@azure/msal-browser 5.4.0 → 5.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/cache/AccountManager.d.ts.map +1 -1
- package/dist/cache/AccountManager.mjs +1 -5
- package/dist/cache/AccountManager.mjs.map +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +4 -1
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +4 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +12 -2
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +11 -8
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +27 -12
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/AccountManager.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -5
- package/dist/custom-auth-path/cache/AccountManager.mjs.map +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +4 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +4 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +11 -8
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/index.d.ts +1 -1
- package/dist/custom-auth-path/index.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +5 -5
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +6 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +19 -7
- package/dist/custom-auth-path/naa/TokenRequest.d.ts +1 -0
- package/dist/custom-auth-path/naa/TokenRequest.d.ts.map +1 -1
- package/dist/custom-auth-path/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts +33 -0
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +62 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts +2 -2
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +12 -2
- package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +5 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +2 -2
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +5 -5
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +6 -1
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +23 -11
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/TokenRequest.d.ts +1 -0
- package/dist/naa/TokenRequest.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +2 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs.map +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +33 -0
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +62 -2
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/AccountManager.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/config/Configuration.d.ts +4 -0
- package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/index.d.ts +1 -1
- package/dist/redirect-bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/naa/TokenRequest.d.ts +1 -0
- package/dist/redirect-bridge/naa/TokenRequest.d.ts.map +1 -1
- package/dist/redirect-bridge/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/protocol/Authorize.d.ts +33 -0
- package/dist/redirect-bridge/protocol/Authorize.d.ts.map +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts +2 -2
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -1
- package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/redirect-bridge/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +5 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.d.ts +2 -2
- package/dist/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/utils/BrowserUtils.mjs +12 -2
- package/dist/utils/BrowserUtils.mjs.map +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/dist/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +18 -2
- package/dist/utils/MsalFrameStatsUtils.mjs.map +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +19 -7
- package/lib/custom-auth-path/msal-custom-auth.cjs +264 -96
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/AccountManager.d.ts.map +1 -1
- package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +4 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/naa/TokenRequest.d.ts +1 -0
- package/lib/custom-auth-path/types/naa/TokenRequest.d.ts.map +1 -1
- package/lib/custom-auth-path/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts +33 -0
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/custom-auth-path/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/lib/log-strings-mapping.json +23 -11
- package/lib/msal-browser.cjs +302 -100
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +302 -100
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -1
- package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts +1 -0
- package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -1
- package/lib/types/cache/AccountManager.d.ts.map +1 -1
- package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +4 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/index.d.ts +1 -1
- package/lib/types/index.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/naa/TokenRequest.d.ts +1 -0
- package/lib/types/naa/TokenRequest.d.ts.map +1 -1
- package/lib/types/naa/mapping/NestedAppAuthAdapter.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts +33 -0
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/types/utils/MsalFrameStatsUtils.d.ts +10 -0
- package/lib/types/utils/MsalFrameStatsUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +34 -17
- package/src/broker/nativeBroker/PlatformAuthRequest.ts +1 -0
- package/src/cache/AccountManager.ts +0 -5
- package/src/cache/BrowserCacheManager.ts +4 -0
- package/src/config/Configuration.ts +5 -0
- package/src/controllers/NestedAppAuthController.ts +14 -0
- package/src/controllers/StandardController.ts +13 -6
- package/src/index.ts +1 -0
- package/src/interaction_client/PlatformAuthInteractionClient.ts +1 -0
- package/src/interaction_client/PopupClient.ts +8 -4
- package/src/interaction_client/SilentIframeClient.ts +4 -2
- package/src/interaction_client/StandardInteractionClient.ts +11 -0
- package/src/naa/TokenRequest.ts +1 -0
- package/src/naa/mapping/NestedAppAuthAdapter.ts +1 -0
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +100 -0
- package/src/telemetry/BrowserPerformanceClient.ts +4 -0
- package/src/utils/BrowserUtils.ts +24 -1
- package/src/utils/MsalFrameStatsUtils.ts +27 -0
package/lib/msal-browser.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.
|
|
1
|
+
/*! @azure/msal-browser v5.6.0 2026-03-18 */
|
|
2
2
|
'use strict';
|
|
3
3
|
(function (global, factory) {
|
|
4
4
|
typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
(global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
|
|
7
7
|
})(this, (function (exports) { 'use strict';
|
|
8
8
|
|
|
9
|
-
/*! @azure/msal-common v16.
|
|
9
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
10
10
|
/*
|
|
11
11
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
12
12
|
* Licensed under the MIT License.
|
|
@@ -238,7 +238,7 @@
|
|
|
238
238
|
// Token renewal offset default in seconds
|
|
239
239
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
240
240
|
|
|
241
|
-
/*! @azure/msal-common v16.
|
|
241
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
242
242
|
/*
|
|
243
243
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
244
244
|
* Licensed under the MIT License.
|
|
@@ -286,9 +286,11 @@
|
|
|
286
286
|
const BROKER_REDIRECT_URI = "brk_redirect_uri";
|
|
287
287
|
const INSTANCE_AWARE = "instance_aware";
|
|
288
288
|
const EAR_JWK = "ear_jwk";
|
|
289
|
-
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
289
|
+
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
290
|
+
const RESOURCE = "resource";
|
|
291
|
+
const CLI_DATA = "clidata";
|
|
290
292
|
|
|
291
|
-
/*! @azure/msal-common v16.
|
|
293
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
292
294
|
/*
|
|
293
295
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
294
296
|
* Licensed under the MIT License.
|
|
@@ -319,7 +321,7 @@
|
|
|
319
321
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
320
322
|
}
|
|
321
323
|
|
|
322
|
-
/*! @azure/msal-common v16.
|
|
324
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
323
325
|
|
|
324
326
|
/*
|
|
325
327
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -339,7 +341,7 @@
|
|
|
339
341
|
return new ClientConfigurationError(errorCode);
|
|
340
342
|
}
|
|
341
343
|
|
|
342
|
-
/*! @azure/msal-common v16.
|
|
344
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
343
345
|
/*
|
|
344
346
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
345
347
|
* Licensed under the MIT License.
|
|
@@ -419,7 +421,7 @@
|
|
|
419
421
|
}
|
|
420
422
|
}
|
|
421
423
|
|
|
422
|
-
/*! @azure/msal-common v16.
|
|
424
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
423
425
|
|
|
424
426
|
/*
|
|
425
427
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -442,7 +444,7 @@
|
|
|
442
444
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
443
445
|
}
|
|
444
446
|
|
|
445
|
-
/*! @azure/msal-common v16.
|
|
447
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
446
448
|
/*
|
|
447
449
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
448
450
|
* Licensed under the MIT License.
|
|
@@ -496,7 +498,7 @@
|
|
|
496
498
|
urlParseError: urlParseError
|
|
497
499
|
});
|
|
498
500
|
|
|
499
|
-
/*! @azure/msal-common v16.
|
|
501
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
500
502
|
/*
|
|
501
503
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
502
504
|
* Licensed under the MIT License.
