@azure/msal-browser 5.6.1 → 5.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (396) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  4. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  7. package/dist/cache/AccountManager.mjs +1 -1
  8. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  9. package/dist/cache/BrowserCacheManager.mjs +1 -1
  10. package/dist/cache/CacheHelpers.mjs +1 -1
  11. package/dist/cache/CacheKeys.mjs +1 -1
  12. package/dist/cache/CookieStorage.mjs +1 -1
  13. package/dist/cache/DatabaseStorage.mjs +1 -1
  14. package/dist/cache/EncryptedData.mjs +1 -1
  15. package/dist/cache/LocalStorage.mjs +1 -1
  16. package/dist/cache/MemoryStorage.mjs +1 -1
  17. package/dist/cache/SessionStorage.mjs +1 -1
  18. package/dist/cache/TokenCache.d.ts.map +1 -1
  19. package/dist/cache/TokenCache.mjs +9 -9
  20. package/dist/cache/TokenCache.mjs.map +1 -1
  21. package/dist/config/Configuration.d.ts +13 -1
  22. package/dist/config/Configuration.d.ts.map +1 -1
  23. package/dist/config/Configuration.mjs +9 -2
  24. package/dist/config/Configuration.mjs.map +1 -1
  25. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  26. package/dist/controllers/StandardController.d.ts +4 -2
  27. package/dist/controllers/StandardController.d.ts.map +1 -1
  28. package/dist/controllers/StandardController.mjs +56 -19
  29. package/dist/controllers/StandardController.mjs.map +1 -1
  30. package/dist/crypto/BrowserCrypto.mjs +1 -1
  31. package/dist/crypto/CryptoOps.mjs +1 -1
  32. package/dist/crypto/PkceGenerator.mjs +1 -1
  33. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  34. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  35. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  36. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  37. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  38. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  39. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  40. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  41. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  42. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  43. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  44. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  45. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  46. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  47. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  48. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  49. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  50. package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
  51. package/dist/custom-auth-path/config/Configuration.d.ts +13 -1
  52. package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
  53. package/dist/custom-auth-path/config/Configuration.mjs +9 -2
  54. package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
  55. package/dist/custom-auth-path/controllers/StandardController.d.ts +4 -2
  56. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  57. package/dist/custom-auth-path/controllers/StandardController.mjs +56 -19
  58. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  59. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  60. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  61. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  62. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  63. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  64. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  65. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  166. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  167. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  169. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  170. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  171. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  172. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  173. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  174. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  175. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  176. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  177. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  178. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  179. package/dist/custom-auth-path/index.d.ts +1 -1
  180. package/dist/custom-auth-path/index.d.ts.map +1 -1
  181. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  182. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  183. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  184. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  185. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
  186. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  187. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  188. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  189. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  190. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  191. package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
  192. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +21 -8
  193. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
  194. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  195. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
  196. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  197. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts +6 -0
  198. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
  199. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +12 -2
  200. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
  201. package/dist/custom-auth-path/log-strings-mapping.json +23 -3
  202. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  203. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  204. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  205. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  206. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  207. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  208. package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
  209. package/dist/custom-auth-path/redirect_bridge/index.d.ts.map +1 -1
  210. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  211. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  212. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
  213. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  214. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts +5 -0
  215. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  216. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +9 -3
  217. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
  218. package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  219. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  220. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  221. package/dist/custom-auth-path/utils/BrowserUtils.d.ts +2 -2
  222. package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
  223. package/dist/custom-auth-path/utils/BrowserUtils.mjs +27 -3
  224. package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
  225. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  226. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
  227. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  228. package/dist/encode/Base64Decode.mjs +1 -1
  229. package/dist/encode/Base64Encode.mjs +1 -1
  230. package/dist/error/BrowserAuthError.mjs +1 -1
  231. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  232. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  233. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  234. package/dist/error/NativeAuthError.mjs +1 -1
  235. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  236. package/dist/error/NestedAppAuthError.mjs +1 -1
  237. package/dist/event/EventHandler.mjs +1 -1
  238. package/dist/event/EventMessage.mjs +1 -1
  239. package/dist/event/EventType.mjs +1 -1
  240. package/dist/index.d.ts +1 -1
  241. package/dist/index.d.ts.map +1 -1
  242. package/dist/index.mjs +1 -1
  243. package/dist/index.mjs.map +1 -1
  244. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  245. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  246. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  247. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  248. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
  249. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  250. package/dist/interaction_client/PopupClient.mjs +1 -1
  251. package/dist/interaction_client/RedirectClient.mjs +1 -1
  252. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  253. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  254. package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
  255. package/dist/interaction_client/SilentIframeClient.mjs +21 -8
  256. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  257. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  258. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  259. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  260. package/dist/interaction_handler/SilentHandler.d.ts +6 -0
  261. package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
  262. package/dist/interaction_handler/SilentHandler.mjs +12 -2
  263. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  264. package/dist/log-strings-mapping.json +31 -11
  265. package/dist/naa/BridgeError.mjs +1 -1
  266. package/dist/naa/BridgeProxy.mjs +1 -1
  267. package/dist/naa/BridgeStatusCode.mjs +1 -1
  268. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  269. package/dist/navigation/NavigationClient.mjs +1 -1
  270. package/dist/network/FetchClient.mjs +1 -1
  271. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  272. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  273. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  274. package/dist/packageMetadata.d.ts +1 -1
  275. package/dist/packageMetadata.mjs +2 -2
  276. package/dist/protocol/Authorize.mjs +1 -1
  277. package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
  278. package/dist/redirect-bridge/cache/TokenCache.d.ts.map +1 -1
  279. package/dist/redirect-bridge/config/Configuration.d.ts +13 -1
  280. package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
  281. package/dist/redirect-bridge/config/Configuration.mjs +1 -1
  282. package/dist/redirect-bridge/controllers/StandardController.d.ts +4 -2
  283. package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
  284. package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
  285. package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
  286. package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
  287. package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
  288. package/dist/redirect-bridge/index.d.ts +1 -1
  289. package/dist/redirect-bridge/index.d.ts.map +1 -1
  290. package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  291. package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  292. package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
  293. package/dist/redirect-bridge/interaction_handler/SilentHandler.d.ts +6 -0
  294. package/dist/redirect-bridge/interaction_handler/SilentHandler.d.ts.map +1 -1
  295. package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
  296. package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
  297. package/dist/redirect-bridge/redirect_bridge/index.d.ts.map +1 -1
  298. package/dist/redirect-bridge/redirect_bridge/index.mjs +43 -24
  299. package/dist/redirect-bridge/redirect_bridge/index.mjs.map +1 -1
  300. package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts +1 -0
  301. package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  302. package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts +5 -0
  303. package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  304. package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
  305. package/dist/redirect-bridge/utils/BrowserUtils.d.ts +2 -2
  306. package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -1
  307. package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
  308. package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -1
  309. package/dist/redirect_bridge/index.d.ts.map +1 -1
  310. package/dist/request/RequestHelpers.mjs +1 -1
  311. package/dist/response/ResponseHandler.mjs +1 -1
  312. package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
  313. package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  314. package/dist/telemetry/BrowserPerformanceClient.mjs +6 -1
  315. package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
  316. package/dist/telemetry/BrowserPerformanceEvents.d.ts +5 -0
  317. package/dist/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  318. package/dist/telemetry/BrowserPerformanceEvents.mjs +9 -3
  319. package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
  320. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  321. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  322. package/dist/utils/BrowserConstants.mjs +1 -1
  323. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  324. package/dist/utils/BrowserUtils.d.ts +2 -2
  325. package/dist/utils/BrowserUtils.d.ts.map +1 -1
  326. package/dist/utils/BrowserUtils.mjs +27 -3
  327. package/dist/utils/BrowserUtils.mjs.map +1 -1
  328. package/dist/utils/Helpers.mjs +1 -1
  329. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  330. package/lib/custom-auth-path/log-strings-mapping.json +23 -3
  331. package/lib/custom-auth-path/msal-custom-auth.cjs +649 -546
  332. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  333. package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
  334. package/lib/custom-auth-path/types/config/Configuration.d.ts +13 -1
  335. package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
  336. package/lib/custom-auth-path/types/controllers/StandardController.d.ts +4 -2
  337. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  338. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  339. package/lib/custom-auth-path/types/index.d.ts +1 -1
  340. package/lib/custom-auth-path/types/index.d.ts.map +1 -1
  341. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  342. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  343. package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  344. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts +6 -0
  345. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  346. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  347. package/lib/custom-auth-path/types/redirect_bridge/index.d.ts.map +1 -1
  348. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  349. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  350. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts +5 -0
  351. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  352. package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +2 -2
  353. package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
  354. package/lib/log-strings-mapping.json +31 -11
  355. package/lib/msal-browser.cjs +794 -685
  356. package/lib/msal-browser.cjs.map +1 -1
  357. package/lib/msal-browser.js +794 -685
  358. package/lib/msal-browser.js.map +1 -1
  359. package/lib/msal-browser.min.js +2 -2
  360. package/lib/redirect-bridge/msal-redirect-bridge.js +52 -33
  361. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
  362. package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
  363. package/lib/types/cache/TokenCache.d.ts.map +1 -1
  364. package/lib/types/config/Configuration.d.ts +13 -1
  365. package/lib/types/config/Configuration.d.ts.map +1 -1
  366. package/lib/types/controllers/StandardController.d.ts +4 -2
  367. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  368. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  369. package/lib/types/index.d.ts +1 -1
  370. package/lib/types/index.d.ts.map +1 -1
  371. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  372. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  373. package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  374. package/lib/types/interaction_handler/SilentHandler.d.ts +6 -0
  375. package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  376. package/lib/types/packageMetadata.d.ts +1 -1
  377. package/lib/types/redirect_bridge/index.d.ts.map +1 -1
  378. package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  379. package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  380. package/lib/types/telemetry/BrowserPerformanceEvents.d.ts +5 -0
  381. package/lib/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  382. package/lib/types/utils/BrowserUtils.d.ts +2 -2
  383. package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
  384. package/package.json +2 -2
  385. package/src/cache/TokenCache.ts +27 -24
  386. package/src/config/Configuration.ts +22 -0
  387. package/src/controllers/StandardController.ts +84 -35
  388. package/src/index.ts +1 -0
  389. package/src/interaction_client/PlatformAuthInteractionClient.ts +55 -53
  390. package/src/interaction_client/SilentIframeClient.ts +55 -29
  391. package/src/interaction_handler/SilentHandler.ts +11 -0
  392. package/src/packageMetadata.ts +1 -1
  393. package/src/redirect_bridge/index.ts +47 -25
  394. package/src/telemetry/BrowserPerformanceClient.ts +6 -0
  395. package/src/telemetry/BrowserPerformanceEvents.ts +6 -0
  396. package/src/utils/BrowserUtils.ts +36 -4
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-browser v5.6.1 2026-03-19 */
1
+ /*! @azure/msal-browser v5.6.3 2026-04-01 */
2
2
  'use strict';
3
3
  (function (global, factory) {
4
4
  typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
@@ -6,7 +6,7 @@
6
6
  (global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
7
7
  })(this, (function (exports) { 'use strict';
8
8
 
9
- /*! @azure/msal-common v16.4.0 2026-03-19 */
9
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
10
10
  /*
11
11
  * Copyright (c) Microsoft Corporation. All rights reserved.
12
12
  * Licensed under the MIT License.
@@ -238,7 +238,7 @@
238
238
  // Token renewal offset default in seconds
239
239
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
240
240
 
241
- /*! @azure/msal-common v16.4.0 2026-03-19 */
241
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
242
242
  /*
243
243
  * Copyright (c) Microsoft Corporation. All rights reserved.
244
244
  * Licensed under the MIT License.
@@ -290,7 +290,7 @@
290
290
  const RESOURCE = "resource";
291
291
  const CLI_DATA = "clidata";
292
292
 
293
- /*! @azure/msal-common v16.4.0 2026-03-19 */
293
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
294
294
  /*
295
295
  * Copyright (c) Microsoft Corporation. All rights reserved.
296
296
  * Licensed under the MIT License.
@@ -321,7 +321,7 @@
321
321
  return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
322
322
  }
323
323
 
324
- /*! @azure/msal-common v16.4.0 2026-03-19 */
324
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
325
325
 
326
326
  /*
327
327
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -341,7 +341,7 @@
341
341
  return new ClientConfigurationError(errorCode);
342
342
  }
343
343
 
344
- /*! @azure/msal-common v16.4.0 2026-03-19 */
344
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
345
345
  /*
346
346
  * Copyright (c) Microsoft Corporation. All rights reserved.
347
347
  * Licensed under the MIT License.
@@ -421,7 +421,7 @@
421
421
  }
422
422
  }
423
423
 
424
- /*! @azure/msal-common v16.4.0 2026-03-19 */
424
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
425
425
 
426
426
  /*
427
427
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -444,7 +444,7 @@
444
444
  return new ClientAuthError(errorCode, additionalMessage);
445
445
  }
446
446
 
