@azure/msal-browser 5.6.1 → 5.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +21 -8
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts +6 -0
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +12 -2
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +2 -2
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/redirect_bridge/index.d.ts.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +3 -2
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +21 -8
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts +6 -0
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +12 -2
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/log-strings-mapping.json +2 -2
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_handler/SilentHandler.d.ts +6 -0
- package/dist/redirect-bridge/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +43 -24
- package/dist/redirect-bridge/redirect_bridge/index.mjs.map +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/redirect_bridge/index.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +3 -2
- package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +2 -2
- package/lib/custom-auth-path/msal-custom-auth.cjs +95 -71
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts +6 -0
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/redirect_bridge/index.d.ts.map +1 -1
- package/lib/log-strings-mapping.json +2 -2
- package/lib/msal-browser.cjs +97 -73
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +97 -73
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +52 -33
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts +6 -0
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/redirect_bridge/index.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/interaction_client/SilentIframeClient.ts +53 -29
- package/src/interaction_handler/SilentHandler.ts +11 -0
- package/src/packageMetadata.ts +1 -1
- package/src/redirect_bridge/index.ts +47 -25
package/lib/msal-browser.min.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.6.
|
|
2
|
-
"use strict";!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).msal={})}(this,(function(e){const t="https://login.microsoftonline.com/common/",r="common",n=`${t}discovery/instance?api-version=1.1&authorization_endpoint=`,o=".ciamlogin.com",i="openid",s="profile",a="offline_access",c="S256",h="Not Available",l="http://169.254.169.254/metadata/instance/compute/location",d=["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"],u="GET",g="POST",p=[i,s,a],m=[...p,"email"],f="Content-Type",y="Content-Length",w="Retry-After",I="X-AnchorMailbox",C="WWW-Authenticate",v="Authentication-Info",k="x-ms-request-id",T="x-ms-httpver",b="active-account-filters",A="common",S="organizations",_="consumers",E="access_token",P="xms_cc",R={LOGIN:"login",SELECT_ACCOUNT:"select_account",CONSENT:"consent",NONE:"none",CREATE:"create",NO_SESSION:"no_session"},O="code",M="id_token token refresh_token",x={QUERY:"query",FRAGMENT:"fragment",FORM_POST:"form_post"},q="authorization_code",N="refresh_token",U="Generic",L={ID_TOKEN:"IdToken",ACCESS_TOKEN:"AccessToken",ACCESS_TOKEN_WITH_AUTH_SCHEME:"AccessToken_With_AuthScheme",REFRESH_TOKEN:"RefreshToken"},H="appmetadata",D="1",F="authority-metadata",K="config",B="cache",z="network",j="hardcoded_values",$=5,J="server-telemetry",W=",",G={BEARER:"Bearer",POP:"pop",SSH:"ssh-cert"},V="throttling",Q="1",X="3",Y="4",Z="2",ee="4",te="5",re="0",ne="1",oe="2",ie="3",se="4",ae={Jwt:"JWT",Jwk:"JWK",Pop:"pop"},ce="client_id",he="redirect_uri",le="token_type",de="req_cnf",ue="return_spa_code",ge="x-client-xtra-sku",pe="brk_client_id",me="brk_redirect_uri",fe="instance_aware";function ye(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class we extends Error{constructor(e,t,r){const n=t||(e?ye(e):"");super(n?`${e}: ${n}`:e),Object.setPrototypeOf(this,we.prototype),this.errorCode=e||"",this.errorMessage=n||"",this.subError=r||"",this.name="AuthError"}setCorrelationId(e){this.correlationId=e}}function Ie(e,t){return new we(e,t||ye(e))}class Ce extends we{constructor(e){super(e),this.name="ClientConfigurationError",Object.setPrototypeOf(this,Ce.prototype)}}function ve(e){return new Ce(e)}class ke{static isEmptyObj(e){if(e)try{const t=JSON.parse(e);return 0===Object.keys(t).length}catch(e){}return!0}static startsWith(e,t){return 0===e.indexOf(t)}static endsWith(e,t){return e.length>=t.length&&e.lastIndexOf(t)===e.length-t.length}static queryStringToObject(e){const t={},r=e.split("&"),n=e=>decodeURIComponent(e.replace(/\+/g," "));return r.forEach((e=>{if(e.trim()){const[r,o]=e.split(/=(.+)/g,2);r&&o&&(t[n(r)]=n(o))}})),t}static trimArrayEntries(e){return e.map((e=>e.trim()))}static removeEmptyStringsFromArray(e){return e.filter((e=>!!e))}static jsonParseHelper(e){try{return JSON.parse(e)}catch(e){return null}}}class Te extends we{constructor(e,t){super(e,t),this.name="ClientAuthError",Object.setPrototypeOf(this,Te.prototype)}}function be(e,t){return new Te(e,t)}const Ae="redirect_uri_empty",Se="authority_uri_insecure",_e="url_parse_error",Ee="empty_url_error",Pe="empty_input_scopes_error",Re="invalid_claims",Oe="token_request_empty",Me="logout_request_empty",xe="pkce_params_missing",qe="invalid_cloud_discovery_metadata",Ne="invalid_authority_metadata",Ue="untrusted_authority",Le="missing_ssh_jwk",He="missing_ssh_kid",De="missing_nonce_authentication_header",Fe="invalid_authentication_header",Ke="cannot_set_OIDCOptions",Be="cannot_allow_platform_broker",ze="authority_mismatch",je="invalid_request_method_for_EAR";var $e=Object.freeze({__proto__:null,authorityMismatch:ze,authorityUriInsecure:Se,cannotAllowPlatformBroker:Be,cannotSetOIDCOptions:Ke,claimsRequestParsingError:"claims_request_parsing_error",emptyInputScopesError:Pe,invalidAuthenticationHeader:Fe,invalidAuthorityMetadata:Ne,invalidClaims:Re,invalidCloudDiscoveryMetadata:qe,invalidCodeChallengeMethod:"invalid_code_challenge_method",invalidRequestMethodForEAR:je,logoutRequestEmpty:Me,missingNonceAuthenticationHeader:De,missingSshJwk:Le,missingSshKid:He,pkceParamsMissing:xe,redirectUriEmpty:Ae,tokenRequestEmpty:Oe,untrustedAuthority:Ue,urlEmptyError:Ee,urlParseError:_e});const Je="client_info_decoding_error",We="client_info_empty_error",Ge="token_parsing_error",Ve="null_or_empty_token",Qe="endpoints_resolution_error",Xe="network_error",Ye="openid_config_error",Ze="hash_not_deserialized",et="invalid_state",tt="state_mismatch",rt="state_not_found",nt="nonce_mismatch",ot="auth_time_not_found",it="max_age_transpired",st="multiple_matching_appMetadata",at="request_cannot_be_made",ct="cannot_remove_empty_scope",ht="cannot_append_scopeset",lt="empty_input_scopeset",dt="no_account_in_silent_request",ut="invalid_cache_record",gt="invalid_cache_environment",pt="no_account_found",mt="no_crypto_object",ft="token_refresh_required",yt="token_claims_cnf_required_for_signedjwt",wt="authorization_code_missing_from_server_response",It="binding_key_not_removed",Ct="end_session_endpoint_not_supported",vt="key_id_missing",kt="no_network_connectivity",Tt="user_canceled",bt="method_not_implemented",At="nested_app_auth_bridge_disabled",St="resource_parameter_required",_t="misplaced_resource_parameter";var Et=Object.freeze({__proto__:null,authTimeNotFound:ot,authorizationCodeMissingFromServerResponse:wt,bindingKeyNotRemoved:It,cannotAppendScopeSet:ht,cannotRemoveEmptyScope:ct,clientInfoDecodingError:Je,clientInfoEmptyError:We,emptyInputScopeSet:lt,endSessionEndpointNotSupported:Ct,endpointResolutionError:Qe,hashNotDeserialized:Ze,invalidCacheEnvironment:gt,invalidCacheRecord:ut,invalidState:et,keyIdMissing:vt,maxAgeTranspired:it,methodNotImplemented:bt,misplacedResourceParam:_t,multipleMatchingAppMetadata:st,multipleMatchingTokens:"multiple_matching_tokens",nestedAppAuthBridgeDisabled:At,networkError:Xe,noAccountFound:pt,noAccountInSilentRequest:dt,noCryptoObject:mt,noNetworkConnectivity:kt,nonceMismatch:nt,nullOrEmptyToken:Ve,openIdConfigError:Ye,platformBrokerError:"platform_broker_error",requestCannotBeMade:at,resourceParameterRequired:St,stateMismatch:tt,stateNotFound:rt,tokenClaimsCnfRequiredForSignedJwt:yt,tokenParsingError:Ge,tokenRefreshRequired:ft,unexpectedCredentialType:"unexpected_credential_type",userCanceled:Tt});class Pt{constructor(e){const t=e?ke.trimArrayEntries([...e]):[],r=t?ke.removeEmptyStringsFromArray(t):[];if(!r||!r.length)throw ve(Pe);this.scopes=new Set,r.forEach((e=>this.scopes.add(e)))}static fromString(e){const t=(e||"").split(" ");return new Pt(t)}static createSearchScopes(e){const t=e&&e.length>0?e:[...p],r=new Pt(t);return r.containsOnlyOIDCScopes()?r.removeScope(a):r.removeOIDCScopes(),r}containsScope(e){const t=this.printScopesLowerCase().split(" "),r=new Pt(t);return!!e&&r.scopes.has(e.toLowerCase())}containsScopeSet(e){return!(!e||e.scopes.size<=0)&&(this.scopes.size>=e.scopes.size&&e.asArray().every((e=>this.containsScope(e))))}containsOnlyOIDCScopes(){let e=0;return m.forEach((t=>{this.containsScope(t)&&(e+=1)})),this.scopes.size===e}appendScope(e){e&&this.scopes.add(e.trim())}appendScopes(e){try{e.forEach((e=>this.appendScope(e)))}catch(e){throw be(ht)}}removeScope(e){if(!e)throw be(ct);this.scopes.delete(e.trim())}removeOIDCScopes(){m.forEach((e=>{this.scopes.delete(e)}))}unionScopeSets(e){if(!e)throw be(lt);const t=new Set;return e.scopes.forEach((e=>t.add(e.toLowerCase()))),this.scopes.forEach((e=>t.add(e.toLowerCase()))),t}intersectingScopeSets(e){if(!e)throw be(lt);e.containsOnlyOIDCScopes()||e.removeOIDCScopes();const t=this.unionScopeSets(e),r=e.getScopeCount(),n=this.getScopeCount();return t.size<n+r}getScopeCount(){return this.scopes.size}asArray(){const e=[];return this.scopes.forEach((t=>e.push(t))),e}printScopes(){if(this.scopes){return this.asArray().join(" ")}return""}printScopesLowerCase(){return this.printScopes().toLowerCase()}}function Rt(e,t,r){if(!t)return;const n=e.get(ce);n&&e.has(pe)&&r?.addFields({embeddedClientId:n,embeddedRedirectUri:e.get(he)},t)}function Ot(e,t){e.set("response_type",t)}function Mt(e,t,r=!0,n=p){!r||n.includes("openid")||t.includes("openid")||n.push("openid");const o=r?[...t||[],...n]:t||[],i=new Pt(o);e.set("scope",i.printScopes())}function xt(e,t){e.set(ce,t)}function qt(e,t){e.set(he,t)}function Nt(e,t){e.set("login_hint",t)}function Ut(e,t){e.set(I,`UPN:${t}`)}function Lt(e,t){e.set(I,`Oid:${t.uid}@${t.utid}`)}function Ht(e,t){e.set("sid",t)}function Dt(e,t,r){const n=Yt(t,r);try{JSON.parse(n)}catch(e){throw ve(Re)}e.set("claims",n)}function Ft(e,t){e.set("client-request-id",t)}function Kt(e,t){e.set("x-client-SKU",t.sku),e.set("x-client-VER",t.version),t.os&&e.set("x-client-OS",t.os),t.cpu&&e.set("x-client-CPU",t.cpu)}function Bt(e,t){t?.appName&&e.set("x-app-name",t.appName),t?.appVersion&&e.set("x-app-ver",t.appVersion)}function zt(e,t){t&&e.set("state",t)}function jt(e,t,r){if(!t||!r)throw ve(xe);e.set("code_challenge",t),e.set("code_challenge_method",r)}function $t(e,t){e.set("client_secret",t)}function Jt(e,t){t&&e.set("client_assertion",t)}function Wt(e,t){t&&e.set("client_assertion_type",t)}function Gt(e,t){e.set("grant_type",t)}function Vt(e){e.set("client_info","1")}function Qt(e){e.has(fe)||e.set(fe,"true")}function Xt(e,t){Object.entries(t).forEach((([t,r])=>{!e.has(t)&&r&&e.set(t,r)}))}function Yt(e,t){let r;if(e)try{r=JSON.parse(e)}catch(e){throw ve(Re)}else r={};return t&&t.length>0&&(r.hasOwnProperty(E)||(r[E]={}),r[E][P]={values:t}),JSON.stringify(r)}function Zt(e,t){t&&(e.set(le,G.POP),e.set(de,t))}function er(e,t){t&&(e.set(le,G.SSH),e.set(de,t))}function tr(e,t){e.set("x-client-current-telemetry",t.generateCurrentRequestHeaderValue()),e.set("x-client-last-telemetry",t.generateLastRequestHeaderValue())}function rr(e){e.set("x-ms-lib-capability","retry-after, h429")}function nr(e,t,r){e.has(pe)||e.set(pe,t),e.has(me)||e.set(me,r)}function or(e,t){t&&e.set("resource",t)}function ir(e){if(!e)return e;let t=e.toLowerCase();return ke.endsWith(t,"?")?t=t.slice(0,-1):ke.endsWith(t,"?/")&&(t=t.slice(0,-2)),ke.endsWith(t,"/")||(t+="/"),t}function sr(e){return e.startsWith("#/")?e.substring(2):e.startsWith("#")||e.startsWith("?")?e.substring(1):e}function ar(e){if(!e||e.indexOf("=")<0)return null;try{const t=sr(e),r=Object.fromEntries(new URLSearchParams(t));if(r.code||r.ear_jwe||r.error||r.error_description||r.state)return r}catch(e){throw be(Ze)}return null}function cr(e){const t=new Array;return e.forEach(((e,r)=>{t.push(`${r}=${encodeURIComponent(e)}`)})),t.join("&")}function hr(e){if(!e)return e;const t=e.split("#")[0];try{const e=new URL(t);return ir(e.origin+e.pathname+e.search)}catch(e){return ir(t)}}const lr={createNewGuid:()=>{throw be(bt)},base64Decode:()=>{throw be(bt)},base64Encode:()=>{throw be(bt)},base64UrlEncode:()=>{throw be(bt)},encodeKid:()=>{throw be(bt)},async getPublicKeyThumbprint(){throw be(bt)},async removeTokenBindingKey(){throw be(bt)},async clearKeystore(){throw be(bt)},async signJwt(){throw be(bt)},async hashString(){throw be(bt)}};var dr;e.LogLevel=void 0,(dr=e.LogLevel||(e.LogLevel={}))[dr.Error=0]="Error",dr[dr.Warning=1]="Warning",dr[dr.Info=2]="Info",dr[dr.Verbose=3]="Verbose",dr[dr.Trace=4]="Trace";const ur=new Map;function gr(e,t){const r=Date.now();let n=ur.get(e);if(n)!function(e,t){ur.delete(e),ur.set(e,t)}(e,n);else if(n={logs:[],firstEventTime:r},ur.set(e,n),ur.size>50){const e=ur.keys().next().value;e&&ur.delete(e)}n.logs.push({...t,milliseconds:r-n.firstEventTime}),n.logs.length>500&&n.logs.shift()}class pr{constructor(t,r,n){this.level=e.LogLevel.Info;const o=t||pr.createDefaultLoggerOptions();this.localCallback=o.loggerCallback||(()=>{}),this.piiLoggingEnabled=o.piiLoggingEnabled||!1,this.level="number"==typeof o.logLevel?o.logLevel:e.LogLevel.Info,this.packageName=r||"",this.packageVersion=n||""}static createDefaultLoggerOptions(){return{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info}}clone(e,t){return new pr({loggerCallback:this.localCallback,piiLoggingEnabled:this.piiLoggingEnabled,logLevel:this.level},e,t)}logMessage(t,r){const n=r.correlationId;if(function(e){if(6!==e.length)return!1;for(let t=0;t<e.length;t++){const r=e[t];if(!(r>="a"&&r<="z"||r>="A"&&r<="Z"||r>="0"&&r<="9"))return!1}return!0}(t)){gr(n,{hash:t,level:r.logLevel,containsPii:r.containsPii||!1,milliseconds:0})}if(r.logLevel>this.level||!this.piiLoggingEnabled&&r.containsPii)return;const o=`${`[${(new Date).toUTCString()}] : [${n}]`} : ${this.packageName}@${this.packageVersion} : ${e.LogLevel[r.logLevel]} - ${t}`;this.executeCallback(r.logLevel,o,r.containsPii||!1)}executeCallback(e,t,r){this.localCallback&&this.localCallback(e,t,r)}error(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!1,correlationId:r})}errorPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!0,correlationId:r})}warning(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!1,correlationId:r})}warningPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!0,correlationId:r})}info(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!1,correlationId:r})}infoPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!0,correlationId:r})}verbose(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!1,correlationId:r})}verbosePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!0,correlationId:r})}trace(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!1,correlationId:r})}tracePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!0,correlationId:r})}isPiiLoggingEnabled(){return this.piiLoggingEnabled||!1}}const mr="@azure/msal-common",fr="16.4.0",yr={None:"none",AzurePublic:"https://login.microsoftonline.com",AzurePpe:"https://login.windows-ppe.net",AzureChina:"https://login.chinacloudapi.cn",AzureGermany:"https://login.microsoftonline.de",AzureUsGovernment:"https://login.microsoftonline.us"};function wr(e,t){return!!e&&!!t&&e===t.split(".")[1]}function Ir(e,t,r,n){if(n){const{oid:t,sub:r,tid:o,name:i,tfp:s,acr:a,preferred_username:c,upn:h,login_hint:l}=n,d=o||s||a||"";return{tenantId:d,localAccountId:t||r||"",name:i,username:c||h||"",loginHint:l,isHomeTenant:wr(d,e)}}return{tenantId:r,localAccountId:t,username:"",isHomeTenant:wr(r,e)}}function Cr(e,t,r,n){let o=e;if(t){const{isHomeTenant:r,...n}=t;o={...e,...n}}if(r){const{isHomeTenant:t,...i}=Ir(e.homeAccountId,e.localAccountId,e.tenantId,r);return o={...o,...i,idTokenClaims:r,idToken:n},o}return o}function vr(e,t){const r=function(e){if(!e)throw be(Ve);const t=/^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/.exec(e);if(!t||t.length<4)throw be(Ge);return t[2]}(e);try{const e=t(r);return JSON.parse(e)}catch(e){throw be(Ge)}}function kr(e){if(!e.signin_state)return!1;const t=["kmsi","dvc_dmjd"];return e.signin_state.some((e=>t.includes(e.trim().toLowerCase())))}function Tr(e,t){if(0===t||Date.now()-3e5>e+t)throw be(it)}class br{get urlString(){return this._urlString}constructor(e){if(this._urlString=e,!this._urlString)throw ve(Ee);e.includes("#")||(this._urlString=br.canonicalizeUri(e))}static canonicalizeUri(e){if(e){let t=e.toLowerCase();return ke.endsWith(t,"?")?t=t.slice(0,-1):ke.endsWith(t,"?/")&&(t=t.slice(0,-2)),ke.endsWith(t,"/")||(t+="/"),t}return e}validateAsUri(){let e;try{e=this.getUrlComponents()}catch(e){throw ve(_e)}if(!e.HostNameAndPort||!e.PathSegments)throw ve(_e);if(!e.Protocol||"https:"!==e.Protocol.toLowerCase())throw ve(Se)}static appendQueryString(e,t){return t?e.indexOf("?")<0?`${e}?${t}`:`${e}&${t}`:e}static removeHashFromUrl(e){return br.canonicalizeUri(e.split("#")[0])}replaceTenantPath(e){const t=this.getUrlComponents(),r=t.PathSegments;return!e||0===r.length||r[0]!==A&&r[0]!==S||(r[0]=e),br.constructAuthorityUriFromObject(t)}getUrlComponents(){const e=RegExp("^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?"),t=this.urlString.match(e);if(!t)throw ve(_e);const r={Protocol:t[1],HostNameAndPort:t[4],AbsolutePath:t[5],QueryString:t[7]};let n=r.AbsolutePath.split("/");return n=n.filter((e=>e&&e.length>0)),r.PathSegments=n,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(e){const t=RegExp("^([^:/?#]+://)?([^/?#]*)"),r=e.match(t);if(!r)throw ve(_e);return r[2]}static getAbsoluteUrl(e,t){if("/"===e[0]){const r=new br(t).getUrlComponents();return r.Protocol+"//"+r.HostNameAndPort+e}return e}static constructAuthorityUriFromObject(e){return new br(e.Protocol+"//"+e.HostNameAndPort+"/"+e.PathSegments.join("/"))}}const Ar={endpointMetadata:[{host:"login.microsoftonline.com"},{host:"login.chinacloudapi.cn",issuerHost:"login.partner.microsoftonline.cn"},{host:"login.microsoftonline.us"},{host:"login.sovcloud-identity.fr"},{host:"login.sovcloud-identity.de"},{host:"login.sovcloud-identity.sg"}].reduce(((e,{host:t,issuerHost:r})=>(e[t]=function(e,t){return{token_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/token`,jwks_uri:`https://${e}/{tenantid}/discovery/v2.0/keys`,issuer:`https://${t}/{tenantid}/v2.0`,authorization_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/authorize`,end_session_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/logout`}}(t,r||t),e)),{}),instanceDiscoveryMetadata:{metadata:[{preferred_network:"login.microsoftonline.com",preferred_cache:"login.windows.net",aliases:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{preferred_network:"login.partner.microsoftonline.cn",preferred_cache:"login.partner.microsoftonline.cn",aliases:["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{preferred_network:"login.microsoftonline.de",preferred_cache:"login.microsoftonline.de",aliases:["login.microsoftonline.de"]},{preferred_network:"login.microsoftonline.us",preferred_cache:"login.microsoftonline.us",aliases:["login.microsoftonline.us","login.usgovcloudapi.net"]},{preferred_network:"login-us.microsoftonline.com",preferred_cache:"login-us.microsoftonline.com",aliases:["login-us.microsoftonline.com"]},{preferred_network:"login.sovcloud-identity.fr",preferred_cache:"login.sovcloud-identity.fr",aliases:["login.sovcloud-identity.fr"]},{preferred_network:"login.sovcloud-identity.de",preferred_cache:"login.sovcloud-identity.de",aliases:["login.sovcloud-identity.de"]},{preferred_network:"login.sovcloud-identity.sg",preferred_cache:"login.sovcloud-identity.sg",aliases:["login.sovcloud-identity.sg"]}]}},Sr=Ar.endpointMetadata,_r=Ar.instanceDiscoveryMetadata,Er=new Set;function Pr(e,t,r,n,o){if(e.trace("1bmquz",t),r&&n){const o=Rr(n,r);if(o)return e.trace("1fotbt",t),o.aliases;e.trace("14avvj",t)}return null}function Rr(e,t){for(let r=0;r<e.length;r++){const n=e[r];if(n.aliases.includes(t))return n}return null}_r.metadata.forEach((e=>{e.aliases.forEach((e=>{Er.add(e)}))}));const Or="cache_quota_exceeded";class Mr extends Error{constructor(e,t){const r=t||ye(e);super(r),Object.setPrototypeOf(this,Mr.prototype),this.name="CacheError",this.errorCode=e,this.errorMessage=r}}function xr(e){return e instanceof Error?"QuotaExceededError"===e.name||"NS_ERROR_DOM_QUOTA_REACHED"===e.name||e.message.includes("exceeded the quota")?new Mr(Or):new Mr(e.name,e.message):new Mr("cache_error_unknown")}function qr(e,t){if(!e)throw be(We);try{const r=t(e);return JSON.parse(r)}catch(e){throw be(Je)}}function Nr(e){if(!e)throw be(Je);const t=e.split(".",2);return{uid:t[0],utid:t.length<2?"":t[1]}}const Ur=0,Lr=1,Hr=2,Dr=3;function Fr(e){if(e){return e.tid||e.tfp||e.acr||null}return null}const Kr={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"};function Br(e){const t=e.tenantProfiles||[];return 0===t.length&&e.realm&&e.localAccountId&&t.push(Ir(e.homeAccountId,e.localAccountId,e.realm)),{homeAccountId:e.homeAccountId,environment:e.environment,tenantId:e.realm,username:e.username,localAccountId:e.localAccountId,loginHint:e.loginHint,name:e.name,nativeAccountId:e.nativeAccountId,authorityType:e.authorityType,tenantProfiles:new Map(t.map((e=>[e.tenantId,e]))),dataBoundary:e.dataBoundary}}function zr(e,t,r){const n=Array.from(e.tenantProfiles?.values()||[]);return 0===n.length&&e.tenantId&&e.localAccountId&&n.push(Ir(e.homeAccountId,e.localAccountId,e.tenantId,e.idTokenClaims)),{authorityType:e.authorityType||U,homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,nativeAccountId:e.nativeAccountId,realm:e.tenantId,environment:e.environment,username:e.username,loginHint:e.loginHint,name:e.name,cloudGraphHostName:t,msGraphHost:r,tenantProfiles:n,dataBoundary:e.dataBoundary}}function jr(e,t,r,n,o,i){if(t!==Lr&&t!==Hr){if(e)try{const t=qr(e,n.base64Decode);if(t.uid&&t.utid)return`${t.uid}.${t.utid}`}catch(e){}r.warning("1ub6wv",o)}return i?.sub||""}class $r{constructor(e,t,r,n,o){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(mr,fr),this.staticAuthorityOptions=o,this.performanceClient=n}getAllAccounts(e={},t){return this.buildTenantProfiles(this.getAccountsFilteredBy(e,t),t,e)}getAccountInfoFilteredBy(e,t){if(0===Object.keys(e).length||Object.values(e).every((e=>null==e||""===e)))return this.commonLogger.warning("1skb02",t),null;const r=this.getAllAccounts(e,t);if(r.length>1){return r.sort((e=>e.idTokenClaims?-1:1))[0]}return 1===r.length?r[0]:null}getBaseAccountInfo(e,t){const r=this.getAccountsFilteredBy(e,t);return r.length>0?Br(r[0]):null}buildTenantProfiles(e,t,r){return e.flatMap((e=>this.getTenantProfilesFromAccountEntity(e,t,r?.tenantId,r)))}getTenantedAccountInfoByFilter(e,t,r,n,o){let i,s=null;if(o&&!this.tenantProfileMatchesFilter(r,o))return null;const a=this.getIdToken(e,n,t,r.tenantId);return a&&(i=vr(a.secret,this.cryptoImpl.base64Decode),!this.idTokenClaimsMatchTenantProfileFilter(i,o))?null:(s=Cr(e,r,i,a?.secret),s)}getTenantProfilesFromAccountEntity(e,t,r,n){const o=Br(e);let i=o.tenantProfiles||new Map;const s=this.getTokenKeys();if(r){const e=i.get(r);if(!e)return[];i=new Map([[r,e]])}const a=[];return i.forEach((e=>{const r=this.getTenantedAccountInfoByFilter(o,s,e,t,n);r&&a.push(r)})),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId))&&((!t.name||e.name===t.name)&&(void 0===t.isHomeTenant||e.isHomeTenant===t.isHomeTenant))}idTokenClaimsMatchTenantProfileFilter(e,t){if(t){if(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId))return!1;if(t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint))return!1;if(t.username&&!this.matchUsername(e.preferred_username,t.username))return!1;if(t.name&&!this.matchName(e,t.name))return!1;if(t.sid&&!this.matchSid(e,t.sid))return!1}return!0}async saveCacheRecord(e,t,r,n,o){if(!e)throw be(ut);try{e.account&&await this.setAccount(e.account,t,r,n),e.idToken&&!1!==o?.idToken&&await this.setIdTokenCredential(e.idToken,t,r),e.accessToken&&!1!==o?.accessToken&&await this.saveAccessToken(e.accessToken,t,r),e.refreshToken&&!1!==o?.refreshToken&&await this.setRefreshTokenCredential(e.refreshToken,t,r),e.appMetadata&&this.setAppMetadata(e.appMetadata,t)}catch(e){throw this.commonLogger?.error("0j476p",t),e instanceof we?e:xr(e)}}async saveAccessToken(e,t,r){const n={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType},o=this.getTokenKeys(),i=Pt.fromString(e.target);o.accessToken.forEach((e=>{if(!this.accessTokenKeyMatchesFilter(e,n,!1))return;const r=this.getAccessTokenCredential(e,t);if(r&&this.credentialMatchesFilter(r,n,t)){Pt.fromString(r.target).intersectingScopeSets(i)&&this.removeAccessToken(e,t)}})),await this.setAccessTokenCredential(e,t,r)}getAccountsFilteredBy(e,t){const r=this.getAccountKeys(),n=[];return r.forEach((r=>{const o=this.getAccount(r,t);if(!o)return;if(e.homeAccountId&&!this.matchHomeAccountId(o,e.homeAccountId))return;if(e.username&&!this.matchUsername(o.username,e.username))return;if(e.environment&&!this.matchEnvironment(o,e.environment,t))return;if(e.realm&&!this.matchRealm(o,e.realm))return;if(e.nativeAccountId&&!this.matchNativeAccountId(o,e.nativeAccountId))return;if(e.authorityType&&!this.matchAuthorityType(o,e.authorityType))return;const i={localAccountId:e?.localAccountId,name:e?.name},s=o.tenantProfiles?.filter((e=>this.tenantProfileMatchesFilter(e,i)));s&&0===s.length||n.push(o)})),n}credentialMatchesFilter(e,t,r){if(t.clientId&&!this.matchClientId(e,t.clientId))return!1;if(t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash))return!1;if("string"==typeof t.homeAccountId&&!this.matchHomeAccountId(e,t.homeAccountId))return!1;if(t.environment&&!this.matchEnvironment(e,t.environment,r))return!1;if(t.realm&&!this.matchRealm(e,t.realm))return!1;if(t.credentialType&&!this.matchCredentialType(e,t.credentialType))return!1;if(t.familyId&&!this.matchFamilyId(e,t.familyId))return!1;if(t.target&&!this.matchTarget(e,t.target))return!1;if(e.credentialType===L.ACCESS_TOKEN_WITH_AUTH_SCHEME){if(t.tokenType&&!this.matchTokenType(e,t.tokenType))return!1;if(t.tokenType===G.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId))return!1}return!0}getAppMetadataFilteredBy(e,t){const r=this.getKeys(),n={};return r.forEach((r=>{if(!this.isAppMetadata(r))return;const o=this.getAppMetadata(r,t);o&&(e.environment&&!this.matchEnvironment(o,e.environment,t)||e.clientId&&!this.matchClientId(o,e.clientId)||(n[r]=o))})),n}getAuthorityMetadataByAlias(e,t){const r=this.getAuthorityMetadataKeys();let n=null;return r.forEach((r=>{if(!this.isAuthorityMetadata(r)||-1===r.indexOf(this.clientId))return;const o=this.getAuthorityMetadata(r,t);o&&-1!==o.aliases.indexOf(e)&&(n=o)})),n}removeAllAccounts(e){this.getAllAccounts({},e).forEach((t=>{this.removeAccount(t,e)}))}removeAccount(e,t){this.removeAccountContext(e,t);this.getAccountKeys().filter((t=>t.includes(e.homeAccountId)&&t.includes(e.environment))).forEach((e=>{this.removeItem(e,t),this.performanceClient.incrementFields({accountsRemoved:1},t)}))}removeAccountContext(e,t){const r=this.getTokenKeys(),n=t=>t.includes(e.homeAccountId)&&t.includes(e.environment);r.idToken.filter(n).forEach((e=>{this.removeIdToken(e,t)})),r.accessToken.filter(n).forEach((e=>{this.removeAccessToken(e,t)})),r.refreshToken.filter(n).forEach((e=>{this.removeRefreshToken(e,t)}))}removeAccessToken(e,t){const r=this.getAccessTokenCredential(e,t);if(r&&(this.removeItem(e,t),this.performanceClient.incrementFields({accessTokensRemoved:1},t),r.credentialType.toLowerCase()===L.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()&&r.tokenType===G.POP)){const e=r.keyId;e&&this.cryptoImpl.removeTokenBindingKey(e,t).catch((()=>{this.commonLogger.error("0cx291",t),this.performanceClient?.incrementFields({removeTokenBindingKeyFailure:1},t)}))}}removeAppMetadata(e){return this.getKeys().forEach((t=>{this.isAppMetadata(t)&&this.removeItem(t,e)})),!0}getIdToken(e,t,r,n){this.commonLogger.trace("1drz22",t);const o={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:L.ID_TOKEN,clientId:this.clientId,realm:n},i=this.getIdTokensByFilter(o,t,r),s=i.size;if(s<1)return this.commonLogger.info("1atvtd",t),null;if(s>1){let r=i;if(!n){const n=new Map;i.forEach(((t,r)=>{t.realm===e.tenantId&&n.set(r,t)}));const o=n.size;if(o<1)return this.commonLogger.info("0ooalx",t),i.values().next().value;if(1===o)return this.commonLogger.info("1eq2vc",t),n.values().next().value;r=n}return this.commonLogger.info("1ws328",t),r.forEach(((e,r)=>{this.removeIdToken(r,t)})),this.performanceClient.addFields({multiMatchedID:i.size},t),null}return this.commonLogger.info("1sm769",t),i.values().next().value}getIdTokensByFilter(e,t,r){const n=r&&r.idToken||this.getTokenKeys().idToken,o=new Map;return n.forEach((r=>{if(!this.idTokenKeyMatchesFilter(r,{clientId:this.clientId,...e}))return;const n=this.getIdTokenCredential(r,t);n&&this.credentialMatchesFilter(n,e,t)&&o.set(r,n)})),o}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.clientId||-1!==r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase()))}removeIdToken(e,t){this.removeItem(e,t)}removeRefreshToken(e,t){this.removeItem(e,t)}getAccessToken(e,t,r,n){const o=t.correlationId;this.commonLogger.trace("1t7hz1",o);const i=Pt.createSearchScopes(t.scopes),s=t.authenticationScheme||G.BEARER,a=s&&s.toLowerCase()!==G.BEARER.toLowerCase()?L.ACCESS_TOKEN_WITH_AUTH_SCHEME:L.ACCESS_TOKEN,c={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:a,clientId:this.clientId,realm:n||e.tenantId,target:i,tokenType:s,keyId:t.sshKid},h=r&&r.accessToken||this.getTokenKeys().accessToken,l=[];h.forEach((e=>{if(this.accessTokenKeyMatchesFilter(e,c,!0)){const t=this.getAccessTokenCredential(e,o);t&&this.credentialMatchesFilter(t,c,o)&&l.push(t)}}));const d=l.length;return d<1?(this.commonLogger.info("1nckna",o),null):d>1?(this.commonLogger.info("1wkfwp",o),l.forEach((e=>{this.removeAccessToken(this.generateCredentialKey(e),o)})),this.performanceClient.addFields({multiMatchedAT:l.length},o),null):(this.commonLogger.info("06yt98",o),l[0])}accessTokenKeyMatchesFilter(e,t,r){const n=e.toLowerCase();if(t.clientId&&-1===n.indexOf(t.clientId.toLowerCase()))return!1;if(t.homeAccountId&&-1===n.indexOf(t.homeAccountId.toLowerCase()))return!1;if(t.realm&&-1===n.indexOf(t.realm.toLowerCase()))return!1;if(t.target){const e=t.target.asArray();for(let t=0;t<e.length;t++){if(r&&!n.includes(e[t].toLowerCase()))return!1;if(!r&&n.includes(e[t].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e,t){const r=this.getTokenKeys(),n=[];return r.accessToken.forEach((r=>{if(!this.accessTokenKeyMatchesFilter(r,e,!0))return;const o=this.getAccessTokenCredential(r,t);o&&this.credentialMatchesFilter(o,e,t)&&n.push(o)})),n}getRefreshToken(e,t,r,n){this.commonLogger.trace("0x53vi",r);const o=t?D:void 0,i={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:L.REFRESH_TOKEN,clientId:this.clientId,familyId:o},s=n&&n.refreshToken||this.getTokenKeys().refreshToken,a=[];s.forEach((e=>{if(this.refreshTokenKeyMatchesFilter(e,i)){const t=this.getRefreshTokenCredential(e,r);t&&this.credentialMatchesFilter(t,i,r)&&a.push(t)}}));const c=a.length;return c<1?(this.commonLogger.info("0dlw11",r),null):(c>1&&this.performanceClient.addFields({multiMatchedRT:c},r),this.commonLogger.info("0wcnep",r),a[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.familyId||-1!==r.indexOf(t.familyId.toLowerCase()))&&(!(!t.familyId&&t.clientId&&-1===r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase())))}readAppMetadataFromCache(e,t){const r={environment:e,clientId:this.clientId},n=this.getAppMetadataFilteredBy(r,t),o=Object.keys(n).map((e=>n[e])),i=o.length;if(i<1)return null;if(i>1)throw be(st);return o[0]}isAppMetadataFOCI(e,t){const r=this.readAppMetadataFromCache(e,t);return!(!r||r.familyId!==D)}matchHomeAccountId(e,t){return!("string"!=typeof e.homeAccountId||t!==e.homeAccountId)}matchLocalAccountIdFromTokenClaims(e,t){return t===(e.oid||e.sub)}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){return!(t.toLowerCase()!==e.name?.toLowerCase())}matchUsername(e,t){return!(!e||"string"!=typeof e||t?.toLowerCase()!==e.toLowerCase())}matchUserAssertionHash(e,t){return!(!e.userAssertionHash||t!==e.userAssertionHash)}matchEnvironment(e,t,r){if(this.staticAuthorityOptions){const n=function(e,t,r){let n;const o=e.canonicalAuthority;if(o){const i=new br(o).getUrlComponents().HostNameAndPort;n=Pr(t,r,i,e.cloudDiscoveryMetadata?.metadata)||Pr(t,r,i,_r.metadata)||e.knownAuthorities}return n||[]}(this.staticAuthorityOptions,this.commonLogger,r);if(n.includes(t)&&n.includes(e.environment))return!0}const n=this.getAuthorityMetadataByAlias(t,r);return!!(n&&n.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!(!e.clientId||t!==e.clientId)}matchFamilyId(e,t){return!(!e.familyId||t!==e.familyId)}matchRealm(e,t){return!(e.realm?.toLowerCase()!==t.toLowerCase())}matchNativeAccountId(e,t){return!(!e.nativeAccountId||t!==e.nativeAccountId)}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t||(e.preferred_username===t||e.upn===t)}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!(!e.authorityType||t.toLowerCase()!==e.authorityType.toLowerCase())}matchTarget(e,t){if(e.credentialType!==L.ACCESS_TOKEN&&e.credentialType!==L.ACCESS_TOKEN_WITH_AUTH_SCHEME||!e.target)return!1;return Pt.fromString(e.target).containsScopeSet(t)}matchTokenType(e,t){return!(!e.tokenType||e.tokenType!==t)}matchKeyId(e,t){return!(!e.keyId||e.keyId!==t)}isAppMetadata(e){return-1!==e.indexOf(H)}isAuthorityMetadata(e){return-1!==e.indexOf(F)}generateAuthorityMetadataCacheKey(e){return`${F}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class Jr extends $r{async setAccount(){throw be(bt)}getAccount(){throw be(bt)}async setIdTokenCredential(){throw be(bt)}getIdTokenCredential(){throw be(bt)}async setAccessTokenCredential(){throw be(bt)}getAccessTokenCredential(){throw be(bt)}async setRefreshTokenCredential(){throw be(bt)}getRefreshTokenCredential(){throw be(bt)}setAppMetadata(){throw be(bt)}getAppMetadata(){throw be(bt)}setServerTelemetry(){throw be(bt)}getServerTelemetry(){throw be(bt)}setAuthorityMetadata(){throw be(bt)}getAuthorityMetadata(){throw be(bt)}getAuthorityMetadataKeys(){throw be(bt)}setThrottlingCache(){throw be(bt)}getThrottlingCache(){throw be(bt)}removeItem(){throw be(bt)}getKeys(){throw be(bt)}getAccountKeys(){throw be(bt)}getTokenKeys(){throw be(bt)}generateCredentialKey(){throw be(bt)}generateAccountKey(){throw be(bt)}}const Wr=1,Gr=2,Vr="ext.",Qr=new Set(["accessTokenSize","durationMs","idTokenSize","matsSilentStatus","matsHttpStatus","refreshTokenSize","startTimeMs","status","multiMatchedAT","multiMatchedID","multiMatchedRT","unencryptedCacheCount","encryptedCacheExpiredCount","oldAccountCount","oldAccessCount","oldIdCount","oldRefreshCount","currAccountCount","currAccessCount","currIdCount","currRefreshCount","expiredCacheRemovedCount","upgradedCacheCount","networkRtt","redirectBridgeTimeoutMs","redirectBridgeMessageVersion"]);class Xr{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:Wr,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""}}}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}const Yr={tokenRenewalOffsetSeconds:300,preventCorsPreflight:!1},Zr={loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info,correlationId:""},en={async sendGetRequestAsync(){throw be(bt)},async sendPostRequestAsync(){throw be(bt)}},tn={sku:"msal.js.common",version:fr,cpu:"",os:""},rn={clientSecret:"",clientAssertion:void 0},nn={azureCloudInstance:yr.None,tenant:`${r}`},on={application:{appName:"",appVersion:""}};function sn({authOptions:e,systemOptions:t,loggerOptions:r,storageInterface:n,networkInterface:o,cryptoInterface:i,clientCredentials:s,libraryInfo:a,telemetry:c,serverTelemetryManager:h,persistencePlugin:l,serializableCache:d}){const u={...Zr,...r};return{authOptions:(g=e,{clientCapabilities:[],azureCloudOptions:nn,instanceAware:!1,isMcp:!1,...g}),systemOptions:{...Yr,...t},loggerOptions:u,storageInterface:n||new Jr(e.clientId,lr,new pr(u),new Xr),networkInterface:o||en,cryptoInterface:i||lr,clientCredentials:s||rn,libraryInfo:{...tn,...a},telemetry:{...on,...c},serverTelemetryManager:h||null,persistencePlugin:l||null,serializableCache:d||null};var g}function an(e){return e.authOptions.authority.options.protocolMode===Kr.OIDC}class cn extends we{constructor(e,t,r,n,o){super(e,t,r),this.name="ServerError",this.errorNo=n,this.status=o,Object.setPrototypeOf(this,cn.prototype)}}const hn="no_tokens_found",ln="native_account_unavailable",dn="refresh_token_expired",un="ux_not_allowed",gn="interaction_required",pn="consent_required",mn="login_required",fn="bad_token",yn="interrupted_user";var wn=Object.freeze({__proto__:null,badToken:fn,consentRequired:pn,interactionRequired:gn,interruptedUser:yn,loginRequired:mn,nativeAccountUnavailable:ln,noTokensFound:hn,refreshTokenExpired:dn,uxNotAllowed:un});const In=[gn,pn,mn,fn,un,yn],Cn=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token","ux_not_allowed","interrupted_user"];class vn extends we{constructor(e,t,r,n,o,i,s,a){super(e,t,r),Object.setPrototypeOf(this,vn.prototype),this.timestamp=n||"",this.traceId=o||"",this.correlationId=i||"",this.claims=s||"",this.name="InteractionRequiredAuthError",this.errorNo=a}}function kn(e,t,r){const n=!!e&&In.indexOf(e)>-1,o=!!r&&Cn.indexOf(r)>-1,i=!!t&&In.some((e=>t.indexOf(e)>-1));return n||i||o}function Tn(e,t){return new vn(e,t)}function bn(e,t,r){const n=function(e,t){if(!e)throw be(mt);const r={id:e.createNewGuid()};t&&(r.meta=t);const n=JSON.stringify(r);return e.base64Encode(n)}(e,r);return t?`${n}|${t}`:n}function An(e,t){if(!e)throw be(mt);if(!t)throw be(et);try{const r=t.split("|"),n=r[0],o=r.length>1?r.slice(1).join("|"):"",i=e(n);return{userRequestState:o||"",libraryState:JSON.parse(i)}}catch(e){throw be(et)}}function Sn(){return Math.round((new Date).getTime()/1e3)}function _n(e){return e.getTime()/1e3}function En(e){return e?new Date(1e3*Number(e)):new Date}function Pn(e,t){const r=Number(e)||0;return Sn()+t>r}function Rn(e,t){const r=Number(e)+24*t*60*60*1e3;return Date.now()>r}function On(e){return Number(e)>Sn()}const Mn="networkClientSendPostRequestAsync",xn="refreshTokenClientAcquireTokenWithCachedRefreshToken",qn="getAuthCodeUrl",Nn="handleCodeResponseFromServer",Un="popTokenGenerateCnf",Ln="handleServerTokenResponse",Hn="authorityUpdateMetadataWithRegionalInformation",Dn="regionDiscoveryGetRegionFromIMDS",Fn=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);o&&n.incrementFields({[`ext.${t}CallCount`]:1},o);try{const t=e(...i);return s.end({success:!0}),r.trace("1g8n6a",o),t}catch(e){r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}},Kn=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);return o&&n.incrementFields({[`ext.${t}CallCount`]:1},o),e(...i).then((e=>(r.trace("1g8n6a",o),s.end({success:!0}),e))).catch((e=>{r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}))},Bn="sw";class zn{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){const r=await Kn(this.generateKid.bind(this),Un,t,this.performanceClient,e.correlationId)(e),n=this.cryptoUtils.base64UrlEncode(JSON.stringify(r));return{kid:r.kid,reqCnfString:n}}async generateKid(e){return{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:Bn}}async signPopToken(e,t,r){return this.signPayload(e,t,r)}async signPayload(e,t,r,n){const{resourceRequestMethod:o,resourceRequestUri:i,shrClaims:s,shrNonce:a,shrOptions:c}=r,h=i?new br(i):void 0,l=h?.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:Sn(),m:o?.toUpperCase(),u:l?.HostNameAndPort,nonce:a||this.cryptoUtils.createNewGuid(),p:l?.AbsolutePath,q:l?.QueryString?[[],l.QueryString]:void 0,client_claims:s||void 0,...n},t,c,r.correlationId)}}class jn{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}function $n(e,t,r,n,o){return{credentialType:L.ID_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,realm:o,lastUpdatedAt:Date.now().toString()}}function Jn(e,t,r,n,o,i,s,a,c,h,l,d,u){const g={homeAccountId:e,credentialType:L.ACCESS_TOKEN,secret:r,cachedAt:Sn().toString(),expiresOn:s.toString(),extendedExpiresOn:a.toString(),environment:t,clientId:n,realm:o,target:i,tokenType:l||G.BEARER,lastUpdatedAt:Date.now().toString()};if(d&&(g.userAssertionHash=d),h&&(g.refreshOn=h.toString()),g.tokenType?.toLowerCase()!==G.BEARER.toLowerCase())switch(g.credentialType=L.ACCESS_TOKEN_WITH_AUTH_SCHEME,g.tokenType){case G.POP:const e=vr(r,c);if(!e?.cnf?.kid)throw be(yt);g.keyId=e.cnf.kid;break;case G.SSH:g.keyId=u}return g}function Wn(e,t,r,n,o,i,s){const a={credentialType:L.REFRESH_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,lastUpdatedAt:Date.now().toString()};return i&&(a.userAssertionHash=i),o&&(a.familyId=o),s&&(a.expiresOn=s.toString()),a}function Gn(e){return e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("credentialType")&&e.hasOwnProperty("clientId")&&e.hasOwnProperty("secret")}function Vn(e){return!!e&&(Gn(e)&&e.hasOwnProperty("realm")&&e.hasOwnProperty("target")&&(e.credentialType===L.ACCESS_TOKEN||e.credentialType===L.ACCESS_TOKEN_WITH_AUTH_SCHEME))}function Qn(e){return!!e&&(Gn(e)&&e.credentialType===L.REFRESH_TOKEN)}function Xn(){return Sn()+86400}function Yn(e,t,r){e.authorization_endpoint=t.authorization_endpoint,e.token_endpoint=t.token_endpoint,e.end_session_endpoint=t.end_session_endpoint,e.issuer=t.issuer,e.endpointsFromNetwork=r,e.jwks_uri=t.jwks_uri}function Zn(e,t,r){e.aliases=t.aliases,e.preferred_cache=t.preferred_cache,e.preferred_network=t.preferred_network,e.aliasesFromNetwork=r}function eo(e){return e.expiresAt<=Sn()}class to{constructor(e,t,r,n,o,i,s){this.clientId=e,this.cacheStorage=t,this.cryptoObj=r,this.logger=n,this.performanceClient=o,this.serializableCache=i,this.persistencePlugin=s}validateTokenResponse(e,t,r){if(e.error||e.error_description||e.suberror){const n=`Error(s): ${e.error_codes||h} - Timestamp: ${e.timestamp||h} - Description: ${e.error_description||h} - Correlation ID: ${e.correlation_id||h} - Trace ID: ${e.trace_id||h}`,o=e.error_codes?.length?e.error_codes[0]:void 0,i=new cn(e.error,n,e.suberror,o,e.status);if(r&&e.status&&e.status>=500&&e.status<=599)return void this.logger.warning("16ks7j",t);if(r&&e.status&&e.status>=400&&e.status<=499)return void this.logger.warning("0g61x3",t);if(kn(e.error,e.error_description,e.suberror))throw new vn(e.error,e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",o);throw i}}async handleServerTokenResponse(e,t,r,n,o,i,s,a,c,h){let l,d;if(e.id_token){if(l=vr(e.id_token||"",this.cryptoObj.base64Decode),i&&i.nonce&&l.nonce!==i.nonce)throw be(nt);if(n.maxAge||0===n.maxAge){const e=l.auth_time;if(!e)throw be(ot);Tr(e,n.maxAge)}}this.homeAccountIdentifier=jr(e.client_info||"",t.authorityType,this.logger,this.cryptoObj,n.correlationId,l),i&&i.state&&(d=An(this.cryptoObj.base64Decode,i.state)),e.key_id=e.key_id||n.sshKid||void 0;const u=this.generateCacheRecord(e,t,r,n,l,s,i);let g;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("0jbz5k",n.correlationId),g=new jn(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(g)),a&&!c&&u.account){if(this.cacheStorage.getAllAccounts({homeAccountId:u.account.homeAccountId,environment:u.account.environment},n.correlationId).length<1)return this.logger.warning("1gmt66",n.correlationId),this.performanceClient?.addFields({acntLoggedOut:!0},n.correlationId),await to.generateAuthenticationResult(this.cryptoObj,t,u,!1,n,this.performanceClient,l,d,void 0,h)}await this.cacheStorage.saveCacheRecord(u,n.correlationId,kr(l||{}),o,n.storeInCache)}finally{this.persistencePlugin&&this.serializableCache&&g&&(this.logger.verbose("1bh17u",n.correlationId),await this.persistencePlugin.afterCacheAccess(g))}return to.generateAuthenticationResult(this.cryptoObj,t,u,!1,n,this.performanceClient,l,d,e,h)}generateCacheRecord(e,t,r,n,o,i,s){const a=t.getPreferredCache();if(!a)throw be(gt);const c=Fr(o);let h,l;e.id_token&&o&&(h=$n(this.homeAccountIdentifier,a,e.id_token,this.clientId,c||""),l=ro(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,n.correlationId,o,e.client_info,a,c,s,void 0,this.logger));let d=null;if(e.access_token){const o=e.scope?Pt.fromString(e.scope):new Pt(n.scopes||[]),s=("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0,h=("string"==typeof e.ext_expires_in?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,l=("string"==typeof e.refresh_in?parseInt(e.refresh_in,10):e.refresh_in)||void 0,u=r+s,g=u+h,p=l&&l>0?r+l:void 0;d=Jn(this.homeAccountIdentifier,a,e.access_token,this.clientId,c||t.tenant||"",o.printScopes(),u,g,this.cryptoObj.base64Decode,p,e.token_type,i,e.key_id);const m=n.resource||null;m&&(d.resource=m)}let u=null;if(e.refresh_token){let t;if(e.refresh_token_expires_in){t=r+("string"==typeof e.refresh_token_expires_in?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in),this.performanceClient?.addFields({ntwkRtExpiresOnSeconds:t},n.correlationId)}u=Wn(this.homeAccountIdentifier,a,e.refresh_token,this.clientId,e.foci,i,t)}let g=null;return e.foci&&(g={clientId:this.clientId,environment:a,familyId:e.foci}),{account:l,idToken:h,accessToken:d,refreshToken:u,appMetadata:g}}static async generateAuthenticationResult(e,t,r,n,o,i,s,a,c,h){let l,d,u="",g=[],p=null,m="";if(r.accessToken){if(r.accessToken.tokenType!==G.POP||o.popKid)u=r.accessToken.secret;else{const t=new zn(e,i),{secret:n,keyId:s}=r.accessToken;if(!s)throw be(vt);u=await t.signPopToken(n,s,o)}g=Pt.fromString(r.accessToken.target).asArray(),p=En(r.accessToken.expiresOn),l=En(r.accessToken.extendedExpiresOn),r.accessToken.refreshOn&&(d=En(r.accessToken.refreshOn))}r.appMetadata&&(m=r.appMetadata.familyId===D?D:"");const f=s?.oid||s?.sub||"",y=s?.tid||"";c?.spa_accountid&&r.account&&(r.account.nativeAccountId=c?.spa_accountid);const w=r.account?Cr(Br(r.account),void 0,s,r.idToken?.secret):null;return{authority:t.canonicalAuthority,uniqueId:f,tenantId:y,scopes:g,account:w,idToken:r?.idToken?.secret||"",idTokenClaims:s||{},accessToken:u,fromCache:n,expiresOn:p,extExpiresOn:l,refreshOn:d,correlationId:o.correlationId,requestId:h||"",familyId:m,tokenType:r.accessToken?.tokenType||"",state:a?a.userRequestState:"",cloudGraphHostName:r.account?.cloudGraphHostName||"",msGraphHost:r.account?.msGraphHost||"",code:c?.spa_code,fromPlatformBroker:!1}}}function ro(e,t,r,n,o,i,s,a,c,h,l,d){d?.verbose("09jz0t",o);const u=e.getAccountKeys().find((e=>e.startsWith(r)));let g=null;u&&(g=e.getAccount(u,o));const p=g||function(e,t,r){let n,o,i;n=t.authorityType===Lr?"ADFS":t.protocolMode===Kr.OIDC?U:"MSSTS",e.clientInfo&&r&&(o=qr(e.clientInfo,r),o.xms_tdbr&&(i="EU"===o.xms_tdbr?"EU":"None"));const s=e.environment||t&&t.getPreferredCache();if(!s)throw be(gt);const a=e.idTokenClaims?.preferred_username||e.idTokenClaims?.upn,c=e.idTokenClaims?.emails?e.idTokenClaims.emails[0]:null,h=a||c||"",l=e.idTokenClaims?.login_hint,d=o?.utid||Fr(e.idTokenClaims)||"",u=o?.uid||e.idTokenClaims?.oid||e.idTokenClaims?.sub||"";let g;g=e.tenantProfiles?e.tenantProfiles:[Ir(e.homeAccountId,u,d,e.idTokenClaims)];return{homeAccountId:e.homeAccountId,environment:s,realm:d,localAccountId:u,username:h,authorityType:n,loginHint:l,clientInfo:e.clientInfo,name:e.idTokenClaims?.name||"",lastModificationTime:void 0,lastModificationApp:void 0,cloudGraphHostName:e.cloudGraphHostName,msGraphHost:e.msGraphHost,nativeAccountId:e.nativeAccountId,tenantProfiles:g,dataBoundary:i}}({homeAccountId:r,idTokenClaims:i,clientInfo:s,environment:a,cloudGraphHostName:h?.cloud_graph_host_name,msGraphHost:h?.msgraph_host,nativeAccountId:l},t,n),m=p.tenantProfiles||[],f=c||p.realm;if(f&&!m.find((e=>e.tenantId===f))){const e=Ir(r,p.localAccountId,f,i);m.push(e)}return p.tenantProfiles=m,p}const no="home_account_id",oo="UPN";async function io(e,t,r){if("string"==typeof e)return e;return e({clientId:t,tokenEndpoint:r})}function so(e,t,r){return{clientId:e,authority:t.authority,scopes:t.scopes,homeAccountIdentifier:r,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid,embeddedClientId:t.embeddedClientId||t.extraParameters?.clientId}}class ao{static generateThrottlingStorageKey(e){return`${V}.${JSON.stringify(e)}`}static preProcess(e,t,r){const n=ao.generateThrottlingStorageKey(t),o=e.getThrottlingCache(n,r);if(o){if(o.throttleTime<Date.now())return void e.removeItem(n,r);throw new cn(o.errorCodes?.join(" ")||"",o.errorMessage,o.subError)}}static postProcess(e,t,r,n){if(ao.checkResponseStatus(r)||ao.checkResponseForRetryAfter(r)){const o={throttleTime:ao.calculateThrottleTime(parseInt(r.headers[w])),error:r.body.error,errorCodes:r.body.error_codes,errorMessage:r.body.error_description,subError:r.body.suberror};e.setThrottlingCache(ao.generateThrottlingStorageKey(t),o,n)}}static checkResponseStatus(e){return 429===e.status||e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return!!e.headers&&(e.headers.hasOwnProperty(w)&&(e.status<200||e.status>=300))}static calculateThrottleTime(e){const t=e<=0?0:e,r=Date.now()/1e3;return Math.floor(1e3*Math.min(r+(t||60),r+3600))}static removeThrottle(e,t,r,n){const o=so(t,r,n),i=this.generateThrottlingStorageKey(o);e.removeItem(i,r.correlationId)}}class co extends we{constructor(e,t,r){super(e.errorCode,e.errorMessage,e.subError),Object.setPrototypeOf(this,co.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=r}}function ho(e,t,r,n){return e.errorMessage=`${e.errorMessage}, additionalErrorInfo: error.name:${n?.name}, error.message:${n?.message}`,new co(e,t,r)}function lo(e,t,r){const n={};if(n[f]="application/x-www-form-urlencoded;charset=utf-8",!t&&r)switch(r.type){case no:try{const e=Nr(r.credential);n[I]=`Oid:${e.uid}@${e.utid}`}catch(t){e.verbose("1qhtee","")}break;case oo:n[I]=`UPN: ${r.credential}`}return n}function uo(e,t,r,n){const o=new Map;return e.embeddedClientId&&nr(o,t,r),e.extraQueryParameters&&Xt(o,e.extraQueryParameters),Ft(o,e.correlationId),Rt(o,e.correlationId,n),cr(o)}async function go(e,t,r,n,o,i,s,a,c,h){const l=await async function(e,t,r,n,o,i,s,a){let c;ao.preProcess(o,e,n);try{c=await Kn(i.sendPostRequestAsync.bind(i),Mn,s,a,n)(t,r);const e=c.headers||{};a?.addFields({refreshTokenSize:c.body.refresh_token?.length||0,httpVerToken:e[T]||"",requestId:e[k]||""},n)}catch(e){if(e instanceof co){const t=e.responseHeaders;throw t&&a?.addFields({httpVerToken:t[T]||"",requestId:t[k]||"",contentTypeHeader:t[f]||void 0,contentLengthHeader:t[y]||void 0,httpStatus:e.httpStatus},n),e.error}throw e instanceof we?e:be(Xe)}return ao.postProcess(o,e,c,n),c}(n,e,{body:t,headers:r},o,i,s,a,c);return h&&l.status<500&&429!==l.status&&h.clearTelemetryCache(),l}class po{constructor(e,t,r,n){this.networkInterface=e,this.logger=t,this.performanceClient=r,this.correlationId=n}async detectRegion(e,t){let r=e;if(r)t.region_source=X;else{const e=po.IMDS_OPTIONS;try{const n=await Kn(this.getRegionFromIMDS.bind(this),Dn,this.logger,this.performanceClient,this.correlationId)("2020-06-01",e);if(200===n.status&&(r=n.body,t.region_source=Y),400===n.status){const n=await Kn(this.getCurrentVersion.bind(this),"regionDiscoveryGetCurrentVersion",this.logger,this.performanceClient,this.correlationId)(e);if(!n)return t.region_source=Q,null;const o=await Kn(this.getRegionFromIMDS.bind(this),Dn,this.logger,this.performanceClient,this.correlationId)(n,e);200===o.status&&(r=o.body,t.region_source=Y)}}catch(e){return t.region_source=Q,null}}return r||(t.region_source=Q),r||null}async getRegionFromIMDS(e,t){return this.networkInterface.sendGetRequestAsync(`${l}?api-version=${e}&format=text`,t,2e3)}async getCurrentVersion(e){try{const t=await this.networkInterface.sendGetRequestAsync(`${l}?format=json`,e);return 400===t.status&&t.body&&t.body["newest-versions"]&&t.body["newest-versions"].length>0?t.body["newest-versions"][0]:null}catch(e){return null}}}po.IMDS_OPTIONS={headers:{Metadata:"true"}};class mo{constructor(e,t,r,n,o,i,s,a){this.canonicalAuthority=e,this._canonicalAuthority.validateAsUri(),this.networkInterface=t,this.cacheManager=r,this.authorityOptions=n,this.regionDiscoveryMetadata={region_used:void 0,region_source:void 0,region_outcome:void 0},this.logger=o,this.performanceClient=s,this.correlationId=i,this.managedIdentity=a||!1,this.regionDiscovery=new po(t,this.logger,this.performanceClient,this.correlationId)}getAuthorityType(e){if(e.HostNameAndPort.endsWith(o))return Dr;const t=e.PathSegments;if(t.length)switch(t[0].toLowerCase()){case"adfs":return Lr;case"dstsv2":return Hr}return Ur}get authorityType(){return this.getAuthorityType(this.canonicalAuthorityUrlComponents)}get protocolMode(){return this.authorityOptions.protocolMode}get options(){return this.authorityOptions}get canonicalAuthority(){return this._canonicalAuthority.urlString}set canonicalAuthority(e){this._canonicalAuthority=new br(e),this._canonicalAuthority.validateAsUri(),this._canonicalAuthorityUrlComponents=null}get canonicalAuthorityUrlComponents(){return this._canonicalAuthorityUrlComponents||(this._canonicalAuthorityUrlComponents=this._canonicalAuthority.getUrlComponents()),this._canonicalAuthorityUrlComponents}get hostnameAndPort(){return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()}get tenant(){return this.canonicalAuthorityUrlComponents.PathSegments[0]}get authorizationEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.authorization_endpoint);throw be(Qe)}get tokenEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint);throw be(Qe)}get deviceCodeEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint.replace("/token","/devicecode"));throw be(Qe)}get endSessionEndpoint(){if(this.discoveryComplete()){if(!this.metadata.end_session_endpoint)throw be(Ct);return this.replacePath(this.metadata.end_session_endpoint)}throw be(Qe)}get selfSignedJwtAudience(){if(this.discoveryComplete())return this.replacePath(this.metadata.issuer);throw be(Qe)}get jwksUri(){if(this.discoveryComplete())return this.replacePath(this.metadata.jwks_uri);throw be(Qe)}canReplaceTenant(e){return 1===e.PathSegments.length&&!mo.reservedTenantDomains.has(e.PathSegments[0])&&this.getAuthorityType(e)===Ur&&this.protocolMode!==Kr.OIDC}replaceTenant(e){return e.replace(/{tenant}|{tenantid}/g,this.tenant)}replacePath(e){let t=e;const r=new br(this.metadata.canonical_authority).getUrlComponents(),n=r.PathSegments;return this.canonicalAuthorityUrlComponents.PathSegments.forEach(((e,o)=>{let i=n[o];if(0===o&&this.canReplaceTenant(r)){const e=new br(this.metadata.authorization_endpoint).getUrlComponents().PathSegments[0];i!==e&&(this.logger.verbose("1q3g2x",this.correlationId),i=e)}e!==i&&(t=t.replace(`/${i}/`,`/${e}/`))})),this.replaceTenant(t)}get defaultOpenIdConfigurationEndpoint(){const e=this.hostnameAndPort;return this.canonicalAuthority.endsWith("v2.0/")||this.authorityType===Lr||this.protocolMode===Kr.OIDC&&!this.isAliasOfKnownMicrosoftAuthority(e)?