs,
|
|
9016
|
+
}, correlationId);
|
|
8943
9017
|
const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
|
|
8944
9018
|
const channel = new BroadcastChannel(libraryState.id);
|
|
8945
9019
|
let responseString = undefined;
|
|
@@ -8957,6 +9031,12 @@ async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request)
|
|
|
8957
9031
|
};
|
|
8958
9032
|
channel.onmessage = (event) => {
|
|
8959
9033
|
responseString = event.data.payload;
|
|
9034
|
+
const messageVersion = event?.data && typeof event.data.v === "number"
|
|
9035
|
+
? event.data.v
|
|
9036
|
+
: undefined;
|
|
9037
|
+
performanceClient.addFields({
|
|
9038
|
+
redirectBridgeMessageVersion: messageVersion,
|
|
9039
|
+
}, correlationId);
|
|
8960
9040
|
// Clear the active monitor
|
|
8961
9041
|
activeBridgeMonitor = null;
|
|
8962
9042
|
clearTimeout(timeoutId);
|
|
@@ -9427,6 +9507,7 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
9427
9507
|
authority: discoveredAuthority,
|
|
9428
9508
|
clientCapabilities: this.config.auth.clientCapabilities,
|
|
9429
9509
|
redirectUri: this.config.auth.redirectUri,
|
|
9510
|
+
isMcp: this.config.auth.isMcp,
|
|
9430
9511
|
},
|
|
9431
9512
|
systemOptions: {
|
|
9432
9513
|
tokenRenewalOffsetSeconds: this.config.system.tokenRenewalOffsetSeconds,
|
|
@@ -9467,6 +9548,10 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
9467
9548
|
*/
|
|
9468
9549
|
async function initializeAuthorizationRequest(request, interactionType, config, browserCrypto, browserStorage, logger, performanceClient, correlationId) {
|
|
9469
9550
|
const redirectUri = getRedirectUri(request.redirectUri, config.auth.redirectUri, logger, correlationId);
|
|
9551
|
+
if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
|
|
9552
|
+
logger.warning("08qbvw", correlationId);
|
|
9553
|
+
performanceClient.addFields({ isRedirectUriCrossOrigin: true }, correlationId);
|
|
9554
|
+
}
|
|
9470
9555
|
const browserState = {
|
|
9471
9556
|
interactionType: interactionType,
|
|
9472
9557
|
};
|
|
@@ -15894,6 +15979,9 @@ class BrowserCacheManager extends CacheManager {
|
|
|
15894
15979
|
: 0, base64Decode, undefined, // refreshOn
|
|
15895
15980
|
result.tokenType, undefined, // userAssertionHash
|
|
15896
15981
|
request.sshKid);
|
|
15982
|
+
if (request.resource) {
|
|
15983
|
+
accessTokenEntity.resource = request.resource;
|
|
15984
|
+
}
|
|
15897
15985
|
const cacheRecord = {
|
|
15898
15986
|
idToken: idTokenEntity,
|
|
15899
15987
|
accessToken: accessTokenEntity,
|
|
@@ -15979,10 +16067,6 @@ function getAllAccounts(logger, browserStorage, isInBrowser, correlationId, acco
|
|
|
15979
16067
|
*/
|
|
15980
16068
|
function getAccount(accountFilter, logger, browserStorage, correlationId) {
|
|
15981
16069
|
logger.trace("0u7b90", correlationId);
|
|
15982
|
-
if (Object.keys(accountFilter).length === 0) {
|
|
15983
|
-
logger.warning("1kz0cu", correlationId);
|
|
15984
|
-
return null;
|
|
15985
|
-
}
|
|
15986
16070
|
const account = browserStorage.getAccountInfoFilteredBy(accountFilter, correlationId);
|
|
15987
16071
|
if (account) {
|
|
15988
16072
|
logger.verbose("0btgll", correlationId);
|
|
@@ -16756,6 +16840,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16756
16840
|
correlationId: this.correlationId,
|
|
16757
16841
|
state: response.state,
|
|
16758
16842
|
fromPlatformBroker: true,
|
|
16843
|
+
...(request.resource && { resource: request.resource }),
|
|
16759
16844
|
};
|
|
16760
16845
|
return result;
|
|
16761
16846
|
}
|
|
@@ -16997,6 +17082,62 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16997
17082
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
16998
17083
|
* Licensed under the MIT License.