447
- /*! @azure/msal-common v16.4.0 2026-03-19 */
447
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
448
448
  /*
449
449
  * Copyright (c) Microsoft Corporation. All rights reserved.
450
450
  * Licensed under the MIT License.
@@ -498,7 +498,7 @@
498
498
  urlParseError: urlParseError
499
499
  });
500
500
 
501
- /*! @azure/msal-common v16.4.0 2026-03-19 */
501
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
502
502
  /*
503
503
  * Copyright (c) Microsoft Corporation. All rights reserved.
504
504
  * Licensed under the MIT License.
@@ -586,7 +586,7 @@
586
586
  userCanceled: userCanceled
587
587
  });
588
588
 
589
- /*! @azure/msal-common v16.4.0 2026-03-19 */
589
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
590
590
 
591
591
  /*
592
592
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -781,7 +781,7 @@
781
781
  }
782
782
  }
783
783
 
784
- /*! @azure/msal-common v16.4.0 2026-03-19 */
784
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
785
785
 
786
786
  /*
787
787
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1159,7 +1159,7 @@
1159
1159
  }
1160
1160
  }
1161
1161
 
1162
- /*! @azure/msal-common v16.4.0 2026-03-19 */
1162
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1163
1163
 
1164
1164
  /*
1165
1165
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1268,7 +1268,7 @@
1268
1268
  }
1269
1269
  }
1270
1270
 
1271
- /*! @azure/msal-common v16.4.0 2026-03-19 */
1271
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1272
1272
 
1273
1273
  /*
1274
1274
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1307,7 +1307,7 @@
1307
1307
  },
1308
1308
  };
1309
1309
 
1310
- /*! @azure/msal-common v16.4.0 2026-03-19 */
1310
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1311
1311
  /*
1312
1312
  * Copyright (c) Microsoft Corporation. All rights reserved.
1313
1313
  * Licensed under the MIT License.
@@ -1582,12 +1582,12 @@
1582
1582
  }
1583
1583
  }
1584
1584
 
1585
- /*! @azure/msal-common v16.4.0 2026-03-19 */
1585
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1586
1586
  /* eslint-disable header/header */
1587
1587
  const name$1 = "@azure/msal-common";
1588
- const version$1 = "16.4.0";
1588
+ const version$1 = "16.4.1";
1589
1589
 
1590
- /*! @azure/msal-common v16.4.0 2026-03-19 */
1590
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1591
1591
  /*
1592
1592
  * Copyright (c) Microsoft Corporation. All rights reserved.
1593
1593
  * Licensed under the MIT License.
@@ -1607,7 +1607,7 @@
1607
1607
  AzureUsGovernment: "https://login.microsoftonline.us",
1608
1608
  };
1609
1609
 
1610
- /*! @azure/msal-common v16.4.0 2026-03-19 */
1610
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1611
1611
  /*
1612
1612
  * Copyright (c) Microsoft Corporation. All rights reserved.
1613
1613
  * Licensed under the MIT License.
@@ -1689,7 +1689,7 @@
1689
1689
  return updatedAccountInfo;
1690
1690
  }
1691
1691
 
1692
- /*! @azure/msal-common v16.4.0 2026-03-19 */
1692
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1693
1693
 
1694
1694
  /*
1695
1695
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1769,7 +1769,7 @@
1769
1769
  }
1770
1770
  }
1771
1771
 
1772
- /*! @azure/msal-common v16.4.0 2026-03-19 */
1772
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1773
1773
 
1774
1774
  /*
1775
1775
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1926,7 +1926,7 @@
1926
1926
  }
1927
1927
  }
1928
1928
 
1929
- /*! @azure/msal-common v16.4.0 2026-03-19 */
1929
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1930
1930
 
1931
1931
  /*
1932
1932
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2083,7 +2083,7 @@
2083
2083
  return null;
2084
2084
  }
2085
2085
 
2086
- /*! @azure/msal-common v16.4.0 2026-03-19 */
2086
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2087
2087
  /*
2088
2088
  * Copyright (c) Microsoft Corporation. All rights reserved.
2089
2089
  * Licensed under the MIT License.
@@ -2091,7 +2091,7 @@
2091
2091
  const cacheQuotaExceeded = "cache_quota_exceeded";
2092
2092
  const cacheErrorUnknown = "cache_error_unknown";
2093
2093
 
2094
- /*! @azure/msal-common v16.4.0 2026-03-19 */
2094
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2095
2095
 
2096
2096
  /*
2097
2097
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2129,7 +2129,7 @@
2129
2129
  }
2130
2130
  }
2131
2131
 
2132
- /*! @azure/msal-common v16.4.0 2026-03-19 */
2132
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2133
2133
 
2134
2134
  /*
2135
2135
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2167,7 +2167,7 @@
2167
2167
  };
2168
2168
  }
2169
2169
 
2170
- /*! @azure/msal-common v16.4.0 2026-03-19 */
2170
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2171
2171
  /*
2172
2172
  * Copyright (c) Microsoft Corporation. All rights reserved.
2173
2173
  * Licensed under the MIT License.
@@ -2182,7 +2182,7 @@
2182
2182
  Ciam: 3,
2183
2183
  };
2184
2184
 
2185
- /*! @azure/msal-common v16.4.0 2026-03-19 */
2185
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2186
2186
  /*
2187
2187
  * Copyright (c) Microsoft Corporation. All rights reserved.
2188
2188
  * Licensed under the MIT License.
@@ -2204,7 +2204,7 @@
2204
2204
  return null;
2205
2205
  }
2206
2206
 
2207
- /*! @azure/msal-common v16.4.0 2026-03-19 */
2207
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2208
2208
  /*
2209
2209
  * Copyright (c) Microsoft Corporation. All rights reserved.
2210
2210
  * Licensed under the MIT License.
@@ -2228,7 +2228,7 @@
2228
2228
  EAR: "EAR",
2229
2229
  };
2230
2230
 
2231
- /*! @azure/msal-common v16.4.0 2026-03-19 */
2231
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2232
2232
  /**
2233
2233
  * Returns the AccountInfo interface for this account.
2234
2234
  */
@@ -2403,7 +2403,7 @@
2403
2403
  entity.hasOwnProperty("authorityType"));
2404
2404
  }
2405
2405
 
2406
- /*! @azure/msal-common v16.4.0 2026-03-19 */
2406
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2407
2407
 
2408
2408
  /*
2409
2409
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3505,7 +3505,7 @@
3505
3505
  }
3506
3506
  }
3507
3507
 
3508
- /*! @azure/msal-common v16.4.0 2026-03-19 */
3508
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3509
3509
  /*
3510
3510
  * Copyright (c) Microsoft Corporation. All rights reserved.
3511
3511
  * Licensed under the MIT License.
@@ -3550,12 +3550,13 @@
3550
3550
  "currRefreshCount",
3551
3551
  "expiredCacheRemovedCount",
3552
3552
  "upgradedCacheCount",
3553
+ "cacheMatchedAccounts",
3553
3554
  "networkRtt",
3554
3555
  "redirectBridgeTimeoutMs",
3555
3556
  "redirectBridgeMessageVersion",
3556
3557
  ]);
3557
3558
 
3558
- /*! @azure/msal-common v16.4.0 2026-03-19 */
3559
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3559
3560
 
3560
3561
  /*
3561
3562
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3610,7 +3611,7 @@
3610
3611
  }
3611
3612
  }
3612
3613
 
3613
- /*! @azure/msal-common v16.4.0 2026-03-19 */
3614
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3614
3615
 
3615
3616
  /*
3616
3617
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3705,291 +3706,358 @@
3705
3706
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3706
3707
  }
3707
3708
 
3708
- /*! @azure/msal-common v16.4.0 2026-03-19 */
3709
-
3709
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3710
3710
  /*
3711
3711
  * Copyright (c) Microsoft Corporation. All rights reserved.
3712
3712
  * Licensed under the MIT License.
3713
3713
  */
3714
3714
  /**
3715
- * Error thrown when there is an error with the server code, for example, unavailability.
3716
- */
3717
- class ServerError extends AuthError {
3718
- constructor(errorCode, errorMessage, subError, errorNo, status) {
3719
- super(errorCode, errorMessage, subError);
3720
- this.name = "ServerError";
3721
- this.errorNo = errorNo;
3722
- this.status = status;
3723
- Object.setPrototypeOf(this, ServerError.prototype);
3715
+ * This class instance helps track the memory changes facilitating
3716
+ * decisions to read from and write to the persistent cache
3717
+ */ class TokenCacheContext {
3718
+ constructor(tokenCache, hasChanged) {
3719
+ this.cache = tokenCache;
3720
+ this.hasChanged = hasChanged;
3721
+ }
3722
+ /**
3723
+ * boolean which indicates the changes in cache
3724
+ */
3725
+ get cacheHasChanged() {
3726
+ return this.hasChanged;
3727
+ }
3728
+ /**
3729
+ * function to retrieve the token cache
3730
+ */
3731
+ get tokenCache() {
3732
+ return this.cache;
3724
3733
  }
3725
3734
  }
3726
3735
 
3727
- /*! @azure/msal-common v16.4.0 2026-03-19 */
3736
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3728
3737
  /*
3729
3738
  * Copyright (c) Microsoft Corporation. All rights reserved.
3730
3739
  * Licensed under the MIT License.
3731
3740
  */
3732
3741
  /**
3733
- * MSAL-defined interaction required error code indicating no tokens are found in cache.
3734
- * @public
3735
- */
3736
- const noTokensFound = "no_tokens_found";
3737
- /**
3738
- * MSAL-defined error code indicating a native account is unavailable on the platform.
3739
- * @public
3740
- */
3741
- const nativeAccountUnavailable = "native_account_unavailable";
3742
- /**
3743
- * MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
3744
- * @public
3745
- */
3746
- const refreshTokenExpired = "refresh_token_expired";
3747
- /**
3748
- * MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
3749
- * @public
3750
- */
3751
- const uxNotAllowed = "ux_not_allowed";
3752
- /**
3753
- * Server-originated error code indicating interaction is required to complete the request.
3754
- * @public
3755
- */
3756
- const interactionRequired = "interaction_required";
3757
- /**
3758
- * Server-originated error code indicating user consent is required.
3759
- * @public
3760
- */
3761
- const consentRequired = "consent_required";
3762
- /**
3763
- * Server-originated error code indicating user login is required.
3764
- * @public
3742
+ * Utility functions for managing date and time operations.
3765
3743
  */
3766
- const loginRequired = "login_required";
3767
3744
  /**
3768
- * Server-originated error code indicating the token is invalid or corrupted.
3769
- * @public
3745
+ * return the current time in Unix time (seconds).
3770
3746
  */
3771
- const badToken = "bad_token";
3747
+ function nowSeconds() {
3748
+ // Date.getTime() returns in milliseconds.
3749
+ return Math.round(new Date().getTime() / 1000.0);
3750
+ }
3772
3751
  /**
3773
- * Server-originated error code indicating the user is in an interrupted state and interaction is required.
3774
- * @public
3775
- */
3776
- const interruptedUser = "interrupted_user";
3777
-
3778
- var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
3779
- __proto__: null,
3780
- badToken: badToken,
3781
- consentRequired: consentRequired,
3782
- interactionRequired: interactionRequired,
3783
- interruptedUser: interruptedUser,
3784
- loginRequired: loginRequired,
3785
- nativeAccountUnavailable: nativeAccountUnavailable,
3786
- noTokensFound: noTokensFound,
3787
- refreshTokenExpired: refreshTokenExpired,
3788
- uxNotAllowed: uxNotAllowed
3789
- });
3790
-
3791
- /*! @azure/msal-common v16.4.0 2026-03-19 */
3792
-
3793
- /*
3794
- * Copyright (c) Microsoft Corporation. All rights reserved.
3795
- * Licensed under the MIT License.
3752
+ * Converts JS Date object to seconds
3753
+ * @param date Date
3796
3754
  */
3755
+ function toSecondsFromDate(date) {
3756
+ // Convert date to seconds
3757
+ return date.getTime() / 1000;
3758
+ }
3797
3759
  /**
3798
- * InteractionRequiredServerErrorMessage contains string constants used by error codes and messages returned by the server indicating interaction is required
3760
+ * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
3761
+ * @param seconds
3799
3762
  */
3800
- const InteractionRequiredServerErrorMessage = [
3801
- interactionRequired,
3802
- consentRequired,
3803
- loginRequired,
3804
- badToken,
3805
- uxNotAllowed,
3806
- interruptedUser,
3807
- ];
3808
- const InteractionRequiredAuthSubErrorMessage = [
3809
- "message_only",
3810
- "additional_action",
3811
- "basic_action",
3812
- "user_password_expired",
3813
- "consent_required",
3814
- "bad_token",
3815
- "ux_not_allowed",
3816
- "interrupted_user",
3817
- ];
3763
+ function toDateFromSeconds(seconds) {
3764
+ if (seconds) {
3765
+ return new Date(Number(seconds) * 1000);
3766
+ }
3767
+ return new Date();
3768
+ }
3818
3769
  /**
3819
- * Error thrown when user interaction is required.
3770
+ * check if a token is expired based on given UTC time in seconds.
3771
+ * @param expiresOn
3820
3772
  */
3821
- class InteractionRequiredAuthError extends AuthError {
3822
- constructor(errorCode, errorMessage, subError, timestamp, traceId, correlationId, claims, errorNo) {
3823
- super(errorCode, errorMessage, subError);
3824
- Object.setPrototypeOf(this, InteractionRequiredAuthError.prototype);
3825
- this.timestamp = timestamp || "";
3826
- this.traceId = traceId || "";
3827
- this.correlationId = correlationId || "";
3828
- this.claims = claims || "";
3829
- this.name = "InteractionRequiredAuthError";
3830
- this.errorNo = errorNo;
3831
- }
3773
+ function isTokenExpired(expiresOn, offset) {
3774
+ // check for access token expiry
3775
+ const expirationSec = Number(expiresOn) || 0;
3776
+ const offsetCurrentTimeSec = nowSeconds() + offset;
3777
+ // If current time + offset is greater than token expiration time, then token is expired.
3778
+ return offsetCurrentTimeSec > expirationSec;
3832
3779
  }
3833
3780
  /**
3834
- * Helper function used to determine if an error thrown by the server requires interaction to resolve
3835
- * @param errorCode
3836
- * @param errorString
3837
- * @param subError
3781
+ * Checks if a cache entry is expired based on the last updated time and cache retention days.
3782
+ * @param lastUpdatedAt
3783
+ * @param cacheRetentionDays
3784
+ * @returns
3838
3785
  */
3839
- function isInteractionRequiredError(errorCode, errorString, subError) {
3840
- const isInteractionRequiredErrorCode = !!errorCode &&
3841
- InteractionRequiredServerErrorMessage.indexOf(errorCode) > -1;
3842
- const isInteractionRequiredSubError = !!subError &&
3843
- InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
3844
- const isInteractionRequiredErrorDesc = !!errorString &&
3845
- InteractionRequiredServerErrorMessage.some((irErrorCode) => {
3846
- return errorString.indexOf(irErrorCode) > -1;
3847
- });
3848
- return (isInteractionRequiredErrorCode ||
3849
- isInteractionRequiredErrorDesc ||
3850
- isInteractionRequiredSubError);
3786
+ function isCacheExpired(lastUpdatedAt, cacheRetentionDays) {
3787
+ const cacheExpirationTimestamp = Number(lastUpdatedAt) + cacheRetentionDays * 24 * 60 * 60 * 1000;
3788
+ return Date.now() > cacheExpirationTimestamp;
3851
3789
  }
3852
3790
  /**
3853
- * Creates an InteractionRequiredAuthError
3791
+ * If the current time is earlier than the time that a token was cached at, we must discard the token
3792
+ * i.e. The system clock was turned back after acquiring the cached token
3793
+ * @param cachedAt
3794
+ * @param offset
3854
3795
  */
3855
- function createInteractionRequiredAuthError(errorCode, errorMessage) {
3856
- return new InteractionRequiredAuthError(errorCode, errorMessage);
3796
+ function wasClockTurnedBack(cachedAt) {
3797
+ const cachedAtSec = Number(cachedAt);
3798
+ return cachedAtSec > nowSeconds();
3857
3799
  }
3858
3800
 
