@azure/msal-browser 5.6.1 → 5.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.d.ts.map +1 -1
- package/dist/cache/TokenCache.mjs +9 -9
- package/dist/cache/TokenCache.mjs.map +1 -1
- package/dist/config/Configuration.d.ts +13 -1
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +9 -2
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +4 -2
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +56 -19
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +13 -1
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +9 -2
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts +4 -2
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +56 -19
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/index.d.ts +1 -1
- package/dist/custom-auth-path/index.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +21 -8
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts +6 -0
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +12 -2
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +23 -3
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/redirect_bridge/index.d.ts.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +9 -3
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts +2 -2
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +27 -3
- package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +1 -1
- package/dist/index.mjs.map +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +21 -8
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts +6 -0
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +12 -2
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/log-strings-mapping.json +31 -11
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/cache/TokenCache.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.d.ts +13 -1
- package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/controllers/StandardController.d.ts +4 -2
- package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/index.d.ts +1 -1
- package/dist/redirect-bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_handler/SilentHandler.d.ts +6 -0
- package/dist/redirect-bridge/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +43 -24
- package/dist/redirect-bridge/redirect_bridge/index.mjs.map +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts +2 -2
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -1
- package/dist/redirect_bridge/index.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +6 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/dist/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +9 -3
- package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.d.ts +2 -2
- package/dist/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/utils/BrowserUtils.mjs +27 -3
- package/dist/utils/BrowserUtils.mjs.map +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +23 -3
- package/lib/custom-auth-path/msal-custom-auth.cjs +649 -546
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +13 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts +4 -2
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts +6 -0
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/redirect_bridge/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/log-strings-mapping.json +31 -11
- package/lib/msal-browser.cjs +794 -685
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +794 -685
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +52 -33
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
- package/lib/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +13 -1
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +4 -2
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/index.d.ts +1 -1
- package/lib/types/index.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts +6 -0
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/redirect_bridge/index.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/lib/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/cache/TokenCache.ts +27 -24
- package/src/config/Configuration.ts +22 -0
- package/src/controllers/StandardController.ts +84 -35
- package/src/index.ts +1 -0
- package/src/interaction_client/PlatformAuthInteractionClient.ts +55 -53
- package/src/interaction_client/SilentIframeClient.ts +55 -29
- package/src/interaction_handler/SilentHandler.ts +11 -0
- package/src/packageMetadata.ts +1 -1
- package/src/redirect_bridge/index.ts +47 -25
- package/src/telemetry/BrowserPerformanceClient.ts +6 -0
- package/src/telemetry/BrowserPerformanceEvents.ts +6 -0
- package/src/utils/BrowserUtils.ts +36 -4
package/lib/msal-browser.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.6.
|
|
1
|
+
/*! @azure/msal-browser v5.6.3 2026-04-01 */
|
|
2
2
|
'use strict';
|
|
3
3
|
(function (global, factory) {
|
|
4
4
|
typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
(global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
|
|
7
7
|
})(this, (function (exports) { 'use strict';
|
|
8
8
|
|
|
9
|
-
/*! @azure/msal-common v16.4.
|
|
9
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
10
10
|
/*
|
|
11
11
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
12
12
|
* Licensed under the MIT License.
|
|
@@ -238,7 +238,7 @@
|
|
|
238
238
|
// Token renewal offset default in seconds
|
|
239
239
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
240
240
|
|
|
241
|
-
/*! @azure/msal-common v16.4.
|
|
241
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
242
242
|
/*
|
|
243
243
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
244
244
|
* Licensed under the MIT License.
|
|
@@ -290,7 +290,7 @@
|
|
|
290
290
|
const RESOURCE = "resource";
|
|
291
291
|
const CLI_DATA = "clidata";
|
|
292
292
|
|
|
293
|
-
/*! @azure/msal-common v16.4.
|
|
293
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
294
294
|
/*
|
|
295
295
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
296
296
|
* Licensed under the MIT License.
|
|
@@ -321,7 +321,7 @@
|
|
|
321
321
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
322
322
|
}
|
|
323
323
|
|
|
324
|
-
/*! @azure/msal-common v16.4.
|
|
324
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
325
325
|
|
|
326
326
|
/*
|
|
327
327
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -341,7 +341,7 @@
|
|
|
341
341
|
return new ClientConfigurationError(errorCode);
|
|
342
342
|
}
|
|
343
343
|
|
|
344
|
-
/*! @azure/msal-common v16.4.
|
|
344
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
345
345
|
/*
|
|
346
346
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
347
347
|
* Licensed under the MIT License.
|
|
@@ -421,7 +421,7 @@
|
|
|
421
421
|
}
|
|
422
422
|
}
|
|
423
423
|
|
|
424
|
-
/*! @azure/msal-common v16.4.
|
|
424
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
425
425
|
|
|
426
426
|
/*
|
|
427
427
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -444,7 +444,7 @@
|
|
|
444
444
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
445
445
|
}
|
|
446
446
|
|
|
447
|
-
/*! @azure/msal-common v16.4.
|
|
447
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
448
448
|
/*
|
|
449
449
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
450
450
|
* Licensed under the MIT License.
|
|
@@ -498,7 +498,7 @@
|
|
|
498
498
|
urlParseError: urlParseError
|
|
499
499
|
});
|
|
500
500
|
|
|
501
|
-
/*! @azure/msal-common v16.4.
|
|
501
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
502
502
|
/*
|
|
503
503
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
504
504
|
* Licensed under the MIT License.
|
|
@@ -586,7 +586,7 @@
|
|
|
586
586
|
userCanceled: userCanceled
|
|
587
587
|
});
|
|
588
588
|
|
|
589
|
-
/*! @azure/msal-common v16.4.
|
|
589
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
590
590
|
|
|
591
591
|
/*
|
|
592
592
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -781,7 +781,7 @@
|
|
|
781
781
|
}
|
|
782
782
|
}
|
|
783
783
|
|
|
784
|
-
/*! @azure/msal-common v16.4.
|
|
784
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
785
785
|
|
|
786
786
|
/*
|
|
787
787
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1159,7 +1159,7 @@
|
|
|
1159
1159
|
}
|
|
1160
1160
|
}
|
|
1161
1161
|
|
|
1162
|
-
/*! @azure/msal-common v16.4.
|
|
1162
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1163
1163
|
|
|
1164
1164
|
/*
|
|
1165
1165
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1268,7 +1268,7 @@
|
|
|
1268
1268
|
}
|
|
1269
1269
|
}
|
|
1270
1270
|
|
|
1271
|
-
/*! @azure/msal-common v16.4.
|
|
1271
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1272
1272
|
|
|
1273
1273
|
/*
|
|
1274
1274
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1307,7 +1307,7 @@
|
|
|
1307
1307
|
},
|
|
1308
1308
|
};
|
|
1309
1309
|
|
|
1310
|
-
/*! @azure/msal-common v16.4.
|
|
1310
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1311
1311
|
/*
|
|
1312
1312
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1313
1313
|
* Licensed under the MIT License.
|
|
@@ -1582,12 +1582,12 @@
|
|
|
1582
1582
|
}
|
|
1583
1583
|
}
|
|
1584
1584
|
|
|
1585
|
-
/*! @azure/msal-common v16.4.
|
|
1585
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1586
1586
|
/* eslint-disable header/header */
|
|
1587
1587
|
const name$1 = "@azure/msal-common";
|
|
1588
|
-
const version$1 = "16.4.
|
|
1588
|
+
const version$1 = "16.4.1";
|
|
1589
1589
|
|
|
1590
|
-
/*! @azure/msal-common v16.4.
|
|
1590
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1591
1591
|
/*
|
|
1592
1592
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1593
1593
|
* Licensed under the MIT License.
|
|
@@ -1607,7 +1607,7 @@
|
|
|
1607
1607
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
1608
1608
|
};
|
|
1609
1609
|
|
|
1610
|
-
/*! @azure/msal-common v16.4.
|
|
1610
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1611
1611
|
/*
|
|
1612
1612
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1613
1613
|
* Licensed under the MIT License.
|
|
@@ -1689,7 +1689,7 @@
|
|
|
1689
1689
|
return updatedAccountInfo;
|
|
1690
1690
|
}
|
|
1691
1691
|
|
|
1692
|
-
/*! @azure/msal-common v16.4.
|
|
1692
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1693
1693
|
|
|
1694
1694
|
/*
|
|
1695
1695
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1769,7 +1769,7 @@
|
|
|
1769
1769
|
}
|
|
1770
1770
|
}
|
|
1771
1771
|
|
|
1772
|
-
/*! @azure/msal-common v16.4.
|
|
1772
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1773
1773
|
|
|
1774
1774
|
/*
|
|
1775
1775
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1926,7 +1926,7 @@
|
|
|
1926
1926
|
}
|
|
1927
1927
|
}
|
|
1928
1928
|
|
|
1929
|
-
/*! @azure/msal-common v16.4.
|
|
1929
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1930
1930
|
|
|
1931
1931
|
/*
|
|
1932
1932
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2083,7 +2083,7 @@
|
|
|
2083
2083
|
return null;
|
|
2084
2084
|
}
|
|
2085
2085
|
|
|
2086
|
-
/*! @azure/msal-common v16.4.
|
|
2086
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2087
2087
|
/*
|
|
2088
2088
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2089
2089
|
* Licensed under the MIT License.
|
|
@@ -2091,7 +2091,7 @@
|
|
|
2091
2091
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2092
2092
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2093
2093
|
|
|
2094
|
-
/*! @azure/msal-common v16.4.
|
|
2094
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2095
2095
|
|
|
2096
2096
|
/*
|
|
2097
2097
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2129,7 +2129,7 @@
|
|
|
2129
2129
|
}
|
|
2130
2130
|
}
|
|
2131
2131
|
|
|
2132
|
-
/*! @azure/msal-common v16.4.
|
|
2132
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2133
2133
|
|
|
2134
2134
|
/*
|
|
2135
2135
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2167,7 +2167,7 @@
|
|
|
2167
2167
|
};
|
|
2168
2168
|
}
|
|
2169
2169
|
|
|
2170
|
-
/*! @azure/msal-common v16.4.
|
|
2170
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2171
2171
|
/*
|
|
2172
2172
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2173
2173
|
* Licensed under the MIT License.
|
|
@@ -2182,7 +2182,7 @@
|
|
|
2182
2182
|
Ciam: 3,
|
|
2183
2183
|
};
|
|
2184
2184
|
|
|
2185
|
-
/*! @azure/msal-common v16.4.
|
|
2185
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2186
2186
|
/*
|
|
2187
2187
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2188
2188
|
* Licensed under the MIT License.
|
|
@@ -2204,7 +2204,7 @@
|
|
|
2204
2204
|
return null;
|
|
2205
2205
|
}
|
|
2206
2206
|
|
|
2207
|
-
/*! @azure/msal-common v16.4.
|
|
2207
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2208
2208
|
/*
|
|
2209
2209
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2210
2210
|
* Licensed under the MIT License.
|
|
@@ -2228,7 +2228,7 @@
|
|
|
2228
2228
|
EAR: "EAR",
|
|
2229
2229
|
};
|
|
2230
2230
|
|
|
2231
|
-
/*! @azure/msal-common v16.4.
|
|
2231
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2232
2232
|
/**
|
|
2233
2233
|
* Returns the AccountInfo interface for this account.
|
|
2234
2234
|
*/
|
|
@@ -2403,7 +2403,7 @@
|
|
|
2403
2403
|
entity.hasOwnProperty("authorityType"));
|
|
2404
2404
|
}
|
|
2405
2405
|
|
|
2406
|
-
/*! @azure/msal-common v16.4.
|
|
2406
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2407
2407
|
|
|
2408
2408
|
/*
|
|
2409
2409
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3505,7 +3505,7 @@
|
|
|
3505
3505
|
}
|
|
3506
3506
|
}
|
|
3507
3507
|
|
|
3508
|
-
/*! @azure/msal-common v16.4.
|
|
3508
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3509
3509
|
/*
|
|
3510
3510
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3511
3511
|
* Licensed under the MIT License.
|
|
@@ -3550,12 +3550,13 @@
|
|
|
3550
3550
|
"currRefreshCount",
|
|
3551
3551
|
"expiredCacheRemovedCount",
|
|
3552
3552
|
"upgradedCacheCount",
|
|
3553
|
+
"cacheMatchedAccounts",
|
|
3553
3554
|
"networkRtt",
|
|
3554
3555
|
"redirectBridgeTimeoutMs",
|
|
3555
3556
|
"redirectBridgeMessageVersion",
|
|
3556
3557
|
]);
|
|
3557
3558
|
|
|
3558
|
-
/*! @azure/msal-common v16.4.
|
|
3559
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3559
3560
|
|
|
3560
3561
|
/*
|
|
3561
3562
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3610,7 +3611,7 @@
|
|
|
3610
3611
|
}
|
|
3611
3612
|
}
|
|
3612
3613
|
|
|
3613
|
-
/*! @azure/msal-common v16.4.
|
|
3614
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3614
3615
|
|
|
3615
3616
|
/*
|
|
3616
3617
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3705,291 +3706,358 @@
|
|
|
3705
3706
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3706
3707
|
}
|
|
3707
3708
|
|
|
3708
|
-
/*! @azure/msal-common v16.4.
|
|
3709
|
-
|
|
3709
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3710
3710
|
/*
|
|
3711
3711
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3712
3712
|
* Licensed under the MIT License.
|
|
3713
3713
|
*/
|
|
3714
3714
|
/**
|
|
3715
|
-
*
|
|
3716
|
-
|
|
3717
|
-
|
|
3718
|
-
constructor(
|
|
3719
|
-
|
|
3720
|
-
this.
|
|
3721
|
-
|
|
3722
|
-
|
|
3723
|
-
|
|
3715
|
+
* This class instance helps track the memory changes facilitating
|
|
3716
|
+
* decisions to read from and write to the persistent cache
|
|
3717
|
+
*/ class TokenCacheContext {
|
|
3718
|
+
constructor(tokenCache, hasChanged) {
|
|
3719
|
+
this.cache = tokenCache;
|
|
3720
|
+
this.hasChanged = hasChanged;
|
|
3721
|
+
}
|
|
3722
|
+
/**
|
|
3723
|
+
* boolean which indicates the changes in cache
|
|
3724
|
+
*/
|
|
3725
|
+
get cacheHasChanged() {
|
|
3726
|
+
return this.hasChanged;
|
|
3727
|
+
}
|
|
3728
|
+
/**
|
|
3729
|
+
* function to retrieve the token cache
|
|
3730
|
+
*/
|
|
3731
|
+
get tokenCache() {
|
|
3732
|
+
return this.cache;
|
|
3724
3733
|
}
|
|
3725
3734
|
}
|
|
3726
3735
|
|
|
3727
|
-
/*! @azure/msal-common v16.4.