`${this.canonicalAuthority}.well-known/openid-configuration`:`${this.canonicalAuthority}v2.0/.well-known/openid-configuration`}discoveryComplete(){return!!this.metadata}async resolveEndpointsAsync(){const e=this.getCurrentMetadataEntity(),t=await Kn(this.updateCloudDiscoveryMetadata.bind(this),"authorityUpdateCloudDiscoveryMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.canonicalAuthority=this.canonicalAuthority.replace(this.hostnameAndPort,e.preferred_network);const r=await Kn(this.updateEndpointMetadata.bind(this),"authorityUpdateEndpointMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.updateCachedMetadata(e,t,{source:r}),this.performanceClient?.addFields({cloudDiscoverySource:t,authorityEndpointSource:r},this.correlationId)}getCurrentMetadataEntity(){let e=this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort,this.correlationId);return e||(e={aliases:[],preferred_cache:this.hostnameAndPort,preferred_network:this.hostnameAndPort,canonical_authority:this.canonicalAuthority,authorization_endpoint:"",token_endpoint:"",end_session_endpoint:"",issuer:"",aliasesFromNetwork:!1,endpointsFromNetwork:!1,expiresAt:Xn(),jwks_uri:""}),e}updateCachedMetadata(e,t,r){t!==B&&r?.source!==B&&(e.expiresAt=Xn(),e.canonical_authority=this.canonicalAuthority);const n=this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache,this.correlationId);this.cacheManager.setAuthorityMetadata(n,e,this.correlationId),this.metadata=e}async updateEndpointMetadata(e){const t=this.updateEndpointMetadataFromLocalSources(e);if(t){if(t.source===j&&this.authorityOptions.azureRegionConfiguration?.azureRegion&&t.metadata){Yn(e,await Kn(this.updateMetadataWithRegionalInformation.bind(this),Hn,this.logger,this.performanceClient,this.correlationId)(t.metadata),!1),e.canonical_authority=this.canonicalAuthority}return t.source}let r=await Kn(this.getEndpointMetadataFromNetwork.bind(this),"authorityGetEndpointMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return this.authorityOptions.azureRegionConfiguration?.azureRegion&&(r=await Kn(this.updateMetadataWithRegionalInformation.bind(this),Hn,this.logger,this.performanceClient,this.correlationId)(r)),Yn(e,r,!0),z;throw be(Ye,this.defaultOpenIdConfigurationEndpoint)}updateEndpointMetadataFromLocalSources(e){this.logger.verbose("1fi0kc",this.correlationId);const t=this.getEndpointMetadataFromConfig();if(t)return this.logger.verbose("06t0uj",this.correlationId),Yn(e,t,!1),{source:K};this.logger.verbose("151k0p",this.correlationId);const r=this.getEndpointMetadataFromHardcodedValues();if(r)return Yn(e,r,!1),{source:j,metadata:r};this.logger.verbose("1imop5",this.correlationId);const n=eo(e);return this.isAuthoritySameType(e)&&e.endpointsFromNetwork&&!n?(this.logger.verbose("16uq31",""),{source:B}):(n&&this.logger.verbose("0uoibc",""),null)}isAuthoritySameType(e){return new br(e.canonical_authority).getUrlComponents().PathSegments.length===this.canonicalAuthorityUrlComponents.PathSegments.length}getEndpointMetadataFromConfig(){if(this.authorityOptions.authorityMetadata)try{return JSON.parse(this.authorityOptions.authorityMetadata)}catch(e){throw ve(Ne)}return null}async getEndpointMetadataFromNetwork(){const e={},t=this.defaultOpenIdConfigurationEndpoint;this.logger.verbose("1y65x6",this.correlationId);try{const r=await this.networkInterface.sendGetRequestAsync(t,e),n=function(e){return e.hasOwnProperty("authorization_endpoint")&&e.hasOwnProperty("token_endpoint")&&e.hasOwnProperty("issuer")&&e.hasOwnProperty("jwks_uri")}(r.body);return n?r.body:(this.logger.verbose("1koyv8",this.correlationId),null)}catch(e){return this.logger.verbose("0a9wik",this.correlationId),null}}getEndpointMetadataFromHardcodedValues(){return this.hostnameAndPort in Sr?Sr[this.hostnameAndPort]:null}async updateMetadataWithRegionalInformation(e){const t=this.authorityOptions.azureRegionConfiguration?.azureRegion;if(t){if("TryAutoDetect"!==t)return this.regionDiscoveryMetadata.region_outcome=Z,this.regionDiscoveryMetadata.region_used=t,mo.replaceWithRegionalInformation(e,t);const r=await Kn(this.regionDiscovery.detectRegion.bind(this.regionDiscovery),"regionDiscoveryDetectRegion",this.logger,this.performanceClient,this.correlationId)(this.authorityOptions.azureRegionConfiguration?.environmentRegion,this.regionDiscoveryMetadata);if(r)return this.regionDiscoveryMetadata.region_outcome=ee,this.regionDiscoveryMetadata.region_used=r,mo.replaceWithRegionalInformation(e,r);this.regionDiscoveryMetadata.region_outcome=te}return e}async updateCloudDiscoveryMetadata(e){const t=this.updateCloudDiscoveryMetadataFromLocalSources(e);if(t)return t;const r=await Kn(this.getCloudDiscoveryMetadataFromNetwork.bind(this),"authorityGetCloudDiscoveryMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return Zn(e,r,!0),z;throw ve(Ue)}updateCloudDiscoveryMetadataFromLocalSources(e){this.logger.verbose("0jhlgt",this.correlationId),this.logger.verbosePii("1fy7uz",this.correlationId),this.logger.verbosePii("08zabj",this.correlationId),this.logger.verbosePii("1o1kv3",this.correlationId);const t=this.getCloudDiscoveryMetadataFromConfig();if(t)return this.logger.verbose("1nakio",this.correlationId),Zn(e,t,!1),K;this.logger.verbose("1x74aj",this.correlationId);const r=(n=this.hostnameAndPort,Rr(_r.metadata,n));var n;if(r)return this.logger.verbose("0by47c",this.correlationId),Zn(e,r,!1),j;this.logger.verbose("0r2fzy",this.correlationId);const o=eo(e);return this.isAuthoritySameType(e)&&e.aliasesFromNetwork&&!o?(this.logger.verbose("1uffgh",""),B):(o&&this.logger.verbose("0uoibc",""),null)}getCloudDiscoveryMetadataFromConfig(){if(this.authorityType===Dr)return this.logger.verbose("04y84h",this.correlationId),mo.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);if(this.authorityOptions.cloudDiscoveryMetadata){this.logger.verbose("0gszr3",this.correlationId);try{this.logger.verbose("1iifkx",this.correlationId);const e=Rr(JSON.parse(this.authorityOptions.cloudDiscoveryMetadata).metadata,this.hostnameAndPort);if(this.logger.verbose("0q67e3",""),e)return this.logger.verbose("0hzfao",this.correlationId),e;this.logger.verbose("1ajz3u",this.correlationId)}catch(e){throw this.logger.verbose("1wq5tu",this.correlationId),ve(qe)}}return this.isInKnownAuthorities()?(this.logger.verbose("0mt9al",this.correlationId),mo.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)):null}async getCloudDiscoveryMetadataFromNetwork(){const e=`${n}${this.canonicalAuthority}oauth2/v2.0/authorize`,t={};let r=null;try{const n=await this.networkInterface.sendGetRequestAsync(e,t);let o,i;if(function(e){return e.hasOwnProperty("tenant_discovery_endpoint")&&e.hasOwnProperty("metadata")}(n.body))o=n.body,i=o.metadata,this.logger.verbosePii("1vglyt",this.correlationId);else{if(!function(e){return e.hasOwnProperty("error")&&e.hasOwnProperty("error_description")}(n.body))return this.logger.error("0768g0",this.correlationId),null;if(this.logger.warning("062uto",this.correlationId),o=n.body,"invalid_instance"===o.error)return this.logger.error("1x90tm",this.correlationId),null;this.logger.warning("0wchdm",this.correlationId),this.logger.warning("1s5mpv",this.correlationId),this.logger.warning("1yhqpw",this.correlationId),i=[]}this.logger.verbose("1lrobr",this.correlationId),r=Rr(i,this.hostnameAndPort)}catch(e){return e instanceof we?this.logger.error("0vwhc7",this.correlationId):this.logger.error("0s2z41",this.correlationId),null}return r||(this.logger.warning("0jp28q",this.correlationId),this.logger.verbose("130sd8",this.correlationId),r=mo.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),r}isInKnownAuthorities(){return this.authorityOptions.knownAuthorities.filter((e=>e&&br.getDomainFromUrl(e).toLowerCase()===this.hostnameAndPort)).length>0}static generateAuthority(e,t){let n;if(t&&t.azureCloudInstance!==yr.None){const e=t.tenant?t.tenant:r;n=`${t.azureCloudInstance}/${e}/`}return n||e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return"login.microsoftonline.com";if(this.discoveryComplete())return this.metadata.preferred_cache;throw be(Qe)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return Er.has(e)}static isPublicCloudAuthority(e){return d.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,r){const n=new br(e);n.validateAsUri();const o=n.getUrlComponents();let i=`${t}.${o.HostNameAndPort}`;this.isPublicCloudAuthority(o.HostNameAndPort)&&(i=`${t}.login.microsoft.com`);const s=br.constructAuthorityUriFromObject({...n.getUrlComponents(),HostNameAndPort:i}).urlString;return r?`${s}?${r}`:s}static replaceWithRegionalInformation(e,t){const r={...e};return r.authorization_endpoint=mo.buildRegionalAuthorityString(r.authorization_endpoint,t),r.token_endpoint=mo.buildRegionalAuthorityString(r.token_endpoint,t),r.end_session_endpoint&&(r.end_session_endpoint=mo.buildRegionalAuthorityString(r.end_session_endpoint,t)),r}static transformCIAMAuthority(e){let t=e;const r=new br(e).getUrlComponents();if(0===r.PathSegments.length&&r.HostNameAndPort.endsWith(o)){t=`${t}${r.HostNameAndPort.split(".")[0]}.onmicrosoft.com`}return t}}function fo(e){return e.endsWith("/")?e:`${e}/`}function yo(e){const t=e.cloudDiscoveryMetadata;let r;if(t)try{r=JSON.parse(t)}catch(e){throw ve(qe)}return{canonicalAuthority:e.authority?fo(e.authority):void 0,knownAuthorities:e.knownAuthorities,cloudDiscoveryMetadata:r}}async function wo(e,t,r,n,o,i,s){const a=mo.transformCIAMAuthority(fo(e)),c=new mo(a,t,r,n,o,i,s);try{return await Kn(c.resolveEndpointsAsync.bind(c),"authorityResolveEndpointsAsync",o,s,i)(),c}catch(e){throw be(Qe)}}mo.reservedTenantDomains=new Set(["{tenant}","{tenantid}",A,_,S]);class Io{constructor(e,t){this.includeRedirectUri=!0,this.config=sn(e),this.logger=new pr(this.config.loggerOptions,mr,fr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t,this.oidcDefaultScopes=this.config.authOptions.authority.options.OIDCOptions?.defaultScopes}async acquireToken(e,t,r){if(!e.code)throw be(at);r&&r.cloud_instance_host_name&&await Kn(this.updateTokenEndpointAuthority.bind(this),"updateTokenEndpointAuthority",this.logger,this.performanceClient,e.correlationId)(r.cloud_instance_host_name,e.correlationId);const n=Sn(),o=await Kn(this.executeTokenRequest.bind(this),"authClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(this.authority,e,this.serverTelemetryManager),i=o.headers?.[k],s=new to(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return s.validateTokenResponse(o.body,e.correlationId),Kn(s.handleServerTokenResponse.bind(s),Ln,this.logger,this.performanceClient,e.correlationId)(o.body,this.authority,n,e,t,r,void 0,void 0,void 0,i)}getLogoutUri(e){if(!e)throw ve(Me);const t=this.createLogoutUrlQueryString(e);return br.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t,r){const n=uo(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),o=br.appendQueryString(e.tokenEndpoint,n),i=await Kn(this.createTokenRequestBody.bind(this),"authClientCreateTokenRequestBody",this.logger,this.performanceClient,t.correlationId)(t);let s;if(t.clientInfo)try{const e=qr(t.clientInfo,this.cryptoUtils.base64Decode);s={credential:`${e.uid}.${e.utid}`,type:no}}catch(e){this.logger.verbose("0wznt3",t.correlationId)}const a=lo(this.logger,this.config.systemOptions.preventCorsPreflight,s||t.ccsCredential),c=so(this.config.authOptions.clientId,t);return Kn(go,"authorizationCodeClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,t.correlationId)(o,i,a,c,t.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,r)}async createTokenRequestBody(e){const t=new Map;if(xt(t,e.embeddedClientId||e.extraParameters?.[ce]||this.config.authOptions.clientId),this.includeRedirectUri)qt(t,e.redirectUri);else if(!e.redirectUri)throw ve(Ae);if(Mt(t,e.scopes,!0,this.oidcDefaultScopes),or(t,e.resource),function(e,t){e.set("code",t)}(t,e.code),Kt(t,this.config.libraryInfo),Bt(t,this.config.telemetry.application),rr(t),this.serverTelemetryManager&&!an(this.config)&&tr(t,this.serverTelemetryManager),e.codeVerifier&&function(e,t){e.set("code_verifier",t)}(t,e.codeVerifier),this.config.clientCredentials.clientSecret&&$t(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Jt(t,await io(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),Wt(t,r.assertionType)}if(Gt(t,q),Vt(t),e.authenticationScheme===G.POP){const r=new zn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Kn(r.generateCnf.bind(r),Un,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}Zt(t,n)}else if(e.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);er(t,e.sshJwk)}let r;if((!ke.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Dt(t,e.claims,this.config.authOptions.clientCapabilities),e.clientInfo)try{const t=qr(e.clientInfo,this.cryptoUtils.base64Decode);r={credential:`${t.uid}.${t.utid}`,type:no}}catch(t){this.logger.verbose("0wznt3",e.correlationId)}else r=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&r)switch(r.type){case no:try{Lt(t,Nr(r.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case oo:Ut(t,r.credential)}return e.embeddedClientId&&nr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&Xt(t,e.extraParameters),!e.enableSpaAuthorizationCode||e.extraParameters&&e.extraParameters[ue]||Xt(t,{[ue]:"1"}),Rt(t,e.correlationId,this.performanceClient),cr(t)}createLogoutUrlQueryString(e){const t=new Map;return e.postLogoutRedirectUri&&function(e,t){e.set("post_logout_redirect_uri",t)}(t,e.postLogoutRedirectUri),e.correlationId&&Ft(t,e.correlationId),e.idTokenHint&&function(e,t){e.set("id_token_hint",t)}(t,e.idTokenHint),e.state&&zt(t,e.state),e.logoutHint&&function(e,t){e.set("logout_hint",t)}(t,e.logoutHint),e.extraQueryParameters&&Xt(t,e.extraQueryParameters),this.config.authOptions.instanceAware&&Qt(t),cr(t)}async updateTokenEndpointAuthority(e,t){const r=`https://${e}/${this.authority.tenant}/`,n=await wo(r,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=n}}class Co{constructor(e,t){this.config=sn(e),this.logger=new pr(this.config.loggerOptions,mr,fr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireToken(e,t){const r=Sn(),n=await Kn(this.executeTokenRequest.bind(this),"refreshTokenClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(e,this.authority),o=n.headers?.[k],i=new to(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return i.validateTokenResponse(n.body,e.correlationId),Kn(i.handleServerTokenResponse.bind(i),Ln,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,r,e,t,void 0,void 0,!0,e.forceCache,o)}async acquireTokenByRefreshToken(e,t){if(!e)throw ve(Oe);if(!e.account)throw be(dt);if(this.cacheManager.isAppMetadataFOCI(e.account.environment,e.correlationId))try{return await Kn(this.acquireTokenWithCachedRefreshToken.bind(this),xn,this.logger,this.performanceClient,e.correlationId)(e,!0,t)}catch(r){const n=r instanceof vn&&r.errorCode===hn,o=r instanceof cn&&"invalid_grant"===r.errorCode&&"client_mismatch"===r.subError;if(n||o)return Kn(this.acquireTokenWithCachedRefreshToken.bind(this),xn,this.logger,this.performanceClient,e.correlationId)(e,!1,t);throw r}return Kn(this.acquireTokenWithCachedRefreshToken.bind(this),xn,this.logger,this.performanceClient,e.correlationId)(e,!1,t)}async acquireTokenWithCachedRefreshToken(e,t,r){const n=Fn(this.cacheManager.getRefreshToken.bind(this.cacheManager),"cacheManagerGetRefreshToken",this.logger,this.performanceClient,e.correlationId)(e.account,t,e.correlationId,void 0);if(!n)throw Tn(hn);if(n.expiresOn){const t=e.refreshTokenExpirationOffsetSeconds||300;if(this.performanceClient?.addFields({cacheRtExpiresOnSeconds:Number(n.expiresOn),rtOffsetSeconds:t},e.correlationId),Pn(n.expiresOn,t))throw Tn(dn)}const o={...e,refreshToken:n.secret,authenticationScheme:e.authenticationScheme||G.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:no}};try{return await Kn(this.acquireToken.bind(this),"refreshTokenClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(o,r)}catch(t){if(t instanceof vn&&t.subError===fn){this.logger.verbose("1pg3ap",e.correlationId);const t=this.cacheManager.generateCredentialKey(n);this.cacheManager.removeRefreshToken(t,e.correlationId)}throw t}}async executeTokenRequest(e,t){const r=uo(e,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),n=br.appendQueryString(t.tokenEndpoint,r),o=await Kn(this.createTokenRequestBody.bind(this),"refreshTokenClientCreateTokenRequestBody",this.logger,this.performanceClient,e.correlationId)(e),i=lo(this.logger,this.config.systemOptions.preventCorsPreflight,e.ccsCredential),s=so(this.config.authOptions.clientId,e);return Kn(go,"refreshTokenClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,e.correlationId)(n,o,i,s,e.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,this.serverTelemetryManager)}async createTokenRequestBody(e){const t=new Map;if(xt(t,e.embeddedClientId||e.extraParameters?.[ce]||this.config.authOptions.clientId),e.redirectUri&&qt(t,e.redirectUri),Mt(t,e.scopes,!0,this.config.authOptions.authority.options.OIDCOptions?.defaultScopes),Gt(t,N),Vt(t),Kt(t,this.config.libraryInfo),Bt(t,this.config.telemetry.application),rr(t),this.serverTelemetryManager&&!an(this.config)&&tr(t,this.serverTelemetryManager),function(e,t){e.set("refresh_token",t)}(t,e.refreshToken),this.config.clientCredentials.clientSecret&&$t(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Jt(t,await io(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),Wt(t,r.assertionType)}if(e.authenticationScheme===G.POP){const r=new zn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Kn(r.generateCnf.bind(r),Un,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}Zt(t,n)}else if(e.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);er(t,e.sshJwk)}if((!ke.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Dt(t,e.claims,this.config.authOptions.clientCapabilities),this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case no:try{Lt(t,Nr(e.ccsCredential.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case oo:Ut(t,e.ccsCredential.credential)}return e.embeddedClientId&&nr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&Xt(t,{...e.extraParameters}),Rt(t,e.correlationId,this.performanceClient),cr(t)}}class vo{constructor(e,t){this.config=sn(e),this.logger=new pr(this.config.loggerOptions,mr,fr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireCachedToken(e){let t=re;if(e.forceRefresh||!ke.isEmptyObj(e.claims))throw this.setCacheOutcome(ne,e.correlationId),be(ft);if(!e.account)throw be(dt);const r=e.account.tenantId||function(e){const t=new br(e).getUrlComponents(),r=t.PathSegments.slice(-1)[0]?.toLowerCase();switch(r){case A:case S:case _:return;default:return r}}(e.authority),n=this.cacheManager.getTokenKeys(),o=this.cacheManager.getAccessToken(e.account,e,n,r);if(!o)throw this.setCacheOutcome(oe,e.correlationId),be(ft);if(On(o.cachedAt)||Pn(o.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(ie,e.correlationId),be(ft);if(e.resource){if(o.resource!==e.resource)throw this.setCacheOutcome(oe,e.correlationId),be(ft)}else o.refreshOn&&Pn(o.refreshOn,0)&&(t=se);const i=e.authority||this.authority.getPreferredCache(),s={account:this.cacheManager.getAccount(this.cacheManager.generateAccountKey(e.account),e.correlationId),accessToken:o,idToken:this.cacheManager.getIdToken(e.account,e.correlationId,n,r),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(i,e.correlationId)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await Kn(this.generateResultFromCacheRecord.bind(this),"silentFlowClientGenerateResultFromCacheRecord",this.logger,this.performanceClient,e.correlationId)(s,e),t]}setCacheOutcome(e,t){this.serverTelemetryManager?.setCacheOutcome(e),this.performanceClient?.addFields({cacheOutcome:e},t),e!==re&&this.logger.info("09ingz",t)}async generateResultFromCacheRecord(e,t){let r;if(e.idToken&&(r=vr(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge||0===t.maxAge){const e=r?.auth_time;if(!e)throw be(ot);Tr(e,t.maxAge)}return to.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,this.performanceClient,r)}}const ko={sendGetRequestAsync:()=>Promise.reject(be(bt)),sendPostRequestAsync:()=>Promise.reject(be(bt))};function To(e,t,r,n){const o=t.correlationId,i=new Map;xt(i,t.embeddedClientId||t.extraQueryParameters?.[ce]||e.clientId);if(Mt(i,[...t.scopes||[],...t.extraScopesToConsent||[]],!0,e.authority.options.OIDCOptions?.defaultScopes),or(i,t.resource),qt(i,t.redirectUri),Ft(i,o),function(e,t){e.set("response_mode",t||x.QUERY)}(i,t.responseMode),Vt(i),function(e){e.set("clidata","1")}(i),t.prompt&&(!function(e,t){e.set("prompt",t)}(i,t.prompt),n?.addFields({prompt:t.prompt},o)),t.domainHint&&(!function(e,t){e.set("domain_hint",t)}(i,t.domainHint),n?.addFields({domainHintFromRequest:!0},o)),t.prompt!==R.SELECT_ACCOUNT)if(t.sid&&t.prompt===R.NONE)r.verbose("1tvqyx",t.correlationId),Ht(i,t.sid),n?.addFields({sidFromRequest:!0},o);else if(t.account){const e=(s=t.account,s.idTokenClaims?.sid||null);let a=function(e){return e.loginHint||e.idTokenClaims?.login_hint||null}(t.account);if(a&&t.domainHint&&(r.warning("0wkg3v",t.correlationId),a=null),a){r.verbose("1eyfsw",t.correlationId),Nt(i,a),n?.addFields({loginHintFromClaim:!0},o);try{Lt(i,Nr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(e&&t.prompt===R.NONE){r.verbose("1rmd8s",t.correlationId),Ht(i,e),n?.addFields({sidFromClaim:!0},o);try{Lt(i,Nr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(t.loginHint)r.verbose("0y3007",t.correlationId),Nt(i,t.loginHint),Ut(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o);else if(t.account.username){r.verbose("02f507",t.correlationId),Nt(i,t.account.username),n?.addFields({loginHintFromUpn:!0},o);try{Lt(i,Nr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}}else t.loginHint&&(r.verbose("0g01ey",t.correlationId),Nt(i,t.loginHint),Ut(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o));else r.verbose("169k9v",t.correlationId);var s;return t.nonce&&function(e,t){e.set("nonce",t)}(i,t.nonce),t.state&&zt(i,t.state),(t.claims||e.clientCapabilities&&e.clientCapabilities.length>0)&&Dt(i,t.claims,e.clientCapabilities),t.embeddedClientId&&nr(i,e.clientId,e.redirectUri),!e.instanceAware||t.extraQueryParameters&&Object.keys(t.extraQueryParameters).includes(fe)||Qt(i),i}function bo(e,t){const r=cr(t);return br.appendQueryString(e.authorizationEndpoint,r)}function Ao(e,t){if(!e.state||!t)throw e.state?be(rt,"Cached State"):be(rt,"Server State");let r,n;try{r=decodeURIComponent(e.state)}catch(t){throw be(et,e.state)}try{n=decodeURIComponent(t)}catch(t){throw be(et,e.state)}if(r!==n)throw be(tt);if(e.error||e.error_description||e.suberror){const t=function(e){const t="code=",r=e.error_uri?.lastIndexOf(t);return r&&r>=0?e.error_uri?.substring(r+t.length):void 0}(e);if(kn(e.error,e.error_description,e.suberror))throw new vn(e.error||"",e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",t);throw new cn(e.error||"",e.error_description,e.suberror,t)}}function So(e,t){if(e){if(t.resource&&(_o(t.extraParameters)||_o(t.extraQueryParameters)))throw be(_t);if(!t.resource)throw be(St)}}function _o(e){return!!e&&Object.prototype.hasOwnProperty.call(e,"resource")}const Eo="unexpected_error";var Po=Object.freeze({__proto__:null,postRequestFailed:"post_request_failed",unexpectedError:Eo});function Ro(e){const{skus:t,libraryName:r,libraryVersion:n,extensionName:o,extensionVersion:i}=e,s=new Map([[0,[r,n]],[2,[o,i]]]);let a=[];if(t?.length){if(a=t.split(","),a.length<4)return t}else a=Array.from({length:4},(()=>"|"));return s.forEach(((e,t)=>{2===e.length&&e[0]?.length&&e[1]?.length&&function(e){const{skuArr:t,index:r,skuName:n,skuVersion:o}=e;if(r>=t.length)return;t[r]=[n,o].join("|")}({skuArr:a,index:t,skuName:e[0],skuVersion:e[1]})})),a.join(",")}class Oo{constructor(e,t){this.cacheOutcome=re,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||"",this.wrapperVer=e.wrapperVer||"",this.telemetryCacheKey=J+"-"+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${W}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],r=this.getNativeBrokerErrorCode();r?.length&&t.push(`broker_error=${r}`);const n=t.join(W),o=[e,this.getRegionDiscoveryFields()].join(W);return[$,o,n].join("|")}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=Oo.maxErrorsToSend(e),r=e.failedRequests.slice(0,2*t).join(W),n=e.errors.slice(0,t).join(W),o=e.errors.length,i=[o,t<o?"1":"0"].join(W);return[$,e.cacheHits,r,n,i].join("|")}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=50&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof we?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push("unknown_error"),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId),e.cacheHits}getLastRequests(){return this.cacheManager.getServerTelemetry(this.telemetryCacheKey,this.correlationId)||{failedRequests:[],errors:[],cacheHits:0}}clearTelemetryCache(){const e=this.getLastRequests(),t=Oo.maxErrorsToSend(e);if(t===e.errors.length)this.cacheManager.removeItem(this.telemetryCacheKey,this.correlationId);else{const r={failedRequests:e.failedRequests.slice(2*t),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,r,this.correlationId)}}static maxErrorsToSend(e){let t,r=0,n=0;const o=e.errors.length;for(t=0;t<o;t++){const o=e.failedRequests[2*t]||"",i=e.failedRequests[2*t+1]||"",s=e.errors[t]||"";if(n+=o.toString().length+i.toString().length+s.length+3,!(n<330))break;r+=1}return r}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||""),e.push(this.regionSource||""),e.push(this.regionOutcome||""),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId)}static makeExtraSkuString(e){return Ro(e)}}class Mo extends we{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,Mo.prototype)}}function xo(e){return new Mo(e)}class qo{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw xo("missing_kid_error");if(!e.alg)throw xo("missing_alg_error");const t=new qo({typ:e.typ||ae.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}function No(e,t,r,n=5){if(e instanceof Error)return e instanceof we?(r.errorCode=e.errorCode,r.subErrorCode=e.subError,void(!r.serverErrorNo&&(e instanceof cn||e instanceof vn)&&e.errorNo&&(r.serverErrorNo=e.errorNo))):void(e instanceof Mr?r.errorCode=e.errorCode:r.errorStack?.length?t.trace("0lmqrh",r.correlationId):e.stack?.length?(e.stack&&(r.errorStack=function(e,t){if(t<0)return[];const r=e.split("\n")||[],n=[],o=r[0];o.startsWith("TypeError: Cannot read property")||o.startsWith("TypeError: Cannot read properties of")||o.startsWith("TypeError: Cannot set property")||o.startsWith("TypeError: Cannot set properties of")||o.endsWith("is not a function")?n.push(Uo(o)):(o.startsWith("SyntaxError")||o.startsWith("TypeError"))&&n.push(Uo(o.replace(/['].*[']|["].*["]/g,"<redacted>")));for(let e=1;e<r.length&&!(n.length>=t);e++){const t=r[e];n.push(Uo(t))}return n}(e.stack,n)),r.errorName=e.name):t.trace("1cnpwa",r.correlationId));t.trace("0gcyox",r.correlationId)}function Uo(e){const t=e.lastIndexOf(" ")+1;if(t<1)return e;const r=e.substring(t);let n=r.lastIndexOf("/");return n=n<0?r.lastIndexOf("\\"):n,n>=0?(e.substring(0,t)+"("+r.substring(n+1)+(")"===r.charAt(r.length-1)?"":")")).trimStart():e.trimStart()}class Lo{constructor(e,t,r,n,o,i,s){this.authority=t,this.libraryName=n,this.libraryVersion=o,this.applicationTelemetry=i,this.clientId=e,this.logger=r,this.callbacks=new Map,this.eventsByCorrelationId=new Map,this.eventStack=new Map,this.intFields=s||new Set;for(const e of Qr)this.intFields.add(e)}startMeasurement(e,t){const r=t||this.generateId(),n={eventId:this.generateId(),status:Wr,authority:this.authority,libraryName:this.libraryName,libraryVersion:this.libraryVersion,clientId:this.clientId,name:e,startTimeMs:Date.now(),correlationId:r,appName:this.applicationTelemetry?.appName,appVersion:this.applicationTelemetry?.appVersion};var o,i;return this.cacheEventByCorrelationId(n),o=n,(i=this.eventStack.get(r))&&i.push({name:o.name}),{end:(e,t,r)=>this.endMeasurement({...n,...e},t,r),discard:()=>this.discardMeasurements(n.correlationId),add:e=>this.addFields(e,n.correlationId),increment:e=>this.incrementFields(e,n.correlationId),event:n}}endMeasurement(e,t,r){const n=this.eventsByCorrelationId.get(e.correlationId);if(!n)return this.logger.trace("0k9ti8",e.correlationId),null;const o=e.eventId===n.eventId;e.durationMs=Math.round(e.durationMs||this.getDurationMs(e.startTimeMs));const i=JSON.stringify(function(e,t,r){if(!t?.length)return;const n=e=>e.length?e[e.length-1]:void 0,o=e.name,i=n(t);if(i?.name!==o)return;const s=t?.pop();if(!s)return;const a=r instanceof we?r.errorCode:r instanceof Error?r.name:void 0,c=r instanceof we?r.subError:void 0;a&&s.childErr!==a&&(s.err=a,c&&(s.subErr=c)),delete s.name,delete s.childErr;const h={...s,dur:e.durationMs};e.success||(h.fail=1);const l=n(t);if(!l)return{[o]:h};let d;if(a&&(l.childErr=a),l[o]){const e=Object.keys(l).filter((e=>e.startsWith(o))).length;d=`${o}_${e+1}`}else d=o;return l[d]=h,l}(e,this.eventStack.get(n.correlationId),t));if(o?this.discardMeasurements(n.correlationId):n.incompleteSubMeasurements?.delete(e.eventId),t&&No(t,this.logger,n),!o)return n.ext={...n.ext,...e.ext},n.ext[e.name+"DurationMs"]=Math.floor(e.durationMs),{...n};o&&!t&&(n.errorCode||n.subErrorCode)&&(this.logger.trace("1fm1tm",e.correlationId),n.errorCode=void 0,n.subErrorCode=void 0);let s={...n,...e},a=0;s.incompleteSubMeasurements?.forEach((e=>{this.logger.trace("0nxk52",s.correlationId),a++})),s.incompleteSubMeasurements=void 0;const c=function(e){const t=[];for(const r of["",e]){const e=ur.get(r);t.push(...e?.logs??[]),ur.delete(r)}return t}(e.correlationId).map((e=>`${e.milliseconds},${e.hash}`)).join(";");return s={...s,status:Gr,incompleteSubsCount:a,context:i,logs:c},r&&(s.accountType=function(e){const t=e?.idTokenClaims;return t?.tfp||t?.acr?"B2C":t?.tid?"9188040d-6c67-4c5b-b112-36a304b66dad"===t?.tid?"MSA":"AAD":void 0}(r),s.dataBoundary=r.dataBoundary),this.truncateIntegralFields(s),this.emitEvents([s],e.correlationId),s}addFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r){const n={},o={};for(const t in e)if(t.startsWith(Vr)){const r=t.slice(4),n=e[t];"string"!=typeof n&&"number"!=typeof n||(o[r]=n)}else n[t]=e[t];const i={...r,...n};Object.keys(o).length&&(i.ext={...i.ext,...o}),this.eventsByCorrelationId.set(t,i)}else this.logger.trace("0thl6s",t)}incrementFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r)for(const t in e)if(t.startsWith(Vr)){r.ext=r.ext||{};const n=t.slice(4),o=r.ext[n];if(void 0===o)r.ext[n]=0;else if(isNaN(Number(o)))return;r.ext[n]=(Number(r.ext[n])||0)+(e[t]??0)}else{if(r.hasOwnProperty(t)){if(isNaN(Number(r[t])))return}else r[t]=0;r[t]+=e[t]}else this.logger.trace("0thl6s",t)}cacheEventByCorrelationId(e){const t=this.eventsByCorrelationId.get(e.correlationId);t?(t.incompleteSubMeasurements=t.incompleteSubMeasurements||new Map,t.incompleteSubMeasurements.set(e.eventId,{name:e.name,startTimeMs:e.startTimeMs})):(this.eventsByCorrelationId.set(e.correlationId,{...e}),this.eventStack.set(e.correlationId,[]))}discardMeasurements(e){this.eventsByCorrelationId.delete(e),this.eventStack.delete(e)}addPerformanceCallback(e){for(const[t,r]of this.callbacks)if(r.toString()===e.toString())return this.logger.warning("1eap5p",""),t;const t=this.generateId();return this.callbacks.set(t,e),this.logger.verbose("0c9ujz",""),t}removePerformanceCallback(e){const t=this.callbacks.delete(e);return t?this.logger.verbose("0253if",""):this.logger.verbose("0iqk07",""),t}emitEvents(e,t){this.logger.verbose("11jb1y",t),this.callbacks.forEach(((r,n)=>{this.logger.trace("0p2pjl",t),r.apply(null,[e])}))}truncateIntegralFields(e){this.intFields.forEach((t=>{t in e&&"number"==typeof e[t]&&(e[t]=Math.floor(e[t]))}))}getDurationMs(e){const t=Date.now()-e;return t<0?t:0}}const Ho="pkce_not_created",Do="ear_jwk_empty",Fo="ear_jwe_empty",Ko="crypto_nonexistent",Bo="empty_navigate_uri",zo="hash_empty_error",jo="no_state_in_hash",$o="hash_does_not_contain_known_properties",Jo="unable_to_parse_state",Wo="state_interaction_type_mismatch",Go="interaction_in_progress",Vo="interaction_in_progress_cancelled",Qo="popup_window_error",Xo="empty_window_error",Yo="user_cancelled",Zo="redirect_bridge_empty_response",ei="redirect_in_iframe",ti="block_iframe_reload",ri="block_nested_popups",ni="silent_logout_unsupported",oi="no_account_error",ii="no_token_request_cache_error",si="unable_to_parse_token_request_cache_error",ai="non_browser_environment",ci="database_not_open",hi="no_network_connectivity",li="post_request_failed",di="get_request_failed",ui="failed_to_parse_response",gi="unable_to_load_token",pi="crypto_key_not_found",mi="auth_code_required",fi="auth_code_or_nativeAccountId_required",yi="spa_code_and_nativeAccountId_present",wi="database_unavailable",Ii="unable_to_acquire_token_from_native_platform",Ci="native_handshake_timeout",vi="native_extension_not_installed",ki="native_connection_not_established",Ti="uninitialized_public_client_application",bi="native_prompt_not_supported",Ai="invalid_base64_string",Si="invalid_pop_token_request",_i="failed_to_build_headers",Ei="failed_to_parse_headers",Pi="failed_to_decrypt_ear_response",Ri="timed_out",Oi="empty_response";var Mi=Object.freeze({__proto__:null,authCodeOrNativeAccountIdRequired:fi,authCodeRequired:mi,authRequestNotSetError:"auth_request_not_set_error",blockIframeReload:ti,blockNestedPopups:ri,cryptoKeyNotFound:pi,cryptoNonExistent:Ko,databaseNotOpen:ci,databaseUnavailable:wi,earJweEmpty:Fo,earJwkEmpty:Do,emptyNavigateUri:Bo,emptyResponse:Oi,emptyWindowError:Xo,failedToBuildHeaders:_i,failedToDecryptEarResponse:Pi,failedToParseHeaders:Ei,failedToParseResponse:ui,getRequestFailed:di,hashDoesNotContainKnownProperties:$o,hashEmptyError:zo,iframeClosedPrematurely:"iframe_closed_prematurely",interactionInProgress:Go,interactionInProgressCancelled:Vo,invalidBase64String:Ai,invalidCacheType:"invalid_cache_type",invalidPopTokenRequest:Si,nativeConnectionNotEstablished:ki,nativeExtensionNotInstalled:vi,nativeHandshakeTimeout:Ci,nativePromptNotSupported:bi,noAccountError:oi,noNetworkConnectivity:hi,noStateInHash:jo,noTokenRequestCacheError:ii,nonBrowserEnvironment:ai,pkceNotCreated:Ho,popupWindowError:Qo,postRequestFailed:li,redirectBridgeEmptyResponse:Zo,redirectInIframe:ei,silentLogoutUnsupported:ni,silentPromptValueError:"silent_prompt_value_error",spaCodeAndNativeAccountIdPresent:yi,stateInteractionTypeMismatch:Wo,timedOut:Ri,unableToAcquireTokenFromNativePlatform:Ii,unableToLoadToken:gi,unableToParseState:Jo,unableToParseTokenRequestCacheError:si,uninitializedPublicClientApplication:Ti,userCancelled:Yo});function xi(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class qi extends we{constructor(e,t){super(e,xi(e),t),Object.setPrototypeOf(this,qi.prototype),this.name="BrowserAuthError"}}function Ni(e,t){return new qi(e,t)}const Ui="invalid_grant",Li=483,Hi=600,Di="msal",Fi="msal.js.browser",Ki="53ee284d-920a-4b59-9d30-a60315b26836",Bi="ppnbnpeolgkicgegkbkbjmhlideopiji",zi="MATS",ji="MicrosoftEntra",$i="DOM API",Ji="get-token-and-sign-out",Wi="PlatformAuthDOMHandler",Gi="PlatformAuthExtensionHandler",Vi="Handshake",Qi="HandshakeResponse",Xi="GetToken",Yi="Response",Zi={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},es="GET",ts="POST",rs="signin",ns="signout",os="request.origin",is="urlHash",ss="request.params",as="code.verifier",cs="interaction.status",hs="request.native",ls="wrapper.sku",ds="wrapper.version",us={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962,hydrateCache:963,loadExternalTokens:964},gs={861:"acquireTokenRedirect",862:"acquireTokenPopup",863:"ssoSilent",864:"acquireTokenSilent_authCode",865:"handleRedirectPromise",866:"acquireTokenByCode",61:"acquireTokenSilent_silentFlow",961:"logout",962:"logoutPopup",963:"hydrateCache",964:"loadExternalTokens"};var ps;e.InteractionType=void 0,(ps=e.InteractionType||(e.InteractionType={})).Redirect="redirect",ps.Popup="popup",ps.Silent="silent",ps.None="none";const ms={Startup:"startup",Logout:"logout",AcquireToken:"acquireToken",HandleRedirect:"handleRedirect",None:"none"},fs={scopes:p},ys="msal.db",ws=`${ys}.keys`,Is={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},Cs=[Is.Default,Is.Skip,Is.RefreshTokenAndNetwork];function vs(e){return encodeURIComponent(Ts(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function ks(e){return bs(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function Ts(e){return bs((new TextEncoder).encode(e))}function bs(e){const t=Array.from(e,(e=>String.fromCodePoint(e))).join("");return btoa(t)}function As(e){return(new TextDecoder).decode(Ss(e))}function Ss(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw Ni(Ai)}const r=atob(t);return Uint8Array.from(r,(e=>e.codePointAt(0)||0))}const _s="AES-GCM",Es="HKDF",Ps="SHA-256",Rs=new Uint8Array([1,0,1]),Os="0123456789abcdef",Ms=new Uint32Array(1),xs="raw",qs="encrypt",Ns="decrypt",Us={name:"RSASSA-PKCS1-v1_5",hash:Ps,modulusLength:2048,publicExponent:Rs};async function Ls(e){const t=(new TextEncoder).encode(e);return window.crypto.subtle.digest(Ps,t)}function Hs(e){return window.crypto.getRandomValues(e)}function Ds(){return window.crypto.getRandomValues(Ms),Ms[0]}function Fs(){const e=Date.now(),t=1024*Ds()+(1023&Ds()),r=new Uint8Array(16),n=Math.trunc(t/2**30),o=t&2**30-1,i=Ds();r[0]=e/2**40,r[1]=e/2**32,r[2]=e/2**24,r[3]=e/65536,r[4]=e/256,r[5]=e,r[6]=112|n>>>8,r[7]=n,r[8]=128|o>>>24,r[9]=o>>>16,r[10]=o>>>8,r[11]=o,r[12]=i>>>24,r[13]=i>>>16,r[14]=i>>>8,r[15]=i;let s="";for(let e=0;e<r.length;e++)s+=Os.charAt(r[e]>>>4),s+=Os.charAt(15&r[e]),3!==e&&5!==e&&7!==e&&9!==e||(s+="-");return s}async function Ks(e){return window.crypto.subtle.exportKey("jwk",e)}async function Bs(){const e=await js(),t={alg:"dir",kty:"oct",k:ks(new Uint8Array(e))};return Ts(JSON.stringify(t))}async function zs(e,t){const r=t.split(".");if(5!==r.length)throw Ni(Pi,"jwe_length");const n=await async function(e){const t=As(e),r=Ss(JSON.parse(t).k);return window.crypto.subtle.importKey(xs,r,_s,!1,[Ns])}(e).catch((()=>{throw Ni(Pi,"import_key")}));try{const e=(new TextEncoder).encode(r[0]),t=Ss(r[2]),o=Ss(r[3]),i=Ss(r[4]),s=8*i.byteLength,a=new Uint8Array(o.length+i.length);a.set(o),a.set(i,o.length);const c=await window.crypto.subtle.decrypt({name:_s,iv:t,tagLength:s,additionalData:e},n,a);return(new TextDecoder).decode(c)}catch(e){throw Ni(Pi,"decrypt")}}async function js(){const e=await window.crypto.subtle.generateKey({name:_s,length:256},!0,[qs,Ns]);return window.crypto.subtle.exportKey(xs,e)}async function $s(e){return window.crypto.subtle.importKey(xs,e,Es,!1,["deriveKey"])}async function Js(e,t,r){return window.crypto.subtle.deriveKey({name:Es,salt:t,hash:Ps,info:(new TextEncoder).encode(r)},e,{name:_s,length:256},!1,[qs,Ns])}async function Ws(e,t,r){const n=(new TextEncoder).encode(t),o=window.crypto.getRandomValues(new Uint8Array(16)),i=await Js(e,o,r),s=await window.crypto.subtle.encrypt({name:_s,iv:new Uint8Array(12)},i,n);return{data:ks(new Uint8Array(s)),nonce:ks(o)}}async function Gs(e,t,r,n){const o=Ss(n),i=await Js(e,Ss(t),r),s=await window.crypto.subtle.decrypt({name:_s,iv:new Uint8Array(12)},i,o);return(new TextDecoder).decode(s)}const Vs="storage_not_supported",Qs="stubbed_public_client_application_called",Xs="in_mem_redirect_unavailable";var Ys=Object.freeze({__proto__:null,inMemRedirectUnavailable:Xs,storageNotSupported:Vs,stubbedPublicClientApplicationCalled:Qs});class Zs extends we{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,Zs.prototype)}}function ea(e){return new Zs(e,xi(e))}function ta(){const e=window.location.hash,t=window.location.search;let r,n=!1,o=!1,i="";if(e&&e.length>1){const t="#"===e.charAt(0)?e.substring(1):e,o=new URLSearchParams(t);o.has("state")&&(n=!0,i=t,r=o)}if(t&&t.length>1){const e="?"===t.charAt(0)?t.substring(1):t,n=new URLSearchParams(e);n.has("state")&&(o=!0,i=e,r=n)}if(n&&o){i=`${"?"===t.charAt(0)?t.substring(1):t}${"#"===e.charAt(0)?e.substring(1):e}`,r=new URLSearchParams(i)}if(!i||!r)throw Ni(Oi);const s=r.get("state");if(!s)throw Ni(jo);const{libraryState:a}=An(As,s),{id:c,meta:h}=a;if(!c||!h)throw Ni(Jo,"missing_library_state");return{params:r,payload:i,urlHash:e,urlQuery:t,hasResponseInHash:n,hasResponseInQuery:o,libraryState:{id:c,meta:h}}}function ra(e){e.location.hash="","function"==typeof e.history.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}${e.location.search}`)}function na(e){const t=e.split("#");t.shift(),window.location.hash=t.length>0?t.join("#"):""}function oa(){return window.parent!==window}function ia(){if(oa())return!1;try{const{libraryState:t}=ta(),{meta:r}=t;return r.interactionType===e.InteractionType.Popup}catch(e){return!1}}let sa=null;function aa(e,t){sa&&(e.verbose("18y01k",t),clearTimeout(sa.timeoutId),sa.channel.close(),sa.reject(Ni(Vo)),sa=null)}async function ca(e,t,r,n,o){return new Promise(((i,s)=>{t.verbose("1rf6em",n.correlationId);const a=n.correlationId;o.addFields({redirectBridgeTimeoutMs:e},a);const{libraryState:c}=An(r.base64Decode,n.state||""),h=new BroadcastChannel(c.id);let l;const d=window.setTimeout((()=>{sa=null,h.close(),s(Ni(Ri,"redirect_bridge_timeout"))}),e);sa={timeoutId:d,channel:h,reject:s},h.onmessage=e=>{l=e.data.payload;const t=e?.data&&"number"==typeof e.data.v?e.data.v:void 0;o.addFields({redirectBridgeMessageVersion:t},a),sa=null,clearTimeout(d),h.close(),l?i(l):s(Ni(Zo))}}))}function ha(){return"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function la(){const e=new br(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function da(){if(ar(window.location.hash)&&oa())throw Ni(ti)}function ua(e){if(oa()&&!e)throw Ni(ei)}function ga(){if(ia())throw Ni(ri)}function pa(){if("undefined"==typeof window)throw Ni(ai)}function ma(e){if(!e)throw Ni(Ti)}function fa(e){pa(),da(),ga(),ma(e)}function ya(e,t){if(fa(e),ua(t.system.allowRedirectInIframe),t.cache.cacheLocation===Zi.MemoryStorage)throw ea(Xs)}function wa(e){const t=document.createElement("link");t.rel="preconnect",t.href=new URL(e).origin,t.crossOrigin="anonymous",document.head.appendChild(t),window.setTimeout((()=>{try{document.head.removeChild(t)}catch{}}),1e4)}function Ia(){return Fs()}const Ca=Yt;var va=Object.freeze({__proto__:null,addClientCapabilitiesToClaims:Ca,blockAPICallsBeforeInitialize:ma,blockAcquireTokenInPopups:ga,blockNonBrowserEnvironment:pa,blockRedirectInIframe:ua,blockReloadInHiddenIframes:da,cancelPendingBridgeResponse:aa,clearHash:ra,createGuid:Ia,getCurrentUri:ha,getHomepage:la,invoke:Fn,invokeAsync:Kn,isInIframe:oa,isInPopup:ia,parseAuthResponseFromUrl:ta,preconnect:wa,preflightCheck:fa,redirectPreflightCheck:ya,replaceHash:na,waitForBridgeResponse:ca});const ka="standardInteractionClientGetDiscoveredAuthority",Ta="nativeInteractionClientAcquireToken",ba="acquireTokenBySilentIframe",Aa="initializeBaseRequest",Sa="silentIframeClientTokenHelper",_a="silentHandlerInitiateAuthRequest",Ea="silentHandlerMonitorIframeForHash",Pa="standardInteractionClientCreateAuthCodeClient",Ra="standardInteractionClientGetClientConfiguration",Oa="standardInteractionClientInitializeAuthorizationRequest",Ma="handleResponseEar",xa="handleResponsePlatformBroker",qa="handleResponseCode",Na="deserializeResponse",Ua="generatePkceCodes",La="generateHKDF",Ha="decrypt",Da="generateEarKey";class Fa{constructor(){this.dbName=ys,this.version=1,this.tableName=ws,this.dbOpen=!1}async open(){return new Promise(((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",(e=>{e.target.result.createObjectStore(this.tableName)})),r.addEventListener("success",(t=>{const r=t;this.db=r.target.result,this.dbOpen=!0,e()})),r.addEventListener("error",(()=>t(Ni(wi))))}))}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ni(ci));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async setItem(e,t){return await this.validateDbIsOpen(),new Promise(((r,n)=>{if(!this.db)return n(Ni(ci));const o=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);o.addEventListener("success",(()=>{this.closeConnection(),r()})),o.addEventListener("error",(e=>{this.closeConnection(),n(e)}))}))}async removeItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ni(ci));const n=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);n.addEventListener("success",(()=>{this.closeConnection(),t()})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async getKeys(){return await this.validateDbIsOpen(),new Promise(((e,t)=>{if(!this.db)return t(Ni(ci));const r=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();r.addEventListener("success",(t=>{const r=t;this.closeConnection(),e(r.target.result)})),r.addEventListener("error",(e=>{this.closeConnection(),t(e)}))}))}async containsKey(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ni(ci));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(1===r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise(((e,t)=>{const r=window.indexedDB.deleteDatabase(ys),n=setTimeout((()=>t(!1)),200);r.addEventListener("success",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("blocked",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("error",(()=>(clearTimeout(n),t(!1))))}))}}class Ka{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)||null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach(((t,r)=>{e.push(r)})),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}decryptData(){return Promise.resolve(null)}}class Ba{constructor(e){this.inMemoryCache=new Ka,this.indexedDBCache=new Fa,this.logger=e}handleDatabaseAccessError(e,t){if(!(e instanceof qi&&e.errorCode===wi))throw e;this.logger.error("1wx7zz",t)}async getItem(e,t){const r=this.inMemoryCache.getItem(e);if(!r)try{return this.logger.verbose("0naxpl",t),await this.indexedDBCache.getItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}async setItem(e,t,r){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(e){this.handleDatabaseAccessError(e,r)}}async removeItem(e,t){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}}async getKeys(e){const t=this.inMemoryCache.getKeys();if(0===t.length)try{return this.logger.verbose("1iqrbq",e),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t,e)}return t}async containsKey(e,t){const r=this.inMemoryCache.containsKey(e);if(!r)try{return this.logger.verbose("03zl2j",t),await this.indexedDBCache.containsKey(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}clearInMemory(e){this.logger.verbose("03r21p",e),this.inMemoryCache.clear(),this.logger.verbose("0uksk1",e)}async clearPersistent(e){try{this.logger.verbose("0rdqut",e);const t=await this.indexedDBCache.deleteDatabase();return t&&this.logger.verbose("149ouc",e),t}catch(t){return this.handleDatabaseAccessError(t,e),!1}}}class za{constructor(e,t,r){this.logger=e,function(e){if(!window)throw Ni(ai);if(!window.crypto)throw Ni(Ko);if(!e&&!window.crypto.subtle)throw Ni(Ko,"crypto_subtle_undefined")}(r??!1),this.cache=new Ba(this.logger),this.performanceClient=t}createNewGuid(){return Fs()}base64Encode(e){return Ts(e)}base64Decode(e){return As(e)}base64UrlEncode(e){return vs(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){const t=this.performanceClient?.startMeasurement("cryptoOptsGetPublicKeyThumbprint",e.correlationId),r=await async function(e,t){return window.crypto.subtle.generateKey(Us,e,t)}(za.EXTRACTABLE,za.POP_KEY_USAGES),n=await Ks(r.publicKey),o=ja({e:n.e,kty:n.kty,n:n.n}),i=await this.hashString(o),s=await Ks(r.privateKey),a=await async function(e,t,r){return window.crypto.subtle.importKey("jwk",e,Us,t,r)}(s,!1,["sign"]);return await this.cache.setItem(i,{privateKey:a,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri},e.correlationId),t&&t.end({success:!0}),i}async removeTokenBindingKey(e,t){await this.cache.removeItem(e,t);if(await this.cache.containsKey(e,t))throw be(It)}async clearKeystore(e){this.cache.clearInMemory(e);try{return await this.cache.clearPersistent(e),!0}catch(t){return t instanceof Error?this.logger.error("1owpn8",e):this.logger.error("0yrmwo",e),!1}}async signJwt(e,t,r,n){const o=this.performanceClient?.startMeasurement("cryptoOptsSignJwt",n),i=await this.cache.getItem(t,n||"");if(!i)throw Ni(pi);const s=await Ks(i.publicKey),a=ja(s),c=vs(JSON.stringify({kid:t})),h=vs(qo.getShrHeaderString({...r?.header,alg:s.alg,kid:c}));e.cnf={jwk:JSON.parse(a)};const l=`${h}.${vs(JSON.stringify(e))}`,d=(new TextEncoder).encode(l),u=await async function(e,t){return window.crypto.subtle.sign(Us,e,t)}(i.privateKey,d),g=`${l}.${ks(new Uint8Array(u))}`;return o&&o.end({success:!0}),g}async hashString(e){return async function(e){const t=await Ls(e);return ks(new Uint8Array(t))}(e)}}function ja(e){return JSON.stringify(e,Object.keys(e).sort())}za.POP_KEY_USAGES=["sign","verify"],za.EXTRACTABLE=!0;const $a="acquireTokenSilent",Ja="acquireTokenByCode",Wa="acquireTokenPopup",Ga="acquireTokenPreRedirect",Va="acquireTokenRedirect",Qa="ssoSilent",Xa="initializeClientApplication",Ya="localStorageUpdated",Za="loadExternalTokens";var ec=Object.freeze({__proto__:null,AcquireTokenByCode:Ja,AcquireTokenPopup:Wa,AcquireTokenPreRedirect:Ga,AcquireTokenRedirect:Va,AcquireTokenSilent:$a,InitializeClientApplication:Xa,LoadExternalTokens:Za,LocalStorageUpdated:Ya,SsoSilent:Qa});const tc="msal",rc="browser",nc=`${tc}.${rc}.log.level`,oc=`${tc}.${rc}.log.pii`,ic=`${tc}.${rc}.performance.enabled`,sc=`${tc}.${rc}.platform.auth.dom`,ac=`${tc}.version`,cc="account.keys",hc="token.keys";function lc(e=2){return e<1?`${tc}.${cc}`:`${tc}.${e}.${cc}`}function dc(e,t=2){return t<1?`${tc}.${hc}.${e}`:`${tc}.${t}.${hc}.${e}`}const uc=864e5,gc="Lax",pc="None";class mc{initialize(){return Promise.resolve()}getItem(e){const t=`${encodeURIComponent(e)}`,r=document.cookie.split(";");for(let e=0;e<r.length;e++){const n=r[e],[o,...i]=decodeURIComponent(n).trim().split("="),s=i.join("=");if(o===t)return s}return""}getUserData(){throw be(bt)}setItem(e,t,r,n=!0,o=gc){let i=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${o};`;if(r){const e=function(e){const t=new Date,r=new Date(t.getTime()+e*uc);return r.toUTCString()}(r);i+=`expires=${e};`}(n||o===pc)&&(i+="Secure;"),document.cookie=i}async setUserData(){return Promise.reject(be(bt))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach((e=>{const r=decodeURIComponent(e).trim().split("=");t.push(r[0])})),t}containsKey(e){return this.getKeys().includes(e)}decryptData(){return Promise.resolve(null)}}function fc(e,t){const r=e.getItem(lc(t));return r?JSON.parse(r):[]}function yc(e,t,r){const n=t.getItem(dc(e,r));if(n){const e=JSON.parse(n);if(e&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("accessToken")&&e.hasOwnProperty("refreshToken"))return e}return{idToken:[],accessToken:[],refreshToken:[]}}function wc(e){return e.hasOwnProperty("id")&&e.hasOwnProperty("nonce")&&e.hasOwnProperty("data")}const Ic="msal.cache.encryption";class Cc{constructor(e,t,r){if(!window.localStorage)throw ea(Vs);this.memoryStorage=new Ka,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel("msal.broadcast.cache")}async initialize(e){const t=new mc,r=t.getItem(Ic);let n={key:"",id:""};if(r)try{n=JSON.parse(r)}catch(e){}if(n.key&&n.id){const t=Fn(Ss,"base64Decode",this.logger,this.performanceClient,e)(n.key);this.encryptionCookie={id:n.id,key:await Kn($s,La,this.logger,this.performanceClient,e)(t)}}else{const r=Fs(),n=await Kn(js,"generateBaseKey",this.logger,this.performanceClient,e)(),o=Fn(ks,"urlEncodeArr",this.logger,this.performanceClient,e)(new Uint8Array(n));this.encryptionCookie={id:r,key:await Kn($s,La,this.logger,this.performanceClient,e)(n)};const i={id:r,key:o};t.setItem(Ic,JSON.stringify(i),0,!0,pc)}await Kn(this.importExistingCache.bind(this),"importExistingCache",this.logger,this.performanceClient,e)(e),this.broadcast.addEventListener("message",(t=>{this.updateCache(t,e)})),this.initialized=!0}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw Ni(Ti);return this.memoryStorage.getItem(e)}async decryptData(e,t,r){if(!this.initialized||!this.encryptionCookie)throw Ni(Ti);if(t.id!==this.encryptionCookie.id)return this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},r),null;const n=await Kn(Gs,Ha,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t.nonce,this.getContext(e),t.data);if(!n)return null;try{return{...JSON.parse(n),lastUpdatedAt:t.lastUpdatedAt}}catch(e){return this.performanceClient.incrementFields({encryptedCacheCorruptionCount:1},r),null}}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r,n,o){if(!this.initialized||!this.encryptionCookie)throw Ni(Ti);if(o)this.setItem(e,t);else{const{data:o,nonce:i}=await Kn(Ws,"encrypt",this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:o,lastUpdatedAt:n};this.setItem(e,JSON.stringify(s))}this.memoryStorage.setItem(e,t),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear();fc(this).forEach((e=>this.removeItem(e)));const e=yc(this.clientId,this);e.idToken.forEach((e=>this.removeItem(e))),e.accessToken.forEach((e=>this.removeItem(e))),e.refreshToken.forEach((e=>this.removeItem(e))),this.getKeys().forEach((e=>{(e.startsWith(tc)||-1!==e.indexOf(this.clientId))&&this.removeItem(e)}))}async importExistingCache(e){if(!this.encryptionCookie)return;let t=fc(this);t=await this.importArray(t,e),t.length?this.setItem(lc(),JSON.stringify(t)):this.removeItem(lc());const r=yc(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),r.idToken.length||r.accessToken.length||r.refreshToken.length?this.setItem(dc(this.clientId),JSON.stringify(r)):this.removeItem(dc(this.clientId))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let n;try{n=JSON.parse(r)}catch(e){return null}return wc(n)?n.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):(this.performanceClient.incrementFields({encryptedCacheCount:1},t),Kn(Gs,Ha,this.logger,this.performanceClient,t)(this.encryptionCookie.key,n.nonce,this.getContext(e),n.data)):(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),r)}async importArray(e,t){const r=[],n=[];return e.forEach((e=>{const o=this.getItemFromEncryptedCache(e,t).then((t=>{t?(this.memoryStorage.setItem(e,t),r.push(e)):this.removeItem(e)}));n.push(o)})),await Promise.all(n),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e,t){this.logger.trace("17cxcm",t);const r=this.performanceClient.startMeasurement(Ya);r.add({isBackground:!0});const{key:n,value:o,context:i}=e.data;return n?i&&i!==this.clientId?(this.logger.trace("04rtdy",t),void r.end({success:!1,errorCode:"contextMismatch"})):(o?(this.memoryStorage.setItem(n,o),this.logger.verbose("1vzsgt",t)):(this.memoryStorage.removeItem(n),this.logger.verbose("04ypih",t)),void r.end({success:!0})):(this.logger.error("0e10qr",t),void r.end({success:!1,errorCode:"noKey"}))}}class vc{constructor(){if(!window.sessionStorage)throw ea(Vs)}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}decryptData(){return Promise.resolve(null)}}const kc={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_SUCCESS:"msal:loginSuccess",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",BROKERED_REQUEST_START:"msal:brokeredRequestStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",BROKERED_REQUEST_SUCCESS:"msal:brokeredRequestSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",BROKERED_REQUEST_FAILURE:"msal:brokeredRequestFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache",BROKER_CONNECTION_ESTABLISHED:"msal:brokerConnectionEstablished"},Tc="@azure/msal-browser",bc="5.6.1";function Ac(e,t){const r=e.indexOf(t);r>-1&&e.splice(r,1)}class Sc extends $r{constructor(e,t,r,n,o,i,s){super(e,r,n,o,s),this.cacheConfig=t,this.logger=n,this.internalStorage=new Ka,this.browserStorage=_c(e,t.cacheLocation,n,o),this.temporaryCacheStorage=_c(e,Zi.SessionStorage,n,o),this.cookieStorage=new mc,this.eventHandler=i}async initialize(e){this.performanceClient.addFields({cacheLocation:this.cacheConfig.cacheLocation,cacheRetentionDays:this.cacheConfig.cacheRetentionDays},e),await this.browserStorage.initialize(e),await this.migrateExistingCache(e),this.trackVersionChanges(e)}async migrateExistingCache(e){let t=fc(this.browserStorage),r=yc(this.clientId,this.browserStorage);this.performanceClient.addFields({preMigrateAcntCount:t.length,preMigrateATCount:r.accessToken.length,preMigrateITCount:r.idToken.length,preMigrateRTCount:r.refreshToken.length},e);for(let t=0;t<2;t++){const r=t;await this.removeStaleAccounts(t,r,e)}for(let t=0;t<2;t++){const r=t;await this.migrateIdTokens(t,r,e)}const n=this.getKMSIValues();for(let t=0;t<2;t++)await this.migrateAccessTokens(t,n,e),await this.migrateRefreshTokens(t,n,e);t=fc(this.browserStorage),r=yc(this.clientId,this.browserStorage),this.performanceClient.addFields({postMigrateAcntCount:t.length,postMigrateATCount:r.accessToken.length,postMigrateITCount:r.idToken.length,postMigrateRTCount:r.refreshToken.length},e)}async updateOldEntry(e,t){const r=this.browserStorage.getItem(e),n=this.validateAndParseJson(r||"");if(!n)return this.browserStorage.removeItem(e),null;if(n.lastUpdatedAt){if(Rn(n.lastUpdatedAt,this.cacheConfig.cacheRetentionDays))return this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null}else n.