|
|
@@ -537,7 +539,9 @@
|
|
|
537
539
|
const userCanceled = "user_canceled";
|
|
538
540
|
const methodNotImplemented = "method_not_implemented";
|
|
539
541
|
const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
|
|
540
|
-
const platformBrokerError = "platform_broker_error";
|
|
542
|
+
const platformBrokerError = "platform_broker_error";
|
|
543
|
+
const resourceParameterRequired = "resource_parameter_required";
|
|
544
|
+
const misplacedResourceParam = "misplaced_resource_parameter";
|
|
541
545
|
|
|
542
546
|
var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
543
547
|
__proto__: null,
|
|
@@ -558,6 +562,7 @@
|
|
|
558
562
|
keyIdMissing: keyIdMissing,
|
|
559
563
|
maxAgeTranspired: maxAgeTranspired,
|
|
560
564
|
methodNotImplemented: methodNotImplemented,
|
|
565
|
+
misplacedResourceParam: misplacedResourceParam,
|
|
561
566
|
multipleMatchingAppMetadata: multipleMatchingAppMetadata,
|
|
562
567
|
multipleMatchingTokens: multipleMatchingTokens,
|
|
563
568
|
nestedAppAuthBridgeDisabled: nestedAppAuthBridgeDisabled,
|
|
@@ -571,6 +576,7 @@
|
|
|
571
576
|
openIdConfigError: openIdConfigError,
|
|
572
577
|
platformBrokerError: platformBrokerError,
|
|
573
578
|
requestCannotBeMade: requestCannotBeMade,
|
|
579
|
+
resourceParameterRequired: resourceParameterRequired,
|
|
574
580
|
stateMismatch: stateMismatch,
|
|
575
581
|
stateNotFound: stateNotFound,
|
|
576
582
|
tokenClaimsCnfRequiredForSignedJwt: tokenClaimsCnfRequiredForSignedJwt,
|
|
@@ -580,7 +586,7 @@
|
|
|
580
586
|
userCanceled: userCanceled
|
|
581
587
|
});
|
|
582
588
|
|
|
583
|
-
/*! @azure/msal-common v16.
|
|
589
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
584
590
|
|
|
585
591
|
/*
|
|
586
592
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -775,7 +781,7 @@
|
|
|
775
781
|
}
|
|
776
782
|
}
|
|
777
783
|
|
|
778
|
-
/*! @azure/msal-common v16.
|
|
784
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
779
785
|
|
|
780
786
|
/*
|
|
781
787
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1041,6 +1047,12 @@
|
|
|
1041
1047
|
function addClientInfo(parameters) {
|
|
1042
1048
|
parameters.set(CLIENT_INFO, "1");
|
|
1043
1049
|
}
|
|
1050
|
+
/**
|
|
1051
|
+
* add clidata=1 to request to indicate client data support
|
|
1052
|
+
*/
|
|
1053
|
+
function addCliData(parameters) {
|
|
1054
|
+
parameters.set(CLI_DATA, "1");
|
|
1055
|
+
}
|
|
1044
1056
|
function addInstanceAware(parameters) {
|
|
1045
1057
|
if (!parameters.has(INSTANCE_AWARE)) {
|
|
1046
1058
|
parameters.set(INSTANCE_AWARE, "true");
|
|
@@ -1140,9 +1152,14 @@
|
|
|
1140
1152
|
// ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
|
|
1141
1153
|
const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
|
|
1142
1154
|
parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
1155
|
+
}
|
|
1156
|
+
function addResource(parameters, resource) {
|
|
1157
|
+
if (resource) {
|
|
1158
|
+
parameters.set(RESOURCE, resource);
|
|
1159
|
+
}
|
|
1143
1160
|
}
|
|
1144
1161
|
|
|
1145
|
-
/*! @azure/msal-common v16.
|
|
1162
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1146
1163
|
|
|
1147
1164
|
/*
|
|
1148
1165
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1251,7 +1268,7 @@
|
|
|
1251
1268
|
}
|
|
1252
1269
|
}
|
|
1253
1270
|
|
|
1254
|
-
/*! @azure/msal-common v16.
|
|
1271
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1255
1272
|
|
|
1256
1273
|
/*
|
|
1257
1274
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1290,7 +1307,7 @@
|
|
|
1290
1307
|
},
|
|
1291
1308
|
};
|
|
1292
1309
|
|
|
1293
|
-
/*! @azure/msal-common v16.
|
|
1310
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1294
1311
|
/*
|
|
1295
1312
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1296
1313
|
* Licensed under the MIT License.
|
|
@@ -1565,12 +1582,12 @@
|
|
|
1565
1582
|
}
|
|
1566
1583
|
}
|
|
1567
1584
|
|
|
1568
|
-
/*! @azure/msal-common v16.
|
|
1585
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1569
1586
|
/* eslint-disable header/header */
|
|
1570
1587
|
const name$1 = "@azure/msal-common";
|
|
1571
|
-
const version$1 = "16.
|
|
1588
|
+
const version$1 = "16.4.0";
|
|
1572
1589
|
|
|
1573
|
-
/*! @azure/msal-common v16.
|
|
1590
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1574
1591
|
/*
|
|
1575
1592
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1576
1593
|
* Licensed under the MIT License.
|
|
@@ -1590,7 +1607,7 @@
|
|
|
1590
1607
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
1591
1608
|
};
|
|
1592
1609
|
|
|
1593
|
-
/*! @azure/msal-common v16.
|
|
1610
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1594
1611
|
/*
|
|
1595
1612
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1596
1613
|
* Licensed under the MIT License.
|
|
@@ -1672,7 +1689,7 @@
|
|
|
1672
1689
|
return updatedAccountInfo;
|
|
1673
1690
|
}
|
|
1674
1691
|
|
|
1675
|
-
/*! @azure/msal-common v16.
|
|
1692
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1676
1693
|
|
|
1677
1694
|
/*
|
|
1678
1695
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1752,7 +1769,7 @@
|
|
|
1752
1769
|
}
|
|
1753
1770
|
}
|
|
1754
1771
|
|
|
1755
|
-
/*! @azure/msal-common v16.
|
|
1772
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1756
1773
|
|
|
1757
1774
|
/*
|
|
1758
1775
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1909,7 +1926,7 @@
|
|
|
1909
1926
|
}
|
|
1910
1927
|
}
|
|
1911
1928
|
|
|
1912
|
-
/*! @azure/msal-common v16.
|
|
1929
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
1913
1930
|
|
|
1914
1931
|
/*
|
|
1915
1932
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2066,7 +2083,7 @@
|
|
|
2066
2083
|
return null;
|
|
2067
2084
|
}
|
|
2068
2085
|
|
|
2069
|
-
/*! @azure/msal-common v16.
|
|
2086
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2070
2087
|
/*
|
|
2071
2088
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2072
2089
|
* Licensed under the MIT License.
|
|
@@ -2074,7 +2091,7 @@
|
|
|
2074
2091
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2075
2092
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2076
2093
|
|
|
2077
|
-
/*! @azure/msal-common v16.
|
|
2094
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2078
2095
|
|
|
2079
2096
|
/*
|
|
2080
2097
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2112,7 +2129,7 @@
|
|
|
2112
2129
|
}
|
|
2113
2130
|
}
|
|
2114
2131
|
|
|
2115
|
-
/*! @azure/msal-common v16.
|
|
2132
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2116
2133
|
|
|
2117
2134
|
/*
|
|
2118
2135
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2150,7 +2167,7 @@
|
|
|
2150
2167
|
};
|
|
2151
2168
|
}
|
|
2152
2169
|
|
|
2153
|
-
/*! @azure/msal-common v16.
|
|
2170
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2154
2171
|
/*
|
|
2155
2172
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2156
2173
|
* Licensed under the MIT License.
|
|
@@ -2165,7 +2182,7 @@
|
|
|
2165
2182
|
Ciam: 3,
|
|
2166
2183
|
};
|
|
2167
2184
|
|
|
2168
|
-
/*! @azure/msal-common v16.
|
|
2185
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2169
2186
|
/*
|
|
2170
2187
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2171
2188
|
* Licensed under the MIT License.
|
|
@@ -2187,7 +2204,7 @@
|
|
|
2187
2204
|
return null;
|
|
2188
2205
|
}
|
|
2189
2206
|
|
|
2190
|
-
/*! @azure/msal-common v16.
|
|
2207
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2191
2208
|
/*
|
|
2192
2209
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2193
2210
|
* Licensed under the MIT License.
|
|
@@ -2211,7 +2228,7 @@
|
|
|
2211
2228
|
EAR: "EAR",
|
|
2212
2229
|
};
|
|
2213
2230
|
|
|
2214
|
-
/*! @azure/msal-common v16.
|
|
2231
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2215
2232
|
/**
|
|
2216
2233
|
* Returns the AccountInfo interface for this account.