|
|
3736
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3728
3737
|
/*
|
|
3729
3738
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3730
3739
|
* Licensed under the MIT License.
|
|
3731
3740
|
*/
|
|
3732
3741
|
/**
|
|
3733
|
-
*
|
|
3734
|
-
* @public
|
|
3735
|
-
*/
|
|
3736
|
-
const noTokensFound = "no_tokens_found";
|
|
3737
|
-
/**
|
|
3738
|
-
* MSAL-defined error code indicating a native account is unavailable on the platform.
|
|
3739
|
-
* @public
|
|
3740
|
-
*/
|
|
3741
|
-
const nativeAccountUnavailable = "native_account_unavailable";
|
|
3742
|
-
/**
|
|
3743
|
-
* MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
|
|
3744
|
-
* @public
|
|
3745
|
-
*/
|
|
3746
|
-
const refreshTokenExpired = "refresh_token_expired";
|
|
3747
|
-
/**
|
|
3748
|
-
* MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
|
|
3749
|
-
* @public
|
|
3750
|
-
*/
|
|
3751
|
-
const uxNotAllowed = "ux_not_allowed";
|
|
3752
|
-
/**
|
|
3753
|
-
* Server-originated error code indicating interaction is required to complete the request.
|
|
3754
|
-
* @public
|
|
3755
|
-
*/
|
|
3756
|
-
const interactionRequired = "interaction_required";
|
|
3757
|
-
/**
|
|
3758
|
-
* Server-originated error code indicating user consent is required.
|
|
3759
|
-
* @public
|
|
3760
|
-
*/
|
|
3761
|
-
const consentRequired = "consent_required";
|
|
3762
|
-
/**
|
|
3763
|
-
* Server-originated error code indicating user login is required.
|
|
3764
|
-
* @public
|
|
3742
|
+
* Utility functions for managing date and time operations.
|
|
3765
3743
|
*/
|
|
3766
|
-
const loginRequired = "login_required";
|
|
3767
3744
|
/**
|
|
3768
|
-
*
|
|
3769
|
-
* @public
|
|
3745
|
+
* return the current time in Unix time (seconds).
|
|
3770
3746
|
*/
|
|
3771
|
-
|
|
3747
|
+
function nowSeconds() {
|
|
3748
|
+
// Date.getTime() returns in milliseconds.
|
|
3749
|
+
return Math.round(new Date().getTime() / 1000.0);
|
|
3750
|
+
}
|
|
3772
3751
|
/**
|
|
3773
|
-
*
|
|
3774
|
-
* @
|
|
3775
|
-
*/
|
|
3776
|
-
const interruptedUser = "interrupted_user";
|
|
3777
|
-
|
|
3778
|
-
var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
3779
|
-
__proto__: null,
|
|
3780
|
-
badToken: badToken,
|
|
3781
|
-
consentRequired: consentRequired,
|
|
3782
|
-
interactionRequired: interactionRequired,
|
|
3783
|
-
interruptedUser: interruptedUser,
|
|
3784
|
-
loginRequired: loginRequired,
|
|
3785
|
-
nativeAccountUnavailable: nativeAccountUnavailable,
|
|
3786
|
-
noTokensFound: noTokensFound,
|
|
3787
|
-
refreshTokenExpired: refreshTokenExpired,
|
|
3788
|
-
uxNotAllowed: uxNotAllowed
|
|
3789
|
-
});
|
|
3790
|
-
|
|
3791
|
-
/*! @azure/msal-common v16.4.0 2026-03-19 */
|
|
3792
|
-
|
|
3793
|
-
/*
|
|
3794
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3795
|
-
* Licensed under the MIT License.
|
|
3752
|
+
* Converts JS Date object to seconds
|
|
3753
|
+
* @param date Date
|
|
3796
3754
|
*/
|
|
3755
|
+
function toSecondsFromDate(date) {
|
|
3756
|
+
// Convert date to seconds
|
|
3757
|
+
return date.getTime() / 1000;
|
|
3758
|
+
}
|
|
3797
3759
|
/**
|
|
3798
|
-
*
|
|
3760
|
+
* Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
|
|
3761
|
+
* @param seconds
|
|
3799
3762
|
*/
|
|
3800
|
-
|
|
3801
|
-
|
|
3802
|
-
|
|
3803
|
-
|
|
3804
|
-
|
|
3805
|
-
|
|
3806
|
-
interruptedUser,
|
|
3807
|
-
];
|
|
3808
|
-
const InteractionRequiredAuthSubErrorMessage = [
|
|
3809
|
-
"message_only",
|
|
3810
|
-
"additional_action",
|
|
3811
|
-
"basic_action",
|
|
3812
|
-
"user_password_expired",
|
|
3813
|
-
"consent_required",
|
|
3814
|
-
"bad_token",
|
|
3815
|
-
"ux_not_allowed",
|
|
3816
|
-
"interrupted_user",
|
|
3817
|
-
];
|
|
3763
|
+
function toDateFromSeconds(seconds) {
|
|
3764
|
+
if (seconds) {
|
|
3765
|
+
return new Date(Number(seconds) * 1000);
|
|
3766
|
+
}
|
|
3767
|
+
return new Date();
|
|
3768
|
+
}
|
|
3818
3769
|
/**
|
|
3819
|
-
*
|
|
3770
|
+
* check if a token is expired based on given UTC time in seconds.
|
|
3771
|
+
* @param expiresOn
|
|
3820
3772
|
*/
|
|
3821
|
-
|
|
3822
|
-
|
|
3823
|
-
|
|
3824
|
-
|
|
3825
|
-
|
|
3826
|
-
|
|
3827
|
-
this.correlationId = correlationId || "";
|
|
3828
|
-
this.claims = claims || "";
|
|
3829
|
-
this.name = "InteractionRequiredAuthError";
|
|
3830
|
-
this.errorNo = errorNo;
|
|
3831
|
-
}
|
|
3773
|
+
function isTokenExpired(expiresOn, offset) {
|
|
3774
|
+
// check for access token expiry
|
|
3775
|
+
const expirationSec = Number(expiresOn) || 0;
|
|
3776
|
+
const offsetCurrentTimeSec = nowSeconds() + offset;
|
|
3777
|
+
// If current time + offset is greater than token expiration time, then token is expired.
|
|
3778
|
+
return offsetCurrentTimeSec > expirationSec;
|
|
3832
3779
|
}
|
|
3833
3780
|
/**
|
|
3834
|
-
*
|
|
3835
|
-
* @param
|
|
3836
|
-
* @param
|
|
3837
|
-
* @
|
|
3781
|
+
* Checks if a cache entry is expired based on the last updated time and cache retention days.
|
|
3782
|
+
* @param lastUpdatedAt
|
|
3783
|
+
* @param cacheRetentionDays
|
|
3784
|
+
* @returns
|
|
3838
3785
|
*/
|
|
3839
|
-
function
|
|
3840
|
-
const
|
|
3841
|
-
|
|
3842
|
-
const isInteractionRequiredSubError = !!subError &&
|
|
3843
|
-
InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
|
|
3844
|
-
const isInteractionRequiredErrorDesc = !!errorString &&
|
|
3845
|
-
InteractionRequiredServerErrorMessage.some((irErrorCode) => {
|
|
3846
|
-
return errorString.indexOf(irErrorCode) > -1;
|
|
3847
|
-
});
|
|
3848
|
-
return (isInteractionRequiredErrorCode ||
|
|
3849
|
-
isInteractionRequiredErrorDesc ||
|
|
3850
|
-
isInteractionRequiredSubError);
|
|
3786
|
+
function isCacheExpired(lastUpdatedAt, cacheRetentionDays) {
|
|
3787
|
+
const cacheExpirationTimestamp = Number(lastUpdatedAt) + cacheRetentionDays * 24 * 60 * 60 * 1000;
|
|
3788
|
+
return Date.now() > cacheExpirationTimestamp;
|
|
3851
3789
|
}
|
|
3852
3790
|
/**
|
|
3853
|
-
*
|
|
3791
|
+
* If the current time is earlier than the time that a token was cached at, we must discard the token
|
|
3792
|
+
* i.e. The system clock was turned back after acquiring the cached token
|
|
3793
|
+
* @param cachedAt
|
|
3794
|
+
* @param offset
|
|
3854
3795
|
*/
|
|
3855
|
-
function
|
|
3856
|
-
|
|
3796
|
+
function wasClockTurnedBack(cachedAt) {
|
|
3797
|
+
const cachedAtSec = Number(cachedAt);
|
|
3798
|
+
return cachedAtSec > nowSeconds();
|
|
3857
3799
|
}
|
|
3858
3800
|
|
|
3859
|
-
/*! @azure/msal-common v16.4.
|
|
3801
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3860
3802
|
|
|
3861
3803
|
/*
|
|
3862
3804
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3863
3805
|
* Licensed under the MIT License.
|
|
3864
3806
|
*/
|
|
3865
3807
|
/**
|
|
3866
|
-
*
|
|
3867
|
-
* @param
|
|
3868
|
-
* @param
|
|
3869
|
-
* @param
|
|
3808
|
+
* Create IdTokenEntity
|
|
3809
|
+
* @param homeAccountId
|
|
3810
|
+
* @param authenticationResult
|
|
3811
|
+
* @param clientId
|
|
3812
|
+
* @param authority
|
|
3870
3813
|
*/
|
|
3871
|
-
function
|
|
3872
|
-
const
|
|
3873
|
-
|
|
3874
|
-
|
|
3875
|
-
:
|
|
3814
|
+
function createIdTokenEntity(homeAccountId, environment, idToken, clientId, tenantId) {
|
|
3815
|
+
const idTokenEntity = {
|
|
3816
|
+
credentialType: CredentialType.ID_TOKEN,
|
|
3817
|
+
homeAccountId: homeAccountId,
|
|
3818
|
+
environment: environment,
|
|
3819
|
+
clientId: clientId,
|
|
3820
|
+
secret: idToken,
|
|
3821
|
+
realm: tenantId,
|
|
3822
|
+
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
3823
|
+
};
|
|
3824
|
+
return idTokenEntity;
|
|
3876
3825
|
}
|
|
3877
3826
|
/**
|
|
3878
|
-
*
|
|
3879
|
-
* @param
|
|
3880
|
-
* @param
|
|
3827
|
+
* Create AccessTokenEntity
|
|
3828
|
+
* @param homeAccountId
|
|
3829
|
+
* @param environment
|
|
3830
|
+
* @param accessToken
|
|
3831
|
+
* @param clientId
|
|
3832
|
+
* @param tenantId
|
|
3833
|
+
* @param scopes
|
|
3834
|
+
* @param expiresOn
|
|
3835
|
+
* @param extExpiresOn
|
|
3881
3836
|
*/
|
|
3882
|
-
function
|
|
3883
|
-
|
|
3884
|
-
|
|
3885
|
-
|
|
3886
|
-
|
|
3887
|
-
|
|
3888
|
-
|
|
3837
|
+
function createAccessTokenEntity(homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, base64Decode, refreshOn, tokenType, userAssertionHash, keyId) {
|
|
3838
|
+
const atEntity = {
|
|
3839
|
+
homeAccountId: homeAccountId,
|
|
3840
|
+
credentialType: CredentialType.ACCESS_TOKEN,
|
|
3841
|
+
secret: accessToken,
|
|
3842
|
+
cachedAt: nowSeconds().toString(),
|
|
3843
|
+
expiresOn: expiresOn.toString(),
|
|
3844
|
+
extendedExpiresOn: extExpiresOn.toString(),
|
|
3845
|
+
environment: environment,
|
|
3846
|
+
clientId: clientId,
|
|
3847
|
+
realm: tenantId,
|
|
3848
|
+
target: scopes,
|
|
3849
|
+
tokenType: tokenType || AuthenticationScheme$1.BEARER,
|
|
3850
|
+
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
3889
3851
|
};
|
|
3890
|
-
if (
|
|
3891
|
-
|
|
3852
|
+
if (userAssertionHash) {
|
|
3853
|
+
atEntity.userAssertionHash = userAssertionHash;
|
|
3892
3854
|
}
|
|
3893
|
-
|
|
3894
|
-
|
|
3855
|
+
if (refreshOn) {
|
|
3856
|
+
atEntity.refreshOn = refreshOn.toString();
|
|
3857
|
+
}
|
|
3858
|
+
/*
|
|
3859
|
+
* Create Access Token With Auth Scheme instead of regular access token
|
|
3860
|
+
* Cast to lower to handle "bearer" from ADFS
|
|
3861
|
+
*/
|
|
3862
|
+
if (atEntity.tokenType?.toLowerCase() !==
|
|
3863
|
+
AuthenticationScheme$1.BEARER.toLowerCase()) {
|
|
3864
|
+
atEntity.credentialType =
|
|
3865
|
+
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
|
|
3866
|
+
switch (atEntity.tokenType) {
|
|
3867
|
+
case AuthenticationScheme$1.POP:
|
|
3868
|
+
// Make sure keyId is present and add it to credential
|
|
3869
|
+
const tokenClaims = extractTokenClaims(accessToken, base64Decode);
|
|
3870
|
+
if (!tokenClaims?.cnf?.kid) {
|
|
3871
|
+
throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
|
|
3872
|
+
}
|
|
3873
|
+
atEntity.keyId = tokenClaims.cnf.kid;
|
|
3874
|
+
break;
|
|
3875
|
+
case AuthenticationScheme$1.SSH:
|
|
3876
|
+
atEntity.keyId = keyId;
|
|
3877
|
+
}
|
|
3878
|
+
}
|
|
3879
|
+
return atEntity;
|
|
3895
3880
|
}
|
|
3896
3881
|
/**
|
|
3897
|
-
*
|
|
3898
|
-
* @param
|
|
3899
|
-
* @param
|
|
3882
|
+
* Create RefreshTokenEntity
|
|
3883
|
+
* @param homeAccountId
|
|
3884
|
+
* @param authenticationResult
|
|
3885
|
+
* @param clientId
|
|
3886
|
+
* @param authority
|
|
3900
3887
|
*/
|
|
3901
|
-
function
|
|
3902
|
-
|
|
3903
|
-
|
|
3888
|
+
function createRefreshTokenEntity(homeAccountId, environment, refreshToken, clientId, familyId, userAssertionHash, expiresOn) {
|
|
3889
|
+
const rtEntity = {
|
|
3890
|
+