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(n),t);const o=wc(n)?await this.browserStorage.decryptData(e,n,t):n;return o&&Gn(o)?(Vn(o)||Qn(o))&&o.expiresOn&&Pn(o.expiresOn,300)?(this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null):o:(this.performanceClient.incrementFields({invalidCacheCount:1},t),null)}async removeStaleAccounts(e,t,r){const n=fc(this.browserStorage,e);if(0!==n.length){for(const e of[...n]){this.performanceClient.incrementFields({oldAcntCount:1},r);const o=this.browserStorage.getItem(e),i=this.validateAndParseJson(o||"");i?i.lastUpdatedAt?Rn(i.lastUpdatedAt,this.cacheConfig.cacheRetentionDays)&&(await this.removeAccountOldSchema(e,i,t,r),Ac(n,e)):(i.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(i),r)):Ac(n,e)}this.setAccountKeys(n,r,e)}}async removeAccountOldSchema(e,t,r,n){const o=wc(t)?await this.browserStorage.decryptData(e,t,n):t,i=o?.homeAccountId;if(i){const e=this.getTokenKeys(r);[...e.idToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Ac(e.idToken,t)})),[...e.accessToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Ac(e.accessToken,t)})),[...e.refreshToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Ac(e.refreshToken,t)})),this.setTokenKeys(e,n,r)}this.performanceClient.incrementFields({expiredAcntRemovedCount:1},n),this.browserStorage.removeItem(e)}getKMSIValues(){const e={},t=this.getTokenKeys().idToken;for(const r of t){const t=this.browserStorage.getUserData(r);if(t){const r=JSON.parse(t),n=vr(r.secret,As);n&&(e[r.homeAccountId]=kr(n))}}return e}async migrateIdTokens(e,t,r){const n=yc(this.clientId,this.browserStorage,e);if(0===n.idToken.length)return;const o=yc(this.clientId,this.browserStorage,2),i=fc(this.browserStorage),s=fc(this.browserStorage,t);for(const e of[...n.idToken]){this.performanceClient.incrementFields({oldITCount:1},r);const t=await this.updateOldEntry(e,r);if(!t){Ac(n.idToken,e);continue}const a=i.find((e=>e.includes(t.homeAccountId))),c=s.find((e=>e.includes(t.homeAccountId)));let h=null;if(a)h=this.getAccount(a,r);else if(c){const e=this.browserStorage.getItem(c),t=this.validateAndParseJson(e||"");h=t&&wc(t)?await this.browserStorage.decryptData(c,t,r):t}if(!h){this.performanceClient.incrementFields({skipITMigrateCount:1},r);continue}const l=vr(t.secret,As),d=this.generateCredentialKey(t),u=this.getIdTokenCredential(d,r),g=Object.keys(l).includes("signin_state"),p=u&&Object.keys(vr(u.secret,As)||{}).includes("signin_state");if(!u||t.lastUpdatedAt>u.lastUpdatedAt&&(g||!p)){const e=h.tenantProfiles||[],n=Fr(l)||h.realm;if(n&&!e.find((e=>e.tenantId===n))){const t=Ir(h.homeAccountId,h.localAccountId,n,l);e.push(t)}h.tenantProfiles=e;const s=this.generateAccountKey(Br(h)),a=kr(l);await this.setUserData(s,JSON.stringify(h),r,h.lastUpdatedAt,a),i.includes(s)||i.push(s),await this.setUserData(d,JSON.stringify(t),r,t.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedITCount:1},r),o.idToken.push(d)}}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r),this.setAccountKeys(i,r)}async migrateAccessTokens(e,t,r){const n=yc(this.clientId,this.browserStorage,e);if(0===n.accessToken.length)return;const o=yc(this.clientId,this.browserStorage,2);for(const e of[...n.accessToken]){this.performanceClient.incrementFields({oldATCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){Ac(n.accessToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipATMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.accessToken.includes(s)){const e=this.getAccessTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r),o.accessToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}async migrateRefreshTokens(e,t,r){const n=yc(this.clientId,this.browserStorage,e);if(0===n.refreshToken.length)return;const o=yc(this.clientId,this.browserStorage,2);for(const e of[...n.refreshToken]){this.performanceClient.incrementFields({oldRTCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){Ac(n.refreshToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipRTMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.refreshToken.includes(s)){const e=this.getRefreshTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r),o.refreshToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}trackVersionChanges(e){const t=this.browserStorage.getItem(ac);t&&(this.logger.info("1wuc87",e),this.performanceClient.addFields({previousLibraryVersion:t},e)),t!==bc&&this.setItem(ac,bc,e)}validateAndParseJson(e){if(!e)return null;try{const t=JSON.parse(e);return t&&"object"==typeof t?t:null}catch(e){return null}}setItem(e,t,r){const n=new Array(3).fill(0),o=[];for(let i=0;i<=20;i++)try{if(this.browserStorage.setItem(e,t),i>0)for(let e=0;e<=2;e++){const t=n.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=i)break;const s=i>t+n[e]?t+n[e]:i;i>t&&n[e]>0&&this.removeAccessTokenKeys(o.slice(t,s),r,e)}break}catch(s){const a=xr(s);if(!(a.errorCode===Or&&i<20))throw a;if(!o.length)for(let r=0;r<=2;r++)if(e===dc(this.clientId,r)){const e=JSON.parse(t).accessToken;o.push(...e),n[r]=e.length}else{const e=this.getTokenKeys(r).accessToken;o.push(...e),n[r]=e.length}if(o.length<=i)throw a;this.removeAccessToken(o[i],r,!1)}}async setUserData(e,t,r,n,o){const i=new Array(3).fill(0),s=[];for(let a=0;a<=20;a++)try{if(await Kn(this.browserStorage.setUserData.bind(this.browserStorage),"setUserData",this.logger,this.performanceClient,r)(e,t,r,n,o),a>0)for(let e=0;e<=2;e++){const t=i.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=a)break;const n=a>t+i[e]?t+i[e]:a;a>t&&i[e]>0&&this.removeAccessTokenKeys(s.slice(t,n),r,e)}break}catch(e){const t=xr(e);if(!(t.errorCode===Or&&a<20))throw t;if(!s.length)for(let e=0;e<=2;e++){const t=this.getTokenKeys(e).accessToken;s.push(...t),i[e]=t.length}if(s.length<=a)throw t;this.removeAccessToken(s[a],r,!1)}}getAccount(e,t){this.logger.trace("1lfvm6",t);const r=this.browserStorage.getUserData(e);if(!r)return this.removeAccountKeyFromMap(e,t),null;const n=this.validateAndParseJson(r);if(!(n&&(o=n,o&&o.hasOwnProperty("homeAccountId")&&o.hasOwnProperty("environment")&&o.hasOwnProperty("realm")&&o.hasOwnProperty("localAccountId")&&o.hasOwnProperty("username")&&o.hasOwnProperty("authorityType"))))return null;var o;const i=$r.toObject({},n);var s;return this.performanceClient.addFields({accountCachedBy:(s=i.cachedByApiId,"number"==typeof s&&s in gs?gs[s]:"unknown")},t),i}async setAccount(e,t,r,n){this.logger.trace("1bz3wr",t);const o=this.generateAccountKey(Br(e)),i=Date.now().toString();e.lastUpdatedAt=i,e.cachedByApiId=n,await this.setUserData(o,JSON.stringify(e),t,i,r),this.addAccountKeyToMap(o,t),this.performanceClient.addFields({kmsi:r},t)}setAccountKeys(e,t,r=2){0===e.length?this.removeItem(lc(r)):this.setItem(lc(r),JSON.stringify(e),t)}getAccountKeys(){return fc(this.browserStorage)}addAccountKeyToMap(e,t){this.logger.trace("0rb85k",t),this.logger.tracePii("1l9bdo",t);const r=this.getAccountKeys();return-1===r.indexOf(e)?(r.push(e),this.setItem(lc(),JSON.stringify(r),t),this.logger.verbose("0xia39",t),!0):(this.logger.verbose("0161kk",t),!1)}removeAccountKeyFromMap(e,t){this.logger.trace("1jpigu",t),this.logger.tracePii("1xzspl",t);const r=this.getAccountKeys(),n=r.indexOf(e);n>-1?(r.splice(n,1),this.setAccountKeys(r,t)):this.logger.trace("1dytu2",t)}removeAccount(e,t){const r=this.getActiveAccount(t);r?.homeAccountId===e.homeAccountId&&r?.environment===e.environment&&this.setActiveAccount(null,t),super.removeAccount(e,t),this.removeAccountKeyFromMap(this.generateAccountKey(e),t),this.browserStorage.getKeys().forEach((t=>{t.includes(e.homeAccountId)&&t.includes(e.environment)&&this.browserStorage.removeItem(t)}))}removeIdToken(e,t){super.removeIdToken(e,t);const r=this.getTokenKeys(),n=r.idToken.indexOf(e);n>-1&&(this.logger.info("05udv9",t),r.idToken.splice(n,1),this.setTokenKeys(r,t))}removeAccessToken(e,t,r=!0){super.removeAccessToken(e,t),r&&this.removeAccessTokenKeys([e],t)}removeAccessTokenKeys(e,t,r=2){this.logger.trace("17o18n",t);const n=this.getTokenKeys(r);let o=0;if(e.forEach((e=>{const t=n.accessToken.indexOf(e);t>-1&&(n.accessToken.splice(t,1),o++)})),o>0)return this.logger.info("15i5d5",t),void this.setTokenKeys(n,t,r)}removeRefreshToken(e,t){super.removeRefreshToken(e,t);const r=this.getTokenKeys(),n=r.refreshToken.indexOf(e);n>-1&&(this.logger.info("1f4fq3",t),r.refreshToken.splice(n,1),this.setTokenKeys(r,t))}getTokenKeys(e=2){return yc(this.clientId,this.browserStorage,e)}setTokenKeys(e,t,r=2){0!==e.idToken.length||0!==e.accessToken.length||0!==e.refreshToken.length?this.setItem(dc(this.clientId,r),JSON.stringify(e),t):this.removeItem(dc(this.clientId,r))}getIdTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("1jukz6",t),this.removeIdToken(e,t),null;const n=this.validateAndParseJson(r);return n&&((o=n)&&Gn(o)&&o.hasOwnProperty("realm")&&o.credentialType===L.ID_TOKEN)?(this.logger.trace("01ju66",t),n):(this.logger.trace("1jukz6",t),null);var o}async setIdTokenCredential(e,t,r){this.logger.trace("13hjll",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.idToken.indexOf(n)&&(this.logger.info("07jy92",t),i.idToken.push(n),this.setTokenKeys(i,t))}getAccessTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0bqvx8",t),this.removeAccessTokenKeys([e],t),null;const n=this.validateAndParseJson(r);return n&&Vn(n)?(this.logger.trace("1o81rl",t),n):(this.logger.trace("0bqvx8",t),null)}async setAccessTokenCredential(e,t,r){this.logger.trace("1pondb",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys(),s=i.accessToken.indexOf(n);-1!==s&&i.accessToken.splice(s,1),this.logger.trace("1onhey",t),i.accessToken.push(n),this.setTokenKeys(i,t)}getRefreshTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0jlizt",t),this.removeRefreshToken(e,t),null;const n=this.validateAndParseJson(r);return n&&Qn(n)?(this.logger.trace("0nokxi",t),n):(this.logger.trace("0jlizt",t),null)}async setRefreshTokenCredential(e,t,r){this.logger.trace("0tcg8d",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.refreshToken.indexOf(n)&&(this.logger.info("0eckjs",t),i.refreshToken.push(n),this.setTokenKeys(i,t))}getAppMetadata(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1q101h",t),null;const n=this.validateAndParseJson(r);return n&&(o=e,(i=n)&&0===o.indexOf(H)&&i.hasOwnProperty("clientId")&&i.hasOwnProperty("environment"))?(this.logger.trace("19pvg2",t),n):(this.logger.trace("1q101h",t),null);var o,i}setAppMetadata(e,t){this.logger.trace("0cyma6",t);const r=function({environment:e,clientId:t}){return[H,e,t].join("-").toLowerCase()}(e);this.setItem(r,JSON.stringify(e),t)}getServerTelemetry(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("0jk19c",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){const r=0===e.indexOf(J);let n=!0;return t&&(n=t.hasOwnProperty("failedRequests")&&t.hasOwnProperty("errors")&&t.hasOwnProperty("cacheHits")),r&&n}(e,n)?(this.logger.trace("12jguk",t),n):(this.logger.trace("0jk19c",t),null)}setServerTelemetry(e,t,r){this.logger.trace("1poh61",r),this.setItem(e,JSON.stringify(t),r)}getAuthorityMetadata(e,t){const r=this.internalStorage.getItem(e);if(!r)return this.logger.trace("1r39oe",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){return!!t&&0===e.indexOf(F)&&t.hasOwnProperty("aliases")&&t.hasOwnProperty("preferred_cache")&&t.hasOwnProperty("preferred_network")&&t.hasOwnProperty("canonical_authority")&&t.hasOwnProperty("authorization_endpoint")&&t.hasOwnProperty("token_endpoint")&&t.hasOwnProperty("issuer")&&t.hasOwnProperty("aliasesFromNetwork")&&t.hasOwnProperty("endpointsFromNetwork")&&t.hasOwnProperty("expiresAt")&&t.hasOwnProperty("jwks_uri")}(e,n)?(this.logger.trace("1ohvk3",t),n):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter((e=>this.isAuthorityMetadata(e)))}setWrapperMetadata(e,t){this.internalStorage.setItem(ls,e),this.internalStorage.setItem(ds,t)}getWrapperMetadata(){return[this.internalStorage.getItem(ls)||"",this.internalStorage.getItem(ds)||""]}setAuthorityMetadata(e,t,r){this.logger.trace("07w8n2",r),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(e){const t=this.generateCacheKey(b),r=this.browserStorage.getItem(t);if(!r)return this.logger.trace("08gw0e",e),null;const n=this.validateAndParseJson(r);return n?(this.logger.trace("1t3ch7",e),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId},e)):(this.logger.trace("0me1up",e),null)}setActiveAccount(e,t){const r=this.generateCacheKey(b);if(e){this.logger.verbose("0rsj80",t);const n={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.setItem(r,JSON.stringify(n),t)}else this.logger.verbose("1bp5z5",t),this.browserStorage.removeItem(r);this.eventHandler.emitEvent(kc.ACTIVE_ACCOUNT_CHANGED,t)}getThrottlingCache(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1h4wa6",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){let r=!1;e&&(r=0===e.indexOf(V));let n=!0;return t&&(n=t.hasOwnProperty("throttleTime")),r&&n}(e,n)?(this.logger.trace("0of6n8",t),n):(this.logger.trace("1h4wa6",t),null)}setThrottlingCache(e,t,r){this.logger.trace("0wfgh6",r),this.setItem(e,JSON.stringify(t),r)}getTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e,o=this.temporaryCacheStorage.getItem(n);if(!o){if(this.cacheConfig.cacheLocation===Zi.LocalStorage){const e=this.browserStorage.getItem(n);if(e)return this.logger.trace("1yt61y",t),e}return this.logger.trace("1qhy81",t),null}return o}setTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(n,t)}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e)}getKeys(){return this.browserStorage.getKeys()}clear(e){this.removeAllAccounts(e),this.removeAppMetadata(e),this.temporaryCacheStorage.getKeys().forEach((e=>{-1===e.indexOf(tc)&&-1===e.indexOf(this.clientId)||this.removeTemporaryItem(e)})),this.browserStorage.getKeys().forEach((e=>{-1===e.indexOf(tc)&&-1===e.indexOf(this.clientId)||this.browserStorage.removeItem(e)})),this.internalStorage.clear()}generateCacheKey(e){return ke.startsWith(e,tc)?e:`${tc}.${this.clientId}.${e}`}generateCredentialKey(e){const t=e.credentialType===L.REFRESH_TOKEN&&e.familyId||e.clientId,r=e.tokenType&&e.tokenType.toLowerCase()!==G.BEARER.toLowerCase()?e.tokenType.toLowerCase():"";return[`${tc}.2`,e.homeAccountId,e.environment,e.credentialType,t,e.realm||"",e.target||"",r].join("|").toLowerCase()}generateAccountKey(e){const t=e.homeAccountId.split(".")[1];return[`${tc}.2`,e.homeAccountId,e.environment,t||e.tenantId||""].join("|").toLowerCase()}resetRequestCache(e){this.logger.trace("0h0ynu",e),this.removeTemporaryItem(this.generateCacheKey(ss)),this.removeTemporaryItem(this.generateCacheKey(as)),this.removeTemporaryItem(this.generateCacheKey(os)),this.removeTemporaryItem(this.generateCacheKey(is)),this.removeTemporaryItem(this.generateCacheKey(hs)),this.setInteractionInProgress(!1,void 0)}cacheAuthorizeRequest(e,t,r){this.logger.trace("1tzef5",t);const n=Ts(JSON.stringify(e));if(this.setTemporaryCache(ss,n,!0),r){const e=Ts(r);this.setTemporaryCache(as,e,!0)}}getCachedRequest(e){this.logger.trace("0uen20",e);const t=this.getTemporaryCache(ss,e,!0);if(!t)throw Ni(ii);const r=this.getTemporaryCache(as,e,!0);let n,o="";try{n=JSON.parse(As(t)),r&&(o=As(r))}catch(t){throw this.logger.errorPii("0ewsey",e),this.logger.error("0tvdic",e),Ni(si)}return[n,o]}getCachedNativeRequest(){this.logger.trace("1yxcdm","");const e=this.getTemporaryCache(hs,"",!0);if(!e)return this.logger.trace("0mnxd4",""),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("0rrkip",""),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress()?.clientId;return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${tc}.${cs}`,t=this.getTemporaryCache(e,"",!1);try{return t?JSON.parse(t):null}catch(t){return this.logger.error("0jjyys",""),this.removeTemporaryItem(e),this.resetRequestCache(""),ra(window),null}}setInteractionInProgress(e,t=rs,r=!1,n=""){const o=`${tc}.${cs}`;if(e){if(this.getInteractionInProgress()){if(!r)throw Ni(Go);this.logger.warning("1pmscr",n),aa(this.logger,n),this.removeTemporaryItem(o)}this.setTemporaryCache(o,JSON.stringify({clientId:this.clientId,type:t}),!1)}else e||this.getInteractionInProgress()?.clientId!==this.clientId||this.removeTemporaryItem(o)}async hydrateCache(e,t){const r=$n(e.account.homeAccountId,e.account.environment,e.idToken,this.clientId,e.tenantId),n=Jn(e.account.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?_n(e.expiresOn):0,e.extExpiresOn?_n(e.extExpiresOn):0,As,void 0,e.tokenType,void 0,t.sshKid);t.resource&&(n.resource=t.resource);const o={idToken:r,accessToken:n};return this.saveCacheRecord(o,e.correlationId,kr(vr(e.idToken,As)),us.hydrateCache)}async saveCacheRecord(e,t,r,n,o){try{await super.saveCacheRecord(e,t,r,n,o)}catch(e){if(e instanceof Mr&&this.performanceClient&&t)try{const e=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:e.refreshToken.length,cacheIdCount:e.idToken.length,cacheAtCount:e.accessToken.length},t)}catch(e){}throw e}}}function _c(e,t,r,n){try{switch(t){case Zi.LocalStorage:return new Cc(e,r,n);case Zi.SessionStorage:return new vc}}catch(e){r.error(e,"")}return new Ka}const Ec=(e,t,r,n)=>new Sc(e,{cacheLocation:Zi.MemoryStorage,cacheRetentionDays:5},lr,t,r,n);function Pc(e,t,r,n,o){return e.verbose("1yd030",n),r?t.getAllAccounts(o,n):[]}function Rc(e,t,r,n){t.trace("0u7b90",n);const o=r.getAccountInfoFilteredBy(e,n);return o?(t.verbose("0btgll",n),o):(t.verbose("0ltaj5",n),null)}function Oc(e,t,r){t.setActiveAccount(e,r)}function Mc(e,t){return e.getActiveAccount(t)}class xc{constructor(e){this.eventCallbacks=new Map,this.logger=e||new pr({}),"undefined"!=typeof BroadcastChannel&&(this.broadcastChannel=new BroadcastChannel("msal.broadcast.event")),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if("undefined"!=typeof window){const n=r||Ia();return this.eventCallbacks.has(n)?(this.logger.error("1578i0",""),null):(this.eventCallbacks.set(n,[e,t||[]]),this.logger.verbose("1cnec4",""),n)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose("12zotd","")}emitEvent(e,t,r,n,o){const i={eventType:e,interactionType:r||null,payload:n||null,error:o||null,correlationId:t,timestamp:Date.now()};switch(e){case kc.LOGIN_SUCCESS:case kc.LOGOUT_SUCCESS:case kc.ACTIVE_ACCOUNT_CHANGED:this.broadcastChannel?.postMessage(i)}this.invokeCallbacks(i)}invokeCallbacks(e){this.eventCallbacks.forEach((([t,r],n)=>{(0===r.length||r.includes(e.eventType))&&(this.logger.verbose("15jpwk",""),t.apply(null,[e]))}))}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){this.broadcastChannel?.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){this.broadcastChannel?.removeEventListener("message",this.invokeCrossTabCallbacks)}}class qc{constructor(e,t,r,n,o,i,s,a,c){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=o,this.navigationClient=i,this.platformAuthProvider=c,this.correlationId=a,this.logger=n.clone(Fi,bc),this.performanceClient=s}}function Nc(e,t,r,n){r.verbose("0bd1la",n);const o=e||t||"";return br.getAbsoluteUrl(o,ha())}function Uc(e,t,r,n,o,i){o.verbose("1p12tq",r);const s={clientId:t,correlationId:r,apiId:e,forceRefresh:!1,wrapperSKU:n.getWrapperMetadata()[0],wrapperVer:n.getWrapperMetadata()[1]};return new Oo(s,n)}async function Lc(e,t,r,n,o,i,s,a,c){const h=a&&a.hasOwnProperty("instance_aware")?a.instance_aware:void 0,l={protocolMode:e.system.protocolMode,OIDCOptions:e.auth.OIDCOptions,knownAuthorities:e.auth.knownAuthorities,cloudDiscoveryMetadata:e.auth.cloudDiscoveryMetadata,authorityMetadata:e.auth.authorityMetadata},d=i||e.auth.authority,u=h?.length?"true"===h:e.auth.instanceAware,g=c&&u?e.auth.authority.replace(br.getDomainFromUrl(d),c.environment):d,p=mo.generateAuthority(g,s||e.auth.azureCloudOptions),m=await Kn(wo,"authorityFactoryCreateDiscoveredInstance",o,r,t)(p,e.system.networkClient,n,l,o,t,r);if(c&&!m.isAlias(c.environment))throw ve(ze);return m}async function Hc(e,t,r,n,o){if(o)try{e.removeAccount(o,n),r.verbose("0s4z6h",n)}catch(e){r.error("0mgg1d",n)}else try{r.verbose("0zj631",n),e.clear(n),await t.clearKeystore(n)}catch(e){r.error("12ih0c",n)}}async function Dc(e,t,r,n,o){const i=e.authority||t.auth.authority,s=[...e&&e.scopes||[]],a={...e,correlationId:e.correlationId,authority:i,scopes:s};if(a.authenticationScheme){if(a.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);if(!e.sshKid)throw ve(He)}n.verbose("1ecmns",o)}else a.authenticationScheme=G.BEARER,n.verbose("1l4fwv",o);return a}async function Fc(e,t,r,n,o){const i=await Kn(Dc,Aa,o,n,e.correlationId)(e,r,n,o,e.correlationId);return{...e,...i,account:t,forceRefresh:e.forceRefresh||!1}}function Kc(e,t){let r;const n=e.httpMethod;if(t===Kr.EAR){if(n&&n!==g)throw ve(je);r=g}else r=n||u;return r}class Bc extends qc{initializeLogoutRequest(e){this.logger.verbose("0546u4",this.correlationId);const t={correlationId:this.correlationId,...e};if(e)if(e.logoutHint)this.logger.verbose("12k4l4",this.correlationId);else if(e.account){const r=this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("0st5di",this.correlationId),t.logoutHint=r)}else this.logger.verbose("0pdtc3",this.correlationId);else this.logger.verbose("07ndze",this.correlationId);return e&&null===e.postLogoutRedirectUri?this.logger.verbose("0ljv63",t.correlationId):e&&e.postLogoutRedirectUri?(this.logger.verbose("1vamm6",t.correlationId),t.postLogoutRedirectUri=br.getAbsoluteUrl(e.postLogoutRedirectUri,ha())):null===this.config.auth.postLogoutRedirectUri?this.logger.verbose("15m5g7",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("1f4xlz",t.correlationId),t.postLogoutRedirectUri=br.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,ha())):(this.logger.verbose("17s5rf",t.correlationId),t.postLogoutRedirectUri=br.getAbsoluteUrl(ha(),ha())),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("0mvp54",this.correlationId)}else this.logger.verbose("1e7bdp",this.correlationId);return null}async createAuthCodeClient(e){const t=await Kn(this.getClientConfiguration.bind(this),Ra,this.logger,this.performanceClient,this.correlationId)(e);return new Io(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:r,requestAzureCloudOptions:n,requestExtraQueryParameters:o,account:i}=e,s=e.authority||await Kn(Lc,ka,this.logger,this.performanceClient,this.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:s,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri,isMcp:this.config.auth.isMcp},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:a.loggerCallback,piiLoggingEnabled:a.piiLoggingEnabled,logLevel:a.logLevel,correlationId:this.correlationId},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:Fi,version:bc,cpu:"",os:""},telemetry:this.config.telemetry}}}async function zc(e,t,r,n,o,i,s,a){const c=Nc(e.redirectUri,r.auth.redirectUri,i,a);new URL(c).origin!==new URL(window.location.href).origin&&(i.warning("08qbvw",a),s.addFields({isRedirectUriCrossOrigin:!0},a));const h={interactionType:t},l=bn(n,e&&e.state||"",h),d={...await Kn(Dc,Aa,i,s,a)({...e,correlationId:a},r,s,i,a),redirectUri:c,state:l,nonce:e.nonce||Fs(),responseMode:r.auth.OIDCOptions.responseMode},u={...d,httpMethod:Kc(d,r.system.protocolMode)};if(e.loginHint||e.sid)return u;const g=e.account||o.getActiveAccount(a);return g&&(i.verbose("1eqlb3",a),i.verbosePii("0tf99t",a),u.account=g),u}function jc(e,t,r,n){const o=ar(e);if(!o)throw sr(e)?(r.error("13pl0s",n),r.errorPii("1097vx",n),Ni($o)):(r.error("18h0l1",n),Ni(zo));return o}function $c(e,t,r){if(!e.state)throw Ni(jo);const n=function(e,t){if(!t)return null;try{return An(e.base64Decode,t).libraryState.meta}catch(e){throw be(et)}}(t,e.state);if(!n)throw Ni(Jo);if(n.interactionType!==r)throw Ni(Wo)}class Jc{constructor(e,t,r,n,o){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=n,this.performanceClient=o}async handleCodeResponse(e,t,r){let n;try{n=function(e,t){if(Ao(e,t),!e.code)throw be(wt);return e}(e,t.state)}catch(e){throw e instanceof cn&&e.subError===Yo?Ni(Yo):e}return Kn(this.handleCodeResponseFromServer.bind(this),Nn,this.logger,this.performanceClient,t.correlationId)(n,t,r)}async handleCodeResponseFromServer(e,t,r,n=!0){if(this.logger.trace("0mf2hb",t.correlationId),this.authCodeRequest.code=e.code,n&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const e=this.createCcsCredentials(t);e&&(this.authCodeRequest.ccsCredential=e)}return await Kn(this.authModule.acquireToken.bind(this.authModule),"authClientAcquireToken",this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,r,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:no}:e.loginHint?{credential:e.loginHint,type:oo}:null}}class Wc extends we{constructor(e,t,r){super(e,t||xi(e)),Object.setPrototypeOf(this,Wc.prototype),this.name="NativeAuthError",this.ext=r}}function Gc(e){if(e.ext&&e.ext.status&&("PERSISTENT_ERROR"===e.ext.status||"DISABLED"===e.ext.status))return!0;if(e.ext&&e.ext.error&&-2147186943===e.ext.error)return!0;switch(e.errorCode){case"ContentError":case"PageException":return!0;default:return!1}}function Vc(e,t,r){if(r&&r.status)switch(r.status){case"ACCOUNT_UNAVAILABLE":return Tn(ln,xi(e));case"USER_INTERACTION_REQUIRED":return new vn(e,t);case"USER_CANCEL":return Ni(Yo);case"NO_NETWORK":return Ni(hi);case"UX_NOT_ALLOWED":return Tn(un)}return new Wc(e,t,r)}class Qc extends Bc{async acquireToken(e){const t=Uc(us.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),r=await Kn(this.getClientConfiguration.bind(this),Ra,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),n=new vo(r,this.performanceClient);this.logger.verbose("0wa871",this.correlationId);try{const t=(await Kn(n.acquireCachedToken.bind(n),"silentFlowClientAcquireCachedToken",this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),t}catch(e){throw e instanceof qi&&e.errorCode===pi&&this.logger.verbose("06wena",this.correlationId),e}}logout(e){this.logger.verbose("1rkurh",this.correlationId);const t=this.initializeLogoutRequest(e);return Hc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account)}}class Xc extends qc{constructor(e,t,r,n,o,i,s,a,c,h,l,d){super(e,t,r,n,o,i,a,d,c),this.apiId=s,this.accountId=h,this.platformAuthProvider=c,this.nativeStorageManager=l,this.silentCacheClient=new Qc(e,this.nativeStorageManager,r,n,o,i,a,d,c);const u=this.platformAuthProvider.getExtensionName();this.skus=Oo.makeExtraSkuString({libraryName:Fi,libraryVersion:bc,extensionName:u,extensionVersion:this.platformAuthProvider.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[ge]:this.skus}}async acquireToken(e,t){this.logger.trace("03qeos",this.correlationId);const r=this.performanceClient.startMeasurement(Ta,e.correlationId),n=Sn(),o=Uc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const i=await this.initializeNativeRequest(e);try{const e=await this.acquireTokensFromCache(this.accountId,i);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),e}catch(e){if(t===Is.AccessToken)throw this.logger.info("0eitbc",this.correlationId),e;this.logger.info("0957j1",this.correlationId)}const s=await this.platformAuthProvider.sendMessage(i);return await this.handleNativeResponse(s,i,n).then((e=>(r.end({success:!0,isNativeBroker:!0,requestId:e.requestId}),o.clearNativeBrokerErrorCode(),e))).catch((e=>{throw r.end({success:!1,errorCode:e.errorCode,subErrorCode:e.subError,isNativeBroker:!0}),e}))}catch(e){throw e instanceof Wc&&o.setNativeBrokerErrorCode(e.errorCode),e}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:Pt.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("1ndf3e",this.correlationId),be(pt);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e},t.correlationId);if(!r)throw be(pt);try{const e=this.createSilentCacheRequest(t,r),n=await this.silentCacheClient.acquireToken(e),o={...r,idTokenClaims:n?.idTokenClaims,idToken:n?.idToken};return{...n,account:o}}catch(e){throw e}}async acquireTokenRedirect(e,t,r){this.logger.trace("0luikq",this.correlationId);const n=await this.initializeNativeRequest(e),o=r?.navigateToLoginRequestUrl??!0;try{await this.platformAuthProvider.sendMessage(n)}catch(e){if(e instanceof Wc){if(Uc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).setNativeBrokerErrorCode(e.errorCode),Gc(e))throw e}}this.browserStorage.setTemporaryCache(hs,JSON.stringify(n),!0);const i={apiId:us.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},s=o?window.location.href:Nc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId);t.end({success:!0}),await this.navigationClient.navigateExternal(s,i)}async handleRedirectPromise(e,t){if(this.logger.trace("1c5lhw",this.correlationId),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",this.correlationId),null;const r=this.browserStorage.getCachedNativeRequest();if(!r)return this.logger.verbose("0a6zjb",this.correlationId),e&&t&&e?.addFields({errorCode:"no_cached_request"},t),null;const{prompt:n,...o}=r;n&&this.logger.verbose("0ac34v",this.correlationId),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(hs));const i=Sn();try{this.logger.verbose("003x5a",this.correlationId);const e=await this.platformAuthProvider.sendMessage(o),t=await this.handleNativeResponse(e,o,i);return Uc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).clearNativeBrokerErrorCode(),t}catch(e){throw e}}logout(){return this.logger.trace("0u2sjm",this.correlationId),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){this.logger.trace("1bojln",this.correlationId);const n=vr(e.id_token,As),o=this.createHomeAccountIdentifier(e,n),i=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId},this.correlationId)?.homeAccountId;if(t.extraParameters?.child_client_id&&e.account.id!==t.accountId)this.logger.info("1ub1in",this.correlationId);else if(o!==i&&e.account.id!==t.accountId)throw Vc("user_switch");const s=await Lc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t.authority),a=ro(this.browserStorage,s,o,As,this.correlationId,n,e.client_info,void 0,n.tid,void 0,e.account.id);e.expires_in=Number(e.expires_in);const c=await this.generateAuthenticationResult(e,t,n,a,s.canonicalAuthority,r);return await this.cacheAccount(a,kr(n)),await this.cacheNativeTokens(e,t,o,n,e.access_token,c.tenantId,r),c}createHomeAccountIdentifier(e,t){return jr(e.client_info||"",Ur,this.logger,this.browserCrypto,this.correlationId,t)}generateScopes(e,t){return t?Pt.fromString(t):Pt.fromString(e)}async generatePopAccessToken(e,t){if(t.tokenType===G.POP&&t.signPopToken){if(e.shr)return this.logger.trace("0coqhu",this.correlationId),e.shr;const r=new zn(this.browserCrypto,this.performanceClient),n={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce,correlationId:this.correlationId};if(!t.keyId)throw be(vt);return r.signPopToken(e.access_token,t.keyId,n)}return e.access_token}async generateAuthenticationResult(e,t,r,n,o,i){const s=this.addTelemetryFromNativeResponse(e.properties.MATS),a=this.generateScopes(t.scope,e.scope),c=e.account.properties||{},h=c.UID||r.oid||r.sub||"",l=c.TenantId||r.tid||"",d=Cr(Br(n),void 0,r,e.id_token);d.nativeAccountId!==e.account.id&&(d.nativeAccountId=e.account.id);const u=await this.generatePopAccessToken(e,t),g=t.tokenType===G.POP?G.POP:G.BEARER;return{authority:o,uniqueId:h,tenantId:l,scopes:a.asArray(),account:d,idToken:e.id_token,idTokenClaims:r,accessToken:u,fromCache:!!s&&this.isResponseFromCache(s),expiresOn:En(i+e.expires_in),tokenType:g,correlationId:this.correlationId,state:e.state,fromPlatformBroker:!0,...t.resource&&{resource:t.resource}}}async cacheAccount(e,t){await this.browserStorage.setAccount(e,this.correlationId,t,this.apiId),this.browserStorage.removeAccountContext(Br(e),this.correlationId)}cacheNativeTokens(e,t,r,n,o,i,s){const a=$n(r,t.authority,e.id_token||"",t.clientId,n.tid||""),c=s+(t.tokenType===G.POP?240:("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0),h=this.generateScopes(e.scope,t.scope),l={idToken:a,accessToken:Jn(r,t.authority,o,t.clientId,n.tid||i,h.printScopes(),c,0,As,void 0,t.tokenType,void 0,t.keyId)};return this.nativeStorageManager.saveCacheRecord(l,this.correlationId,kr(n),this.apiId,t.storeInCache)}getExpiresInValue(e,t){return e===G.POP?240:("string"==typeof t?parseInt(t,10):t)||0}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.platformAuthProvider.getExtensionId(),extensionVersion:this.platformAuthProvider.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}getMATSFromResponse(e){if(e)try{return JSON.parse(e)}catch(e){this.logger.error("0b3l57",this.correlationId)}return null}isResponseFromCache(e){return void 0===e.is_cached?(this.logger.verbose("1okqev",this.correlationId),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("04j6wj",this.correlationId);const t=await this.getCanonicalAuthority(e),{scopes:r,...n}=e,o=new Pt(r||[]);o.appendScopes(p);const i={...n,accountId:this.accountId,clientId:this.config.auth.clientId,authority:t.urlString,scope:o.printScopes(),redirectUri:Nc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId),prompt:this.getPrompt(e.prompt),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraParameters},extendedExpiryToken:!1,keyId:e.popKid};if(i.signPopToken&&e.popKid)throw Ni(Si);if(this.handleExtraBrokerParams(i),i.extraParameters=i.extraParameters||{},i.extraParameters.telemetry=zi,e.authenticationScheme===G.POP){const t={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce,correlationId:this.correlationId},r=new zn(this.browserCrypto,this.performanceClient);let n;if(i.keyId)n=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:i.keyId})),i.signPopToken=!1;else{const e=await Kn(r.generateCnf.bind(r),Un,this.logger,this.performanceClient,this.correlationId)(t,this.logger);n=e.reqCnfString,i.keyId=e.kid,i.signPopToken=!0}i.reqCnf=n}return this.addRequestSKUs(i),i}async getCanonicalAuthority(e){const t=e.authority||this.config.auth.authority,{azureCloudOptions:r,account:n}=e;n&&await Lc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t,r,void 0,n);const o=new br(t);return o.validateAsUri(),o}getPrompt(e){switch(this.apiId){case us.ssoSilent:case us.acquireTokenSilent_silentFlow:return this.logger.trace("1hiwaz",this.correlationId),R.NONE}if(e)switch(e){case R.NONE:case R.CONSENT:case R.LOGIN:return this.logger.trace("1ynje4",this.correlationId),e;default:throw this.logger.trace("0nkr6q",this.correlationId),Ni(bi)}else this.logger.trace("1qlu04",this.correlationId)}handleExtraBrokerParams(e){const t=e.extraParameters&&e.extraParameters.hasOwnProperty(pe)&&e.extraParameters.hasOwnProperty(me)&&e.extraParameters.hasOwnProperty(ce);if(!e.embeddedClientId&&!t)return;let r="";const n=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,r=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[me],r=e.extraParameters[ce]),e.extraParameters={child_client_id:r,child_redirect_uri:n},this.performanceClient?.addFields({embeddedClientId:r,embeddedRedirectUri:n},e.correlationId)}}const Yc=new Map([["e","AAD"],["m","MSA"]]);function Zc(e,t,r){const n=function(e){if(!e)return null;try{const t=(/%(?:[0-9A-Fa-f]{2})/.test(e)?decodeURIComponent(e):e).split("|");return t.length<5?null:{accountType:Yc.get(t[0]?.trim()||"")||"",error:t[1]?.trim()||"",subError:t[2]?.trim()||"",cloudInstance:t[3]?.trim()||"",callerDataBoundary:t[4]?.trim()||""}}catch{return null}}(e.clientdata);n?.accountType&&r.addFields({accountType:n.accountType},t),n?.error&&r.addFields({serverErrorNo:n.error},t),n?.subError&&r.addFields({serverSubErrorNo:n.subError},t)}async function eh(e,t,r,n,o){const i=To({...e.auth,authority:t},r,n,o);if(Kt(i,{sku:Fi,version:bc,os:"",cpu:""}),e.system.protocolMode!==Kr.OIDC&&Bt(i,e.telemetry.application),r.platformBroker&&(function(e){e.set("nativebroker","1")}(i),r.authenticationScheme===G.POP)){const e=new za(n,o),t=new zn(e,o);let s;if(r.popKid)s=e.encodeKid(r.popKid);else{s=(await Kn(t.generateCnf.bind(t),Un,n,o,r.correlationId)(r,n)).reqCnfString}Zt(i,s)}return Rt(i,r.correlationId,o),i}async function th(e,t,r,n,o){if(!r.codeChallenge)throw ve(xe);const i=await Kn(eh,"getStandardParams",n,o,r.correlationId)(e,t,r,n,o);return Ot(i,O),jt(i,r.codeChallenge,c),Xt(i,{...r.extraQueryParameters,...r.extraParameters}),bo(t,i)}async function rh(e,t,r,n,o,i){if(!n.earJwk)throw Ni(Do);const s=await eh(t,r,n,o,i);Ot(s,M),function(e,t){e.set("ear_jwk",encodeURIComponent(t)),e.set("ear_jwe_crypto","eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}(s,n.earJwk),jt(s,n.codeChallenge,c),Xt(s,{...n.extraParameters});const a=new Map;Xt(a,n.extraQueryParameters||{}),Ft(a,n.correlationId);return oh(e,bo(r,a),s)}async function nh(e,t,r,n,o,i){const s=await eh(t,r,n,o,i);Ot(s,O),jt(s,n.codeChallenge,n.codeChallengeMethod||c),Xt(s,{...n.extraParameters});const a=new Map;Xt(a,n.extraQueryParameters||{}),Ft(a,n.correlationId);return oh(e,bo(r,a),s)}function oh(e,t,r){const n=e.createElement("form");return n.method="post",n.action=t,r.forEach(((t,r)=>{const o=e.createElement("input");o.hidden=!0,o.name=r,o.value=t,n.appendChild(o)})),e.body.appendChild(n),n}async function ih(e,t,r,n,o,i,s,a,c,h){if(a.verbose("11qcow",e.correlationId),!h)throw Ni(ki);const l=new za(a,c),d=new Xc(n,o,l,a,s,n.system.navigationClient,r,c,h,t,i,e.correlationId),{userRequestState:u}=An(l.base64Decode,e.state);return Kn(d.acquireToken.bind(d),Ta,a,c,e.correlationId)({...e,state:u,prompt:void 0})}async function sh(e,t,r,n,o,i,s,a,c,h,l,d){if(ao.removeThrottle(s,o.auth.clientId,e),Zc(t,e.correlationId,l),t.accountId)return Kn(ih,xa,h,l,e.correlationId)(e,t.accountId,n,o,s,a,c,h,l,d);const u={...e,code:t.code||"",codeVerifier:r},g=new Jc(i,s,u,h,l);return await Kn(g.handleCodeResponse.bind(g),"handleCodeResponse",h,l,e.correlationId)(t,e,n)}async function ah(e,t,r,n,o,i,s,a,c,h,l){if(ao.removeThrottle(i,n.auth.clientId,e),Zc(t,e.correlationId,h),Ao(t,e.state),!t.ear_jwe)throw Ni(Fo);if(!e.earJwk)throw Ni(Do);const d=JSON.parse(await Kn(zs,"decryptEarResponse",c,h,e.correlationId)(e.earJwk,t.ear_jwe));if(d.accountId)return Kn(ih,xa,c,h,e.correlationId)(e,d.accountId,r,n,i,s,a,c,h,l);const u=new to(n.auth.clientId,i,new za(c,h),c,h,null,null);u.validateTokenResponse(d,e.correlationId);const g={code:"",state:e.state,nonce:e.nonce,client_info:d.client_info,cloud_graph_host_name:d.cloud_graph_host_name,cloud_instance_host_name:d.cloud_instance_host_name,cloud_instance_name:d.cloud_instance_name,msgraph_host:d.msgraph_host};return await Kn(u.handleServerTokenResponse.bind(u),Ln,c,h,e.correlationId)(d,o,Sn(),e,r,g,void 0,void 0,void 0,void 0)}async function ch(e,t,r){const n=Fn(hh,"generateCodeVerifier",t,e,r)(e,t,r);return{verifier:n,challenge:await Kn(lh,"generateCodeChallengeFromVerifier",t,e,r)(n,e,t,r)}}function hh(e,t,r){try{const n=new Uint8Array(32);Fn(Hs,"getRandomValues",t,e,r)(n);return ks(n)}catch(e){throw Ni(Ho)}}async function lh(e,t,r,n){try{const o=await Kn(Ls,"sha256Digest",r,t,n)(e);return ks(new Uint8Array(o))}catch(e){throw Ni(Ho)}}class dh{navigateInternal(e,t){return dh.defaultNavigateWindow(e,t)}navigateExternal(e,t){return dh.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(((e,r)=>{setTimeout((()=>{r(Ni(Ri,"failed_to_redirect"))}),t.timeout)}))}}class uh{async sendGetRequestAsync(e,t){let r,n={},o=0;const i=gh(t);try{r=await fetch(e,{method:es,headers:i})}catch(e){throw ho(Ni(window.navigator.onLine?di:hi),void 0,void 0,e)}n=ph(r.headers);try{return o=r.status,{headers:n,body:await r.json(),status:o}}catch(e){throw ho(Ni(ui),o,n,e)}}async sendPostRequestAsync(e,t){const r=t&&t.body||"",n=gh(t);let o,i=0,s={};try{o=await fetch(e,{method:ts,headers:n,body:r})}catch(e){throw ho(Ni(window.navigator.onLine?li:hi),void 0,void 0,e)}s=ph(o.headers);try{return i=o.status,{headers:s,body:await o.json(),status:i}}catch(e){throw ho(Ni(ui),i,s,e)}}}function gh(e){try{const t=new Headers;if(!e||!e.headers)return t;const r=e.headers;return Object.entries(r).forEach((([e,r])=>{t.append(e,r)})),t}catch(e){throw ho(Ni(_i),void 0,void 0,e)}}function ph(e){try{const t={};return e.forEach(((e,r)=>{t[r]=e})),t}catch(e){throw Ni(Ei)}}function mh({auth:r,cache:n,system:o,telemetry:c},h){const l={clientId:"",authority:`${t}`,knownAuthorities:[],cloudDiscoveryMetadata:"",authorityMetadata:"",redirectUri:"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:"",postLogoutRedirectUri:"",clientCapabilities:[],OIDCOptions:{responseMode:x.FRAGMENT,defaultScopes:[i,s,a]},azureCloudOptions:{azureCloudInstance:yr.None,tenant:""},instanceAware:!1,isMcp:!1},d={cacheLocation:Zi.SessionStorage,cacheRetentionDays:5},u={loggerCallback:()=>{},logLevel:e.LogLevel.Info,piiLoggingEnabled:!1},g={...{...Yr,loggerOptions:u,networkClient:h?new uh:ko,navigationClient:new dh,popupBridgeTimeout:o?.popupBridgeTimeout||6e4,iframeBridgeTimeout:o?.iframeBridgeTimeout||1e4,redirectNavigationTimeout:3e4,allowRedirectInIframe:!1,navigatePopups:!0,allowPlatformBroker:!1,nativeBrokerHandshakeTimeout:o?.nativeBrokerHandshakeTimeout||2e3,protocolMode:Kr.AAD},...o,loggerOptions:o?.loggerOptions||u},p={application:{appName:"",appVersion:""},client:new Xr};if(o?.protocolMode!==Kr.OIDC&&r?.OIDCOptions){new pr(g.loggerOptions).warning(JSON.stringify(ve(Ke)),"")}if(o?.protocolMode&&o.protocolMode===Kr.OIDC&&g?.allowPlatformBroker)throw ve(Be);return{auth:{...l,...r,OIDCOptions:{...l.OIDCOptions,...r?.OIDCOptions}},cache:{...d,...n},system:g,telemetry:{...p,...c}}}class fh{constructor(e,t,r,n){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=n,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=r.startMeasurement("nativeMessageHandlerHandshake"),this.platformAuthType=Gi}async sendMessage(e){this.logger.trace("0on4p2",e.correlationId);const t={method:Xi,request:e},r={channel:Ki,extensionId:this.extensionId,responseId:Fs(),body:t};this.logger.trace("1qadfi",e.correlationId),this.logger.tracePii("1xm533",e.correlationId),this.messageChannel.port1.postMessage(r);const n=await new Promise(((e,t)=>{this.resolvers.set(r.responseId,{resolve:e,reject:t})}));return this.validatePlatformBrokerResponse(n)}static async createProvider(e,t,r,n){e.trace("15zfnw",n);try{const o=new fh(e,t,r,Bi);return await o.sendHandshakeRequest(n),o}catch(o){const i=new fh(e,t,r);return await i.sendHandshakeRequest(n),i}}async sendHandshakeRequest(e){this.logger.trace("1dpg9o",e),window.addEventListener("message",this.windowListener,!1);const t={channel:Ki,extensionId:this.extensionId,responseId:Fs(),body:{method:Vi}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=e=>{this.onChannelMessage(e)},window.postMessage(t,window.origin,[this.messageChannel.port2]),new Promise(((e,r)=>{this.handshakeResolvers.set(t.responseId,{resolve:e,reject:r}),this.timeoutId=window.setTimeout((()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(Ni(Ci)),this.handshakeResolvers.delete(t.responseId)}),this.handshakeTimeoutMs)}))}onWindowMessage(e){const t=Ia();if(this.logger.trace("0jpn5u",t),e.source!==window)return;const r=e.data;if(r.channel&&r.channel===Ki&&(!r.extensionId||r.extensionId===this.extensionId)&&r.body.method===Vi){const e=this.handshakeResolvers.get(r.responseId);if(!e)return void this.logger.trace("07buhm",t);this.logger.verbose(r.extensionId?"0xrkug":"No extension installed",t),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),e.reject(Ni(vi))}}onChannelMessage(e){const t=Ia();this.logger.trace("1py8yf",t);const r=e.data,n=this.resolvers.get(r.responseId),o=this.handshakeResolvers.get(r.responseId);try{const e=r.body.method;if(e===Yi){if(!n)return;const e=r.body.response;if(this.logger.trace("19hpgm",t),this.logger.tracePii("179a24",t),"Success"!==e.status)n.reject(Vc(e.code,e.description,e.ext));else{if(!e.result)throw Ie(Eo,"Event does not contain result.");e.result.code&&e.result.description?n.reject(Vc(e.result.code,e.result.description,e.result.ext)):n.resolve(e.result)}this.resolvers.delete(r.responseId)}else if(e===Qi){if(!o)return void this.logger.trace("082qnt",t);clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=r.extensionId,this.extensionVersion=r.body.version,this.logger.verbose("0yf5ib",t),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),o.resolve(),this.handshakeResolvers.delete(r.responseId)}}catch(e){this.logger.error("0xf978",t),this.logger.errorPii("04i99o",t),this.logger.errorPii("0xdvsy",t),n?n.reject(e):o&&o.reject(e)}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw Ie(Eo,"Response missing expected properties.")}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}getExtensionName(){return this.getExtensionId()===Bi?"chrome":this.getExtensionId()?.length?"unknown":void 0}}class yh{constructor(e,t,r){this.logger=e,this.performanceClient=t,this.correlationId=r,this.platformAuthType=Wi}static async createProvider(e,t,r){if(e.trace("12mj4a",r),window.navigator?.platformAuthentication){const n=await window.navigator.platformAuthentication.getSupportedContracts(ji);if(n?.includes(Ji))return e.trace("1h5q1r",r),new yh(e,t,r)}}getExtensionId(){return ji}getExtensionVersion(){return""}getExtensionName(){return $i}async sendMessage(e){this.logger.trace("02bcil",e.correlationId);try{const t=this.initializePlatformDOMRequest(e),r=await window.navigator.platformAuthentication.executeGetToken(t);return this.validatePlatformBrokerResponse(r,e.correlationId)}catch(t){throw this.logger.error("11im7g",e.correlationId),t}}initializePlatformDOMRequest(e){this.logger.trace("15d6yv",e.correlationId);const{accountId:t,clientId:r,authority:n,scope:o,redirectUri:i,correlationId:s,state:a,storeInCache:c,embeddedClientId:h,extraParameters:l,...d}=e,u=this.getDOMExtraParams(d,s);return{accountId:t,brokerId:this.getExtensionId(),authority:n,clientId:r,correlationId:s||this.correlationId,extraParameters:{...l,...u},isSecurityTokenService:!1,redirectUri:i,scope:o,state:a,storeInCache:c,embeddedClientId:h}}validatePlatformBrokerResponse(e,t){if(e.hasOwnProperty("isSuccess")){if(e.hasOwnProperty("accessToken")&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("clientInfo")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scopes")&&e.hasOwnProperty("expiresIn"))return this.logger.trace("0h4vei",t),this.convertToPlatformBrokerResponse(e,t);if(e.hasOwnProperty("error")){const r=e;if(!1===r.isSuccess&&r.error&&r.error.code)throw this.logger.trace("0g92vm",t),Vc(r.error.code,r.error.description,{error:parseInt(r.error.errorCode),protocol_error:r.error.protocolError,status:r.error.status,properties:r.error.properties})}}throw Ie(Eo,"Response missing expected properties.")}convertToPlatformBrokerResponse(e,t){this.logger.trace("14913t",t);return{access_token:e.accessToken,id_token:e.idToken,client_info:e.clientInfo,account:e.account,expires_in:e.expiresIn,scope:e.scopes,state:e.state||"",properties:e.properties||{},extendedLifetimeToken:e.extendedLifetimeToken??!1,shr:e.proofOfPossessionPayload}}getDOMExtraParams(e,t){try{const t={};for(const[r,n]of Object.entries(e))n&&(t[r]="object"==typeof n?JSON.stringify(n):String(n));return t}catch(e){return this.logger.error("0eu9o3",t),this.logger.errorPii("17rpl5",t),{}}}}async function wh(e,t,r,n){e.trace("134j0v",r);const o=function(){let e;try{return e=window[Zi.SessionStorage],"true"===e?.getItem(sc)}catch(e){return!1}}();let i;e.trace("04c81g",r);try{o&&(i=await yh.createProvider(e,t,r)),i||(e.trace("0l3na8",r),i=await fh.createProvider(e,n||2e3,t,r))}catch(t){e.trace("0icbd7",t)}return i}function Ih(e,t,r,n,o){if(t.trace("0uko3r",r),!e.system.allowPlatformBroker)return t.trace("04hozs",r),!1;if(!n)return t.trace("0kvv1r",r),!1;if(o)switch(o){case G.BEARER:case G.POP:return t.trace("18tev1",r),!0;default:return t.trace("1dd2nh",r),!1}return!0}class Ch extends Bc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a,this.eventHandler=o}acquireToken(e,t){let r;try{if(r={popupName:this.generatePopupName(e.scopes||p,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window},this.performanceClient.addFields({isAsyncPopup:!this.config.system.navigatePopups},this.correlationId),this.config.system.navigatePopups){const n={...e,httpMethod:Kc(e,this.config.system.protocolMode)};return this.logger.verbose("1f9ok3",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.acquireTokenPopupAsync(n,r,t)}return this.logger.verbose("162h4u",this.correlationId),this.acquireTokenPopupAsync(e,r,t)}catch(e){return Promise.reject(e)}}logout(e){try{this.logger.verbose("068rup",this.correlationId);const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:e?.popupWindowAttributes||{},popupWindowParent:e?.popupWindowParent??window},n=e&&e.authority,o=e&&e.mainWindowRedirectUri;return this.config.system.navigatePopups?(this.logger.verbose("1a28da",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,n,o)):(this.logger.verbose("1phd8u",this.correlationId),this.logoutPopupAsync(t,r,n,o))}catch(e){return Promise.reject(e)}}async acquireTokenPopupAsync(t,r,n){this.logger.verbose("1g77pg",this.correlationId);const o=await Kn(zc,Oa,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Popup,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.popup&&wa(o.authority);const i=Ih(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);return o.platformBroker=i,this.config.system.protocolMode===Kr.EAR?this.executeEarFlow(o,r,n):this.executeCodeFlow(o,r,n)}async executeCodeFlow(t,r,n){const o=t.correlationId,i=Uc(us.acquireTokenPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),s=n||await Kn(ch,Ua,this.logger,this.performanceClient,o)(this.performanceClient,this.logger,o),a={...t,codeChallenge:s.challenge};try{const n=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,o)({serverTelemetryManager:i,requestAuthority:a.authority,requestAzureCloudOptions:a.azureCloudOptions,requestExtraQueryParameters:a.extraQueryParameters,account:a.account});if(a.httpMethod===g)return await this.executeCodeFlowWithPost(a,r,n,s.verifier);{const i=await Kn(th,qn,this.logger,this.performanceClient,o)(this.config,n.authority,a,this.logger,this.performanceClient),c=this.initiateAuthRequest(i,r);this.eventHandler.emitEvent(kc.POPUP_OPENED,o,e.InteractionType.Popup,{popupWindow:c},null);const h=await ca(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,t,this.performanceClient),l=Fn(jc,Na,this.logger,this.performanceClient,this.correlationId)(h,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return await Kn(sh,qa,this.logger,this.performanceClient,o)(t,l,s.verifier,us.acquireTokenPopup,this.config,n,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}catch(e){throw r.popup?.close(),e instanceof we&&(e.setCorrelationId(this.correlationId),i.cacheFailedRequest(e)),e}}async executeEarFlow(e,t,r){const{correlationId:n,authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=e,c=await Kn(Lc,ka,this.logger,this.performanceClient,n)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a),h=await Kn(Bs,Da,this.logger,this.performanceClient,n)(),l=r||await Kn(ch,Ua,this.logger,this.performanceClient,n)(this.performanceClient,this.logger,n),d={...e,earJwk:h,codeChallenge:l.challenge},u=t.popup||this.openPopup("about:blank",t);(await rh(u.document,this.config,c,d,this.logger,this.performanceClient)).submit();const g=await Kn(ca,Ea,this.logger,this.performanceClient,n)(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,d,this.performanceClient),p=Fn(jc,Na,this.logger,this.performanceClient,this.correlationId)(g,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);if(!p.ear_jwe&&p.code){const t=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,n)({serverTelemetryManager:Uc(us.acquireTokenPopup,this.config.auth.clientId,n,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:c});return Kn(sh,qa,this.logger,this.performanceClient,n)(d,p,l.verifier,us.acquireTokenPopup,this.config,t,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Kn(ah,Ma,this.logger,this.performanceClient,n)(d,p,us.acquireTokenPopup,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async executeCodeFlowWithPost(e,t,r,n){const o=e.correlationId,i=await Kn(Lc,ka,this.logger,this.performanceClient,o)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger),s=t.popup||this.openPopup("about:blank",t);(await nh(s.document,this.config,i,e,this.logger,this.performanceClient)).submit();const a=await Kn(ca,Ea,this.logger,this.performanceClient,o)(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,e,this.performanceClient),c=Fn(jc,Na,this.logger,this.performanceClient,this.correlationId)(a,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return Kn(sh,qa,this.logger,this.performanceClient,o)(e,c,n,us.acquireTokenPopup,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async logoutPopupAsync(t,r,n,o){this.logger.verbose("0b7yrk",this.correlationId),this.eventHandler.emitEvent(kc.LOGOUT_START,this.correlationId,e.InteractionType.Popup,t);const i=Uc(us.logoutPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{await Hc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account);const s=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:i,requestAuthority:n,account:t.account||void 0});try{s.authority.endSessionEndpoint}catch{if(t.account?.homeAccountId&&t.postLogoutRedirectUri&&s.authority.protocolMode===Kr.OIDC){if(this.eventHandler.emitEvent(kc.LOGOUT_SUCCESS,t.correlationId,e.InteractionType.Popup,t),o){const e={apiId:us.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=br.getAbsoluteUrl(o,ha());await this.navigationClient.navigateInternal(t,e)}return void r.popup?.close()}}const a=s.getLogoutUri(t);this.eventHandler.emitEvent(kc.LOGOUT_SUCCESS,t.correlationId,e.InteractionType.Popup,t);const c=this.openPopup(a,r);if(this.eventHandler.emitEvent(kc.POPUP_OPENED,t.correlationId,e.InteractionType.Popup,{popupWindow:c},null),await ca(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,t,this.performanceClient).catch((()=>{})),o){const e={apiId:us.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=br.getAbsoluteUrl(o,ha());this.logger.verbose("0qcur2",this.correlationId),this.logger.verbosePii("0oj7lk",this.correlationId),await this.navigationClient.navigateInternal(t,e)}else this.logger.verbose("03zgcf",this.correlationId)}catch(t){throw r.popup?.close(),t instanceof we&&(t.setCorrelationId(this.correlationId),i.cacheFailedRequest(t)),this.eventHandler.emitEvent(kc.LOGOUT_FAILURE,this.correlationId,e.InteractionType.Popup,null,t),this.eventHandler.emitEvent(kc.LOGOUT_END,this.correlationId,e.InteractionType.Popup),t}this.eventHandler.emitEvent(kc.LOGOUT_END,this.correlationId,e.InteractionType.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii("1kcr9k",this.correlationId),this.openPopup(e,t);throw this.logger.error("1l7hyp",this.correlationId),Ni(Bo)}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii("0cgeo7",this.correlationId),r.location.assign(e)):void 0===t.popup&&(this.logger.verbosePii("0c2awd",this.correlationId),r=this.openSizedPopup(e,t)),!r)throw Ni(Xo);return r.focus&&r.focus(),this.currentWindow=r,r}catch(e){throw this.logger.error("0dxfb9",this.correlationId),Ni(Qo)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:n}){const o=n.screenLeft?n.screenLeft:n.screenX,i=n.screenTop?n.screenTop:n.screenY,s=n.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,a=n.