|
|
16999
17084
|
*/
|
|
17085
|
+
const clientDataAccountTypeMapping = new Map([
|
|
17086
|
+
["e", "AAD"],
|
|
17087
|
+
["m", "MSA"],
|
|
17088
|
+
]);
|
|
17089
|
+
/**
|
|
17090
|
+
* Parses the clientdata response parameter from the /authorize endpoint.
|
|
17091
|
+
*
|
|
17092
|
+
* Logically, the clientdata value is URL-encoded and pipe-delimited:
|
|
17093
|
+
* urlencoded(account_type | error | sub_error | cloud_instance | caller_data_boundary)
|
|
17094
|
+
*
|
|
17095
|
+
* In normal browser flows, this value may already have been URL-decoded
|
|
17096
|
+
* (e.g. by URLSearchParams). This function will only apply decodeURIComponent
|
|
17097
|
+
* when the string appears to contain percent-encoded sequences to avoid
|
|
17098
|
+
* double-decoding.
|
|
17099
|
+
*
|
|
17100
|
+
* @param clientdata - The raw clientdata string from the authorize response
|
|
17101
|
+
* @returns Parsed ClientData object, or null if the input is empty/invalid
|
|
17102
|
+
*/
|
|
17103
|
+
function parseClientData(clientdata) {
|
|
17104
|
+
if (!clientdata) {
|
|
17105
|
+
return null;
|
|
17106
|
+
}
|
|
17107
|
+
try {
|
|
17108
|
+
// Only decode when the string appears to contain percent-encoded sequences
|
|
17109
|
+
const shouldDecode = /%(?:[0-9A-Fa-f]{2})/.test(clientdata);
|
|
17110
|
+
const decoded = shouldDecode
|
|
17111
|
+
? decodeURIComponent(clientdata)
|
|
17112
|
+
: clientdata;
|
|
17113
|
+
const parts = decoded.split("|");
|
|
17114
|
+
if (parts.length < 5) {
|
|
17115
|
+
return null;
|
|
17116
|
+
}
|
|
17117
|
+
return {
|
|
17118
|
+
accountType: clientDataAccountTypeMapping.get(parts[0]?.trim() || "") || "",
|
|
17119
|
+
error: parts[1]?.trim() || "",
|
|
17120
|
+
subError: parts[2]?.trim() || "",
|
|
17121
|
+
cloudInstance: parts[3]?.trim() || "",
|
|
17122
|
+
callerDataBoundary: parts[4]?.trim() || "",
|
|
17123
|
+
};
|
|
17124
|
+
}
|
|
17125
|
+
catch {
|
|
17126
|
+
return null;
|
|
17127
|
+
}
|
|
17128
|
+
}
|
|
17129
|
+
/**
|
|
17130
|
+
* Instruments account type, error, and suberror from clientdata
|
|
17131
|
+
*/
|
|
17132
|
+
function instrumentClientData(response, correlationId, performanceClient) {
|
|
17133
|
+
const parsed = parseClientData(response.clientdata);
|
|
17134
|
+
parsed?.accountType &&
|
|
17135
|
+
performanceClient.addFields({ accountType: parsed.accountType }, correlationId);
|
|
17136
|
+
parsed?.error &&
|
|
17137
|
+
performanceClient.addFields({ serverErrorNo: parsed.error }, correlationId);
|
|
17138
|
+
parsed?.subError &&
|
|
17139
|
+
performanceClient.addFields({ serverSubErrorNo: parsed.subError }, correlationId);
|
|
17140
|
+
}
|
|
17000
17141
|
/**
|
|
17001
17142
|
* Returns map of parameters that are applicable to all calls to /authorize whether using PKCE or EAR
|
|
17002
17143
|
* @param config
|
|
@@ -17166,6 +17307,8 @@ async function handleResponsePlatformBroker(request, accountId, apiId, config, b
|
|
|
17166
17307
|
async function handleResponseCode(request, response, codeVerifier, apiId, config, authClient, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
|
|
17167
17308
|
// Remove throttle if it exists
|
|
17168
17309
|
ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
|
|
17310
|
+
// Instrument clientdata telemetry fields from the authorize response
|
|
17311
|
+
instrumentClientData(response, request.correlationId, performanceClient);
|
|
17169
17312
|
if (response.accountId) {
|
|
17170
17313
|
return invokeAsync(handleResponsePlatformBroker, HandleResponsePlatformBroker, logger, performanceClient, request.correlationId)(request, response.accountId, apiId, config, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider);
|
|
17171
17314
|
}
|
|
@@ -17198,6 +17341,8 @@ async function handleResponseCode(request, response, codeVerifier, apiId, config
|
|
|
17198
17341
|
async function handleResponseEAR(request, response, apiId, config, authority, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