|
|
2217
2234
|
*/
|
|
@@ -2386,7 +2403,7 @@
|
|
|
2386
2403
|
entity.hasOwnProperty("authorityType"));
|
|
2387
2404
|
}
|
|
2388
2405
|
|
|
2389
|
-
/*! @azure/msal-common v16.
|
|
2406
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
2390
2407
|
|
|
2391
2408
|
/*
|
|
2392
2409
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2416,6 +2433,11 @@
|
|
|
2416
2433
|
* Gets first tenanted AccountInfo object found based on provided filters
|
|
2417
2434
|
*/
|
|
2418
2435
|
getAccountInfoFilteredBy(accountFilter, correlationId) {
|
|
2436
|
+
if (Object.keys(accountFilter).length === 0 ||
|
|
2437
|
+
Object.values(accountFilter).every((value) => value === null || value === undefined || value === "")) {
|
|
2438
|
+
this.commonLogger.warning("1skb02", correlationId);
|
|
2439
|
+
return null;
|
|
2440
|
+
}
|
|
2419
2441
|
const allAccounts = this.getAllAccounts(accountFilter, correlationId);
|
|
2420
2442
|
if (allAccounts.length > 1) {
|
|
2421
2443
|
// If one or more accounts are found, prioritize accounts that have an ID token
|
|
@@ -3483,7 +3505,7 @@
|
|
|
3483
3505
|
}
|
|
3484
3506
|
}
|
|
3485
3507
|
|
|
3486
|
-
/*! @azure/msal-common v16.
|
|
3508
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3487
3509
|
/*
|
|
3488
3510
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3489
3511
|
* Licensed under the MIT License.
|
|
@@ -3528,9 +3550,12 @@
|
|
|
3528
3550
|
"currRefreshCount",
|
|
3529
3551
|
"expiredCacheRemovedCount",
|
|
3530
3552
|
"upgradedCacheCount",
|
|
3553
|
+
"networkRtt",
|
|
3554
|
+
"redirectBridgeTimeoutMs",
|
|
3555
|
+
"redirectBridgeMessageVersion",
|
|
3531
3556
|
]);
|
|
3532
3557
|
|
|
3533
|
-
/*! @azure/msal-common v16.
|
|
3558
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3534
3559
|
|
|
3535
3560
|
/*
|
|
3536
3561
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3585,7 +3610,7 @@
|
|
|
3585
3610
|
}
|
|
3586
3611
|
}
|
|
3587
3612
|
|
|
3588
|
-
/*! @azure/msal-common v16.
|
|
3613
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3589
3614
|
|
|
3590
3615
|
/*
|
|
3591
3616
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3668,6 +3693,7 @@
|
|
|
3668
3693
|
clientCapabilities: [],
|
|
3669
3694
|
azureCloudOptions: DEFAULT_AZURE_CLOUD_OPTIONS,
|
|
3670
3695
|
instanceAware: false,
|
|
3696
|
+
isMcp: false,
|
|
3671
3697
|
...authOptions,
|
|
3672
3698
|
};
|
|
3673
3699
|
}
|
|
@@ -3679,7 +3705,7 @@
|
|
|
3679
3705
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3680
3706
|
}
|
|
3681
3707
|
|
|
3682
|
-
/*! @azure/msal-common v16.
|
|
3708
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3683
3709
|
|
|
3684
3710
|
/*
|
|
3685
3711
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3698,7 +3724,7 @@
|
|
|
3698
3724
|
}
|
|
3699
3725
|
}
|
|
3700
3726
|
|
|
3701
|
-
/*! @azure/msal-common v16.
|
|
3727
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3702
3728
|
/*
|
|
3703
3729
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3704
3730
|
* Licensed under the MIT License.
|
|
@@ -3762,7 +3788,7 @@
|
|
|
3762
3788
|
uxNotAllowed: uxNotAllowed
|
|
3763
3789
|
});
|
|
3764
3790
|
|
|
3765
|
-
/*! @azure/msal-common v16.
|
|
3791
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3766
3792
|
|
|
3767
3793
|
/*
|
|
3768
3794
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3830,7 +3856,7 @@
|
|
|
3830
3856
|
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
3831
3857
|
}
|
|
3832
3858
|
|
|
3833
|
-
/*! @azure/msal-common v16.
|
|
3859
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3834
3860
|
|
|
3835
3861
|
/*
|
|
3836
3862
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3898,7 +3924,7 @@
|
|
|
3898
3924
|
}
|
|
3899
3925
|
}
|
|
3900
3926
|
|
|
3901
|
-
/*! @azure/msal-common v16.
|
|
3927
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3902
3928
|
/*
|
|
3903
3929
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3904
3930
|
* Licensed under the MIT License.
|
|
@@ -3963,7 +3989,7 @@
|
|
|
3963
3989
|
return cachedAtSec > nowSeconds();
|
|
3964
3990
|
}
|
|
3965
3991
|
|
|
3966
|
-
/*! @azure/msal-common v16.
|
|
3992
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
3967
3993
|
/*
|
|
3968
3994
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3969
3995
|
* Licensed under the MIT License.
|
|
@@ -4034,7 +4060,7 @@
|
|
|
4034
4060
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
4035
4061
|
const SetUserData = "setUserData";
|
|
4036
4062
|
|
|
4037
|
-
/*! @azure/msal-common v16.
|
|
4063
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4038
4064
|
/*
|
|
4039
4065
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4040
4066
|
* Licensed under the MIT License.
|
|
@@ -4127,7 +4153,7 @@
|
|
|
4127
4153
|
};
|
|
4128
4154
|
};
|
|
4129
4155
|
|
|
4130
|
-
/*! @azure/msal-common v16.
|
|
4156
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4131
4157
|
|
|
4132
4158
|
/*
|
|
4133
4159
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4207,7 +4233,7 @@
|
|
|
4207
4233
|
}
|
|
4208
4234
|
}
|
|
4209
4235
|
|
|
4210
|
-
/*! @azure/msal-common v16.
|
|
4236
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4211
4237
|
/*
|
|
4212
4238
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4213
4239
|
* Licensed under the MIT License.
|
|
@@ -4234,7 +4260,7 @@
|
|
|
4234
4260
|
}
|
|
4235
4261
|
}
|
|
4236
4262
|
|
|
4237
|
-
/*! @azure/msal-common v16.
|
|
4263
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4238
4264
|
|
|
4239
4265
|
/*
|
|
4240
4266
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4493,7 +4519,7 @@
|
|
|
4493
4519
|
return metadata.expiresAt <= nowSeconds();
|
|
4494
4520
|
}
|
|
4495
4521
|
|
|
4496
|
-
/*! @azure/msal-common v16.
|
|
4522
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4497
4523
|
|
|
4498
4524
|
/*
|
|
4499
4525
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4678,6 +4704,11 @@
|
|
|
4678
4704
|
: undefined;
|
|
4679
4705
|
// non AAD scenarios can have empty realm
|
|
4680
4706
|
cachedAccessToken = createAccessTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.access_token, this.clientId, claimsTenantId || authority.tenant || "", responseScopes.printScopes(), tokenExpirationSeconds, extendedTokenExpirationSeconds, this.cryptoObj.base64Decode, refreshOnSeconds, serverTokenResponse.token_type, userAssertionHash, serverTokenResponse.key_id);
|
|
4707
|
+
// Set resource (to be used for MCP scenarios)
|
|
4708
|
+
const resource = request.resource || null;
|
|
4709
|
+
if (resource) {
|
|
4710
|
+
cachedAccessToken.resource = resource;
|
|
4711
|
+
}
|
|
4681
4712
|
}
|
|
4682
4713
|
// refreshToken
|
|
4683
4714
|
let cachedRefreshToken = null;
|
|
@@ -4829,7 +4860,7 @@
|
|
|
4829
4860
|
return baseAccount;
|
|
4830
4861
|
}
|
|
4831
4862
|
|
|
4832
|
-
/*! @azure/msal-common v16.
|
|
4863
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4833
4864
|
/*
|
|
4834
4865
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4835
4866
|
* Licensed under the MIT License.