credentialType: CredentialType.REFRESH_TOKEN,
|
|
3891
|
+
homeAccountId: homeAccountId,
|
|
3892
|
+
environment: environment,
|
|
3893
|
+
clientId: clientId,
|
|
3894
|
+
secret: refreshToken,
|
|
3895
|
+
lastUpdatedAt: Date.now().toString(),
|
|
3896
|
+
};
|
|
3897
|
+
if (userAssertionHash) {
|
|
3898
|
+
rtEntity.userAssertionHash = userAssertionHash;
|
|
3904
3899
|
}
|
|
3905
|
-
if (
|
|
3906
|
-
|
|
3900
|
+
if (familyId) {
|
|
3901
|
+
rtEntity.familyId = familyId;
|
|
3907
3902
|
}
|
|
3908
|
-
|
|
3909
|
-
|
|
3910
|
-
const splitState = state.split(RESOURCE_DELIM);
|
|
3911
|
-
const libraryState = splitState[0];
|
|
3912
|
-
const userState = splitState.length > 1
|
|
3913
|
-
? splitState.slice(1).join(RESOURCE_DELIM)
|
|
3914
|
-
: "";
|
|
3915
|
-
const libraryStateString = base64Decode(libraryState);
|
|
3916
|
-
const libraryStateObj = JSON.parse(libraryStateString);
|
|
3917
|
-
return {
|
|
3918
|
-
userRequestState: userState || "",
|
|
3919
|
-
libraryState: libraryStateObj,
|
|
3920
|
-
};
|
|
3903
|
+
if (expiresOn) {
|
|
3904
|
+
rtEntity.expiresOn = expiresOn.toString();
|
|
3921
3905
|
}
|
|
3922
|
-
|
|
3923
|
-
|
|
3906
|
+
return rtEntity;
|
|
3907
|
+
}
|
|
3908
|
+
function isCredentialEntity(entity) {
|
|
3909
|
+
return (entity.hasOwnProperty("homeAccountId") &&
|
|
3910
|
+
entity.hasOwnProperty("environment") &&
|
|
3911
|
+
entity.hasOwnProperty("credentialType") &&
|
|
3912
|
+
entity.hasOwnProperty("clientId") &&
|
|
3913
|
+
entity.hasOwnProperty("secret"));
|
|
3914
|
+
}
|
|
3915
|
+
/**
|
|
3916
|
+
* Validates an entity: checks for all expected params
|
|
3917
|
+
* @param entity
|
|
3918
|
+
*/
|
|
3919
|
+
function isAccessTokenEntity(entity) {
|
|
3920
|
+
if (!entity) {
|
|
3921
|
+
return false;
|
|
3924
3922
|
}
|
|
3925
|
-
|
|
3926
|
-
|
|
3927
|
-
|
|
3928
|
-
|
|
3929
|
-
|
|
3930
|
-
|
|
3923
|
+
return (isCredentialEntity(entity) &&
|
|
3924
|
+
entity.hasOwnProperty("realm") &&
|
|
3925
|
+
entity.hasOwnProperty("target") &&
|
|
3926
|
+
(entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
|
|
3927
|
+
entity["credentialType"] ===
|
|
3928
|
+
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
|
|
3929
|
+
}
|
|
3930
|
+
/**
|
|
3931
|
+
* Validates an entity: checks for all expected params
|
|
3932
|
+
* @param entity
|
|
3931
3933
|
*/
|
|
3934
|
+
function isIdTokenEntity(entity) {
|
|
3935
|
+
if (!entity) {
|
|
3936
|
+
return false;
|
|
3937
|
+
}
|
|
3938
|
+
return (isCredentialEntity(entity) &&
|
|
3939
|
+
entity.hasOwnProperty("realm") &&
|
|
3940
|
+
entity["credentialType"] === CredentialType.ID_TOKEN);
|
|
3941
|
+
}
|
|
3932
3942
|
/**
|
|
3933
|
-
*
|
|
3943
|
+
* Validates an entity: checks for all expected params
|
|
3944
|
+
* @param entity
|
|
3934
3945
|
*/
|
|
3946
|
+
function isRefreshTokenEntity(entity) {
|
|
3947
|
+
if (!entity) {
|
|
3948
|
+
return false;
|
|
3949
|
+
}
|
|
3950
|
+
return (isCredentialEntity(entity) &&
|
|
3951
|
+
entity["credentialType"] === CredentialType.REFRESH_TOKEN);
|
|
3952
|
+
}
|
|
3935
3953
|
/**
|
|
3936
|
-
*
|
|
3954
|
+
* validates if a given cache entry is "Telemetry", parses <key,value>
|
|
3955
|
+
* @param key
|
|
3956
|
+
* @param entity
|
|
3937
3957
|
*/
|
|
3938
|
-
function
|
|
3939
|
-
|
|
3940
|
-
|
|
3958
|
+
function isServerTelemetryEntity(key, entity) {
|
|
3959
|
+
const validateKey = key.indexOf(SERVER_TELEM_CACHE_KEY) === 0;
|
|
3960
|
+
let validateEntity = true;
|
|
3961
|
+
if (entity) {
|
|
3962
|
+
validateEntity =
|
|
3963
|
+
entity.hasOwnProperty("failedRequests") &&
|
|
3964
|
+
entity.hasOwnProperty("errors") &&
|
|
3965
|
+
entity.hasOwnProperty("cacheHits");
|
|
3966
|
+
}
|
|
3967
|
+
return validateKey && validateEntity;
|
|
3941
3968
|
}
|
|
3942
3969
|
/**
|
|
3943
|
-
*
|
|
3944
|
-
* @param
|
|
3970
|
+
* validates if a given cache entry is "Throttling", parses <key,value>
|
|
3971
|
+
* @param key
|
|
3972
|
+
* @param entity
|
|
3945
3973
|
*/
|
|
3946
|
-
function
|
|
3947
|
-
|
|
3948
|
-
|
|
3974
|
+
function isThrottlingEntity(key, entity) {
|
|
3975
|
+
let validateKey = false;
|
|
3976
|
+
if (key) {
|
|
3977
|
+
validateKey = key.indexOf(THROTTLING_PREFIX) === 0;
|
|
3978
|
+
}
|
|
3979
|
+
let validateEntity = true;
|
|
3980
|
+
if (entity) {
|
|
3981
|
+
validateEntity = entity.hasOwnProperty("throttleTime");
|
|
3982
|
+
}
|
|
3983
|
+
return validateKey && validateEntity;
|
|
3949
3984
|
}
|
|
3950
3985
|
/**
|
|
3951
|
-
*
|
|
3952
|
-
* @param seconds
|
|
3986
|
+
* Generate AppMetadata Cache Key as per the schema: appmetadata-<environment>-<client_id>
|
|
3953
3987
|
*/
|
|
3954
|
-
function
|
|
3955
|
-
|
|
3956
|
-
|
|
3988
|
+
function generateAppMetadataKey({ environment, clientId, }) {
|
|
3989
|
+
const appMetaDataKeyArray = [
|
|
3990
|
+
APP_METADATA,
|
|
3991
|
+
environment,
|
|
3992
|
+
clientId,
|
|
3993
|
+
];
|
|
3994
|
+
return appMetaDataKeyArray
|
|
3995
|
+
.join(CACHE_KEY_SEPARATOR$1)
|
|
3996
|
+
.toLowerCase();
|
|
3997
|
+
}
|
|
3998
|
+
/*
|
|
3999
|
+
* Validates an entity: checks for all expected params
|
|
4000
|
+
* @param entity
|
|
4001
|
+
*/
|
|
4002
|
+
function isAppMetadataEntity(key, entity) {
|
|
4003
|
+
if (!entity) {
|
|
4004
|
+
return false;
|
|
3957
4005
|
}
|
|
3958
|
-
return
|
|
4006
|
+
return (key.indexOf(APP_METADATA) === 0 &&
|
|
4007
|
+
entity.hasOwnProperty("clientId") &&
|
|
4008
|
+
entity.hasOwnProperty("environment"));
|
|
3959
4009
|
}
|
|
3960
4010
|
/**
|
|
3961
|
-
*
|
|
3962
|
-
* @param
|
|
4011
|
+
* Validates an entity: checks for all expected params
|
|
4012
|
+
* @param entity
|
|
3963
4013
|
*/
|
|
3964
|
-
function
|
|
3965
|
-
|
|
3966
|
-
|
|
3967
|
-
|
|
3968
|
-
|
|
3969
|
-
|
|
4014
|
+
function isAuthorityMetadataEntity(key, entity) {
|
|
4015
|
+
if (!entity) {
|
|
4016
|
+
return false;
|
|
4017
|
+
}
|
|
4018
|
+
return (key.indexOf(AUTHORITY_METADATA_CACHE_KEY) === 0 &&
|
|
4019
|
+
entity.hasOwnProperty("aliases") &&
|
|
4020
|
+
entity.hasOwnProperty("preferred_cache") &&
|
|
4021
|
+
entity.hasOwnProperty("preferred_network") &&
|
|
4022
|
+
entity.hasOwnProperty("canonical_authority") &&
|
|
4023
|
+
entity.hasOwnProperty("authorization_endpoint") &&
|
|
4024
|
+
entity.hasOwnProperty("token_endpoint") &&
|
|
4025
|
+
entity.hasOwnProperty("issuer") &&
|
|
4026
|
+
entity.hasOwnProperty("aliasesFromNetwork") &&
|
|
4027
|
+
entity.hasOwnProperty("endpointsFromNetwork") &&
|
|
4028
|
+
entity.hasOwnProperty("expiresAt") &&
|
|
4029
|
+
entity.hasOwnProperty("jwks_uri"));
|
|
3970
4030
|
}
|
|
3971
4031
|
/**
|
|
3972
|
-
*
|
|
3973
|
-
* @param lastUpdatedAt
|
|
3974
|
-
* @param cacheRetentionDays
|
|
3975
|
-
* @returns
|
|
4032
|
+
* Reset the exiresAt value
|
|
3976
4033
|
*/
|
|
3977
|
-
function
|
|
3978
|
-
|
|
3979
|
-
|
|
4034
|
+
function generateAuthorityMetadataExpiresAt() {
|
|
4035
|
+
return (nowSeconds() +
|
|
4036
|
+
AUTHORITY_METADATA_REFRESH_TIME_SECONDS);
|
|
4037
|
+
}
|
|
4038
|
+
function updateAuthorityEndpointMetadata(authorityMetadata, updatedValues, fromNetwork) {
|
|
4039
|
+
authorityMetadata.authorization_endpoint =
|
|
4040
|
+
updatedValues.authorization_endpoint;
|
|
4041
|
+
authorityMetadata.token_endpoint = updatedValues.token_endpoint;
|
|
4042
|
+
authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
|
|
4043
|
+
authorityMetadata.issuer = updatedValues.issuer;
|
|
4044
|
+
authorityMetadata.endpointsFromNetwork = fromNetwork;
|
|
4045
|
+
authorityMetadata.jwks_uri = updatedValues.jwks_uri;
|
|
4046
|
+
}
|
|
4047
|
+
function updateCloudDiscoveryMetadata(authorityMetadata, updatedValues, fromNetwork) {
|
|
4048
|
+
authorityMetadata.aliases = updatedValues.aliases;
|
|
4049
|
+
authorityMetadata.preferred_cache = updatedValues.preferred_cache;
|
|
4050
|
+
authorityMetadata.preferred_network = updatedValues.preferred_network;
|
|
4051
|
+
authorityMetadata.aliasesFromNetwork = fromNetwork;
|
|
3980
4052
|
}
|
|
3981
4053
|
/**
|
|
3982
|
-
*
|
|
3983
|
-
* i.e. The system clock was turned back after acquiring the cached token
|
|
3984
|
-
* @param cachedAt
|
|
3985
|
-
* @param offset
|
|
4054
|
+
* Returns whether or not the data needs to be refreshed
|
|
3986
4055
|
*/
|
|
3987
|
-
function
|
|
3988
|
-
|
|
3989
|
-
return cachedAtSec > nowSeconds();
|
|
4056
|
+
function isAuthorityMetadataExpired(metadata) {
|
|
4057
|
+
return metadata.expiresAt <= nowSeconds();
|
|
3990
4058
|
}
|
|
3991
4059
|
|
|
3992
|
-
/*! @azure/msal-common v16.4.
|
|
4060
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3993
4061
|
/*
|
|
3994
4062
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3995
4063
|
* Licensed under the MIT License.
|
|
@@ -4060,7 +4128,7 @@
|
|
|
4060
4128
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
4061
4129
|
const SetUserData = "setUserData";
|
|
4062
4130
|
|
|
4063
|
-
/*! @azure/msal-common v16.4.
|
|
4131
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4064
4132
|
/*
|
|
4065
4133
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4066
4134
|
* Licensed under the MIT License.
|
|
@@ -4153,7 +4221,7 @@
|
|
|
4153
4221
|
};
|
|
4154
4222
|
};
|
|
4155
4223
|
|
|
4156
|
-
/*! @azure/msal-common v16.4.
|
|
4224
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4157
4225
|
|
|
4158
4226
|
/*
|
|
4159
4227
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4233,293 +4301,226 @@
|
|
|
4233
4301
|
}
|
|
4234
4302
|
}
|
|
4235
4303
|
|
|
4236
|
-
/*! @azure/msal-common v16.4.
|
|
4304
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4237
4305
|
/*
|
|
4238
4306
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4239
4307
|
* Licensed under the MIT License.
|
|
4240
4308
|
*/
|
|
4241
4309
|
/**
|
|
4242
|
-
*
|
|
4243
|
-
*
|
|
4244
|
-
*/ class TokenCacheContext {
|
|
4245
|
-
constructor(tokenCache, hasChanged) {
|
|
4246
|
-
this.cache = tokenCache;
|
|
4247
|
-
this.hasChanged = hasChanged;
|
|
4248
|
-
}
|
|
4249
|
-
/**
|
|
4250
|
-
* boolean which indicates the changes in cache
|
|
4251
|
-
*/
|
|
4252
|
-
get cacheHasChanged() {
|
|
4253
|
-
return this.hasChanged;
|
|
4254
|
-
}
|
|
4255
|
-
/**
|
|
4256
|
-
* function to retrieve the token cache
|
|
4257
|
-
*/
|
|
4258
|
-
get tokenCache() {
|
|
4259
|
-
return this.cache;
|
|
4260
|
-
}
|
|
4261
|
-
}
|
|
4262
|
-
|
|
4263
|
-
/*! @azure/msal-common v16.4.0 2026-03-19 */
|
|
4264
|
-
|
|
4265
|
-
/*
|
|
4266
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4267
|
-
* Licensed under the MIT License.
|
|
4310
|
+
* MSAL-defined interaction required error code indicating no tokens are found in cache.