3859
- /*! @azure/msal-common v16.4.0 2026-03-19 */
3801
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3860
3802
 
3861
3803
  /*
3862
3804
  * Copyright (c) Microsoft Corporation. All rights reserved.
3863
3805
  * Licensed under the MIT License.
3864
3806
  */
3865
3807
  /**
3866
- * Appends user state with random guid, or returns random guid.
3867
- * @param cryptoObj
3868
- * @param userState
3869
- * @param meta
3808
+ * Create IdTokenEntity
3809
+ * @param homeAccountId
3810
+ * @param authenticationResult
3811
+ * @param clientId
3812
+ * @param authority
3870
3813
  */
3871
- function setRequestState(cryptoObj, userState, meta) {
3872
- const libraryState = generateLibraryState(cryptoObj, meta);
3873
- return userState
3874
- ? `${libraryState}${RESOURCE_DELIM}${userState}`
3875
- : libraryState;
3814
+ function createIdTokenEntity(homeAccountId, environment, idToken, clientId, tenantId) {
3815
+ const idTokenEntity = {
3816
+ credentialType: CredentialType.ID_TOKEN,
3817
+ homeAccountId: homeAccountId,
3818
+ environment: environment,
3819
+ clientId: clientId,
3820
+ secret: idToken,
3821
+ realm: tenantId,
3822
+ lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
3823
+ };
3824
+ return idTokenEntity;
3876
3825
  }
3877
3826
  /**
3878
- * Generates the state value used by the common library.
3879
- * @param cryptoObj
3880
- * @param meta
3827
+ * Create AccessTokenEntity
3828
+ * @param homeAccountId
3829
+ * @param environment
3830
+ * @param accessToken
3831
+ * @param clientId
3832
+ * @param tenantId
3833
+ * @param scopes
3834
+ * @param expiresOn
3835
+ * @param extExpiresOn
3881
3836
  */
3882
- function generateLibraryState(cryptoObj, meta) {
3883
- if (!cryptoObj) {
3884
- throw createClientAuthError(noCryptoObject);
3885
- }
3886
- // Create a state object containing a unique id and the timestamp of the request creation
3887
- const stateObj = {
3888
- id: cryptoObj.createNewGuid(),
3837
+ function createAccessTokenEntity(homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, base64Decode, refreshOn, tokenType, userAssertionHash, keyId) {
3838
+ const atEntity = {
3839
+ homeAccountId: homeAccountId,
3840
+ credentialType: CredentialType.ACCESS_TOKEN,
3841
+ secret: accessToken,
3842
+ cachedAt: nowSeconds().toString(),
3843
+ expiresOn: expiresOn.toString(),
3844
+ extendedExpiresOn: extExpiresOn.toString(),
3845
+ environment: environment,
3846
+ clientId: clientId,
3847
+ realm: tenantId,
3848
+ target: scopes,
3849
+ tokenType: tokenType || AuthenticationScheme$1.BEARER,
3850
+ lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
3889
3851
  };
3890
- if (meta) {
3891
- stateObj.meta = meta;
3852
+ if (userAssertionHash) {
3853
+ atEntity.userAssertionHash = userAssertionHash;
3892
3854
  }
3893
- const stateString = JSON.stringify(stateObj);
3894
- return cryptoObj.base64Encode(stateString);
3855
+ if (refreshOn) {
3856
+ atEntity.refreshOn = refreshOn.toString();
3857
+ }
3858
+ /*
3859
+ * Create Access Token With Auth Scheme instead of regular access token
3860
+ * Cast to lower to handle "bearer" from ADFS
3861
+ */
3862
+ if (atEntity.tokenType?.toLowerCase() !==
3863
+ AuthenticationScheme$1.BEARER.toLowerCase()) {
3864
+ atEntity.credentialType =
3865
+ CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
3866
+ switch (atEntity.tokenType) {
3867
+ case AuthenticationScheme$1.POP:
3868
+ // Make sure keyId is present and add it to credential
3869
+ const tokenClaims = extractTokenClaims(accessToken, base64Decode);
3870
+ if (!tokenClaims?.cnf?.kid) {
3871
+ throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
3872
+ }
3873
+ atEntity.keyId = tokenClaims.cnf.kid;
3874
+ break;
3875
+ case AuthenticationScheme$1.SSH:
3876
+ atEntity.keyId = keyId;
3877
+ }
3878
+ }
3879
+ return atEntity;
3895
3880
  }
3896
3881
  /**
3897
- * Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.
3898
- * @param base64Decode
3899
- * @param state
3882
+ * Create RefreshTokenEntity
3883
+ * @param homeAccountId
3884
+ * @param authenticationResult
3885
+ * @param clientId
3886
+ * @param authority
3900
3887
  */
3901
- function parseRequestState(base64Decode, state) {
3902
- if (!base64Decode) {
3903
- throw createClientAuthError(noCryptoObject);
3888
+ function createRefreshTokenEntity(homeAccountId, environment, refreshToken, clientId, familyId, userAssertionHash, expiresOn) {
3889
+ const rtEntity = {
3890
+ credentialType: CredentialType.REFRESH_TOKEN,
3891
+ homeAccountId: homeAccountId,
3892
+ environment: environment,
3893
+ clientId: clientId,
3894
+ secret: refreshToken,
3895
+ lastUpdatedAt: Date.now().toString(),
3896
+ };
3897
+ if (userAssertionHash) {
3898
+ rtEntity.userAssertionHash = userAssertionHash;
3904
3899
  }
3905
- if (!state) {
3906
- throw createClientAuthError(invalidState);
3900
+ if (familyId) {
3901
+ rtEntity.familyId = familyId;
3907
3902
  }
3908
- try {
3909
- // Split the state between library state and user passed state and decode them separately
3910
- const splitState = state.split(RESOURCE_DELIM);
3911
- const libraryState = splitState[0];
3912
- const userState = splitState.length > 1
3913
- ? splitState.slice(1).join(RESOURCE_DELIM)
3914
- : "";
3915
- const libraryStateString = base64Decode(libraryState);
3916
- const libraryStateObj = JSON.parse(libraryStateString);
3917
- return {
3918
- userRequestState: userState || "",
3919
- libraryState: libraryStateObj,
3920
- };
3903
+ if (expiresOn) {
3904
+ rtEntity.expiresOn = expiresOn.toString();
3921
3905
  }
3922
- catch (e) {
3923
- throw createClientAuthError(invalidState);
3906
+ return rtEntity;
3907
+ }
3908
+ function isCredentialEntity(entity) {
3909
+ return (entity.hasOwnProperty("homeAccountId") &&
3910
+ entity.hasOwnProperty("environment") &&
3911
+ entity.hasOwnProperty("credentialType") &&
3912
+ entity.hasOwnProperty("clientId") &&
3913
+ entity.hasOwnProperty("secret"));
3914
+ }
3915
+ /**
3916
+ * Validates an entity: checks for all expected params
3917
+ * @param entity
3918
+ */
3919
+ function isAccessTokenEntity(entity) {
3920
+ if (!entity) {
3921
+ return false;
3924
3922
  }
3925
- }
3926
-
3927
- /*! @azure/msal-common v16.4.0 2026-03-19 */
3928
- /*
3929
- * Copyright (c) Microsoft Corporation. All rights reserved.
3930
- * Licensed under the MIT License.
3923
+ return (isCredentialEntity(entity) &&
3924
+ entity.hasOwnProperty("realm") &&
3925
+ entity.hasOwnProperty("target") &&
3926
+ (entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
3927
+ entity["credentialType"] ===
3928
+ CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
3929
+ }
3930
+ /**
3931
+ * Validates an entity: checks for all expected params
3932
+ * @param entity
3931
3933
  */
3934
+ function isIdTokenEntity(entity) {
3935
+ if (!entity) {
3936
+ return false;
3937
+ }
3938
+ return (isCredentialEntity(entity) &&
3939
+ entity.hasOwnProperty("realm") &&
3940
+ entity["credentialType"] === CredentialType.ID_TOKEN);
3941
+ }
3932
3942
  /**
3933
- * Utility functions for managing date and time operations.
3943
+ * Validates an entity: checks for all expected params
3944
+ * @param entity
3934
3945
  */
3946
+ function isRefreshTokenEntity(entity) {
3947
+ if (!entity) {
3948
+ return false;
3949
+ }
3950
+ return (isCredentialEntity(entity) &&
3951
+ entity["credentialType"] === CredentialType.REFRESH_TOKEN);
3952
+ }
3935
3953
  /**
3936
- * return the current time in Unix time (seconds).
3954
+ * validates if a given cache entry is "Telemetry", parses <key,value>
3955
+ * @param key
3956
+ * @param entity
3937
3957
  */
3938
- function nowSeconds() {
3939
- // Date.getTime() returns in milliseconds.
3940
- return Math.round(new Date().getTime() / 1000.0);
3958
+ function isServerTelemetryEntity(key, entity) {
3959
+ const validateKey = key.indexOf(SERVER_TELEM_CACHE_KEY) === 0;
3960
+ let validateEntity = true;
3961
+ if (entity) {
3962
+ validateEntity =
3963
+ entity.hasOwnProperty("failedRequests") &&
3964
+ entity.hasOwnProperty("errors") &&
3965
+ entity.hasOwnProperty("cacheHits");
3966
+ }
3967
+ return validateKey && validateEntity;
3941
3968
  }
3942
3969
  /**
3943
- * Converts JS Date object to seconds
3944
- * @param date Date
3970
+ * validates if a given cache entry is "Throttling", parses <key,value>
3971
+ * @param key
3972
+ * @param entity
3945
3973
  */
3946
- function toSecondsFromDate(date) {
3947
- // Convert date to seconds
3948
- return date.getTime() / 1000;
3974
+ function isThrottlingEntity(key, entity) {
3975
+ let validateKey = false;
3976
+ if (key) {
3977
+ validateKey = key.indexOf(THROTTLING_PREFIX) === 0;
3978
+ }
3979
+ let validateEntity = true;
3980
+ if (entity) {
3981
+ validateEntity = entity.hasOwnProperty("throttleTime");
3982
+ }
3983
+ return validateKey && validateEntity;
3949
3984
  }
3950
3985
  /**
3951
- * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
3952
- * @param seconds
3986
+ * Generate AppMetadata Cache Key as per the schema: appmetadata-<environment>-<client_id>
3953
3987
  */
3954
- function toDateFromSeconds(seconds) {
3955
- if (seconds) {
3956
- return new Date(Number(seconds) * 1000);
3988
+ function generateAppMetadataKey({ environment, clientId, }) {
3989
+ const appMetaDataKeyArray = [
3990
+ APP_METADATA,
3991
+ environment,
3992
+ clientId,
3993
+ ];
3994
+ return appMetaDataKeyArray
3995
+ .join(CACHE_KEY_SEPARATOR$1)
3996
+ .toLowerCase();
3997
+ }
3998
+ /*
3999
+ * Validates an entity: checks for all expected params
4000
+ * @param entity
4001
+ */
4002
+ function isAppMetadataEntity(key, entity) {
4003
+ if (!entity) {
4004
+ return false;
3957
4005
  }
3958
- return new Date();
4006
+ return (key.indexOf(APP_METADATA) === 0 &&
4007
+ entity.hasOwnProperty("clientId") &&
4008
+ entity.hasOwnProperty("environment"));
3959
4009
  }
3960
4010
  /**
3961
- * check if a token is expired based on given UTC time in seconds.
3962
- * @param expiresOn
4011
+ * Validates an entity: checks for all expected params
4012
+ * @param entity
3963
4013
  */
3964
- function isTokenExpired(expiresOn, offset) {
3965
- // check for access token expiry
3966
- const expirationSec = Number(expiresOn) || 0;
3967
- const offsetCurrentTimeSec = nowSeconds() + offset;
3968
- // If current time + offset is greater than token expiration time, then token is expired.
3969
- return offsetCurrentTimeSec > expirationSec;
4014
+ function isAuthorityMetadataEntity(key, entity) {
4015
+ if (!entity) {
4016
+ return false;
4017
+ }
4018
+ return (key.indexOf(AUTHORITY_METADATA_CACHE_KEY) === 0 &&
4019
+ entity.hasOwnProperty("aliases") &&
4020
+ entity.hasOwnProperty("preferred_cache") &&
4021
+ entity.hasOwnProperty("preferred_network") &&
4022
+ entity.hasOwnProperty("canonical_authority") &&
4023
+ entity.hasOwnProperty("authorization_endpoint") &&
4024
+ entity.hasOwnProperty("token_endpoint") &&
4025
+ entity.hasOwnProperty("issuer") &&
4026
+ entity.hasOwnProperty("aliasesFromNetwork") &&
4027
+ entity.hasOwnProperty("endpointsFromNetwork") &&
4028
+ entity.hasOwnProperty("expiresAt") &&
4029
+ entity.hasOwnProperty("jwks_uri"));
3970
4030
  }
3971
4031
  /**
3972
- * Checks if a cache entry is expired based on the last updated time and cache retention days.
3973
- * @param lastUpdatedAt
3974
- * @param cacheRetentionDays
3975
- * @returns
4032
+ * Reset the exiresAt value
3976
4033
  */
3977
- function isCacheExpired(lastUpdatedAt, cacheRetentionDays) {
3978
- const cacheExpirationTimestamp = Number(lastUpdatedAt) + cacheRetentionDays * 24 * 60 * 60 * 1000;
3979
- return Date.now() > cacheExpirationTimestamp;
4034
+ function generateAuthorityMetadataExpiresAt() {
4035
+ return (nowSeconds() +
4036
+ AUTHORITY_METADATA_REFRESH_TIME_SECONDS);
4037
+ }
4038
+ function updateAuthorityEndpointMetadata(authorityMetadata, updatedValues, fromNetwork) {
4039
+ authorityMetadata.authorization_endpoint =
4040
+ updatedValues.authorization_endpoint;
4041
+ authorityMetadata.token_endpoint = updatedValues.token_endpoint;
4042
+ authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
4043
+ authorityMetadata.issuer = updatedValues.issuer;
4044
+ authorityMetadata.endpointsFromNetwork = fromNetwork;
4045
+ authorityMetadata.jwks_uri = updatedValues.jwks_uri;
4046
+ }
4047
+ function updateCloudDiscoveryMetadata(authorityMetadata, updatedValues, fromNetwork) {
4048
+ authorityMetadata.aliases = updatedValues.aliases;
4049
+ authorityMetadata.preferred_cache = updatedValues.preferred_cache;
4050
+ authorityMetadata.preferred_network = updatedValues.preferred_network;
4051
+ authorityMetadata.aliasesFromNetwork = fromNetwork;
3980
4052
  }
3981
4053
  /**
3982
- * If the current time is earlier than the time that a token was cached at, we must discard the token
3983
- * i.e. The system clock was turned back after acquiring the cached token
3984
- * @param cachedAt
3985
- * @param offset
4054
+ * Returns whether or not the data needs to be refreshed
3986
4055
  */
3987
- function wasClockTurnedBack(cachedAt) {
3988
- const cachedAtSec = Number(cachedAt);
3989
- return cachedAtSec > nowSeconds();
4056
+ function isAuthorityMetadataExpired(metadata) {
4057
+ return metadata.expiresAt <= nowSeconds();
3990
4058
  }
3991
4059
 