|
|
@@ -4839,7 +4870,7 @@
|
|
|
4839
4870
|
UPN: "UPN",
|
|
4840
4871
|
};
|
|
4841
4872
|
|
|
4842
|
-
/*! @azure/msal-common v16.
|
|
4873
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4843
4874
|
/*
|
|
4844
4875
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4845
4876
|
* Licensed under the MIT License.
|
|
@@ -4857,7 +4888,7 @@
|
|
|
4857
4888
|
}
|
|
4858
4889
|
}
|
|
4859
4890
|
|
|
4860
|
-
/*! @azure/msal-common v16.
|
|
4891
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4861
4892
|
/*
|
|
4862
4893
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4863
4894
|
* Licensed under the MIT License.
|
|
@@ -4878,7 +4909,7 @@
|
|
|
4878
4909
|
};
|
|
4879
4910
|
}
|
|
4880
4911
|
|
|
4881
|
-
/*! @azure/msal-common v16.
|
|
4912
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4882
4913
|
|
|
4883
4914
|
/*
|
|
4884
4915
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4964,7 +4995,7 @@
|
|
|
4964
4995
|
}
|
|
4965
4996
|
}
|
|
4966
4997
|
|
|
4967
|
-
/*! @azure/msal-common v16.
|
|
4998
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4968
4999
|
|
|
4969
5000
|
/*
|
|
4970
5001
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4995,7 +5026,7 @@
|
|
|
4995
5026
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
4996
5027
|
}
|
|
4997
5028
|
|
|
4998
|
-
/*! @azure/msal-common v16.
|
|
5029
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
4999
5030
|
|
|
5000
5031
|
/*
|
|
5001
5032
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5109,7 +5140,7 @@
|
|
|
5109
5140
|
return response;
|
|
5110
5141
|
}
|
|
5111
5142
|
|
|
5112
|
-
/*! @azure/msal-common v16.
|
|
5143
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
5113
5144
|
/*
|
|
5114
5145
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5115
5146
|
* Licensed under the MIT License.
|
|
@@ -5121,7 +5152,7 @@
|
|
|
5121
5152
|
response.hasOwnProperty("jwks_uri"));
|
|
5122
5153
|
}
|
|
5123
5154
|
|
|
5124
|
-
/*! @azure/msal-common v16.
|
|
5155
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
5125
5156
|
/*
|
|
5126
5157
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5127
5158
|
* Licensed under the MIT License.
|
|
@@ -5131,7 +5162,7 @@
|
|
|
5131
5162
|
response.hasOwnProperty("metadata"));
|
|
5132
5163
|
}
|
|
5133
5164
|
|
|
5134
|
-
/*! @azure/msal-common v16.
|
|
5165
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
5135
5166
|
/*
|
|
5136
5167
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5137
5168
|
* Licensed under the MIT License.
|
|
@@ -5141,7 +5172,7 @@
|
|
|
5141
5172
|
response.hasOwnProperty("error_description"));
|
|
5142
5173
|
}
|
|
5143
5174
|
|
|
5144
|
-
/*! @azure/msal-common v16.
|
|
5175
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
5145
5176
|
|
|
5146
5177
|
/*
|
|
5147
5178
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5246,7 +5277,7 @@
|
|
|
5246
5277
|
},
|
|
5247
5278
|
};
|
|
5248
5279
|
|
|
5249
|
-
/*! @azure/msal-common v16.
|
|
5280
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
5250
5281
|
|
|
5251
5282
|
/*
|
|
5252
5283
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6066,7 +6097,7 @@
|
|
|
6066
6097
|
};
|
|
6067
6098
|
}
|
|
6068
6099
|
|
|
6069
|
-
/*! @azure/msal-common v16.
|
|
6100
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6070
6101
|
|
|
6071
6102
|
/*
|
|
6072
6103
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6100,7 +6131,7 @@
|
|
|
6100
6131
|
}
|
|
6101
6132
|
}
|
|
6102
6133
|
|
|
6103
|
-
/*! @azure/msal-common v16.
|
|
6134
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6104
6135
|
|
|
6105
6136
|
/*
|
|
6106
6137
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6220,6 +6251,7 @@
|
|
|
6220
6251
|
}
|
|
6221
6252
|
// Add scope array, parameter builder will add default scopes and dedupe
|
|
6222
6253
|
addScopes(parameters, request.scopes, true, this.oidcDefaultScopes);
|
|
6254
|
+
addResource(parameters, request.resource);
|
|
6223
6255
|
// add code: user set, not validated
|
|
6224
6256
|
addAuthorizationCode(parameters, request.code);
|
|
6225
6257
|
// Add library metadata
|
|
@@ -6360,7 +6392,7 @@
|
|
|
6360
6392
|
}
|
|
6361
6393
|
}
|
|
6362
6394
|
|
|
6363
|
-
/*! @azure/msal-common v16.
|
|
6395
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6364
6396
|
|
|
6365
6397
|
/*
|
|
6366
6398
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6585,7 +6617,7 @@
|
|
|
6585
6617
|
}
|
|
6586
6618
|
}
|
|
6587
6619
|
|
|
6588
|
-
/*! @azure/msal-common v16.
|
|
6620
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6589
6621
|
|
|
6590
6622
|
/*
|
|
6591
6623
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6641,6 +6673,13 @@
|
|
|
6641
6673
|
this.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED, request.correlationId);
|
|
6642
6674
|
throw createClientAuthError(tokenRefreshRequired);
|
|
6643
6675
|
}
|
|
6676
|
+
else if (request.resource) {
|
|
6677
|
+
// cached access token must have a resource that matches the request resource for MCP scenarios
|
|
6678
|
+
if (cachedAccessToken.resource !== request.resource) {
|
|
6679
|
+
this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
|
|
6680
|
+
throw createClientAuthError(tokenRefreshRequired);
|
|
6681
|
+
}
|
|
6682
|
+
}
|
|
6644
6683
|
else if (cachedAccessToken.refreshOn &&
|
|
6645
6684
|
isTokenExpired(cachedAccessToken.refreshOn, 0)) {
|
|
6646
6685
|
// must refresh (in the background) due to the refresh_in value
|
|
@@ -6694,7 +6733,7 @@
|
|
|
6694
6733
|
}
|
|
6695
6734
|
}
|
|
6696
6735
|
|
|
6697
|
-
/*! @azure/msal-common v16.
|
|
6736
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6698
6737
|
|
|
6699
6738
|
/*
|
|
6700
6739
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6709,7 +6748,7 @@
|
|
|
6709
6748
|
},
|
|
6710
6749
|
};
|
|
6711
6750
|
|
|
6712
|
-
/*! @azure/msal-common v16.
|
|
6751
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6713
6752
|
|
|
6714
6753
|
/*
|
|
6715
6754
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6735,12 +6774,15 @@
|
|
|
6735
6774
|
...(request.extraScopesToConsent || []),
|
|
6736
6775
|
];
|
|
6737
6776
|
addScopes(parameters, requestScopes, true, authOptions.authority.options.OIDCOptions?.defaultScopes);
|
|
6777
|
+
addResource(parameters, request.resource);
|
|
6738
6778
|
addRedirectUri(parameters, request.redirectUri);
|
|
6739
6779
|
addCorrelationId(parameters, correlationId);
|
|
6740
6780
|
// add response_mode. If not passed in it defaults to query.
|
|
6741
6781
|
addResponseMode(parameters, request.responseMode);
|
|
6742
6782
|
// add client_info=1
|
|
6743
6783
|
addClientInfo(parameters);
|
|
6784
|
+
// add clidata=1
|
|
6785
|
+
addCliData(parameters);
|
|
6744
6786
|
if (request.prompt) {
|
|
6745
6787
|
addPrompt(parameters, request.prompt);
|
|
6746
6788
|
performanceClient?.addFields({ prompt: request.prompt }, correlationId);
|
|
@@ -6933,7 +6975,40 @@
|
|
|
6933
6975
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
6934
6976
|
}
|
|
6935
6977
|
|
|
6936
|
-
/*! @azure/msal-common v16.