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let c=r.popupSize?.width,h=r.popupSize?.height,l=r.popupPosition?.top,d=r.popupPosition?.left;return(!c||c<0||c>s)&&(this.logger.verbose("08vfmo",this.correlationId),c=Li),(!h||h<0||h>a)&&(this.logger.verbose("09cxa0",this.correlationId),h=Hi),(!l||l<0||l>a)&&(this.logger.verbose("1qh4wo",this.correlationId),l=Math.max(0,a/2-Hi/2+i)),(!d||d<0||d>s)&&(this.logger.verbose("1sz3en",this.correlationId),d=Math.max(0,s/2-Li/2+o)),n.open(e,t,`width=${c}, height=${h}, top=${l}, left=${d}, scrollbars=yes`)}generatePopupName(e,t){return`${Di}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${Di}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}class vh extends Bc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a}async acquireToken(t){const r=await Kn(zc,Oa,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Redirect,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.platformBroker=Ih(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);const n=t=>{t.persisted&&(this.logger.verbose("0udvtt",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),this.eventHandler.emitEvent(kc.RESTORE_FROM_BFCACHE,this.correlationId,e.InteractionType.Redirect))},o=this.getRedirectStartPage(t.redirectStartPage);this.logger.verbosePii("0zao0a",this.correlationId),this.browserStorage.setTemporaryCache(os,o,!0),window.addEventListener("pageshow",n);try{this.config.system.protocolMode===Kr.EAR?await this.executeEarFlow(r):await this.executeCodeFlow(r)}catch(e){throw e instanceof we&&e.setCorrelationId(this.correlationId),window.removeEventListener("pageshow",n),e}}async executeCodeFlow(e){const t=e.correlationId,r=Uc(us.acquireTokenRedirect,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),n=await Kn(ch,Ua,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),o={...e,codeChallenge:n.challenge};this.browserStorage.cacheAuthorizeRequest(o,this.correlationId,n.verifier);try{if(o.httpMethod===g)return await this.executeCodeFlowWithPost(o);{const t=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:r,requestAuthority:o.authority,requestAzureCloudOptions:o.azureCloudOptions,requestExtraQueryParameters:o.extraQueryParameters,account:o.account}),n=await Kn(th,qn,this.logger,this.performanceClient,e.correlationId)(this.config,t.authority,o,this.logger,this.performanceClient);return await this.initiateAuthRequest(n)}}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),r.cacheFailedRequest(e)),e}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Kn(Lc,ka,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Kn(Bs,Da,this.logger,this.performanceClient,t)(),c=await Kn(ch,Ua,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge};this.browserStorage.cacheAuthorizeRequest(h,this.correlationId,c.verifier);return(await rh(document,this.config,s,h,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Ni(Ri,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async executeCodeFlowWithPost(e){const t=e.correlationId,r=await Kn(Lc,ka,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger);this.browserStorage.cacheAuthorizeRequest(e,this.correlationId);return(await nh(document,this.config,r,e,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Ni(Ri,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async handleRedirectPromise(e,t,r,n){const o=Uc(us.handleRedirectPromise,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),i=n?.navigateToLoginRequestUrl??!0;try{const[s,a]=this.getRedirectResponse(n?.hash||"");if(!s)return this.logger.info("1qmv0q",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),"back_forward"!==function(){if("undefined"==typeof window||void 0===window.performance||"function"!=typeof window.performance.getEntriesByType)return;const e=window.performance.getEntriesByType("navigation"),t=e.length?e[0]:void 0;return t?.type}()?r.event.errorCode="no_server_response":this.logger.verbose("1eqegq",this.correlationId),null;const c=this.browserStorage.getTemporaryCache(os,this.correlationId,!0)||"",h=hr(c);if(h===hr(window.location.href)&&i){this.logger.verbose("11yred",this.correlationId),c.indexOf("#")>-1&&na(c);return await this.handleResponse(s,e,t,o)}if(!i)return this.logger.verbose("0v4sdv",this.correlationId),await this.handleResponse(s,e,t,o);if(!oa()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(is,a,!0);const r={apiId:us.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let n=!0;if(c&&"null"!==c)this.logger.verbose("08jpy1",this.correlationId),n=await this.navigationClient.navigateInternal(c,r);else{const e=la();this.browserStorage.setTemporaryCache(os,e,!0),this.logger.warning("1dutq1",this.correlationId),n=await this.navigationClient.navigateInternal(e,r)}if(!n)return await this.handleResponse(s,e,t,o)}return null}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),o.cacheFailedRequest(e)),e}}getRedirectResponse(t){this.logger.verbose("1c5i8m",this.correlationId);let r=t;r||(r=this.config.auth.OIDCOptions.responseMode===x.QUERY?window.location.search:window.location.hash);let n=ar(r);if(n){try{$c(n,this.browserCrypto,e.InteractionType.Redirect)}catch(e){return e instanceof we&&this.logger.error("0bkq6p",this.correlationId),[null,""]}return ra(window),this.logger.verbose("00uvho",this.correlationId),[n,r]}const o=this.browserStorage.getTemporaryCache(is,this.correlationId,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(is)),o&&(n=ar(o),n)?(this.logger.verbose("001671",this.correlationId),[n,o]):[null,""]}async handleResponse(e,t,r,n){if(!e.state)throw Ni(jo);const{authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=t;if(e.ear_jwe){const r=await Kn(Lc,ka,this.logger,this.performanceClient,t.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a);return Kn(ah,Ma,this.logger,this.performanceClient,t.correlationId)(t,e,us.acquireTokenRedirect,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}const c=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority});return Kn(sh,qa,this.logger,this.performanceClient,t.correlationId)(t,e,r,us.acquireTokenRedirect,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async initiateAuthRequest(e){if(this.logger.verbose("0yaw2e",this.correlationId),e){this.logger.infoPii("1luf83",this.correlationId);const t={apiId:us.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},r=this.config.auth.onRedirectNavigate;if("function"==typeof r){this.logger.verbose("1nehvl",this.correlationId);return!1!==r(e)?(this.logger.verbose("1a0jxh",this.correlationId),void await this.navigationClient.navigateExternal(e,t)):void this.logger.verbose("09k5h5",this.correlationId)}return this.logger.verbose("0klwf7",this.correlationId),void await this.navigationClient.navigateExternal(e,t)}throw this.logger.info("0rlh4e",this.correlationId),Ni(Bo)}async logout(t){this.logger.verbose("1rkurh",this.correlationId);const r=this.initializeLogoutRequest(t),n=Uc(us.logout,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{this.eventHandler.emitEvent(kc.LOGOUT_START,this.correlationId,e.InteractionType.Redirect,t),await Hc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,r.account);const o={apiId:us.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t&&t.authority,requestExtraQueryParameters:t?.extraQueryParameters,account:t&&t.account||void 0});if(i.authority.protocolMode===Kr.OIDC)try{i.authority.endSessionEndpoint}catch{if(r.account?.homeAccountId)return void this.eventHandler.emitEvent(kc.LOGOUT_SUCCESS,this.correlationId,e.InteractionType.Redirect,r)}const s=i.getLogoutUri(r);r.account?.homeAccountId&&this.eventHandler.emitEvent(kc.LOGOUT_SUCCESS,this.correlationId,e.InteractionType.Redirect,r);const a=this.config.auth.onRedirectNavigate;if("function"!=typeof a)return this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,ns),void await this.navigationClient.navigateExternal(s,o);if(!1!==a(s))return this.logger.verbose("06v57e",this.correlationId),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,ns),void await this.navigationClient.navigateExternal(s,o);this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("0xqes1",this.correlationId)}catch(t){throw t instanceof we&&(t.setCorrelationId(this.correlationId),n.cacheFailedRequest(t)),this.eventHandler.emitEvent(kc.LOGOUT_FAILURE,this.correlationId,e.InteractionType.Redirect,null,t),this.eventHandler.emitEvent(kc.LOGOUT_END,this.correlationId,e.InteractionType.Redirect),t}this.eventHandler.emitEvent(kc.LOGOUT_END,this.correlationId,e.InteractionType.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return br.getAbsoluteUrl(t,ha())}}async function kh(e,t,r,n){if(!e)throw r.info("1l7hyp",n),Ni(Bo);return Fn(Ah,"silentHandlerLoadFrameSync",r,t,n)(e)}async function Th(e,t,r,n,o){const i=Sh();if(!i.contentDocument)throw"No document associated with iframe!";return(await nh(i.contentDocument,e,t,r,n,o)).submit(),i}async function bh(e,t,r,n,o){const i=Sh();if(!i.contentDocument)throw"No document associated with iframe!";return(await rh(i.contentDocument,e,t,r,n,o)).submit(),i}function Ah(e){const t=Sh();return t.src=e,t}function Sh(){const e=document.createElement("iframe");return e.className="msalSilentIframe",e.style.visibility="hidden",e.style.position="absolute",e.style.width=e.style.height="0",e.style.border="0",e.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),e.setAttribute("allow","local-network-access *"),document.body.appendChild(e),e}class _h extends Bc{constructor(e,t,r,n,o,i,s,a,c,h,l){super(e,t,r,n,o,i,a,h,l),this.apiId=s,this.nativeStorage=c}async acquireToken(t){t.loginHint||t.sid||t.account&&t.account.username||this.logger.warning("1kl318",this.correlationId);const r={...t};r.prompt?r.prompt!==R.NONE&&r.prompt!==R.NO_SESSION&&(this.logger.warning("0bmctg",this.correlationId),r.prompt=R.NONE):r.prompt=R.NONE;const n=await Kn(zc,Oa,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);return n.platformBroker=Ih(this.config,this.logger,this.correlationId,this.platformAuthProvider,n.authenticationScheme),wa(n.authority),this.config.system.protocolMode===Kr.EAR?this.executeEarFlow(n):this.executeCodeFlow(n)}async executeCodeFlow(e){let t;const r=Uc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{return t=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await Kn(this.silentTokenHelper.bind(this),Sa,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(n){if(n instanceof we&&(n.setCorrelationId(this.correlationId),r.cacheFailedRequest(n)),!(t&&n instanceof we&&n.errorCode===Ui))throw n;return this.performanceClient.addFields({retryError:n.errorCode},this.correlationId),await Kn(this.silentTokenHelper.bind(this),Sa,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Kn(Lc,ka,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Kn(Bs,Da,this.logger,this.performanceClient,t)(),c=await Kn(ch,Ua,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge};await Kn(bh,_a,this.logger,this.performanceClient,t)(this.config,s,h,this.logger,this.performanceClient);const l=this.config.auth.OIDCOptions.responseMode,d=await Kn(ca,Ea,this.logger,this.performanceClient,t)(this.config.system.iframeBridgeTimeout,this.logger,this.browserCrypto,e,this.performanceClient),u=Fn(jc,Na,this.logger,this.performanceClient,t)(d,l,this.logger,this.correlationId);if(!u.ear_jwe&&u.code){const r=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,t)({serverTelemetryManager:Uc(this.apiId,this.config.auth.clientId,t,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:s});return Kn(sh,qa,this.logger,this.performanceClient,t)(h,u,c.verifier,this.apiId,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Kn(ah,Ma,this.logger,this.performanceClient,t)(h,u,this.apiId,this.config,s,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}logout(){return Promise.reject(Ni(ni))}async silentTokenHelper(e,t){const r=t.correlationId,n=await Kn(ch,Ua,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),o={...t,codeChallenge:n.challenge};if(t.httpMethod===g)await Kn(Th,_a,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);else{const t=await Kn(th,qn,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);await Kn(kh,_a,this.logger,this.performanceClient,r)(t,this.performanceClient,this.logger,r)}const i=this.config.auth.OIDCOptions.responseMode,s=await Kn(ca,Ea,this.logger,this.performanceClient,r)(this.config.system.iframeBridgeTimeout,this.logger,this.browserCrypto,t,this.performanceClient),a=Fn(jc,Na,this.logger,this.performanceClient,r)(s,i,this.logger,this.correlationId);return Kn(sh,qa,this.logger,this.performanceClient,r)(t,a,n.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}class Eh extends Bc{async acquireToken(e){const t=await Kn(Dc,Aa,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger,this.correlationId),r={...e,...t};e.redirectUri&&(r.redirectUri=Nc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId));const n=Uc(us.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),o=await this.createRefreshTokenClient({serverTelemetryManager:n,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return Kn(o.acquireTokenByRefreshToken.bind(o),"refreshTokenClientAcquireTokenByRefreshToken",this.logger,this.performanceClient,e.correlationId)(r,us.acquireTokenSilent_silentFlow).catch((e=>{throw e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e),e}))}logout(){return Promise.reject(Ni(ni))}async createRefreshTokenClient(e){const t=await Kn(this.getClientConfiguration.bind(this),Ra,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new Co(t,this.performanceClient)}}class Ph extends Io{constructor(e,t){super(e,t),this.includeRedirectUri=!1}}class Rh extends Bc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,a,c,h),this.apiId=s}async acquireToken(t){if(!t.code)throw Ni(mi);const r=await Kn(zc,Oa,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),n=Uc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const e={...r,code:t.code},o=await Kn(this.getClientConfiguration.bind(this),Ra,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:r.authority,requestAzureCloudOptions:r.azureCloudOptions,requestExtraQueryParameters:r.extraQueryParameters,account:r.account}),i=new Ph(o,this.performanceClient);this.logger.verbose("1uic5e",this.correlationId);const s=new Jc(i,this.browserStorage,e,this.logger,this.performanceClient);return await Kn(s.handleCodeResponseFromServer.bind(s),Nn,this.logger,this.performanceClient,this.correlationId)({code:t.code,msgraph_host:t.msGraphHost,cloud_graph_host_name:t.cloudGraphHostName,cloud_instance_host_name:t.cloudInstanceHostName},r,this.apiId,!1)}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e)),e}}logout(){return Promise.reject(Ni(ni))}}function Oh(e,t,r,n){try{fa(e),So(r.auth.isMcp,n)}catch(e){throw t.end({success:!1},e,n.account),e}}class Mh{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new za(this.logger,this.performanceClient):lr,this.eventHandler=new xc(this.logger),this.browserStorage=this.isBrowserEnvironment?new Sc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,yo(this.config.auth)):Ec(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:Zi.MemoryStorage,cacheRetentionDays:5};this.nativeInternalStorage=new Sc(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this)}static async createController(e,t){const r=new Mh(e);return await r.initialize(t),r}trackPageVisibility(e){e&&(this.logger.info("16v6hv",e),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e){const t=this.getRequestCorrelationId(e);if(this.logger.trace("1f7joy",t),this.initialized)return void this.logger.info("061m5x",t);if(!this.isBrowserEnvironment)return this.logger.info("19fvpi",t),this.initialized=!0,void this.eventHandler.emitEvent(kc.INITIALIZE_END,t);const r=this.config.system.allowPlatformBroker,n=this.performanceClient.startMeasurement(Xa,t);if(this.eventHandler.emitEvent(kc.INITIALIZE_START,t),this.logMultipleInstances(n,t),n.add({isMcp:this.config.auth.isMcp}),await Kn(this.browserStorage.initialize.bind(this.browserStorage),"initializeCache",this.logger,this.performanceClient,t)(t),r)try{this.platformAuthProvider=await wh(this.logger,this.performanceClient,t,this.config.system.nativeBrokerHandshakeTimeout)}catch(e){this.logger.verbose(e,t)}this.config.cache.cacheLocation===Zi.LocalStorage&&this.eventHandler.subscribeCrossTab(),!this.config.system.navigatePopups&&await this.preGeneratePkceCodes(t),this.initialized=!0,this.eventHandler.emitEvent(kc.INITIALIZE_END,t),n.end({allowPlatformBroker:r,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("02l8bm",""),ma(this.initialized),this.isBrowserEnvironment){const t=e?.hash||"";let r=this.redirectResponse.get(t);return void 0===r?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("1wn9kp","")):this.logger.verbose("0w0gm3",""),r}return this.logger.verbose("12xi63",""),null}async handleRedirectPromiseInternal(t){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",""),null;const r=this.browserStorage.getInteractionInProgress()?.type;if(r===ns)return this.logger.verbose("1ywcv2",""),this.browserStorage.setInteractionInProgress(!1),Promise.resolve(null);const n=this.getAllAccounts(),o=this.browserStorage.getCachedNativeRequest(),i=o&&this.platformAuthProvider&&!t?.hash;let s,a;try{if(i&&this.platformAuthProvider){const t=o?.correlationId||"";this.eventHandler.emitEvent(kc.HANDLE_REDIRECT_START,t,e.InteractionType.Redirect),s=this.performanceClient.startMeasurement(Va,t),this.logger.trace("12v7is",t);const r=new Xc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,us.handleRedirectPromise,this.performanceClient,this.platformAuthProvider,o.accountId,this.nativeInternalStorage,o.correlationId);a=Kn(r.handleRedirectPromise.bind(r),"handleNativeRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(this.performanceClient,s.event.correlationId)}else{const[r,n]=this.browserStorage.getCachedRequest(""),o=r.correlationId;this.eventHandler.emitEvent(kc.HANDLE_REDIRECT_START,o,e.InteractionType.Redirect),s=this.performanceClient.startMeasurement(Va,o),this.logger.trace("0znzs5",o);const i=this.createRedirectClient(o);a=Kn(i.handleRedirectPromise.bind(i),"handleRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(r,n,s,t)}}catch(e){throw this.browserStorage.resetRequestCache(""),e}return a.then((t=>{if(t){this.browserStorage.resetRequestCache(t.correlationId),this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_SUCCESS,t.correlationId,e.InteractionType.Redirect,t),this.logger.verbose("0ui8f5",t.correlationId);n.length<this.getAllAccounts().length&&(this.eventHandler.emitEvent(kc.LOGIN_SUCCESS,t.correlationId,e.InteractionType.Redirect,t.account),this.logger.verbose("16im3l",t.correlationId)),s.end({success:!0},void 0,t.account)}else s.event.errorCode?s.end({success:!1},void 0):s.discard();return this.eventHandler.emitEvent(kc.HANDLE_REDIRECT_END,s.event.correlationId,e.InteractionType.Redirect),t})).catch((t=>{this.browserStorage.resetRequestCache(s.event.correlationId);const r=t;throw this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_FAILURE,s.event.correlationId,e.InteractionType.Redirect,null,r),this.eventHandler.emitEvent(kc.HANDLE_REDIRECT_END,s.event.correlationId,e.InteractionType.Redirect),s.end({success:!1},r),t}))}async acquireTokenRedirect(t){const r=this.getRequestCorrelationId(t);this.logger.verbose("0os66p",r);const n=this.performanceClient.startMeasurement(Ga,r);n.add({scenarioId:t.scenarioId});const o=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=e=>{const r="function"==typeof o?o(e):void 0;return n.add({navigateCallbackResult:!1!==r}),n.event=n.end({success:!0},void 0,t.account)||n.event,r};try{let o;if(ya(this.initialized,this.config),So(this.config.auth.isMcp,t),this.browserStorage.setInteractionInProgress(!0,rs),this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_START,r,e.InteractionType.Redirect,t),this.platformAuthProvider&&this.canUsePlatformBroker(t)){o=new Xc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,us.acquireTokenRedirect,this.performanceClient,this.platformAuthProvider,this.getNativeAccountId(t),this.nativeInternalStorage,r).acquireTokenRedirect(t,n).catch((e=>{if(e instanceof Wc&&Gc(e)){this.platformAuthProvider=void 0;return this.createRedirectClient(r).acquireToken(t)}if(e instanceof vn){this.logger.verbose("1ipyz4",r);return this.createRedirectClient(r).acquireToken(t)}throw e}))}else{o=this.createRedirectClient(r).acquireToken(t)}return await o}catch(o){throw this.browserStorage.resetRequestCache(r),2===n.event.status?this.performanceClient.startMeasurement(Va,r).end({success:!1},o,t.account):n.end({success:!1},o,t.account),this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Redirect,null,o),o}}acquireTokenPopup(t){const r=this.getRequestCorrelationId(t),n=this.performanceClient.startMeasurement(Wa,r);n.add({scenarioId:t.scenarioId});try{this.logger.verbose("0ch87b",r),Oh(this.initialized,n,this.config,t),this.browserStorage.setInteractionInProgress(!0,rs,t.overrideInteractionInProgress,r)}catch(e){return Promise.reject(e)}const o=this.getAllAccounts();let i;this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_START,r,e.InteractionType.Popup,t);const s=this.getPreGeneratedPkceCodes(r);if(this.canUsePlatformBroker(t))i=this.acquireTokenNative({...t,correlationId:r},us.acquireTokenPopup).then((e=>(n.end({success:!0,isNativeBroker:!0},void 0,e.account),e))).catch((e=>{if(e instanceof Wc&&Gc(e)){this.platformAuthProvider=void 0;return this.createPopupClient(r).acquireToken(t,s)}if(e instanceof vn){this.logger.verbose("0yy5fw",r);return this.createPopupClient(r).acquireToken(t,s)}throw e}));else{i=this.createPopupClient(r).acquireToken(t,s)}return i.then((t=>{const i=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Popup,t),i&&this.eventHandler.emitEvent(kc.LOGIN_SUCCESS,r,e.InteractionType.Popup,t.account),n.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t})).catch((o=>(this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Popup,null,o),n.end({success:!1},o,t.account),Promise.reject(o)))).finally((async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.navigatePopups||await this.preGeneratePkceCodes(r)}))}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;e&&e.increment({visibilityChangeCount:1})}async ssoSilent(t){const r=this.getRequestCorrelationId(t),n={...t,prompt:t.prompt,correlationId:r};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(Qa,r),this.ssoSilentMeasurement?.add({scenarioId:t.scenarioId}),Oh(this.initialized,this.ssoSilentMeasurement,this.config,n),this.ssoSilentMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const o=this.getAllAccounts();let i;if(this.logger.verbose("0w1b45",r),this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_START,r,e.InteractionType.Silent,n),this.canUsePlatformBroker(n))i=this.acquireTokenNative(n,us.ssoSilent).catch((e=>{if(e instanceof Wc&&Gc(e)){this.platformAuthProvider=void 0;return this.createSilentIframeClient(n.correlationId).acquireToken(n)}throw e}));else{i=this.createSilentIframeClient(n.correlationId).acquireToken(n)}return i.then((t=>{const n=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,t),n&&this.eventHandler.emitEvent(kc.LOGIN_SUCCESS,r,e.InteractionType.Silent,t.account),this.ssoSilentMeasurement?.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t})).catch((n=>{throw this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,n),this.ssoSilentMeasurement?.end({success:!1},n,t.account),n})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenByCode(t){const r=this.getRequestCorrelationId(t);this.logger.trace("0ch6ga",r);const n=this.performanceClient.startMeasurement(Ja,r);Oh(this.initialized,n,this.config,t),this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_START,r,e.InteractionType.Silent,t),n.add({scenarioId:t.scenarioId});try{if(t.code&&t.nativeAccountId)throw Ni(yi);if(t.code){const o=t.code;let i=this.hybridAuthCodeResponses.get(o);return i?(this.logger.verbose("0qgp28",r),n.discard()):(this.logger.verbose("06eh73",r),i=this.acquireTokenByCodeAsync({...t,correlationId:r}).then((t=>(this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,t),this.hybridAuthCodeResponses.delete(o),n.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((t=>{throw this.hybridAuthCodeResponses.delete(o),this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,t),n.end({success:!1},t),t})),this.hybridAuthCodeResponses.set(o,i)),await i}if(t.nativeAccountId){if(this.canUsePlatformBroker(t,t.nativeAccountId)){const e=await this.acquireTokenNative({...t,correlationId:r},us.acquireTokenByCode,t.nativeAccountId).catch((e=>{throw e instanceof Wc&&Gc(e)&&(this.platformAuthProvider=void 0),e}));return n.end({success:!0},void 0,e.account),e}throw Ni(Ii)}throw Ni(fi)}catch(t){throw this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,t),n.end({success:!1},t),t}}async acquireTokenByCodeAsync(e){const t=this.getRequestCorrelationId(e);this.logger.trace("10d9hy",t),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement("acquireTokenByCodeAsync",t),this.acquireTokenByCodeAsyncMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const r=this.createSilentAuthCodeClient(t);return await r.acquireToken(e).then((e=>(this.acquireTokenByCodeAsyncMeasurement?.end({success:!0,fromCache:e.fromCache,isNativeBroker:e.fromPlatformBroker}),e))).catch((e=>{throw this.acquireTokenByCodeAsyncMeasurement?.end({success:!1},e),e})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenFromCache(e,t){switch(t){case Is.Default:case Is.AccessToken:case Is.AccessTokenAndRefreshToken:const t=this.createSilentCacheClient(e.correlationId);return Kn(t.acquireToken.bind(t),"silentCacheClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw be(ft)}}async acquireTokenByRefreshToken(e,t){switch(t){case Is.Default:case Is.AccessTokenAndRefreshToken:case Is.RefreshToken:case Is.RefreshTokenAndNetwork:const t=this.createSilentRefreshClient(e.correlationId);return Kn(t.acquireToken.bind(t),"silentRefreshClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw be(ft)}}async acquireTokenBySilentIframe(e){const t=this.createSilentIframeClient(e.correlationId);return Kn(t.acquireToken.bind(t),"silentIframeClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e)}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);ya(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,ns);return this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);fa(this.initialized),this.browserStorage.setInteractionInProgress(!0,ns);return this.createPopupClient(t).logout(e).finally((()=>{this.browserStorage.setInteractionInProgress(!1)}))}catch(e){return Promise.reject(e)}}async clearCache(e){if(!this.isBrowserEnvironment)return;const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return Pc(this.logger,this.browserStorage,this.isBrowserEnvironment,this.getRequestCorrelationId(),e)}getAccount(e){return Rc(e,this.logger,this.browserStorage,this.getRequestCorrelationId())}setActiveAccount(e){Oc(e,this.browserStorage,this.getRequestCorrelationId())}getActiveAccount(){return Mc(this.browserStorage,this.getRequestCorrelationId())}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=zr(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,kr(e.idTokenClaims),us.hydrateCache),e.fromPlatformBroker?(this.logger.verbose("1fxyu8",e.correlationId),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,r,n){const o=this.getRequestCorrelationId(e);if(this.logger.trace("0b9y3p",o),!this.platformAuthProvider)throw Ni(ki);return new Xc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.platformAuthProvider,r||this.getNativeAccountId(e),this.nativeInternalStorage,o).acquireToken(e,n)}canUsePlatformBroker(e,t){const r=this.getRequestCorrelationId(e);if(this.logger.trace("1n9lbl",r),!this.platformAuthProvider)return this.logger.trace("0vnu11",r),!1;if(!Ih(this.config,this.logger,r,this.platformAuthProvider,e.authenticationScheme))return this.logger.trace("1m4bzf",r),!1;if(e.prompt)switch(e.prompt){case R.NONE:case R.CONSENT:case R.LOGIN:this.logger.trace("0vdv8e",r);break;default:return this.logger.trace("0pdzw6",r),!1}return!(!t&&!this.getNativeAccountId(e))||(this.logger.trace("16lbtk",r),!1)}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||this.getActiveAccount();return t&&t.nativeAccountId||""}createPopupClient(e){return new Ch(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createRedirectClient(e){return new vh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentIframeClient(e){return new _h(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,us.ssoSilent,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentCacheClient(e){return new Qc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentRefreshClient(e){return new Eh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentAuthCodeClient(e){return new Rh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,us.acquireTokenByCode,this.performanceClient,e,this.platformAuthProvider)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return pa(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e?.correlationId?e.correlationId:this.isBrowserEnvironment?Fs():""}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0lz9hf",t),this.acquireTokenRedirect({correlationId:t,...e||fs})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0qw7v5",t),this.acquireTokenPopup({correlationId:t,...e||fs})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement($a,t);r.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),Oh(this.initialized,r,this.config,e),this.logger.verbose("0x1c4s",t);const n=e.account||this.getActiveAccount();if(!n)throw Ni(oi);return this.acquireTokenSilentDeduped(e,n,t).then((n=>(r.end({success:!0,fromCache:n.fromCache,isNativeBroker:n.fromPlatformBroker,accessTokenSize:n.accessToken.length,idTokenSize:n.idToken.length},void 0,n.account),{...n,state:e.state,correlationId:t}))).catch((e=>{throw e instanceof we&&e.setCorrelationId(t),r.end({success:!1},e,n),e}))}async acquireTokenSilentDeduped(e,t,r){const n=so(this.config.auth.clientId,{...e,authority:e.authority||this.config.auth.authority},t.homeAccountId),o=JSON.stringify(n),i=this.activeSilentTokenRequests.get(o);if(void 0===i){this.logger.verbose("0fcjbk",r),this.performanceClient.addFields({deduped:!1},r);const n=Kn(this.acquireTokenSilentAsync.bind(this),"acquireTokenSilentAsync",this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(o,n),n.finally((()=>{this.activeSilentTokenRequests.delete(o)}))}return this.logger.verbose("1yq7nb",r),this.performanceClient.addFields({deduped:!0},r),i}async acquireTokenSilentAsync(t,r){const n=()=>this.trackPageVisibility(t.correlationId);this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_START,t.correlationId,e.InteractionType.Silent,t),t.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},t.correlationId),document.addEventListener("visibilitychange",n);const o=await Kn(Fc,"initializeSilentRequest",this.logger,this.performanceClient,t.correlationId)(t,r,this.config,this.performanceClient,this.logger),i=t.cacheLookupPolicy||Is.Default;return this.acquireTokenSilentNoIframe(o,i).catch((async e=>{const r=function(e,t){const r=!(e instanceof vn&&e.subError!==fn),n=e.errorCode===Ui||e.errorCode===ft,o=r&&n||e.errorCode===hn||e.errorCode===dn,i=Cs.includes(t);return o&&i}(e,i);if(r){const r=`${e.errorCode}${e.subError?`|${e.subError}`:""}`;if(this.performanceClient.addFields({silentRefreshReason:r},t.correlationId),this.activeIframeRequest){if(i!==Is.Skip){const[t,r]=this.activeIframeRequest;this.logger.verbose("1w8fso",o.correlationId);const n=this.performanceClient.startMeasurement("awaitConcurrentIframe",o.correlationId);n.add({awaitIframeCorrelationId:r});const s=await t;if(n.end({success:s}),s)return this.logger.verbose("0ywzzi",o.correlationId),this.acquireTokenSilentNoIframe(o,i);throw this.logger.info("17y14q",o.correlationId),e}return this.logger.warning("1bd4p8",o.correlationId),Kn(this.acquireTokenBySilentIframe.bind(this),ba,this.logger,this.performanceClient,o.correlationId)(o)}{let e;return this.activeIframeRequest=[new Promise((t=>{e=t})),o.correlationId],this.logger.verbose("0rh08z",o.correlationId),Kn(this.acquireTokenBySilentIframe.bind(this),ba,this.logger,this.performanceClient,o.correlationId)(o).then((t=>(e(!0),t))).catch((t=>{throw e(!1),t})).finally((()=>{this.activeIframeRequest=void 0}))}}throw e})).then((r=>(this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_SUCCESS,t.correlationId,e.InteractionType.Silent,r),t.correlationId&&this.performanceClient.addFields({fromCache:r.fromCache,isNativeBroker:r.fromPlatformBroker},t.correlationId),r))).catch((r=>{throw this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_FAILURE,t.correlationId,e.InteractionType.Silent,null,r),r})).finally((()=>{document.removeEventListener("visibilitychange",n)}))}async acquireTokenSilentNoIframe(t,r){return Ih(this.config,this.logger,t.correlationId,this.platformAuthProvider,t.authenticationScheme)&&t.account.nativeAccountId?(this.logger.verbose("0sczo4",t.correlationId),this.acquireTokenNative(t,us.acquireTokenSilent_silentFlow,t.account.nativeAccountId,r).catch((async e=>{if(e instanceof Wc&&Gc(e))throw this.logger.verbose("07rkmb",t.correlationId),this.platformAuthProvider=void 0,be(ft);throw e}))):(this.logger.verbose("0ox81t",t.correlationId),r===Is.AccessToken&&this.logger.verbose("0fvwxe",t.correlationId),Kn(this.acquireTokenFromCache.bind(this),"acquireTokenFromCache",this.logger,this.performanceClient,t.correlationId)(t,r).catch((n=>{if(r===Is.AccessToken)throw n;return this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_NETWORK_START,t.correlationId,e.InteractionType.Silent,t),Kn(this.acquireTokenByRefreshToken.bind(this),"acquireTokenByRefreshToken",this.logger,this.performanceClient,t.correlationId)(t,r)})))}async preGeneratePkceCodes(e){return this.logger.verbose("1x6uj6",e),this.pkceCode=await Kn(ch,Ua,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,t?this.logger.verbose("12js1o",e):this.logger.verbose("1oe9ci",e),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}logMultipleInstances(e,t){const r=this.config.auth.clientId;if(!window)return;window.msal=window.msal||{},window.msal.clientIds=window.msal.clientIds||[];window.msal.clientIds.length>0&&this.logger.verbose("1qtz3l",t),window.msal.clientIds.push(r),function(e,t,r,n){const o=window.msal?.clientIds||[],i=o.length,s=o.filter((t=>t===e)).length;s>1&&r.warning("1e88vg",n),t.add({msalInstanceCount:i,sameClientIdInstanceCount:s})}(r,e,this.logger,t)}}class xh{static loggerCallback(t,r){switch(t){case e.LogLevel.Error:return void console.error(r);case e.LogLevel.Info:return void console.info(r);case e.LogLevel.Verbose:return void console.debug(r);case e.LogLevel.Warning:return void console.warn(r);default:return void console.log(r)}}constructor(t){let r;this.browserEnvironment="undefined"!=typeof window,this.config=mh(t,this.browserEnvironment);try{r=window[Zi.SessionStorage]}catch(e){}const n=r?.getItem(nc),o=r?.getItem(oc)?.toLowerCase(),i="true"===o||"false"!==o&&void 0,s={...this.config.system.loggerOptions},a=n&&Object.keys(e.LogLevel).includes(n)?e.LogLevel[n]:void 0;a&&(s.loggerCallback=xh.loggerCallback,s.logLevel=a),void 0!==i&&(s.piiLoggingEnabled=i),this.logger=new pr(s,Tc,bc),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}class qh extends xh{getModuleName(){return qh.MODULE_NAME}getId(){return qh.ID}async initialize(e){return this.available="undefined"!=typeof window,this.available}}qh.MODULE_NAME="",qh.ID="StandardOperatingContext";const Nh="USER_INTERACTION_REQUIRED",Uh="USER_CANCEL",Lh="NO_NETWORK",Hh="TRANSIENT_ERROR",Dh="PERSISTENT_ERROR",Fh="DISABLED",Kh="ACCOUNT_UNAVAILABLE",Bh="NESTED_APP_AUTH_UNAVAILABLE";class zh{constructor(e,t,r,n){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=n}toNaaTokenRequest(e){let t;t=void 0===e.extraQueryParameters?new Map:new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId||this.crypto.createNewGuid(),n=Yt(e.claims,this.clientCapabilities),o=e.scopes||p;return{platformBrokerId:e.account?.homeAccountId,clientId:this.clientId,authority:e.authority,resource:e.resource,scope:o.join(" "),correlationId:r,claims:ke.isEmptyObj(n)?void 0:n,state:e.state,authenticationScheme:e.authenticationScheme||G.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token||!t.token.access_token)throw be(Ve);const n=En(r+(t.token.expires_in||0)),o=vr(t.token.id_token,this.crypto.base64Decode),i=this.fromNaaAccountInfo(t.account,t.token.id_token,o),s=t.token.scope||e.scope;return{authority:t.token.authority||i.environment,uniqueId:i.localAccountId,tenantId:i.tenantId,scopes:s.split(" "),account:i,idToken:t.token.id_token,idTokenClaims:o,accessToken:t.token.access_token,fromCache:!1,expiresOn:n,tokenType:e.authenticationScheme||G.BEARER,correlationId:e.correlationId,extExpiresOn:n,state:e.state}}fromNaaAccountInfo(e,t,r){const n=r||e.idTokenClaims,o=e.localAccountId||n?.oid||n?.sub||"",i=e.tenantId||Fr(n)||"",s=e.homeAccountId||`${o}.${i}`,a=e.environment;if(!a)throw be(gt);const c=n?.preferred_username||n?.upn,h=n?.emails?.[0]||null,l=e.username||c||h||"",d=e.name||n?.name||"",u=e.loginHint||n?.login_hint,g=new Map,p=Ir(s,o,i,n);g.set(i,p);return{homeAccountId:s,environment:a,tenantId:i,username:l,localAccountId:o,name:d,loginHint:u,idToken:t,idTokenClaims:n,tenantProfiles:g}}fromBridgeError(e){if(!function(e){return void 0!==e.status}(e))return new we("unknown_error","An unknown error occurred");switch(e.status){case Uh:return new Te(Tt);case Lh:return new Te(kt);case Kh:return new Te(pt);case Fh:return new Te(At);case Bh:return new Te(e.code||At,e.description);case Hh:case Dh:return new cn(e.code,e.description);case Nh:return new vn(e.code,e.description);default:return new we(e.code,e.description)}}toAuthenticationResultFromCache(e,t,r,n,o){if(!t||!r)throw be(Ve);const i=vr(t.secret,this.crypto.base64Decode),s=r.target||n.scopes.join(" ");return{authority:r.environment||e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:s.split(" "),account:e,idToken:t.secret,idTokenClaims:i||{},accessToken:r.secret,fromCache:!0,expiresOn:En(r.expiresOn),extExpiresOn:En(r.extendedExpiresOn),tokenType:n.authenticationScheme||G.BEARER,correlationId:o,state:n.state}}}class jh extends we{constructor(e,t){super(e,t),Object.setPrototypeOf(this,jh.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(){return new jh("unsupported_method")}}class $h{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(void 0===t)throw new Error("unexpected: bridgeProxy is undefined");this.bridgeProxy=t,this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new za(this.logger,this.performanceClient,!0):lr,this.eventHandler=new xc(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new Sc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,yo(this.config.auth)):Ec(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new zh(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r||null}static async createController(e){const t=new $h(e);return Promise.resolve(t)}async initialize(e,t){const r=e?.correlationId||Fs();return await this.browserStorage.initialize(r),Promise.resolve()}ensureValidRequest(e){return e?.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(t){const r=this.ensureValidRequest(t),n=r.correlationId||Fs();this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_START,n,e.InteractionType.Popup,r);const o=this.performanceClient.startMeasurement(Wa,n);o.add({nestedAppAuthRequest:!0});try{So(this.config.auth.isMcp,r);const i=this.nestedAppAuthAdapter.toNaaTokenRequest(r),s=Sn(),a=await this.bridgeProxy.getTokenInteractive(i),c={...this.nestedAppAuthAdapter.fromNaaTokenResponse(i,a,s)};try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_SUCCESS,n,e.InteractionType.Popup,c),o.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),o.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const i=r instanceof we?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_FAILURE,n,e.InteractionType.Popup,null,r),o.end({success:!1},r,t.account),i}}async acquireTokenSilentInternal(t){const r=this.ensureValidRequest(t),n=r.correlationId||Fs();this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_START,n,e.InteractionType.Silent,r);const o=await this.acquireTokenFromCache(r);if(o)return this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_SUCCESS,n,e.InteractionType.Silent,o),o;const i=this.performanceClient.startMeasurement(Qa,n);i.increment({visibilityChangeCount:0}),i.add({nestedAppAuthRequest:!0});try{So(this.config.auth.isMcp,r);const o=this.nestedAppAuthAdapter.toNaaTokenRequest(r);o.forceRefresh=r.forceRefresh;const s=Sn(),a=await this.bridgeProxy.getTokenSilent(o),c=this.nestedAppAuthAdapter.fromNaaTokenResponse(o,a,s);try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_SUCCESS,n,e.InteractionType.Silent,c),i?.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),i?.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const o=r instanceof we?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_FAILURE,n,e.InteractionType.Silent,null,r),i?.end({success:!1},r,t.account),o}}async acquireTokenFromCache(t){const r=t.correlationId||Fs(),n=this.performanceClient.startMeasurement($a,r);if(n?.add({nestedAppAuthRequest:!0}),t.claims)return this.logger.verbose("11t57w",r),null;if(t.forceRefresh)return this.logger.verbose("1ovnmo",r),null;let o=null;switch(t.cacheLookupPolicy||(t.cacheLookupPolicy=Is.Default),t.cacheLookupPolicy){case Is.Default:case Is.AccessToken:case Is.AccessTokenAndRefreshToken:o=await this.acquireTokenFromCacheInternal(t);break;default:return null}return o?(this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,o),n.add({accessTokenSize:o.accessToken.length,idTokenSize:o.idToken.length}),n.end({success:!0},void 0,o.account),o):(this.logger.warning("1yb4fi",r),this.eventHandler.emitEvent(kc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null),n.end({success:!1},void 0,t.account),null)}async acquireTokenFromCacheInternal(e){const t=this.bridgeProxy.getAccountContext()||this.currentAccountContext,r=e.correlationId||Fs();let n=null;if(t&&(n=Rc(t,this.logger,this.browserStorage,r)),!n)return this.logger.verbose("10qnr0",r),Promise.resolve(null);this.logger.verbose("1u7hux",r);const o={...e,correlationId:r,authority:e.authority||n.environment,scopes:e.scopes?.length?e.scopes:[...p]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(n,o,i,n.tenantId);if(!s)return this.logger.verbose("03vm49",r),Promise.resolve(null);if(On(s.cachedAt)||Pn(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("18egye",r),Promise.resolve(null);if(o.resource){const e=o.resource,t=s.resource;if(!t||t!==e)return this.logger.verbose("0qraxd",r),Promise.resolve(null)}const a=this.browserStorage.getIdToken(n,o.correlationId,i,n.tenantId);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(n,a,s,o,o.correlationId):(this.logger.verbose("0d68kd",r),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw jh.createUnsupportedError()}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw jh.createUnsupportedError()}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw jh.createUnsupportedError()}removePerformanceCallback(e){throw jh.createUnsupportedError()}getAllAccounts(e){return Pc(this.logger,this.browserStorage,this.isBrowserEnv(),Fs(),e)}getAccount(e){return Rc(e,this.logger,this.browserStorage,Fs())}setActiveAccount(e){return Oc(e,this.browserStorage,Fs())}getActiveAccount(){return Mc(this.browserStorage,Fs())}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e||fs)}loginRedirect(e){throw jh.createUnsupportedError()}logoutRedirect(e){throw jh.createUnsupportedError()}logoutPopup(e){throw jh.createUnsupportedError()}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("1k8729","")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw jh.createUnsupportedError()}getRedirectResponse(){throw jh.createUnsupportedError()}async clearCache(e){throw jh.createUnsupportedError()}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=zr(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,kr(e.idTokenClaims),us.hydrateCache),this.browserStorage.hydrateCache(e,t)}}class Jh{static async initializeNestedAppAuthBridge(){if(void 0===window)throw new Error("window is undefined");if(void 0===window.nestedAppAuthBridge)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",(e=>{const t="string"==typeof e?e:e.data,r=JSON.parse(t),n=Jh.bridgeRequests.find((e=>e.requestId===r.requestId));void 0!==n&&(Jh.bridgeRequests.splice(Jh.bridgeRequests.indexOf(n),1),r.success?n.resolve(r):n.reject(r.error))}));const e=await new Promise(((e,t)=>{const r=Jh.buildRequest("GetInitContext"),n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Jh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}));return Jh.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:Jh.validateBridgeResultOrThrow(r.token),account:Jh.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:Fs(),sendTime:Date.now(),clientLibrary:Fi,clientLibraryVersion:bc,...t}}sendRequest(e,t){const r=Jh.buildRequest(e,t);return new Promise(((e,t)=>{const n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Jh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}))}static validateBridgeResultOrThrow(e){if(void 0===e){throw{status:Bh}}return e}constructor(e,t,r,n){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=n}static async create(){const e=await Jh.initializeNestedAppAuthBridge();return new Jh(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}Jh.bridgeRequests=[];class Wh extends xh{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return Wh.MODULE_NAME}getId(){return Wh.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(e){const t=e||"";try{if("undefined"!=typeof window){"function"==typeof window.__initializeNestedAppAuth&&await window.__initializeNestedAppAuth();const e=await Jh.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=void 0!==e}}catch(e){this.logger.infoPii("1mdxyj",t)}return this.logger.info("12jy9a",t),this.available}}Wh.MODULE_NAME="",Wh.ID="NestedAppOperatingContext";class Gh{constructor(e,t){this.controller=t||new Mh(new qh(e))}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}getAccount(e){return this.controller.getAccount(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function Vh(e){const t=new Gh(e);return await t.initialize(),t}const Qh={initialize:()=>Promise.reject(ea(Qs)),acquireTokenPopup:()=>Promise.reject(ea(Qs)),acquireTokenRedirect:()=>Promise.reject(ea(Qs)),acquireTokenSilent:()=>Promise.reject(ea(Qs)),acquireTokenByCode:()=>Promise.reject(ea(Qs)),getAllAccounts:()=>[],getAccount:()=>null,handleRedirectPromise:()=>Promise.reject(ea(Qs)),loginPopup:()=>Promise.reject(ea(Qs)),loginRedirect:()=>Promise.reject(ea(Qs)),logoutRedirect:()=>Promise.reject(ea(Qs)),logoutPopup:()=>Promise.reject(ea(Qs)),ssoSilent:()=>Promise.reject(ea(Qs)),addEventCallback:()=>null,removeEventCallback:()=>{},addPerformanceCallback:()=>"",removePerformanceCallback:()=>!1,getLogger:()=>{throw ea(Qs)},setLogger:()=>{},setActiveAccount:()=>{},getActiveAccount:()=>null,initializeWrapperLibrary:()=>{},setNavigationClient:()=>{},getConfiguration:()=>{throw ea(Qs)},hydrateCache:()=>Promise.reject(ea(Qs)),clearCache:()=>Promise.reject(ea(Qs))};async function Xh(e,t,r,n,o,i,s,a){if(o.verbose("0ke46k",r),e.account){const t=zr(e.account);return await n.setAccount(t,r,kr(a||{}),us.loadExternalTokens),t}if(!t&&!a)throw o.error("0hzcn4",r),Ni(gi);const c=jr(t,s.authorityType,o,i,r,a),h=a?.tid,l=ro(n,s,c,As,r,a,t,s.getPreferredCache(),h,void 0,void 0,o);return await n.setAccount(l,r,kr(a||{}),us.loadExternalTokens),l}async function Yh(e,t,r,n,o,i,s,a,c){if(!e.id_token)return a.verbose("1pm7g1",i),null;a.verbose("168lyi",i);const h=$n(t,r,e.id_token,c,n);return await s.setIdTokenCredential(h,i,o),h}async function Zh(e,t,r,n,o,i,s,a,c,h,l){if(!t.access_token)return h.verbose("1ckp9e",a),null;if(!t.expires_in)return h.error("15mzx8",a),null;if(!(t.scope||e.scopes&&e.scopes.length))return h.error("1h7xse",a),null;h.verbose("01kmxb",a);const d=t.scope?Pt.fromString(t.scope):new Pt(e.scopes),u=s.expiresOn||t.expires_in+Sn(),g=s.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+Sn(),p=Jn(r,n,t.access_token,l,o,d.printScopes(),u,g,As);return await c.setAccessTokenCredential(p,a,i),p}async function el(e,t,r,n,o,i,s,a,c){if(!e.refresh_token)return s.verbose("1l7um5",o),null;const h=e.refresh_token_expires_in?e.refresh_token_expires_in+Sn():void 0;c.addFields({extRtExpiresOnSeconds:h},o),s.verbose("0qy8ev",o);const l=Wn(t,r,e.refresh_token,a,e.foci,void 0,h);return await i.setRefreshTokenCredential(l,o,n),l}function tl(){let e;try{e=window[Zi.SessionStorage];const t=e?.getItem(ic);if(1===Number(t))return Promise.resolve().then((function(){return il}))}catch(e){}}function rl(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.now}function nl(e){if(e&&rl())return Math.round(window.performance.now()-e)}class ol{constructor(e,t){this.correlationId=t,this.measureName=ol.makeMeasureName(e,t),this.startMark=ol.makeStartMark(e,t),this.endMark=ol.makeEndMark(e,t)}static makeMeasureName(e,t){return`msal.measure.${e}.${t}`}static makeStartMark(e,t){return`msal.start.${e}.${t}`}static makeEndMark(e,t){return`msal.end.${e}.${t}`}static supportsBrowserPerformance(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.mark&&"function"==typeof window.performance.measure&&"function"==typeof window.performance.clearMarks&&"function"==typeof window.performance.clearMeasures&&"function"==typeof window.performance.getEntriesByName}static flushMeasurements(e,t){if(ol.supportsBrowserPerformance())try{t.forEach((t=>{const r=ol.makeMeasureName(t.name,e);window.performance.getEntriesByName(r,"measure").length>0&&(window.performance.clearMeasures(r),window.performance.clearMarks(ol.makeStartMark(r,e)),window.performance.clearMarks(ol.makeEndMark(r,e)))}))}catch(e){}}startMeasurement(){if(ol.supportsBrowserPerformance())try{window.performance.mark(this.startMark)}catch(e){}}endMeasurement(){if(ol.supportsBrowserPerformance())try{window.performance.mark(this.endMark),window.performance.measure(this.measureName,this.startMark,this.endMark)}catch(e){}}flushMeasurement(){if(ol.supportsBrowserPerformance())try{const e=window.performance.getEntriesByName(this.measureName,"measure");if(e.length>0){const t=e[0].duration;return window.performance.clearMeasures(this.measureName),window.performance.clearMarks(this.startMark),window.performance.clearMarks(this.endMark),t}}catch(e){}return null}}var il=Object.freeze({__proto__:null,BrowserPerformanceMeasurement:ol});const sl=G,al=x,cl=R,hl=ae,ll=p;e.ApiId=us,e.AuthError=we,e.AuthErrorCodes=Po,e.AuthenticationHeaderParser=class{constructor(e){this.headers=e}getShrNonce(){const e=this.headers[v];if(e){const t=this.parseChallenges(e);if(t.nextnonce)return t.nextnonce;throw ve(Fe)}const t=this.headers[C];if(t){const e=this.parseChallenges(t);if(e.nonce)return e.nonce;throw ve(Fe)}throw ve(De)}parseChallenges(e){const t=e.indexOf(" "),r=e.substr(t+1).split(","),n={};return r.forEach((e=>{const[t,r]=e.split("=");n[t]=unescape(r.replace(/['"]+/g,""))})),n}},e.AuthenticationScheme=sl,e.AzureCloudInstance=yr,e.BrowserAuthError=qi,e.BrowserAuthErrorCodes=Mi,e.BrowserCacheLocation=Zi,e.BrowserConfigurationAuthError=Zs,e.BrowserConfigurationAuthErrorCodes=Ys,e.BrowserPerformanceClient=class extends Lo{constructor(e,r){super(e.auth.clientId,e.auth.authority||`${t}`,new pr(e.system?.loggerOptions||{},Tc,bc),Tc,bc,e.telemetry?.application||{appName:"",appVersion:""},r)}generateId(){return Fs()}getPageVisibility(){return document.visibilityState?.toString()||null}deleteIncompleteSubMeasurements(e){tl()?.then((t=>{const r=this.eventsByCorrelationId.get(e.event.correlationId),n=r&&r.eventId===e.event.eventId,o=[];n&&r?.incompleteSubMeasurements&&r.incompleteSubMeasurements.forEach((e=>{o.push({...e})})),t.BrowserPerformanceMeasurement.flushMeasurements(e.event.correlationId,o)}))}startMeasurement(e,t){const r=this.getPageVisibility(),n=super.startMeasurement(e,t),o=rl()?window.performance.now():void 0,i=tl()?.then((t=>new t.BrowserPerformanceMeasurement(e,n.event.correlationId)));return i?.then((e=>e.startMeasurement())),{...n,end:(e,t,s)=>{const a=function(){if("undefined"==typeof window||!window.navigator)return{};const e="connection"in window.navigator?window.navigator.connection:void 0;return{effectiveType:e?.effectiveType,rtt:e?.rtt}}(),c=n.end({...e,startPageVisibility:r,endPageVisibility:this.getPageVisibility(),durationMs:nl(o),networkEffectiveType:a.effectiveType,networkRtt:a.rtt},t,s);return i?.then((e=>e.endMeasurement())),this.deleteIncompleteSubMeasurements(n),c},discard:()=>{n.discard(),i?.then((e=>e.flushMeasurement())),this.deleteIncompleteSubMeasurements(n)}}}},e.BrowserPerformanceMeasurement=ol,e.BrowserRootPerformanceEvents=ec,e.BrowserUtils=va,e.CacheLookupPolicy=Is,e.ClientAuthError=Te,e.ClientAuthErrorCodes=Et,e.ClientConfigurationError=Ce,e.ClientConfigurationErrorCodes=$e,e.DEFAULT_IFRAME_TIMEOUT_MS=1e4,e.EventHandler=xc,e.EventMessageUtils=class{static getInteractionStatusFromEvent(t,r){switch(t.eventType){case kc.ACQUIRE_TOKEN_START:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup)return ms.AcquireToken;break;case kc.HANDLE_REDIRECT_START:return ms.HandleRedirect;case kc.LOGOUT_START:return ms.Logout;case kc.LOGOUT_END:if(r&&r!==ms.Logout)break;return ms.None;case kc.HANDLE_REDIRECT_END:if(r&&r!==ms.HandleRedirect)break;return ms.None;case kc.ACQUIRE_TOKEN_SUCCESS:case kc.ACQUIRE_TOKEN_FAILURE:case kc.RESTORE_FROM_BFCACHE:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup){if(r&&r!==ms.AcquireToken)break;return ms.None}}return null}},e.EventType=kc,e.InteractionRequiredAuthError=vn,e.InteractionRequiredAuthErrorCodes=wn,e.InteractionStatus=ms,e.JsonWebTokenTypes=hl,e.LocalStorage=Cc,e.Logger=pr,e.MemoryStorage=Ka,e.NavigationClient=dh,e.OIDC_DEFAULT_SCOPES=ll,e.PromptValue=cl,e.ProtocolMode=Kr,e.PublicClientApplication=Gh,e.ResponseMode=al,e.ServerError=cn,e.SessionStorage=vc,e.SignedHttpRequest=class{constructor(e,t){const r=t&&t.loggerOptions||{};this.logger=new pr(r,Tc,bc),this.cryptoOps=new za(this.logger),this.popTokenGenerator=new zn(this.cryptoOps,new Xr),this.shrParameters=e}async generatePublicKeyThumbprint(){const{kid:e}=await this.popTokenGenerator.generateKid(this.shrParameters);return e}async signRequest(e,t,r){return this.popTokenGenerator.signPayload(e,t,this.shrParameters,r)}async removeKeys(e,t){return this.cryptoOps.removeTokenBindingKey(e,t)}},e.StubPerformanceClient=Xr,e.WrapperSKU={React:"@azure/msal-react",Angular:"@azure/msal-angular"},e.createNestablePublicClientApplication=async function(e,t,r){const n=new Wh(e);if(await n.initialize(t),n.isAvailable()){const o=t||Fs(),i=new $h(n),s=r?r(e,i):new Gh(e,i);return await s.initialize({correlationId:o}),s}return Vh(e)},e.createStandardPublicClientApplication=Vh,e.enforceResourceParameter=So,e.isPlatformBrokerAvailable=async function(e,t,r){const n=new pr(e||{},Tc,bc),o=r||"";n.trace("07660b",o);const i=t||new Xr;return"undefined"==typeof window?(n.trace("082ed3",o),!1):!!await wh(n,i,o)},e.loadExternalTokens=async function(e,t,r,n,o=new Xr){pa();const i=mh(e,!0),s=t.correlationId||Fs(),a=o.startMeasurement(Za,s);try{const c=r.id_token?vr(r.id_token,As):void 0,h=kr(c||{}),l={protocolMode:i.system.protocolMode,knownAuthorities:i.auth.knownAuthorities,cloudDiscoveryMetadata:i.auth.cloudDiscoveryMetadata,authorityMetadata:i.auth.authorityMetadata},d=new pr(i.system.loggerOptions||{}),u=new za(d,i.telemetry.client),g=new Sc(i.auth.clientId,i.cache,u,d,i.telemetry.client,new xc(d),yo(i.auth)),p=t.authority||i.auth.authority,m=await wo(mo.generateAuthority(p,t.azureCloudOptions),i.system.networkClient,g,l,d,s,o),f=await Kn(Xh,"loadAccount",d,o,s)(t,n.clientInfo||r.client_info||"",s,g,d,u,m,c),y=await Kn(Yh,"loadIdToken",d,o,s)(r,f.homeAccountId,f.environment,f.realm,h,s,g,d,e.auth.clientId),w=await Kn(Zh,"loadAccessToken",d,o,s)(t,r,f.homeAccountId,f.environment,f.realm,h,n,s,g,d,e.auth.clientId),I=await Kn(el,"loadRefreshToken",d,o,s)(r,f.homeAccountId,f.environment,h,s,g,d,e.auth.clientId,o);return a.end({success:!0},void 0,Br(f)),function(e,t,r,n){let o,i="",s=[],a=null;t?.accessToken&&(i=t.accessToken.secret,s=Pt.fromString(t.accessToken.target).asArray(),a=En(t.accessToken.expiresOn),o=En(t.accessToken.extendedExpiresOn));const c=t.account;return{authority:r.canonicalAuthority,uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:Br(c),idToken:t.idToken?.secret||"",idTokenClaims:n||{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId||"",requestId:"",extExpiresOn:o,familyId:t.refreshToken?.familyId||"",tokenType:t?.accessToken?.tokenType||"",state:e.state||"",cloudGraphHostName:c.cloudGraphHostName||"",msGraphHost:c.msGraphHost||"",fromPlatformBroker:!1}}(t,{account:f,idToken:y,accessToken:w,refreshToken:I},m,c)}catch(e){throw a.end({success:!1},e),e}},e.stubbedPublicClientApplication=Qh,e.version=bc}));