3992
- /*! @azure/msal-common v16.4.0 2026-03-19 */
4060
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3993
4061
  /*
3994
4062
  * Copyright (c) Microsoft Corporation. All rights reserved.
3995
4063
  * Licensed under the MIT License.
@@ -4060,7 +4128,7 @@
4060
4128
  const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
4061
4129
  const SetUserData = "setUserData";
4062
4130
 
4063
- /*! @azure/msal-common v16.4.0 2026-03-19 */
4131
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4064
4132
  /*
4065
4133
  * Copyright (c) Microsoft Corporation. All rights reserved.
4066
4134
  * Licensed under the MIT License.
@@ -4153,7 +4221,7 @@
4153
4221
  };
4154
4222
  };
4155
4223
 
4156
- /*! @azure/msal-common v16.4.0 2026-03-19 */
4224
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4157
4225
 
4158
4226
  /*
4159
4227
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4233,293 +4301,226 @@
4233
4301
  }
4234
4302
  }
4235
4303
 
4236
- /*! @azure/msal-common v16.4.0 2026-03-19 */
4304
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4237
4305
  /*
4238
4306
  * Copyright (c) Microsoft Corporation. All rights reserved.
4239
4307
  * Licensed under the MIT License.
4240
4308
  */
4241
4309
  /**
4242
- * This class instance helps track the memory changes facilitating
4243
- * decisions to read from and write to the persistent cache
4244
- */ class TokenCacheContext {
4245
- constructor(tokenCache, hasChanged) {
4246
- this.cache = tokenCache;
4247
- this.hasChanged = hasChanged;
4248
- }
4249
- /**
4250
- * boolean which indicates the changes in cache
4251
- */
4252
- get cacheHasChanged() {
4253
- return this.hasChanged;
4254
- }
4255
- /**
4256
- * function to retrieve the token cache
4257
- */
4258
- get tokenCache() {
4259
- return this.cache;
4260
- }
4261
- }
4262
-
4263
- /*! @azure/msal-common v16.4.0 2026-03-19 */
4264
-
4265
- /*
4266
- * Copyright (c) Microsoft Corporation. All rights reserved.
4267
- * Licensed under the MIT License.
4310
+ * MSAL-defined interaction required error code indicating no tokens are found in cache.
4311
+ * @public
4268
4312
  */
4313
+ const noTokensFound = "no_tokens_found";
4269
4314
  /**
4270
- * Create IdTokenEntity
4271
- * @param homeAccountId
4272
- * @param authenticationResult
4273
- * @param clientId
4274
- * @param authority
4315
+ * MSAL-defined error code indicating a native account is unavailable on the platform.
4316
+ * @public
4275
4317
  */
4276
- function createIdTokenEntity(homeAccountId, environment, idToken, clientId, tenantId) {
4277
- const idTokenEntity = {
4278
- credentialType: CredentialType.ID_TOKEN,
4279
- homeAccountId: homeAccountId,
4280
- environment: environment,
4281
- clientId: clientId,
4282
- secret: idToken,
4283
- realm: tenantId,
4284
- lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
4285
- };
4286
- return idTokenEntity;
4287
- }
4318
+ const nativeAccountUnavailable = "native_account_unavailable";
4288
4319
  /**
4289
- * Create AccessTokenEntity
4290
- * @param homeAccountId
4291
- * @param environment
4292
- * @param accessToken
4293
- * @param clientId
4294
- * @param tenantId
4295
- * @param scopes
4296
- * @param expiresOn
4297
- * @param extExpiresOn
4320
+ * MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
4321
+ * @public
4298
4322
  */
4299
- function createAccessTokenEntity(homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, base64Decode, refreshOn, tokenType, userAssertionHash, keyId) {
4300
- const atEntity = {
4301
- homeAccountId: homeAccountId,
4302
- credentialType: CredentialType.ACCESS_TOKEN,
4303
- secret: accessToken,
4304
- cachedAt: nowSeconds().toString(),
4305
- expiresOn: expiresOn.toString(),
4306
- extendedExpiresOn: extExpiresOn.toString(),
4307
- environment: environment,
4308
- clientId: clientId,
4309
- realm: tenantId,
4310
- target: scopes,
4311
- tokenType: tokenType || AuthenticationScheme$1.BEARER,
4312
- lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
4313
- };
4314
- if (userAssertionHash) {
4315
- atEntity.userAssertionHash = userAssertionHash;
4316
- }
4317
- if (refreshOn) {
4318
- atEntity.refreshOn = refreshOn.toString();
4319
- }
4320
- /*
4321
- * Create Access Token With Auth Scheme instead of regular access token
4322
- * Cast to lower to handle "bearer" from ADFS
4323
- */
4324
- if (atEntity.tokenType?.toLowerCase() !==
4325
- AuthenticationScheme$1.BEARER.toLowerCase()) {
4326
- atEntity.credentialType =
4327
- CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
4328
- switch (atEntity.tokenType) {
4329
- case AuthenticationScheme$1.POP:
4330
- // Make sure keyId is present and add it to credential
4331
- const tokenClaims = extractTokenClaims(accessToken, base64Decode);
4332
- if (!tokenClaims?.cnf?.kid) {
4333
- throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
4334
- }
4335
- atEntity.keyId = tokenClaims.cnf.kid;
4336
- break;
4337
- case AuthenticationScheme$1.SSH:
4338
- atEntity.keyId = keyId;
4339
- }
4340
- }
4341
- return atEntity;
4342
- }
4323
+ const refreshTokenExpired = "refresh_token_expired";
4343
4324
  /**
4344
- * Create RefreshTokenEntity
4345
- * @param homeAccountId
4346
- * @param authenticationResult
4347
- * @param clientId
4348
- * @param authority
4325
+ * MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
4326
+ * @public
4349
4327
  */
4350
- function createRefreshTokenEntity(homeAccountId, environment, refreshToken, clientId, familyId, userAssertionHash, expiresOn) {
4351
- const rtEntity = {
4352
- credentialType: CredentialType.REFRESH_TOKEN,
4353
- homeAccountId: homeAccountId,
4354
- environment: environment,
4355
- clientId: clientId,
4356
- secret: refreshToken,
4357
- lastUpdatedAt: Date.now().toString(),
4358
- };
4359
- if (userAssertionHash) {
4360
- rtEntity.userAssertionHash = userAssertionHash;
4361
- }
4362
- if (familyId) {
4363
- rtEntity.familyId = familyId;
4364
- }
4365
- if (expiresOn) {
4366
- rtEntity.expiresOn = expiresOn.toString();
4367
- }
4368
- return rtEntity;
4369
- }
4370
- function isCredentialEntity(entity) {
4371
- return (entity.hasOwnProperty("homeAccountId") &&
4372
- entity.hasOwnProperty("environment") &&
4373
- entity.hasOwnProperty("credentialType") &&
4374
- entity.hasOwnProperty("clientId") &&
4375
- entity.hasOwnProperty("secret"));
4376
- }
4328
+ const uxNotAllowed = "ux_not_allowed";
4377
4329
  /**
4378
- * Validates an entity: checks for all expected params
4379
- * @param entity
4330
+ * Server-originated error code indicating interaction is required to complete the request.
4331
+ * @public
4380
4332
  */
4381
- function isAccessTokenEntity(entity) {
4382
- if (!entity) {
4383
- return false;
4384
- }
4385
- return (isCredentialEntity(entity) &&
4386
- entity.hasOwnProperty("realm") &&
4387
- entity.hasOwnProperty("target") &&
4388
- (entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
4389
- entity["credentialType"] ===
4390
- CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
4391
- }
4333
+ const interactionRequired = "interaction_required";
4392
4334
  /**
4393
- * Validates an entity: checks for all expected params
4394
- * @param entity
4335
+ * Server-originated error code indicating user consent is required.
4336
+ * @public
4337
+ */
4338
+ const consentRequired = "consent_required";
4339
+ /**
4340
+ * Server-originated error code indicating user login is required.
4341
+ * @public
4342
+ */
4343
+ const loginRequired = "login_required";
4344
+ /**
4345
+ * Server-originated error code indicating the token is invalid or corrupted.
4346
+ * @public
4347
+ */
4348
+ const badToken = "bad_token";
4349
+ /**
4350
+ * Server-originated error code indicating the user is in an interrupted state and interaction is required.
4351
+ * @public
4352
+ */
4353
+ const interruptedUser = "interrupted_user";
4354
+
4355
+ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
4356
+ __proto__: null,
4357
+ badToken: badToken,
4358
+ consentRequired: consentRequired,
4359
+ interactionRequired: interactionRequired,
4360
+ interruptedUser: interruptedUser,
4361
+ loginRequired: loginRequired,
4362
+ nativeAccountUnavailable: nativeAccountUnavailable,
4363
+ noTokensFound: noTokensFound,
4364
+ refreshTokenExpired: refreshTokenExpired,
4365
+ uxNotAllowed: uxNotAllowed
4366
+ });
4367
+
4368
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4369
+
4370
+ /*
4371
+ * Copyright (c) Microsoft Corporation. All rights reserved.
4372
+ * Licensed under the MIT License.
4395
4373
  */
4396
- function isIdTokenEntity(entity) {
4397
- if (!entity) {
4398
- return false;
4399
- }
4400
- return (isCredentialEntity(entity) &&
4401
- entity.hasOwnProperty("realm") &&
4402
- entity["credentialType"] === CredentialType.ID_TOKEN);
4403
- }
4404
4374
  /**
4405
- * Validates an entity: checks for all expected params
4406
- * @param entity
4375
+ * InteractionRequiredServerErrorMessage contains string constants used by error codes and messages returned by the server indicating interaction is required
4407
4376
  */
4408
- function isRefreshTokenEntity(entity) {
4409
- if (!entity) {
4410
- return false;
4411
- }