|
|
4311
|
+
* @public
|
|
4268
4312
|
*/
|
|
4313
|
+
const noTokensFound = "no_tokens_found";
|
|
4269
4314
|
/**
|
|
4270
|
-
*
|
|
4271
|
-
* @
|
|
4272
|
-
* @param authenticationResult
|
|
4273
|
-
* @param clientId
|
|
4274
|
-
* @param authority
|
|
4315
|
+
* MSAL-defined error code indicating a native account is unavailable on the platform.
|
|
4316
|
+
* @public
|
|
4275
4317
|
*/
|
|
4276
|
-
|
|
4277
|
-
const idTokenEntity = {
|
|
4278
|
-
credentialType: CredentialType.ID_TOKEN,
|
|
4279
|
-
homeAccountId: homeAccountId,
|
|
4280
|
-
environment: environment,
|
|
4281
|
-
clientId: clientId,
|
|
4282
|
-
secret: idToken,
|
|
4283
|
-
realm: tenantId,
|
|
4284
|
-
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
4285
|
-
};
|
|
4286
|
-
return idTokenEntity;
|
|
4287
|
-
}
|
|
4318
|
+
const nativeAccountUnavailable = "native_account_unavailable";
|
|
4288
4319
|
/**
|
|
4289
|
-
*
|
|
4290
|
-
* @
|
|
4291
|
-
* @param environment
|
|
4292
|
-
* @param accessToken
|
|
4293
|
-
* @param clientId
|
|
4294
|
-
* @param tenantId
|
|
4295
|
-
* @param scopes
|
|
4296
|
-
* @param expiresOn
|
|
4297
|
-
* @param extExpiresOn
|
|
4320
|
+
* MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
|
|
4321
|
+
* @public
|
|
4298
4322
|
*/
|
|
4299
|
-
|
|
4300
|
-
const atEntity = {
|
|
4301
|
-
homeAccountId: homeAccountId,
|
|
4302
|
-
credentialType: CredentialType.ACCESS_TOKEN,
|
|
4303
|
-
secret: accessToken,
|
|
4304
|
-
cachedAt: nowSeconds().toString(),
|
|
4305
|
-
expiresOn: expiresOn.toString(),
|
|
4306
|
-
extendedExpiresOn: extExpiresOn.toString(),
|
|
4307
|
-
environment: environment,
|
|
4308
|
-
clientId: clientId,
|
|
4309
|
-
realm: tenantId,
|
|
4310
|
-
target: scopes,
|
|
4311
|
-
tokenType: tokenType || AuthenticationScheme$1.BEARER,
|
|
4312
|
-
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
4313
|
-
};
|
|
4314
|
-
if (userAssertionHash) {
|
|
4315
|
-
atEntity.userAssertionHash = userAssertionHash;
|
|
4316
|
-
}
|
|
4317
|
-
if (refreshOn) {
|
|
4318
|
-
atEntity.refreshOn = refreshOn.toString();
|
|
4319
|
-
}
|
|
4320
|
-
/*
|
|
4321
|
-
* Create Access Token With Auth Scheme instead of regular access token
|
|
4322
|
-
* Cast to lower to handle "bearer" from ADFS
|
|
4323
|
-
*/
|
|
4324
|
-
if (atEntity.tokenType?.toLowerCase() !==
|
|
4325
|
-
AuthenticationScheme$1.BEARER.toLowerCase()) {
|
|
4326
|
-
atEntity.credentialType =
|
|
4327
|
-
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
|
|
4328
|
-
switch (atEntity.tokenType) {
|
|
4329
|
-
case AuthenticationScheme$1.POP:
|
|
4330
|
-
// Make sure keyId is present and add it to credential
|
|
4331
|
-
const tokenClaims = extractTokenClaims(accessToken, base64Decode);
|
|
4332
|
-
if (!tokenClaims?.cnf?.kid) {
|
|
4333
|
-
throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
|
|
4334
|
-
}
|
|
4335
|
-
atEntity.keyId = tokenClaims.cnf.kid;
|
|
4336
|
-
break;
|
|
4337
|
-
case AuthenticationScheme$1.SSH:
|
|
4338
|
-
atEntity.keyId = keyId;
|
|
4339
|
-
}
|
|
4340
|
-
}
|
|
4341
|
-
return atEntity;
|
|
4342
|
-
}
|
|
4323
|
+
const refreshTokenExpired = "refresh_token_expired";
|
|
4343
4324
|
/**
|
|
4344
|
-
*
|
|
4345
|
-
* @
|
|
4346
|
-
* @param authenticationResult
|
|
4347
|
-
* @param clientId
|
|
4348
|
-
* @param authority
|
|
4325
|
+
* MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
|
|
4326
|
+
* @public
|
|
4349
4327
|
*/
|
|
4350
|
-
|
|
4351
|
-
const rtEntity = {
|
|
4352
|
-
credentialType: CredentialType.REFRESH_TOKEN,
|
|
4353
|
-
homeAccountId: homeAccountId,
|
|
4354
|
-
environment: environment,
|
|
4355
|
-
clientId: clientId,
|
|
4356
|
-
secret: refreshToken,
|
|
4357
|
-
lastUpdatedAt: Date.now().toString(),
|
|
4358
|
-
};
|
|
4359
|
-
if (userAssertionHash) {
|
|
4360
|
-
rtEntity.userAssertionHash = userAssertionHash;
|
|
4361
|
-
}
|
|
4362
|
-
if (familyId) {
|
|
4363
|
-
rtEntity.familyId = familyId;
|
|
4364
|
-
}
|
|
4365
|
-
if (expiresOn) {
|
|
4366
|
-
rtEntity.expiresOn = expiresOn.toString();
|
|
4367
|
-
}
|
|
4368
|
-
return rtEntity;
|
|
4369
|
-
}
|
|
4370
|
-
function isCredentialEntity(entity) {
|
|
4371
|
-
return (entity.hasOwnProperty("homeAccountId") &&
|
|
4372
|
-
entity.hasOwnProperty("environment") &&
|
|
4373
|
-
entity.hasOwnProperty("credentialType") &&
|
|
4374
|
-
entity.hasOwnProperty("clientId") &&
|
|
4375
|
-
entity.hasOwnProperty("secret"));
|
|
4376
|
-
}
|
|
4328
|
+
const uxNotAllowed = "ux_not_allowed";
|
|
4377
4329
|
/**
|
|
4378
|
-
*
|
|
4379
|
-
* @
|
|
4330
|
+
* Server-originated error code indicating interaction is required to complete the request.
|
|
4331
|
+
* @public
|
|
4380
4332
|
*/
|
|
4381
|
-
|
|
4382
|
-
if (!entity) {
|
|
4383
|
-
return false;
|
|
4384
|
-
}
|
|
4385
|
-
return (isCredentialEntity(entity) &&
|
|
4386
|
-
entity.hasOwnProperty("realm") &&
|
|
4387
|
-
entity.hasOwnProperty("target") &&
|
|
4388
|
-
(entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
|
|
4389
|
-
entity["credentialType"] ===
|
|
4390
|
-
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
|
|
4391
|
-
}
|
|
4333
|
+
const interactionRequired = "interaction_required";
|
|
4392
4334
|
/**
|
|
4393
|
-
*
|
|
4394
|
-
* @
|
|
4335
|
+
* Server-originated error code indicating user consent is required.
|
|
4336
|
+
* @public
|
|
4337
|
+
*/
|
|
4338
|
+
const consentRequired = "consent_required";
|
|
4339
|
+
/**
|
|
4340
|
+
* Server-originated error code indicating user login is required.
|
|
4341
|
+
* @public
|
|
4342
|
+
*/
|
|
4343
|
+
const loginRequired = "login_required";
|
|
4344
|
+
/**
|
|
4345
|
+
* Server-originated error code indicating the token is invalid or corrupted.
|
|
4346
|
+
* @public
|
|
4347
|
+
*/
|
|
4348
|
+
const badToken = "bad_token";
|
|
4349
|
+
/**
|
|
4350
|
+
* Server-originated error code indicating the user is in an interrupted state and interaction is required.
|
|
4351
|
+
* @public
|
|
4352
|
+
*/
|
|
4353
|
+
const interruptedUser = "interrupted_user";
|
|
4354
|
+
|
|
4355
|
+
var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
4356
|
+
__proto__: null,
|
|
4357
|
+
badToken: badToken,
|
|
4358
|
+
consentRequired: consentRequired,
|
|
4359
|
+
interactionRequired: interactionRequired,
|
|
4360
|
+
interruptedUser: interruptedUser,
|
|
4361
|
+
loginRequired: loginRequired,
|
|
4362
|
+
nativeAccountUnavailable: nativeAccountUnavailable,
|
|
4363
|
+
noTokensFound: noTokensFound,
|
|
4364
|
+
refreshTokenExpired: refreshTokenExpired,
|
|
4365
|
+
uxNotAllowed: uxNotAllowed
|
|
4366
|
+
});
|
|
4367
|
+
|
|
4368
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4369
|
+
|
|
4370
|
+
/*
|
|
4371
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4372
|
+
* Licensed under the MIT License.
|
|
4395
4373
|
*/
|
|
4396
|
-
function isIdTokenEntity(entity) {
|
|
4397
|
-
if (!entity) {
|
|
4398
|
-
return false;
|
|
4399
|
-
}
|
|
4400
|
-
return (isCredentialEntity(entity) &&
|
|
4401
|
-
entity.hasOwnProperty("realm") &&
|
|
4402
|
-
entity["credentialType"] === CredentialType.ID_TOKEN);
|
|
4403
|
-
}
|
|
4404
4374
|
/**
|
|
4405
|
-
*
|
|
4406
|
-
* @param entity
|
|
4375
|
+
* InteractionRequiredServerErrorMessage contains string constants used by error codes and messages returned by the server indicating interaction is required
|
|
4407
4376
|
*/
|
|
4408
|
-
|
|
4409
|
-
|
|
4410
|
-
|
|
4411
|
-
|
|
4412
|
-
|
|
4413
|
-
|
|
4414
|
-
|
|
4377
|
+
const InteractionRequiredServerErrorMessage = [
|
|
4378
|
+
interactionRequired,
|
|
4379
|
+
consentRequired,
|
|
4380
|
+
loginRequired,
|
|
4381
|
+
badToken,
|
|
4382
|
+
uxNotAllowed,
|
|
4383
|
+
interruptedUser,
|
|
4384
|
+
];
|
|
4385
|
+
const InteractionRequiredAuthSubErrorMessage = [
|
|
4386
|
+
"message_only",
|
|
4387
|
+
"additional_action",
|
|
4388
|
+
"basic_action",
|
|
4389
|
+
"user_password_expired",
|
|
4390
|
+
"consent_required",
|
|
4391
|
+
"bad_token",
|
|
4392
|
+
"ux_not_allowed",
|
|
4393
|
+
"interrupted_user",
|
|
4394
|
+
];
|
|
4415
4395
|
/**
|
|
4416
|
-
*
|
|
4417
|
-
* @param key
|
|
4418
|
-
* @param entity
|
|
4396
|
+
* Error thrown when user interaction is required.
|
|
4419
4397
|
*/
|
|
4420
|
-
|
|
4421
|
-
|
|
4422
|
-
|
|
4423
|
-
|
|
4424
|
-
|
|
4425
|
-
|
|
4426
|
-
|
|
4427
|
-
|
|
4398
|
+
class InteractionRequiredAuthError extends AuthError {
|
|
4399
|
+
constructor(errorCode, errorMessage, subError, timestamp, traceId, correlationId, claims, errorNo) {
|
|
4400
|
+
super(errorCode, errorMessage, subError);
|
|
4401
|
+
Object.setPrototypeOf(this, InteractionRequiredAuthError.prototype);
|
|
4402
|
+
this.timestamp = timestamp || "";
|
|
4403
|
+
this.traceId = traceId || "";
|
|
4404
|
+
this.correlationId = correlationId || "";
|
|
4405
|
+
this.claims = claims || "";
|
|
4406
|
+
this.name = "InteractionRequiredAuthError";
|
|
4407
|
+
this.errorNo = errorNo;
|
|
4428
4408
|
}
|
|
4429
|
-
return validateKey && validateEntity;
|
|
4430
4409
|
}
|
|
4431
4410
|
/**
|
|
4432
|
-
*
|
|
4433
|
-
* @param
|
|
4434
|
-
* @param
|
|
4411
|
+
* Helper function used to determine if an error thrown by the server requires interaction to resolve
|
|
4412
|
+
* @param errorCode
|
|
4413
|
+
* @param errorString
|
|
4414
|
+
* @param subError
|
|
4435
4415
|
*/
|
|
4436
|
-
function
|
|
4437
|
-
|
|
4438
|
-
|
|
4439
|
-
|
|
4440
|
-
|
|
4441
|
-
|
|
4442
|
-
|
|
4443
|
-
|
|
4444
|
-
|
|
4445
|
-
return
|
|
4416
|
+
function isInteractionRequiredError(errorCode, errorString, subError) {
|
|
4417
|
+
const isInteractionRequiredErrorCode = !!errorCode &&
|
|
4418
|
+
InteractionRequiredServerErrorMessage.indexOf(errorCode) > -1;
|
|
4419
|
+
const isInteractionRequiredSubError = !!subError &&
|
|
4420
|
+
InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
|
|
4421
|
+
const isInteractionRequiredErrorDesc = !!errorString &&
|
|
4422
|
+
InteractionRequiredServerErrorMessage.some((irErrorCode) => {
|
|
4423
|
+
return errorString.indexOf(irErrorCode) > -1;
|
|
4424
|
+
});
|
|
4425
|
+
return (isInteractionRequiredErrorCode ||
|
|
4426
|
+
isInteractionRequiredErrorDesc ||
|
|
4427
|
+
isInteractionRequiredSubError);
|
|
4446
4428
|
}
|
|
4447
4429
|
/**
|
|
4448
|
-
*
|
|
4430
|
+
* Creates an InteractionRequiredAuthError
|
|
4449
4431
|
*/
|
|
4450
|
-
function
|
|
4451
|
-
|
|
4452
|
-
|
|
4453
|
-
|
|
4454
|
-
|
|
4455
|
-
|
|
4456
|
-
return appMetaDataKeyArray
|
|
4457
|
-
.join(CACHE_KEY_SEPARATOR$1)
|
|
4458
|
-
.toLowerCase();
|
|
4459
|
-
}
|
|
4432
|
+
function createInteractionRequiredAuthError(errorCode, errorMessage) {
|
|
4433
|
+
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
4434
|
+
}
|
|
4435
|
+
|
|
4436
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4437
|
+
|
|
4460
4438
|
/*
|
|
4461
|
-
*
|
|
4462
|
-
*
|
|
4439
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4440
|
+
* Licensed under the MIT License.