|
|
1
|
+
/*! @azure/msal-browser v5.6.2 2026-03-27 */
|
|
2
|
+
"use strict";!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).msal={})}(this,(function(e){const t="https://login.microsoftonline.com/common/",r="common",n=`${t}discovery/instance?api-version=1.1&authorization_endpoint=`,o=".ciamlogin.com",i="openid",s="profile",a="offline_access",c="S256",h="Not Available",l="http://169.254.169.254/metadata/instance/compute/location",d=["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"],u="GET",g="POST",p=[i,s,a],m=[...p,"email"],f="Content-Type",y="Content-Length",w="Retry-After",I="X-AnchorMailbox",C="WWW-Authenticate",v="Authentication-Info",k="x-ms-request-id",T="x-ms-httpver",b="active-account-filters",A="common",S="organizations",_="consumers",E="access_token",P="xms_cc",R={LOGIN:"login",SELECT_ACCOUNT:"select_account",CONSENT:"consent",NONE:"none",CREATE:"create",NO_SESSION:"no_session"},O="code",M="id_token token refresh_token",x={QUERY:"query",FRAGMENT:"fragment",FORM_POST:"form_post"},q="authorization_code",N="refresh_token",U="Generic",L={ID_TOKEN:"IdToken",ACCESS_TOKEN:"AccessToken",ACCESS_TOKEN_WITH_AUTH_SCHEME:"AccessToken_With_AuthScheme",REFRESH_TOKEN:"RefreshToken"},H="appmetadata",D="1",F="authority-metadata",K="config",B="cache",z="network",j="hardcoded_values",$=5,J="server-telemetry",W=",",G={BEARER:"Bearer",POP:"pop",SSH:"ssh-cert"},V="throttling",Q="1",X="3",Y="4",Z="2",ee="4",te="5",re="0",ne="1",oe="2",ie="3",se="4",ae={Jwt:"JWT",Jwk:"JWK",Pop:"pop"},ce="client_id",he="redirect_uri",le="token_type",de="req_cnf",ue="return_spa_code",ge="x-client-xtra-sku",pe="brk_client_id",me="brk_redirect_uri",fe="instance_aware";function ye(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class we extends Error{constructor(e,t,r){const n=t||(e?ye(e):"");super(n?`${e}: ${n}`:e),Object.setPrototypeOf(this,we.prototype),this.errorCode=e||"",this.errorMessage=n||"",this.subError=r||"",this.name="AuthError"}setCorrelationId(e){this.correlationId=e}}function Ie(e,t){return new we(e,t||ye(e))}class Ce extends we{constructor(e){super(e),this.name="ClientConfigurationError",Object.setPrototypeOf(this,Ce.prototype)}}function ve(e){return new Ce(e)}class ke{static isEmptyObj(e){if(e)try{const t=JSON.parse(e);return 0===Object.keys(t).length}catch(e){}return!0}static startsWith(e,t){return 0===e.indexOf(t)}static endsWith(e,t){return e.length>=t.length&&e.lastIndexOf(t)===e.length-t.length}static queryStringToObject(e){const t={},r=e.split("&"),n=e=>decodeURIComponent(e.replace(/\+/g," "));return r.forEach((e=>{if(e.trim()){const[r,o]=e.split(/=(.+)/g,2);r&&o&&(t[n(r)]=n(o))}})),t}static trimArrayEntries(e){return e.map((e=>e.trim()))}static removeEmptyStringsFromArray(e){return e.filter((e=>!!e))}static jsonParseHelper(e){try{return JSON.parse(e)}catch(e){return null}}}class Te extends we{constructor(e,t){super(e,t),this.name="ClientAuthError",Object.setPrototypeOf(this,Te.prototype)}}function be(e,t){return new Te(e,t)}const Ae="redirect_uri_empty",Se="authority_uri_insecure",_e="url_parse_error",Ee="empty_url_error",Pe="empty_input_scopes_error",Re="invalid_claims",Oe="token_request_empty",Me="logout_request_empty",xe="pkce_params_missing",qe="invalid_cloud_discovery_metadata",Ne="invalid_authority_metadata",Ue="untrusted_authority",Le="missing_ssh_jwk",He="missing_ssh_kid",De="missing_nonce_authentication_header",Fe="invalid_authentication_header",Ke="cannot_set_OIDCOptions",Be="cannot_allow_platform_broker",ze="authority_mismatch",je="invalid_request_method_for_EAR";var $e=Object.freeze({__proto__:null,authorityMismatch:ze,authorityUriInsecure:Se,cannotAllowPlatformBroker:Be,cannotSetOIDCOptions:Ke,claimsRequestParsingError:"claims_request_parsing_error",emptyInputScopesError:Pe,invalidAuthenticationHeader:Fe,invalidAuthorityMetadata:Ne,invalidClaims:Re,invalidCloudDiscoveryMetadata:qe,invalidCodeChallengeMethod:"invalid_code_challenge_method",invalidRequestMethodForEAR:je,logoutRequestEmpty:Me,missingNonceAuthenticationHeader:De,missingSshJwk:Le,missingSshKid:He,pkceParamsMissing:xe,redirectUriEmpty:Ae,tokenRequestEmpty:Oe,untrustedAuthority:Ue,urlEmptyError:Ee,urlParseError:_e});const Je="client_info_decoding_error",We="client_info_empty_error",Ge="token_parsing_error",Ve="null_or_empty_token",Qe="endpoints_resolution_error",Xe="network_error",Ye="openid_config_error",Ze="hash_not_deserialized",et="invalid_state",tt="state_mismatch",rt="state_not_found",nt="nonce_mismatch",ot="auth_time_not_found",it="max_age_transpired",st="multiple_matching_appMetadata",at="request_cannot_be_made",ct="cannot_remove_empty_scope",ht="cannot_append_scopeset",lt="empty_input_scopeset",dt="no_account_in_silent_request",ut="invalid_cache_record",gt="invalid_cache_environment",pt="no_account_found",mt="no_crypto_object",ft="token_refresh_required",yt="token_claims_cnf_required_for_signedjwt",wt="authorization_code_missing_from_server_response",It="binding_key_not_removed",Ct="end_session_endpoint_not_supported",vt="key_id_missing",kt="no_network_connectivity",Tt="user_canceled",bt="method_not_implemented",At="nested_app_auth_bridge_disabled",St="resource_parameter_required",_t="misplaced_resource_parameter";var Et=Object.freeze({__proto__:null,authTimeNotFound:ot,authorizationCodeMissingFromServerResponse:wt,bindingKeyNotRemoved:It,cannotAppendScopeSet:ht,cannotRemoveEmptyScope:ct,clientInfoDecodingError:Je,clientInfoEmptyError:We,emptyInputScopeSet:lt,endSessionEndpointNotSupported:Ct,endpointResolutionError:Qe,hashNotDeserialized:Ze,invalidCacheEnvironment:gt,invalidCacheRecord:ut,invalidState:et,keyIdMissing:vt,maxAgeTranspired:it,methodNotImplemented:bt,misplacedResourceParam:_t,multipleMatchingAppMetadata:st,multipleMatchingTokens:"multiple_matching_tokens",nestedAppAuthBridgeDisabled:At,networkError:Xe,noAccountFound:pt,noAccountInSilentRequest:dt,noCryptoObject:mt,noNetworkConnectivity:kt,nonceMismatch:nt,nullOrEmptyToken:Ve,openIdConfigError:Ye,platformBrokerError:"platform_broker_error",requestCannotBeMade:at,resourceParameterRequired:St,stateMismatch:tt,stateNotFound:rt,tokenClaimsCnfRequiredForSignedJwt:yt,tokenParsingError:Ge,tokenRefreshRequired:ft,unexpectedCredentialType:"unexpected_credential_type",userCanceled:Tt});class Pt{constructor(e){const t=e?ke.trimArrayEntries([...e]):[],r=t?ke.removeEmptyStringsFromArray(t):[];if(!r||!r.length)throw ve(Pe);this.scopes=new Set,r.forEach((e=>this.scopes.add(e)))}static fromString(e){const t=(e||"").split(" ");return new Pt(t)}static createSearchScopes(e){const t=e&&e.length>0?e:[...p],r=new Pt(t);return r.containsOnlyOIDCScopes()?r.removeScope(a):r.removeOIDCScopes(),r}containsScope(e){const t=this.printScopesLowerCase().split(" "),r=new Pt(t);return!!e&&r.scopes.has(e.toLowerCase())}containsScopeSet(e){return!(!e||e.scopes.size<=0)&&(this.scopes.size>=e.scopes.size&&e.asArray().every((e=>this.containsScope(e))))}containsOnlyOIDCScopes(){let e=0;return m.forEach((t=>{this.containsScope(t)&&(e+=1)})),this.scopes.size===e}appendScope(e){e&&this.scopes.add(e.trim())}appendScopes(e){try{e.forEach((e=>this.appendScope(e)))}catch(e){throw be(ht)}}removeScope(e){if(!e)throw be(ct);this.scopes.delete(e.trim())}removeOIDCScopes(){m.forEach((e=>{this.scopes.delete(e)}))}unionScopeSets(e){if(!e)throw be(lt);const t=new Set;return e.scopes.forEach((e=>t.add(e.toLowerCase()))),this.scopes.forEach((e=>t.add(e.toLowerCase()))),t}intersectingScopeSets(e){if(!e)throw be(lt);e.containsOnlyOIDCScopes()||e.removeOIDCScopes();const t=this.unionScopeSets(e),r=e.getScopeCount(),n=this.getScopeCount();return t.size<n+r}getScopeCount(){return this.scopes.size}asArray(){const e=[];return this.scopes.forEach((t=>e.push(t))),e}printScopes(){if(this.scopes){return this.asArray().join(" ")}return""}printScopesLowerCase(){return this.printScopes().toLowerCase()}}function Rt(e,t,r){if(!t)return;const n=e.get(ce);n&&e.has(pe)&&r?.addFields({embeddedClientId:n,embeddedRedirectUri:e.get(he)},t)}function Ot(e,t){e.set("response_type",t)}function Mt(e,t,r=!0,n=p){!r||n.includes("openid")||t.includes("openid")||n.push("openid");const o=r?[...t||[],...n]:t||[],i=new Pt(o);e.set("scope",i.printScopes())}function xt(e,t){e.set(ce,t)}function qt(e,t){e.set(he,t)}function Nt(e,t){e.set("login_hint",t)}function Ut(e,t){e.set(I,`UPN:${t}`)}function Lt(e,t){e.set(I,`Oid:${t.uid}@${t.utid}`)}function Ht(e,t){e.set("sid",t)}function Dt(e,t,r){const n=Yt(t,r);try{JSON.parse(n)}catch(e){throw ve(Re)}e.set("claims",n)}function Ft(e,t){e.set("client-request-id",t)}function Kt(e,t){e.set("x-client-SKU",t.sku),e.set("x-client-VER",t.version),t.os&&e.set("x-client-OS",t.os),t.cpu&&e.set("x-client-CPU",t.cpu)}function Bt(e,t){t?.appName&&e.set("x-app-name",t.appName),t?.appVersion&&e.set("x-app-ver",t.appVersion)}function zt(e,t){t&&e.set("state",t)}function jt(e,t,r){if(!t||!r)throw ve(xe);e.set("code_challenge",t),e.set("code_challenge_method",r)}function $t(e,t){e.set("client_secret",t)}function Jt(e,t){t&&e.set("client_assertion",t)}function Wt(e,t){t&&e.set("client_assertion_type",t)}function Gt(e,t){e.set("grant_type",t)}function Vt(e){e.set("client_info","1")}function Qt(e){e.has(fe)||e.set(fe,"true")}function Xt(e,t){Object.entries(t).forEach((([t,r])=>{!e.has(t)&&r&&e.set(t,r)}))}function Yt(e,t){let r;if(e)try{r=JSON.parse(e)}catch(e){throw ve(Re)}else r={};return t&&t.length>0&&(r.hasOwnProperty(E)||(r[E]={}),r[E][P]={values:t}),JSON.stringify(r)}function Zt(e,t){t&&(e.set(le,G.POP),e.set(de,t))}function er(e,t){t&&(e.set(le,G.SSH),e.set(de,t))}function tr(e,t){e.set("x-client-current-telemetry",t.generateCurrentRequestHeaderValue()),e.set("x-client-last-telemetry",t.generateLastRequestHeaderValue())}function rr(e){e.set("x-ms-lib-capability","retry-after, h429")}function nr(e,t,r){e.has(pe)||e.set(pe,t),e.has(me)||e.set(me,r)}function or(e,t){t&&e.set("resource",t)}function ir(e){if(!e)return e;let t=e.toLowerCase();return ke.endsWith(t,"?")?t=t.slice(0,-1):ke.endsWith(t,"?/")&&(t=t.slice(0,-2)),ke.endsWith(t,"/")||(t+="/"),t}function sr(e){return e.startsWith("#/")?e.substring(2):e.startsWith("#")||e.startsWith("?")?e.substring(1):e}function ar(e){if(!e||e.indexOf("=")<0)return null;try{const t=sr(e),r=Object.fromEntries(new URLSearchParams(t));if(r.code||r.ear_jwe||r.error||r.error_description||r.state)return r}catch(e){throw be(Ze)}return null}function cr(e){const t=new Array;return e.forEach(((e,r)=>{t.push(`${r}=${encodeURIComponent(e)}`)})),t.join("&")}function hr(e){if(!e)return e;const t=e.split("#")[0];try{const e=new URL(t);return ir(e.origin+e.pathname+e.search)}catch(e){return ir(t)}}const lr={createNewGuid:()=>{throw be(bt)},base64Decode:()=>{throw be(bt)},base64Encode:()=>{throw be(bt)},base64UrlEncode:()=>{throw be(bt)},encodeKid:()=>{throw be(bt)},async getPublicKeyThumbprint(){throw be(bt)},async removeTokenBindingKey(){throw be(bt)},async clearKeystore(){throw be(bt)},async signJwt(){throw be(bt)},async hashString(){throw be(bt)}};var dr;e.LogLevel=void 0,(dr=e.LogLevel||(e.LogLevel={}))[dr.Error=0]="Error",dr[dr.Warning=1]="Warning",dr[dr.Info=2]="Info",dr[dr.Verbose=3]="Verbose",dr[dr.Trace=4]="Trace";const ur=new Map;function gr(e,t){const r=Date.now();let n=ur.get(e);if(n)!function(e,t){ur.delete(e),ur.set(e,t)}(e,n);else if(n={logs:[],firstEventTime:r},ur.set(e,n),ur.size>50){const e=ur.keys().next().value;e&&ur.delete(e)}n.logs.push({...t,milliseconds:r-n.firstEventTime}),n.logs.length>500&&n.logs.shift()}class pr{constructor(t,r,n){this.level=e.LogLevel.Info;const o=t||pr.createDefaultLoggerOptions();this.localCallback=o.loggerCallback||(()=>{}),this.piiLoggingEnabled=o.piiLoggingEnabled||!1,this.level="number"==typeof o.logLevel?o.logLevel:e.LogLevel.Info,this.packageName=r||"",this.packageVersion=n||""}static createDefaultLoggerOptions(){return{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info}}clone(e,t){return new pr({loggerCallback:this.localCallback,piiLoggingEnabled:this.piiLoggingEnabled,logLevel:this.level},e,t)}logMessage(t,r){const n=r.correlationId;if(function(e){if(6!==e.length)return!1;for(let t=0;t<e.length;t++){const r=e[t];if(!(r>="a"&&r<="z"||r>="A"&&r<="Z"||r>="0"&&r<="9"))return!1}return!0}(t)){gr(n,{hash:t,level:r.logLevel,containsPii:r.containsPii||!1,milliseconds:0})}if(r.logLevel>this.level||!this.piiLoggingEnabled&&r.containsPii)return;const o=`${`[${(new Date).toUTCString()}] : [${n}]`} : ${this.packageName}@${this.packageVersion} : ${e.LogLevel[r.logLevel]} - ${t}`;this.executeCallback(r.logLevel,o,r.containsPii||!1)}executeCallback(e,t,r){this.localCallback&&this.localCallback(e,t,r)}error(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!1,correlationId:r})}errorPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!0,correlationId:r})}warning(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!1,correlationId:r})}warningPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!0,correlationId:r})}info(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!1,correlationId:r})}infoPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!0,correlationId:r})}verbose(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!1,correlationId:r})}verbosePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!0,correlationId:r})}trace(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!1,correlationId:r})}tracePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!0,correlationId:r})}isPiiLoggingEnabled(){return this.piiLoggingEnabled||!1}}const mr="@azure/msal-common",fr="16.4.0",yr={None:"none",AzurePublic:"https://login.microsoftonline.com",AzurePpe:"https://login.windows-ppe.net",AzureChina:"https://login.chinacloudapi.cn",AzureGermany:"https://login.microsoftonline.de",AzureUsGovernment:"https://login.microsoftonline.us"};function wr(e,t){return!!e&&!!t&&e===t.split(".")[1]}function Ir(e,t,r,n){if(n){const{oid:t,sub:r,tid:o,name:i,tfp:s,acr:a,preferred_username:c,upn:h,login_hint:l}=n,d=o||s||a||"";return{tenantId:d,localAccountId:t||r||"",name:i,username:c||h||"",loginHint:l,isHomeTenant:wr(d,e)}}return{tenantId:r,localAccountId:t,username:"",isHomeTenant:wr(r,e)}}function Cr(e,t,r,n){let o=e;if(t){const{isHomeTenant:r,...n}=t;o={...e,...n}}if(r){const{isHomeTenant:t,...i}=Ir(e.homeAccountId,e.localAccountId,e.tenantId,r);return o={...o,...i,idTokenClaims:r,idToken:n},o}return o}function vr(e,t){const r=function(e){if(!e)throw be(Ve);const t=/^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/.exec(e);if(!t||t.length<4)throw be(Ge);return t[2]}(e);try{const e=t(r);return JSON.parse(e)}catch(e){throw be(Ge)}}function kr(e){if(!e.signin_state)return!1;const t=["kmsi","dvc_dmjd"];return e.signin_state.some((e=>t.includes(e.trim().toLowerCase())))}function Tr(e,t){if(0===t||Date.now()-3e5>e+t)throw be(it)}class br{get urlString(){return this._urlString}constructor(e){if(this._urlString=e,!this._urlString)throw ve(Ee);e.includes("#")||(this._urlString=br.canonicalizeUri(e))}static canonicalizeUri(e){if(e){let t=e.toLowerCase();return ke.endsWith(t,"?")?t=t.slice(0,-1):ke.endsWith(t,"?/")&&(t=t.slice(0,-2)),ke.endsWith(t,"/")||(t+="/"),t}return e}validateAsUri(){let e;try{e=this.getUrlComponents()}catch(e){throw ve(_e)}if(!e.HostNameAndPort||!e.PathSegments)throw ve(_e);if(!e.Protocol||"https:"!==e.Protocol.toLowerCase())throw ve(Se)}static appendQueryString(e,t){return t?e.indexOf("?")<0?`${e}?${t}`:`${e}&${t}`:e}static removeHashFromUrl(e){return br.canonicalizeUri(e.split("#")[0])}replaceTenantPath(e){const t=this.getUrlComponents(),r=t.PathSegments;return!e||0===r.length||r[0]!==A&&r[0]!==S||(r[0]=e),br.constructAuthorityUriFromObject(t)}getUrlComponents(){const e=RegExp("^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?"),t=this.urlString.match(e);if(!t)throw ve(_e);const r={Protocol:t[1],HostNameAndPort:t[4],AbsolutePath:t[5],QueryString:t[7]};let n=r.AbsolutePath.split("/");return n=n.filter((e=>e&&e.length>0)),r.PathSegments=n,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(e){const t=RegExp("^([^:/?#]+://)?([^/?#]*)"),r=e.match(t);if(!r)throw ve(_e);return r[2]}static getAbsoluteUrl(e,t){if("/"===e[0]){const r=new br(t).getUrlComponents();return r.Protocol+"//"+r.HostNameAndPort+e}return e}static constructAuthorityUriFromObject(e){return new br(e.Protocol+"//"+e.HostNameAndPort+"/"+e.PathSegments.join("/"))}}const Ar={endpointMetadata:[{host:"login.microsoftonline.com"},{host:"login.chinacloudapi.cn",issuerHost:"login.partner.microsoftonline.cn"},{host:"login.microsoftonline.us"},{host:"login.sovcloud-identity.fr"},{host:"login.sovcloud-identity.de"},{host:"login.sovcloud-identity.sg"}].reduce(((e,{host:t,issuerHost:r})=>(e[t]=function(e,t){return{token_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/token`,jwks_uri:`https://${e}/{tenantid}/discovery/v2.0/keys`,issuer:`https://${t}/{tenantid}/v2.0`,authorization_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/authorize`,end_session_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/logout`}}(t,r||t),e)),{}),instanceDiscoveryMetadata:{metadata:[{preferred_network:"login.microsoftonline.com",preferred_cache:"login.windows.net",aliases:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{preferred_network:"login.partner.microsoftonline.cn",preferred_cache:"login.partner.microsoftonline.cn",aliases:["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{preferred_network:"login.microsoftonline.de",preferred_cache:"login.microsoftonline.de",aliases:["login.microsoftonline.de"]},{preferred_network:"login.microsoftonline.us",preferred_cache:"login.microsoftonline.us",aliases:["login.microsoftonline.us","login.usgovcloudapi.net"]},{preferred_network:"login-us.microsoftonline.com",preferred_cache:"login-us.microsoftonline.com",aliases:["login-us.microsoftonline.com"]},{preferred_network:"login.sovcloud-identity.fr",preferred_cache:"login.sovcloud-identity.fr",aliases:["login.sovcloud-identity.fr"]},{preferred_network:"login.sovcloud-identity.de",preferred_cache:"login.sovcloud-identity.de",aliases:["login.sovcloud-identity.de"]},{preferred_network:"login.sovcloud-identity.sg",preferred_cache:"login.sovcloud-identity.sg",aliases:["login.sovcloud-identity.sg"]}]}},Sr=Ar.endpointMetadata,_r=Ar.instanceDiscoveryMetadata,Er=new Set;function Pr(e,t,r,n,o){if(e.trace("1bmquz",t),r&&n){const o=Rr(n,r);if(o)return e.trace("1fotbt",t),o.aliases;e.trace("14avvj",t)}return null}function Rr(e,t){for(let r=0;r<e.length;r++){const n=e[r];if(n.aliases.includes(t))return n}return null}_r.metadata.forEach((e=>{e.aliases.forEach((e=>{Er.add(e)}))}));const Or="cache_quota_exceeded";class Mr extends Error{constructor(e,t){const r=t||ye(e);super(r),Object.setPrototypeOf(this,Mr.prototype),this.name="CacheError",this.errorCode=e,this.errorMessage=r}}function xr(e){return e instanceof Error?"QuotaExceededError"===e.name||"NS_ERROR_DOM_QUOTA_REACHED"===e.name||e.message.includes("exceeded the quota")?new Mr(Or):new Mr(e.name,e.message):new Mr("cache_error_unknown")}function qr(e,t){if(!e)throw be(We);try{const r=t(e);return JSON.parse(r)}catch(e){throw be(Je)}}function Nr(e){if(!e)throw be(Je);const t=e.split(".",2);return{uid:t[0],utid:t.length<2?"":t[1]}}const Ur=0,Lr=1,Hr=2,Dr=3;function Fr(e){if(e){return e.tid||e.tfp||e.acr||null}return null}const Kr={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"};function Br(e){const t=e.tenantProfiles||[];return 0===t.length&&e.realm&&e.localAccountId&&t.push(Ir(e.homeAccountId,e.localAccountId,e.realm)),{homeAccountId:e.homeAccountId,environment:e.environment,tenantId:e.realm,username:e.username,localAccountId:e.localAccountId,loginHint:e.loginHint,name:e.name,nativeAccountId:e.nativeAccountId,authorityType:e.authorityType,tenantProfiles:new Map(t.map((e=>[e.tenantId,e]))),dataBoundary:e.dataBoundary}}function zr(e,t,r){const n=Array.from(e.tenantProfiles?.values()||[]);return 0===n.length&&e.tenantId&&e.localAccountId&&n.push(Ir(e.homeAccountId,e.localAccountId,e.tenantId,e.idTokenClaims)),{authorityType:e.authorityType||U,homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,nativeAccountId:e.nativeAccountId,realm:e.tenantId,environment:e.environment,username:e.username,loginHint:e.loginHint,name:e.name,cloudGraphHostName:t,msGraphHost:r,tenantProfiles:n,dataBoundary:e.dataBoundary}}function jr(e,t,r,n,o,i){if(t!==Lr&&t!==Hr){if(e)try{const t=qr(e,n.base64Decode);if(t.uid&&t.utid)return`${t.uid}.${t.utid}`}catch(e){}r.warning("1ub6wv",o)}return i?.sub||""}class $r{constructor(e,t,r,n,o){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(mr,fr),this.staticAuthorityOptions=o,this.performanceClient=n}getAllAccounts(e={},t){return this.buildTenantProfiles(this.getAccountsFilteredBy(e,t),t,e)}getAccountInfoFilteredBy(e,t){if(0===Object.keys(e).length||Object.values(e).every((e=>null==e||""===e)))return this.commonLogger.warning("1skb02",t),null;const r=this.getAllAccounts(e,t);if(r.length>1){return r.sort((e=>e.idTokenClaims?-1:1))[0]}return 1===r.length?r[0]:null}getBaseAccountInfo(e,t){const r=this.getAccountsFilteredBy(e,t);return r.length>0?Br(r[0]):null}buildTenantProfiles(e,t,r){return e.flatMap((e=>this.getTenantProfilesFromAccountEntity(e,t,r?.tenantId,r)))}getTenantedAccountInfoByFilter(e,t,r,n,o){let i,s=null;if(o&&!this.tenantProfileMatchesFilter(r,o))return null;const a=this.getIdToken(e,n,t,r.tenantId);return a&&(i=vr(a.secret,this.cryptoImpl.base64Decode),!this.idTokenClaimsMatchTenantProfileFilter(i,o))?null:(s=Cr(e,r,i,a?.secret),s)}getTenantProfilesFromAccountEntity(e,t,r,n){const o=Br(e);let i=o.tenantProfiles||new Map;const s=this.getTokenKeys();if(r){const e=i.get(r);if(!e)return[];i=new Map([[r,e]])}const a=[];return i.forEach((e=>{const r=this.getTenantedAccountInfoByFilter(o,s,e,t,n);r&&a.push(r)})),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId))&&((!t.name||e.name===t.name)&&(void 0===t.isHomeTenant||e.isHomeTenant===t.isHomeTenant))}idTokenClaimsMatchTenantProfileFilter(e,t){if(t){if(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId))return!1;if(t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint))return!1;if(t.username&&!this.matchUsername(e.preferred_username,t.username))return!1;if(t.name&&!this.matchName(e,t.name))return!1;if(t.sid&&!this.matchSid(e,t.sid))return!1}return!0}async saveCacheRecord(e,t,r,n,o){if(!e)throw be(ut);try{e.account&&await this.setAccount(e.account,t,r,n),e.idToken&&!1!==o?.idToken&&await this.setIdTokenCredential(e.idToken,t,r),e.accessToken&&!1!==o?.accessToken&&await this.saveAccessToken(e.accessToken,t,r),e.refreshToken&&!1!==o?.refreshToken&&await this.setRefreshTokenCredential(e.refreshToken,t,r),e.appMetadata&&this.setAppMetadata(e.appMetadata,t)}catch(e){throw this.commonLogger?.error("0j476p",t),e instanceof we?e:xr(e)}}async saveAccessToken(e,t,r){const n={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType},o=this.getTokenKeys(),i=Pt.fromString(e.target);o.accessToken.forEach((e=>{if(!this.accessTokenKeyMatchesFilter(e,n,!1))return;const r=this.getAccessTokenCredential(e,t);if(r&&this.credentialMatchesFilter(r,n,t)){Pt.fromString(r.target).intersectingScopeSets(i)&&this.removeAccessToken(e,t)}})),await this.setAccessTokenCredential(e,t,r)}getAccountsFilteredBy(e,t){const r=this.getAccountKeys(),n=[];return r.forEach((r=>{const o=this.getAccount(r,t);if(!o)return;if(e.homeAccountId&&!this.matchHomeAccountId(o,e.homeAccountId))return;if(e.username&&!this.matchUsername(o.username,e.username))return;if(e.environment&&!this.matchEnvironment(o,e.environment,t))return;if(e.realm&&!this.matchRealm(o,e.realm))return;if(e.nativeAccountId&&!this.matchNativeAccountId(o,e.nativeAccountId))return;if(e.authorityType&&!this.matchAuthorityType(o,e.authorityType))return;const i={localAccountId:e?.localAccountId,name:e?.name},s=o.tenantProfiles?.filter((e=>this.tenantProfileMatchesFilter(e,i)));s&&0===s.length||n.push(o)})),n}credentialMatchesFilter(e,t,r){if(t.clientId&&!this.matchClientId(e,t.clientId))return!1;if(t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash))return!1;if("string"==typeof t.homeAccountId&&!this.matchHomeAccountId(e,t.homeAccountId))return!1;if(t.environment&&!this.matchEnvironment(e,t.environment,r))return!1;if(t.realm&&!this.matchRealm(e,t.realm))return!1;if(t.credentialType&&!this.matchCredentialType(e,t.credentialType))return!1;if(t.familyId&&!this.matchFamilyId(e,t.familyId))return!1;if(t.target&&!this.matchTarget(e,t.target))return!1;if(e.credentialType===L.ACCESS_TOKEN_WITH_AUTH_SCHEME){if(t.tokenType&&!this.matchTokenType(e,t.tokenType))return!1;if(t.tokenType===G.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId))return!1}return!0}getAppMetadataFilteredBy(e,t){const r=this.getKeys(),n={};return r.forEach((r=>{if(!this.isAppMetadata(r))return;const o=this.getAppMetadata(r,t);o&&(e.environment&&!this.matchEnvironment(o,e.environment,t)||e.clientId&&!this.matchClientId(o,e.clientId)||(n[r]=o))})),n}getAuthorityMetadataByAlias(e,t){const r=this.getAuthorityMetadataKeys();let n=null;return r.forEach((r=>{if(!this.isAuthorityMetadata(r)||-1===r.indexOf(this.clientId))return;const o=this.getAuthorityMetadata(r,t);o&&-1!==o.aliases.indexOf(e)&&(n=o)})),n}removeAllAccounts(e){this.getAllAccounts({},e).forEach((t=>{this.removeAccount(t,e)}))}removeAccount(e,t){this.removeAccountContext(e,t);this.getAccountKeys().filter((t=>t.includes(e.homeAccountId)&&t.includes(e.environment))).forEach((e=>{this.removeItem(e,t),this.performanceClient.incrementFields({accountsRemoved:1},t)}))}removeAccountContext(e,t){const r=this.getTokenKeys(),n=t=>t.includes(e.homeAccountId)&&t.includes(e.environment);r.idToken.filter(n).forEach((e=>{this.removeIdToken(e,t)})),r.accessToken.filter(n).forEach((e=>{this.removeAccessToken(e,t)})),r.refreshToken.filter(n).forEach((e=>{this.removeRefreshToken(e,t)}))}removeAccessToken(e,t){const r=this.getAccessTokenCredential(e,t);if(r&&(this.removeItem(e,t),this.performanceClient.incrementFields({accessTokensRemoved:1},t),r.credentialType.toLowerCase()===L.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()&&r.tokenType===G.POP)){const e=r.keyId;e&&this.cryptoImpl.removeTokenBindingKey(e,t).catch((()=>{this.commonLogger.error("0cx291",t),this.performanceClient?.incrementFields({removeTokenBindingKeyFailure:1},t)}))}}removeAppMetadata(e){return this.getKeys().forEach((t=>{this.isAppMetadata(t)&&this.removeItem(t,e)})),!0}getIdToken(e,t,r,n){this.commonLogger.trace("1drz22",t);const o={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:L.ID_TOKEN,clientId:this.clientId,realm:n},i=this.getIdTokensByFilter(o,t,r),s=i.size;if(s<1)return this.commonLogger.info("1atvtd",t),null;if(s>1){let r=i;if(!n){const n=new Map;i.forEach(((t,r)=>{t.realm===e.tenantId&&n.set(r,t)}));const o=n.size;if(o<1)return this.commonLogger.info("0ooalx",t),i.values().next().value;if(1===o)return this.commonLogger.info("1eq2vc",t),n.values().next().value;r=n}return this.commonLogger.info("1ws328",t),r.forEach(((e,r)=>{this.removeIdToken(r,t)})),this.performanceClient.addFields({multiMatchedID:i.size},t),null}return this.commonLogger.info("1sm769",t),i.values().next().value}getIdTokensByFilter(e,t,r){const n=r&&r.idToken||this.getTokenKeys().idToken,o=new Map;return n.forEach((r=>{if(!this.idTokenKeyMatchesFilter(r,{clientId:this.clientId,...e}))return;const n=this.getIdTokenCredential(r,t);n&&this.credentialMatchesFilter(n,e,t)&&o.set(r,n)})),o}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.clientId||-1!==r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase()))}removeIdToken(e,t){this.removeItem(e,t)}removeRefreshToken(e,t){this.removeItem(e,t)}getAccessToken(e,t,r,n){const o=t.correlationId;this.commonLogger.trace("1t7hz1",o);const i=Pt.createSearchScopes(t.scopes),s=t.authenticationScheme||G.BEARER,a=s&&s.toLowerCase()!==G.BEARER.toLowerCase()?L.ACCESS_TOKEN_WITH_AUTH_SCHEME:L.ACCESS_TOKEN,c={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:a,clientId:this.clientId,realm:n||e.tenantId,target:i,tokenType:s,keyId:t.sshKid},h=r&&r.accessToken||this.getTokenKeys().accessToken,l=[];h.forEach((e=>{if(this.accessTokenKeyMatchesFilter(e,c,!0)){const t=this.getAccessTokenCredential(e,o);t&&this.credentialMatchesFilter(t,c,o)&&l.push(t)}}));const d=l.length;return d<1?(this.commonLogger.info("1nckna",o),null):d>1?(this.commonLogger.info("1wkfwp",o),l.forEach((e=>{this.removeAccessToken(this.generateCredentialKey(e),o)})),this.performanceClient.addFields({multiMatchedAT:l.length},o),null):(this.commonLogger.info("06yt98",o),l[0])}accessTokenKeyMatchesFilter(e,t,r){const n=e.toLowerCase();if(t.clientId&&-1===n.indexOf(t.clientId.toLowerCase()))return!1;if(t.homeAccountId&&-1===n.indexOf(t.homeAccountId.toLowerCase()))return!1;if(t.realm&&-1===n.indexOf(t.realm.toLowerCase()))return!1;if(t.target){const e=t.target.asArray();for(let t=0;t<e.length;t++){if(r&&!n.includes(e[t].toLowerCase()))return!1;if(!r&&n.includes(e[t].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e,t){const r=this.getTokenKeys(),n=[];return r.accessToken.forEach((r=>{if(!this.accessTokenKeyMatchesFilter(r,e,!0))return;const o=this.getAccessTokenCredential(r,t);o&&this.credentialMatchesFilter(o,e,t)&&n.push(o)})),n}getRefreshToken(e,t,r,n){this.commonLogger.trace("0x53vi",r);const o=t?D:void 0,i={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:L.REFRESH_TOKEN,clientId:this.clientId,familyId:o},s=n&&n.refreshToken||this.getTokenKeys().refreshToken,a=[];s.forEach((e=>{if(this.refreshTokenKeyMatchesFilter(e,i)){const t=this.getRefreshTokenCredential(e,r);t&&this.credentialMatchesFilter(t,i,r)&&a.push(t)}}));const c=a.length;return c<1?(this.commonLogger.info("0dlw11",r),null):(c>1&&this.performanceClient.addFields({multiMatchedRT:c},r),this.commonLogger.info("0wcnep",r),a[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.familyId||-1!==r.indexOf(t.familyId.toLowerCase()))&&(!(!t.familyId&&t.clientId&&-1===r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase())))}readAppMetadataFromCache(e,t){const r={environment:e,clientId:this.clientId},n=this.getAppMetadataFilteredBy(r,t),o=Object.keys(n).map((e=>n[e])),i=o.length;if(i<1)return null;if(i>1)throw be(st);return o[0]}isAppMetadataFOCI(e,t){const r=this.readAppMetadataFromCache(e,t);return!(!r||r.familyId!==D)}matchHomeAccountId(e,t){return!("string"!=typeof e.homeAccountId||t!==e.homeAccountId)}matchLocalAccountIdFromTokenClaims(e,t){return t===(e.oid||e.sub)}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){return!(t.toLowerCase()!==e.name?.toLowerCase())}matchUsername(e,t){return!(!e||"string"!=typeof e||t?.toLowerCase()!==e.toLowerCase())}matchUserAssertionHash(e,t){return!(!e.userAssertionHash||t!==e.userAssertionHash)}matchEnvironment(e,t,r){if(this.staticAuthorityOptions){const n=function(e,t,r){let n;const o=e.canonicalAuthority;if(o){const i=new br(o).getUrlComponents().HostNameAndPort;n=Pr(t,r,i,e.cloudDiscoveryMetadata?.metadata)||Pr(t,r,i,_r.metadata)||e.knownAuthorities}return n||[]}(this.staticAuthorityOptions,this.commonLogger,r);if(n.includes(t)&&n.includes(e.environment))return!0}const n=this.getAuthorityMetadataByAlias(t,r);return!!(n&&n.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!(!e.clientId||t!==e.clientId)}matchFamilyId(e,t){return!(!e.familyId||t!==e.familyId)}matchRealm(e,t){return!(e.realm?.toLowerCase()!==t.toLowerCase())}matchNativeAccountId(e,t){return!(!e.nativeAccountId||t!==e.nativeAccountId)}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t||(e.preferred_username===t||e.upn===t)}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!(!e.authorityType||t.toLowerCase()!==e.authorityType.toLowerCase())}matchTarget(e,t){if(e.credentialType!==L.ACCESS_TOKEN&&e.credentialType!==L.ACCESS_TOKEN_WITH_AUTH_SCHEME||!e.target)return!1;return Pt.fromString(e.target).containsScopeSet(t)}matchTokenType(e,t){return!(!e.tokenType||e.tokenType!==t)}matchKeyId(e,t){return!(!e.keyId||e.keyId!==t)}isAppMetadata(e){return-1!==e.indexOf(H)}isAuthorityMetadata(e){return-1!==e.indexOf(F)}generateAuthorityMetadataCacheKey(e){return`${F}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class Jr extends $r{async setAccount(){throw be(bt)}getAccount(){throw be(bt)}async setIdTokenCredential(){throw be(bt)}getIdTokenCredential(){throw be(bt)}async setAccessTokenCredential(){throw be(bt)}getAccessTokenCredential(){throw be(bt)}async setRefreshTokenCredential(){throw be(bt)}getRefreshTokenCredential(){throw be(bt)}setAppMetadata(){throw be(bt)}getAppMetadata(){throw be(bt)}setServerTelemetry(){throw be(bt)}getServerTelemetry(){throw be(bt)}setAuthorityMetadata(){throw be(bt)}getAuthorityMetadata(){throw be(bt)}getAuthorityMetadataKeys(){throw be(bt)}setThrottlingCache(){throw be(bt)}getThrottlingCache(){throw be(bt)}removeItem(){throw be(bt)}getKeys(){throw be(bt)}getAccountKeys(){throw be(bt)}getTokenKeys(){throw be(bt)}generateCredentialKey(){throw be(bt)}generateAccountKey(){throw be(bt)}}const Wr=1,Gr=2,Vr="ext.",Qr=new Set(["accessTokenSize","durationMs","idTokenSize","matsSilentStatus","matsHttpStatus","refreshTokenSize","startTimeMs","status","multiMatchedAT","multiMatchedID","multiMatchedRT","unencryptedCacheCount","encryptedCacheExpiredCount","oldAccountCount","oldAccessCount","oldIdCount","oldRefreshCount","currAccountCount","currAccessCount","currIdCount","currRefreshCount","expiredCacheRemovedCount","upgradedCacheCount","networkRtt","redirectBridgeTimeoutMs","redirectBridgeMessageVersion"]);class Xr{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:Wr,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""}}}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}const Yr={tokenRenewalOffsetSeconds:300,preventCorsPreflight:!1},Zr={loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info,correlationId:""},en={async sendGetRequestAsync(){throw be(bt)},async sendPostRequestAsync(){throw be(bt)}},tn={sku:"msal.js.common",version:fr,cpu:"",os:""},rn={clientSecret:"",clientAssertion:void 0},nn={azureCloudInstance:yr.None,tenant:`${r}`},on={application:{appName:"",appVersion:""}};function sn({authOptions:e,systemOptions:t,loggerOptions:r,storageInterface:n,networkInterface:o,cryptoInterface:i,clientCredentials:s,libraryInfo:a,telemetry:c,serverTelemetryManager:h,persistencePlugin:l,serializableCache:d}){const u={...Zr,...r};return{authOptions:(g=e,{clientCapabilities:[],azureCloudOptions:nn,instanceAware:!1,isMcp:!1,...g}),systemOptions:{...Yr,...t},loggerOptions:u,storageInterface:n||new Jr(e.clientId,lr,new pr(u),new Xr),networkInterface:o||en,cryptoInterface:i||lr,clientCredentials:s||rn,libraryInfo:{...tn,...a},telemetry:{...on,...c},serverTelemetryManager:h||null,persistencePlugin:l||null,serializableCache:d||null};var g}function an(e){return e.authOptions.authority.options.protocolMode===Kr.OIDC}class cn extends we{constructor(e,t,r,n,o){super(e,t,r),this.name="ServerError",this.errorNo=n,this.status=o,Object.setPrototypeOf(this,cn.prototype)}}const hn="no_tokens_found",ln="native_account_unavailable",dn="refresh_token_expired",un="ux_not_allowed",gn="interaction_required",pn="consent_required",mn="login_required",fn="bad_token",yn="interrupted_user";var wn=Object.freeze({__proto__:null,badToken:fn,consentRequired:pn,interactionRequired:gn,interruptedUser:yn,loginRequired:mn,nativeAccountUnavailable:ln,noTokensFound:hn,refreshTokenExpired:dn,uxNotAllowed:un});const In=[gn,pn,mn,fn,un,yn],Cn=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token","ux_not_allowed","interrupted_user"];class vn extends we{constructor(e,t,r,n,o,i,s,a){super(e,t,r),Object.setPrototypeOf(this,vn.prototype),this.timestamp=n||"",this.traceId=o||"",this.correlationId=i||"",this.claims=s||"",this.name="InteractionRequiredAuthError",this.errorNo=a}}function kn(e,t,r){const n=!!e&&In.indexOf(e)>-1,o=!!r&&Cn.indexOf(r)>-1,i=!!t&&In.some((e=>t.indexOf(e)>-1));return n||i||o}function Tn(e,t){return new vn(e,t)}function bn(e,t,r){const n=function(e,t){if(!e)throw be(mt);const r={id:e.createNewGuid()};t&&(r.meta=t);const n=JSON.stringify(r);return e.base64Encode(n)}(e,r);return t?`${n}|${t}`:n}function An(e,t){if(!e)throw be(mt);if(!t)throw be(et);try{const r=t.split("|"),n=r[0],o=r.length>1?r.slice(1).join("|"):"",i=e(n);return{userRequestState:o||"",libraryState:JSON.parse(i)}}catch(e){throw be(et)}}function Sn(){return Math.round((new Date).getTime()/1e3)}function _n(e){return e.getTime()/1e3}function En(e){return e?new Date(1e3*Number(e)):new Date}function Pn(e,t){const r=Number(e)||0;return Sn()+t>r}function Rn(e,t){const r=Number(e)+24*t*60*60*1e3;return Date.now()>r}function On(e){return Number(e)>Sn()}const Mn="networkClientSendPostRequestAsync",xn="refreshTokenClientAcquireTokenWithCachedRefreshToken",qn="getAuthCodeUrl",Nn="handleCodeResponseFromServer",Un="popTokenGenerateCnf",Ln="handleServerTokenResponse",Hn="authorityUpdateMetadataWithRegionalInformation",Dn="regionDiscoveryGetRegionFromIMDS",Fn=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);o&&n.incrementFields({[`ext.${t}CallCount`]:1},o);try{const t=e(...i);return s.end({success:!0}),r.trace("1g8n6a",o),t}catch(e){r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}},Kn=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);return o&&n.incrementFields({[`ext.${t}CallCount`]:1},o),e(...i).then((e=>(r.trace("1g8n6a",o),s.end({success:!0}),e))).catch((e=>{r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}))},Bn="sw";class zn{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){const r=await Kn(this.generateKid.bind(this),Un,t,this.performanceClient,e.correlationId)(e),n=this.cryptoUtils.base64UrlEncode(JSON.stringify(r));return{kid:r.kid,reqCnfString:n}}async generateKid(e){return{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:Bn}}async signPopToken(e,t,r){return this.signPayload(e,t,r)}async signPayload(e,t,r,n){const{resourceRequestMethod:o,resourceRequestUri:i,shrClaims:s,shrNonce:a,shrOptions:c}=r,h=i?new br(i):void 0,l=h?.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:Sn(),m:o?.toUpperCase(),u:l?.HostNameAndPort,nonce:a||this.cryptoUtils.createNewGuid(),p:l?.AbsolutePath,q:l?.QueryString?[[],l.QueryString]:void 0,client_claims:s||void 0,...n},t,c,r.correlationId)}}class jn{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}function $n(e,t,r,n,o){return{credentialType:L.ID_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,realm:o,lastUpdatedAt:Date.now().toString()}}function Jn(e,t,r,n,o,i,s,a,c,h,l,d,u){const g={homeAccountId:e,credentialType:L.ACCESS_TOKEN,secret:r,cachedAt:Sn().toString(),expiresOn:s.toString(),extendedExpiresOn:a.toString(),environment:t,clientId:n,realm:o,target:i,tokenType:l||G.BEARER,lastUpdatedAt:Date.now().toString()};if(d&&(g.userAssertionHash=d),h&&(g.refreshOn=h.toString()),g.tokenType?.toLowerCase()!==G.BEARER.toLowerCase())switch(g.credentialType=L.ACCESS_TOKEN_WITH_AUTH_SCHEME,g.tokenType){case G.POP:const e=vr(r,c);if(!e?.cnf?.kid)throw be(yt);g.keyId=e.cnf.kid;break;case G.SSH:g.keyId=u}return g}function Wn(e,t,r,n,o,i,s){const a={credentialType:L.REFRESH_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,lastUpdatedAt:Date.now().toString()};return i&&(a.userAssertionHash=i),o&&(a.familyId=o),s&&(a.expiresOn=s.toString()),a}function Gn(e){return e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("credentialType")&&e.hasOwnProperty("clientId")&&e.hasOwnProperty("secret")}function Vn(e){return!!e&&(Gn(e)&&e.hasOwnProperty("realm")&&e.hasOwnProperty("target")&&(e.credentialType===L.ACCESS_TOKEN||e.credentialType===L.ACCESS_TOKEN_WITH_AUTH_SCHEME))}function Qn(e){return!!e&&(Gn(e)&&e.credentialType===L.REFRESH_TOKEN)}function Xn(){return Sn()+86400}function Yn(e,t,r){e.authorization_endpoint=t.authorization_endpoint,e.token_endpoint=t.token_endpoint,e.end_session_endpoint=t.end_session_endpoint,e.issuer=t.issuer,e.endpointsFromNetwork=r,e.jwks_uri=t.jwks_uri}function Zn(e,t,r){e.aliases=t.aliases,e.preferred_cache=t.preferred_cache,e.preferred_network=t.preferred_network,e.aliasesFromNetwork=r}function eo(e){return e.expiresAt<=Sn()}class to{constructor(e,t,r,n,o,i,s){this.clientId=e,this.cacheStorage=t,this.cryptoObj=r,this.logger=n,this.performanceClient=o,this.serializableCache=i,this.persistencePlugin=s}validateTokenResponse(e,t,r){if(e.error||e.error_description||e.suberror){const n=`Error(s): ${e.error_codes||h} - Timestamp: ${e.timestamp||h} - Description: ${e.error_description||h} - Correlation ID: ${e.correlation_id||h} - Trace ID: ${e.trace_id||h}`,o=e.error_codes?.length?e.error_codes[0]:void 0,i=new cn(e.error,n,e.suberror,o,e.status);if(r&&e.status&&e.status>=500&&e.status<=599)return void this.logger.warning("16ks7j",t);if(r&&e.status&&e.status>=400&&e.status<=499)return void this.logger.warning("0g61x3",t);if(kn(e.error,e.error_description,e.suberror))throw new vn(e.error,e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",o);throw i}}async handleServerTokenResponse(e,t,r,n,o,i,s,a,c,h){let l,d;if(e.id_token){if(l=vr(e.id_token||"",this.cryptoObj.base64Decode),i&&i.nonce&&l.nonce!==i.nonce)throw be(nt);if(n.maxAge||0===n.maxAge){const e=l.auth_time;if(!e)throw be(ot);Tr(e,n.maxAge)}}this.homeAccountIdentifier=jr(e.client_info||"",t.authorityType,this.logger,this.cryptoObj,n.correlationId,l),i&&i.state&&(d=An(this.cryptoObj.base64Decode,i.state)),e.key_id=e.key_id||n.sshKid||void 0;const u=this.generateCacheRecord(e,t,r,n,l,s,i);let g;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("0jbz5k",n.correlationId),g=new jn(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(g)),a&&!c&&u.account){if(this.cacheStorage.getAllAccounts({homeAccountId:u.account.homeAccountId,environment:u.account.environment},n.correlationId).length<1)return this.logger.warning("1gmt66",n.correlationId),this.performanceClient?.addFields({acntLoggedOut:!0},n.correlationId),await to.generateAuthenticationResult(this.cryptoObj,t,u,!1,n,this.performanceClient,l,d,void 0,h)}await this.cacheStorage.saveCacheRecord(u,n.correlationId,kr(l||{}),o,n.storeInCache)}finally{this.persistencePlugin&&this.serializableCache&&g&&(this.logger.verbose("1bh17u",n.correlationId),await this.persistencePlugin.afterCacheAccess(g))}return to.generateAuthenticationResult(this.cryptoObj,t,u,!1,n,this.performanceClient,l,d,e,h)}generateCacheRecord(e,t,r,n,o,i,s){const a=t.getPreferredCache();if(!a)throw be(gt);const c=Fr(o);let h,l;e.id_token&&o&&(h=$n(this.homeAccountIdentifier,a,e.id_token,this.clientId,c||""),l=ro(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,n.correlationId,o,e.client_info,a,c,s,void 0,this.logger));let d=null;if(e.access_token){const o=e.scope?Pt.fromString(e.scope):new Pt(n.scopes||[]),s=("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0,h=("string"==typeof e.ext_expires_in?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,l=("string"==typeof e.refresh_in?parseInt(e.refresh_in,10):e.refresh_in)||void 0,u=r+s,g=u+h,p=l&&l>0?r+l:void 0;d=Jn(this.homeAccountIdentifier,a,e.access_token,this.clientId,c||t.tenant||"",o.printScopes(),u,g,this.cryptoObj.base64Decode,p,e.token_type,i,e.key_id);const m=n.resource||null;m&&(d.resource=m)}let u=null;if(e.refresh_token){let t;if(e.refresh_token_expires_in){t=r+("string"==typeof e.refresh_token_expires_in?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in),this.performanceClient?.addFields({ntwkRtExpiresOnSeconds:t},n.correlationId)}u=Wn(this.homeAccountIdentifier,a,e.refresh_token,this.clientId,e.foci,i,t)}let g=null;return e.foci&&(g={clientId:this.clientId,environment:a,familyId:e.foci}),{account:l,idToken:h,accessToken:d,refreshToken:u,appMetadata:g}}static async generateAuthenticationResult(e,t,r,n,o,i,s,a,c,h){let l,d,u="",g=[],p=null,m="";if(r.accessToken){if(r.accessToken.tokenType!==G.POP||o.popKid)u=r.accessToken.secret;else{const t=new zn(e,i),{secret:n,keyId:s}=r.accessToken;if(!s)throw be(vt);u=await t.signPopToken(n,s,o)}g=Pt.fromString(r.accessToken.target).asArray(),p=En(r.accessToken.expiresOn),l=En(r.accessToken.extendedExpiresOn),r.accessToken.refreshOn&&(d=En(r.accessToken.refreshOn))}r.appMetadata&&(m=r.appMetadata.familyId===D?D:"");const f=s?.oid||s?.sub||"",y=s?.tid||"";c?.spa_accountid&&r.account&&(r.account.nativeAccountId=c?.spa_accountid);const w=r.account?Cr(Br(r.account),void 0,s,r.idToken?.secret):null;return{authority:t.canonicalAuthority,uniqueId:f,tenantId:y,scopes:g,account:w,idToken:r?.idToken?.secret||"",idTokenClaims:s||{},accessToken:u,fromCache:n,expiresOn:p,extExpiresOn:l,refreshOn:d,correlationId:o.correlationId,requestId:h||"",familyId:m,tokenType:r.accessToken?.tokenType||"",state:a?a.userRequestState:"",cloudGraphHostName:r.account?.cloudGraphHostName||"",msGraphHost:r.account?.msGraphHost||"",code:c?.spa_code,fromPlatformBroker:!1}}}function ro(e,t,r,n,o,i,s,a,c,h,l,d){d?.verbose("09jz0t",o);const u=e.getAccountKeys().find((e=>e.startsWith(r)));let g=null;u&&(g=e.getAccount(u,o));const p=g||function(e,t,r){let n,o,i;n=t.authorityType===Lr?"ADFS":t.protocolMode===Kr.OIDC?U:"MSSTS",e.clientInfo&&r&&(o=qr(e.clientInfo,r),o.xms_tdbr&&(i="EU"===o.xms_tdbr?"EU":"None"));const s=e.environment||t&&t.getPreferredCache();if(!s)throw be(gt);const a=e.idTokenClaims?.preferred_username||e.idTokenClaims?.upn,c=e.idTokenClaims?.emails?e.idTokenClaims.emails[0]:null,h=a||c||"",l=e.idTokenClaims?.login_hint,d=o?.utid||Fr(e.idTokenClaims)||"",u=o?.uid||e.idTokenClaims?.oid||e.idTokenClaims?.sub||"";let g;g=e.tenantProfiles?e.tenantProfiles:[Ir(e.homeAccountId,u,d,e.idTokenClaims)];return{homeAccountId:e.homeAccountId,environment:s,realm:d,localAccountId:u,username:h,authorityType:n,loginHint:l,clientInfo:e.clientInfo,name:e.idTokenClaims?.name||"",lastModificationTime:void 0,lastModificationApp:void 0,cloudGraphHostName:e.cloudGraphHostName,msGraphHost:e.msGraphHost,nativeAccountId:e.nativeAccountId,tenantProfiles:g,dataBoundary:i}}({homeAccountId:r,idTokenClaims:i,clientInfo:s,environment:a,cloudGraphHostName:h?.cloud_graph_host_name,msGraphHost:h?.msgraph_host,nativeAccountId:l},t,n),m=p.tenantProfiles||[],f=c||p.realm;if(f&&!m.find((e=>e.tenantId===f))){const e=Ir(r,p.localAccountId,f,i);m.push(e)}return p.tenantProfiles=m,p}const no="home_account_id",oo="UPN";async function io(e,t,r){if("string"==typeof e)return e;return e({clientId:t,tokenEndpoint:r})}function so(e,t,r){return{clientId:e,authority:t.authority,scopes:t.scopes,homeAccountIdentifier:r,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid,embeddedClientId:t.embeddedClientId||t.extraParameters?.clientId}}class ao{static generateThrottlingStorageKey(e){return`${V}.${JSON.stringify(e)}`}static preProcess(e,t,r){const n=ao.generateThrottlingStorageKey(t),o=e.getThrottlingCache(n,r);if(o){if(o.throttleTime<Date.now())return void e.removeItem(n,r);throw new cn(o.errorCodes?.join(" ")||"",o.errorMessage,o.subError)}}static postProcess(e,t,r,n){if(ao.checkResponseStatus(r)||ao.checkResponseForRetryAfter(r)){const o={throttleTime:ao.calculateThrottleTime(parseInt(r.headers[w])),error:r.body.error,errorCodes:r.body.error_codes,errorMessage:r.body.error_description,subError:r.body.suberror};e.setThrottlingCache(ao.generateThrottlingStorageKey(t),o,n)}}static checkResponseStatus(e){return 429===e.status||e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return!!e.headers&&(e.headers.hasOwnProperty(w)&&(e.status<200||e.status>=300))}static calculateThrottleTime(e){const t=e<=0?0:e,r=Date.now()/1e3;return Math.floor(1e3*Math.min(r+(t||60),r+3600))}static removeThrottle(e,t,r,n){const o=so(t,r,n),i=this.generateThrottlingStorageKey(o);e.removeItem(i,r.correlationId)}}class co extends we{constructor(e,t,r){super(e.errorCode,e.errorMessage,e.subError),Object.setPrototypeOf(this,co.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=r}}function ho(e,t,r,n){return e.errorMessage=`${e.errorMessage}, additionalErrorInfo: error.name:${n?.name}, error.message:${n?.message}`,new co(e,t,r)}function lo(e,t,r){const n={};if(n[f]="application/x-www-form-urlencoded;charset=utf-8",!t&&r)switch(r.type){case no:try{const e=Nr(r.credential);n[I]=`Oid:${e.uid}@${e.utid}`}catch(t){e.verbose("1qhtee","")}break;case oo:n[I]=`UPN: ${r.credential}`}return n}function uo(e,t,r,n){const o=new Map;return e.embeddedClientId&&nr(o,t,r),e.extraQueryParameters&&Xt(o,e.extraQueryParameters),Ft(o,e.correlationId),Rt(o,e.correlationId,n),cr(o)}async function go(e,t,r,n,o,i,s,a,c,h){const l=await async function(e,t,r,n,o,i,s,a){let c;ao.preProcess(o,e,n);try{c=await Kn(i.sendPostRequestAsync.bind(i),Mn,s,a,n)(t,r);const e=c.headers||{};a?.addFields({refreshTokenSize:c.body.refresh_token?.length||0,httpVerToken:e[T]||"",requestId:e[k]||""},n)}catch(e){if(e instanceof co){const t=e.responseHeaders;throw t&&a?.addFields({httpVerToken:t[T]||"",requestId:t[k]||"",contentTypeHeader:t[f]||void 0,contentLengthHeader:t[y]||void 0,httpStatus:e.httpStatus},n),e.error}throw e instanceof we?e:be(Xe)}return ao.postProcess(o,e,c,n),c}(n,e,{body:t,headers:r},o,i,s,a,c);return h&&l.status<500&&429!==l.status&&h.clearTelemetryCache(),l}class po{constructor(e,t,r,n){this.networkInterface=e,this.logger=t,this.performanceClient=r,this.correlationId=n}async detectRegion(e,t){let r=e;if(r)t.region_source=X;else{const e=po.IMDS_OPTIONS;try{const n=await Kn(this.getRegionFromIMDS.bind(this),Dn,this.logger,this.performanceClient,this.correlationId)("2020-06-01",e);if(200===n.status&&(r=n.body,t.region_source=Y),400===n.status){const n=await Kn(this.getCurrentVersion.bind(this),"regionDiscoveryGetCurrentVersion",this.logger,this.performanceClient,this.correlationId)(e);if(!n)return t.region_source=Q,null;const o=await Kn(this.getRegionFromIMDS.bind(this),Dn,this.logger,this.performanceClient,this.correlationId)(n,e);200===o.status&&(r=o.body,t.region_source=Y)}}catch(e){return t.region_source=Q,null}}return r||(t.region_source=Q),r||null}async getRegionFromIMDS(e,t){return this.networkInterface.sendGetRequestAsync(`${l}?api-version=${e}&format=text`,t,2e3)}async getCurrentVersion(e){try{const t=await this.networkInterface.sendGetRequestAsync(`${l}?format=json`,e);return 400===t.status&&t.body&&t.body["newest-versions"]&&t.body["newest-versions"].length>0?t.body["newest-versions"][0]:null}catch(e){return null}}}po.IMDS_OPTIONS={headers:{Metadata:"true"}};class mo{constructor(e,t,r,n,o,i,s,a){this.canonicalAuthority=e,this._canonicalAuthority.validateAsUri(),this.networkInterface=t,this.cacheManager=r,this.authorityOptions=n,this.regionDiscoveryMetadata={region_used:void 0,region_source:void 0,region_outcome:void 0},this.logger=o,this.performanceClient=s,this.correlationId=i,this.managedIdentity=a||!1,this.regionDiscovery=new po(t,this.logger,this.performanceClient,this.correlationId)}getAuthorityType(e){if(e.HostNameAndPort.endsWith(o))return Dr;const t=e.PathSegments;if(t.length)switch(t[0].toLowerCase()){case"adfs":return Lr;case"dstsv2":return Hr}return Ur}get authorityType(){return this.getAuthorityType(this.canonicalAuthorityUrlComponents)}get protocolMode(){return this.authorityOptions.protocolMode}get options(){return this.authorityOptions}get canonicalAuthority(){return this._canonicalAuthority.urlString}set canonicalAuthority(e){this._canonicalAuthority=new br(e),this._canonicalAuthority.validateAsUri(),this._canonicalAuthorityUrlComponents=null}get canonicalAuthorityUrlComponents(){return this._canonicalAuthorityUrlComponents||(this._canonicalAuthorityUrlComponents=this._canonicalAuthority.getUrlComponents()),this._canonicalAuthorityUrlComponents}get hostnameAndPort(){return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()}get tenant(){return this.canonicalAuthorityUrlComponents.PathSegments[0]}get authorizationEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.authorization_endpoint);throw be(Qe)}get tokenEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint);throw be(Qe)}get deviceCodeEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint.replace("/token","/devicecode"));throw be(Qe)}get endSessionEndpoint(){if(this.discoveryComplete()){if(!this.metadata.end_session_endpoint)throw be(Ct);return this.replacePath(this.metadata.end_session_endpoint)}throw be(Qe)}get selfSignedJwtAudience(){if(this.discoveryComplete())return this.replacePath(this.metadata.issuer);throw be(Qe)}get jwksUri(){if(this.discoveryComplete())return this.replacePath(this.metadata.jwks_uri);throw be(Qe)}canReplaceTenant(e){return 1===e.PathSegments.length&&!mo.reservedTenantDomains.has(e.PathSegments[0])&&this.getAuthorityType(e)===Ur&&this.protocolMode!==Kr.OIDC}replaceTenant(e){return e.replace(/{tenant}|{tenantid}/g,this.tenant)}replacePath(e){let t=e;const r=new br(this.metadata.canonical_authority).getUrlComponents(),n=r.PathSegments;return this.canonicalAuthorityUrlComponents.PathSegments.forEach(((e,o)=>{let i=n[o];if(0===o&&this.canReplaceTenant(r)){const e=new br(this.metadata.authorization_endpoint).getUrlComponents().PathSegments[0];i!==e&&(this.logger.verbose("1q3g2x",this.correlationId),i=e)}e!==i&&(t=t.replace(`/${i}/`,`/${e}/`))})),this.replaceTenant(t)}get defaultOpenIdConfigurationEndpoint(){const e=this.hostnameAndPort;return this.canonicalAuthority.endsWith("v2.0/")||this.authorityType===Lr||this.protocolMode===Kr.OIDC&&!this.isAliasOfKnownMicrosoftAuthority(e)?`${this.canonicalAuthority}.well-known/openid-configuration`:`${this.canonicalAuthority}v2.0/.well-known/openid-configuration`}discoveryComplete(){return!!this.metadata}async resolveEndpointsAsync(){const e=this.getCurrentMetadataEntity(),t=await Kn(this.updateCloudDiscoveryMetadata.bind(this),"authorityUpdateCloudDiscoveryMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.canonicalAuthority=this.canonicalAuthority.replace(this.hostnameAndPort,e.preferred_network);const r=await Kn(this.updateEndpointMetadata.bind(this),"authorityUpdateEndpointMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.updateCachedMetadata(e,t,{source:r}),this.performanceClient?.addFields({cloudDiscoverySource:t,authorityEndpointSource:r},this.correlationId)}getCurrentMetadataEntity(){let e=this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort,this.correlationId);return e||(e={aliases:[],preferred_cache:this.hostnameAndPort,preferred_network:this.hostnameAndPort,canonical_authority:this.canonicalAuthority,authorization_endpoint:"",token_endpoint:"",end_session_endpoint:"",issuer:"",aliasesFromNetwork:!1,endpointsFromNetwork:!1,expiresAt:Xn(),jwks_uri:""}),e}updateCachedMetadata(e,t,r){t!==B&&r?.source!