4412
- return (isCredentialEntity(entity) &&
4413
- entity["credentialType"] === CredentialType.REFRESH_TOKEN);
4414
- }
4377
+ const InteractionRequiredServerErrorMessage = [
4378
+ interactionRequired,
4379
+ consentRequired,
4380
+ loginRequired,
4381
+ badToken,
4382
+ uxNotAllowed,
4383
+ interruptedUser,
4384
+ ];
4385
+ const InteractionRequiredAuthSubErrorMessage = [
4386
+ "message_only",
4387
+ "additional_action",
4388
+ "basic_action",
4389
+ "user_password_expired",
4390
+ "consent_required",
4391
+ "bad_token",
4392
+ "ux_not_allowed",
4393
+ "interrupted_user",
4394
+ ];
4415
4395
  /**
4416
- * validates if a given cache entry is "Telemetry", parses <key,value>
4417
- * @param key
4418
- * @param entity
4396
+ * Error thrown when user interaction is required.
4419
4397
  */
4420
- function isServerTelemetryEntity(key, entity) {
4421
- const validateKey = key.indexOf(SERVER_TELEM_CACHE_KEY) === 0;
4422
- let validateEntity = true;
4423
- if (entity) {
4424
- validateEntity =
4425
- entity.hasOwnProperty("failedRequests") &&
4426
- entity.hasOwnProperty("errors") &&
4427
- entity.hasOwnProperty("cacheHits");
4398
+ class InteractionRequiredAuthError extends AuthError {
4399
+ constructor(errorCode, errorMessage, subError, timestamp, traceId, correlationId, claims, errorNo) {
4400
+ super(errorCode, errorMessage, subError);
4401
+ Object.setPrototypeOf(this, InteractionRequiredAuthError.prototype);
4402
+ this.timestamp = timestamp || "";
4403
+ this.traceId = traceId || "";
4404
+ this.correlationId = correlationId || "";
4405
+ this.claims = claims || "";
4406
+ this.name = "InteractionRequiredAuthError";
4407
+ this.errorNo = errorNo;
4428
4408
  }
4429
- return validateKey && validateEntity;
4430
4409
  }
4431
4410
  /**
4432
- * validates if a given cache entry is "Throttling", parses <key,value>
4433
- * @param key
4434
- * @param entity
4411
+ * Helper function used to determine if an error thrown by the server requires interaction to resolve
4412
+ * @param errorCode
4413
+ * @param errorString
4414
+ * @param subError
4435
4415
  */
4436
- function isThrottlingEntity(key, entity) {
4437
- let validateKey = false;
4438
- if (key) {
4439
- validateKey = key.indexOf(THROTTLING_PREFIX) === 0;
4440
- }
4441
- let validateEntity = true;
4442
- if (entity) {
4443
- validateEntity = entity.hasOwnProperty("throttleTime");
4444
- }
4445
- return validateKey && validateEntity;
4416
+ function isInteractionRequiredError(errorCode, errorString, subError) {
4417
+ const isInteractionRequiredErrorCode = !!errorCode &&
4418
+ InteractionRequiredServerErrorMessage.indexOf(errorCode) > -1;
4419
+ const isInteractionRequiredSubError = !!subError &&
4420
+ InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
4421
+ const isInteractionRequiredErrorDesc = !!errorString &&
4422
+ InteractionRequiredServerErrorMessage.some((irErrorCode) => {
4423
+ return errorString.indexOf(irErrorCode) > -1;
4424
+ });
4425
+ return (isInteractionRequiredErrorCode ||
4426
+ isInteractionRequiredErrorDesc ||
4427
+ isInteractionRequiredSubError);
4446
4428
  }
4447
4429
  /**
4448
- * Generate AppMetadata Cache Key as per the schema: appmetadata-<environment>-<client_id>
4430
+ * Creates an InteractionRequiredAuthError
4449
4431
  */
4450
- function generateAppMetadataKey({ environment, clientId, }) {
4451
- const appMetaDataKeyArray = [
4452
- APP_METADATA,
4453
- environment,
4454
- clientId,
4455
- ];
4456
- return appMetaDataKeyArray
4457
- .join(CACHE_KEY_SEPARATOR$1)
4458
- .toLowerCase();
4459
- }
4432
+ function createInteractionRequiredAuthError(errorCode, errorMessage) {
4433
+ return new InteractionRequiredAuthError(errorCode, errorMessage);
4434
+ }
4435
+
4436
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4437
+
4460
4438
  /*
4461
- * Validates an entity: checks for all expected params
4462
- * @param entity
4439
+ * Copyright (c) Microsoft Corporation. All rights reserved.
4440
+ * Licensed under the MIT License.
4463
4441
  */
4464
- function isAppMetadataEntity(key, entity) {
4465
- if (!entity) {
4466
- return false;
4467
- }
4468
- return (key.indexOf(APP_METADATA) === 0 &&
4469
- entity.hasOwnProperty("clientId") &&
4470
- entity.hasOwnProperty("environment"));
4471
- }
4472
4442
  /**
4473
- * Validates an entity: checks for all expected params
4474
- * @param entity
4443
+ * Error thrown when there is an error with the server code, for example, unavailability.
4475
4444
  */
4476
- function isAuthorityMetadataEntity(key, entity) {
4477
- if (!entity) {
4478
- return false;
4445
+ class ServerError extends AuthError {
4446
+ constructor(errorCode, errorMessage, subError, errorNo, status) {
4447
+ super(errorCode, errorMessage, subError);
4448
+ this.name = "ServerError";
4449
+ this.errorNo = errorNo;
4450
+ this.status = status;
4451
+ Object.setPrototypeOf(this, ServerError.prototype);
4479
4452
  }
4480
- return (key.indexOf(AUTHORITY_METADATA_CACHE_KEY) === 0 &&
4481
- entity.hasOwnProperty("aliases") &&
4482
- entity.hasOwnProperty("preferred_cache") &&
4483
- entity.hasOwnProperty("preferred_network") &&
4484
- entity.hasOwnProperty("canonical_authority") &&
4485
- entity.hasOwnProperty("authorization_endpoint") &&
4486
- entity.hasOwnProperty("token_endpoint") &&
4487
- entity.hasOwnProperty("issuer") &&
4488
- entity.hasOwnProperty("aliasesFromNetwork") &&
4489
- entity.hasOwnProperty("endpointsFromNetwork") &&
4490
- entity.hasOwnProperty("expiresAt") &&
4491
- entity.hasOwnProperty("jwks_uri"));
4492
- }
4453
+ }
4454
+
4455
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4456
+
4457
+ /*
4458
+ * Copyright (c) Microsoft Corporation. All rights reserved.
4459
+ * Licensed under the MIT License.
4460
+ */
4493
4461
  /**
4494
- * Reset the exiresAt value
4462
+ * Appends user state with random guid, or returns random guid.
4463
+ * @param cryptoObj
4464
+ * @param userState
4465
+ * @param meta
4495
4466
  */
4496
- function generateAuthorityMetadataExpiresAt() {
4497
- return (nowSeconds() +
4498
- AUTHORITY_METADATA_REFRESH_TIME_SECONDS);
4499
- }
4500
- function updateAuthorityEndpointMetadata(authorityMetadata, updatedValues, fromNetwork) {
4501
- authorityMetadata.authorization_endpoint =
4502
- updatedValues.authorization_endpoint;
4503
- authorityMetadata.token_endpoint = updatedValues.token_endpoint;
4504
- authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
4505
- authorityMetadata.issuer = updatedValues.issuer;
4506
- authorityMetadata.endpointsFromNetwork = fromNetwork;
4507
- authorityMetadata.jwks_uri = updatedValues.jwks_uri;
4467
+ function setRequestState(cryptoObj, userState, meta) {
4468
+ const libraryState = generateLibraryState(cryptoObj, meta);
4469
+ return userState
4470
+ ? `${libraryState}${RESOURCE_DELIM}${userState}`
4471
+ : libraryState;
4508
4472
  }
4509
- function updateCloudDiscoveryMetadata(authorityMetadata, updatedValues, fromNetwork) {
4510
- authorityMetadata.aliases = updatedValues.aliases;
4511
- authorityMetadata.preferred_cache = updatedValues.preferred_cache;
4512
- authorityMetadata.preferred_network = updatedValues.preferred_network;
4513
- authorityMetadata.aliasesFromNetwork = fromNetwork;
4473
+ /**
4474
+ * Generates the state value used by the common library.
4475
+ * @param cryptoObj
4476
+ * @param meta
4477
+ */
4478
+ function generateLibraryState(cryptoObj, meta) {
4479
+ if (!cryptoObj) {
4480
+ throw createClientAuthError(noCryptoObject);
4481
+ }
4482
+ // Create a state object containing a unique id and the timestamp of the request creation
4483
+ const stateObj = {
4484
+ id: cryptoObj.createNewGuid(),
4485
+ };
4486
+ if (meta) {
4487
+ stateObj.meta = meta;
4488
+ }
4489
+ const stateString = JSON.stringify(stateObj);
4490
+ return cryptoObj.base64Encode(stateString);
4514
4491
  }
4515
4492
  /**
4516
- * Returns whether or not the data needs to be refreshed
4493
+ * Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.
4494
+ * @param base64Decode
4495
+ * @param state
4517
4496
  */
4518
- function isAuthorityMetadataExpired(metadata) {
4519
- return metadata.expiresAt <= nowSeconds();
4497
+ function parseRequestState(base64Decode, state) {
4498
+ if (!base64Decode) {
4499
+ throw createClientAuthError(noCryptoObject);
4500
+ }
4501
+ if (!state) {
4502
+ throw createClientAuthError(invalidState);
4503
+ }
4504
+ try {
4505
+ // Split the state between library state and user passed state and decode them separately
4506
+ const splitState = state.split(RESOURCE_DELIM);
4507
+ const libraryState = splitState[0];
4508
+ const userState = splitState.length > 1
4509
+ ? splitState.slice(1).join(RESOURCE_DELIM)
4510
+ : "";
4511
+ const libraryStateString = base64Decode(libraryState);
4512
+ const libraryStateObj = JSON.parse(libraryStateString);
4513
+ return {
4514
+ userRequestState: userState || "",
4515
+ libraryState: libraryStateObj,
4516
+ };
4517
+ }
4518
+ catch (e) {
4519
+ throw createClientAuthError(invalidState);
4520
+ }
4520
4521
  }
4521
4522
 
4522
- /*! @azure/msal-common v16.4.0 2026-03-19 */
4523
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4523
4524
 