|
|
17199
17342
|
// Remove throttle if it exists
|
|
17200
17343
|
ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
|
|
17344
|
+
// Instrument clientdata telemetry fields from the authorize response
|
|
17345
|
+
instrumentClientData(response, request.correlationId, performanceClient);
|
|
17201
17346
|
// Validate state & check response for errors
|
|
17202
17347
|
validateAuthorizationResponse(response, request.state);
|
|
17203
17348
|
if (!response.ear_jwe) {
|
|
@@ -17484,6 +17629,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
17484
17629
|
tenant: "",
|
|
17485
17630
|
},
|
|
17486
17631
|
instanceAware: false,
|
|
17632
|
+
isMcp: false,
|
|
17487
17633
|
};
|
|
17488
17634
|
// Default cache options for browser
|
|
17489
17635
|
const DEFAULT_CACHE_OPTIONS = {
|
|
@@ -17876,14 +18022,17 @@ class PlatformAuthDOMHandler {
|
|
|
17876
18022
|
initializePlatformDOMRequest(request) {
|
|
17877
18023
|
this.logger.trace("15d6yv", request.correlationId);
|
|
17878
18024
|
const { accountId, clientId, authority, scope, redirectUri, correlationId, state, storeInCache, embeddedClientId, extraParameters, ...remainingProperties } = request;
|
|
17879
|
-
const validExtraParameters = this.getDOMExtraParams(remainingProperties);
|
|
18025
|
+
const validExtraParameters = this.getDOMExtraParams(remainingProperties, correlationId);
|
|
17880
18026
|
const platformDOMRequest = {
|
|
17881
18027
|
accountId: accountId,
|
|
17882
18028
|
brokerId: this.getExtensionId(),
|
|
17883
18029
|
authority: authority,
|
|
17884
18030
|
clientId: clientId,
|
|
17885
18031
|
correlationId: correlationId || this.correlationId,
|
|
17886
|
-
extraParameters: {
|
|
18032
|
+
extraParameters: {
|
|
18033
|
+
...extraParameters,
|
|
18034
|
+
...validExtraParameters,
|
|
18035
|
+
},
|
|
17887
18036
|
isSecurityTokenService: false,
|
|
17888
18037
|
redirectUri: redirectUri,
|
|
17889
18038
|
scope: scope,
|
|
@@ -17937,15 +18086,27 @@ class PlatformAuthDOMHandler {
|
|
|
17937
18086
|
};
|
|
17938
18087
|
return nativeResponse;
|
|
17939
18088
|
}
|
|
17940
|
-
getDOMExtraParams(extraParameters) {
|
|
17941
|
-
|
|
17942
|
-
|
|
17943
|
-
|
|
17944
|
-
|
|
17945
|
-
|
|
17946
|
-
|
|
17947
|
-
|
|
17948
|
-
|
|
18089
|
+
getDOMExtraParams(extraParameters, correlationId) {
|
|
18090
|
+
try {
|
|
18091
|
+
const stringifiedProperties = {};
|
|
18092
|
+
for (const [key, value] of Object.entries(extraParameters)) {
|
|
18093
|
+
if (!value) {
|
|
18094
|
+
continue;
|
|
18095
|
+
}
|
|
18096
|
+
if (typeof value === "object") {
|
|
18097
|
+
stringifiedProperties[key] = JSON.stringify(value);
|
|
18098
|
+
}
|
|
18099
|
+
else {
|
|
18100
|
+
stringifiedProperties[key] = String(value);
|
|
18101
|
+
}
|
|
18102
|
+
}
|
|
18103
|
+
return stringifiedProperties;
|
|
18104
|
+
}
|
|
18105
|
+
catch (e) {
|
|
18106
|
+
this.logger.error("0eu9o3", correlationId);
|
|
18107
|
+
this.logger.errorPii("17rpl5", correlationId);
|
|
18108
|
+
return {};
|
|
18109
|
+
}
|
|
17949
18110
|
}
|
|
17950
18111
|
}
|
|
17951
18112
|
|
|
@@ -18171,7 +18332,7 @@ class PopupClient extends StandardInteractionClient {
|
|
|
18171
18332
|
const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
|
|
18172
18333
|
this.eventHandler.emitEvent(EventType.POPUP_OPENED, correlationId, InteractionType.Popup, { popupWindow }, null);
|
|
18173
18334
|
// Wait for the redirect bridge response
|
|
18174
|
-
const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
18335
|
+
const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
18175
18336
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
18176
18337
|
return await invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
18177
18338
|
}
|
|
@@ -18206,7 +18367,7 @@ class PopupClient extends StandardInteractionClient {
|
|
|
18206
18367
|
const form = await getEARForm(popupWindow.document, this.config, discoveredAuthority, popupRequest, this.logger, this.performanceClient);