|
|
6978
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6979
|
+
|
|
6980
|
+
/*
|
|
6981
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6982
|
+
* Licensed under the MIT License.
|
|
6983
|
+
*/
|
|
6984
|
+
/**
|
|
6985
|
+
* Helper to enforce resource parameter presence in token requests when isMcp is set in the configuration.
|
|
6986
|
+
* If resource parameter is set in both the request and in extraQueryParameters or extraParameters, an error will be thrown.
|
|
6987
|
+
* This is used for MCP flows.
|
|
6988
|
+
* @param isMcp - Flag indicating if application is an MCP app, from configuration
|
|
6989
|
+
* @param request - Auth request
|
|
6990
|
+
*/
|
|
6991
|
+
function enforceResourceParameter(isMcp, request) {
|
|
6992
|
+
if (!isMcp) {
|
|
6993
|
+
return;
|
|
6994
|
+
}
|
|
6995
|
+
if (request.resource &&
|
|
6996
|
+
(containsResourceParam(request.extraParameters) ||
|
|
6997
|
+
containsResourceParam(request.extraQueryParameters))) {
|
|
6998
|
+
throw createClientAuthError(misplacedResourceParam);
|
|
6999
|
+
}
|
|
7000
|
+
if (!request.resource) {
|
|
7001
|
+
throw createClientAuthError(resourceParameterRequired);
|
|
7002
|
+
}
|
|
7003
|
+
}
|
|
7004
|
+
function containsResourceParam(params) {
|
|
7005
|
+
if (!params) {
|
|
7006
|
+
return false;
|
|
7007
|
+
}
|
|
7008
|
+
return Object.prototype.hasOwnProperty.call(params, "resource");
|
|
7009
|
+
}
|
|
7010
|
+
|
|
7011
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6937
7012
|
|
|
6938
7013
|
/*
|
|
6939
7014
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6991,7 +7066,7 @@
|
|
|
6991
7066
|
}
|
|
6992
7067
|
}
|
|
6993
7068
|
|
|
6994
|
-
/*! @azure/msal-common v16.
|
|
7069
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
6995
7070
|
/*
|
|
6996
7071
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6997
7072
|
* Licensed under the MIT License.
|
|
@@ -7008,7 +7083,7 @@
|
|
|
7008
7083
|
unexpectedError: unexpectedError
|
|
7009
7084
|
});
|
|
7010
7085
|
|
|
7011
|
-
/*! @azure/msal-common v16.
|
|
7086
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
7012
7087
|
|
|
7013
7088
|
/*
|
|
7014
7089
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7269,7 +7344,7 @@
|
|
|
7269
7344
|
}
|
|
7270
7345
|
}
|
|
7271
7346
|
|
|
7272
|
-
/*! @azure/msal-common v16.
|
|
7347
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
7273
7348
|
|
|
7274
7349
|
/*
|
|
7275
7350
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7290,7 +7365,7 @@
|
|
|
7290
7365
|
return new JoseHeaderError(code);
|
|
7291
7366
|
}
|
|
7292
7367
|
|
|
7293
|
-
/*! @azure/msal-common v16.
|
|
7368
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
7294
7369
|
/*
|
|
7295
7370
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7296
7371
|
* Licensed under the MIT License.
|
|
@@ -7298,7 +7373,7 @@
|
|
|
7298
7373
|
const missingKidError = "missing_kid_error";
|
|
7299
7374
|
const missingAlgError = "missing_alg_error";
|
|
7300
7375
|
|
|
7301
|
-
/*! @azure/msal-common v16.
|
|
7376
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
7302
7377
|
|
|
7303
7378
|
/*
|
|
7304
7379
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7338,7 +7413,7 @@
|
|
|
7338
7413
|
}
|
|
7339
7414
|
}
|
|
7340
7415
|
|
|
7341
|
-
/*! @azure/msal-common v16.
|
|
7416
|
+
/*! @azure/msal-common v16.4.0 2026-03-18 */
|
|
7342
7417
|
|
|
7343
7418
|
/*
|
|
7344
7419
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7434,8 +7509,10 @@
|
|
|
7434
7509
|
else if (error instanceof AuthError) {
|
|
7435
7510
|
event.errorCode = error.errorCode;
|
|
7436
7511
|
event.subErrorCode = error.subError;
|
|
7437
|
-
if (
|
|
7438
|
-
error instanceof
|
|
7512
|
+
if (!event.serverErrorNo &&
|
|
7513
|
+
(error instanceof ServerError ||
|
|
7514
|
+
error instanceof InteractionRequiredAuthError) &&
|
|
7515
|
+
error.errorNo) {
|
|
7439
7516
|
event.serverErrorNo = error.errorNo;
|
|
7440
7517
|
}
|
|
7441
7518
|
return;
|
|
@@ -8772,9 +8849,13 @@
|
|
|
8772
8849
|
activeBridgeMonitor = null;
|
|
8773
8850
|
}
|
|
8774
8851
|
}
|
|
8775
|
-
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request) {
|
|
8852
|
+
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient) {
|
|
8776
8853
|
return new Promise((resolve, reject) => {
|
|
8777
8854
|
logger.verbose("1rf6em", request.correlationId);
|
|
8855
|
+
const correlationId = request.correlationId;
|
|
8856
|
+
performanceClient.addFields({
|
|
8857
|
+
redirectBridgeTimeoutMs: timeoutMs,
|
|
8858
|
+
}, correlationId);
|
|
8778
8859
|
const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
|
|
8779
8860
|
const channel = new BroadcastChannel(libraryState.id);
|
|
8780
8861
|
let responseString = undefined;
|
|
@@ -8792,6 +8873,12 @@
|
|
|
8792
8873
|
};
|
|
8793
8874
|
channel.onmessage = (event) => {
|
|
8794
8875
|
responseString = event.data.payload;
|
|
8876
|
+
const messageVersion = event?.data && typeof event.data.v === "number"
|
|
8877
|
+
? event.data.v
|
|
8878
|
+
: undefined;
|
|
8879
|
+
performanceClient.addFields({
|
|
8880
|
+
redirectBridgeMessageVersion: messageVersion,
|
|
8881
|
+
}, correlationId);
|
|
8795
8882
|
// Clear the active monitor
|
|
8796
8883
|
activeBridgeMonitor = null;
|
|
8797
8884
|
clearTimeout(timeoutId);
|
|
@@ -10211,7 +10298,7 @@
|
|
|
10211
10298
|
|
|
10212
10299
|
/* eslint-disable header/header */
|
|
10213
10300
|
const name = "@azure/msal-browser";
|
|
10214
|
-
const version = "5.