|
|
4463
4441
|
*/
|
|
4464
|
-
function isAppMetadataEntity(key, entity) {
|
|
4465
|
-
if (!entity) {
|
|
4466
|
-
return false;
|
|
4467
|
-
}
|
|
4468
|
-
return (key.indexOf(APP_METADATA) === 0 &&
|
|
4469
|
-
entity.hasOwnProperty("clientId") &&
|
|
4470
|
-
entity.hasOwnProperty("environment"));
|
|
4471
|
-
}
|
|
4472
4442
|
/**
|
|
4473
|
-
*
|
|
4474
|
-
* @param entity
|
|
4443
|
+
* Error thrown when there is an error with the server code, for example, unavailability.
|
|
4475
4444
|
*/
|
|
4476
|
-
|
|
4477
|
-
|
|
4478
|
-
|
|
4445
|
+
class ServerError extends AuthError {
|
|
4446
|
+
constructor(errorCode, errorMessage, subError, errorNo, status) {
|
|
4447
|
+
super(errorCode, errorMessage, subError);
|
|
4448
|
+
this.name = "ServerError";
|
|
4449
|
+
this.errorNo = errorNo;
|
|
4450
|
+
this.status = status;
|
|
4451
|
+
Object.setPrototypeOf(this, ServerError.prototype);
|
|
4479
4452
|
}
|
|
4480
|
-
|
|
4481
|
-
|
|
4482
|
-
|
|
4483
|
-
|
|
4484
|
-
|
|
4485
|
-
|
|
4486
|
-
|
|
4487
|
-
|
|
4488
|
-
entity.hasOwnProperty("aliasesFromNetwork") &&
|
|
4489
|
-
entity.hasOwnProperty("endpointsFromNetwork") &&
|
|
4490
|
-
entity.hasOwnProperty("expiresAt") &&
|
|
4491
|
-
entity.hasOwnProperty("jwks_uri"));
|
|
4492
|
-
}
|
|
4453
|
+
}
|
|
4454
|
+
|
|
4455
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4456
|
+
|
|
4457
|
+
/*
|
|
4458
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4459
|
+
* Licensed under the MIT License.
|
|
4460
|
+
*/
|
|
4493
4461
|
/**
|
|
4494
|
-
*
|
|
4462
|
+
* Appends user state with random guid, or returns random guid.
|
|
4463
|
+
* @param cryptoObj
|
|
4464
|
+
* @param userState
|
|
4465
|
+
* @param meta
|
|
4495
4466
|
*/
|
|
4496
|
-
function
|
|
4497
|
-
|
|
4498
|
-
|
|
4499
|
-
|
|
4500
|
-
|
|
4501
|
-
authorityMetadata.authorization_endpoint =
|
|
4502
|
-
updatedValues.authorization_endpoint;
|
|
4503
|
-
authorityMetadata.token_endpoint = updatedValues.token_endpoint;
|
|
4504
|
-
authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
|
|
4505
|
-
authorityMetadata.issuer = updatedValues.issuer;
|
|
4506
|
-
authorityMetadata.endpointsFromNetwork = fromNetwork;
|
|
4507
|
-
authorityMetadata.jwks_uri = updatedValues.jwks_uri;
|
|
4467
|
+
function setRequestState(cryptoObj, userState, meta) {
|
|
4468
|
+
const libraryState = generateLibraryState(cryptoObj, meta);
|
|
4469
|
+
return userState
|
|
4470
|
+
? `${libraryState}${RESOURCE_DELIM}${userState}`
|
|
4471
|
+
: libraryState;
|
|
4508
4472
|
}
|
|
4509
|
-
|
|
4510
|
-
|
|
4511
|
-
|
|
4512
|
-
|
|
4513
|
-
|
|
4473
|
+
/**
|
|
4474
|
+
* Generates the state value used by the common library.
|
|
4475
|
+
* @param cryptoObj
|
|
4476
|
+
* @param meta
|
|
4477
|
+
*/
|
|
4478
|
+
function generateLibraryState(cryptoObj, meta) {
|
|
4479
|
+
if (!cryptoObj) {
|
|
4480
|
+
throw createClientAuthError(noCryptoObject);
|
|
4481
|
+
}
|
|
4482
|
+
// Create a state object containing a unique id and the timestamp of the request creation
|
|
4483
|
+
const stateObj = {
|
|
4484
|
+
id: cryptoObj.createNewGuid(),
|
|
4485
|
+
};
|
|
4486
|
+
if (meta) {
|
|
4487
|
+
stateObj.meta = meta;
|
|
4488
|
+
}
|
|
4489
|
+
const stateString = JSON.stringify(stateObj);
|
|
4490
|
+
return cryptoObj.base64Encode(stateString);
|
|
4514
4491
|
}
|
|
4515
4492
|
/**
|
|
4516
|
-
*
|
|
4493
|
+
* Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.
|
|
4494
|
+
* @param base64Decode
|
|
4495
|
+
* @param state
|
|
4517
4496
|
*/
|
|
4518
|
-
function
|
|
4519
|
-
|
|
4497
|
+
function parseRequestState(base64Decode, state) {
|
|
4498
|
+
if (!base64Decode) {
|
|
4499
|
+
throw createClientAuthError(noCryptoObject);
|
|
4500
|
+
}
|
|
4501
|
+
if (!state) {
|
|
4502
|
+
throw createClientAuthError(invalidState);
|
|
4503
|
+
}
|
|
4504
|
+
try {
|
|
4505
|
+
// Split the state between library state and user passed state and decode them separately
|
|
4506
|
+
const splitState = state.split(RESOURCE_DELIM);
|
|
4507
|
+
const libraryState = splitState[0];
|
|
4508
|
+
const userState = splitState.length > 1
|
|
4509
|
+
? splitState.slice(1).join(RESOURCE_DELIM)
|
|
4510
|
+
: "";
|
|
4511
|
+
const libraryStateString = base64Decode(libraryState);
|
|
4512
|
+
const libraryStateObj = JSON.parse(libraryStateString);
|
|
4513
|
+
return {
|
|
4514
|
+
userRequestState: userState || "",
|
|
4515
|
+
libraryState: libraryStateObj,
|
|
4516
|
+
};
|
|
4517
|
+
}
|
|
4518
|
+
catch (e) {
|
|
4519
|
+
throw createClientAuthError(invalidState);
|
|
4520
|
+
}
|
|
4520
4521
|
}
|
|
4521
4522
|
|
|
4522
|
-
/*! @azure/msal-common v16.4.
|
|
4523
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4523
4524
|
|
|
4524
4525
|
/*
|
|
4525
4526
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4675,7 +4676,7 @@
|
|
|
4675
4676
|
if (serverTokenResponse.id_token && !!idTokenClaims) {
|
|
4676
4677
|
cachedIdToken = createIdTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.id_token, this.clientId, claimsTenantId || "");
|
|
4677
4678
|
cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, request.correlationId, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
|
|
4678
|
-
this.logger);
|
|
4679
|
+
this.logger, this.performanceClient);
|
|
4679
4680
|
}
|
|
4680
4681
|
// AccessToken
|
|
4681
4682
|
let cachedAccessToken = null;
|
|
@@ -4826,17 +4827,24 @@
|
|
|
4826
4827
|
};
|
|
4827
4828
|
}
|
|
4828
4829
|
}
|
|
4829
|
-
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
|
|
4830
|
+
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger, performanceClient) {
|
|
4830
4831
|
logger?.verbose("09jz0t", correlationId);
|
|
4831
|
-
|
|
4832
|
-
|
|
4833
|
-
|
|
4834
|
-
|
|
4835
|
-
|
|
4836
|
-
|
|
4837
|
-
|
|
4838
|
-
|
|
4832
|
+
/*
|
|
4833
|
+
* Check if base account is already cached. Filter by homeAccountId (identifies
|
|
4834
|
+
* the user's home identity) and environment (identifies the cloud) — the two
|
|
4835
|
+
* tenant-agnostic properties that uniquely locate a base AccountEntity.
|
|
4836
|
+
*/
|
|
4837
|
+
const accountEnvironment = environment || authority.getPreferredCache();
|
|
4838
|
+
const matchedAccounts = cacheStorage.getAccountsFilteredBy({ homeAccountId, environment: accountEnvironment }, correlationId);
|
|
4839
|
+
performanceClient?.addFields({ cacheMatchedAccounts: matchedAccounts.length }, correlationId);
|
|
4840
|
+
if (matchedAccounts.length > 1) {
|
|
4841
|
+
/*
|
|
4842
|
+
* Base accounts are expected to be unique for a given homeAccountId in normal cache usage.
|
|
4843
|
+
* If multiple matches exist, ignore the cache hit rather than arbitrarily choosing one.
|
|
4844
|
+
*/
|
|
4845
|
+
logger?.warning("0x7ad1", correlationId);
|
|
4839
4846
|
}
|
|
4847
|
+
const cachedAccount = matchedAccounts.length === 1 ? matchedAccounts[0] : null;
|
|
4840
4848
|
const baseAccount = cachedAccount ||
|
|
4841
4849
|
createAccountEntity({
|
|
4842
4850
|
homeAccountId,
|
|
@@ -4860,7 +4868,7 @@
|
|
|
4860
4868
|
return baseAccount;
|
|
4861
4869
|
}
|
|
4862
4870
|
|
|
4863
|
-
/*! @azure/msal-common v16.4.
|
|
4871
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4864
4872
|
/*
|
|
4865
4873
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4866
4874
|
* Licensed under the MIT License.
|
|
@@ -4870,7 +4878,7 @@
|
|
|
4870
4878
|
UPN: "UPN",
|
|
4871
4879
|
};
|
|
4872
4880
|
|
|
4873
|
-
/*! @azure/msal-common v16.4.
|
|
4881
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4874
4882
|
/*
|
|
4875
4883
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4876
4884
|
* Licensed under the MIT License.
|
|
@@ -4888,7 +4896,7 @@
|
|
|
4888
4896
|
}
|
|
4889
4897
|
}
|
|
4890
4898
|
|
|
4891
|
-
/*! @azure/msal-common v16.4.
|
|
4899
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4892
4900
|
/*
|
|
4893
4901
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4894
4902
|
* Licensed under the MIT License.
|
|
@@ -4909,7 +4917,7 @@
|
|
|
4909
4917
|
};
|
|
4910
4918
|
}
|
|
4911
4919
|
|
|
4912
|
-
/*! @azure/msal-common v16.4.
|
|
4920
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4913
4921
|
|
|
4914
4922
|
/*
|
|
4915
4923
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4995,7 +5003,7 @@
|
|
|
4995
5003
|
}
|
|
4996
5004
|
}
|
|
4997
5005
|
|
|
4998
|
-
/*! @azure/msal-common v16.4.
|
|
5006
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4999
5007
|
|
|
5000
5008
|
/*
|
|
5001
5009
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5026,7 +5034,7 @@
|
|
|
5026
5034
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
5027
5035
|
}
|
|
5028
5036
|
|
|
5029
|
-
/*! @azure/msal-common v16.4.
|
|
5037
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5030
5038
|
|
|
5031
5039
|
/*
|
|
5032
5040
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5140,7 +5148,7 @@
|
|
|
5140
5148
|
return response;
|
|
5141
5149
|
}
|
|
5142
5150
|
|
|
5143
|
-
/*! @azure/msal-common v16.4.
|
|
5151
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5144
5152
|
/*
|
|
5145
5153
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5146
5154
|
* Licensed under the MIT License.
|
|
@@ -5152,7 +5160,7 @@
|
|
|
5152
5160
|
response.hasOwnProperty("jwks_uri"));
|
|
5153
5161
|
}
|
|
5154
5162
|
|
|
5155
|
-
/*! @azure/msal-common v16.4.
|
|
5163
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5156
5164
|
/*
|
|
5157
5165
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5158
5166
|
* Licensed under the MIT License.
|
|
@@ -5162,7 +5170,7 @@
|
|
|
5162
5170
|
response.hasOwnProperty("metadata"));
|
|
5163
5171
|
}
|
|
5164
5172
|
|
|
5165
|
-
/*! @azure/msal-common v16.4.
|
|
5173
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5166
5174
|
/*
|
|
5167
5175
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5168
5176
|
* Licensed under the MIT License.
|
|
@@ -5172,7 +5180,7 @@
|
|
|
5172
5180
|
response.hasOwnProperty("error_description"));
|
|
5173
5181
|
}
|
|
5174
5182
|
|
|
5175
|
-
/*! @azure/msal-common v16.4.
|
|
5183
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5176
5184
|
|
|
5177
5185
|
/*
|
|
5178
5186
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5277,7 +5285,7 @@
|
|
|
5277
5285
|
},
|
|
5278
5286
|
};
|
|
5279
5287
|
|
|
5280
|
-
/*! @azure/msal-common v16.4.
|
|
5288
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5281
5289
|
|
|
5282
5290
|
/*
|
|
5283
5291
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6097,7 +6105,7 @@
|
|
|
6097
6105
|
};
|
|
6098
6106
|
}
|
|
6099
6107
|
|
|
6100
|
-
/*! @azure/msal-common v16.4.
|
|
6108
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6101
6109
|
|
|
6102
6110
|
/*
|
|
6103
6111
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6131,7 +6139,7 @@
|
|
|
6131
6139
|
}
|
|
6132
6140
|
}
|
|
6133
6141
|
|
|
6134
|
-
/*! @azure/msal-common v16.4.
|
|
6142
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6135
6143
|
|
|
6136
6144
|
/*
|
|
6137
6145
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6392,7 +6400,7 @@
|
|
|
6392
6400
|
}
|
|
6393
6401
|
}
|
|
6394
6402
|
|
|
6395
|
-
/*! @azure/msal-common v16.4.
|
|
6403
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6396
6404
|
|
|
6397
6405
|
/*
|
|
6398
6406
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6617,7 +6625,7 @@
|
|
|
6617
6625
|
}
|
|
6618
6626
|
}
|
|
6619
6627
|
|
|
6620
|
-
/*! @azure/msal-common v16.4.
|
|
6628
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6621
6629
|
|
|
6622
6630
|
/*
|
|
6623
6631
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6733,7 +6741,7 @@
|
|
|
6733
6741
|
}
|
|
6734
6742
|
}
|
|
6735
6743
|
|
|
6736
|
-
/*! @azure/msal-common v16.4.
|
|
6744
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6737
6745
|
|
|
6738
6746
|
/*
|
|
6739
6747
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6748,7 +6756,7 @@
|
|
|
6748
6756
|
},
|
|
6749
6757
|
};
|
|
6750
6758
|
|
|
6751
|
-
/*! @azure/msal-common v16.4.
|
|
6759
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6752
6760
|
|
|
6753
6761
|
/*
|
|
6754
6762
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6975,7 +6983,7 @@
|
|
|
6975
6983
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
6976
6984
|
}
|
|
6977
6985
|
|
|
6978
|
-
/*! @azure/msal-common v16.4.