4524
4525
  /*
4525
4526
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4675,7 +4676,7 @@
4675
4676
  if (serverTokenResponse.id_token && !!idTokenClaims) {
4676
4677
  cachedIdToken = createIdTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.id_token, this.clientId, claimsTenantId || "");
4677
4678
  cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, request.correlationId, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
4678
- this.logger);
4679
+ this.logger, this.performanceClient);
4679
4680
  }
4680
4681
  // AccessToken
4681
4682
  let cachedAccessToken = null;
@@ -4826,17 +4827,24 @@
4826
4827
  };
4827
4828
  }
4828
4829
  }
4829
- function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
4830
+ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger, performanceClient) {
4830
4831
  logger?.verbose("09jz0t", correlationId);
4831
- // Check if base account is already cached
4832
- const accountKeys = cacheStorage.getAccountKeys();
4833
- const baseAccountKey = accountKeys.find((accountKey) => {
4834
- return accountKey.startsWith(homeAccountId);
4835
- });
4836
- let cachedAccount = null;
4837
- if (baseAccountKey) {
4838
- cachedAccount = cacheStorage.getAccount(baseAccountKey, correlationId);
4832
+ /*
4833
+ * Check if base account is already cached. Filter by homeAccountId (identifies
4834
+ * the user's home identity) and environment (identifies the cloud) the two
4835
+ * tenant-agnostic properties that uniquely locate a base AccountEntity.
4836
+ */
4837
+ const accountEnvironment = environment || authority.getPreferredCache();
4838
+ const matchedAccounts = cacheStorage.getAccountsFilteredBy({ homeAccountId, environment: accountEnvironment }, correlationId);
4839
+ performanceClient?.addFields({ cacheMatchedAccounts: matchedAccounts.length }, correlationId);
4840
+ if (matchedAccounts.length > 1) {
4841
+ /*
4842
+ * Base accounts are expected to be unique for a given homeAccountId in normal cache usage.
4843
+ * If multiple matches exist, ignore the cache hit rather than arbitrarily choosing one.
4844
+ */
4845
+ logger?.warning("0x7ad1", correlationId);
4839
4846
  }
4847
+ const cachedAccount = matchedAccounts.length === 1 ? matchedAccounts[0] : null;
4840
4848
  const baseAccount = cachedAccount ||
4841
4849
  createAccountEntity({
4842
4850
  homeAccountId,
@@ -4860,7 +4868,7 @@
4860
4868
  return baseAccount;
4861
4869
  }
4862
4870
 
4863
- /*! @azure/msal-common v16.4.0 2026-03-19 */
4871
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4864
4872
  /*
4865
4873
  * Copyright (c) Microsoft Corporation. All rights reserved.
4866
4874
  * Licensed under the MIT License.
@@ -4870,7 +4878,7 @@
4870
4878
  UPN: "UPN",
4871
4879
  };
4872
4880
 
4873
- /*! @azure/msal-common v16.4.0 2026-03-19 */
4881
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4874
4882
  /*
4875
4883
  * Copyright (c) Microsoft Corporation. All rights reserved.
4876
4884
  * Licensed under the MIT License.
@@ -4888,7 +4896,7 @@
4888
4896
  }
4889
4897
  }
4890
4898
 
4891
- /*! @azure/msal-common v16.4.0 2026-03-19 */
4899
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4892
4900
  /*
4893
4901
  * Copyright (c) Microsoft Corporation. All rights reserved.
4894
4902
  * Licensed under the MIT License.
@@ -4909,7 +4917,7 @@
4909
4917
  };
4910
4918
  }
4911
4919
 
4912
- /*! @azure/msal-common v16.4.0 2026-03-19 */
4920
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4913
4921
 
4914
4922
  /*
4915
4923
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4995,7 +5003,7 @@
4995
5003
  }
4996
5004
  }
4997
5005
 
4998
- /*! @azure/msal-common v16.4.0 2026-03-19 */
5006
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4999
5007
 
5000
5008
  /*
5001
5009
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5026,7 +5034,7 @@
5026
5034
  return new NetworkError(error, httpStatus, responseHeaders);
5027
5035
  }
5028
5036
 
5029
- /*! @azure/msal-common v16.4.0 2026-03-19 */
5037
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
5030
5038
 
5031
5039
  /*
5032
5040
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5140,7 +5148,7 @@
5140
5148
  return response;
5141
5149
  }
5142
5150
 
5143
- /*! @azure/msal-common v16.4.0 2026-03-19 */
5151
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
5144
5152
  /*
5145
5153
  * Copyright (c) Microsoft Corporation. All rights reserved.
5146
5154
  * Licensed under the MIT License.
@@ -5152,7 +5160,7 @@
5152
5160
  response.hasOwnProperty("jwks_uri"));
5153
5161
  }
5154
5162
 
5155
- /*! @azure/msal-common v16.4.0 2026-03-19 */
5163
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
5156
5164
  /*
5157
5165
  * Copyright (c) Microsoft Corporation. All rights reserved.
5158
5166
  * Licensed under the MIT License.
@@ -5162,7 +5170,7 @@
5162
5170
  response.hasOwnProperty("metadata"));
5163
5171
  }
5164
5172
 
5165
- /*! @azure/msal-common v16.4.0 2026-03-19 */
5173
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
5166
5174
  /*
5167
5175
  * Copyright (c) Microsoft Corporation. All rights reserved.
5168
5176
  * Licensed under the MIT License.
@@ -5172,7 +5180,7 @@
5172
5180
  response.hasOwnProperty("error_description"));
5173
5181
  }
5174
5182
 
5175
- /*! @azure/msal-common v16.4.0 2026-03-19 */
5183
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
5176
5184
 
5177
5185
  /*
5178
5186
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5277,7 +5285,7 @@
5277
5285
  },
5278
5286
  };
5279
5287
 
5280
- /*! @azure/msal-common v16.4.0 2026-03-19 */
5288
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
5281
5289
 
5282
5290
  /*
5283
5291
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6097,7 +6105,7 @@
6097
6105
  };
6098
6106
  }
6099
6107
 
6100
- /*! @azure/msal-common v16.4.0 2026-03-19 */
6108
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6101
6109
 
6102
6110
  /*
6103
6111
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6131,7 +6139,7 @@
6131
6139
  }
6132
6140
  }
6133
6141
 
6134
- /*! @azure/msal-common v16.4.0 2026-03-19 */
6142
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6135
6143
 
6136
6144
  /*
6137
6145
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6392,7 +6400,7 @@
6392
6400
  }
6393
6401
  }
6394
6402
 
6395
- /*! @azure/msal-common v16.4.0 2026-03-19 */
6403
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6396
6404
 
6397
6405
  /*
6398
6406
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6617,7 +6625,7 @@
6617
6625
  }
6618
6626
  }
6619
6627
 
6620
- /*! @azure/msal-common v16.4.0 2026-03-19 */
6628
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6621
6629
 
6622
6630
  /*
6623
6631
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6733,7 +6741,7 @@
6733
6741
  }
6734
6742
  }
6735
6743
 
6736
- /*! @azure/msal-common v16.4.0 2026-03-19 */
6744
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6737
6745
 
6738
6746
  /*
6739
6747
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6748,7 +6756,7 @@
6748
6756
  },
6749
6757
  };
6750
6758
 
6751
- /*! @azure/msal-common v16.4.0 2026-03-19 */
6759
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6752
6760
 
6753
6761
  /*
6754
6762
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6975,7 +6983,7 @@
6975
6983
  return account.loginHint || account.idTokenClaims?.login_hint || null;
6976
6984
  }
6977
6985
 
6978
- /*! @azure/msal-common v16.4.0 2026-03-19 */
6986
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6979
6987
 
6980
6988
  /*
6981
6989
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7008,7 +7016,7 @@
7008
7016
  return Object.prototype.hasOwnProperty.call(params, "resource");
7009
7017
  }
7010
7018
 
7011
- /*! @azure/msal-common v16.4.0 2026-03-19 */
7019
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
7012
7020
 
7013
7021
  /*
7014
7022
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7066,7 +7074,7 @@
7066
7074
  }
7067
7075
  }
7068
7076
 
7069
- /*! @azure/msal-common v16.4.0 2026-03-19 */
7077
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
7070
7078
  /*
7071
7079
  * Copyright (c) Microsoft Corporation. All rights reserved.
7072
7080
  * Licensed under the MIT License.
@@ -7083,7 +7091,7 @@
7083
7091
  unexpectedError: unexpectedError
7084
7092
  });
7085
7093
 
7086
- /*! @azure/msal-common v16.4.0 2026-03-19 */
7094
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
7087
7095
 
7088
7096
  /*
7089
7097
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7344,7 +7352,7 @@
7344
7352
  }
7345
7353
  }
7346
7354
 
7347
- /*! @azure/msal-common v16.4.0 2026-03-19 */
7355
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
7348
7356
 
7349
7357
  /*
7350
7358
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7365,7 +7373,7 @@
7365
7373
  return new JoseHeaderError(code);
7366
7374
  }
7367
7375
 
7368
- /*! @azure/msal-common v16.4.0 2026-03-19 */
7376
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
7369
7377
  /*
7370
7378
  * Copyright (c) Microsoft Corporation. All rights reserved.
7371
7379
  * Licensed under the MIT License.
@@ -7373,7 +7381,7 @@
7373
7381
  const missingKidError = "missing_kid_error";
7374
7382
  const missingAlgError = "missing_alg_error";
7375
7383
 
7376
- /*! @azure/msal-common v16.4.0 2026-03-19 */
7384
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
7377
7385
 
7378
7386
  /*
7379
7387
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7413,7 +7421,7 @@
7413
7421
  }
7414
7422
  }
7415
7423
 
7416
- /*! @azure/msal-common v16.4.0 2026-03-19 */
7424
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
7417
7425
 
7418
7426
  /*
7419
7427
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7943,6 +7951,136 @@
7943
7951
  }
7944
7952
  }
7945
7953
 