|
|
10301
|
+
const version = "5.6.0";
|
|
10215
10302
|
|
|
10216
10303
|
/*
|
|
10217
10304
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -11526,6 +11613,9 @@
|
|
|
11526
11613
|
: 0, base64Decode, undefined, // refreshOn
|
|
11527
11614
|
result.tokenType, undefined, // userAssertionHash
|
|
11528
11615
|
request.sshKid);
|
|
11616
|
+
if (request.resource) {
|
|
11617
|
+
accessTokenEntity.resource = request.resource;
|
|
11618
|
+
}
|
|
11529
11619
|
const cacheRecord = {
|
|
11530
11620
|
idToken: idTokenEntity,
|
|
11531
11621
|
accessToken: accessTokenEntity,
|
|
@@ -11611,10 +11701,6 @@
|
|
|
11611
11701
|
*/
|
|
11612
11702
|
function getAccount(accountFilter, logger, browserStorage, correlationId) {
|
|
11613
11703
|
logger.trace("0u7b90", correlationId);
|
|
11614
|
-
if (Object.keys(accountFilter).length === 0) {
|
|
11615
|
-
logger.warning("1kz0cu", correlationId);
|
|
11616
|
-
return null;
|
|
11617
|
-
}
|
|
11618
11704
|
const account = browserStorage.getAccountInfoFilteredBy(accountFilter, correlationId);
|
|
11619
11705
|
if (account) {
|
|
11620
11706
|
logger.verbose("0btgll", correlationId);
|
|
@@ -12078,6 +12164,7 @@
|
|
|
12078
12164
|
authority: discoveredAuthority,
|
|
12079
12165
|
clientCapabilities: this.config.auth.clientCapabilities,
|
|
12080
12166
|
redirectUri: this.config.auth.redirectUri,
|
|
12167
|
+
isMcp: this.config.auth.isMcp,
|
|
12081
12168
|
},
|
|
12082
12169
|
systemOptions: {
|
|
12083
12170
|
tokenRenewalOffsetSeconds: this.config.system.tokenRenewalOffsetSeconds,
|
|
@@ -12118,6 +12205,10 @@
|
|
|
12118
12205
|
*/
|
|
12119
12206
|
async function initializeAuthorizationRequest(request, interactionType, config, browserCrypto, browserStorage, logger, performanceClient, correlationId) {
|
|
12120
12207
|
const redirectUri = getRedirectUri(request.redirectUri, config.auth.redirectUri, logger, correlationId);
|
|
12208
|
+
if (new URL(redirectUri).origin !== new URL(window.location.href).origin) {
|
|
12209
|
+
logger.warning("08qbvw", correlationId);
|
|
12210
|
+
performanceClient.addFields({ isRedirectUriCrossOrigin: true }, correlationId);
|
|
12211
|
+
}
|
|
12121
12212
|
const browserState = {
|
|
12122
12213
|
interactionType: interactionType,
|
|
12123
12214
|
};
|
|
@@ -12795,6 +12886,7 @@
|
|
|
12795
12886
|
correlationId: this.correlationId,
|
|
12796
12887
|
state: response.state,
|
|
12797
12888
|
fromPlatformBroker: true,
|
|
12889
|
+
...(request.resource && { resource: request.resource }),
|
|
12798
12890
|
};
|
|
12799
12891
|
return result;
|
|
12800
12892
|
}
|
|
@@ -13036,6 +13128,62 @@
|
|
|
13036
13128
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
13037
13129
|
* Licensed under the MIT License.
|
|
13038
13130
|
*/
|
|
13131
|
+
const clientDataAccountTypeMapping = new Map([
|
|
13132
|
+
["e", "AAD"],
|
|
13133
|
+
["m", "MSA"],
|
|
13134
|
+
]);
|
|
13135
|
+
/**
|
|
13136
|
+
* Parses the clientdata response parameter from the /authorize endpoint.
|
|
13137
|
+
*
|
|
13138
|
+
* Logically, the clientdata value is URL-encoded and pipe-delimited:
|
|
13139
|
+
* urlencoded(account_type | error | sub_error | cloud_instance | caller_data_boundary)
|
|
13140
|
+
*
|
|
13141
|
+
* In normal browser flows, this value may already have been URL-decoded
|
|
13142
|
+
* (e.g. by URLSearchParams). This function will only apply decodeURIComponent
|
|
13143
|
+
* when the string appears to contain percent-encoded sequences to avoid
|
|
13144
|
+
* double-decoding.
|
|
13145
|
+
*
|
|
13146
|
+
* @param clientdata - The raw clientdata string from the authorize response
|
|
13147
|
+
* @returns Parsed ClientData object, or null if the input is empty/invalid
|
|
13148
|
+
*/
|
|
13149
|
+
function parseClientData(clientdata) {
|
|
13150
|
+
if (!clientdata) {
|
|
13151
|
+
return null;
|
|
13152
|
+
}
|
|
13153
|
+
try {
|
|
13154
|
+
// Only decode when the string appears to contain percent-encoded sequences
|
|
13155
|
+
const shouldDecode = /%(?:[0-9A-Fa-f]{2})/.test(clientdata);
|
|
13156
|
+
const decoded = shouldDecode
|
|
13157
|
+
? decodeURIComponent(clientdata)
|
|
13158
|
+
: clientdata;
|
|
13159
|
+
const parts = decoded.split("|");
|
|
13160
|
+
if (parts.length < 5) {
|
|
13161
|
+
return null;
|
|
13162
|
+
}
|
|
13163
|
+
return {
|
|
13164
|
+
accountType: clientDataAccountTypeMapping.get(parts[0]?.trim() || "") || "",
|
|
13165
|
+
error: parts[1]?.trim() || "",
|
|
13166
|
+
subError: parts[2]?.trim() || "",
|
|
13167
|
+
cloudInstance: parts[3]?.trim() || "",
|
|
13168
|
+
callerDataBoundary: parts[4]?.trim() || "",
|
|
13169
|
+
};
|
|
13170
|
+
}
|
|
13171
|
+
catch {
|
|
13172
|
+
return null;
|
|
13173
|
+
}
|
|
13174
|
+
}
|
|
13175
|
+
/**
|
|
13176
|
+
* Instruments account type, error, and suberror from clientdata
|
|
13177
|
+
*/
|
|
13178
|
+
function instrumentClientData(response, correlationId, performanceClient) {
|
|
13179
|
+
const parsed = parseClientData(response.clientdata);
|
|
13180
|
+
parsed?.accountType &&
|
|
13181
|
+
performanceClient.addFields({ accountType: parsed.accountType }, correlationId);
|
|
13182
|
+
parsed?.error &&
|
|
13183
|
+
performanceClient.addFields({ serverErrorNo: parsed.error }, correlationId);
|
|
13184
|
+
parsed?.subError &&
|
|
13185
|
+
performanceClient.addFields({ serverSubErrorNo: parsed.subError }, correlationId);
|
|
13186
|
+
}
|
|
13039
13187
|
/**
|
|
13040
13188
|
* Returns map of parameters that are applicable to all calls to /authorize whether using PKCE or EAR
|
|
13041
13189
|
* @param config
|
|
@@ -13205,6 +13353,8 @@
|
|
|
13205
13353
|
async function handleResponseCode(request, response, codeVerifier, apiId, config, authClient, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
|
|
13206
13354
|
// Remove throttle if it exists
|
|
13207
13355
|
ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
|
|
13356
|
+
// Instrument clientdata telemetry fields from the authorize response
|
|
13357
|
+
instrumentClientData(response, request.correlationId, performanceClient);
|
|
13208
13358
|
if (response.accountId) {
|
|
13209
13359
|
return invokeAsync(handleResponsePlatformBroker, HandleResponsePlatformBroker, logger, performanceClient, request.correlationId)(request, response.accountId, apiId, config, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider);
|
|
13210
13360
|
}
|
|
@@ -13237,6 +13387,8 @@
|
|
|
13237
13387
|
async function handleResponseEAR(request, response, apiId, config, authority, browserStorage, nativeStorage, eventHandler, logger, performanceClient, platformAuthProvider) {
|
|
13238
13388
|
// Remove throttle if it exists
|
|
13239
13389
|
ThrottlingUtils.removeThrottle(browserStorage, config.auth.clientId, request);
|
|
13390
|
+
// Instrument clientdata telemetry fields from the authorize response
|
|
13391
|
+
instrumentClientData(response, request.correlationId, performanceClient);
|
|
13240
13392
|
// Validate state & check response for errors
|
|
13241
13393
|
validateAuthorizationResponse(response, request.state);
|
|
13242
13394
|
if (!response.ear_jwe) {
|
|
@@ -13523,6 +13675,7 @@
|
|
|
13523
13675
|
tenant: "",
|
|
13524
13676
|
},
|
|
13525
13677
|
instanceAware: false,
|
|
13678
|
+
isMcp: false,
|
|
13526
13679
|
};
|
|
13527
13680
|