==B&&(e.expiresAt=Xn(),e.canonical_authority=this.canonicalAuthority);const n=this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache,this.correlationId);this.cacheManager.setAuthorityMetadata(n,e,this.correlationId),this.metadata=e}async updateEndpointMetadata(e){const t=this.updateEndpointMetadataFromLocalSources(e);if(t){if(t.source===j&&this.authorityOptions.azureRegionConfiguration?.azureRegion&&t.metadata){Yn(e,await Kn(this.updateMetadataWithRegionalInformation.bind(this),Hn,this.logger,this.performanceClient,this.correlationId)(t.metadata),!1),e.canonical_authority=this.canonicalAuthority}return t.source}let r=await Kn(this.getEndpointMetadataFromNetwork.bind(this),"authorityGetEndpointMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return this.authorityOptions.azureRegionConfiguration?.azureRegion&&(r=await Kn(this.updateMetadataWithRegionalInformation.bind(this),Hn,this.logger,this.performanceClient,this.correlationId)(r)),Yn(e,r,!0),z;throw be(Ye,this.defaultOpenIdConfigurationEndpoint)}updateEndpointMetadataFromLocalSources(e){this.logger.verbose("1fi0kc",this.correlationId);const t=this.getEndpointMetadataFromConfig();if(t)return this.logger.verbose("06t0uj",this.correlationId),Yn(e,t,!1),{source:K};this.logger.verbose("151k0p",this.correlationId);const r=this.getEndpointMetadataFromHardcodedValues();if(r)return Yn(e,r,!1),{source:j,metadata:r};this.logger.verbose("1imop5",this.correlationId);const n=eo(e);return this.isAuthoritySameType(e)&&e.endpointsFromNetwork&&!n?(this.logger.verbose("16uq31",""),{source:B}):(n&&this.logger.verbose("0uoibc",""),null)}isAuthoritySameType(e){return new br(e.canonical_authority).getUrlComponents().PathSegments.length===this.canonicalAuthorityUrlComponents.PathSegments.length}getEndpointMetadataFromConfig(){if(this.authorityOptions.authorityMetadata)try{return JSON.parse(this.authorityOptions.authorityMetadata)}catch(e){throw ve(Ne)}return null}async getEndpointMetadataFromNetwork(){const e={},t=this.defaultOpenIdConfigurationEndpoint;this.logger.verbose("1y65x6",this.correlationId);try{const r=await this.networkInterface.sendGetRequestAsync(t,e),n=function(e){return e.hasOwnProperty("authorization_endpoint")&&e.hasOwnProperty("token_endpoint")&&e.hasOwnProperty("issuer")&&e.hasOwnProperty("jwks_uri")}(r.body);return n?r.body:(this.logger.verbose("1koyv8",this.correlationId),null)}catch(e){return this.logger.verbose("0a9wik",this.correlationId),null}}getEndpointMetadataFromHardcodedValues(){return this.hostnameAndPort in Sr?Sr[this.hostnameAndPort]:null}async updateMetadataWithRegionalInformation(e){const t=this.authorityOptions.azureRegionConfiguration?.azureRegion;if(t){if("TryAutoDetect"!==t)return this.regionDiscoveryMetadata.region_outcome=Z,this.regionDiscoveryMetadata.region_used=t,mo.replaceWithRegionalInformation(e,t);const r=await Kn(this.regionDiscovery.detectRegion.bind(this.regionDiscovery),"regionDiscoveryDetectRegion",this.logger,this.performanceClient,this.correlationId)(this.authorityOptions.azureRegionConfiguration?.environmentRegion,this.regionDiscoveryMetadata);if(r)return this.regionDiscoveryMetadata.region_outcome=ee,this.regionDiscoveryMetadata.region_used=r,mo.replaceWithRegionalInformation(e,r);this.regionDiscoveryMetadata.region_outcome=te}return e}async updateCloudDiscoveryMetadata(e){const t=this.updateCloudDiscoveryMetadataFromLocalSources(e);if(t)return t;const r=await Kn(this.getCloudDiscoveryMetadataFromNetwork.bind(this),"authorityGetCloudDiscoveryMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return Zn(e,r,!0),z;throw ve(Ue)}updateCloudDiscoveryMetadataFromLocalSources(e){this.logger.verbose("0jhlgt",this.correlationId),this.logger.verbosePii("1fy7uz",this.correlationId),this.logger.verbosePii("08zabj",this.correlationId),this.logger.verbosePii("1o1kv3",this.correlationId);const t=this.getCloudDiscoveryMetadataFromConfig();if(t)return this.logger.verbose("1nakio",this.correlationId),Zn(e,t,!1),K;this.logger.verbose("1x74aj",this.correlationId);const r=(n=this.hostnameAndPort,Rr(_r.metadata,n));var n;if(r)return this.logger.verbose("0by47c",this.correlationId),Zn(e,r,!1),j;this.logger.verbose("0r2fzy",this.correlationId);const o=eo(e);return this.isAuthoritySameType(e)&&e.aliasesFromNetwork&&!o?(this.logger.verbose("1uffgh",""),B):(o&&this.logger.verbose("0uoibc",""),null)}getCloudDiscoveryMetadataFromConfig(){if(this.authorityType===Dr)return this.logger.verbose("04y84h",this.correlationId),mo.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);if(this.authorityOptions.cloudDiscoveryMetadata){this.logger.verbose("0gszr3",this.correlationId);try{this.logger.verbose("1iifkx",this.correlationId);const e=Rr(JSON.parse(this.authorityOptions.cloudDiscoveryMetadata).metadata,this.hostnameAndPort);if(this.logger.verbose("0q67e3",""),e)return this.logger.verbose("0hzfao",this.correlationId),e;this.logger.verbose("1ajz3u",this.correlationId)}catch(e){throw this.logger.verbose("1wq5tu",this.correlationId),ve(qe)}}return this.isInKnownAuthorities()?(this.logger.verbose("0mt9al",this.correlationId),mo.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)):null}async getCloudDiscoveryMetadataFromNetwork(){const e=`${n}${this.canonicalAuthority}oauth2/v2.0/authorize`,t={};let r=null;try{const n=await this.networkInterface.sendGetRequestAsync(e,t);let o,i;if(function(e){return e.hasOwnProperty("tenant_discovery_endpoint")&&e.hasOwnProperty("metadata")}(n.body))o=n.body,i=o.metadata,this.logger.verbosePii("1vglyt",this.correlationId);else{if(!function(e){return e.hasOwnProperty("error")&&e.hasOwnProperty("error_description")}(n.body))return this.logger.error("0768g0",this.correlationId),null;if(this.logger.warning("062uto",this.correlationId),o=n.body,"invalid_instance"===o.error)return this.logger.error("1x90tm",this.correlationId),null;this.logger.warning("0wchdm",this.correlationId),this.logger.warning("1s5mpv",this.correlationId),this.logger.warning("1yhqpw",this.correlationId),i=[]}this.logger.verbose("1lrobr",this.correlationId),r=Rr(i,this.hostnameAndPort)}catch(e){return e instanceof we?this.logger.error("0vwhc7",this.correlationId):this.logger.error("0s2z41",this.correlationId),null}return r||(this.logger.warning("0jp28q",this.correlationId),this.logger.verbose("130sd8",this.correlationId),r=mo.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),r}isInKnownAuthorities(){return this.authorityOptions.knownAuthorities.filter((e=>e&&br.getDomainFromUrl(e).toLowerCase()===this.hostnameAndPort)).length>0}static generateAuthority(e,t){let n;if(t&&t.azureCloudInstance!==yr.None){const e=t.tenant?t.tenant:r;n=`${t.azureCloudInstance}/${e}/`}return n||e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return"login.microsoftonline.com";if(this.discoveryComplete())return this.metadata.preferred_cache;throw be(Qe)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return Er.has(e)}static isPublicCloudAuthority(e){return d.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,r){const n=new br(e);n.validateAsUri();const o=n.getUrlComponents();let i=`${t}.${o.HostNameAndPort}`;this.isPublicCloudAuthority(o.HostNameAndPort)&&(i=`${t}.login.microsoft.com`);const s=br.constructAuthorityUriFromObject({...n.getUrlComponents(),HostNameAndPort:i}).urlString;return r?`${s}?${r}`:s}static replaceWithRegionalInformation(e,t){const r={...e};return r.authorization_endpoint=mo.buildRegionalAuthorityString(r.authorization_endpoint,t),r.token_endpoint=mo.buildRegionalAuthorityString(r.token_endpoint,t),r.end_session_endpoint&&(r.end_session_endpoint=mo.buildRegionalAuthorityString(r.end_session_endpoint,t)),r}static transformCIAMAuthority(e){let t=e;const r=new br(e).getUrlComponents();if(0===r.PathSegments.length&&r.HostNameAndPort.endsWith(o)){t=`${t}${r.HostNameAndPort.split(".")[0]}.onmicrosoft.com`}return t}}function fo(e){return e.endsWith("/")?e:`${e}/`}function yo(e){const t=e.cloudDiscoveryMetadata;let r;if(t)try{r=JSON.parse(t)}catch(e){throw ve(qe)}return{canonicalAuthority:e.authority?fo(e.authority):void 0,knownAuthorities:e.knownAuthorities,cloudDiscoveryMetadata:r}}async function wo(e,t,r,n,o,i,s){const a=mo.transformCIAMAuthority(fo(e)),c=new mo(a,t,r,n,o,i,s);try{return await Kn(c.resolveEndpointsAsync.bind(c),"authorityResolveEndpointsAsync",o,s,i)(),c}catch(e){throw be(Qe)}}mo.reservedTenantDomains=new Set(["{tenant}","{tenantid}",A,_,S]);class Io{constructor(e,t){this.includeRedirectUri=!0,this.config=sn(e),this.logger=new pr(this.config.loggerOptions,mr,fr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t,this.oidcDefaultScopes=this.config.authOptions.authority.options.OIDCOptions?.defaultScopes}async acquireToken(e,t,r){if(!e.code)throw be(at);r&&r.cloud_instance_host_name&&await Kn(this.updateTokenEndpointAuthority.bind(this),"updateTokenEndpointAuthority",this.logger,this.performanceClient,e.correlationId)(r.cloud_instance_host_name,e.correlationId);const n=Sn(),o=await Kn(this.executeTokenRequest.bind(this),"authClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(this.authority,e,this.serverTelemetryManager),i=o.headers?.[k],s=new to(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return s.validateTokenResponse(o.body,e.correlationId),Kn(s.handleServerTokenResponse.bind(s),Ln,this.logger,this.performanceClient,e.correlationId)(o.body,this.authority,n,e,t,r,void 0,void 0,void 0,i)}getLogoutUri(e){if(!e)throw ve(Me);const t=this.createLogoutUrlQueryString(e);return br.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t,r){const n=uo(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),o=br.appendQueryString(e.tokenEndpoint,n),i=await Kn(this.createTokenRequestBody.bind(this),"authClientCreateTokenRequestBody",this.logger,this.performanceClient,t.correlationId)(t);let s;if(t.clientInfo)try{const e=qr(t.clientInfo,this.cryptoUtils.base64Decode);s={credential:`${e.uid}.${e.utid}`,type:no}}catch(e){this.logger.verbose("0wznt3",t.correlationId)}const a=lo(this.logger,this.config.systemOptions.preventCorsPreflight,s||t.ccsCredential),c=so(this.config.authOptions.clientId,t);return Kn(go,"authorizationCodeClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,t.correlationId)(o,i,a,c,t.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,r)}async createTokenRequestBody(e){const t=new Map;if(xt(t,e.embeddedClientId||e.extraParameters?.[ce]||this.config.authOptions.clientId),this.includeRedirectUri)qt(t,e.redirectUri);else if(!e.redirectUri)throw ve(Ae);if(Mt(t,e.scopes,!0,this.oidcDefaultScopes),or(t,e.resource),function(e,t){e.set("code",t)}(t,e.code),Kt(t,this.config.libraryInfo),Bt(t,this.config.telemetry.application),rr(t),this.serverTelemetryManager&&!an(this.config)&&tr(t,this.serverTelemetryManager),e.codeVerifier&&function(e,t){e.set("code_verifier",t)}(t,e.codeVerifier),this.config.clientCredentials.clientSecret&&$t(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Jt(t,await io(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),Wt(t,r.assertionType)}if(Gt(t,q),Vt(t),e.authenticationScheme===G.POP){const r=new zn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Kn(r.generateCnf.bind(r),Un,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}Zt(t,n)}else if(e.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);er(t,e.sshJwk)}let r;if((!ke.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Dt(t,e.claims,this.config.authOptions.clientCapabilities),e.clientInfo)try{const t=qr(e.clientInfo,this.cryptoUtils.base64Decode);r={credential:`${t.uid}.${t.utid}`,type:no}}catch(t){this.logger.verbose("0wznt3",e.correlationId)}else r=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&r)switch(r.type){case no:try{Lt(t,Nr(r.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case oo:Ut(t,r.credential)}return e.embeddedClientId&&nr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&Xt(t,e.extraParameters),!e.enableSpaAuthorizationCode||e.extraParameters&&e.extraParameters[ue]||Xt(t,{[ue]:"1"}),Rt(t,e.correlationId,this.performanceClient),cr(t)}createLogoutUrlQueryString(e){const t=new Map;return e.postLogoutRedirectUri&&function(e,t){e.set("post_logout_redirect_uri",t)}(t,e.postLogoutRedirectUri),e.correlationId&&Ft(t,e.correlationId),e.idTokenHint&&function(e,t){e.set("id_token_hint",t)}(t,e.idTokenHint),e.state&&zt(t,e.state),e.logoutHint&&function(e,t){e.set("logout_hint",t)}(t,e.logoutHint),e.extraQueryParameters&&Xt(t,e.extraQueryParameters),this.config.authOptions.instanceAware&&Qt(t),cr(t)}async updateTokenEndpointAuthority(e,t){const r=`https://${e}/${this.authority.tenant}/`,n=await wo(r,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=n}}class Co{constructor(e,t){this.config=sn(e),this.logger=new pr(this.config.loggerOptions,mr,fr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireToken(e,t){const r=Sn(),n=await Kn(this.executeTokenRequest.bind(this),"refreshTokenClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(e,this.authority),o=n.headers?.[k],i=new to(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return i.validateTokenResponse(n.body,e.correlationId),Kn(i.handleServerTokenResponse.bind(i),Ln,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,r,e,t,void 0,void 0,!0,e.forceCache,o)}async acquireTokenByRefreshToken(e,t){if(!e)throw ve(Oe);if(!e.account)throw be(dt);if(this.cacheManager.isAppMetadataFOCI(e.account.environment,e.correlationId))try{return await Kn(this.acquireTokenWithCachedRefreshToken.bind(this),xn,this.logger,this.performanceClient,e.correlationId)(e,!0,t)}catch(r){const n=r instanceof vn&&r.errorCode===hn,o=r instanceof cn&&"invalid_grant"===r.errorCode&&"client_mismatch"===r.subError;if(n||o)return Kn(this.acquireTokenWithCachedRefreshToken.bind(this),xn,this.logger,this.performanceClient,e.correlationId)(e,!1,t);throw r}return Kn(this.acquireTokenWithCachedRefreshToken.bind(this),xn,this.logger,this.performanceClient,e.correlationId)(e,!1,t)}async acquireTokenWithCachedRefreshToken(e,t,r){const n=Fn(this.cacheManager.getRefreshToken.bind(this.cacheManager),"cacheManagerGetRefreshToken",this.logger,this.performanceClient,e.correlationId)(e.account,t,e.correlationId,void 0);if(!n)throw Tn(hn);if(n.expiresOn){const t=e.refreshTokenExpirationOffsetSeconds||300;if(this.performanceClient?.addFields({cacheRtExpiresOnSeconds:Number(n.expiresOn),rtOffsetSeconds:t},e.correlationId),Pn(n.expiresOn,t))throw Tn(dn)}const o={...e,refreshToken:n.secret,authenticationScheme:e.authenticationScheme||G.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:no}};try{return await Kn(this.acquireToken.bind(this),"refreshTokenClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(o,r)}catch(t){if(t instanceof vn&&t.subError===fn){this.logger.verbose("1pg3ap",e.correlationId);const t=this.cacheManager.generateCredentialKey(n);this.cacheManager.removeRefreshToken(t,e.correlationId)}throw t}}async executeTokenRequest(e,t){const r=uo(e,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),n=br.appendQueryString(t.tokenEndpoint,r),o=await Kn(this.createTokenRequestBody.bind(this),"refreshTokenClientCreateTokenRequestBody",this.logger,this.performanceClient,e.correlationId)(e),i=lo(this.logger,this.config.systemOptions.preventCorsPreflight,e.ccsCredential),s=so(this.config.authOptions.clientId,e);return Kn(go,"refreshTokenClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,e.correlationId)(n,o,i,s,e.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,this.serverTelemetryManager)}async createTokenRequestBody(e){const t=new Map;if(xt(t,e.embeddedClientId||e.extraParameters?.[ce]||this.config.authOptions.clientId),e.redirectUri&&qt(t,e.redirectUri),Mt(t,e.scopes,!0,this.config.authOptions.authority.options.OIDCOptions?.defaultScopes),Gt(t,N),Vt(t),Kt(t,this.config.libraryInfo),Bt(t,this.config.telemetry.application),rr(t),this.serverTelemetryManager&&!an(this.config)&&tr(t,this.serverTelemetryManager),function(e,t){e.set("refresh_token",t)}(t,e.refreshToken),this.config.clientCredentials.clientSecret&&$t(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Jt(t,await io(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),Wt(t,r.assertionType)}if(e.authenticationScheme===G.POP){const r=new zn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Kn(r.generateCnf.bind(r),Un,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}Zt(t,n)}else if(e.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);er(t,e.sshJwk)}if((!ke.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&Dt(t,e.claims,this.config.authOptions.clientCapabilities),this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case no:try{Lt(t,Nr(e.ccsCredential.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case oo:Ut(t,e.ccsCredential.credential)}return e.embeddedClientId&&nr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&Xt(t,{...e.extraParameters}),Rt(t,e.correlationId,this.performanceClient),cr(t)}}class vo{constructor(e,t){this.config=sn(e),this.logger=new pr(this.config.loggerOptions,mr,fr),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireCachedToken(e){let t=re;if(e.forceRefresh||!ke.isEmptyObj(e.claims))throw this.setCacheOutcome(ne,e.correlationId),be(ft);if(!e.account)throw be(dt);const r=e.account.tenantId||function(e){const t=new br(e).getUrlComponents(),r=t.PathSegments.slice(-1)[0]?.toLowerCase();switch(r){case A:case S:case _:return;default:return r}}(e.authority),n=this.cacheManager.getTokenKeys(),o=this.cacheManager.getAccessToken(e.account,e,n,r);if(!o)throw this.setCacheOutcome(oe,e.correlationId),be(ft);if(On(o.cachedAt)||Pn(o.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(ie,e.correlationId),be(ft);if(e.resource){if(o.resource!==e.resource)throw this.setCacheOutcome(oe,e.correlationId),be(ft)}else o.refreshOn&&Pn(o.refreshOn,0)&&(t=se);const i=e.authority||this.authority.getPreferredCache(),s={account:this.cacheManager.getAccount(this.cacheManager.generateAccountKey(e.account),e.correlationId),accessToken:o,idToken:this.cacheManager.getIdToken(e.account,e.correlationId,n,r),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(i,e.correlationId)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await Kn(this.generateResultFromCacheRecord.bind(this),"silentFlowClientGenerateResultFromCacheRecord",this.logger,this.performanceClient,e.correlationId)(s,e),t]}setCacheOutcome(e,t){this.serverTelemetryManager?.setCacheOutcome(e),this.performanceClient?.addFields({cacheOutcome:e},t),e!==re&&this.logger.info("09ingz",t)}async generateResultFromCacheRecord(e,t){let r;if(e.idToken&&(r=vr(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge||0===t.maxAge){const e=r?.auth_time;if(!e)throw be(ot);Tr(e,t.maxAge)}return to.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,this.performanceClient,r)}}const ko={sendGetRequestAsync:()=>Promise.reject(be(bt)),sendPostRequestAsync:()=>Promise.reject(be(bt))};function To(e,t,r,n){const o=t.correlationId,i=new Map;xt(i,t.embeddedClientId||t.extraQueryParameters?.[ce]||e.clientId);if(Mt(i,[...t.scopes||[],...t.extraScopesToConsent||[]],!0,e.authority.options.OIDCOptions?.defaultScopes),or(i,t.resource),qt(i,t.redirectUri),Ft(i,o),function(e,t){e.set("response_mode",t||x.QUERY)}(i,t.responseMode),Vt(i),function(e){e.set("clidata","1")}(i),t.prompt&&(!function(e,t){e.set("prompt",t)}(i,t.prompt),n?.addFields({prompt:t.prompt},o)),t.domainHint&&(!function(e,t){e.set("domain_hint",t)}(i,t.domainHint),n?.addFields({domainHintFromRequest:!0},o)),t.prompt!==R.SELECT_ACCOUNT)if(t.sid&&t.prompt===R.NONE)r.verbose("1tvqyx",t.correlationId),Ht(i,t.sid),n?.addFields({sidFromRequest:!0},o);else if(t.account){const e=(s=t.account,s.idTokenClaims?.sid||null);let a=function(e){return e.loginHint||e.idTokenClaims?.login_hint||null}(t.account);if(a&&t.domainHint&&(r.warning("0wkg3v",t.correlationId),a=null),a){r.verbose("1eyfsw",t.correlationId),Nt(i,a),n?.addFields({loginHintFromClaim:!0},o);try{Lt(i,Nr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(e&&t.prompt===R.NONE){r.verbose("1rmd8s",t.correlationId),Ht(i,e),n?.addFields({sidFromClaim:!0},o);try{Lt(i,Nr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(t.loginHint)r.verbose("0y3007",t.correlationId),Nt(i,t.loginHint),Ut(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o);else if(t.account.username){r.verbose("02f507",t.correlationId),Nt(i,t.account.username),n?.addFields({loginHintFromUpn:!0},o);try{Lt(i,Nr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}}else t.loginHint&&(r.verbose("0g01ey",t.correlationId),Nt(i,t.loginHint),Ut(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o));else r.verbose("169k9v",t.correlationId);var s;return t.nonce&&function(e,t){e.set("nonce",t)}(i,t.nonce),t.state&&zt(i,t.state),(t.claims||e.clientCapabilities&&e.clientCapabilities.length>0)&&Dt(i,t.claims,e.clientCapabilities),t.embeddedClientId&&nr(i,e.clientId,e.redirectUri),!e.instanceAware||t.extraQueryParameters&&Object.keys(t.extraQueryParameters).includes(fe)||Qt(i),i}function bo(e,t){const r=cr(t);return br.appendQueryString(e.authorizationEndpoint,r)}function Ao(e,t){if(!e.state||!t)throw e.state?be(rt,"Cached State"):be(rt,"Server State");let r,n;try{r=decodeURIComponent(e.state)}catch(t){throw be(et,e.state)}try{n=decodeURIComponent(t)}catch(t){throw be(et,e.state)}if(r!==n)throw be(tt);if(e.error||e.error_description||e.suberror){const t=function(e){const t="code=",r=e.error_uri?.lastIndexOf(t);return r&&r>=0?e.error_uri?.substring(r+t.length):void 0}(e);if(kn(e.error,e.error_description,e.suberror))throw new vn(e.error||"",e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",t);throw new cn(e.error||"",e.error_description,e.suberror,t)}}function So(e,t){if(e){if(t.resource&&(_o(t.extraParameters)||_o(t.extraQueryParameters)))throw be(_t);if(!t.resource)throw be(St)}}function _o(e){return!!e&&Object.prototype.hasOwnProperty.call(e,"resource")}const Eo="unexpected_error";var Po=Object.freeze({__proto__:null,postRequestFailed:"post_request_failed",unexpectedError:Eo});function Ro(e){const{skus:t,libraryName:r,libraryVersion:n,extensionName:o,extensionVersion:i}=e,s=new Map([[0,[r,n]],[2,[o,i]]]);let a=[];if(t?.length){if(a=t.split(","),a.length<4)return t}else a=Array.from({length:4},(()=>"|"));return s.forEach(((e,t)=>{2===e.length&&e[0]?.length&&e[1]?.length&&function(e){const{skuArr:t,index:r,skuName:n,skuVersion:o}=e;if(r>=t.length)return;t[r]=[n,o].join("|")}({skuArr:a,index:t,skuName:e[0],skuVersion:e[1]})})),a.join(",")}class Oo{constructor(e,t){this.cacheOutcome=re,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||"",this.wrapperVer=e.wrapperVer||"",this.telemetryCacheKey=J+"-"+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${W}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],r=this.getNativeBrokerErrorCode();r?.length&&t.push(`broker_error=${r}`);const n=t.join(W),o=[e,this.getRegionDiscoveryFields()].join(W);return[$,o,n].join("|")}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=Oo.maxErrorsToSend(e),r=e.failedRequests.slice(0,2*t).join(W),n=e.errors.slice(0,t).join(W),o=e.errors.length,i=[o,t<o?"1":"0"].join(W);return[$,e.cacheHits,r,n,i].join("|")}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=50&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof we?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push("unknown_error"),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId),e.cacheHits}getLastRequests(){return this.cacheManager.getServerTelemetry(this.telemetryCacheKey,this.correlationId)||{failedRequests:[],errors:[],cacheHits:0}}clearTelemetryCache(){const e=this.getLastRequests(),t=Oo.maxErrorsToSend(e);if(t===e.errors.length)this.cacheManager.removeItem(this.telemetryCacheKey,this.correlationId);else{const r={failedRequests:e.failedRequests.slice(2*t),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,r,this.correlationId)}}static maxErrorsToSend(e){let t,r=0,n=0;const o=e.errors.length;for(t=0;t<o;t++){const o=e.failedRequests[2*t]||"",i=e.failedRequests[2*t+1]||"",s=e.errors[t]||"";if(n+=o.toString().length+i.toString().length+s.length+3,!(n<330))break;r+=1}return r}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||""),e.push(this.regionSource||""),e.push(this.regionOutcome||""),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId)}static makeExtraSkuString(e){return Ro(e)}}class Mo extends we{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,Mo.prototype)}}function xo(e){return new Mo(e)}class qo{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw xo("missing_kid_error");if(!e.alg)throw xo("missing_alg_error");const t=new qo({typ:e.typ||ae.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}function No(e,t,r,n=5){if(e instanceof Error)return e instanceof we?(r.errorCode=e.errorCode,r.subErrorCode=e.subError,void(!r.serverErrorNo&&(e instanceof cn||e instanceof vn)&&e.errorNo&&(r.serverErrorNo=e.errorNo))):void(e instanceof Mr?r.errorCode=e.errorCode:r.errorStack?.length?t.trace("0lmqrh",r.correlationId):e.stack?.length?(e.stack&&(r.errorStack=function(e,t){if(t<0)return[];const r=e.split("\n")||[],n=[],o=r[0];o.startsWith("TypeError: Cannot read property")||o.startsWith("TypeError: Cannot read properties of")||o.startsWith("TypeError: Cannot set property")||o.startsWith("TypeError: Cannot set properties of")||o.endsWith("is not a function")?n.push(Uo(o)):(o.startsWith("SyntaxError")||o.startsWith("TypeError"))&&n.push(Uo(o.replace(/['].*[']|["].*["]/g,"<redacted>")));for(let e=1;e<r.length&&!(n.length>=t);e++){const t=r[e];n.push(Uo(t))}return n}(e.stack,n)),r.errorName=e.name):t.trace("1cnpwa",r.correlationId));t.trace("0gcyox",r.correlationId)}function Uo(e){const t=e.lastIndexOf(" ")+1;if(t<1)return e;const r=e.substring(t);let n=r.lastIndexOf("/");return n=n<0?r.lastIndexOf("\\"):n,n>=0?(e.substring(0,t)+"("+r.substring(n+1)+(")"===r.charAt(r.length-1)?"":")")).trimStart():e.trimStart()}class Lo{constructor(e,t,r,n,o,i,s){this.authority=t,this.libraryName=n,this.libraryVersion=o,this.applicationTelemetry=i,this.clientId=e,this.logger=r,this.callbacks=new Map,this.eventsByCorrelationId=new Map,this.eventStack=new Map,this.intFields=s||new Set;for(const e of Qr)this.intFields.add(e)}startMeasurement(e,t){const r=t||this.generateId(),n={eventId:this.generateId(),status:Wr,authority:this.authority,libraryName:this.libraryName,libraryVersion:this.libraryVersion,clientId:this.clientId,name:e,startTimeMs:Date.now(),correlationId:r,appName:this.applicationTelemetry?.appName,appVersion:this.applicationTelemetry?.appVersion};var o,i;return this.cacheEventByCorrelationId(n),o=n,(i=this.eventStack.get(r))&&i.push({name:o.name}),{end:(e,t,r)=>this.endMeasurement({...n,...e},t,r),discard:()=>this.discardMeasurements(n.correlationId),add:e=>this.addFields(e,n.correlationId),increment:e=>this.incrementFields(e,n.correlationId),event:n}}endMeasurement(e,t,r){const n=this.eventsByCorrelationId.get(e.correlationId);if(!n)return this.logger.trace("0k9ti8",e.correlationId),null;const o=e.eventId===n.eventId;e.durationMs=Math.round(e.durationMs||this.getDurationMs(e.startTimeMs));const i=JSON.stringify(function(e,t,r){if(!t?.length)return;const n=e=>e.length?e[e.length-1]:void 0,o=e.name,i=n(t);if(i?.name!==o)return;const s=t?.pop();if(!s)return;const a=r instanceof we?r.errorCode:r instanceof Error?r.name:void 0,c=r instanceof we?r.subError:void 0;a&&s.childErr!==a&&(s.err=a,c&&(s.subErr=c)),delete s.name,delete s.childErr;const h={...s,dur:e.durationMs};e.success||(h.fail=1);const l=n(t);if(!l)return{[o]:h};let d;if(a&&(l.childErr=a),l[o]){const e=Object.keys(l).filter((e=>e.startsWith(o))).length;d=`${o}_${e+1}`}else d=o;return l[d]=h,l}(e,this.eventStack.get(n.correlationId),t));if(o?this.discardMeasurements(n.correlationId):n.incompleteSubMeasurements?.delete(e.eventId),t&&No(t,this.logger,n),!o)return n.ext={...n.ext,...e.ext},n.ext[e.name+"DurationMs"]=Math.floor(e.durationMs),{...n};o&&!t&&(n.errorCode||n.subErrorCode)&&(this.logger.trace("1fm1tm",e.correlationId),n.errorCode=void 0,n.subErrorCode=void 0);let s={...n,...e},a=0;s.incompleteSubMeasurements?.forEach((e=>{this.logger.trace("0nxk52",s.correlationId),a++})),s.incompleteSubMeasurements=void 0;const c=function(e){const t=[];for(const r of["",e]){const e=ur.get(r);t.push(...e?.logs??[]),ur.delete(r)}return t}(e.correlationId).map((e=>`${e.milliseconds},${e.hash}`)).join(";");return s={...s,status:Gr,incompleteSubsCount:a,context:i,logs:c},r&&(s.accountType=function(e){const t=e?.idTokenClaims;return t?.tfp||t?.acr?"B2C":t?.tid?"9188040d-6c67-4c5b-b112-36a304b66dad"===t?.tid?"MSA":"AAD":void 0}(r),s.dataBoundary=r.dataBoundary),this.truncateIntegralFields(s),this.emitEvents([s],e.correlationId),s}addFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r){const n={},o={};for(const t in e)if(t.startsWith(Vr)){const r=t.slice(4),n=e[t];"string"!=typeof n&&"number"!=typeof n||(o[r]=n)}else n[t]=e[t];const i={...r,...n};Object.keys(o).length&&(i.ext={...i.ext,...o}),this.eventsByCorrelationId.set(t,i)}else this.logger.trace("0thl6s",t)}incrementFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r)for(const t in e)if(t.startsWith(Vr)){r.ext=r.ext||{};const n=t.slice(4),o=r.ext[n];if(void 0===o)r.ext[n]=0;else if(isNaN(Number(o)))return;r.ext[n]=(Number(r.ext[n])||0)+(e[t]??0)}else{if(r.hasOwnProperty(t)){if(isNaN(Number(r[t])))return}else r[t]=0;r[t]+=e[t]}else this.logger.trace("0thl6s",t)}cacheEventByCorrelationId(e){const t=this.eventsByCorrelationId.get(e.correlationId);t?(t.incompleteSubMeasurements=t.incompleteSubMeasurements||new Map,t.incompleteSubMeasurements.set(e.eventId,{name:e.name,startTimeMs:e.startTimeMs})):(this.eventsByCorrelationId.set(e.correlationId,{...e}),this.eventStack.set(e.correlationId,[]))}discardMeasurements(e){this.eventsByCorrelationId.delete(e),this.eventStack.delete(e)}addPerformanceCallback(e){for(const[t,r]of this.callbacks)if(r.toString()===e.toString())return this.logger.warning("1eap5p",""),t;const t=this.generateId();return this.callbacks.set(t,e),this.logger.verbose("0c9ujz",""),t}removePerformanceCallback(e){const t=this.callbacks.delete(e);return t?this.logger.verbose("0253if",""):this.logger.verbose("0iqk07",""),t}emitEvents(e,t){this.logger.verbose("11jb1y",t),this.callbacks.forEach(((r,n)=>{this.logger.trace("0p2pjl",t),r.apply(null,[e])}))}truncateIntegralFields(e){this.intFields.forEach((t=>{t in e&&"number"==typeof e[t]&&(e[t]=Math.floor(e[t]))}))}getDurationMs(e){const t=Date.now()-e;return t<0?t:0}}const Ho="pkce_not_created",Do="ear_jwk_empty",Fo="ear_jwe_empty",Ko="crypto_nonexistent",Bo="empty_navigate_uri",zo="hash_empty_error",jo="no_state_in_hash",$o="hash_does_not_contain_known_properties",Jo="unable_to_parse_state",Wo="state_interaction_type_mismatch",Go="interaction_in_progress",Vo="interaction_in_progress_cancelled",Qo="popup_window_error",Xo="empty_window_error",Yo="user_cancelled",Zo="redirect_bridge_empty_response",ei="redirect_in_iframe",ti="block_iframe_reload",ri="block_nested_popups",ni="silent_logout_unsupported",oi="no_account_error",ii="no_token_request_cache_error",si="unable_to_parse_token_request_cache_error",ai="non_browser_environment",ci="database_not_open",hi="no_network_connectivity",li="post_request_failed",di="get_request_failed",ui="failed_to_parse_response",gi="unable_to_load_token",pi="crypto_key_not_found",mi="auth_code_required",fi="auth_code_or_nativeAccountId_required",yi="spa_code_and_nativeAccountId_present",wi="database_unavailable",Ii="unable_to_acquire_token_from_native_platform",Ci="native_handshake_timeout",vi="native_extension_not_installed",ki="native_connection_not_established",Ti="uninitialized_public_client_application",bi="native_prompt_not_supported",Ai="invalid_base64_string",Si="invalid_pop_token_request",_i="failed_to_build_headers",Ei="failed_to_parse_headers",Pi="failed_to_decrypt_ear_response",Ri="timed_out",Oi="empty_response";var Mi=Object.freeze({__proto__:null,authCodeOrNativeAccountIdRequired:fi,authCodeRequired:mi,authRequestNotSetError:"auth_request_not_set_error",blockIframeReload:ti,blockNestedPopups:ri,cryptoKeyNotFound:pi,cryptoNonExistent:Ko,databaseNotOpen:ci,databaseUnavailable:wi,earJweEmpty:Fo,earJwkEmpty:Do,emptyNavigateUri:Bo,emptyResponse:Oi,emptyWindowError:Xo,failedToBuildHeaders:_i,failedToDecryptEarResponse:Pi,failedToParseHeaders:Ei,failedToParseResponse:ui,getRequestFailed:di,hashDoesNotContainKnownProperties:$o,hashEmptyError:zo,iframeClosedPrematurely:"iframe_closed_prematurely",interactionInProgress:Go,interactionInProgressCancelled:Vo,invalidBase64String:Ai,invalidCacheType:"invalid_cache_type",invalidPopTokenRequest:Si,nativeConnectionNotEstablished:ki,nativeExtensionNotInstalled:vi,nativeHandshakeTimeout:Ci,nativePromptNotSupported:bi,noAccountError:oi,noNetworkConnectivity:hi,noStateInHash:jo,noTokenRequestCacheError:ii,nonBrowserEnvironment:ai,pkceNotCreated:Ho,popupWindowError:Qo,postRequestFailed:li,redirectBridgeEmptyResponse:Zo,redirectInIframe:ei,silentLogoutUnsupported:ni,silentPromptValueError:"silent_prompt_value_error",spaCodeAndNativeAccountIdPresent:yi,stateInteractionTypeMismatch:Wo,timedOut:Ri,unableToAcquireTokenFromNativePlatform:Ii,unableToLoadToken:gi,unableToParseState:Jo,unableToParseTokenRequestCacheError:si,uninitializedPublicClientApplication:Ti,userCancelled:Yo});function xi(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class qi extends we{constructor(e,t){super(e,xi(e),t),Object.setPrototypeOf(this,qi.prototype),this.name="BrowserAuthError"}}function Ni(e,t){return new qi(e,t)}const Ui="invalid_grant",Li=483,Hi=600,Di="msal",Fi="msal.js.browser",Ki="53ee284d-920a-4b59-9d30-a60315b26836",Bi="ppnbnpeolgkicgegkbkbjmhlideopiji",zi="MATS",ji="MicrosoftEntra",$i="DOM API",Ji="get-token-and-sign-out",Wi="PlatformAuthDOMHandler",Gi="PlatformAuthExtensionHandler",Vi="Handshake",Qi="HandshakeResponse",Xi="GetToken",Yi="Response",Zi={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},es="GET",ts="POST",rs="signin",ns="signout",os="request.origin",is="urlHash",ss="request.params",as="code.verifier",cs="interaction.status",hs="request.native",ls="wrapper.sku",ds="wrapper.version",us={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962,hydrateCache:963,loadExternalTokens:964},gs={861:"acquireTokenRedirect",862:"acquireTokenPopup",863:"ssoSilent",864:"acquireTokenSilent_authCode",865:"handleRedirectPromise",866:"acquireTokenByCode",61:"acquireTokenSilent_silentFlow",961:"logout",962:"logoutPopup",963:"hydrateCache",964:"loadExternalTokens"};var ps;e.InteractionType=void 0,(ps=e.InteractionType||(e.InteractionType={})).Redirect="redirect",ps.Popup="popup",ps.Silent="silent",ps.None="none";const ms={Startup:"startup",Logout:"logout",AcquireToken:"acquireToken",HandleRedirect:"handleRedirect",None:"none"},fs={scopes:p},ys="msal.db",ws=`${ys}.keys`,Is={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},Cs=[Is.Default,Is.Skip,Is.RefreshTokenAndNetwork];function vs(e){return encodeURIComponent(Ts(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function ks(e){return bs(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function Ts(e){return bs((new TextEncoder).encode(e))}function bs(e){const t=Array.from(e,(e=>String.fromCodePoint(e))).join("");return btoa(t)}function As(e){return(new TextDecoder).decode(Ss(e))}function Ss(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw Ni(Ai)}const r=atob(t);return Uint8Array.from(r,(e=>e.codePointAt(0)||0))}const _s="AES-GCM",Es="HKDF",Ps="SHA-256",Rs=new Uint8Array([1,0,1]),Os="0123456789abcdef",Ms=new Uint32Array(1),xs="raw",qs="encrypt",Ns="decrypt",Us={name:"RSASSA-PKCS1-v1_5",hash:Ps,modulusLength:2048,publicExponent:Rs};async function Ls(e){const t=(new TextEncoder).encode(e);return window.crypto.subtle.digest(Ps,t)}function Hs(e){return window.crypto.getRandomValues(e)}function Ds(){return window.crypto.getRandomValues(Ms),Ms[0]}function Fs(){const e=Date.now(),t=1024*Ds()+(1023&Ds()),r=new Uint8Array(16),n=Math.trunc(t/2**30),o=t&2**30-1,i=Ds();r[0]=e/2**40,r[1]=e/2**32,r[2]=e/2**24,r[3]=e/65536,r[4]=e/256,r[5]=e,r[6]=112|n>>>8,r[7]=n,r[8]=128|o>>>24,r[9]=o>>>16,r[10]=o>>>8,r[11]=o,r[12]=i>>>24,r[13]=i>>>16,r[14]=i>>>8,r[15]=i;let s="";for(let e=0;e<r.length;e++)s+=Os.charAt(r[e]>>>4),s+=Os.charAt(15&r[e]),3!==e&&5!==e&&7!==e&&9!==e||(s+="-");return s}async function Ks(e){return window.crypto.subtle.exportKey("jwk",e)}async function Bs(){const e=await js(),t={alg:"dir",kty:"oct",k:ks(new Uint8Array(e))};return Ts(JSON.stringify(t))}async function zs(e,t){const r=t.split(".");if(5!==r.length)throw Ni(Pi,"jwe_length");const n=await async function(e){const t=As(e),r=Ss(JSON.parse(t).k);return window.crypto.subtle.importKey(xs,r,_s,!1,[Ns])}(e).catch((()=>{throw Ni(Pi,"import_key")}));try{const e=(new TextEncoder).encode(r[0]),t=Ss(r[2]),o=Ss(r[3]),i=Ss(r[4]),s=8*i.byteLength,a=new Uint8Array(o.length+i.length);a.set(o),a.set(i,o.length);const c=await window.crypto.subtle.decrypt({name:_s,iv:t,tagLength:s,additionalData:e},n,a);return(new TextDecoder).decode(c)}catch(e){throw Ni(Pi,"decrypt")}}async function js(){const e=await window.crypto.subtle.generateKey({name:_s,length:256},!0,[qs,Ns]);return window.crypto.subtle.exportKey(xs,e)}async function $s(e){return window.crypto.subtle.importKey(xs,e,Es,!1,["deriveKey"])}async function Js(e,t,r){return window.crypto.subtle.deriveKey({name:Es,salt:t,hash:Ps,info:(new TextEncoder).encode(r)},e,{name:_s,length:256},!1,[qs,Ns])}async function Ws(e,t,r){const n=(new TextEncoder).encode(t),o=window.crypto.getRandomValues(new Uint8Array(16)),i=await Js(e,o,r),s=await window.crypto.subtle.encrypt({name:_s,iv:new Uint8Array(12)},i,n);return{data:ks(new Uint8Array(s)),nonce:ks(o)}}async function Gs(e,t,r,n){const o=Ss(n),i=await Js(e,Ss(t),r),s=await window.crypto.subtle.decrypt({name:_s,iv:new Uint8Array(12)},i,o);return(new TextDecoder).decode(s)}const Vs="storage_not_supported",Qs="stubbed_public_client_application_called",Xs="in_mem_redirect_unavailable";var Ys=Object.freeze({__proto__:null,inMemRedirectUnavailable:Xs,storageNotSupported:Vs,stubbedPublicClientApplicationCalled:Qs});class Zs extends we{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,Zs.prototype)}}function ea(e){return new Zs(e,xi(e))}function ta(){const e=window.location.hash,t=window.location.search;let r,n=!1,o=!1,i="";if(e&&e.length>1){const t="#"===e.charAt(0)?e.substring(1):e,o=new URLSearchParams(t);o.has("state")&&(n=!0,i=t,r=o)}if(t&&t.length>1){const e="?"===t.charAt(0)?t.substring(1):t,n=new URLSearchParams(e);n.has("state")&&(o=!0,i=e,r=n)}if(n&&o){i=`${"?"===t.charAt(0)?t.substring(1):t}${"#"===e.charAt(0)?e.substring(1):e}`,r=new URLSearchParams(i)}if(!i||!r)throw Ni(Oi);const s=r.get("state");if(!s)throw Ni(jo);const{libraryState:a}=An(As,s),{id:c,meta:h}=a;if(!c||!h)throw Ni(Jo,"missing_library_state");return{params:r,payload:i,urlHash:e,urlQuery:t,hasResponseInHash:n,hasResponseInQuery:o,libraryState:{id:c,meta:h}}}function ra(e){e.location.hash="","function"==typeof e.history.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}${e.location.search}`)}function na(e){const t=e.split("#");t.shift(),window.location.hash=t.length>0?t.join("#"):""}function oa(){return window.parent!==window}function ia(){if(oa())return!1;try{const{libraryState:t}=ta(),{meta:r}=t;return r.interactionType===e.InteractionType.Popup}catch(e){return!1}}let sa=null;function aa(e,t){sa&&(e.verbose("18y01k",t),clearTimeout(sa.timeoutId),sa.channel.close(),sa.reject(Ni(Vo)),sa=null)}async function ca(e,t,r,n,o){return new Promise(((i,s)=>{t.verbose("1rf6em",n.correlationId);const a=n.correlationId;o.addFields({redirectBridgeTimeoutMs:e},a);const{libraryState:c}=An(r.base64Decode,n.state||""),h=new BroadcastChannel(c.id);let l;const d=window.setTimeout((()=>{sa=null,h.close(),s(Ni(Ri,"redirect_bridge_timeout"))}),e);sa={timeoutId:d,channel:h,reject:s},h.onmessage=e=>{l=e.data.payload;const t=e?.data&&"number"==typeof e.data.v?e.data.v:void 0;o.addFields({redirectBridgeMessageVersion:t},a),sa=null,clearTimeout(d),h.close(),l?i(l):s(Ni(Zo))}}))}function ha(){return"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function la(){const e=new br(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function da(){if(ar(window.location.hash)&&oa())throw Ni(ti)}function ua(e){if(oa()&&!e)throw Ni(ei)}function ga(){if(ia())throw Ni(ri)}function pa(){if("undefined"==typeof window)throw Ni(ai)}function ma(e){if(!e)throw Ni(Ti)}function fa(e){pa(),da(),ga(),ma(e)}function ya(e,t){if(fa(e),ua(t.system.allowRedirectInIframe),t.cache.cacheLocation===Zi.MemoryStorage)throw ea(Xs)}function wa(e){const t=document.createElement("link");t.rel="preconnect",t.href=new URL(e).origin,t.crossOrigin="anonymous",document.head.appendChild(t),window.setTimeout((()=>{try{document.head.removeChild(t)}catch{}}),1e4)}function Ia(){return Fs()}const Ca=Yt;var va=Object.freeze({__proto__:null,addClientCapabilitiesToClaims:Ca,blockAPICallsBeforeInitialize:ma,blockAcquireTokenInPopups:ga,blockNonBrowserEnvironment:pa,blockRedirectInIframe:ua,blockReloadInHiddenIframes:da,cancelPendingBridgeResponse:aa,clearHash:ra,createGuid:Ia,getCurrentUri:ha,getHomepage:la,invoke:Fn,invokeAsync:Kn,isInIframe:oa,isInPopup:ia,parseAuthResponseFromUrl:ta,preconnect:wa,preflightCheck:fa,redirectPreflightCheck:ya,replaceHash:na,waitForBridgeResponse:ca});const ka="standardInteractionClientGetDiscoveredAuthority",Ta="nativeInteractionClientAcquireToken",ba="acquireTokenBySilentIframe",Aa="initializeBaseRequest",Sa="silentIframeClientTokenHelper",_a="silentHandlerInitiateAuthRequest",Ea="silentHandlerMonitorIframeForHash",Pa="standardInteractionClientCreateAuthCodeClient",Ra="standardInteractionClientGetClientConfiguration",Oa="standardInteractionClientInitializeAuthorizationRequest",Ma="handleResponseEar",xa="handleResponsePlatformBroker",qa="handleResponseCode",Na="deserializeResponse",Ua="removeHiddenIframe",La="generatePkceCodes",Ha="generateHKDF",Da="decrypt",Fa="generateEarKey";class Ka{constructor(){this.dbName=ys,this.version=1,this.tableName=ws,this.dbOpen=!1}async open(){return new Promise(((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",(e=>{e.target.result.createObjectStore(this.tableName)})),r.addEventListener("success",(t=>{const r=t;this.db=r.target.result,this.dbOpen=!0,e()})),r.addEventListener("error",(()=>t(Ni(wi))))}))}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ni(ci));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async setItem(e,t){return await this.validateDbIsOpen(),new Promise(((r,n)=>{if(!this.db)return n(Ni(ci));const o=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);o.addEventListener("success",(()=>{this.closeConnection(),r()})),o.addEventListener("error",(e=>{this.closeConnection(),n(e)}))}))}async removeItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ni(ci));const n=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);n.addEventListener("success",(()=>{this.closeConnection(),t()})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async getKeys(){return await this.validateDbIsOpen(),new Promise(((e,t)=>{if(!this.db)return t(Ni(ci));const r=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();r.addEventListener("success",(t=>{const r=t;this.closeConnection(),e(r.target.result)})),r.addEventListener("error",(e=>{this.closeConnection(),t(e)}))}))}async containsKey(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(Ni(ci));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(1===r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise(((e,t)=>{const r=window.indexedDB.deleteDatabase(ys),n=setTimeout((()=>t(!1)),200);r.addEventListener("success",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("blocked",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("error",(()=>(clearTimeout(n),t(!1))))}))}}class Ba{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)||null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach(((t,r)=>{e.push(r)})),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}decryptData(){return Promise.resolve(null)}}class za{constructor(e){this.inMemoryCache=new Ba,this.indexedDBCache=new Ka,this.logger=e}handleDatabaseAccessError(e,t){if(!(e instanceof qi&&e.errorCode===wi))throw e;this.logger.error("1wx7zz",t)}async getItem(e,t){const r=this.inMemoryCache.getItem(e);if(!r)try{return this.logger.verbose("0naxpl",t),await this.indexedDBCache.getItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}async setItem(e,t,r){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(e){this.handleDatabaseAccessError(e,r)}}async removeItem(e,t){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}}async getKeys(e){const t=this.inMemoryCache.getKeys();if(0===t.length)try{return this.logger.verbose("1iqrbq",e),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t,e)}return t}async containsKey(e,t){const r=this.inMemoryCache.containsKey(e);if(!r)try{return this.logger.verbose("03zl2j",t),await this.indexedDBCache.containsKey(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}clearInMemory(e){this.logger.verbose("03r21p",e),this.inMemoryCache.clear(),this.logger.verbose("0uksk1",e)}async clearPersistent(e){try{this.logger.verbose("0rdqut",e);const t=await this.indexedDBCache.deleteDatabase();return t&&this.logger.verbose("149ouc",e),t}catch(t){return this.handleDatabaseAccessError(t,e),!1}}}class ja{constructor(e,t,r){this.logger=e,function(e){if(!window)throw Ni(ai);if(!window.crypto)throw Ni(Ko);if(!e&&!window.crypto.subtle)throw Ni(Ko,"crypto_subtle_undefined")}(r??!1),this.cache=new za(this.logger),this.performanceClient=t}createNewGuid(){return Fs()}base64Encode(e){return Ts(e)}base64Decode(e){return As(e)}base64UrlEncode(e){return vs(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){const t=this.performanceClient?.startMeasurement("cryptoOptsGetPublicKeyThumbprint",e.correlationId),r=await async function(e,t){return window.crypto.subtle.generateKey(Us,e,t)}(ja.EXTRACTABLE,ja.POP_KEY_USAGES),n=await Ks(r.publicKey),o=$a({e:n.e,kty:n.kty,n:n.n}),i=await this.hashString(o),s=await Ks(r.privateKey),a=await async function(e,t,r){return window.crypto.subtle.importKey("jwk",e,Us,t,r)}(s,!1,["sign"]);return await this.cache.setItem(i,{privateKey:a,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri},e.correlationId),t&&t.end({success:!0}),i}async removeTokenBindingKey(e,t){await this.cache.removeItem(e,t);if(await this.cache.containsKey(e,t))throw be(It)}async clearKeystore(e){this.cache.clearInMemory(e);try{return await this.cache.clearPersistent(e),!0}catch(t){return t instanceof Error?this.logger.error("1owpn8",e):this.logger.error("0yrmwo",e),!1}}async signJwt(e,t,r,n){const o=this.performanceClient?.startMeasurement("cryptoOptsSignJwt",n),i=await this.cache.getItem(t,n||"");if(!i)throw Ni(pi);const s=await Ks(i.publicKey),a=$a(s),c=vs(JSON.stringify({kid:t})),h=vs(qo.getShrHeaderString({...r?.header,alg:s.alg,kid:c}));e.cnf={jwk:JSON.parse(a)};const l=`${h}.${vs(JSON.stringify(e))}`,d=(new TextEncoder).encode(l),u=await async function(e,t){return window.crypto.subtle.sign(Us,e,t)}(i.privateKey,d),g=`${l}.${ks(new Uint8Array(u))}`;return o&&o.end({success:!0}),g}async hashString(e){return async function(e){const t=await Ls(e);return ks(new Uint8Array(t))}(e)}}function $a(e){return JSON.stringify(e,Object.keys(e).sort())}ja.POP_KEY_USAGES=["sign","verify"],ja.EXTRACTABLE=!0;const Ja="acquireTokenSilent",Wa="acquireTokenByCode",Ga="acquireTokenPopup",Va="acquireTokenPreRedirect",Qa="acquireTokenRedirect",Xa="ssoSilent",Ya="initializeClientApplication",Za="localStorageUpdated",ec="loadExternalTokens";var tc=Object.freeze({__proto__:null,AcquireTokenByCode:Wa,AcquireTokenPopup:Ga,AcquireTokenPreRedirect:Va,AcquireTokenRedirect:Qa,AcquireTokenSilent:Ja,InitializeClientApplication:Ya,LoadExternalTokens:ec,LocalStorageUpdated:Za,SsoSilent:Xa});const rc="msal",nc="browser",oc=`${rc}.${nc}.log.level`,ic=`${rc}.${nc}.log.pii`,sc=`${rc}.${nc}.performance.enabled`,ac=`${rc}.${nc}.platform.auth.dom`,cc=`${rc}.version`,hc="account.keys",lc="token.keys";function dc(e=2){return e<1?`${rc}.${hc}`:`${rc}.${e}.${hc}`}function uc(e,t=2){return t<1?`${rc}.${lc}.${e}`:`${rc}.${t}.${lc}.${e}`}const gc=864e5,pc="Lax",mc="None";class fc{initialize(){return Promise.resolve()}getItem(e){const t=`${encodeURIComponent(e)}`,r=document.cookie.split(";");for(let e=0;e<r.length;e++){const n=r[e],[o,...i]=decodeURIComponent(n).trim().split("="),s=i.join("=");if(o===t)return s}return""}getUserData(){throw be(bt)}setItem(e,t,r,n=!0,o=pc){let i=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${o};`;if(r){const e=function(e){const t=new Date,r=new Date(t.getTime()+e*gc);return r.toUTCString()}(r);i+=`expires=${e};`}(n||o===mc)&&(i+="Secure;"),document.cookie=i}async setUserData(){return Promise.reject(be(bt))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach((e=>{const r=decodeURIComponent(e).trim().split("=");t.push(r[0])})),t}containsKey(e){return this.getKeys().includes(e)}decryptData(){return Promise.resolve(null)}}function yc(e,t){const r=e.getItem(dc(t));return r?JSON.parse(r):[]}function wc(e,t,r){const n=t.getItem(uc(e,r));if(n){const e=JSON.parse(n);if(e&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("accessToken")&&e.hasOwnProperty("refreshToken"))return e}return{idToken:[],accessToken:[],refreshToken:[]}}function Ic(e){return e.hasOwnProperty("id")&&e.hasOwnProperty("nonce")&&e.hasOwnProperty("data")}const Cc="msal.cache.encryption";class vc{constructor(e,t,r){if(!window.localStorage)throw ea(Vs);this.memoryStorage=new Ba,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel("msal.broadcast.cache")}async initialize(e){const t=new fc,r=t.getItem(Cc);let n={key:"",id:""};if(r)try{n=JSON.parse(r)}catch(e){}if(n.key&&n.id){const t=Fn(Ss,"base64Decode",this.logger,this.performanceClient,e)(n.key);this.encryptionCookie={id:n.id,key:await Kn($s,Ha,this.logger,this.performanceClient,e)(t)}}else{const r=Fs(),n=await Kn(js,"generateBaseKey",this.logger,this.performanceClient,e)(),o=Fn(ks,"urlEncodeArr",this.logger,this.performanceClient,e)(new Uint8Array(n));this.encryptionCookie={id:r,key:await Kn($s,Ha,this.logger,this.performanceClient,e)(n)};const i={id:r,key:o};t.setItem(Cc,JSON.stringify(i),0,!0,mc)}await Kn(this.importExistingCache.bind(this),"importExistingCache",this.logger,this.performanceClient,e)(e),this.broadcast.addEventListener("message",(t=>{this.updateCache(t,e)})),this.initialized=!0}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw Ni(Ti);return this.memoryStorage.getItem(e)}async decryptData(e,t,r){if(!this.initialized||!this.encryptionCookie)throw Ni(Ti);if(t.id!==this.encryptionCookie.id)return this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},r),null;const n=await Kn(Gs,Da,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t.nonce,this.getContext(e),t.data);if(!n)return null;try{return{...JSON.parse(n),lastUpdatedAt:t.lastUpdatedAt}}catch(e){return this.performanceClient.incrementFields({encryptedCacheCorruptionCount:1},r),null}}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r,n,o){if(!this.initialized||!this.encryptionCookie)throw Ni(Ti);if(o)this.setItem(e,t);else{const{data:o,nonce:i}=await Kn(Ws,"encrypt",this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:o,lastUpdatedAt:n};this.setItem(e,JSON.stringify(s))}this.memoryStorage.setItem(e,t),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear();yc(this).forEach((e=>this.removeItem(e)));const e=wc(this.clientId,this);e.idToken.forEach((e=>this.removeItem(e))),e.accessToken.forEach((e=>this.removeItem(e))),e.refreshToken.forEach((e=>this.removeItem(e))),this.getKeys().forEach((e=>{(e.startsWith(rc)||-1!==e.indexOf(this.clientId))&&this.removeItem(e)}))}async importExistingCache(e){if(!this.encryptionCookie)return;let t=yc(this);t=await this.importArray(t,e),t.length?this.setItem(dc(),JSON.stringify(t)):this.removeItem(dc());const r=wc(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),r.idToken.length||r.accessToken.length||r.refreshToken.length?this.setItem(uc(this.clientId),JSON.stringify(r)):this.removeItem(uc(this.clientId))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let n;try{n=JSON.parse(r)}catch(e){return null}return Ic(n)?n.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):(this.performanceClient.incrementFields({encryptedCacheCount:1},t),Kn(Gs,Da,this.logger,this.performanceClient,t)(this.encryptionCookie.key,n.nonce,this.getContext(e),n.data)):(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),r)}async importArray(e,t){const r=[],n=[];return e.forEach((e=>{const o=this.getItemFromEncryptedCache(e,t).then((t=>{t?(this.memoryStorage.setItem(e,t),r.push(e)):this.removeItem(e)}));n.push(o)})),await Promise.all(n),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e,t){this.logger.trace("17cxcm",t);const r=this.performanceClient.startMeasurement(Za);r.add({isBackground:!0});const{key:n,value:o,context:i}=e.data;return n?i&&i!==this.clientId?(this.logger.trace("04rtdy",t),void r.end({success:!1,errorCode:"contextMismatch"})):(o?(this.memoryStorage.setItem(n,o),this.logger.verbose("1vzsgt",t)):(this.memoryStorage.removeItem(n),this.logger.verbose("04ypih",t)),void r.end({success:!0})):(this.logger.error("0e10qr",t),void r.end({success:!1,errorCode:"noKey"}))}}class kc{constructor(){if(!window.sessionStorage)throw ea(Vs)}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}decryptData(){return Promise.resolve(null)}}const Tc={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_SUCCESS:"msal:loginSuccess",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",BROKERED_REQUEST_START:"msal:brokeredRequestStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",BROKERED_REQUEST_SUCCESS:"msal:brokeredRequestSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",BROKERED_REQUEST_FAILURE:"msal:brokeredRequestFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache",BROKER_CONNECTION_ESTABLISHED:"msal:brokerConnectionEstablished"},bc="@azure/msal-browser",Ac="5.6.2";function Sc(e,t){const r=e.indexOf(t);r>-1&&e.splice(r,1)}class _c extends $r{constructor(e,t,r,n,o,i,s){super(e,r,n,o,s),this.cacheConfig=t,this.logger=n,this.internalStorage=new Ba,this.browserStorage=Ec(e,t.cacheLocation,n,o),this.temporaryCacheStorage=Ec(e,Zi.SessionStorage,n,o),this.cookieStorage=new fc,this.eventHandler=i}async initialize(e){this.performanceClient.addFields({cacheLocation:this.cacheConfig.cacheLocation,cacheRetentionDays:this.cacheConfig.cacheRetentionDays},e),await this.browserStorage.initialize(e),await this.migrateExistingCache(e),this.trackVersionChanges(e)}async migrateExistingCache(e){let t=yc(this.browserStorage),r=wc(this.clientId,this.browserStorage);this.performanceClient.addFields({preMigrateAcntCount:t.length,preMigrateATCount:r.accessToken.length,preMigrateITCount:r.idToken.length,preMigrateRTCount:r.refreshToken.length},e);for(let t=0;t<2;t++){const r=t;await this.removeStaleAccounts(t,r,e)}for(let t=0;t<2;t++){const r=t;await this.migrateIdTokens(t,r,e)}const n=this.getKMSIValues();for(let t=0;t<2;t++)await this.migrateAccessTokens(t,n,e),await this.migrateRefreshTokens(t,n,e);t=yc(this.browserStorage),r=wc(this.clientId,this.browserStorage),this.performanceClient.addFields({postMigrateAcntCount:t.length,postMigrateATCount:r.accessToken.length,postMigrateITCount:r.idToken.length,postMigrateRTCount:r.refreshToken.length},e)}async updateOldEntry(e,t){const r=this.browserStorage.getItem(e),n=this.validateAndParseJson(r||"");if(!n)return this.browserStorage.removeItem(e),null;if(n.lastUpdatedAt){if(Rn(n.lastUpdatedAt,this.cacheConfig.cacheRetentionDays))return this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null}else n.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(n),t);const o=Ic(n)?await this.browserStorage.decryptData(e,n,t):n;return o&&Gn(o)?(Vn(o)||Qn(o))&&o.expiresOn&&Pn(o.expiresOn,300)?(this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null):o:(this.performanceClient.incrementFields({invalidCacheCount:1},t),null)}async removeStaleAccounts(e,t,r){const n=yc(this.browserStorage,e);if(0!==n.length){for(const e of[...n]){this.performanceClient.incrementFields({oldAcntCount:1},r);const o=this.browserStorage.getItem(e),i=this.validateAndParseJson(o||"");i?i.lastUpdatedAt?Rn(i.lastUpdatedAt,this.cacheConfig.cacheRetentionDays)&&(await this.removeAccountOldSchema(e,i,t,r),Sc(n,e)):(i.