|
|
18207
18368
|
form.submit();
|
|
18208
18369
|
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
18209
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest);
|
|
18370
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest, this.performanceClient);
|
|
18210
18371
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
18211
18372
|
if (!serverParams.ear_jwe && serverParams.code) {
|
|
18212
18373
|
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, correlationId)({
|
|
@@ -18231,7 +18392,7 @@ class PopupClient extends StandardInteractionClient {
|
|
|
18231
18392
|
const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
18232
18393
|
form.submit();
|
|
18233
18394
|
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
18234
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
18395
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
18235
18396
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
18236
18397
|
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
18237
18398
|
}
|
|
@@ -18284,7 +18445,7 @@ class PopupClient extends StandardInteractionClient {
|
|
|
18284
18445
|
// Open the popup window to requestUrl.
|
|
18285
18446
|
const popupWindow = this.openPopup(logoutUri, popupParams);
|
|
18286
18447
|
this.eventHandler.emitEvent(EventType.POPUP_OPENED, validRequest.correlationId, InteractionType.Popup, { popupWindow }, null);
|
|
18287
|
-
await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest).catch(() => {
|
|
18448
|
+
await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest, this.performanceClient).catch(() => {
|
|
18288
18449
|
// Swallow any errors related to monitoring the window. Server logout is best effort
|
|
18289
18450
|
});
|
|
18290
18451
|
if (mainWindowRedirectUri) {
|
|
@@ -19032,7 +19193,7 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
19032
19193
|
};
|
|
19033
19194
|
await invokeAsync(initiateEarRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, discoveredAuthority, silentRequest, this.logger, this.performanceClient);
|
|
19034
19195
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
19035
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
19196
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
19036
19197
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
19037
19198
|
if (!serverParams.ear_jwe && serverParams.code) {
|
|
19038
19199
|
// If server doesn't support EAR, they may fallback to auth code flow instead
|
|
@@ -19081,7 +19242,7 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
19081
19242
|
}
|
|
19082
19243
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
19083
19244
|
// Wait for response from the redirect bridge.
|
|
19084
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
19245
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
19085
19246
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
19086
19247
|
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceCodes.verifier, this.apiId, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
19087
19248
|
}
|
|
@@ -19234,6 +19395,10 @@ class SilentAuthCodeClient extends StandardInteractionClient {
|
|
|
19234
19395
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
19235
19396
|
* Licensed under the MIT License.
|
|
19236
19397
|
*/
|
|
19398
|
+
/**
|
|
19399
|
+
* Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
|
|
19400
|
+
* @returns Network connection information, or an empty object if not available.
|
|
19401
|
+
*/
|
|
19237
19402
|
function collectInstanceStats(currentClientId, performanceEvent, logger, correlationId) {
|
|
19238
19403
|
const frameInstances =
|
|
19239
19404
|
// @ts-ignore
|
|
@@ -19253,12 +19418,13 @@ function collectInstanceStats(currentClientId, performanceEvent, logger, correla
|
|
|
19253
19418
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
19254
19419
|
* Licensed under the MIT License.