// Default cache options for browser
|
|
13528
13681
|
const DEFAULT_CACHE_OPTIONS = {
|
|
@@ -13915,14 +14068,17 @@
|
|
|
13915
14068
|
initializePlatformDOMRequest(request) {
|
|
13916
14069
|
this.logger.trace("15d6yv", request.correlationId);
|
|
13917
14070
|
const { accountId, clientId, authority, scope, redirectUri, correlationId, state, storeInCache, embeddedClientId, extraParameters, ...remainingProperties } = request;
|
|
13918
|
-
const validExtraParameters = this.getDOMExtraParams(remainingProperties);
|
|
14071
|
+
const validExtraParameters = this.getDOMExtraParams(remainingProperties, correlationId);
|
|
13919
14072
|
const platformDOMRequest = {
|
|
13920
14073
|
accountId: accountId,
|
|
13921
14074
|
brokerId: this.getExtensionId(),
|
|
13922
14075
|
authority: authority,
|
|
13923
14076
|
clientId: clientId,
|
|
13924
14077
|
correlationId: correlationId || this.correlationId,
|
|
13925
|
-
extraParameters: {
|
|
14078
|
+
extraParameters: {
|
|
14079
|
+
...extraParameters,
|
|
14080
|
+
...validExtraParameters,
|
|
14081
|
+
},
|
|
13926
14082
|
isSecurityTokenService: false,
|
|
13927
14083
|
redirectUri: redirectUri,
|
|
13928
14084
|
scope: scope,
|
|
@@ -13976,15 +14132,27 @@
|
|
|
13976
14132
|
};
|
|
13977
14133
|
return nativeResponse;
|
|
13978
14134
|
}
|
|
13979
|
-
getDOMExtraParams(extraParameters) {
|
|
13980
|
-
|
|
13981
|
-
|
|
13982
|
-
|
|
13983
|
-
|
|
13984
|
-
|
|
13985
|
-
|
|
13986
|
-
|
|
13987
|
-
|
|
14135
|
+
getDOMExtraParams(extraParameters, correlationId) {
|
|
14136
|
+
try {
|
|
14137
|
+
const stringifiedProperties = {};
|
|
14138
|
+
for (const [key, value] of Object.entries(extraParameters)) {
|
|
14139
|
+
if (!value) {
|
|
14140
|
+
continue;
|
|
14141
|
+
}
|
|
14142
|
+
if (typeof value === "object") {
|
|
14143
|
+
stringifiedProperties[key] = JSON.stringify(value);
|
|
14144
|
+
}
|
|
14145
|
+
else {
|
|
14146
|
+
stringifiedProperties[key] = String(value);
|
|
14147
|
+
}
|
|
14148
|
+
}
|
|
14149
|
+
return stringifiedProperties;
|
|
14150
|
+
}
|
|
14151
|
+
catch (e) {
|
|
14152
|
+
this.logger.error("0eu9o3", correlationId);
|
|
14153
|
+
this.logger.errorPii("17rpl5", correlationId);
|
|
14154
|
+
return {};
|
|
14155
|
+
}
|
|
13988
14156
|
}
|
|
13989
14157
|
}
|
|
13990
14158
|
|
|
@@ -14228,7 +14396,7 @@
|
|
|
14228
14396
|
const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
|
|
14229
14397
|
this.eventHandler.emitEvent(EventType.POPUP_OPENED, correlationId, exports.InteractionType.Popup, { popupWindow }, null);
|
|
14230
14398
|
// Wait for the redirect bridge response
|
|
14231
|
-
const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
14399
|
+
const responseString = await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
14232
14400
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14233
14401
|
return await invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
14234
14402
|
}
|
|
@@ -14263,7 +14431,7 @@
|
|
|
14263
14431
|
const form = await getEARForm(popupWindow.document, this.config, discoveredAuthority, popupRequest, this.logger, this.performanceClient);
|
|
14264
14432
|
form.submit();
|
|
14265
14433
|
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
14266
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest);
|
|
14434
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, popupRequest, this.performanceClient);
|
|
14267
14435
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14268
14436
|
if (!serverParams.ear_jwe && serverParams.code) {
|
|
14269
14437
|
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, correlationId)({
|
|
@@ -14288,7 +14456,7 @@
|
|
|
14288
14456
|
const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
14289
14457
|
form.submit();
|
|
14290
14458
|
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
14291
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
14459
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
14292
14460
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.responseMode, this.logger, this.correlationId);
|
|
14293
14461
|
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
14294
14462
|
}
|
|
@@ -14341,7 +14509,7 @@
|
|
|
14341
14509
|
// Open the popup window to requestUrl.
|
|
14342
14510
|
const popupWindow = this.openPopup(logoutUri, popupParams);
|
|
14343
14511
|
this.eventHandler.emitEvent(EventType.POPUP_OPENED, validRequest.correlationId, exports.InteractionType.Popup, { popupWindow }, null);
|
|
14344
|
-
await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest).catch(() => {
|
|
14512
|
+
await waitForBridgeResponse(this.config.system.popupBridgeTimeout, this.logger, this.browserCrypto, validRequest, this.performanceClient).catch(() => {
|
|
14345
14513
|
// Swallow any errors related to monitoring the window. Server logout is best effort
|
|
14346
14514
|
});
|
|
14347
14515
|
if (mainWindowRedirectUri) {
|
|
@@ -15089,7 +15257,7 @@
|
|
|
15089
15257
|
};
|
|
15090
15258
|
await invokeAsync(initiateEarRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, discoveredAuthority, silentRequest, this.logger, this.performanceClient);
|
|
15091
15259
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
15092
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
15260
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
15093
15261
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
15094
15262
|
if (!serverParams.ear_jwe && serverParams.code) {
|
|
15095
15263
|
// If server doesn't support EAR, they may fallback to auth code flow instead
|
|
@@ -15138,7 +15306,7 @@
|
|
|
15138
15306
|
}
|
|
15139
15307
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
15140
15308
|
// Wait for response from the redirect bridge.
|
|
15141
|
-
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request);
|
|
15309
|
+
const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
15142
15310
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
15143
15311
|
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceCodes.verifier, this.apiId, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15144
15312
|
}
|
|
@@ -15291,6 +15459,22 @@
|
|
|
15291
15459
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
15292
15460
|
* Licensed under the MIT License.
|
|
15293
15461
|
*/
|
|
15462
|
+
/**
|
|
15463
|
+
* Get network information for telemetry purposes. This is only supported in Chromium-based browsers.
|
|
15464
|
+
* @returns Network connection information, or an empty object if not available.
|
|
15465
|
+
*/
|
|
15466
|
+
function getNetworkInfo() {
|
|
15467
|
+
if (typeof window === "undefined" || !window.navigator) {
|
|
15468
|
+
return {};
|
|
15469
|
+
}
|
|
15470
|
+
const connection = "connection" in window.navigator
|
|
15471
|
+
? window.navigator.connection
|
|
15472
|
+
: undefined;
|
|
15473
|
+
return {
|
|
15474
|
+
effectiveType: connection?.effectiveType,
|
|
15475
|
+
rtt: connection?.rtt,
|
|
15476
|
+
};
|
|
15477
|
+
}
|
|
15294
15478
|
function collectInstanceStats(currentClientId, performanceEvent, logger, correlationId) {
|
|
15295
15479
|
const frameInstances =
|
|
15296
15480
|
// @ts-ignore
|
|
@@ -15310,12 +15494,13 @@
|
|
|
15310
15494
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
15311
15495
|
* Licensed under the MIT License.