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(i),r)):Sc(n,e)}this.setAccountKeys(n,r,e)}}async removeAccountOldSchema(e,t,r,n){const o=Ic(t)?await this.browserStorage.decryptData(e,t,n):t,i=o?.homeAccountId;if(i){const e=this.getTokenKeys(r);[...e.idToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Sc(e.idToken,t)})),[...e.accessToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Sc(e.accessToken,t)})),[...e.refreshToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Sc(e.refreshToken,t)})),this.setTokenKeys(e,n,r)}this.performanceClient.incrementFields({expiredAcntRemovedCount:1},n),this.browserStorage.removeItem(e)}getKMSIValues(){const e={},t=this.getTokenKeys().idToken;for(const r of t){const t=this.browserStorage.getUserData(r);if(t){const r=JSON.parse(t),n=vr(r.secret,As);n&&(e[r.homeAccountId]=kr(n))}}return e}async migrateIdTokens(e,t,r){const n=wc(this.clientId,this.browserStorage,e);if(0===n.idToken.length)return;const o=wc(this.clientId,this.browserStorage,2),i=yc(this.browserStorage),s=yc(this.browserStorage,t);for(const e of[...n.idToken]){this.performanceClient.incrementFields({oldITCount:1},r);const t=await this.updateOldEntry(e,r);if(!t){Sc(n.idToken,e);continue}const a=i.find((e=>e.includes(t.homeAccountId))),c=s.find((e=>e.includes(t.homeAccountId)));let h=null;if(a)h=this.getAccount(a,r);else if(c){const e=this.browserStorage.getItem(c),t=this.validateAndParseJson(e||"");h=t&&Ic(t)?await this.browserStorage.decryptData(c,t,r):t}if(!h){this.performanceClient.incrementFields({skipITMigrateCount:1},r);continue}const l=vr(t.secret,As),d=this.generateCredentialKey(t),u=this.getIdTokenCredential(d,r),g=Object.keys(l).includes("signin_state"),p=u&&Object.keys(vr(u.secret,As)||{}).includes("signin_state");if(!u||t.lastUpdatedAt>u.lastUpdatedAt&&(g||!p)){const e=h.tenantProfiles||[],n=Fr(l)||h.realm;if(n&&!e.find((e=>e.tenantId===n))){const t=Ir(h.homeAccountId,h.localAccountId,n,l);e.push(t)}h.tenantProfiles=e;const s=this.generateAccountKey(Br(h)),a=kr(l);await this.setUserData(s,JSON.stringify(h),r,h.lastUpdatedAt,a),i.includes(s)||i.push(s),await this.setUserData(d,JSON.stringify(t),r,t.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedITCount:1},r),o.idToken.push(d)}}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r),this.setAccountKeys(i,r)}async migrateAccessTokens(e,t,r){const n=wc(this.clientId,this.browserStorage,e);if(0===n.accessToken.length)return;const o=wc(this.clientId,this.browserStorage,2);for(const e of[...n.accessToken]){this.performanceClient.incrementFields({oldATCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){Sc(n.accessToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipATMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.accessToken.includes(s)){const e=this.getAccessTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r),o.accessToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}async migrateRefreshTokens(e,t,r){const n=wc(this.clientId,this.browserStorage,e);if(0===n.refreshToken.length)return;const o=wc(this.clientId,this.browserStorage,2);for(const e of[...n.refreshToken]){this.performanceClient.incrementFields({oldRTCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){Sc(n.refreshToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipRTMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.refreshToken.includes(s)){const e=this.getRefreshTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r),o.refreshToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}trackVersionChanges(e){const t=this.browserStorage.getItem(cc);t&&(this.logger.info("1wuc87",e),this.performanceClient.addFields({previousLibraryVersion:t},e)),t!==Ac&&this.setItem(cc,Ac,e)}validateAndParseJson(e){if(!e)return null;try{const t=JSON.parse(e);return t&&"object"==typeof t?t:null}catch(e){return null}}setItem(e,t,r){const n=new Array(3).fill(0),o=[];for(let i=0;i<=20;i++)try{if(this.browserStorage.setItem(e,t),i>0)for(let e=0;e<=2;e++){const t=n.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=i)break;const s=i>t+n[e]?t+n[e]:i;i>t&&n[e]>0&&this.removeAccessTokenKeys(o.slice(t,s),r,e)}break}catch(s){const a=xr(s);if(!(a.errorCode===Or&&i<20))throw a;if(!o.length)for(let r=0;r<=2;r++)if(e===uc(this.clientId,r)){const e=JSON.parse(t).accessToken;o.push(...e),n[r]=e.length}else{const e=this.getTokenKeys(r).accessToken;o.push(...e),n[r]=e.length}if(o.length<=i)throw a;this.removeAccessToken(o[i],r,!1)}}async setUserData(e,t,r,n,o){const i=new Array(3).fill(0),s=[];for(let a=0;a<=20;a++)try{if(await Kn(this.browserStorage.setUserData.bind(this.browserStorage),"setUserData",this.logger,this.performanceClient,r)(e,t,r,n,o),a>0)for(let e=0;e<=2;e++){const t=i.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=a)break;const n=a>t+i[e]?t+i[e]:a;a>t&&i[e]>0&&this.removeAccessTokenKeys(s.slice(t,n),r,e)}break}catch(e){const t=xr(e);if(!(t.errorCode===Or&&a<20))throw t;if(!s.length)for(let e=0;e<=2;e++){const t=this.getTokenKeys(e).accessToken;s.push(...t),i[e]=t.length}if(s.length<=a)throw t;this.removeAccessToken(s[a],r,!1)}}getAccount(e,t){this.logger.trace("1lfvm6",t);const r=this.browserStorage.getUserData(e);if(!r)return this.removeAccountKeyFromMap(e,t),null;const n=this.validateAndParseJson(r);if(!(n&&(o=n,o&&o.hasOwnProperty("homeAccountId")&&o.hasOwnProperty("environment")&&o.hasOwnProperty("realm")&&o.hasOwnProperty("localAccountId")&&o.hasOwnProperty("username")&&o.hasOwnProperty("authorityType"))))return null;var o;const i=$r.toObject({},n);var s;return this.performanceClient.addFields({accountCachedBy:(s=i.cachedByApiId,"number"==typeof s&&s in gs?gs[s]:"unknown")},t),i}async setAccount(e,t,r,n){this.logger.trace("1bz3wr",t);const o=this.generateAccountKey(Br(e)),i=Date.now().toString();e.lastUpdatedAt=i,e.cachedByApiId=n,await this.setUserData(o,JSON.stringify(e),t,i,r),this.addAccountKeyToMap(o,t),this.performanceClient.addFields({kmsi:r},t)}setAccountKeys(e,t,r=2){0===e.length?this.removeItem(dc(r)):this.setItem(dc(r),JSON.stringify(e),t)}getAccountKeys(){return yc(this.browserStorage)}addAccountKeyToMap(e,t){this.logger.trace("0rb85k",t),this.logger.tracePii("1l9bdo",t);const r=this.getAccountKeys();return-1===r.indexOf(e)?(r.push(e),this.setItem(dc(),JSON.stringify(r),t),this.logger.verbose("0xia39",t),!0):(this.logger.verbose("0161kk",t),!1)}removeAccountKeyFromMap(e,t){this.logger.trace("1jpigu",t),this.logger.tracePii("1xzspl",t);const r=this.getAccountKeys(),n=r.indexOf(e);n>-1?(r.splice(n,1),this.setAccountKeys(r,t)):this.logger.trace("1dytu2",t)}removeAccount(e,t){const r=this.getActiveAccount(t);r?.homeAccountId===e.homeAccountId&&r?.environment===e.environment&&this.setActiveAccount(null,t),super.removeAccount(e,t),this.removeAccountKeyFromMap(this.generateAccountKey(e),t),this.browserStorage.getKeys().forEach((t=>{t.includes(e.homeAccountId)&&t.includes(e.environment)&&this.browserStorage.removeItem(t)}))}removeIdToken(e,t){super.removeIdToken(e,t);const r=this.getTokenKeys(),n=r.idToken.indexOf(e);n>-1&&(this.logger.info("05udv9",t),r.idToken.splice(n,1),this.setTokenKeys(r,t))}removeAccessToken(e,t,r=!0){super.removeAccessToken(e,t),r&&this.removeAccessTokenKeys([e],t)}removeAccessTokenKeys(e,t,r=2){this.logger.trace("17o18n",t);const n=this.getTokenKeys(r);let o=0;if(e.forEach((e=>{const t=n.accessToken.indexOf(e);t>-1&&(n.accessToken.splice(t,1),o++)})),o>0)return this.logger.info("15i5d5",t),void this.setTokenKeys(n,t,r)}removeRefreshToken(e,t){super.removeRefreshToken(e,t);const r=this.getTokenKeys(),n=r.refreshToken.indexOf(e);n>-1&&(this.logger.info("1f4fq3",t),r.refreshToken.splice(n,1),this.setTokenKeys(r,t))}getTokenKeys(e=2){return wc(this.clientId,this.browserStorage,e)}setTokenKeys(e,t,r=2){0!==e.idToken.length||0!==e.accessToken.length||0!==e.refreshToken.length?this.setItem(uc(this.clientId,r),JSON.stringify(e),t):this.removeItem(uc(this.clientId,r))}getIdTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("1jukz6",t),this.removeIdToken(e,t),null;const n=this.validateAndParseJson(r);return n&&((o=n)&&Gn(o)&&o.hasOwnProperty("realm")&&o.credentialType===L.ID_TOKEN)?(this.logger.trace("01ju66",t),n):(this.logger.trace("1jukz6",t),null);var o}async setIdTokenCredential(e,t,r){this.logger.trace("13hjll",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.idToken.indexOf(n)&&(this.logger.info("07jy92",t),i.idToken.push(n),this.setTokenKeys(i,t))}getAccessTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0bqvx8",t),this.removeAccessTokenKeys([e],t),null;const n=this.validateAndParseJson(r);return n&&Vn(n)?(this.logger.trace("1o81rl",t),n):(this.logger.trace("0bqvx8",t),null)}async setAccessTokenCredential(e,t,r){this.logger.trace("1pondb",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys(),s=i.accessToken.indexOf(n);-1!==s&&i.accessToken.splice(s,1),this.logger.trace("1onhey",t),i.accessToken.push(n),this.setTokenKeys(i,t)}getRefreshTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0jlizt",t),this.removeRefreshToken(e,t),null;const n=this.validateAndParseJson(r);return n&&Qn(n)?(this.logger.trace("0nokxi",t),n):(this.logger.trace("0jlizt",t),null)}async setRefreshTokenCredential(e,t,r){this.logger.trace("0tcg8d",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.refreshToken.indexOf(n)&&(this.logger.info("0eckjs",t),i.refreshToken.push(n),this.setTokenKeys(i,t))}getAppMetadata(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1q101h",t),null;const n=this.validateAndParseJson(r);return n&&(o=e,(i=n)&&0===o.indexOf(H)&&i.hasOwnProperty("clientId")&&i.hasOwnProperty("environment"))?(this.logger.trace("19pvg2",t),n):(this.logger.trace("1q101h",t),null);var o,i}setAppMetadata(e,t){this.logger.trace("0cyma6",t);const r=function({environment:e,clientId:t}){return[H,e,t].join("-").toLowerCase()}(e);this.setItem(r,JSON.stringify(e),t)}getServerTelemetry(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("0jk19c",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){const r=0===e.indexOf(J);let n=!0;return t&&(n=t.hasOwnProperty("failedRequests")&&t.hasOwnProperty("errors")&&t.hasOwnProperty("cacheHits")),r&&n}(e,n)?(this.logger.trace("12jguk",t),n):(this.logger.trace("0jk19c",t),null)}setServerTelemetry(e,t,r){this.logger.trace("1poh61",r),this.setItem(e,JSON.stringify(t),r)}getAuthorityMetadata(e,t){const r=this.internalStorage.getItem(e);if(!r)return this.logger.trace("1r39oe",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){return!!t&&0===e.indexOf(F)&&t.hasOwnProperty("aliases")&&t.hasOwnProperty("preferred_cache")&&t.hasOwnProperty("preferred_network")&&t.hasOwnProperty("canonical_authority")&&t.hasOwnProperty("authorization_endpoint")&&t.hasOwnProperty("token_endpoint")&&t.hasOwnProperty("issuer")&&t.hasOwnProperty("aliasesFromNetwork")&&t.hasOwnProperty("endpointsFromNetwork")&&t.hasOwnProperty("expiresAt")&&t.hasOwnProperty("jwks_uri")}(e,n)?(this.logger.trace("1ohvk3",t),n):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter((e=>this.isAuthorityMetadata(e)))}setWrapperMetadata(e,t){this.internalStorage.setItem(ls,e),this.internalStorage.setItem(ds,t)}getWrapperMetadata(){return[this.internalStorage.getItem(ls)||"",this.internalStorage.getItem(ds)||""]}setAuthorityMetadata(e,t,r){this.logger.trace("07w8n2",r),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(e){const t=this.generateCacheKey(b),r=this.browserStorage.getItem(t);if(!r)return this.logger.trace("08gw0e",e),null;const n=this.validateAndParseJson(r);return n?(this.logger.trace("1t3ch7",e),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId},e)):(this.logger.trace("0me1up",e),null)}setActiveAccount(e,t){const r=this.generateCacheKey(b);if(e){this.logger.verbose("0rsj80",t);const n={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.setItem(r,JSON.stringify(n),t)}else this.logger.verbose("1bp5z5",t),this.browserStorage.removeItem(r);this.eventHandler.emitEvent(Tc.ACTIVE_ACCOUNT_CHANGED,t)}getThrottlingCache(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1h4wa6",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){let r=!1;e&&(r=0===e.indexOf(V));let n=!0;return t&&(n=t.hasOwnProperty("throttleTime")),r&&n}(e,n)?(this.logger.trace("0of6n8",t),n):(this.logger.trace("1h4wa6",t),null)}setThrottlingCache(e,t,r){this.logger.trace("0wfgh6",r),this.setItem(e,JSON.stringify(t),r)}getTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e,o=this.temporaryCacheStorage.getItem(n);if(!o){if(this.cacheConfig.cacheLocation===Zi.LocalStorage){const e=this.browserStorage.getItem(n);if(e)return this.logger.trace("1yt61y",t),e}return this.logger.trace("1qhy81",t),null}return o}setTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(n,t)}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e)}getKeys(){return this.browserStorage.getKeys()}clear(e){this.removeAllAccounts(e),this.removeAppMetadata(e),this.temporaryCacheStorage.getKeys().forEach((e=>{-1===e.indexOf(rc)&&-1===e.indexOf(this.clientId)||this.removeTemporaryItem(e)})),this.browserStorage.getKeys().forEach((e=>{-1===e.indexOf(rc)&&-1===e.indexOf(this.clientId)||this.browserStorage.removeItem(e)})),this.internalStorage.clear()}generateCacheKey(e){return ke.startsWith(e,rc)?e:`${rc}.${this.clientId}.${e}`}generateCredentialKey(e){const t=e.credentialType===L.REFRESH_TOKEN&&e.familyId||e.clientId,r=e.tokenType&&e.tokenType.toLowerCase()!==G.BEARER.toLowerCase()?e.tokenType.toLowerCase():"";return[`${rc}.2`,e.homeAccountId,e.environment,e.credentialType,t,e.realm||"",e.target||"",r].join("|").toLowerCase()}generateAccountKey(e){const t=e.homeAccountId.split(".")[1];return[`${rc}.2`,e.homeAccountId,e.environment,t||e.tenantId||""].join("|").toLowerCase()}resetRequestCache(e){this.logger.trace("0h0ynu",e),this.removeTemporaryItem(this.generateCacheKey(ss)),this.removeTemporaryItem(this.generateCacheKey(as)),this.removeTemporaryItem(this.generateCacheKey(os)),this.removeTemporaryItem(this.generateCacheKey(is)),this.removeTemporaryItem(this.generateCacheKey(hs)),this.setInteractionInProgress(!1,void 0)}cacheAuthorizeRequest(e,t,r){this.logger.trace("1tzef5",t);const n=Ts(JSON.stringify(e));if(this.setTemporaryCache(ss,n,!0),r){const e=Ts(r);this.setTemporaryCache(as,e,!0)}}getCachedRequest(e){this.logger.trace("0uen20",e);const t=this.getTemporaryCache(ss,e,!0);if(!t)throw Ni(ii);const r=this.getTemporaryCache(as,e,!0);let n,o="";try{n=JSON.parse(As(t)),r&&(o=As(r))}catch(t){throw this.logger.errorPii("0ewsey",e),this.logger.error("0tvdic",e),Ni(si)}return[n,o]}getCachedNativeRequest(){this.logger.trace("1yxcdm","");const e=this.getTemporaryCache(hs,"",!0);if(!e)return this.logger.trace("0mnxd4",""),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("0rrkip",""),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress()?.clientId;return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${rc}.${cs}`,t=this.getTemporaryCache(e,"",!1);try{return t?JSON.parse(t):null}catch(t){return this.logger.error("0jjyys",""),this.removeTemporaryItem(e),this.resetRequestCache(""),ra(window),null}}setInteractionInProgress(e,t=rs,r=!1,n=""){const o=`${rc}.${cs}`;if(e){if(this.getInteractionInProgress()){if(!r)throw Ni(Go);this.logger.warning("1pmscr",n),aa(this.logger,n),this.removeTemporaryItem(o)}this.setTemporaryCache(o,JSON.stringify({clientId:this.clientId,type:t}),!1)}else e||this.getInteractionInProgress()?.clientId!==this.clientId||this.removeTemporaryItem(o)}async hydrateCache(e,t){const r=$n(e.account.homeAccountId,e.account.environment,e.idToken,this.clientId,e.tenantId),n=Jn(e.account.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?_n(e.expiresOn):0,e.extExpiresOn?_n(e.extExpiresOn):0,As,void 0,e.tokenType,void 0,t.sshKid);t.resource&&(n.resource=t.resource);const o={idToken:r,accessToken:n};return this.saveCacheRecord(o,e.correlationId,kr(vr(e.idToken,As)),us.hydrateCache)}async saveCacheRecord(e,t,r,n,o){try{await super.saveCacheRecord(e,t,r,n,o)}catch(e){if(e instanceof Mr&&this.performanceClient&&t)try{const e=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:e.refreshToken.length,cacheIdCount:e.idToken.length,cacheAtCount:e.accessToken.length},t)}catch(e){}throw e}}}function Ec(e,t,r,n){try{switch(t){case Zi.LocalStorage:return new vc(e,r,n);case Zi.SessionStorage:return new kc}}catch(e){r.error(e,"")}return new Ba}const Pc=(e,t,r,n)=>new _c(e,{cacheLocation:Zi.MemoryStorage,cacheRetentionDays:5},lr,t,r,n);function Rc(e,t,r,n,o){return e.verbose("1yd030",n),r?t.getAllAccounts(o,n):[]}function Oc(e,t,r,n){t.trace("0u7b90",n);const o=r.getAccountInfoFilteredBy(e,n);return o?(t.verbose("0btgll",n),o):(t.verbose("0ltaj5",n),null)}function Mc(e,t,r){t.setActiveAccount(e,r)}function xc(e,t){return e.getActiveAccount(t)}class qc{constructor(e){this.eventCallbacks=new Map,this.logger=e||new pr({}),"undefined"!=typeof BroadcastChannel&&(this.broadcastChannel=new BroadcastChannel("msal.broadcast.event")),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if("undefined"!=typeof window){const n=r||Ia();return this.eventCallbacks.has(n)?(this.logger.error("1578i0",""),null):(this.eventCallbacks.set(n,[e,t||[]]),this.logger.verbose("1cnec4",""),n)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose("12zotd","")}emitEvent(e,t,r,n,o){const i={eventType:e,interactionType:r||null,payload:n||null,error:o||null,correlationId:t,timestamp:Date.now()};switch(e){case Tc.LOGIN_SUCCESS:case Tc.LOGOUT_SUCCESS:case Tc.ACTIVE_ACCOUNT_CHANGED:this.broadcastChannel?.postMessage(i)}this.invokeCallbacks(i)}invokeCallbacks(e){this.eventCallbacks.forEach((([t,r],n)=>{(0===r.length||r.includes(e.eventType))&&(this.logger.verbose("15jpwk",""),t.apply(null,[e]))}))}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){this.broadcastChannel?.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){this.broadcastChannel?.removeEventListener("message",this.invokeCrossTabCallbacks)}}class Nc{constructor(e,t,r,n,o,i,s,a,c){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=o,this.navigationClient=i,this.platformAuthProvider=c,this.correlationId=a,this.logger=n.clone(Fi,Ac),this.performanceClient=s}}function Uc(e,t,r,n){r.verbose("0bd1la",n);const o=e||t||"";return br.getAbsoluteUrl(o,ha())}function Lc(e,t,r,n,o,i){o.verbose("1p12tq",r);const s={clientId:t,correlationId:r,apiId:e,forceRefresh:!1,wrapperSKU:n.getWrapperMetadata()[0],wrapperVer:n.getWrapperMetadata()[1]};return new Oo(s,n)}async function Hc(e,t,r,n,o,i,s,a,c){const h=a&&a.hasOwnProperty("instance_aware")?a.instance_aware:void 0,l={protocolMode:e.system.protocolMode,OIDCOptions:e.auth.OIDCOptions,knownAuthorities:e.auth.knownAuthorities,cloudDiscoveryMetadata:e.auth.cloudDiscoveryMetadata,authorityMetadata:e.auth.authorityMetadata},d=i||e.auth.authority,u=h?.length?"true"===h:e.auth.instanceAware,g=c&&u?e.auth.authority.replace(br.getDomainFromUrl(d),c.environment):d,p=mo.generateAuthority(g,s||e.auth.azureCloudOptions),m=await Kn(wo,"authorityFactoryCreateDiscoveredInstance",o,r,t)(p,e.system.networkClient,n,l,o,t,r);if(c&&!m.isAlias(c.environment))throw ve(ze);return m}async function Dc(e,t,r,n,o){if(o)try{e.removeAccount(o,n),r.verbose("0s4z6h",n)}catch(e){r.error("0mgg1d",n)}else try{r.verbose("0zj631",n),e.clear(n),await t.clearKeystore(n)}catch(e){r.error("12ih0c",n)}}async function Fc(e,t,r,n,o){const i=e.authority||t.auth.authority,s=[...e&&e.scopes||[]],a={...e,correlationId:e.correlationId,authority:i,scopes:s};if(a.authenticationScheme){if(a.authenticationScheme===G.SSH){if(!e.sshJwk)throw ve(Le);if(!e.sshKid)throw ve(He)}n.verbose("1ecmns",o)}else a.authenticationScheme=G.BEARER,n.verbose("1l4fwv",o);return a}async function Kc(e,t,r,n,o){const i=await Kn(Fc,Aa,o,n,e.correlationId)(e,r,n,o,e.correlationId);return{...e,...i,account:t,forceRefresh:e.forceRefresh||!1}}function Bc(e,t){let r;const n=e.httpMethod;if(t===Kr.EAR){if(n&&n!==g)throw ve(je);r=g}else r=n||u;return r}class zc extends Nc{initializeLogoutRequest(e){this.logger.verbose("0546u4",this.correlationId);const t={correlationId:this.correlationId,...e};if(e)if(e.logoutHint)this.logger.verbose("12k4l4",this.correlationId);else if(e.account){const r=this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("0st5di",this.correlationId),t.logoutHint=r)}else this.logger.verbose("0pdtc3",this.correlationId);else this.logger.verbose("07ndze",this.correlationId);return e&&null===e.postLogoutRedirectUri?this.logger.verbose("0ljv63",t.correlationId):e&&e.postLogoutRedirectUri?(this.logger.verbose("1vamm6",t.correlationId),t.postLogoutRedirectUri=br.getAbsoluteUrl(e.postLogoutRedirectUri,ha())):null===this.config.auth.postLogoutRedirectUri?this.logger.verbose("15m5g7",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("1f4xlz",t.correlationId),t.postLogoutRedirectUri=br.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,ha())):(this.logger.verbose("17s5rf",t.correlationId),t.postLogoutRedirectUri=br.getAbsoluteUrl(ha(),ha())),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("0mvp54",this.correlationId)}else this.logger.verbose("1e7bdp",this.correlationId);return null}async createAuthCodeClient(e){const t=await Kn(this.getClientConfiguration.bind(this),Ra,this.logger,this.performanceClient,this.correlationId)(e);return new Io(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:r,requestAzureCloudOptions:n,requestExtraQueryParameters:o,account:i}=e,s=e.authority||await Kn(Hc,ka,this.logger,this.performanceClient,this.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:s,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri,isMcp:this.config.auth.isMcp},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:a.loggerCallback,piiLoggingEnabled:a.piiLoggingEnabled,logLevel:a.logLevel,correlationId:this.correlationId},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:Fi,version:Ac,cpu:"",os:""},telemetry:this.config.telemetry}}}async function jc(e,t,r,n,o,i,s,a){const c=Uc(e.redirectUri,r.auth.redirectUri,i,a);new URL(c).origin!==new URL(window.location.href).origin&&(i.warning("08qbvw",a),s.addFields({isRedirectUriCrossOrigin:!0},a));const h={interactionType:t},l=bn(n,e&&e.state||"",h),d={...await Kn(Fc,Aa,i,s,a)({...e,correlationId:a},r,s,i,a),redirectUri:c,state:l,nonce:e.nonce||Fs(),responseMode:r.auth.OIDCOptions.responseMode},u={...d,httpMethod:Bc(d,r.system.protocolMode)};if(e.loginHint||e.sid)return u;const g=e.account||o.getActiveAccount(a);return g&&(i.verbose("1eqlb3",a),i.verbosePii("0tf99t",a),u.account=g),u}function $c(e,t,r,n){const o=ar(e);if(!o)throw sr(e)?(r.error("13pl0s",n),r.errorPii("1097vx",n),Ni($o)):(r.error("18h0l1",n),Ni(zo));return o}function Jc(e,t,r){if(!e.state)throw Ni(jo);const n=function(e,t){if(!t)return null;try{return An(e.base64Decode,t).libraryState.meta}catch(e){throw be(et)}}(t,e.state);if(!n)throw Ni(Jo);if(n.interactionType!==r)throw Ni(Wo)}class Wc{constructor(e,t,r,n,o){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=n,this.performanceClient=o}async handleCodeResponse(e,t,r){let n;try{n=function(e,t){if(Ao(e,t),!e.code)throw be(wt);return e}(e,t.state)}catch(e){throw e instanceof cn&&e.subError===Yo?Ni(Yo):e}return Kn(this.handleCodeResponseFromServer.bind(this),Nn,this.logger,this.performanceClient,t.correlationId)(n,t,r)}async handleCodeResponseFromServer(e,t,r,n=!0){if(this.logger.trace("0mf2hb",t.correlationId),this.authCodeRequest.code=e.code,n&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const e=this.createCcsCredentials(t);e&&(this.authCodeRequest.ccsCredential=e)}return await Kn(this.authModule.acquireToken.bind(this.authModule),"authClientAcquireToken",this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,r,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:no}:e.loginHint?{credential:e.loginHint,type:oo}:null}}class Gc extends we{constructor(e,t,r){super(e,t||xi(e)),Object.setPrototypeOf(this,Gc.prototype),this.name="NativeAuthError",this.ext=r}}function Vc(e){if(e.ext&&e.ext.status&&("PERSISTENT_ERROR"===e.ext.status||"DISABLED"===e.ext.status))return!0;if(e.ext&&e.ext.error&&-2147186943===e.ext.error)return!0;switch(e.errorCode){case"ContentError":case"PageException":return!0;default:return!1}}function Qc(e,t,r){if(r&&r.status)switch(r.status){case"ACCOUNT_UNAVAILABLE":return Tn(ln,xi(e));case"USER_INTERACTION_REQUIRED":return new vn(e,t);case"USER_CANCEL":return Ni(Yo);case"NO_NETWORK":return Ni(hi);case"UX_NOT_ALLOWED":return Tn(un)}return new Gc(e,t,r)}class Xc extends zc{async acquireToken(e){const t=Lc(us.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),r=await Kn(this.getClientConfiguration.bind(this),Ra,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),n=new vo(r,this.performanceClient);this.logger.verbose("0wa871",this.correlationId);try{const t=(await Kn(n.acquireCachedToken.bind(n),"silentFlowClientAcquireCachedToken",this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),t}catch(e){throw e instanceof qi&&e.errorCode===pi&&this.logger.verbose("06wena",this.correlationId),e}}logout(e){this.logger.verbose("1rkurh",this.correlationId);const t=this.initializeLogoutRequest(e);return Dc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account)}}class Yc extends Nc{constructor(e,t,r,n,o,i,s,a,c,h,l,d){super(e,t,r,n,o,i,a,d,c),this.apiId=s,this.accountId=h,this.platformAuthProvider=c,this.nativeStorageManager=l,this.silentCacheClient=new Xc(e,this.nativeStorageManager,r,n,o,i,a,d,c);const u=this.platformAuthProvider.getExtensionName();this.skus=Oo.makeExtraSkuString({libraryName:Fi,libraryVersion:Ac,extensionName:u,extensionVersion:this.platformAuthProvider.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[ge]:this.skus}}async acquireToken(e,t){this.logger.trace("03qeos",this.correlationId);const r=this.performanceClient.startMeasurement(Ta,e.correlationId),n=Sn(),o=Lc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const i=await this.initializeNativeRequest(e);try{const e=await this.acquireTokensFromCache(this.accountId,i);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),e}catch(e){if(t===Is.AccessToken)throw this.logger.info("0eitbc",this.correlationId),e;this.logger.info("0957j1",this.correlationId)}const s=await this.platformAuthProvider.sendMessage(i);return await this.handleNativeResponse(s,i,n).then((e=>(r.end({success:!0,isNativeBroker:!0,requestId:e.requestId}),o.clearNativeBrokerErrorCode(),e))).catch((e=>{throw r.end({success:!1,errorCode:e.errorCode,subErrorCode:e.subError,isNativeBroker:!0}),e}))}catch(e){throw e instanceof Gc&&o.setNativeBrokerErrorCode(e.errorCode),e}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:Pt.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("1ndf3e",this.correlationId),be(pt);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e},t.correlationId);if(!r)throw be(pt);try{const e=this.createSilentCacheRequest(t,r),n=await this.silentCacheClient.acquireToken(e),o={...r,idTokenClaims:n?.idTokenClaims,idToken:n?.idToken};return{...n,account:o}}catch(e){throw e}}async acquireTokenRedirect(e,t,r){this.logger.trace("0luikq",this.correlationId);const n=await this.initializeNativeRequest(e),o=r?.navigateToLoginRequestUrl??!0;try{await this.platformAuthProvider.sendMessage(n)}catch(e){if(e instanceof Gc){if(Lc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).setNativeBrokerErrorCode(e.errorCode),Vc(e))throw e}}this.browserStorage.setTemporaryCache(hs,JSON.stringify(n),!0);const i={apiId:us.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},s=o?window.location.href:Uc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId);t.end({success:!0}),await this.navigationClient.navigateExternal(s,i)}async handleRedirectPromise(e,t){if(this.logger.trace("1c5lhw",this.correlationId),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",this.correlationId),null;const r=this.browserStorage.getCachedNativeRequest();if(!r)return this.logger.verbose("0a6zjb",this.correlationId),e&&t&&e?.addFields({errorCode:"no_cached_request"},t),null;const{prompt:n,...o}=r;n&&this.logger.verbose("0ac34v",this.correlationId),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(hs));const i=Sn();try{this.logger.verbose("003x5a",this.correlationId);const e=await this.platformAuthProvider.sendMessage(o),t=await this.handleNativeResponse(e,o,i);return Lc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).clearNativeBrokerErrorCode(),t}catch(e){throw e}}logout(){return this.logger.trace("0u2sjm",this.correlationId),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){this.logger.trace("1bojln",this.correlationId);const n=vr(e.id_token,As),o=this.createHomeAccountIdentifier(e,n),i=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId},this.correlationId)?.homeAccountId;if(t.extraParameters?.child_client_id&&e.account.id!==t.accountId)this.logger.info("1ub1in",this.correlationId);else if(o!==i&&e.account.id!==t.accountId)throw Qc("user_switch");const s=await Hc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t.authority),a=ro(this.browserStorage,s,o,As,this.correlationId,n,e.client_info,void 0,n.tid,void 0,e.account.id);e.expires_in=Number(e.expires_in);const c=await this.generateAuthenticationResult(e,t,n,a,s.canonicalAuthority,r);return await this.cacheAccount(a,kr(n)),await this.cacheNativeTokens(e,t,o,n,e.access_token,c.tenantId,r),c}createHomeAccountIdentifier(e,t){return jr(e.client_info||"",Ur,this.logger,this.browserCrypto,this.correlationId,t)}generateScopes(e,t){return t?Pt.fromString(t):Pt.fromString(e)}async generatePopAccessToken(e,t){if(t.tokenType===G.POP&&t.signPopToken){if(e.shr)return this.logger.trace("0coqhu",this.correlationId),e.shr;const r=new zn(this.browserCrypto,this.performanceClient),n={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce,correlationId:this.correlationId};if(!t.keyId)throw be(vt);return r.signPopToken(e.access_token,t.keyId,n)}return e.access_token}async generateAuthenticationResult(e,t,r,n,o,i){const s=this.addTelemetryFromNativeResponse(e.properties.MATS),a=this.generateScopes(t.scope,e.scope),c=e.account.properties||{},h=c.UID||r.oid||r.sub||"",l=c.TenantId||r.tid||"",d=Cr(Br(n),void 0,r,e.id_token);d.nativeAccountId!==e.account.id&&(d.nativeAccountId=e.account.id);const u=await this.generatePopAccessToken(e,t),g=t.tokenType===G.POP?G.POP:G.BEARER;return{authority:o,uniqueId:h,tenantId:l,scopes:a.asArray(),account:d,idToken:e.id_token,idTokenClaims:r,accessToken:u,fromCache:!!s&&this.isResponseFromCache(s),expiresOn:En(i+e.expires_in),tokenType:g,correlationId:this.correlationId,state:e.state,fromPlatformBroker:!0,...t.resource&&{resource:t.resource}}}async cacheAccount(e,t){await this.browserStorage.setAccount(e,this.correlationId,t,this.apiId),this.browserStorage.removeAccountContext(Br(e),this.correlationId)}cacheNativeTokens(e,t,r,n,o,i,s){const a=$n(r,t.authority,e.id_token||"",t.clientId,n.tid||""),c=s+(t.tokenType===G.POP?240:("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0),h=this.generateScopes(e.scope,t.scope),l={idToken:a,accessToken:Jn(r,t.authority,o,t.clientId,n.tid||i,h.printScopes(),c,0,As,void 0,t.tokenType,void 0,t.keyId)};return this.nativeStorageManager.saveCacheRecord(l,this.correlationId,kr(n),this.apiId,t.storeInCache)}getExpiresInValue(e,t){return e===G.POP?240:("string"==typeof t?parseInt(t,10):t)||0}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.platformAuthProvider.getExtensionId(),extensionVersion:this.platformAuthProvider.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}getMATSFromResponse(e){if(e)try{return JSON.parse(e)}catch(e){this.logger.error("0b3l57",this.correlationId)}return null}isResponseFromCache(e){return void 0===e.is_cached?(this.logger.verbose("1okqev",this.correlationId),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("04j6wj",this.correlationId);const t=await this.getCanonicalAuthority(e),{scopes:r,...n}=e,o=new Pt(r||[]);o.appendScopes(p);const i={...n,accountId:this.accountId,clientId:this.config.auth.clientId,authority:t.urlString,scope:o.printScopes(),redirectUri:Uc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId),prompt:this.getPrompt(e.prompt),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraParameters},extendedExpiryToken:!1,keyId:e.popKid};if(i.signPopToken&&e.popKid)throw Ni(Si);if(this.handleExtraBrokerParams(i),i.extraParameters=i.extraParameters||{},i.extraParameters.telemetry=zi,e.authenticationScheme===G.POP){const t={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce,correlationId:this.correlationId},r=new zn(this.browserCrypto,this.performanceClient);let n;if(i.keyId)n=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:i.keyId})),i.signPopToken=!1;else{const e=await Kn(r.generateCnf.bind(r),Un,this.logger,this.performanceClient,this.correlationId)(t,this.logger);n=e.reqCnfString,i.keyId=e.kid,i.signPopToken=!0}i.reqCnf=n}return this.addRequestSKUs(i),i}async getCanonicalAuthority(e){const t=e.authority||this.config.auth.authority,{azureCloudOptions:r,account:n}=e;n&&await Hc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t,r,void 0,n);const o=new br(t);return o.validateAsUri(),o}getPrompt(e){switch(this.apiId){case us.ssoSilent:case us.acquireTokenSilent_silentFlow:return this.logger.trace("1hiwaz",this.correlationId),R.NONE}if(e)switch(e){case R.NONE:case R.CONSENT:case R.LOGIN:return this.logger.trace("1ynje4",this.correlationId),e;default:throw this.logger.trace("0nkr6q",this.correlationId),Ni(bi)}else this.logger.trace("1qlu04",this.correlationId)}handleExtraBrokerParams(e){const t=e.extraParameters&&e.extraParameters.hasOwnProperty(pe)&&e.extraParameters.hasOwnProperty(me)&&e.extraParameters.hasOwnProperty(ce);if(!e.embeddedClientId&&!t)return;let r="";const n=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,r=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[me],r=e.extraParameters[ce]),e.extraParameters={child_client_id:r,child_redirect_uri:n},this.performanceClient?.addFields({embeddedClientId:r,embeddedRedirectUri:n},e.correlationId)}}const Zc=new Map([["e","AAD"],["m","MSA"]]);function eh(e,t,r){const n=function(e){if(!e)return null;try{const t=(/%(?:[0-9A-Fa-f]{2})/.test(e)?decodeURIComponent(e):e).split("|");return t.length<5?null:{accountType:Zc.get(t[0]?.trim()||"")||"",error:t[1]?.trim()||"",subError:t[2]?.trim()||"",cloudInstance:t[3]?.trim()||"",callerDataBoundary:t[4]?.trim()||""}}catch{return null}}(e.clientdata);n?.accountType&&r.addFields({accountType:n.accountType},t),n?.error&&r.addFields({serverErrorNo:n.error},t),n?.subError&&r.addFields({serverSubErrorNo:n.subError},t)}async function th(e,t,r,n,o){const i=To({...e.auth,authority:t},r,n,o);if(Kt(i,{sku:Fi,version:Ac,os:"",cpu:""}),e.system.protocolMode!==Kr.OIDC&&Bt(i,e.telemetry.application),r.platformBroker&&(function(e){e.set("nativebroker","1")}(i),r.authenticationScheme===G.POP)){const e=new ja(n,o),t=new zn(e,o);let s;if(r.popKid)s=e.encodeKid(r.popKid);else{s=(await Kn(t.generateCnf.bind(t),Un,n,o,r.correlationId)(r,n)).reqCnfString}Zt(i,s)}return Rt(i,r.correlationId,o),i}async function rh(e,t,r,n,o){if(!r.codeChallenge)throw ve(xe);const i=await Kn(th,"getStandardParams",n,o,r.correlationId)(e,t,r,n,o);return Ot(i,O),jt(i,r.codeChallenge,c),Xt(i,{...r.extraQueryParameters,...r.extraParameters}),bo(t,i)}async function nh(e,t,r,n,o,i){if(!n.earJwk)throw Ni(Do);const s=await th(t,r,n,o,i);Ot(s,M),function(e,t){e.set("ear_jwk",encodeURIComponent(t)),e.set("ear_jwe_crypto","eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}(s,n.earJwk),jt(s,n.codeChallenge,c),Xt(s,{...n.extraParameters});const a=new Map;Xt(a,n.extraQueryParameters||{}),Ft(a,n.correlationId);return ih(e,bo(r,a),s)}async function oh(e,t,r,n,o,i){const s=await th(t,r,n,o,i);Ot(s,O),jt(s,n.codeChallenge,n.codeChallengeMethod||c),Xt(s,{...n.extraParameters});const a=new Map;Xt(a,n.extraQueryParameters||{}),Ft(a,n.correlationId);return ih(e,bo(r,a),s)}function ih(e,t,r){const n=e.createElement("form");return n.method="post",n.action=t,r.forEach(((t,r)=>{const o=e.createElement("input");o.hidden=!0,o.name=r,o.value=t,n.appendChild(o)})),e.body.appendChild(n),n}async function sh(e,t,r,n,o,i,s,a,c,h){if(a.verbose("11qcow",e.correlationId),!h)throw Ni(ki);const l=new ja(a,c),d=new Yc(n,o,l,a,s,n.system.navigationClient,r,c,h,t,i,e.correlationId),{userRequestState:u}=An(l.base64Decode,e.state);return Kn(d.acquireToken.bind(d),Ta,a,c,e.correlationId)({...e,state:u,prompt:void 0})}async function ah(e,t,r,n,o,i,s,a,c,h,l,d){if(ao.removeThrottle(s,o.auth.clientId,e),eh(t,e.correlationId,l),t.accountId)return Kn(sh,xa,h,l,e.correlationId)(e,t.accountId,n,o,s,a,c,h,l,d);const u={...e,code:t.code||"",codeVerifier:r},g=new Wc(i,s,u,h,l);return await Kn(g.handleCodeResponse.bind(g),"handleCodeResponse",h,l,e.correlationId)(t,e,n)}async function ch(e,t,r,n,o,i,s,a,c,h,l){if(ao.removeThrottle(i,n.auth.clientId,e),eh(t,e.correlationId,h),Ao(t,e.state),!t.ear_jwe)throw Ni(Fo);if(!e.earJwk)throw Ni(Do);const d=JSON.parse(await Kn(zs,"decryptEarResponse",c,h,e.correlationId)(e.earJwk,t.ear_jwe));if(d.accountId)return Kn(sh,xa,c,h,e.correlationId)(e,d.accountId,r,n,i,s,a,c,h,l);const u=new to(n.auth.clientId,i,new ja(c,h),c,h,null,null);u.validateTokenResponse(d,e.correlationId);const g={code:"",state:e.state,nonce:e.nonce,client_info:d.client_info,cloud_graph_host_name:d.cloud_graph_host_name,cloud_instance_host_name:d.cloud_instance_host_name,cloud_instance_name:d.cloud_instance_name,msgraph_host:d.msgraph_host};return await Kn(u.handleServerTokenResponse.bind(u),Ln,c,h,e.correlationId)(d,o,Sn(),e,r,g,void 0,void 0,void 0,void 0)}async function hh(e,t,r){const n=Fn(lh,"generateCodeVerifier",t,e,r)(e,t,r);return{verifier:n,challenge:await Kn(dh,"generateCodeChallengeFromVerifier",t,e,r)(n,e,t,r)}}function lh(e,t,r){try{const n=new Uint8Array(32);Fn(Hs,"getRandomValues",t,e,r)(n);return ks(n)}catch(e){throw Ni(Ho)}}async function dh(e,t,r,n){try{const o=await Kn(Ls,"sha256Digest",r,t,n)(e);return ks(new Uint8Array(o))}catch(e){throw Ni(Ho)}}class uh{navigateInternal(e,t){return uh.defaultNavigateWindow(e,t)}navigateExternal(e,t){return uh.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(((e,r)=>{setTimeout((()=>{r(Ni(Ri,"failed_to_redirect"))}),t.timeout)}))}}class gh{async sendGetRequestAsync(e,t){let r,n={},o=0;const i=ph(t);try{r=await fetch(e,{method:es,headers:i})}catch(e){throw ho(Ni(window.navigator.onLine?di:hi),void 0,void 0,e)}n=mh(r.headers);try{return o=r.status,{headers:n,body:await r.json(),status:o}}catch(e){throw ho(Ni(ui),o,n,e)}}async sendPostRequestAsync(e,t){const r=t&&t.body||"",n=ph(t);let o,i=0,s={};try{o=await fetch(e,{method:ts,headers:n,body:r})}catch(e){throw ho(Ni(window.navigator.onLine?li:hi),void 0,void 0,e)}s=mh(o.headers);try{return i=o.status,{headers:s,body:await o.json(),status:i}}catch(e){throw ho(Ni(ui),i,s,e)}}}function ph(e){try{const t=new Headers;if(!e||!e.headers)return t;const r=e.headers;return Object.entries(r).forEach((([e,r])=>{t.append(e,r)})),t}catch(e){throw ho(Ni(_i),void 0,void 0,e)}}function mh(e){try{const t={};return e.forEach(((e,r)=>{t[r]=e})),t}catch(e){throw Ni(Ei)}}function fh({auth:r,cache:n,system:o,telemetry:c},h){const l={clientId:"",authority:`${t}`,knownAuthorities:[],cloudDiscoveryMetadata:"",authorityMetadata:"",redirectUri:"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:"",postLogoutRedirectUri:"",clientCapabilities:[],OIDCOptions:{responseMode:x.FRAGMENT,defaultScopes:[i,s,a]},azureCloudOptions:{azureCloudInstance:yr.None,tenant:""},instanceAware:!1,isMcp:!1},d={cacheLocation:Zi.SessionStorage,cacheRetentionDays:5},u={loggerCallback:()=>{},logLevel:e.LogLevel.Info,piiLoggingEnabled:!1},g={...{...Yr,loggerOptions:u,networkClient:h?new gh:ko,navigationClient:new uh,popupBridgeTimeout:o?.popupBridgeTimeout||6e4,iframeBridgeTimeout:o?.iframeBridgeTimeout||1e4,redirectNavigationTimeout:3e4,allowRedirectInIframe:!1,navigatePopups:!0,allowPlatformBroker:!1,nativeBrokerHandshakeTimeout:o?.nativeBrokerHandshakeTimeout||2e3,protocolMode:Kr.AAD},...o,loggerOptions:o?.loggerOptions||u},p={application:{appName:"",appVersion:""},client:new Xr};if(o?.protocolMode!==Kr.OIDC&&r?.OIDCOptions){new pr(g.loggerOptions).warning(JSON.stringify(ve(Ke)),"")}if(o?.protocolMode&&o.protocolMode===Kr.OIDC&&g?.allowPlatformBroker)throw ve(Be);return{auth:{...l,...r,OIDCOptions:{...l.OIDCOptions,...r?.OIDCOptions}},cache:{...d,...n},system:g,telemetry:{...p,...c}}}class yh{constructor(e,t,r,n){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=n,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=r.startMeasurement("nativeMessageHandlerHandshake"),this.platformAuthType=Gi}async sendMessage(e){this.logger.trace("0on4p2",e.correlationId);const t={method:Xi,request:e},r={channel:Ki,extensionId:this.extensionId,responseId:Fs(),body:t};this.logger.trace("1qadfi",e.correlationId),this.logger.tracePii("1xm533",e.correlationId),this.messageChannel.port1.postMessage(r);const n=await new Promise(((e,t)=>{this.resolvers.set(r.responseId,{resolve:e,reject:t})}));return this.validatePlatformBrokerResponse(n)}static async createProvider(e,t,r,n){e.trace("15zfnw",n);try{const o=new yh(e,t,r,Bi);return await o.sendHandshakeRequest(n),o}catch(o){const i=new yh(e,t,r);return await i.sendHandshakeRequest(n),i}}async sendHandshakeRequest(e){this.logger.trace("1dpg9o",e),window.addEventListener("message",this.windowListener,!1);const t={channel:Ki,extensionId:this.extensionId,responseId:Fs(),body:{method:Vi}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=e=>{this.onChannelMessage(e)},window.postMessage(t,window.origin,[this.messageChannel.port2]),new Promise(((e,r)=>{this.handshakeResolvers.set(t.responseId,{resolve:e,reject:r}),this.timeoutId=window.setTimeout((()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(Ni(Ci)),this.handshakeResolvers.delete(t.responseId)}),this.handshakeTimeoutMs)}))}onWindowMessage(e){const t=Ia();if(this.logger.trace("0jpn5u",t),e.source!==window)return;const r=e.data;if(r.channel&&r.channel===Ki&&(!r.extensionId||r.extensionId===this.extensionId)&&r.body.method===Vi){const e=this.handshakeResolvers.get(r.responseId);if(!e)return void this.logger.trace("07buhm",t);this.logger.verbose(r.extensionId?"0xrkug":"No extension installed",t),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),e.reject(Ni(vi))}}onChannelMessage(e){const t=Ia();this.logger.trace("1py8yf",t);const r=e.data,n=this.resolvers.get(r.responseId),o=this.handshakeResolvers.get(r.responseId);try{const e=r.body.method;if(e===Yi){if(!n)return;const e=r.body.response;if(this.logger.trace("19hpgm",t),this.logger.tracePii("179a24",t),"Success"!==e.status)n.reject(Qc(e.code,e.description,e.ext));else{if(!e.result)throw Ie(Eo,"Event does not contain result.");e.result.code&&e.result.description?n.reject(Qc(e.result.code,e.result.description,e.result.ext)):n.resolve(e.result)}this.resolvers.delete(r.responseId)}else if(e===Qi){if(!o)return void this.logger.trace("082qnt",t);clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=r.extensionId,this.extensionVersion=r.body.version,this.logger.verbose("0yf5ib",t),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),o.resolve(),this.handshakeResolvers.delete(r.responseId)}}catch(e){this.logger.error("0xf978",t),this.logger.errorPii("04i99o",t),this.logger.errorPii("0xdvsy",t),n?n.reject(e):o&&o.reject(e)}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw Ie(Eo,"Response missing expected properties.")}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}getExtensionName(){return this.getExtensionId()===Bi?"chrome":this.getExtensionId()?.length?"unknown":void 0}}class wh{constructor(e,t,r){this.logger=e,this.performanceClient=t,this.correlationId=r,this.platformAuthType=Wi}static async createProvider(e,t,r){if(e.trace("12mj4a",r),window.navigator?.platformAuthentication){const n=await window.navigator.platformAuthentication.getSupportedContracts(ji);if(n?.includes(Ji))return e.trace("1h5q1r",r),new wh(e,t,r)}}getExtensionId(){return ji}getExtensionVersion(){return""}getExtensionName(){return $i}async sendMessage(e){this.logger.trace("02bcil",e.correlationId);try{const t=this.initializePlatformDOMRequest(e),r=await window.navigator.platformAuthentication.executeGetToken(t);return this.validatePlatformBrokerResponse(r,e.correlationId)}catch(t){throw this.logger.error("11im7g",e.correlationId),t}}initializePlatformDOMRequest(e){this.logger.trace("15d6yv",e.correlationId);const{accountId:t,clientId:r,authority:n,scope:o,redirectUri:i,correlationId:s,state:a,storeInCache:c,embeddedClientId:h,extraParameters:l,...d}=e,u=this.getDOMExtraParams(d,s);return{accountId:t,brokerId:this.getExtensionId(),authority:n,clientId:r,correlationId:s||this.correlationId,extraParameters:{...l,...u},isSecurityTokenService:!1,redirectUri:i,scope:o,state:a,storeInCache:c,embeddedClientId:h}}validatePlatformBrokerResponse(e,t){if(e.hasOwnProperty("isSuccess")){if(e.hasOwnProperty("accessToken")&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("clientInfo")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scopes")&&e.hasOwnProperty("expiresIn"))return this.logger.trace("0h4vei",t),this.convertToPlatformBrokerResponse(e,t);if(e.hasOwnProperty("error")){const r=e;if(!1===r.isSuccess&&r.error&&r.error.code)throw this.logger.trace("0g92vm",t),Qc(r.error.code,r.error.description,{error:parseInt(r.error.errorCode),protocol_error:r.error.protocolError,status:r.error.status,properties:r.error.properties})}}throw Ie(Eo,"Response missing expected properties.")}convertToPlatformBrokerResponse(e,t){this.logger.trace("14913t",t);return{access_token:e.accessToken,id_token:e.idToken,client_info:e.clientInfo,account:e.account,expires_in:e.expiresIn,scope:e.scopes,state:e.state||"",properties:e.properties||{},extendedLifetimeToken:e.extendedLifetimeToken??!1,shr:e.proofOfPossessionPayload}}getDOMExtraParams(e,t){try{const t={};for(const[r,n]of Object.entries(e))n&&(t[r]="object"==typeof n?JSON.stringify(n):String(n));return t}catch(e){return this.logger.error("0eu9o3",t),this.logger.errorPii("17rpl5",t),{}}}}async function Ih(e,t,r,n){e.trace("134j0v",r);const o=function(){let e;try{return e=window[Zi.SessionStorage],"true"===e?.getItem(ac)}catch(e){return!1}}();let i;e.trace("04c81g",r);try{o&&(i=await wh.createProvider(e,t,r)),i||(e.trace("0l3na8",r),i=await yh.createProvider(e,n||2e3,t,r))}catch(t){e.trace("0icbd7",t)}return i}function Ch(e,t,r,n,o){if(t.trace("0uko3r",r),!e.system.allowPlatformBroker)return t.trace("04hozs",r),!1;if(!n)return t.trace("0kvv1r",r),!1;if(o)switch(o){case G.BEARER:case G.POP:return t.trace("18tev1",r),!0;default:return t.trace("1dd2nh",r),!1}return!0}class vh extends zc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a,this.eventHandler=o}acquireToken(e,t){let r;try{if(r={popupName:this.generatePopupName(e.scopes||p,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window},this.performanceClient.addFields({isAsyncPopup:!this.config.system.navigatePopups},this.correlationId),this.config.system.navigatePopups){const n={...e,httpMethod:Bc(e,this.config.system.protocolMode)};return this.logger.verbose("1f9ok3",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.acquireTokenPopupAsync(n,r,t)}return this.logger.verbose("162h4u",this.correlationId),this.acquireTokenPopupAsync(e,r,t)}catch(e){return Promise.reject(e)}}logout(e){try{this.logger.verbose("068rup",this.correlationId);const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:e?.popupWindowAttributes||{},popupWindowParent:e?.popupWindowParent??window},n=e&&e.authority,o=e&&e.mainWindowRedirectUri;return this.config.system.navigatePopups?(this.logger.verbose("1a28da",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,n,o)):(this.logger.verbose("1phd8u",this.correlationId),this.logoutPopupAsync(t,r,n,o))}catch(e){return Promise.reject(e)}}async acquireTokenPopupAsync(t,r,n){this.logger.verbose("1g77pg",this.correlationId);const o=await Kn(jc,Oa,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Popup,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.popup&&wa(o.authority);const i=Ch(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);return o.platformBroker=i,this.config.system.protocolMode===Kr.EAR?this.executeEarFlow(o,r,n):this.executeCodeFlow(o,r,n)}async executeCodeFlow(t,r,n){const o=t.correlationId,i=Lc(us.acquireTokenPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),s=n||await Kn(hh,La,this.logger,this.performanceClient,o)(this.performanceClient,this.logger,o),a={...t,codeChallenge:s.challenge};try{const n=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,o)({serverTelemetryManager:i,requestAuthority:a.authority,requestAzureCloudOptions:a.azureCloudOptions,requestExtraQueryParameters:a.extraQueryParameters,account:a.account});if(a.httpMethod===g)return await this.executeCodeFlowWithPost(a,r,n,s.verifier);{const i=await Kn(rh,qn,this.logger,this.performanceClient,o)(this.config,n.authority,a,this.logger,this.performanceClient),c=this.initiateAuthRequest(i,r);this.eventHandler.emitEvent(Tc.POPUP_OPENED,o,e.InteractionType.Popup,{popupWindow:c},null);const h=await ca(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,t,this.performanceClient),l=Fn($c,Na,this.logger,this.performanceClient,this.correlationId)(h,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return await Kn(ah,qa,this.logger,this.performanceClient,o)(t,l,s.verifier,us.acquireTokenPopup,this.config,n,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}catch(e){throw r.popup?.close(),e instanceof we&&(e.setCorrelationId(this.correlationId),i.cacheFailedRequest(e)),e}}async executeEarFlow(e,t,r){const{correlationId:n,authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=e,c=await Kn(Hc,ka,this.logger,this.performanceClient,n)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a),h=await Kn(Bs,Fa,this.logger,this.performanceClient,n)(),l=r||await Kn(hh,La,this.logger,this.performanceClient,n)(this.performanceClient,this.logger,n),d={...e,earJwk:h,codeChallenge:l.challenge},u=t.popup||this.openPopup("about:blank",t);(await nh(u.document,this.config,c,d,this.logger,this.performanceClient)).submit();const g=await Kn(ca,Ea,this.logger,this.performanceClient,n)(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,d,this.performanceClient),p=Fn($c,Na,this.logger,this.performanceClient,this.correlationId)(g,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);if(!p.ear_jwe&&p.code){const t=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,n)({serverTelemetryManager:Lc(us.acquireTokenPopup,this.config.auth.clientId,n,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:c});return Kn(ah,qa,this.logger,this.performanceClient,n)(d,p,l.verifier,us.acquireTokenPopup,this.config,t,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Kn(ch,Ma,this.logger,this.performanceClient,n)(d,p,us.acquireTokenPopup,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async executeCodeFlowWithPost(e,t,r,n){const o=e.correlationId,i=await Kn(Hc,ka,this.logger,this.performanceClient,o)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger),s=t.popup||this.openPopup("about:blank",t);(await oh(s.document,this.config,i,e,this.logger,this.performanceClient)).submit();const a=await Kn(ca,Ea,this.logger,this.performanceClient,o)(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,e,this.performanceClient),c=Fn($c,Na,this.logger,this.performanceClient,this.correlationId)(a,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return Kn(ah,qa,this.logger,this.performanceClient,o)(e,c,n,us.acquireTokenPopup,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async logoutPopupAsync(t,r,n,o){this.logger.verbose("0b7yrk",this.correlationId),this.eventHandler.emitEvent(Tc.LOGOUT_START,this.correlationId,e.InteractionType.Popup,t);const i=Lc(us.logoutPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{await Dc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account);const s=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:i,requestAuthority:n,account:t.account||void 0});try{s.authority.endSessionEndpoint}catch{if(t.account?.homeAccountId&&t.postLogoutRedirectUri&&s.authority.protocolMode===Kr.OIDC){if(this.eventHandler.emitEvent(Tc.LOGOUT_SUCCESS,t.correlationId,e.InteractionType.Popup,t),o){const e={apiId:us.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=br.getAbsoluteUrl(o,ha());await this.navigationClient.navigateInternal(t,e)}return void r.popup?.close()}}const a=s.getLogoutUri(t);this.eventHandler.emitEvent(Tc.LOGOUT_SUCCESS,t.correlationId,e.InteractionType.Popup,t);const c=this.openPopup(a,r);if(this.eventHandler.emitEvent(Tc.POPUP_OPENED,t.correlationId,e.InteractionType.Popup,{popupWindow:c},null),await ca(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,t,this.performanceClient).catch((()=>{})),o){const e={apiId:us.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=br.getAbsoluteUrl(o,ha());this.logger.verbose("0qcur2",this.correlationId),this.logger.verbosePii("0oj7lk",this.correlationId),await this.navigationClient.navigateInternal(t,e)}else this.logger.verbose("03zgcf",this.correlationId)}catch(t){throw r.popup?.close(),t instanceof we&&(t.setCorrelationId(this.correlationId),i.cacheFailedRequest(t)),this.eventHandler.emitEvent(Tc.LOGOUT_FAILURE,this.correlationId,e.InteractionType.Popup,null,t),this.eventHandler.emitEvent(Tc.LOGOUT_END,this.correlationId,e.InteractionType.Popup),t}this.eventHandler.emitEvent(Tc.LOGOUT_END,this.correlationId,e.InteractionType.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii("1kcr9k",this.correlationId),this.openPopup(e,t);throw this.logger.error("1l7hyp",this.correlationId),Ni(Bo)}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii("0cgeo7",this.correlationId),r.location.assign(e)):void 0===t.popup&&(this.logger.verbosePii("0c2awd",this.correlationId),r=this.openSizedPopup(e,t)),!r)throw Ni(Xo);return r.focus&&r.focus(),this.currentWindow=r,r}catch(e){throw this.logger.error("0dxfb9",this.correlationId),Ni(Qo)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:n}){const o=n.screenLeft?n.screenLeft:n.screenX,i=n.screenTop?n.screenTop:n.screenY,s=n.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,a=n.