|
|
19255
19420
|
*/
|
|
19256
|
-
function preflightCheck(initialized, performanceEvent,
|
|
19421
|
+
function preflightCheck(initialized, performanceEvent, config, request) {
|
|
19257
19422
|
try {
|
|
19258
19423
|
preflightCheck$1(initialized);
|
|
19424
|
+
enforceResourceParameter(config.auth.isMcp, request);
|
|
19259
19425
|
}
|
|
19260
19426
|
catch (e) {
|
|
19261
|
-
performanceEvent.end({ success: false }, e, account);
|
|
19427
|
+
performanceEvent.end({ success: false }, e, request.account);
|
|
19262
19428
|
throw e;
|
|
19263
19429
|
}
|
|
19264
19430
|
}
|
|
@@ -19359,6 +19525,7 @@ class StandardController {
|
|
|
19359
19525
|
this.eventHandler.emitEvent(EventType.INITIALIZE_START, correlationId);
|
|
19360
19526
|
// Broker applications are initialized twice, so we avoid double-counting it
|
|
19361
19527
|
this.logMultipleInstances(initMeasurement, correlationId);
|
|
19528
|
+
initMeasurement.add({ isMcp: this.config.auth.isMcp });
|
|
19362
19529
|
await invokeAsync(this.browserStorage.initialize.bind(this.browserStorage), InitializeCache, this.logger, this.performanceClient, correlationId)(correlationId);
|
|
19363
19530
|
if (allowPlatformBroker) {
|
|
19364
19531
|
try {
|
|
@@ -19536,6 +19703,7 @@ class StandardController {
|
|
|
19536
19703
|
};
|
|
19537
19704
|
try {
|
|
19538
19705
|
redirectPreflightCheck(this.initialized, this.config);
|
|
19706
|
+
enforceResourceParameter(this.config.auth.isMcp, request);
|
|
19539
19707
|
this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN);
|
|
19540
19708
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, InteractionType.Redirect, request);
|
|
19541
19709
|
let result;
|
|
@@ -19600,7 +19768,7 @@ class StandardController {
|
|
|
19600
19768
|
});
|
|
19601
19769
|
try {
|
|
19602
19770
|
this.logger.verbose("0ch87b", correlationId);
|
|
19603
|
-
preflightCheck(this.initialized, atPopupMeasurement, request
|
|
19771
|
+
preflightCheck(this.initialized, atPopupMeasurement, this.config, request);
|
|
19604
19772
|
this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN, request.overrideInteractionInProgress, correlationId);
|
|
19605
19773
|
}
|
|
19606
19774
|
catch (e) {
|
|
@@ -19714,7 +19882,7 @@ class StandardController {
|
|
|
19714
19882
|
this.ssoSilentMeasurement?.add({
|
|
19715
19883
|
scenarioId: request.scenarioId,
|
|
19716
19884
|
});
|
|
19717
|
-
preflightCheck(this.initialized, this.ssoSilentMeasurement,
|
|
19885
|
+
preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
|
|
19718
19886
|
this.ssoSilentMeasurement?.increment({
|
|
19719
19887
|
visibilityChangeCount: 0,
|
|
19720
19888
|
});
|
|
@@ -19778,7 +19946,7 @@ class StandardController {
|
|
|
19778
19946
|
const correlationId = this.getRequestCorrelationId(request);
|
|
19779
19947
|
this.logger.trace("0ch6ga", correlationId);
|
|
19780
19948
|
const atbcMeasurement = this.performanceClient.startMeasurement(AcquireTokenByCode, correlationId);
|
|
19781
|
-
preflightCheck(this.initialized, atbcMeasurement);
|
|
19949
|
+
preflightCheck(this.initialized, atbcMeasurement, this.config, request);
|
|
19782
19950
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, InteractionType.Silent, request);
|
|
19783
19951
|
atbcMeasurement.add({ scenarioId: request.scenarioId });
|
|
19784
19952
|
try {
|
|
@@ -20280,7 +20448,7 @@ class StandardController {
|
|
|
20280
20448
|
cacheLookupPolicy: request.cacheLookupPolicy,
|
|
20281
20449
|
scenarioId: request.scenarioId,
|
|
20282
20450
|
});
|
|
20283
|
-
preflightCheck(this.initialized, atsMeasurement, request
|
|
20451
|
+
preflightCheck(this.initialized, atsMeasurement, this.config, request);
|
|
20284
20452
|
this.logger.verbose("0x1c4s", correlationId);
|
|
20285
20453
|
const account = request.account || this.getActiveAccount();
|
|
20286
20454
|
if (!account) {
|