|
|
6986
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6979
6987
|
|
|
6980
6988
|
/*
|
|
6981
6989
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7008,7 +7016,7 @@
|
|
|
7008
7016
|
return Object.prototype.hasOwnProperty.call(params, "resource");
|
|
7009
7017
|
}
|
|
7010
7018
|
|
|
7011
|
-
/*! @azure/msal-common v16.4.
|
|
7019
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7012
7020
|
|
|
7013
7021
|
/*
|
|
7014
7022
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7066,7 +7074,7 @@
|
|
|
7066
7074
|
}
|
|
7067
7075
|
}
|
|
7068
7076
|
|
|
7069
|
-
/*! @azure/msal-common v16.4.
|
|
7077
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7070
7078
|
/*
|
|
7071
7079
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7072
7080
|
* Licensed under the MIT License.
|
|
@@ -7083,7 +7091,7 @@
|
|
|
7083
7091
|
unexpectedError: unexpectedError
|
|
7084
7092
|
});
|
|
7085
7093
|
|
|
7086
|
-
/*! @azure/msal-common v16.4.
|
|
7094
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7087
7095
|
|
|
7088
7096
|
/*
|
|
7089
7097
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7344,7 +7352,7 @@
|
|
|
7344
7352
|
}
|
|
7345
7353
|
}
|
|
7346
7354
|
|
|
7347
|
-
/*! @azure/msal-common v16.4.
|
|
7355
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7348
7356
|
|
|
7349
7357
|
/*
|
|
7350
7358
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7365,7 +7373,7 @@
|
|
|
7365
7373
|
return new JoseHeaderError(code);
|
|
7366
7374
|
}
|
|
7367
7375
|
|
|
7368
|
-
/*! @azure/msal-common v16.4.
|
|
7376
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7369
7377
|
/*
|
|
7370
7378
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7371
7379
|
* Licensed under the MIT License.
|
|
@@ -7373,7 +7381,7 @@
|
|
|
7373
7381
|
const missingKidError = "missing_kid_error";
|
|
7374
7382
|
const missingAlgError = "missing_alg_error";
|
|
7375
7383
|
|
|
7376
|
-
/*! @azure/msal-common v16.4.
|
|
7384
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7377
7385
|
|
|
7378
7386
|
/*
|
|
7379
7387
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7413,7 +7421,7 @@
|
|
|
7413
7421
|
}
|
|
7414
7422
|
}
|
|
7415
7423
|
|
|
7416
|
-
/*! @azure/msal-common v16.4.
|
|
7424
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7417
7425
|
|
|
7418
7426
|
/*
|
|
7419
7427
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7943,6 +7951,136 @@
|
|
|
7943
7951
|
}
|
|
7944
7952
|
}
|
|
7945
7953
|
|
|
7954
|
+
/*
|
|
7955
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7956
|
+
* Licensed under the MIT License.
|
|
7957
|
+
*/
|
|
7958
|
+
/**
|
|
7959
|
+
* acquireTokenFromCache (msal-browser).
|
|
7960
|
+
* Internal API for acquiring token from cache
|
|
7961
|
+
*/
|
|
7962
|
+
const AcquireTokenFromCache = "acquireTokenFromCache";
|
|
7963
|
+
/**
|
|
7964
|
+
* acquireTokenByRefreshToken API (msal-browser and msal-node).
|
|
7965
|
+
* Used to renew an access token using a refresh token against the token endpoint.
|
|
7966
|
+
*/
|
|
7967
|
+
const AcquireTokenByRefreshToken = "acquireTokenByRefreshToken";
|
|
7968
|
+
/**
|
|
7969
|
+
* acquireTokenSilentAsync (msal-browser).
|
|
7970
|
+
* Internal API for acquireTokenSilent.
|
|
7971
|
+
*/
|
|
7972
|
+
const AcquireTokenSilentAsync = "acquireTokenSilentAsync";
|
|
7973
|
+
/**
|
|
7974
|
+
* getPublicKeyThumbprint API in CryptoOpts class (msal-browser).
|
|
7975
|
+
* Used to generate a public/private keypair and generate a public key thumbprint for pop requests.
|
|
7976
|
+
*/
|
|
7977
|
+
const CryptoOptsGetPublicKeyThumbprint = "cryptoOptsGetPublicKeyThumbprint";
|
|
7978
|
+
/**
|
|
7979
|
+
* signJwt API in CryptoOpts class (msal-browser).
|
|
7980
|
+
* Used to signed a pop token.
|
|
7981
|
+
*/
|
|
7982
|
+
const CryptoOptsSignJwt = "cryptoOptsSignJwt";
|
|
7983
|
+
/**
|
|
7984
|
+
* acquireToken API in the SilentCacheClient class (msal-browser).
|
|
7985
|
+
* Used to read access tokens from the cache.
|
|
7986
|
+
*/
|
|
7987
|
+
const SilentCacheClientAcquireToken = "silentCacheClientAcquireToken";
|
|
7988
|
+
/**
|
|
7989
|
+
* acquireToken API in the SilentIframeClient class (msal-browser).
|
|
7990
|
+
* Used to acquire a new set of tokens from the authorize endpoint in a hidden iframe.
|
|
7991
|
+
*/
|
|
7992
|
+
const SilentIframeClientAcquireToken = "silentIframeClientAcquireToken";
|
|
7993
|
+
const AwaitConcurrentIframe = "awaitConcurrentIframe"; // Time spent waiting for a concurrent iframe to complete
|
|
7994
|
+
/**
|
|
7995
|
+
* acquireToken API in SilentRereshClient (msal-browser).
|
|
7996
|
+
* Used to acquire a new set of tokens from the token endpoint using a refresh token.
|
|
7997
|
+
*/
|
|
7998
|
+
const SilentRefreshClientAcquireToken = "silentRefreshClientAcquireToken";
|
|
7999
|
+
/**
|
|
8000
|
+
* getDiscoveredAuthority API in StandardInteractionClient class (msal-browser).
|
|
8001
|
+
* Used to load authority metadata for a request.
|
|
8002
|
+
*/
|
|
8003
|
+
const StandardInteractionClientGetDiscoveredAuthority = "standardInteractionClientGetDiscoveredAuthority";
|
|
8004
|
+
/**
|
|
8005
|
+
* acquireToken API in NativeInteractionClient class (msal-browser).
|
|
8006
|
+
* Used to acquire a token from Native component when native brokering is enabled.
|
|
8007
|
+
*/
|
|
8008
|
+
const NativeInteractionClientAcquireToken = "nativeInteractionClientAcquireToken";
|
|
8009
|
+
/**
|
|
8010
|
+
* acquireTokenByRefreshToken API in RefreshTokenClient (msal-common).
|
|
8011
|
+
*/
|
|
8012
|
+
const RefreshTokenClientAcquireTokenByRefreshToken = "refreshTokenClientAcquireTokenByRefreshToken";
|
|
8013
|
+
/**
|
|
8014
|
+
* acquireTokenBySilentIframe (msal-browser).
|
|
8015
|
+
* Internal API for acquiring token by silent Iframe
|
|
8016
|
+
*/
|
|
8017
|
+
const AcquireTokenBySilentIframe = "acquireTokenBySilentIframe";
|
|
8018
|
+
/**
|
|
8019
|
+
* Internal API for initializing base request in BaseInteractionClient (msal-browser)
|
|
8020
|
+
*/
|
|
8021
|
+
const InitializeBaseRequest = "initializeBaseRequest";
|
|
8022
|
+
/**
|
|
8023
|
+
* Internal API for initializing silent request in SilentCacheClient (msal-browser)
|
|
8024
|
+
*/
|
|
8025
|
+
const InitializeSilentRequest = "initializeSilentRequest";
|
|
8026
|
+
const InitializeCache = "initializeCache";
|
|
8027
|
+
/**
|
|
8028
|
+
* Helper function in SilentIframeClient class (msal-browser).
|
|
8029
|
+
*/
|
|
8030
|
+
const SilentIframeClientTokenHelper = "silentIframeClientTokenHelper";
|
|
8031
|
+
/**
|
|
8032
|
+
* SilentHandler
|
|
8033
|
+
*/
|
|
8034
|
+
const SilentHandlerInitiateAuthRequest = "silentHandlerInitiateAuthRequest";
|
|
8035
|
+
const SilentHandlerMonitorIframeForHash = "silentHandlerMonitorIframeForHash";
|
|
8036
|
+
const SilentHandlerLoadFrameSync = "silentHandlerLoadFrameSync";
|
|
8037
|
+
/**
|
|
8038
|
+
* Helper functions in StandardInteractionClient class (msal-browser)
|
|
8039
|
+
*/
|
|
8040
|
+
const StandardInteractionClientCreateAuthCodeClient = "standardInteractionClientCreateAuthCodeClient";
|
|
8041
|
+
const StandardInteractionClientGetClientConfiguration = "standardInteractionClientGetClientConfiguration";
|
|
8042
|
+
const StandardInteractionClientInitializeAuthorizationRequest = "standardInteractionClientInitializeAuthorizationRequest";
|
|
8043
|
+
const SilentFlowClientAcquireCachedToken = "silentFlowClientAcquireCachedToken";
|
|
8044
|
+
const GetStandardParams = "getStandardParams";
|
|
8045
|
+
const HandleCodeResponse = "handleCodeResponse";
|
|
8046
|
+
const HandleResponseEar = "handleResponseEar";
|
|
8047
|
+
const HandleResponsePlatformBroker = "handleResponsePlatformBroker";
|
|
8048
|
+
const HandleResponseCode = "handleResponseCode";
|
|
8049
|
+
const AuthClientAcquireToken = "authClientAcquireToken";
|
|
8050
|
+
const DeserializeResponse = "deserializeResponse";
|
|
8051
|
+
const AuthorityFactoryCreateDiscoveredInstance = "authorityFactoryCreateDiscoveredInstance";
|
|
8052
|
+
const AcquireTokenByCodeAsync = "acquireTokenByCodeAsync";
|
|
8053
|
+
const HandleRedirectPromiseMeasurement = "handleRedirectPromise";
|
|
8054
|
+
const HandleNativeRedirectPromiseMeasurement = "handleNativeRedirectPromise";
|
|
8055
|
+
const NativeMessageHandlerHandshake = "nativeMessageHandlerHandshake";
|
|
8056
|
+
const RemoveHiddenIframe = "removeHiddenIframe";
|
|
8057
|
+
const ImportExistingCache = "importExistingCache";
|
|
8058
|
+
/**
|
|
8059
|
+
* Crypto Operations
|
|
8060
|
+
*/
|
|
8061
|
+
const GeneratePkceCodes = "generatePkceCodes";
|
|
8062
|
+
const GenerateCodeVerifier = "generateCodeVerifier";
|
|
8063
|
+
const GenerateCodeChallengeFromVerifier = "generateCodeChallengeFromVerifier";
|
|
8064
|
+
const Sha256Digest = "sha256Digest";
|
|
8065
|
+
const GetRandomValues = "getRandomValues";
|
|
8066
|
+
const GenerateHKDF = "generateHKDF";
|
|
8067
|
+
const GenerateBaseKey = "generateBaseKey";
|
|
8068
|
+
const Base64Decode = "base64Decode";
|
|
8069
|
+
const UrlEncodeArr = "urlEncodeArr";
|
|
8070
|
+
const Encrypt = "encrypt";
|
|
8071
|
+
const Decrypt = "decrypt";
|
|
8072
|
+
const GenerateEarKey = "generateEarKey";
|
|
8073
|
+
const DecryptEarResponse = "decryptEarResponse";
|
|
8074
|
+
const LoadAccount = "loadAccount";
|
|
8075
|
+
const LoadIdToken = "loadIdToken";
|
|
8076
|
+
const LoadAccessToken = "loadAccessToken";
|
|
8077
|
+
const LoadRefreshToken = "loadRefreshToken";
|
|
8078
|
+
/**
|
|
8079
|
+
* Background telemetry measurement that tracks whether a late bridge response
|
|
8080
|
+
* arrives after the iframe timeout has already fired.
|
|
8081
|
+
*/
|
|
8082
|
+
const WaitForBridgeLateResponse = "waitForBridgeLateResponse";
|
|
8083
|
+
|
|
7946
8084
|
/*
|
|
7947
8085
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7948
8086
|
* Licensed under the MIT License.
|
|
@@ -8849,20 +8987,35 @@
|
|
|
8849
8987
|
activeBridgeMonitor = null;
|
|
8850
8988
|
}
|
|
8851
8989
|
}
|
|
8852
|
-
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient) {
|
|
8990
|
+
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient, experimentalConfig) {
|
|
8853
8991
|
return new Promise((resolve, reject) => {
|
|
8854
8992
|
logger.verbose("1rf6em", request.correlationId);
|
|
8855
8993
|
const correlationId = request.correlationId;
|
|
8856
8994
|
performanceClient.addFields({
|
|
8857
8995
|
redirectBridgeTimeoutMs: timeoutMs,
|
|
8996
|
+
lateResponseExperimentEnabled: experimentalConfig?.iframeTimeoutTelemetry || false,
|
|
8858
8997
|
}, correlationId);
|
|
8859
8998
|
const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
|
|
8860
8999
|
const channel = new BroadcastChannel(libraryState.id);
|
|
8861
9000
|
let responseString = undefined;
|
|
9001
|
+
let timedOut$1 = false;
|
|
9002
|
+
let lateTimeoutId;
|
|
9003
|
+
let lateMeasurement;
|
|
8862
9004
|
const timeoutId = window.setTimeout(() => {
|
|
8863
9005
|
// Clear the active monitor
|
|
8864
9006
|
activeBridgeMonitor = null;
|
|
8865
|
-
|
|
9007
|
+
if (experimentalConfig?.iframeTimeoutTelemetry) {
|
|
9008
|
+
lateMeasurement = performanceClient.startMeasurement(WaitForBridgeLateResponse, correlationId);
|
|
9009
|
+
timedOut$1 = true;
|
|
9010
|
+
lateTimeoutId = window.setTimeout(() => {
|
|
9011
|
+
lateMeasurement?.end({ success: false });
|
|
9012
|
+
clearTimeout(lateTimeoutId);
|
|
9013
|
+
channel.close();
|
|
9014
|
+
}, 60000); // 60s late response timeout to allow for telemetry of late responses
|
|
9015
|
+
}
|
|
9016
|
+
else {
|
|
9017
|
+
channel.close();
|
|
9018
|
+
}
|
|
8866
9019
|
reject(createBrowserAuthError(timedOut, "redirect_bridge_timeout"));
|
|
8867
9020
|
}, timeoutMs);
|
|
8868
9021
|
// Track this monitor so it can be cancelled if needed
|
|
@@ -8876,6 +9029,14 @@
|
|
|
8876
9029
|
const messageVersion = event?.data && typeof event.data.v === "number"
|
|
8877
9030
|
? event.data.v
|
|
8878
9031
|
: undefined;
|
|
9032
|
+
if (timedOut$1) {
|
|
9033
|
+
lateMeasurement?.end({
|
|
9034
|
+
success: responseString ? true : false,
|
|
9035
|
+
});
|
|
9036
|
+
clearTimeout(lateTimeoutId);
|
|
9037
|
+
channel.close();
|
|
9038
|
+
return;
|
|
9039
|
+
}
|
|
8879
9040
|
performanceClient.addFields({
|
|
8880
9041
|
redirectBridgeMessageVersion: messageVersion,
|
|
8881
9042
|
}, correlationId);
|
|
@@ -9038,130 +9199,6 @@
|
|
|
9038
9199
|
waitForBridgeResponse: waitForBridgeResponse
|
|
9039
9200
|
});
|
|
9040
9201
|
|
|
9041
|
-
/*
|
|
9042
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
9043
|
-
* Licensed under the MIT License.