7954
+ /*
7955
+ * Copyright (c) Microsoft Corporation. All rights reserved.
7956
+ * Licensed under the MIT License.
7957
+ */
7958
+ /**
7959
+ * acquireTokenFromCache (msal-browser).
7960
+ * Internal API for acquiring token from cache
7961
+ */
7962
+ const AcquireTokenFromCache = "acquireTokenFromCache";
7963
+ /**
7964
+ * acquireTokenByRefreshToken API (msal-browser and msal-node).
7965
+ * Used to renew an access token using a refresh token against the token endpoint.
7966
+ */
7967
+ const AcquireTokenByRefreshToken = "acquireTokenByRefreshToken";
7968
+ /**
7969
+ * acquireTokenSilentAsync (msal-browser).
7970
+ * Internal API for acquireTokenSilent.
7971
+ */
7972
+ const AcquireTokenSilentAsync = "acquireTokenSilentAsync";
7973
+ /**
7974
+ * getPublicKeyThumbprint API in CryptoOpts class (msal-browser).
7975
+ * Used to generate a public/private keypair and generate a public key thumbprint for pop requests.
7976
+ */
7977
+ const CryptoOptsGetPublicKeyThumbprint = "cryptoOptsGetPublicKeyThumbprint";
7978
+ /**
7979
+ * signJwt API in CryptoOpts class (msal-browser).
7980
+ * Used to signed a pop token.
7981
+ */
7982
+ const CryptoOptsSignJwt = "cryptoOptsSignJwt";
7983
+ /**
7984
+ * acquireToken API in the SilentCacheClient class (msal-browser).
7985
+ * Used to read access tokens from the cache.
7986
+ */
7987
+ const SilentCacheClientAcquireToken = "silentCacheClientAcquireToken";
7988
+ /**
7989
+ * acquireToken API in the SilentIframeClient class (msal-browser).
7990
+ * Used to acquire a new set of tokens from the authorize endpoint in a hidden iframe.
7991
+ */
7992
+ const SilentIframeClientAcquireToken = "silentIframeClientAcquireToken";
7993
+ const AwaitConcurrentIframe = "awaitConcurrentIframe"; // Time spent waiting for a concurrent iframe to complete
7994
+ /**
7995
+ * acquireToken API in SilentRereshClient (msal-browser).
7996
+ * Used to acquire a new set of tokens from the token endpoint using a refresh token.
7997
+ */
7998
+ const SilentRefreshClientAcquireToken = "silentRefreshClientAcquireToken";
7999
+ /**
8000
+ * getDiscoveredAuthority API in StandardInteractionClient class (msal-browser).
8001
+ * Used to load authority metadata for a request.
8002
+ */
8003
+ const StandardInteractionClientGetDiscoveredAuthority = "standardInteractionClientGetDiscoveredAuthority";
8004
+ /**
8005
+ * acquireToken API in NativeInteractionClient class (msal-browser).
8006
+ * Used to acquire a token from Native component when native brokering is enabled.
8007
+ */
8008
+ const NativeInteractionClientAcquireToken = "nativeInteractionClientAcquireToken";
8009
+ /**
8010
+ * acquireTokenByRefreshToken API in RefreshTokenClient (msal-common).
8011
+ */
8012
+ const RefreshTokenClientAcquireTokenByRefreshToken = "refreshTokenClientAcquireTokenByRefreshToken";
8013
+ /**
8014
+ * acquireTokenBySilentIframe (msal-browser).
8015
+ * Internal API for acquiring token by silent Iframe
8016
+ */
8017
+ const AcquireTokenBySilentIframe = "acquireTokenBySilentIframe";
8018
+ /**
8019
+ * Internal API for initializing base request in BaseInteractionClient (msal-browser)
8020
+ */
8021
+ const InitializeBaseRequest = "initializeBaseRequest";
8022
+ /**
8023
+ * Internal API for initializing silent request in SilentCacheClient (msal-browser)
8024
+ */
8025
+ const InitializeSilentRequest = "initializeSilentRequest";
8026
+ const InitializeCache = "initializeCache";
8027
+ /**
8028
+ * Helper function in SilentIframeClient class (msal-browser).
8029
+ */
8030
+ const SilentIframeClientTokenHelper = "silentIframeClientTokenHelper";
8031
+ /**
8032
+ * SilentHandler
8033
+ */
8034
+ const SilentHandlerInitiateAuthRequest = "silentHandlerInitiateAuthRequest";
8035
+ const SilentHandlerMonitorIframeForHash = "silentHandlerMonitorIframeForHash";
8036
+ const SilentHandlerLoadFrameSync = "silentHandlerLoadFrameSync";
8037
+ /**
8038
+ * Helper functions in StandardInteractionClient class (msal-browser)
8039
+ */
8040
+ const StandardInteractionClientCreateAuthCodeClient = "standardInteractionClientCreateAuthCodeClient";
8041
+ const StandardInteractionClientGetClientConfiguration = "standardInteractionClientGetClientConfiguration";
8042
+ const StandardInteractionClientInitializeAuthorizationRequest = "standardInteractionClientInitializeAuthorizationRequest";
8043
+ const SilentFlowClientAcquireCachedToken = "silentFlowClientAcquireCachedToken";
8044
+ const GetStandardParams = "getStandardParams";
8045
+ const HandleCodeResponse = "handleCodeResponse";
8046
+ const HandleResponseEar = "handleResponseEar";
8047
+ const HandleResponsePlatformBroker = "handleResponsePlatformBroker";
8048
+ const HandleResponseCode = "handleResponseCode";
8049
+ const AuthClientAcquireToken = "authClientAcquireToken";
8050
+ const DeserializeResponse = "deserializeResponse";
8051
+ const AuthorityFactoryCreateDiscoveredInstance = "authorityFactoryCreateDiscoveredInstance";
8052
+ const AcquireTokenByCodeAsync = "acquireTokenByCodeAsync";
8053
+ const HandleRedirectPromiseMeasurement = "handleRedirectPromise";
8054
+ const HandleNativeRedirectPromiseMeasurement = "handleNativeRedirectPromise";
8055
+ const NativeMessageHandlerHandshake = "nativeMessageHandlerHandshake";
8056
+ const RemoveHiddenIframe = "removeHiddenIframe";
8057
+ const ImportExistingCache = "importExistingCache";
8058
+ /**
8059
+ * Crypto Operations
8060
+ */
8061
+ const GeneratePkceCodes = "generatePkceCodes";
8062
+ const GenerateCodeVerifier = "generateCodeVerifier";
8063
+ const GenerateCodeChallengeFromVerifier = "generateCodeChallengeFromVerifier";
8064
+ const Sha256Digest = "sha256Digest";
8065
+ const GetRandomValues = "getRandomValues";
8066
+ const GenerateHKDF = "generateHKDF";
8067
+ const GenerateBaseKey = "generateBaseKey";
8068
+ const Base64Decode = "base64Decode";
8069
+ const UrlEncodeArr = "urlEncodeArr";
8070
+ const Encrypt = "encrypt";
8071
+ const Decrypt = "decrypt";
8072
+ const GenerateEarKey = "generateEarKey";
8073
+ const DecryptEarResponse = "decryptEarResponse";
8074
+ const LoadAccount = "loadAccount";
8075
+ const LoadIdToken = "loadIdToken";
8076
+ const LoadAccessToken = "loadAccessToken";
8077
+ const LoadRefreshToken = "loadRefreshToken";
8078
+ /**
8079
+ * Background telemetry measurement that tracks whether a late bridge response
8080
+ * arrives after the iframe timeout has already fired.
8081
+ */
8082
+ const WaitForBridgeLateResponse = "waitForBridgeLateResponse";
8083
+
7946
8084
  /*
7947
8085
  * Copyright (c) Microsoft Corporation. All rights reserved.
7948
8086
  * Licensed under the MIT License.
@@ -8849,20 +8987,35 @@
8849
8987
  activeBridgeMonitor = null;
8850
8988
  }
8851
8989
  }
8852
- async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient) {
8990
+ async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient, experimentalConfig) {
8853
8991
  return new Promise((resolve, reject) => {
8854
8992
  logger.verbose("1rf6em", request.correlationId);
8855
8993
  const correlationId = request.correlationId;
8856
8994
  performanceClient.addFields({
8857
8995
  redirectBridgeTimeoutMs: timeoutMs,
8996
+ lateResponseExperimentEnabled: experimentalConfig?.iframeTimeoutTelemetry || false,
8858
8997
  }, correlationId);
8859
8998
  const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
8860
8999
  const channel = new BroadcastChannel(libraryState.id);
8861
9000
  let responseString = undefined;
9001
+ let timedOut$1 = false;
9002
+ let lateTimeoutId;
9003
+ let lateMeasurement;
8862
9004
  const timeoutId = window.setTimeout(() => {
8863
9005
  // Clear the active monitor
8864
9006
  activeBridgeMonitor = null;
8865
- channel.close();
9007
+ if (experimentalConfig?.iframeTimeoutTelemetry) {
9008
+ lateMeasurement = performanceClient.startMeasurement(WaitForBridgeLateResponse, correlationId);
9009
+ timedOut$1 = true;
9010
+ lateTimeoutId = window.setTimeout(() => {
9011
+ lateMeasurement?.end({ success: false });
9012
+ clearTimeout(lateTimeoutId);
9013
+ channel.close();
9014
+ }, 60000); // 60s late response timeout to allow for telemetry of late responses
9015
+ }
9016
+ else {
9017
+ channel.close();
9018
+ }
8866
9019
  reject(createBrowserAuthError(timedOut, "redirect_bridge_timeout"));
8867
9020
  }, timeoutMs);
8868
9021
  // Track this monitor so it can be cancelled if needed
@@ -8876,6 +9029,14 @@
8876
9029
  const messageVersion = event?.data && typeof event.data.v === "number"
8877
9030
  ? event.data.v
8878
9031
  : undefined;
9032
+ if (timedOut$1) {
9033
+ lateMeasurement?.end({
9034
+ success: responseString ? true : false,
9035
+ });
9036
+ clearTimeout(lateTimeoutId);
9037
+ channel.close();
9038
+ return;
9039
+ }
8879
9040
  performanceClient.addFields({
8880
9041
  redirectBridgeMessageVersion: messageVersion,
8881
9042
  }, correlationId);
@@ -9038,130 +9199,6 @@
9038
9199
  waitForBridgeResponse: waitForBridgeResponse
9039
9200
  });
9040
9201
 
9041
- /*
9042
- * Copyright (c) Microsoft Corporation. All rights reserved.
9043
- * Licensed under the MIT License.
9044
- */
9045
- /**
9046
- * acquireTokenFromCache (msal-browser).
9047
- * Internal API for acquiring token from cache
9048
- */
9049
- const AcquireTokenFromCache = "acquireTokenFromCache";
9050
- /**
9051
- * acquireTokenByRefreshToken API (msal-browser and msal-node).
9052
- * Used to renew an access token using a refresh token against the token endpoint.
9053
- */
9054
- const AcquireTokenByRefreshToken = "acquireTokenByRefreshToken";
9055
- /**
9056
- * acquireTokenSilentAsync (msal-browser).
9057
- * Internal API for acquireTokenSilent.
9058
- */
9059
- const AcquireTokenSilentAsync = "acquireTokenSilentAsync";
9060
- /**
9061
- * getPublicKeyThumbprint API in CryptoOpts class (msal-browser).
9062
- * Used to generate a public/private keypair and generate a public key thumbprint for pop requests.
9063
- */
9064
- const CryptoOptsGetPublicKeyThumbprint = "cryptoOptsGetPublicKeyThumbprint";
9065
- /**
9066
- * signJwt API in CryptoOpts class (msal-browser).
9067
- * Used to signed a pop token.
9068
- */
9069
- const CryptoOptsSignJwt = "cryptoOptsSignJwt";
9070
- /**
9071
- * acquireToken API in the SilentCacheClient class (msal-browser).
9072
- * Used to read access tokens from the cache.
9073
- */
9074
- const SilentCacheClientAcquireToken = "silentCacheClientAcquireToken";
9075
- /**
9076
- * acquireToken API in the SilentIframeClient class (msal-browser).
9077
- * Used to acquire a new set of tokens from the authorize endpoint in a hidden iframe.
9078
- */
9079
- const SilentIframeClientAcquireToken = "silentIframeClientAcquireToken";
9080
- const AwaitConcurrentIframe = "awaitConcurrentIframe"; // Time spent waiting for a concurrent iframe to complete
9081
- /**
9082
- * acquireToken API in SilentRereshClient (msal-browser).
9083
- * Used to acquire a new set of tokens from the token endpoint using a refresh token.
9084
- */
9085
- const SilentRefreshClientAcquireToken = "silentRefreshClientAcquireToken";
9086
- /**
9087
- * getDiscoveredAuthority API in StandardInteractionClient class (msal-browser).
9088
- * Used to load authority metadata for a request.
9089
- */
9090
- const StandardInteractionClientGetDiscoveredAuthority = "standardInteractionClientGetDiscoveredAuthority";
9091
- /**
9092
- * acquireToken API in NativeInteractionClient class (msal-browser).
9093
- * Used to acquire a token from Native component when native brokering is enabled.
9094
- */
9095
- const NativeInteractionClientAcquireToken = "nativeInteractionClientAcquireToken";
9096
- /**
9097
- * acquireTokenByRefreshToken API in RefreshTokenClient (msal-common).
9098
- */
9099
- const RefreshTokenClientAcquireTokenByRefreshToken = "refreshTokenClientAcquireTokenByRefreshToken";
9100
- /**
9101
- * acquireTokenBySilentIframe (msal-browser).
9102
- * Internal API for acquiring token by silent Iframe
9103
- */
9104
- const AcquireTokenBySilentIframe = "acquireTokenBySilentIframe";
9105
- /**
9106
- * Internal API for initializing base request in BaseInteractionClient (msal-browser)
9107
- */
9108
- const InitializeBaseRequest = "initializeBaseRequest";
9109
- /**
9110
- * Internal API for initializing silent request in SilentCacheClient (msal-browser)
9111
- */
9112
- const InitializeSilentRequest = "initializeSilentRequest";
9113
- const InitializeCache = "initializeCache";
9114
- /**
9115
- * Helper function in SilentIframeClient class (msal-browser).
9116
- */
9117
- const SilentIframeClientTokenHelper = "silentIframeClientTokenHelper";
9118
- /**
9119
- * SilentHandler
9120
- */
9121
- const SilentHandlerInitiateAuthRequest = "silentHandlerInitiateAuthRequest";
9122
- const SilentHandlerMonitorIframeForHash = "silentHandlerMonitorIframeForHash";
9123
- const SilentHandlerLoadFrameSync = "silentHandlerLoadFrameSync";
9124
- /**
9125
- * Helper functions in StandardInteractionClient class (msal-browser)
9126
- */
9127
- const StandardInteractionClientCreateAuthCodeClient = "standardInteractionClientCreateAuthCodeClient";
9128
- const StandardInteractionClientGetClientConfiguration = "standardInteractionClientGetClientConfiguration";
9129
- const StandardInteractionClientInitializeAuthorizationRequest = "standardInteractionClientInitializeAuthorizationRequest";
9130
- const SilentFlowClientAcquireCachedToken = "silentFlowClientAcquireCachedToken";
9131
- const GetStandardParams = "getStandardParams";
9132
- const HandleCodeResponse = "handleCodeResponse";
9133
- const HandleResponseEar = "handleResponseEar";
9134
- const HandleResponsePlatformBroker = "handleResponsePlatformBroker";
9135
- const HandleResponseCode = "handleResponseCode";
9136
- const AuthClientAcquireToken = "authClientAcquireToken";
9137
- const DeserializeResponse = "deserializeResponse";
9138
- const AuthorityFactoryCreateDiscoveredInstance = "authorityFactoryCreateDiscoveredInstance";
9139
- const AcquireTokenByCodeAsync = "acquireTokenByCodeAsync";
9140
- const HandleRedirectPromiseMeasurement = "handleRedirectPromise";
9141
- const HandleNativeRedirectPromiseMeasurement = "handleNativeRedirectPromise";
9142
- const NativeMessageHandlerHandshake = "nativeMessageHandlerHandshake";
9143
- const ImportExistingCache = "importExistingCache";
9144
- /**
9145
- * Crypto Operations
9146
- */
9147
- const GeneratePkceCodes = "generatePkceCodes";
9148
- const GenerateCodeVerifier = "generateCodeVerifier";
9149
- const GenerateCodeChallengeFromVerifier = "generateCodeChallengeFromVerifier";
9150
- const Sha256Digest = "sha256Digest";
9151
- const GetRandomValues = "getRandomValues";
9152
- const GenerateHKDF = "generateHKDF";
9153
- const GenerateBaseKey = "generateBaseKey";
9154
- const Base64Decode = "base64Decode";
9155
- const UrlEncodeArr = "urlEncodeArr";
9156
- const Encrypt = "encrypt";
9157
- const Decrypt = "decrypt";
9158
- const GenerateEarKey = "generateEarKey";
9159
- const DecryptEarResponse = "decryptEarResponse";
9160
- const LoadAccount = "loadAccount";
9161
- const LoadIdToken = "loadIdToken";
9162
- const LoadAccessToken = "loadAccessToken";
9163
- const LoadRefreshToken = "loadRefreshToken";
9164
-
9165
9202
  /*
9166
9203
  * Copyright (c) Microsoft Corporation. All rights reserved.
9167
9204
  * Licensed under the MIT License.
@@ -10298,7 +10335,7 @@
10298
10335
 