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let c=r.popupSize?.width,h=r.popupSize?.height,l=r.popupPosition?.top,d=r.popupPosition?.left;return(!c||c<0||c>s)&&(this.logger.verbose("08vfmo",this.correlationId),c=Li),(!h||h<0||h>a)&&(this.logger.verbose("09cxa0",this.correlationId),h=Hi),(!l||l<0||l>a)&&(this.logger.verbose("1qh4wo",this.correlationId),l=Math.max(0,a/2-Hi/2+i)),(!d||d<0||d>s)&&(this.logger.verbose("1sz3en",this.correlationId),d=Math.max(0,s/2-Li/2+o)),n.open(e,t,`width=${c}, height=${h}, top=${l}, left=${d}, scrollbars=yes`)}generatePopupName(e,t){return`${Di}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${Di}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}class kh extends zc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a}async acquireToken(t){const r=await Kn(jc,Oa,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Redirect,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.platformBroker=Ch(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);const n=t=>{t.persisted&&(this.logger.verbose("0udvtt",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),this.eventHandler.emitEvent(Tc.RESTORE_FROM_BFCACHE,this.correlationId,e.InteractionType.Redirect))},o=this.getRedirectStartPage(t.redirectStartPage);this.logger.verbosePii("0zao0a",this.correlationId),this.browserStorage.setTemporaryCache(os,o,!0),window.addEventListener("pageshow",n);try{this.config.system.protocolMode===Kr.EAR?await this.executeEarFlow(r):await this.executeCodeFlow(r)}catch(e){throw e instanceof we&&e.setCorrelationId(this.correlationId),window.removeEventListener("pageshow",n),e}}async executeCodeFlow(e){const t=e.correlationId,r=Lc(us.acquireTokenRedirect,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),n=await Kn(hh,La,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),o={...e,codeChallenge:n.challenge};this.browserStorage.cacheAuthorizeRequest(o,this.correlationId,n.verifier);try{if(o.httpMethod===g)return await this.executeCodeFlowWithPost(o);{const t=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:r,requestAuthority:o.authority,requestAzureCloudOptions:o.azureCloudOptions,requestExtraQueryParameters:o.extraQueryParameters,account:o.account}),n=await Kn(rh,qn,this.logger,this.performanceClient,e.correlationId)(this.config,t.authority,o,this.logger,this.performanceClient);return await this.initiateAuthRequest(n)}}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),r.cacheFailedRequest(e)),e}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Kn(Hc,ka,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Kn(Bs,Fa,this.logger,this.performanceClient,t)(),c=await Kn(hh,La,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge};this.browserStorage.cacheAuthorizeRequest(h,this.correlationId,c.verifier);return(await nh(document,this.config,s,h,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Ni(Ri,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async executeCodeFlowWithPost(e){const t=e.correlationId,r=await Kn(Hc,ka,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger);this.browserStorage.cacheAuthorizeRequest(e,this.correlationId);return(await oh(document,this.config,r,e,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(Ni(Ri,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async handleRedirectPromise(e,t,r,n){const o=Lc(us.handleRedirectPromise,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),i=n?.navigateToLoginRequestUrl??!0;try{const[s,a]=this.getRedirectResponse(n?.hash||"");if(!s)return this.logger.info("1qmv0q",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),"back_forward"!==function(){if("undefined"==typeof window||void 0===window.performance||"function"!=typeof window.performance.getEntriesByType)return;const e=window.performance.getEntriesByType("navigation"),t=e.length?e[0]:void 0;return t?.type}()?r.event.errorCode="no_server_response":this.logger.verbose("1eqegq",this.correlationId),null;const c=this.browserStorage.getTemporaryCache(os,this.correlationId,!0)||"",h=hr(c);if(h===hr(window.location.href)&&i){this.logger.verbose("11yred",this.correlationId),c.indexOf("#")>-1&&na(c);return await this.handleResponse(s,e,t,o)}if(!i)return this.logger.verbose("0v4sdv",this.correlationId),await this.handleResponse(s,e,t,o);if(!oa()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(is,a,!0);const r={apiId:us.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let n=!0;if(c&&"null"!==c)this.logger.verbose("08jpy1",this.correlationId),n=await this.navigationClient.navigateInternal(c,r);else{const e=la();this.browserStorage.setTemporaryCache(os,e,!0),this.logger.warning("1dutq1",this.correlationId),n=await this.navigationClient.navigateInternal(e,r)}if(!n)return await this.handleResponse(s,e,t,o)}return null}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),o.cacheFailedRequest(e)),e}}getRedirectResponse(t){this.logger.verbose("1c5i8m",this.correlationId);let r=t;r||(r=this.config.auth.OIDCOptions.responseMode===x.QUERY?window.location.search:window.location.hash);let n=ar(r);if(n){try{Jc(n,this.browserCrypto,e.InteractionType.Redirect)}catch(e){return e instanceof we&&this.logger.error("0bkq6p",this.correlationId),[null,""]}return ra(window),this.logger.verbose("00uvho",this.correlationId),[n,r]}const o=this.browserStorage.getTemporaryCache(is,this.correlationId,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(is)),o&&(n=ar(o),n)?(this.logger.verbose("001671",this.correlationId),[n,o]):[null,""]}async handleResponse(e,t,r,n){if(!e.state)throw Ni(jo);const{authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=t;if(e.ear_jwe){const r=await Kn(Hc,ka,this.logger,this.performanceClient,t.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a);return Kn(ch,Ma,this.logger,this.performanceClient,t.correlationId)(t,e,us.acquireTokenRedirect,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}const c=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority});return Kn(ah,qa,this.logger,this.performanceClient,t.correlationId)(t,e,r,us.acquireTokenRedirect,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async initiateAuthRequest(e){if(this.logger.verbose("0yaw2e",this.correlationId),e){this.logger.infoPii("1luf83",this.correlationId);const t={apiId:us.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},r=this.config.auth.onRedirectNavigate;if("function"==typeof r){this.logger.verbose("1nehvl",this.correlationId);return!1!==r(e)?(this.logger.verbose("1a0jxh",this.correlationId),void await this.navigationClient.navigateExternal(e,t)):void this.logger.verbose("09k5h5",this.correlationId)}return this.logger.verbose("0klwf7",this.correlationId),void await this.navigationClient.navigateExternal(e,t)}throw this.logger.info("0rlh4e",this.correlationId),Ni(Bo)}async logout(t){this.logger.verbose("1rkurh",this.correlationId);const r=this.initializeLogoutRequest(t),n=Lc(us.logout,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{this.eventHandler.emitEvent(Tc.LOGOUT_START,this.correlationId,e.InteractionType.Redirect,t),await Dc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,r.account);const o={apiId:us.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t&&t.authority,requestExtraQueryParameters:t?.extraQueryParameters,account:t&&t.account||void 0});if(i.authority.protocolMode===Kr.OIDC)try{i.authority.endSessionEndpoint}catch{if(r.account?.homeAccountId)return void this.eventHandler.emitEvent(Tc.LOGOUT_SUCCESS,this.correlationId,e.InteractionType.Redirect,r)}const s=i.getLogoutUri(r);r.account?.homeAccountId&&this.eventHandler.emitEvent(Tc.LOGOUT_SUCCESS,this.correlationId,e.InteractionType.Redirect,r);const a=this.config.auth.onRedirectNavigate;if("function"!=typeof a)return this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,ns),void await this.navigationClient.navigateExternal(s,o);if(!1!==a(s))return this.logger.verbose("06v57e",this.correlationId),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,ns),void await this.navigationClient.navigateExternal(s,o);this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("0xqes1",this.correlationId)}catch(t){throw t instanceof we&&(t.setCorrelationId(this.correlationId),n.cacheFailedRequest(t)),this.eventHandler.emitEvent(Tc.LOGOUT_FAILURE,this.correlationId,e.InteractionType.Redirect,null,t),this.eventHandler.emitEvent(Tc.LOGOUT_END,this.correlationId,e.InteractionType.Redirect),t}this.eventHandler.emitEvent(Tc.LOGOUT_END,this.correlationId,e.InteractionType.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return br.getAbsoluteUrl(t,ha())}}async function Th(e,t,r,n){if(!e)throw r.info("1l7hyp",n),Ni(Bo);return Fn(Sh,"silentHandlerLoadFrameSync",r,t,n)(e)}async function bh(e,t,r,n,o){const i=_h();if(!i.contentDocument)throw"No document associated with iframe!";return(await oh(i.contentDocument,e,t,r,n,o)).submit(),i}async function Ah(e,t,r,n,o){const i=_h();if(!i.contentDocument)throw"No document associated with iframe!";return(await nh(i.contentDocument,e,t,r,n,o)).submit(),i}function Sh(e){const t=_h();return t.src=e,t}function _h(){const e=document.createElement("iframe");return e.className="msalSilentIframe",e.style.visibility="hidden",e.style.position="absolute",e.style.width=e.style.height="0",e.style.border="0",e.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),e.setAttribute("allow","local-network-access *"),document.body.appendChild(e),e}function Eh(e){document.body===e.parentNode&&document.body.removeChild(e)}class Ph extends zc{constructor(e,t,r,n,o,i,s,a,c,h,l){super(e,t,r,n,o,i,a,h,l),this.apiId=s,this.nativeStorage=c}async acquireToken(t){t.loginHint||t.sid||t.account&&t.account.username||this.logger.warning("1kl318",this.correlationId);const r={...t};r.prompt?r.prompt!==R.NONE&&r.prompt!==R.NO_SESSION&&(this.logger.warning("0bmctg",this.correlationId),r.prompt=R.NONE):r.prompt=R.NONE;const n=await Kn(jc,Oa,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);return n.platformBroker=Ch(this.config,this.logger,this.correlationId,this.platformAuthProvider,n.authenticationScheme),wa(n.authority),this.config.system.protocolMode===Kr.EAR?this.executeEarFlow(n):this.executeCodeFlow(n)}async executeCodeFlow(e){let t;const r=Lc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{return t=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await Kn(this.silentTokenHelper.bind(this),Sa,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(n){if(n instanceof we&&(n.setCorrelationId(this.correlationId),r.cacheFailedRequest(n)),!(t&&n instanceof we&&n.errorCode===Ui))throw n;return this.performanceClient.addFields({retryError:n.errorCode},this.correlationId),await Kn(this.silentTokenHelper.bind(this),Sa,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Kn(Hc,ka,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Kn(Bs,Fa,this.logger,this.performanceClient,t)(),c=await Kn(hh,La,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge},l=await Kn(Ah,_a,this.logger,this.performanceClient,t)(this.config,s,h,this.logger,this.performanceClient),d=this.config.auth.OIDCOptions.responseMode;let u;try{u=await Kn(ca,Ea,this.logger,this.performanceClient,t)(this.config.system.iframeBridgeTimeout,this.logger,this.browserCrypto,e,this.performanceClient)}finally{Fn(Eh,Ua,this.logger,this.performanceClient,t)(l)}const g=Fn($c,Na,this.logger,this.performanceClient,t)(u,d,this.logger,this.correlationId);if(!g.ear_jwe&&g.code){const r=await Kn(this.createAuthCodeClient.bind(this),Pa,this.logger,this.performanceClient,t)({serverTelemetryManager:Lc(this.apiId,this.config.auth.clientId,t,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:s});return Kn(ah,qa,this.logger,this.performanceClient,t)(h,g,c.verifier,this.apiId,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Kn(ch,Ma,this.logger,this.performanceClient,t)(h,g,this.apiId,this.config,s,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}logout(){return Promise.reject(Ni(ni))}async silentTokenHelper(e,t){const r=t.correlationId,n=await Kn(hh,La,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),o={...t,codeChallenge:n.challenge};let i;if(t.httpMethod===g)i=await Kn(bh,_a,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);else{const t=await Kn(rh,qn,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);i=await Kn(Th,_a,this.logger,this.performanceClient,r)(t,this.performanceClient,this.logger,r)}const s=this.config.auth.OIDCOptions.responseMode;let a;try{a=await Kn(ca,Ea,this.logger,this.performanceClient,r)(this.config.system.iframeBridgeTimeout,this.logger,this.browserCrypto,t,this.performanceClient)}finally{Fn(Eh,Ua,this.logger,this.performanceClient,r)(i)}const c=Fn($c,Na,this.logger,this.performanceClient,r)(a,s,this.logger,this.correlationId);return Kn(ah,qa,this.logger,this.performanceClient,r)(t,c,n.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}class Rh extends zc{async acquireToken(e){const t=await Kn(Fc,Aa,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger,this.correlationId),r={...e,...t};e.redirectUri&&(r.redirectUri=Uc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId));const n=Lc(us.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),o=await this.createRefreshTokenClient({serverTelemetryManager:n,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return Kn(o.acquireTokenByRefreshToken.bind(o),"refreshTokenClientAcquireTokenByRefreshToken",this.logger,this.performanceClient,e.correlationId)(r,us.acquireTokenSilent_silentFlow).catch((e=>{throw e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e),e}))}logout(){return Promise.reject(Ni(ni))}async createRefreshTokenClient(e){const t=await Kn(this.getClientConfiguration.bind(this),Ra,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new Co(t,this.performanceClient)}}class Oh extends Io{constructor(e,t){super(e,t),this.includeRedirectUri=!1}}class Mh extends zc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,a,c,h),this.apiId=s}async acquireToken(t){if(!t.code)throw Ni(mi);const r=await Kn(jc,Oa,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),n=Lc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const e={...r,code:t.code},o=await Kn(this.getClientConfiguration.bind(this),Ra,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:r.authority,requestAzureCloudOptions:r.azureCloudOptions,requestExtraQueryParameters:r.extraQueryParameters,account:r.account}),i=new Oh(o,this.performanceClient);this.logger.verbose("1uic5e",this.correlationId);const s=new Wc(i,this.browserStorage,e,this.logger,this.performanceClient);return await Kn(s.handleCodeResponseFromServer.bind(s),Nn,this.logger,this.performanceClient,this.correlationId)({code:t.code,msgraph_host:t.msGraphHost,cloud_graph_host_name:t.cloudGraphHostName,cloud_instance_host_name:t.cloudInstanceHostName},r,this.apiId,!1)}catch(e){throw e instanceof we&&(e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e)),e}}logout(){return Promise.reject(Ni(ni))}}function xh(e,t,r,n){try{fa(e),So(r.auth.isMcp,n)}catch(e){throw t.end({success:!1},e,n.account),e}}class qh{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new ja(this.logger,this.performanceClient):lr,this.eventHandler=new qc(this.logger),this.browserStorage=this.isBrowserEnvironment?new _c(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,yo(this.config.auth)):Pc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:Zi.MemoryStorage,cacheRetentionDays:5};this.nativeInternalStorage=new _c(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this)}static async createController(e,t){const r=new qh(e);return await r.initialize(t),r}trackPageVisibility(e){e&&(this.logger.info("16v6hv",e),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e){const t=this.getRequestCorrelationId(e);if(this.logger.trace("1f7joy",t),this.initialized)return void this.logger.info("061m5x",t);if(!this.isBrowserEnvironment)return this.logger.info("19fvpi",t),this.initialized=!0,void this.eventHandler.emitEvent(Tc.INITIALIZE_END,t);const r=this.config.system.allowPlatformBroker,n=this.performanceClient.startMeasurement(Ya,t);if(this.eventHandler.emitEvent(Tc.INITIALIZE_START,t),this.logMultipleInstances(n,t),n.add({isMcp:this.config.auth.isMcp}),await Kn(this.browserStorage.initialize.bind(this.browserStorage),"initializeCache",this.logger,this.performanceClient,t)(t),r)try{this.platformAuthProvider=await Ih(this.logger,this.performanceClient,t,this.config.system.nativeBrokerHandshakeTimeout)}catch(e){this.logger.verbose(e,t)}this.config.cache.cacheLocation===Zi.LocalStorage&&this.eventHandler.subscribeCrossTab(),!this.config.system.navigatePopups&&await this.preGeneratePkceCodes(t),this.initialized=!0,this.eventHandler.emitEvent(Tc.INITIALIZE_END,t),n.end({allowPlatformBroker:r,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("02l8bm",""),ma(this.initialized),this.isBrowserEnvironment){const t=e?.hash||"";let r=this.redirectResponse.get(t);return void 0===r?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("1wn9kp","")):this.logger.verbose("0w0gm3",""),r}return this.logger.verbose("12xi63",""),null}async handleRedirectPromiseInternal(t){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",""),null;const r=this.browserStorage.getInteractionInProgress()?.type;if(r===ns)return this.logger.verbose("1ywcv2",""),this.browserStorage.setInteractionInProgress(!1),Promise.resolve(null);const n=this.getAllAccounts(),o=this.browserStorage.getCachedNativeRequest(),i=o&&this.platformAuthProvider&&!t?.hash;let s,a;try{if(i&&this.platformAuthProvider){const t=o?.correlationId||"";this.eventHandler.emitEvent(Tc.HANDLE_REDIRECT_START,t,e.InteractionType.Redirect),s=this.performanceClient.startMeasurement(Qa,t),this.logger.trace("12v7is",t);const r=new Yc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,us.handleRedirectPromise,this.performanceClient,this.platformAuthProvider,o.accountId,this.nativeInternalStorage,o.correlationId);a=Kn(r.handleRedirectPromise.bind(r),"handleNativeRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(this.performanceClient,s.event.correlationId)}else{const[r,n]=this.browserStorage.getCachedRequest(""),o=r.correlationId;this.eventHandler.emitEvent(Tc.HANDLE_REDIRECT_START,o,e.InteractionType.Redirect),s=this.performanceClient.startMeasurement(Qa,o),this.logger.trace("0znzs5",o);const i=this.createRedirectClient(o);a=Kn(i.handleRedirectPromise.bind(i),"handleRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(r,n,s,t)}}catch(e){throw this.browserStorage.resetRequestCache(""),e}return a.then((t=>{if(t){this.browserStorage.resetRequestCache(t.correlationId),this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_SUCCESS,t.correlationId,e.InteractionType.Redirect,t),this.logger.verbose("0ui8f5",t.correlationId);n.length<this.getAllAccounts().length&&(this.eventHandler.emitEvent(Tc.LOGIN_SUCCESS,t.correlationId,e.InteractionType.Redirect,t.account),this.logger.verbose("16im3l",t.correlationId)),s.end({success:!0},void 0,t.account)}else s.event.errorCode?s.end({success:!1},void 0):s.discard();return this.eventHandler.emitEvent(Tc.HANDLE_REDIRECT_END,s.event.correlationId,e.InteractionType.Redirect),t})).catch((t=>{this.browserStorage.resetRequestCache(s.event.correlationId);const r=t;throw this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_FAILURE,s.event.correlationId,e.InteractionType.Redirect,null,r),this.eventHandler.emitEvent(Tc.HANDLE_REDIRECT_END,s.event.correlationId,e.InteractionType.Redirect),s.end({success:!1},r),t}))}async acquireTokenRedirect(t){const r=this.getRequestCorrelationId(t);this.logger.verbose("0os66p",r);const n=this.performanceClient.startMeasurement(Va,r);n.add({scenarioId:t.scenarioId});const o=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=e=>{const r="function"==typeof o?o(e):void 0;return n.add({navigateCallbackResult:!1!==r}),n.event=n.end({success:!0},void 0,t.account)||n.event,r};try{let o;if(ya(this.initialized,this.config),So(this.config.auth.isMcp,t),this.browserStorage.setInteractionInProgress(!0,rs),this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_START,r,e.InteractionType.Redirect,t),this.platformAuthProvider&&this.canUsePlatformBroker(t)){o=new Yc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,us.acquireTokenRedirect,this.performanceClient,this.platformAuthProvider,this.getNativeAccountId(t),this.nativeInternalStorage,r).acquireTokenRedirect(t,n).catch((e=>{if(e instanceof Gc&&Vc(e)){this.platformAuthProvider=void 0;return this.createRedirectClient(r).acquireToken(t)}if(e instanceof vn){this.logger.verbose("1ipyz4",r);return this.createRedirectClient(r).acquireToken(t)}throw e}))}else{o=this.createRedirectClient(r).acquireToken(t)}return await o}catch(o){throw this.browserStorage.resetRequestCache(r),2===n.event.status?this.performanceClient.startMeasurement(Qa,r).end({success:!1},o,t.account):n.end({success:!1},o,t.account),this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Redirect,null,o),o}}acquireTokenPopup(t){const r=this.getRequestCorrelationId(t),n=this.performanceClient.startMeasurement(Ga,r);n.add({scenarioId:t.scenarioId});try{this.logger.verbose("0ch87b",r),xh(this.initialized,n,this.config,t),this.browserStorage.setInteractionInProgress(!0,rs,t.overrideInteractionInProgress,r)}catch(e){return Promise.reject(e)}const o=this.getAllAccounts();let i;this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_START,r,e.InteractionType.Popup,t);const s=this.getPreGeneratedPkceCodes(r);if(this.canUsePlatformBroker(t))i=this.acquireTokenNative({...t,correlationId:r},us.acquireTokenPopup).then((e=>(n.end({success:!0,isNativeBroker:!0},void 0,e.account),e))).catch((e=>{if(e instanceof Gc&&Vc(e)){this.platformAuthProvider=void 0;return this.createPopupClient(r).acquireToken(t,s)}if(e instanceof vn){this.logger.verbose("0yy5fw",r);return this.createPopupClient(r).acquireToken(t,s)}throw e}));else{i=this.createPopupClient(r).acquireToken(t,s)}return i.then((t=>{const i=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Popup,t),i&&this.eventHandler.emitEvent(Tc.LOGIN_SUCCESS,r,e.InteractionType.Popup,t.account),n.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t})).catch((o=>(this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Popup,null,o),n.end({success:!1},o,t.account),Promise.reject(o)))).finally((async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.navigatePopups||await this.preGeneratePkceCodes(r)}))}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;e&&e.increment({visibilityChangeCount:1})}async ssoSilent(t){const r=this.getRequestCorrelationId(t),n={...t,prompt:t.prompt,correlationId:r};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(Xa,r),this.ssoSilentMeasurement?.add({scenarioId:t.scenarioId}),xh(this.initialized,this.ssoSilentMeasurement,this.config,n),this.ssoSilentMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const o=this.getAllAccounts();let i;if(this.logger.verbose("0w1b45",r),this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_START,r,e.InteractionType.Silent,n),this.canUsePlatformBroker(n))i=this.acquireTokenNative(n,us.ssoSilent).catch((e=>{if(e instanceof Gc&&Vc(e)){this.platformAuthProvider=void 0;return this.createSilentIframeClient(n.correlationId).acquireToken(n)}throw e}));else{i=this.createSilentIframeClient(n.correlationId).acquireToken(n)}return i.then((t=>{const n=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,t),n&&this.eventHandler.emitEvent(Tc.LOGIN_SUCCESS,r,e.InteractionType.Silent,t.account),this.ssoSilentMeasurement?.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t})).catch((n=>{throw this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,n),this.ssoSilentMeasurement?.end({success:!1},n,t.account),n})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenByCode(t){const r=this.getRequestCorrelationId(t);this.logger.trace("0ch6ga",r);const n=this.performanceClient.startMeasurement(Wa,r);xh(this.initialized,n,this.config,t),this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_START,r,e.InteractionType.Silent,t),n.add({scenarioId:t.scenarioId});try{if(t.code&&t.nativeAccountId)throw Ni(yi);if(t.code){const o=t.code;let i=this.hybridAuthCodeResponses.get(o);return i?(this.logger.verbose("0qgp28",r),n.discard()):(this.logger.verbose("06eh73",r),i=this.acquireTokenByCodeAsync({...t,correlationId:r}).then((t=>(this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,t),this.hybridAuthCodeResponses.delete(o),n.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((t=>{throw this.hybridAuthCodeResponses.delete(o),this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,t),n.end({success:!1},t),t})),this.hybridAuthCodeResponses.set(o,i)),await i}if(t.nativeAccountId){if(this.canUsePlatformBroker(t,t.nativeAccountId)){const e=await this.acquireTokenNative({...t,correlationId:r},us.acquireTokenByCode,t.nativeAccountId).catch((e=>{throw e instanceof Gc&&Vc(e)&&(this.platformAuthProvider=void 0),e}));return n.end({success:!0},void 0,e.account),e}throw Ni(Ii)}throw Ni(fi)}catch(t){throw this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,t),n.end({success:!1},t),t}}async acquireTokenByCodeAsync(e){const t=this.getRequestCorrelationId(e);this.logger.trace("10d9hy",t),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement("acquireTokenByCodeAsync",t),this.acquireTokenByCodeAsyncMeasurement?.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement);const r=this.createSilentAuthCodeClient(t);return await r.acquireToken(e).then((e=>(this.acquireTokenByCodeAsyncMeasurement?.end({success:!0,fromCache:e.fromCache,isNativeBroker:e.fromPlatformBroker}),e))).catch((e=>{throw this.acquireTokenByCodeAsyncMeasurement?.end({success:!1},e),e})).finally((()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)}))}async acquireTokenFromCache(e,t){switch(t){case Is.Default:case Is.AccessToken:case Is.AccessTokenAndRefreshToken:const t=this.createSilentCacheClient(e.correlationId);return Kn(t.acquireToken.bind(t),"silentCacheClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw be(ft)}}async acquireTokenByRefreshToken(e,t){switch(t){case Is.Default:case Is.AccessTokenAndRefreshToken:case Is.RefreshToken:case Is.RefreshTokenAndNetwork:const t=this.createSilentRefreshClient(e.correlationId);return Kn(t.acquireToken.bind(t),"silentRefreshClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw be(ft)}}async acquireTokenBySilentIframe(e){const t=this.createSilentIframeClient(e.correlationId);return Kn(t.acquireToken.bind(t),"silentIframeClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e)}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);ya(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,ns);return this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);fa(this.initialized),this.browserStorage.setInteractionInProgress(!0,ns);return this.createPopupClient(t).logout(e).finally((()=>{this.browserStorage.setInteractionInProgress(!1)}))}catch(e){return Promise.reject(e)}}async clearCache(e){if(!this.isBrowserEnvironment)return;const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return Rc(this.logger,this.browserStorage,this.isBrowserEnvironment,this.getRequestCorrelationId(),e)}getAccount(e){return Oc(e,this.logger,this.browserStorage,this.getRequestCorrelationId())}setActiveAccount(e){Mc(e,this.browserStorage,this.getRequestCorrelationId())}getActiveAccount(){return xc(this.browserStorage,this.getRequestCorrelationId())}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=zr(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,kr(e.idTokenClaims),us.hydrateCache),e.fromPlatformBroker?(this.logger.verbose("1fxyu8",e.correlationId),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,r,n){const o=this.getRequestCorrelationId(e);if(this.logger.trace("0b9y3p",o),!this.platformAuthProvider)throw Ni(ki);return new Yc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.platformAuthProvider,r||this.getNativeAccountId(e),this.nativeInternalStorage,o).acquireToken(e,n)}canUsePlatformBroker(e,t){const r=this.getRequestCorrelationId(e);if(this.logger.trace("1n9lbl",r),!this.platformAuthProvider)return this.logger.trace("0vnu11",r),!1;if(!Ch(this.config,this.logger,r,this.platformAuthProvider,e.authenticationScheme))return this.logger.trace("1m4bzf",r),!1;if(e.prompt)switch(e.prompt){case R.NONE:case R.CONSENT:case R.LOGIN:this.logger.trace("0vdv8e",r);break;default:return this.logger.trace("0pdzw6",r),!1}return!(!t&&!this.getNativeAccountId(e))||(this.logger.trace("16lbtk",r),!1)}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||this.getActiveAccount();return t&&t.nativeAccountId||""}createPopupClient(e){return new vh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createRedirectClient(e){return new kh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentIframeClient(e){return new Ph(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,us.ssoSilent,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentCacheClient(e){return new Xc(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentRefreshClient(e){return new Rh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentAuthCodeClient(e){return new Mh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,us.acquireTokenByCode,this.performanceClient,e,this.platformAuthProvider)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return pa(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e?.correlationId?e.correlationId:this.isBrowserEnvironment?Fs():""}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0lz9hf",t),this.acquireTokenRedirect({correlationId:t,...e||fs})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0qw7v5",t),this.acquireTokenPopup({correlationId:t,...e||fs})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(Ja,t);r.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),xh(this.initialized,r,this.config,e),this.logger.verbose("0x1c4s",t);const n=e.account||this.getActiveAccount();if(!n)throw Ni(oi);return this.acquireTokenSilentDeduped(e,n,t).then((n=>(r.end({success:!0,fromCache:n.fromCache,isNativeBroker:n.fromPlatformBroker,accessTokenSize:n.accessToken.length,idTokenSize:n.idToken.length},void 0,n.account),{...n,state:e.state,correlationId:t}))).catch((e=>{throw e instanceof we&&e.setCorrelationId(t),r.end({success:!1},e,n),e}))}async acquireTokenSilentDeduped(e,t,r){const n=so(this.config.auth.clientId,{...e,authority:e.authority||this.config.auth.authority},t.homeAccountId),o=JSON.stringify(n),i=this.activeSilentTokenRequests.get(o);if(void 0===i){this.logger.verbose("0fcjbk",r),this.performanceClient.addFields({deduped:!1},r);const n=Kn(this.acquireTokenSilentAsync.bind(this),"acquireTokenSilentAsync",this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(o,n),n.finally((()=>{this.activeSilentTokenRequests.delete(o)}))}return this.logger.verbose("1yq7nb",r),this.performanceClient.addFields({deduped:!0},r),i}async acquireTokenSilentAsync(t,r){const n=()=>this.trackPageVisibility(t.correlationId);this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_START,t.correlationId,e.InteractionType.Silent,t),t.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},t.correlationId),document.addEventListener("visibilitychange",n);const o=await Kn(Kc,"initializeSilentRequest",this.logger,this.performanceClient,t.correlationId)(t,r,this.config,this.performanceClient,this.logger),i=t.cacheLookupPolicy||Is.Default;return this.acquireTokenSilentNoIframe(o,i).catch((async e=>{const r=function(e,t){const r=!(e instanceof vn&&e.subError!==fn),n=e.errorCode===Ui||e.errorCode===ft,o=r&&n||e.errorCode===hn||e.errorCode===dn,i=Cs.includes(t);return o&&i}(e,i);if(r){const r=`${e.errorCode}${e.subError?`|${e.subError}`:""}`;if(this.performanceClient.addFields({silentRefreshReason:r},t.correlationId),this.activeIframeRequest){if(i!==Is.Skip){const[t,r]=this.activeIframeRequest;this.logger.verbose("1w8fso",o.correlationId);const n=this.performanceClient.startMeasurement("awaitConcurrentIframe",o.correlationId);n.add({awaitIframeCorrelationId:r});const s=await t;if(n.end({success:s}),s)return this.logger.verbose("0ywzzi",o.correlationId),this.acquireTokenSilentNoIframe(o,i);throw this.logger.info("17y14q",o.correlationId),e}return this.logger.warning("1bd4p8",o.correlationId),Kn(this.acquireTokenBySilentIframe.bind(this),ba,this.logger,this.performanceClient,o.correlationId)(o)}{let e;return this.activeIframeRequest=[new Promise((t=>{e=t})),o.correlationId],this.logger.verbose("0rh08z",o.correlationId),Kn(this.acquireTokenBySilentIframe.bind(this),ba,this.logger,this.performanceClient,o.correlationId)(o).then((t=>(e(!0),t))).catch((t=>{throw e(!1),t})).finally((()=>{this.activeIframeRequest=void 0}))}}throw e})).then((r=>(this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_SUCCESS,t.correlationId,e.InteractionType.Silent,r),t.correlationId&&this.performanceClient.addFields({fromCache:r.fromCache,isNativeBroker:r.fromPlatformBroker},t.correlationId),r))).catch((r=>{throw this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_FAILURE,t.correlationId,e.InteractionType.Silent,null,r),r})).finally((()=>{document.removeEventListener("visibilitychange",n)}))}async acquireTokenSilentNoIframe(t,r){return Ch(this.config,this.logger,t.correlationId,this.platformAuthProvider,t.authenticationScheme)&&t.account.nativeAccountId?(this.logger.verbose("0sczo4",t.correlationId),this.acquireTokenNative(t,us.acquireTokenSilent_silentFlow,t.account.nativeAccountId,r).catch((async e=>{if(e instanceof Gc&&Vc(e))throw this.logger.verbose("07rkmb",t.correlationId),this.platformAuthProvider=void 0,be(ft);throw e}))):(this.logger.verbose("0ox81t",t.correlationId),r===Is.AccessToken&&this.logger.verbose("0fvwxe",t.correlationId),Kn(this.acquireTokenFromCache.bind(this),"acquireTokenFromCache",this.logger,this.performanceClient,t.correlationId)(t,r).catch((n=>{if(r===Is.AccessToken)throw n;return this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_NETWORK_START,t.correlationId,e.InteractionType.Silent,t),Kn(this.acquireTokenByRefreshToken.bind(this),"acquireTokenByRefreshToken",this.logger,this.performanceClient,t.correlationId)(t,r)})))}async preGeneratePkceCodes(e){return this.logger.verbose("1x6uj6",e),this.pkceCode=await Kn(hh,La,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,t?this.logger.verbose("12js1o",e):this.logger.verbose("1oe9ci",e),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}logMultipleInstances(e,t){const r=this.config.auth.clientId;if(!window)return;window.msal=window.msal||{},window.msal.clientIds=window.msal.clientIds||[];window.msal.clientIds.length>0&&this.logger.verbose("1qtz3l",t),window.msal.clientIds.push(r),function(e,t,r,n){const o=window.msal?.clientIds||[],i=o.length,s=o.filter((t=>t===e)).length;s>1&&r.warning("1e88vg",n),t.add({msalInstanceCount:i,sameClientIdInstanceCount:s})}(r,e,this.logger,t)}}class Nh{static loggerCallback(t,r){switch(t){case e.LogLevel.Error:return void console.error(r);case e.LogLevel.Info:return void console.info(r);case e.LogLevel.Verbose:return void console.debug(r);case e.LogLevel.Warning:return void console.warn(r);default:return void console.log(r)}}constructor(t){let r;this.browserEnvironment="undefined"!=typeof window,this.config=fh(t,this.browserEnvironment);try{r=window[Zi.SessionStorage]}catch(e){}const n=r?.getItem(oc),o=r?.getItem(ic)?.toLowerCase(),i="true"===o||"false"!==o&&void 0,s={...this.config.system.loggerOptions},a=n&&Object.keys(e.LogLevel).includes(n)?e.LogLevel[n]:void 0;a&&(s.loggerCallback=Nh.loggerCallback,s.logLevel=a),void 0!==i&&(s.piiLoggingEnabled=i),this.logger=new pr(s,bc,Ac),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}class Uh extends Nh{getModuleName(){return Uh.MODULE_NAME}getId(){return Uh.ID}async initialize(e){return this.available="undefined"!=typeof window,this.available}}Uh.MODULE_NAME="",Uh.ID="StandardOperatingContext";const Lh="USER_INTERACTION_REQUIRED",Hh="USER_CANCEL",Dh="NO_NETWORK",Fh="TRANSIENT_ERROR",Kh="PERSISTENT_ERROR",Bh="DISABLED",zh="ACCOUNT_UNAVAILABLE",jh="NESTED_APP_AUTH_UNAVAILABLE";class $h{constructor(e,t,r,n){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=n}toNaaTokenRequest(e){let t;t=void 0===e.extraQueryParameters?new Map:new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId||this.crypto.createNewGuid(),n=Yt(e.claims,this.clientCapabilities),o=e.scopes||p;return{platformBrokerId:e.account?.homeAccountId,clientId:this.clientId,authority:e.authority,resource:e.resource,scope:o.join(" "),correlationId:r,claims:ke.isEmptyObj(n)?void 0:n,state:e.state,authenticationScheme:e.authenticationScheme||G.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token||!t.token.access_token)throw be(Ve);const n=En(r+(t.token.expires_in||0)),o=vr(t.token.id_token,this.crypto.base64Decode),i=this.fromNaaAccountInfo(t.account,t.token.id_token,o),s=t.token.scope||e.scope;return{authority:t.token.authority||i.environment,uniqueId:i.localAccountId,tenantId:i.tenantId,scopes:s.split(" "),account:i,idToken:t.token.id_token,idTokenClaims:o,accessToken:t.token.access_token,fromCache:!1,expiresOn:n,tokenType:e.authenticationScheme||G.BEARER,correlationId:e.correlationId,extExpiresOn:n,state:e.state}}fromNaaAccountInfo(e,t,r){const n=r||e.idTokenClaims,o=e.localAccountId||n?.oid||n?.sub||"",i=e.tenantId||Fr(n)||"",s=e.homeAccountId||`${o}.${i}`,a=e.environment;if(!a)throw be(gt);const c=n?.preferred_username||n?.upn,h=n?.emails?.[0]||null,l=e.username||c||h||"",d=e.name||n?.name||"",u=e.loginHint||n?.login_hint,g=new Map,p=Ir(s,o,i,n);g.set(i,p);return{homeAccountId:s,environment:a,tenantId:i,username:l,localAccountId:o,name:d,loginHint:u,idToken:t,idTokenClaims:n,tenantProfiles:g}}fromBridgeError(e){if(!function(e){return void 0!==e.status}(e))return new we("unknown_error","An unknown error occurred");switch(e.status){case Hh:return new Te(Tt);case Dh:return new Te(kt);case zh:return new Te(pt);case Bh:return new Te(At);case jh:return new Te(e.code||At,e.description);case Fh:case Kh:return new cn(e.code,e.description);case Lh:return new vn(e.code,e.description);default:return new we(e.code,e.description)}}toAuthenticationResultFromCache(e,t,r,n,o){if(!t||!r)throw be(Ve);const i=vr(t.secret,this.crypto.base64Decode),s=r.target||n.scopes.join(" ");return{authority:r.environment||e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:s.split(" "),account:e,idToken:t.secret,idTokenClaims:i||{},accessToken:r.secret,fromCache:!0,expiresOn:En(r.expiresOn),extExpiresOn:En(r.extendedExpiresOn),tokenType:n.authenticationScheme||G.BEARER,correlationId:o,state:n.state}}}class Jh extends we{constructor(e,t){super(e,t),Object.setPrototypeOf(this,Jh.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(){return new Jh("unsupported_method")}}class Wh{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(void 0===t)throw new Error("unexpected: bridgeProxy is undefined");this.bridgeProxy=t,this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new ja(this.logger,this.performanceClient,!0):lr,this.eventHandler=new qc(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new _c(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,yo(this.config.auth)):Pc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new $h(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r||null}static async createController(e){const t=new Wh(e);return Promise.resolve(t)}async initialize(e,t){const r=e?.correlationId||Fs();return await this.browserStorage.initialize(r),Promise.resolve()}ensureValidRequest(e){return e?.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(t){const r=this.ensureValidRequest(t),n=r.correlationId||Fs();this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_START,n,e.InteractionType.Popup,r);const o=this.performanceClient.startMeasurement(Ga,n);o.add({nestedAppAuthRequest:!0});try{So(this.config.auth.isMcp,r);const i=this.nestedAppAuthAdapter.toNaaTokenRequest(r),s=Sn(),a=await this.bridgeProxy.getTokenInteractive(i),c={...this.nestedAppAuthAdapter.fromNaaTokenResponse(i,a,s)};try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_SUCCESS,n,e.InteractionType.Popup,c),o.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),o.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const i=r instanceof we?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_FAILURE,n,e.InteractionType.Popup,null,r),o.end({success:!1},r,t.account),i}}async acquireTokenSilentInternal(t){const r=this.ensureValidRequest(t),n=r.correlationId||Fs();this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_START,n,e.InteractionType.Silent,r);const o=await this.acquireTokenFromCache(r);if(o)return this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_SUCCESS,n,e.InteractionType.Silent,o),o;const i=this.performanceClient.startMeasurement(Xa,n);i.increment({visibilityChangeCount:0}),i.add({nestedAppAuthRequest:!0});try{So(this.config.auth.isMcp,r);const o=this.nestedAppAuthAdapter.toNaaTokenRequest(r);o.forceRefresh=r.forceRefresh;const s=Sn(),a=await this.bridgeProxy.getTokenSilent(o),c=this.nestedAppAuthAdapter.fromNaaTokenResponse(o,a,s);try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_SUCCESS,n,e.InteractionType.Silent,c),i?.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),i?.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const o=r instanceof we?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_FAILURE,n,e.InteractionType.Silent,null,r),i?.end({success:!1},r,t.account),o}}async acquireTokenFromCache(t){const r=t.correlationId||Fs(),n=this.performanceClient.startMeasurement(Ja,r);if(n?.add({nestedAppAuthRequest:!0}),t.claims)return this.logger.verbose("11t57w",r),null;if(t.forceRefresh)return this.logger.verbose("1ovnmo",r),null;let o=null;switch(t.cacheLookupPolicy||(t.cacheLookupPolicy=Is.Default),t.cacheLookupPolicy){case Is.Default:case Is.AccessToken:case Is.AccessTokenAndRefreshToken:o=await this.acquireTokenFromCacheInternal(t);break;default:return null}return o?(this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,o),n.add({accessTokenSize:o.accessToken.length,idTokenSize:o.idToken.length}),n.end({success:!0},void 0,o.account),o):(this.logger.warning("1yb4fi",r),this.eventHandler.emitEvent(Tc.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null),n.end({success:!1},void 0,t.account),null)}async acquireTokenFromCacheInternal(e){const t=this.bridgeProxy.getAccountContext()||this.currentAccountContext,r=e.correlationId||Fs();let n=null;if(t&&(n=Oc(t,this.logger,this.browserStorage,r)),!n)return this.logger.verbose("10qnr0",r),Promise.resolve(null);this.logger.verbose("1u7hux",r);const o={...e,correlationId:r,authority:e.authority||n.environment,scopes:e.scopes?.length?e.scopes:[...p]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(n,o,i,n.tenantId);if(!s)return this.logger.verbose("03vm49",r),Promise.resolve(null);if(On(s.cachedAt)||Pn(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("18egye",r),Promise.resolve(null);if(o.resource){const e=o.resource,t=s.resource;if(!t||t!==e)return this.logger.verbose("0qraxd",r),Promise.resolve(null)}const a=this.browserStorage.getIdToken(n,o.correlationId,i,n.tenantId);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(n,a,s,o,o.correlationId):(this.logger.verbose("0d68kd",r),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw Jh.createUnsupportedError()}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw Jh.createUnsupportedError()}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw Jh.createUnsupportedError()}removePerformanceCallback(e){throw Jh.createUnsupportedError()}getAllAccounts(e){return Rc(this.logger,this.browserStorage,this.isBrowserEnv(),Fs(),e)}getAccount(e){return Oc(e,this.logger,this.browserStorage,Fs())}setActiveAccount(e){return Mc(e,this.browserStorage,Fs())}getActiveAccount(){return xc(this.browserStorage,Fs())}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e||fs)}loginRedirect(e){throw Jh.createUnsupportedError()}logoutRedirect(e){throw Jh.createUnsupportedError()}logoutPopup(e){throw Jh.createUnsupportedError()}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("1k8729","")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw Jh.createUnsupportedError()}getRedirectResponse(){throw Jh.createUnsupportedError()}async clearCache(e){throw Jh.createUnsupportedError()}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=zr(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,kr(e.idTokenClaims),us.hydrateCache),this.browserStorage.hydrateCache(e,t)}}class Gh{static async initializeNestedAppAuthBridge(){if(void 0===window)throw new Error("window is undefined");if(void 0===window.nestedAppAuthBridge)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",(e=>{const t="string"==typeof e?e:e.data,r=JSON.parse(t),n=Gh.bridgeRequests.find((e=>e.requestId===r.requestId));void 0!==n&&(Gh.bridgeRequests.splice(Gh.bridgeRequests.indexOf(n),1),r.success?n.resolve(r):n.reject(r.error))}));const e=await new Promise(((e,t)=>{const r=Gh.buildRequest("GetInitContext"),n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Gh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}));return Gh.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:Gh.validateBridgeResultOrThrow(r.token),account:Gh.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:Fs(),sendTime:Date.now(),clientLibrary:Fi,clientLibraryVersion:Ac,...t}}sendRequest(e,t){const r=Gh.buildRequest(e,t);return new Promise(((e,t)=>{const n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Gh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}))}static validateBridgeResultOrThrow(e){if(void 0===e){throw{status:jh}}return e}constructor(e,t,r,n){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=n}static async create(){const e=await Gh.initializeNestedAppAuthBridge();return new Gh(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}Gh.bridgeRequests=[];class Vh extends Nh{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return Vh.MODULE_NAME}getId(){return Vh.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(e){const t=e||"";try{if("undefined"!=typeof window){"function"==typeof window.__initializeNestedAppAuth&&await window.__initializeNestedAppAuth();const e=await Gh.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=void 0!==e}}catch(e){this.logger.infoPii("1mdxyj",t)}return this.logger.info("12jy9a",t),this.available}}Vh.MODULE_NAME="",Vh.ID="NestedAppOperatingContext";class Qh{constructor(e,t){this.controller=t||new qh(new Uh(e))}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}getAccount(e){return this.controller.getAccount(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function Xh(e){const t=new Qh(e);return await t.initialize(),t}const Yh={initialize:()=>Promise.reject(ea(Qs)),acquireTokenPopup:()=>Promise.reject(ea(Qs)),acquireTokenRedirect:()=>Promise.reject(ea(Qs)),acquireTokenSilent:()=>Promise.reject(ea(Qs)),acquireTokenByCode:()=>Promise.reject(ea(Qs)),getAllAccounts:()=>[],getAccount:()=>null,handleRedirectPromise:()=>Promise.reject(ea(Qs)),loginPopup:()=>Promise.reject(ea(Qs)),loginRedirect:()=>Promise.reject(ea(Qs)),logoutRedirect:()=>Promise.reject(ea(Qs)),logoutPopup:()=>Promise.reject(ea(Qs)),ssoSilent:()=>Promise.reject(ea(Qs)),addEventCallback:()=>null,removeEventCallback:()=>{},addPerformanceCallback:()=>"",removePerformanceCallback:()=>!1,getLogger:()=>{throw ea(Qs)},setLogger:()=>{},setActiveAccount:()=>{},getActiveAccount:()=>null,initializeWrapperLibrary:()=>{},setNavigationClient:()=>{},getConfiguration:()=>{throw ea(Qs)},hydrateCache:()=>Promise.reject(ea(Qs)),clearCache:()=>Promise.reject(ea(Qs))};async function Zh(e,t,r,n,o,i,s,a){if(o.verbose("0ke46k",r),e.account){const t=zr(e.account);return await n.setAccount(t,r,kr(a||{}),us.loadExternalTokens),t}if(!t&&!a)throw o.error("0hzcn4",r),Ni(gi);const c=jr(t,s.authorityType,o,i,r,a),h=a?.tid,l=ro(n,s,c,As,r,a,t,s.getPreferredCache(),h,void 0,void 0,o);return await n.setAccount(l,r,kr(a||{}),us.loadExternalTokens),l}async function el(e,t,r,n,o,i,s,a,c){if(!e.id_token)return a.verbose("1pm7g1",i),null;a.verbose("168lyi",i);const h=$n(t,r,e.id_token,c,n);return await s.setIdTokenCredential(h,i,o),h}async function tl(e,t,r,n,o,i,s,a,c,h,l){if(!t.access_token)return h.verbose("1ckp9e",a),null;if(!t.expires_in)return h.error("15mzx8",a),null;if(!(t.scope||e.scopes&&e.scopes.length))return h.error("1h7xse",a),null;h.verbose("01kmxb",a);const d=t.scope?Pt.fromString(t.scope):new Pt(e.scopes),u=s.expiresOn||t.expires_in+Sn(),g=s.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+Sn(),p=Jn(r,n,t.access_token,l,o,d.printScopes(),u,g,As);return await c.setAccessTokenCredential(p,a,i),p}async function rl(e,t,r,n,o,i,s,a,c){if(!e.refresh_token)return s.verbose("1l7um5",o),null;const h=e.refresh_token_expires_in?e.refresh_token_expires_in+Sn():void 0;c.addFields({extRtExpiresOnSeconds:h},o),s.verbose("0qy8ev",o);const l=Wn(t,r,e.refresh_token,a,e.foci,void 0,h);return await i.setRefreshTokenCredential(l,o,n),l}function nl(){let e;try{e=window[Zi.SessionStorage];const t=e?.getItem(sc);if(1===Number(t))return Promise.resolve().then((function(){return al}))}catch(e){}}function ol(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.now}function il(e){if(e&&ol())return Math.round(window.performance.now()-e)}class sl{constructor(e,t){this.correlationId=t,this.measureName=sl.makeMeasureName(e,t),this.startMark=sl.makeStartMark(e,t),this.endMark=sl.makeEndMark(e,t)}static makeMeasureName(e,t){return`msal.measure.${e}.${t}`}static makeStartMark(e,t){return`msal.start.${e}.${t}`}static makeEndMark(e,t){return`msal.end.${e}.${t}`}static supportsBrowserPerformance(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.mark&&"function"==typeof window.performance.measure&&"function"==typeof window.performance.clearMarks&&"function"==typeof window.performance.clearMeasures&&"function"==typeof window.performance.getEntriesByName}static flushMeasurements(e,t){if(sl.supportsBrowserPerformance())try{t.forEach((t=>{const r=sl.makeMeasureName(t.name,e);window.performance.getEntriesByName(r,"measure").length>0&&(window.performance.clearMeasures(r),window.performance.clearMarks(sl.makeStartMark(r,e)),window.performance.clearMarks(sl.makeEndMark(r,e)))}))}catch(e){}}startMeasurement(){if(sl.supportsBrowserPerformance())try{window.performance.mark(this.startMark)}catch(e){}}endMeasurement(){if(sl.supportsBrowserPerformance())try{window.performance.mark(this.endMark),window.performance.measure(this.measureName,this.startMark,this.endMark)}catch(e){}}flushMeasurement(){if(sl.supportsBrowserPerformance())try{const e=window.performance.getEntriesByName(this.measureName,"measure");if(e.length>0){const t=e[0].duration;return window.performance.clearMeasures(this.measureName),window.performance.clearMarks(this.startMark),window.performance.clearMarks(this.endMark),t}}catch(e){}return null}}var al=Object.freeze({__proto__:null,BrowserPerformanceMeasurement:sl});const cl=G,hl=x,ll=R,dl=ae,ul=p;e.ApiId=us,e.AuthError=we,e.AuthErrorCodes=Po,e.AuthenticationHeaderParser=class{constructor(e){this.headers=e}getShrNonce(){const e=this.headers[v];if(e){const t=this.parseChallenges(e);if(t.nextnonce)return t.nextnonce;throw ve(Fe)}const t=this.headers[C];if(t){const e=this.parseChallenges(t);if(e.nonce)return e.nonce;throw ve(Fe)}throw ve(De)}parseChallenges(e){const t=e.indexOf(" "),r=e.substr(t+1).split(","),n={};return r.forEach((e=>{const[t,r]=e.split("=");n[t]=unescape(r.replace(/['"]+/g,""))})),n}},e.AuthenticationScheme=cl,e.AzureCloudInstance=yr,e.BrowserAuthError=qi,e.BrowserAuthErrorCodes=Mi,e.BrowserCacheLocation=Zi,e.BrowserConfigurationAuthError=Zs,e.BrowserConfigurationAuthErrorCodes=Ys,e.BrowserPerformanceClient=class extends Lo{constructor(e,r){super(e.auth.clientId,e.auth.authority||`${t}`,new pr(e.system?.loggerOptions||{},bc,Ac),bc,Ac,e.telemetry?.application||{appName:"",appVersion:""},r)}generateId(){return Fs()}getPageVisibility(){return document.visibilityState?.toString()||null}deleteIncompleteSubMeasurements(e){nl()?.then((t=>{const r=this.eventsByCorrelationId.get(e.event.correlationId),n=r&&r.eventId===e.event.eventId,o=[];n&&r?.incompleteSubMeasurements&&r.incompleteSubMeasurements.forEach((e=>{o.push({...e})})),t.BrowserPerformanceMeasurement.flushMeasurements(e.event.correlationId,o)}))}startMeasurement(e,t){const r=this.getPageVisibility(),n=super.startMeasurement(e,t),o=ol()?window.performance.now():void 0,i=nl()?.then((t=>new t.BrowserPerformanceMeasurement(e,n.event.correlationId)));return i?.then((e=>e.startMeasurement())),{...n,end:(e,t,s)=>{const a=function(){if("undefined"==typeof window||!window.navigator)return{};const e="connection"in window.navigator?window.navigator.connection:void 0;return{effectiveType:e?.effectiveType,rtt:e?.rtt}}(),c=n.end({...e,startPageVisibility:r,endPageVisibility:this.getPageVisibility(),durationMs:il(o),networkEffectiveType:a.effectiveType,networkRtt:a.rtt},t,s);return i?.then((e=>e.endMeasurement())),this.deleteIncompleteSubMeasurements(n),c},discard:()=>{n.discard(),i?.then((e=>e.flushMeasurement())),this.deleteIncompleteSubMeasurements(n)}}}},e.BrowserPerformanceMeasurement=sl,e.BrowserRootPerformanceEvents=tc,e.BrowserUtils=va,e.CacheLookupPolicy=Is,e.ClientAuthError=Te,e.ClientAuthErrorCodes=Et,e.ClientConfigurationError=Ce,e.ClientConfigurationErrorCodes=$e,e.DEFAULT_IFRAME_TIMEOUT_MS=1e4,e.EventHandler=qc,e.EventMessageUtils=class{static getInteractionStatusFromEvent(t,r){switch(t.eventType){case Tc.ACQUIRE_TOKEN_START:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup)return ms.AcquireToken;break;case Tc.HANDLE_REDIRECT_START:return ms.HandleRedirect;case Tc.LOGOUT_START:return ms.Logout;case Tc.LOGOUT_END:if(r&&r!==ms.Logout)break;return ms.None;case Tc.HANDLE_REDIRECT_END:if(r&&r!==ms.HandleRedirect)break;return ms.None;case Tc.ACQUIRE_TOKEN_SUCCESS:case Tc.ACQUIRE_TOKEN_FAILURE:case Tc.RESTORE_FROM_BFCACHE:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup){if(r&&r!==ms.AcquireToken)break;return ms.None}}return null}},e.EventType=Tc,e.InteractionRequiredAuthError=vn,e.InteractionRequiredAuthErrorCodes=wn,e.InteractionStatus=ms,e.JsonWebTokenTypes=dl,e.LocalStorage=vc,e.Logger=pr,e.MemoryStorage=Ba,e.NavigationClient=uh,e.OIDC_DEFAULT_SCOPES=ul,e.PromptValue=ll,e.ProtocolMode=Kr,e.PublicClientApplication=Qh,e.ResponseMode=hl,e.ServerError=cn,e.SessionStorage=kc,e.SignedHttpRequest=class{constructor(e,t){const r=t&&t.loggerOptions||{};this.logger=new pr(r,bc,Ac),this.cryptoOps=new ja(this.logger),this.popTokenGenerator=new zn(this.cryptoOps,new Xr),this.shrParameters=e}async generatePublicKeyThumbprint(){const{kid:e}=await this.popTokenGenerator.generateKid(this.shrParameters);return e}async signRequest(e,t,r){return this.popTokenGenerator.signPayload(e,t,this.shrParameters,r)}async removeKeys(e,t){return this.cryptoOps.removeTokenBindingKey(e,t)}},e.StubPerformanceClient=Xr,e.WrapperSKU={React:"@azure/msal-react",Angular:"@azure/msal-angular"},e.createNestablePublicClientApplication=async function(e,t,r){const n=new Vh(e);if(await n.initialize(t),n.isAvailable()){const o=t||Fs(),i=new Wh(n),s=r?r(e,i):new Qh(e,i);return await s.initialize({correlationId:o}),s}return Xh(e)},e.createStandardPublicClientApplication=Xh,e.enforceResourceParameter=So,e.isPlatformBrokerAvailable=async function(e,t,r){const n=new pr(e||{},bc,Ac),o=r||"";n.trace("07660b",o);const i=t||new Xr;return"undefined"==typeof window?(n.trace("082ed3",o),!1):!!await Ih(n,i,o)},e.loadExternalTokens=async function(e,t,r,n,o=new Xr){pa();const i=fh(e,!0),s=t.correlationId||Fs(),a=o.startMeasurement(ec,s);try{const c=r.id_token?vr(r.id_token,As):void 0,h=kr(c||{}),l={protocolMode:i.system.protocolMode,knownAuthorities:i.auth.knownAuthorities,cloudDiscoveryMetadata:i.auth.cloudDiscoveryMetadata,authorityMetadata:i.auth.authorityMetadata},d=new pr(i.system.loggerOptions||{}),u=new ja(d,i.telemetry.client),g=new _c(i.auth.clientId,i.cache,u,d,i.telemetry.client,new qc(d),yo(i.auth)),p=t.authority||i.auth.authority,m=await wo(mo.generateAuthority(p,t.azureCloudOptions),i.system.networkClient,g,l,d,s,o),f=await Kn(Zh,"loadAccount",d,o,s)(t,n.clientInfo||r.client_info||"",s,g,d,u,m,c),y=await Kn(el,"loadIdToken",d,o,s)(r,f.homeAccountId,f.environment,f.realm,h,s,g,d,e.auth.clientId),w=await Kn(tl,"loadAccessToken",d,o,s)(t,r,f.homeAccountId,f.environment,f.realm,h,n,s,g,d,e.auth.clientId),I=await Kn(rl,"loadRefreshToken",d,o,s)(r,f.homeAccountId,f.environment,h,s,g,d,e.auth.clientId,o);return a.end({success:!0},void 0,Br(f)),function(e,t,r,n){let o,i="",s=[],a=null;t?.accessToken&&(i=t.accessToken.secret,s=Pt.fromString(t.accessToken.target).asArray(),a=En(t.accessToken.expiresOn),o=En(t.accessToken.extendedExpiresOn));const c=t.account;return{authority:r.canonicalAuthority,uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:Br(c),idToken:t.idToken?.secret||"",idTokenClaims:n||{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId||"",requestId:"",extExpiresOn:o,familyId:t.refreshToken?.familyId||"",tokenType:t?.accessToken?.tokenType||"",state:e.state||"",cloudGraphHostName:c.cloudGraphHostName||"",msGraphHost:c.msGraphHost||"",fromPlatformBroker:!1}}(t,{account:f,idToken:y,accessToken:w,refreshToken:I},m,c)}catch(e){throw a.end({success:!1},e),e}},e.stubbedPublicClientApplication=Yh,e.version=Ac}));
|