|
|
15312
15496
|
*/
|
|
15313
|
-
function preflightCheck(initialized, performanceEvent,
|
|
15497
|
+
function preflightCheck(initialized, performanceEvent, config, request) {
|
|
15314
15498
|
try {
|
|
15315
15499
|
preflightCheck$1(initialized);
|
|
15500
|
+
enforceResourceParameter(config.auth.isMcp, request);
|
|
15316
15501
|
}
|
|
15317
15502
|
catch (e) {
|
|
15318
|
-
performanceEvent.end({ success: false }, e, account);
|
|
15503
|
+
performanceEvent.end({ success: false }, e, request.account);
|
|
15319
15504
|
throw e;
|
|
15320
15505
|
}
|
|
15321
15506
|
}
|
|
@@ -15416,6 +15601,7 @@
|
|
|
15416
15601
|
this.eventHandler.emitEvent(EventType.INITIALIZE_START, correlationId);
|
|
15417
15602
|
// Broker applications are initialized twice, so we avoid double-counting it
|
|
15418
15603
|
this.logMultipleInstances(initMeasurement, correlationId);
|
|
15604
|
+
initMeasurement.add({ isMcp: this.config.auth.isMcp });
|
|
15419
15605
|
await invokeAsync(this.browserStorage.initialize.bind(this.browserStorage), InitializeCache, this.logger, this.performanceClient, correlationId)(correlationId);
|
|
15420
15606
|
if (allowPlatformBroker) {
|
|
15421
15607
|
try {
|
|
@@ -15593,6 +15779,7 @@
|
|
|
15593
15779
|
};
|
|
15594
15780
|
try {
|
|
15595
15781
|
redirectPreflightCheck(this.initialized, this.config);
|
|
15782
|
+
enforceResourceParameter(this.config.auth.isMcp, request);
|
|
15596
15783
|
this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN);
|
|
15597
15784
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Redirect, request);
|
|
15598
15785
|
let result;
|
|
@@ -15657,7 +15844,7 @@
|
|
|
15657
15844
|
});
|
|
15658
15845
|
try {
|
|
15659
15846
|
this.logger.verbose("0ch87b", correlationId);
|
|
15660
|
-
preflightCheck(this.initialized, atPopupMeasurement, request
|
|
15847
|
+
preflightCheck(this.initialized, atPopupMeasurement, this.config, request);
|
|
15661
15848
|
this.browserStorage.setInteractionInProgress(true, INTERACTION_TYPE.SIGNIN, request.overrideInteractionInProgress, correlationId);
|
|
15662
15849
|
}
|
|
15663
15850
|
catch (e) {
|
|
@@ -15771,7 +15958,7 @@
|
|
|
15771
15958
|
this.ssoSilentMeasurement?.add({
|
|
15772
15959
|
scenarioId: request.scenarioId,
|
|
15773
15960
|
});
|
|
15774
|
-
preflightCheck(this.initialized, this.ssoSilentMeasurement,
|
|
15961
|
+
preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
|
|
15775
15962
|
this.ssoSilentMeasurement?.increment({
|
|
15776
15963
|
visibilityChangeCount: 0,
|
|
15777
15964
|
});
|
|
@@ -15835,7 +16022,7 @@
|
|
|
15835
16022
|
const correlationId = this.getRequestCorrelationId(request);
|
|
15836
16023
|
this.logger.trace("0ch6ga", correlationId);
|
|
15837
16024
|
const atbcMeasurement = this.performanceClient.startMeasurement(AcquireTokenByCode, correlationId);
|
|
15838
|
-
preflightCheck(this.initialized, atbcMeasurement);
|
|
16025
|
+
preflightCheck(this.initialized, atbcMeasurement, this.config, request);
|
|
15839
16026
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Silent, request);
|
|
15840
16027
|
atbcMeasurement.add({ scenarioId: request.scenarioId });
|
|
15841
16028
|
try {
|
|
@@ -16337,7 +16524,7 @@
|
|
|
16337
16524
|
cacheLookupPolicy: request.cacheLookupPolicy,
|
|
16338
16525
|
scenarioId: request.scenarioId,
|
|
16339
16526
|
});
|
|
16340
|
-
preflightCheck(this.initialized, atsMeasurement, request
|
|
16527
|
+
preflightCheck(this.initialized, atsMeasurement, this.config, request);
|
|
16341
16528
|
this.logger.verbose("0x1c4s", correlationId);
|
|
16342
16529
|
const account = request.account || this.getActiveAccount();
|
|
16343
16530
|
if (!account) {
|
|
@@ -16793,6 +16980,7 @@
|
|
|
16793
16980
|
platformBrokerId: request.account?.homeAccountId,
|
|
16794
16981
|
clientId: this.clientId,
|
|
16795
16982
|
authority: request.authority,
|
|
16983
|
+
resource: request.resource,
|
|
16796
16984
|
scope: scopes.join(" "),
|
|
16797
16985
|
correlationId,
|
|
16798
16986
|
claims: !StringUtils.isEmptyObj(claims) ? claims : undefined,
|
|
@@ -17063,6 +17251,7 @@
|
|
|
17063
17251
|
const atPopupMeasurement = this.performanceClient.startMeasurement(AcquireTokenPopup, correlationId);
|
|
17064
17252
|
atPopupMeasurement.add({ nestedAppAuthRequest: true });
|
|
17065
17253
|
try {
|
|
17254
|
+
enforceResourceParameter(this.config.auth.isMcp, validRequest);
|
|
17066
17255
|
const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
|
|
17067
17256
|
const reqTimestamp = nowSeconds();
|
|
17068
17257
|
const response = await this.bridgeProxy.getTokenInteractive(naaRequest);
|
|
@@ -17129,6 +17318,7 @@
|
|
|
17129
17318
|
nestedAppAuthRequest: true,
|
|
17130
17319
|
});
|
|
17131
17320
|
try {
|
|
17321
|
+
enforceResourceParameter(this.config.auth.isMcp, validRequest);
|
|
17132
17322
|
const naaRequest = this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
|
|
17133
17323
|
naaRequest.forceRefresh = validRequest.forceRefresh;
|
|
17134
17324
|
const reqTimestamp = nowSeconds();
|
|
@@ -17263,6 +17453,14 @@
|
|
|
17263
17453
|
this.logger.verbose("18egye", correlationId);
|
|
17264
17454
|
return Promise.resolve(null);
|
|
17265
17455
|
}
|
|
17456
|
+
else if (authRequest.resource) {
|
|
17457
|
+
const requestedResource = authRequest.resource;
|
|
17458
|
+
const cachedResource = cachedAccessToken.resource;
|
|
17459
|
+
if (!cachedResource || cachedResource !== requestedResource) {
|
|
17460
|
+
this.logger.verbose("0qraxd", correlationId);
|
|
17461
|
+
return Promise.resolve(null);
|
|
17462
|
+
}
|
|
17463
|
+
}
|
|
17266
17464
|
const cachedIdToken = this.browserStorage.getIdToken(currentAccount, authRequest.correlationId, tokenKeys, currentAccount.tenantId);
|
|
17267
17465
|
if (!cachedIdToken) {
|
|
17268
17466
|
this.logger.verbose("0d68kd", correlationId);
|
|
@@ -18432,11 +18630,14 @@
|
|
|
18432
18630
|
return {
|
|
18433
18631
|
...inProgressEvent,
|
|
18434
18632
|
end: (event, error, account) => {
|
|
18633
|
+
const networkInfo = getNetworkInfo();
|
|
18435
18634
|
const res = inProgressEvent.end({
|
|
18436
18635
|
...event,
|
|
18437
18636
|
startPageVisibility,
|
|
18438
18637
|
endPageVisibility: this.getPageVisibility(),
|
|
18439
18638
|
durationMs: getPerfDurationMs(startTime),
|
|
18639
|
+
networkEffectiveType: networkInfo.effectiveType,
|
|
18640
|
+
networkRtt: networkInfo.rtt,
|
|
18440
18641
|
}, error, account);
|
|
18441
18642
|
void browserMeasurement?.then((measurement) => measurement.endMeasurement());
|
|
18442
18643
|
this.deleteIncompleteSubMeasurements(inProgressEvent);
|
|
@@ -18608,6 +18809,7 @@
|
|
|
18608
18809
|
exports.WrapperSKU = WrapperSKU;
|
|
18609
18810
|
exports.createNestablePublicClientApplication = createNestablePublicClientApplication;
|
|
18610
18811
|
exports.createStandardPublicClientApplication = createStandardPublicClientApplication;
|
|
18812
|
+
exports.enforceResourceParameter = enforceResourceParameter;
|
|
18611
18813
|
exports.isPlatformBrokerAvailable = isPlatformBrokerAvailable;
|
|
18612
18814
|
exports.loadExternalTokens = loadExternalTokens;
|
|
18613
18815
|
exports.stubbedPublicClientApplication = stubbedPublicClientApplication;
|