|
|
9044
|
-
*/
|
|
9045
|
-
/**
|
|
9046
|
-
* acquireTokenFromCache (msal-browser).
|
|
9047
|
-
* Internal API for acquiring token from cache
|
|
9048
|
-
*/
|
|
9049
|
-
const AcquireTokenFromCache = "acquireTokenFromCache";
|
|
9050
|
-
/**
|
|
9051
|
-
* acquireTokenByRefreshToken API (msal-browser and msal-node).
|
|
9052
|
-
* Used to renew an access token using a refresh token against the token endpoint.
|
|
9053
|
-
*/
|
|
9054
|
-
const AcquireTokenByRefreshToken = "acquireTokenByRefreshToken";
|
|
9055
|
-
/**
|
|
9056
|
-
* acquireTokenSilentAsync (msal-browser).
|
|
9057
|
-
* Internal API for acquireTokenSilent.
|
|
9058
|
-
*/
|
|
9059
|
-
const AcquireTokenSilentAsync = "acquireTokenSilentAsync";
|
|
9060
|
-
/**
|
|
9061
|
-
* getPublicKeyThumbprint API in CryptoOpts class (msal-browser).
|
|
9062
|
-
* Used to generate a public/private keypair and generate a public key thumbprint for pop requests.
|
|
9063
|
-
*/
|
|
9064
|
-
const CryptoOptsGetPublicKeyThumbprint = "cryptoOptsGetPublicKeyThumbprint";
|
|
9065
|
-
/**
|
|
9066
|
-
* signJwt API in CryptoOpts class (msal-browser).
|
|
9067
|
-
* Used to signed a pop token.
|
|
9068
|
-
*/
|
|
9069
|
-
const CryptoOptsSignJwt = "cryptoOptsSignJwt";
|
|
9070
|
-
/**
|
|
9071
|
-
* acquireToken API in the SilentCacheClient class (msal-browser).
|
|
9072
|
-
* Used to read access tokens from the cache.
|
|
9073
|
-
*/
|
|
9074
|
-
const SilentCacheClientAcquireToken = "silentCacheClientAcquireToken";
|
|
9075
|
-
/**
|
|
9076
|
-
* acquireToken API in the SilentIframeClient class (msal-browser).
|
|
9077
|
-
* Used to acquire a new set of tokens from the authorize endpoint in a hidden iframe.
|
|
9078
|
-
*/
|
|
9079
|
-
const SilentIframeClientAcquireToken = "silentIframeClientAcquireToken";
|
|
9080
|
-
const AwaitConcurrentIframe = "awaitConcurrentIframe"; // Time spent waiting for a concurrent iframe to complete
|
|
9081
|
-
/**
|
|
9082
|
-
* acquireToken API in SilentRereshClient (msal-browser).
|
|
9083
|
-
* Used to acquire a new set of tokens from the token endpoint using a refresh token.
|
|
9084
|
-
*/
|
|
9085
|
-
const SilentRefreshClientAcquireToken = "silentRefreshClientAcquireToken";
|
|
9086
|
-
/**
|
|
9087
|
-
* getDiscoveredAuthority API in StandardInteractionClient class (msal-browser).
|
|
9088
|
-
* Used to load authority metadata for a request.
|
|
9089
|
-
*/
|
|
9090
|
-
const StandardInteractionClientGetDiscoveredAuthority = "standardInteractionClientGetDiscoveredAuthority";
|
|
9091
|
-
/**
|
|
9092
|
-
* acquireToken API in NativeInteractionClient class (msal-browser).
|
|
9093
|
-
* Used to acquire a token from Native component when native brokering is enabled.
|
|
9094
|
-
*/
|
|
9095
|
-
const NativeInteractionClientAcquireToken = "nativeInteractionClientAcquireToken";
|
|
9096
|
-
/**
|
|
9097
|
-
* acquireTokenByRefreshToken API in RefreshTokenClient (msal-common).
|
|
9098
|
-
*/
|
|
9099
|
-
const RefreshTokenClientAcquireTokenByRefreshToken = "refreshTokenClientAcquireTokenByRefreshToken";
|
|
9100
|
-
/**
|
|
9101
|
-
* acquireTokenBySilentIframe (msal-browser).
|
|
9102
|
-
* Internal API for acquiring token by silent Iframe
|
|
9103
|
-
*/
|
|
9104
|
-
const AcquireTokenBySilentIframe = "acquireTokenBySilentIframe";
|
|
9105
|
-
/**
|
|
9106
|
-
* Internal API for initializing base request in BaseInteractionClient (msal-browser)
|
|
9107
|
-
*/
|
|
9108
|
-
const InitializeBaseRequest = "initializeBaseRequest";
|
|
9109
|
-
/**
|
|
9110
|
-
* Internal API for initializing silent request in SilentCacheClient (msal-browser)
|
|
9111
|
-
*/
|
|
9112
|
-
const InitializeSilentRequest = "initializeSilentRequest";
|
|
9113
|
-
const InitializeCache = "initializeCache";
|
|
9114
|
-
/**
|
|
9115
|
-
* Helper function in SilentIframeClient class (msal-browser).
|
|
9116
|
-
*/
|
|
9117
|
-
const SilentIframeClientTokenHelper = "silentIframeClientTokenHelper";
|
|
9118
|
-
/**
|
|
9119
|
-
* SilentHandler
|
|
9120
|
-
*/
|
|
9121
|
-
const SilentHandlerInitiateAuthRequest = "silentHandlerInitiateAuthRequest";
|
|
9122
|
-
const SilentHandlerMonitorIframeForHash = "silentHandlerMonitorIframeForHash";
|
|
9123
|
-
const SilentHandlerLoadFrameSync = "silentHandlerLoadFrameSync";
|
|
9124
|
-
/**
|
|
9125
|
-
* Helper functions in StandardInteractionClient class (msal-browser)
|
|
9126
|
-
*/
|
|
9127
|
-
const StandardInteractionClientCreateAuthCodeClient = "standardInteractionClientCreateAuthCodeClient";
|
|
9128
|
-
const StandardInteractionClientGetClientConfiguration = "standardInteractionClientGetClientConfiguration";
|
|
9129
|
-
const StandardInteractionClientInitializeAuthorizationRequest = "standardInteractionClientInitializeAuthorizationRequest";
|
|
9130
|
-
const SilentFlowClientAcquireCachedToken = "silentFlowClientAcquireCachedToken";
|
|
9131
|
-
const GetStandardParams = "getStandardParams";
|
|
9132
|
-
const HandleCodeResponse = "handleCodeResponse";
|
|
9133
|
-
const HandleResponseEar = "handleResponseEar";
|
|
9134
|
-
const HandleResponsePlatformBroker = "handleResponsePlatformBroker";
|
|
9135
|
-
const HandleResponseCode = "handleResponseCode";
|
|
9136
|
-
const AuthClientAcquireToken = "authClientAcquireToken";
|
|
9137
|
-
const DeserializeResponse = "deserializeResponse";
|
|
9138
|
-
const AuthorityFactoryCreateDiscoveredInstance = "authorityFactoryCreateDiscoveredInstance";
|
|
9139
|
-
const AcquireTokenByCodeAsync = "acquireTokenByCodeAsync";
|
|
9140
|
-
const HandleRedirectPromiseMeasurement = "handleRedirectPromise";
|
|
9141
|
-
const HandleNativeRedirectPromiseMeasurement = "handleNativeRedirectPromise";
|
|
9142
|
-
const NativeMessageHandlerHandshake = "nativeMessageHandlerHandshake";
|
|
9143
|
-
const ImportExistingCache = "importExistingCache";
|
|
9144
|
-
/**
|
|
9145
|
-
* Crypto Operations
|
|
9146
|
-
*/
|
|
9147
|
-
const GeneratePkceCodes = "generatePkceCodes";
|
|
9148
|
-
const GenerateCodeVerifier = "generateCodeVerifier";
|
|
9149
|
-
const GenerateCodeChallengeFromVerifier = "generateCodeChallengeFromVerifier";
|
|
9150
|
-
const Sha256Digest = "sha256Digest";
|
|
9151
|
-
const GetRandomValues = "getRandomValues";
|
|
9152
|
-
const GenerateHKDF = "generateHKDF";
|
|
9153
|
-
const GenerateBaseKey = "generateBaseKey";
|
|
9154
|
-
const Base64Decode = "base64Decode";
|
|
9155
|
-
const UrlEncodeArr = "urlEncodeArr";
|
|
9156
|
-
const Encrypt = "encrypt";
|
|
9157
|
-
const Decrypt = "decrypt";
|
|
9158
|
-
const GenerateEarKey = "generateEarKey";
|
|
9159
|
-
const DecryptEarResponse = "decryptEarResponse";
|
|
9160
|
-
const LoadAccount = "loadAccount";
|
|
9161
|
-
const LoadIdToken = "loadIdToken";
|
|
9162
|
-
const LoadAccessToken = "loadAccessToken";
|
|
9163
|
-
const LoadRefreshToken = "loadRefreshToken";
|
|
9164
|
-
|
|
9165
9202
|
/*
|
|
9166
9203
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
9167
9204
|
* Licensed under the MIT License.
|
|
@@ -10298,7 +10335,7 @@
|
|
|
10298
10335
|
|
|
10299
10336
|
/* eslint-disable header/header */
|
|
10300
10337
|
const name = "@azure/msal-browser";
|
|
10301
|
-
const version = "5.6.
|
|
10338
|
+
const version = "5.6.3";
|
|
10302
10339
|
|
|
10303
10340
|
/*
|
|
10304
10341
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -12762,9 +12799,9 @@
|
|
|
12762
12799
|
}
|
|
12763
12800
|
// Get the preferred_cache domain for the given authority
|
|
12764
12801
|
const authority = await getDiscoveredAuthority(this.config, this.correlationId, this.performanceClient, this.browserStorage, this.logger, request.authority);
|
|
12765
|
-
const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info,
|
|
12802
|
+
const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info, authority.getPreferredCache(), // environment
|
|
12766
12803
|
idTokenClaims.tid, undefined, // auth code payload
|
|
12767
|
-
response.account.id);
|
|
12804
|
+
response.account.id, this.logger, this.performanceClient);
|
|
12768
12805
|
// Ensure expires_in is in number format
|
|
12769
12806
|
response.expires_in = Number(response.expires_in);
|
|
12770
12807
|
// generate authenticationResult
|
|
@@ -13649,7 +13686,7 @@
|
|
|
13649
13686
|
*
|
|
13650
13687
|
* @returns Configuration object
|
|
13651
13688
|
*/
|
|
13652
|
-
function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system: userInputSystem, telemetry: userInputTelemetry, }, isBrowserEnvironment) {
|
|
13689
|
+
function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system: userInputSystem, experimental: userInputExperimental, telemetry: userInputTelemetry, }, isBrowserEnvironment) {
|
|
13653
13690
|
// Default auth options for browser
|
|
13654
13691
|
const DEFAULT_AUTH_OPTIONS = {
|
|
13655
13692
|
clientId: "",
|
|
@@ -13721,6 +13758,9 @@
|
|
|
13721
13758
|
},
|
|
13722
13759
|
client: new StubPerformanceClient(),
|
|
13723
13760
|
};
|
|
13761
|
+
const DEFAULT_EXPERIMENTAL_OPTIONS = {
|
|
13762
|
+
iframeTimeoutTelemetry: false,
|
|
13763
|
+
};
|
|
13724
13764
|
// Throw an error if user has set OIDCOptions without being in OIDC protocol mode
|
|
13725
13765
|
if (userInputSystem?.protocolMode !== ProtocolMode.OIDC &&
|
|
13726
13766
|
userInputAuth?.OIDCOptions) {
|
|
@@ -13744,6 +13784,10 @@
|
|
|
13744
13784
|
},
|
|
13745
13785
|
cache: { ...DEFAULT_CACHE_OPTIONS, ...userInputCache },
|
|
13746
13786
|
system: providedSystemOptions,
|
|
13787
|
+
experimental: {
|
|
13788
|
+
...DEFAULT_EXPERIMENTAL_OPTIONS,
|
|
13789
|
+
...userInputExperimental,
|
|
13790
|
+
},
|
|
13747
13791
|
telemetry: { ...DEFAULT_TELEMETRY_OPTIONS, ...userInputTelemetry },
|
|
13748
13792
|
};
|
|
13749
13793
|
return overlayedConfig;
|
|
@@ -15160,6 +15204,16 @@
|
|
|
15160
15204
|
authFrame.setAttribute("allow", "local-network-access *");
|
|
15161
15205
|
document.body.appendChild(authFrame);
|
|
15162
15206
|
return authFrame;
|
|
15207
|
+
}
|
|
15208
|
+
/**
|
|
15209
|
+
* @hidden
|
|
15210
|
+
* Removes a hidden iframe from `document.body` if it is a direct child.
|
|
15211
|
+
* @param iframe - The iframe element to remove.
|
|
15212
|
+
*/
|
|
15213
|
+
function removeHiddenIframe(iframe) {
|
|
15214
|
+
if (document.body === iframe.parentNode) {
|
|
15215
|
+
document.body.removeChild(iframe);
|
|
15216
|
+
}
|
|
15163
15217
|
}
|
|
15164
15218
|
|
|
15165
15219
|
/*
|
|
@@ -15255,9 +15309,15 @@
|
|
|
15255
15309
|
earJwk: earJwk,
|
|
15256
15310
|
codeChallenge: pkceCodes.challenge,
|
|
15257
15311
|
};
|
|
15258
|
-
await invokeAsync(initiateEarRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, discoveredAuthority, silentRequest, this.logger, this.performanceClient);
|
|
15312
|
+
const iframe = await invokeAsync(initiateEarRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, discoveredAuthority, silentRequest, this.logger, this.performanceClient);
|
|
15259
15313
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
15260
|
-
|
|
15314
|
+
let responseString;
|
|
15315
|
+
try {
|
|
15316
|
+
responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient, this.config.experimental);
|
|
15317
|
+
}
|
|
15318
|
+
finally {
|
|
15319
|
+
invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
|
|
15320
|
+
}
|
|
15261
15321
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
15262
15322
|
if (!serverParams.ear_jwe && serverParams.code) {
|
|
15263
15323
|
// If server doesn't support EAR, they may fallback to auth code flow instead
|
|
@@ -15295,18 +15355,25 @@
|
|
|
15295
15355
|
...request,
|
|
15296
15356
|
codeChallenge: pkceCodes.challenge,
|
|
15297
15357
|
};
|
|
15358
|
+
let iframe;
|
|
15298
15359
|
if (request.httpMethod === HttpMethod.POST) {
|
|
15299
|
-
await invokeAsync(initiateCodeFlowWithPost, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
|
|
15360
|
+
iframe = await invokeAsync(initiateCodeFlowWithPost, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
|
|
15300
15361
|
}
|
|
15301
15362
|
else {
|
|
15302
15363
|
// Create authorize request url
|
|
15303
15364
|
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
|
|
15304
15365
|
// Get the frame handle for the silent request
|
|
15305
|
-
await invokeAsync(initiateCodeRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId);
|
|
15366
|
+
iframe = await invokeAsync(initiateCodeRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId);
|
|
15306
15367
|
}
|
|
15307
15368
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
15308
15369
|
// Wait for response from the redirect bridge.
|
|
15309
|
-
|
|
15370
|
+
let responseString;
|
|
15371
|
+
try {
|
|
15372
|
+
responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient, this.config.experimental);
|
|
15373
|
+
}
|
|
15374
|
+
finally {
|
|
15375
|
+
invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
|
|
15376
|
+
}
|
|
15310
15377
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
15311
15378
|
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceCodes.verifier, this.apiId, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15312
15379
|
}
|
|
@@ -15562,22 +15629,32 @@
|
|
|
15562
15629
|
this.nativeInternalStorage = new BrowserCacheManager(this.config.auth.clientId, nativeCacheOptions, this.browserCrypto, this.logger, this.performanceClient, this.eventHandler);
|
|
15563
15630
|
this.activeSilentTokenRequests = new Map();
|
|
15564
15631
|
// Register listener functions
|
|
15565
|
-
this.
|
|
15632
|
+
this.trackStateChange = this.trackStateChange.bind(this);
|
|
15566
15633
|
// Register listener functions
|
|
15567
|
-
this.
|
|
15568
|
-
this.
|
|
15634
|
+
this.trackStateChangeWithMeasurement =
|
|
15635
|
+
this.trackStateChangeWithMeasurement.bind(this);
|
|
15569
15636
|
}
|
|
15570
15637
|
static async createController(operatingContext, request) {
|
|
15571
15638
|
const controller = new StandardController(operatingContext);
|
|
15572
15639
|
await controller.initialize(request);
|
|
15573
15640
|
return controller;
|
|
15574
15641
|
}
|
|
15575
|
-
|
|
15642
|
+
trackStateChange(correlationId, event) {
|
|
15576
15643
|
if (!correlationId) {
|
|
15577
15644
|
return;
|
|
15578
15645
|
}
|
|
15579
|
-
|
|
15580
|
-
|
|
15646
|
+
if (event.type === "visibilitychange") {
|
|
15647
|
+
this.logger.info("16v6hv", correlationId);
|
|
15648
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
|
|
15649
|
+
}
|
|
15650
|
+
else if (event.type === "online") {
|
|
15651
|
+
this.logger.info("0zirfd", correlationId);
|
|
15652
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
15653
|
+
}
|
|
15654
|
+
else if (event.type === "offline") {
|
|
15655
|
+
this.logger.info("1xk9ef", correlationId);
|
|
15656
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
15657
|
+
}
|
|
15581
15658
|
}
|
|
15582
15659
|
/**
|
|
15583
15660
|
* Initializer function to perform async startup tasks such as connecting to WAM extension
|
|
@@ -15919,15 +15996,40 @@
|
|
|
15919
15996
|
}
|
|
15920
15997
|
});
|
|
15921
15998
|
}
|
|
15922
|
-
|
|
15999
|
+
trackStateChangeWithMeasurement(event) {
|
|
15923
16000
|
const measurement = this.ssoSilentMeasurement ||
|
|
15924
16001
|
this.acquireTokenByCodeAsyncMeasurement;
|
|
15925
16002
|
if (!measurement) {
|
|
15926
16003
|
return;
|
|
15927
16004
|
}
|
|
15928
|
-
|
|
15929
|
-
|
|
15930
|
-
|
|
16005
|
+
if (event.type === "visibilitychange") {
|
|
16006
|
+
this.logger.info("0yzimq", measurement.event.correlationId);
|
|
16007
|
+
measurement.increment({
|
|
16008
|
+
visibilityChangeCount: 1,
|
|
16009
|
+
});
|
|
16010
|
+
}
|
|
16011
|
+
else if (event.type === "online") {
|
|
16012
|
+
this.logger.info("1caf53", measurement.event.correlationId);
|
|
16013
|
+
measurement.increment({
|
|
16014
|
+
onlineStatusChangeCount: 1,
|
|
16015
|
+
});
|
|
16016
|
+
}
|
|
16017
|
+
else if (event.type === "offline") {
|
|
16018
|
+
this.logger.info("0fdyk7", measurement.event.correlationId);
|
|
16019
|
+
measurement.increment({
|
|
16020
|
+
onlineStatusChangeCount: 1,
|
|
16021
|
+
});
|
|
16022
|
+
}
|
|
16023
|
+
}
|
|
16024
|
+
addStateChangeListeners(listener) {
|
|
16025
|
+
document.addEventListener("visibilitychange", listener);
|
|
16026
|
+
window.addEventListener("online", listener);
|
|
16027
|
+
window.addEventListener("offline", listener);
|
|
16028
|
+
}
|
|
16029
|
+
removeStateChangeListeners(listener) {
|
|
16030
|
+
document.removeEventListener("visibilitychange", listener);
|
|
16031
|
+
window.removeEventListener("online", listener);
|
|
16032
|
+
window.removeEventListener("offline", listener);
|
|
15931
16033
|
}
|
|
15932
16034
|
// #endregion
|
|
15933
16035
|
// #region Silent Flow
|
|
@@ -15961,8 +16063,9 @@
|
|
|
15961
16063
|
preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
|
|
15962
16064
|
this.ssoSilentMeasurement?.increment({
|
|
15963
16065
|
visibilityChangeCount: 0,
|
|
16066
|
+
onlineStatusChangeCount: 0,
|
|
15964
16067
|
});
|
|
15965
|
-
|
|
16068
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
15966
16069
|
const loggedInAccounts = this.getAllAccounts();
|
|
15967
16070
|
this.logger.verbose("0w1b45", correlationId);
|
|
15968
16071
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Silent, validRequest);
|
|
@@ -16005,7 +16108,7 @@
|
|
|
16005
16108
|
throw e;
|
|
16006
16109
|
})
|
|
16007
16110
|
.finally(() => {
|
|
16008
|
-
|
|
16111
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
16009
16112
|
});
|
|
16010
16113
|
}
|
|
16011
16114
|
/**
|
|
@@ -16112,8 +16215,9 @@
|
|
|
16112
16215
|
this.performanceClient.startMeasurement(AcquireTokenByCodeAsync, correlationId);
|
|
16113
16216
|
this.acquireTokenByCodeAsyncMeasurement?.increment({
|
|
16114
16217
|
visibilityChangeCount: 0,
|
|
16218
|
+
onlineStatusChangeCount: 0,
|
|
16115
16219
|
});
|
|
16116
|
-
|
|
16220
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
16117
16221
|
const silentAuthCodeClient = this.createSilentAuthCodeClient(correlationId);
|
|
16118
16222
|
const silentTokenResult = await silentAuthCodeClient
|
|
16119
16223
|
.acquireToken(request)
|
|
@@ -16132,7 +16236,7 @@
|
|
|
16132
16236
|
throw tokenRenewalError;
|
|
16133
16237
|
})
|
|
16134
16238
|
.finally(() => {
|
|
16135
|
-
|
|
16239
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
16136
16240
|
});
|
|
16137
16241
|
return silentTokenResult;
|
|
16138
16242
|
}
|
|
@@ -16594,12 +16698,12 @@
|
|
|
16594
16698
|
* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
|
|
16595
16699
|
*/
|
|
16596
16700
|
async acquireTokenSilentAsync(request, account) {
|
|
16597
|
-
const
|
|
16701
|
+
const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
|
|
16598
16702
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, request.correlationId, exports.InteractionType.Silent, request);
|
|
16599
16703
|
if (request.correlationId) {
|
|
16600
|
-
this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
|
|
16704
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
|
|
16601
16705
|
}
|
|
16602
|
-
|
|
16706
|
+
this.addStateChangeListeners(trackStateChange);
|
|
16603
16707
|
const silentRequest = await invokeAsync(initializeSilentRequest, InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
|
|
16604
16708
|
const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
|
|
16605
16709
|
const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
|
|
@@ -16681,7 +16785,7 @@
|
|
|
16681
16785
|
throw tokenRenewalError;
|
|
16682
16786
|
})
|
|
16683
16787
|
.finally(() => {
|
|
16684
|
-
|
|
16788
|
+
this.removeStateChangeListeners(trackStateChange);
|
|
16685
16789
|
});
|
|
16686
16790
|
}
|
|
16687
16791
|
/**
|
|
@@ -18281,7 +18385,7 @@
|
|
|
18281
18385
|
const storage = new BrowserCacheManager(browserConfig.auth.clientId, browserConfig.cache, cryptoOps, logger, browserConfig.telemetry.client, new EventHandler(logger), buildStaticAuthorityOptions(browserConfig.auth));
|
|
18282
18386
|
const authorityString = request.authority || browserConfig.auth.authority;
|
|
18283
18387
|
const authority = await createDiscoveredInstance(Authority.generateAuthority(authorityString, request.azureCloudOptions), browserConfig.system.networkClient, storage, authorityOptions, logger, correlationId, performanceClient);
|
|
18284
|
-
const cacheRecordAccount = await invokeAsync(loadAccount, LoadAccount, logger, performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, storage, logger, cryptoOps, authority, idTokenClaims);
|
|
18388
|
+
const cacheRecordAccount = await invokeAsync(loadAccount, LoadAccount, logger, performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, storage, logger, cryptoOps, authority, idTokenClaims, performanceClient);
|
|
18285
18389
|
const idToken = await invokeAsync(loadIdToken, LoadIdToken, logger, performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, kmsi, correlationId, storage, logger, config.auth.clientId);
|
|
18286
18390
|
const accessToken = await invokeAsync(loadAccessToken, LoadAccessToken, logger, performanceClient, correlationId)(request, response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, kmsi, options, correlationId, storage, logger, config.auth.clientId);
|
|
18287
18391
|
const refreshToken = await invokeAsync(loadRefreshToken, LoadRefreshToken, logger, performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, kmsi, correlationId, storage, logger, config.auth.clientId, performanceClient);
|
|
@@ -18307,7 +18411,7 @@
|
|
|
18307
18411
|
* @param requestHomeAccountId
|
|
18308
18412
|
* @returns `AccountEntity`
|
|
18309
18413
|
*/
|
|
18310
|
-
async function loadAccount(request, clientInfo, correlationId, storage, logger, cryptoObj, authority, idTokenClaims) {
|
|
18414
|
+
async function loadAccount(request, clientInfo, correlationId, storage, logger, cryptoObj, authority, idTokenClaims, performanceClient) {
|
|
18311
18415
|
logger.verbose("0ke46k", correlationId);
|
|
18312
18416
|
if (request.account) {
|
|
18313
18417
|
const accountEntity = createAccountEntityFromAccountInfo(request.account);
|
|
@@ -18322,7 +18426,7 @@
|
|
|
18322
18426
|
const claimsTenantId = idTokenClaims?.tid;
|
|
18323
18427
|
const cachedAccount = buildAccountToCache(storage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, authority.getPreferredCache(), claimsTenantId, undefined, // authCodePayload
|
|
18324
18428
|
undefined, // nativeAccountId
|
|
18325
|
-
logger);
|
|
18429
|
+
logger, performanceClient);
|
|
18326
18430
|
await storage.setAccount(cachedAccount, correlationId, isKmsi(idTokenClaims || {}), ApiId.loadExternalTokens);
|
|
18327
18431
|
return cachedAccount;
|
|
18328
18432
|
}
|
|
@@ -18594,6 +18698,9 @@
|
|
|
18594
18698
|
getPageVisibility() {
|
|
18595
18699
|
return document.visibilityState?.toString() || null;
|
|
18596
18700
|
}
|
|
18701
|
+
getOnlineStatus() {
|
|
18702
|
+
return typeof navigator !== "undefined" ? navigator.onLine : null;
|
|
18703
|
+
}
|
|
18597
18704
|
deleteIncompleteSubMeasurements(inProgressEvent) {
|
|
18598
18705
|
void getPerfMeasurementModule()?.then((module) => {
|
|
18599
18706
|
const rootEvent = this.eventsByCorrelationId.get(inProgressEvent.event.correlationId);
|
|
@@ -18620,6 +18727,7 @@
|
|
|
18620
18727
|
startMeasurement(measureName, correlationId) {
|
|
18621
18728
|
// Capture page visibilityState and then invoke start/end measurement
|
|
18622
18729
|
const startPageVisibility = this.getPageVisibility();
|
|
18730
|
+
const startOnlineStatus = this.getOnlineStatus();
|
|
18623
18731
|
const inProgressEvent = super.startMeasurement(measureName, correlationId);
|
|
18624
18732
|
const startTime = supportsBrowserPerformanceNow()
|
|
18625
18733
|
? window.performance.now()
|
|
@@ -18635,6 +18743,7 @@
|
|
|
18635
18743
|
const res = inProgressEvent.end({
|
|
18636
18744
|
...event,
|
|
18637
18745
|
startPageVisibility,
|
|
18746
|
+
startOnlineStatus,
|
|
18638
18747
|
endPageVisibility: this.getPageVisibility(),
|
|
18639
18748
|
durationMs: getPerfDurationMs(startTime),
|
|
18640
18749
|
networkEffectiveType: networkInfo.effectiveType,
|