10299
10336
  /* eslint-disable header/header */
10300
10337
  const name = "@azure/msal-browser";
10301
- const version = "5.6.1";
10338
+ const version = "5.6.3";
10302
10339
 
10303
10340
  /*
10304
10341
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -12762,9 +12799,9 @@
12762
12799
  }
12763
12800
  // Get the preferred_cache domain for the given authority
12764
12801
  const authority = await getDiscoveredAuthority(this.config, this.correlationId, this.performanceClient, this.browserStorage, this.logger, request.authority);
12765
- const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info, undefined, // environment
12802
+ const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info, authority.getPreferredCache(), // environment
12766
12803
  idTokenClaims.tid, undefined, // auth code payload
12767
- response.account.id);
12804
+ response.account.id, this.logger, this.performanceClient);
12768
12805
  // Ensure expires_in is in number format
12769
12806
  response.expires_in = Number(response.expires_in);
12770
12807
  // generate authenticationResult
@@ -13649,7 +13686,7 @@
13649
13686
  *
13650
13687
  * @returns Configuration object
13651
13688
  */
13652
- function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system: userInputSystem, telemetry: userInputTelemetry, }, isBrowserEnvironment) {
13689
+ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system: userInputSystem, experimental: userInputExperimental, telemetry: userInputTelemetry, }, isBrowserEnvironment) {
13653
13690
  // Default auth options for browser
13654
13691
  const DEFAULT_AUTH_OPTIONS = {
13655
13692
  clientId: "",
@@ -13721,6 +13758,9 @@
13721
13758
  },
13722
13759
  client: new StubPerformanceClient(),
13723
13760
  };
13761
+ const DEFAULT_EXPERIMENTAL_OPTIONS = {
13762
+ iframeTimeoutTelemetry: false,
13763
+ };
13724
13764
  // Throw an error if user has set OIDCOptions without being in OIDC protocol mode
13725
13765
  if (userInputSystem?.protocolMode !== ProtocolMode.OIDC &&
13726
13766
  userInputAuth?.OIDCOptions) {
@@ -13744,6 +13784,10 @@
13744
13784
  },
13745
13785
  cache: { ...DEFAULT_CACHE_OPTIONS, ...userInputCache },
13746
13786
  system: providedSystemOptions,
13787
+ experimental: {
13788
+ ...DEFAULT_EXPERIMENTAL_OPTIONS,
13789
+ ...userInputExperimental,
13790
+ },
13747
13791
  telemetry: { ...DEFAULT_TELEMETRY_OPTIONS, ...userInputTelemetry },
13748
13792
  };
13749
13793
  return overlayedConfig;
@@ -15160,6 +15204,16 @@
15160
15204
  authFrame.setAttribute("allow", "local-network-access *");
15161
15205
  document.body.appendChild(authFrame);
15162
15206
  return authFrame;
15207
+ }
15208
+ /**
15209
+ * @hidden
15210
+ * Removes a hidden iframe from `document.body` if it is a direct child.
15211
+ * @param iframe - The iframe element to remove.
15212
+ */
15213
+ function removeHiddenIframe(iframe) {
15214
+ if (document.body === iframe.parentNode) {
15215
+ document.body.removeChild(iframe);
15216
+ }
15163
15217
  }
15164
15218
 
15165
15219
  /*
@@ -15255,9 +15309,15 @@
15255
15309
  earJwk: earJwk,
15256
15310
  codeChallenge: pkceCodes.challenge,
15257
15311
  };
15258
- await invokeAsync(initiateEarRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, discoveredAuthority, silentRequest, this.logger, this.performanceClient);
15312
+ const iframe = await invokeAsync(initiateEarRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, discoveredAuthority, silentRequest, this.logger, this.performanceClient);
15259
15313
  const responseType = this.config.auth.OIDCOptions.responseMode;
15260
- const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
15314
+ let responseString;
15315
+ try {
15316
+ responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient, this.config.experimental);
15317
+ }
15318
+ finally {
15319
+ invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
15320
+ }
15261
15321
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
15262
15322
  if (!serverParams.ear_jwe && serverParams.code) {
15263
15323
  // If server doesn't support EAR, they may fallback to auth code flow instead
@@ -15295,18 +15355,25 @@
15295
15355
  ...request,
15296
15356
  codeChallenge: pkceCodes.challenge,
15297
15357
  };
15358
+ let iframe;
15298
15359
  if (request.httpMethod === HttpMethod.POST) {
15299
- await invokeAsync(initiateCodeFlowWithPost, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
15360
+ iframe = await invokeAsync(initiateCodeFlowWithPost, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
15300
15361
  }
15301
15362
  else {
15302
15363
  // Create authorize request url
15303
15364
  const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
15304
15365
  // Get the frame handle for the silent request
15305
- await invokeAsync(initiateCodeRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId);
15366
+ iframe = await invokeAsync(initiateCodeRequest, SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId);
15306
15367
  }
15307
15368
  const responseType = this.config.auth.OIDCOptions.responseMode;
15308
15369
  // Wait for response from the redirect bridge.
15309
- const responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
15370
+ let responseString;
15371
+ try {
15372
+ responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient, this.config.experimental);
15373
+ }
15374
+ finally {
15375
+ invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
15376
+ }
15310
15377
  const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
15311
15378
  return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceCodes.verifier, this.apiId, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
15312
15379
  }
@@ -15562,22 +15629,32 @@
15562
15629
  this.nativeInternalStorage = new BrowserCacheManager(this.config.auth.clientId, nativeCacheOptions, this.browserCrypto, this.logger, this.performanceClient, this.eventHandler);
15563
15630
  this.activeSilentTokenRequests = new Map();
15564
15631
  // Register listener functions
15565
- this.trackPageVisibility = this.trackPageVisibility.bind(this);
15632
+ this.trackStateChange = this.trackStateChange.bind(this);
15566
15633
  // Register listener functions
15567
- this.trackPageVisibilityWithMeasurement =
15568
- this.trackPageVisibilityWithMeasurement.bind(this);
15634
+ this.trackStateChangeWithMeasurement =
15635
+ this.trackStateChangeWithMeasurement.bind(this);
15569
15636
  }
15570
15637
  static async createController(operatingContext, request) {
15571
15638
  const controller = new StandardController(operatingContext);
15572
15639
  await controller.initialize(request);
15573
15640
  return controller;
15574
15641
  }
15575
- trackPageVisibility(correlationId) {
15642
+ trackStateChange(correlationId, event) {
15576
15643
  if (!correlationId) {
15577
15644
  return;
15578
15645
  }
15579
- this.logger.info("16v6hv", correlationId);
15580
- this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
15646
+ if (event.type === "visibilitychange") {
15647
+ this.logger.info("16v6hv", correlationId);
15648
+ this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
15649
+ }
15650
+ else if (event.type === "online") {
15651
+ this.logger.info("0zirfd", correlationId);
15652
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
15653
+ }
15654
+ else if (event.type === "offline") {
15655
+ this.logger.info("1xk9ef", correlationId);
15656
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
15657
+ }
15581
15658
  }
15582
15659
  /**
15583
15660
  * Initializer function to perform async startup tasks such as connecting to WAM extension
@@ -15919,15 +15996,40 @@
15919
15996
  }
15920
15997
  });
15921
15998
  }
15922
- trackPageVisibilityWithMeasurement() {
15999
+ trackStateChangeWithMeasurement(event) {
15923
16000
  const measurement = this.ssoSilentMeasurement ||
15924
16001
  this.acquireTokenByCodeAsyncMeasurement;
15925
16002
  if (!measurement) {
15926
16003
  return;
15927
16004
  }
15928
- measurement.increment({
15929
- visibilityChangeCount: 1,
15930
- });
16005
+ if (event.type === "visibilitychange") {
16006
+ this.logger.info("0yzimq", measurement.event.correlationId);
16007
+ measurement.increment({
16008
+ visibilityChangeCount: 1,
16009
+ });
16010
+ }
16011
+ else if (event.type === "online") {
16012
+ this.logger.info("1caf53", measurement.event.correlationId);
16013
+ measurement.increment({
16014
+ onlineStatusChangeCount: 1,
16015
+ });
16016
+ }
16017
+ else if (event.type === "offline") {
16018
+ this.logger.info("0fdyk7", measurement.event.correlationId);
16019
+ measurement.increment({
16020
+ onlineStatusChangeCount: 1,
16021
+ });
16022
+ }
16023
+ }
16024
+ addStateChangeListeners(listener) {
16025
+ document.addEventListener("visibilitychange", listener);
16026
+ window.addEventListener("online", listener);
16027
+ window.addEventListener("offline", listener);
16028
+ }
16029
+ removeStateChangeListeners(listener) {
16030
+ document.removeEventListener("visibilitychange", listener);
16031
+ window.removeEventListener("online", listener);
16032
+ window.removeEventListener("offline", listener);
15931
16033
  }
15932
16034
  // #endregion
15933
16035
  // #region Silent Flow
@@ -15961,8 +16063,9 @@
15961
16063
  preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
15962
16064
  this.ssoSilentMeasurement?.increment({
15963
16065
  visibilityChangeCount: 0,
16066
+ onlineStatusChangeCount: 0,
15964
16067
  });
15965
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
16068
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
15966
16069
  const loggedInAccounts = this.getAllAccounts();
15967
16070
  this.logger.verbose("0w1b45", correlationId);
15968
16071
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Silent, validRequest);
@@ -16005,7 +16108,7 @@
16005
16108
  throw e;
16006
16109
  })
16007
16110
  .finally(() => {
16008
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
16111
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
16009
16112
  });
16010
16113
  }
16011
16114
  /**
@@ -16112,8 +16215,9 @@
16112
16215
  this.performanceClient.startMeasurement(AcquireTokenByCodeAsync, correlationId);
16113
16216
  this.acquireTokenByCodeAsyncMeasurement?.increment({
16114
16217
  visibilityChangeCount: 0,
16218
+ onlineStatusChangeCount: 0,
16115
16219
  });
16116
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
16220
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
16117
16221
  const silentAuthCodeClient = this.createSilentAuthCodeClient(correlationId);
16118
16222
  const silentTokenResult = await silentAuthCodeClient
16119
16223
  .acquireToken(request)
@@ -16132,7 +16236,7 @@
16132
16236
  throw tokenRenewalError;
16133
16237
  })
16134
16238
  .finally(() => {
16135
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
16239
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
16136
16240
  });
16137
16241
  return silentTokenResult;
16138
16242
  }
@@ -16594,12 +16698,12 @@
16594
16698
  * @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
16595
16699
  */
16596
16700
  async acquireTokenSilentAsync(request, account) {
16597
- const trackPageVisibility = () => this.trackPageVisibility(request.correlationId);
16701
+ const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
16598
16702
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, request.correlationId, exports.InteractionType.Silent, request);
16599
16703
  if (request.correlationId) {
16600
- this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
16704
+ this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
16601
16705
  }
16602
- document.addEventListener("visibilitychange", trackPageVisibility);
16706
+ this.addStateChangeListeners(trackStateChange);
16603
16707
  const silentRequest = await invokeAsync(initializeSilentRequest, InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
16604
16708
  const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
16605
16709
  const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
@@ -16681,7 +16785,7 @@
16681
16785
  throw tokenRenewalError;
16682
16786
  })
16683
16787
  .finally(() => {
16684
- document.removeEventListener("visibilitychange", trackPageVisibility);
16788
+ this.removeStateChangeListeners(trackStateChange);
16685
16789
  });
16686
16790
  }
16687
16791
  /**
@@ -18281,7 +18385,7 @@
18281
18385
  const storage = new BrowserCacheManager(browserConfig.auth.clientId, browserConfig.cache, cryptoOps, logger, browserConfig.telemetry.client, new EventHandler(logger), buildStaticAuthorityOptions(browserConfig.auth));
18282
18386
  const authorityString = request.authority || browserConfig.auth.authority;
18283
18387
  const authority = await createDiscoveredInstance(Authority.generateAuthority(authorityString, request.azureCloudOptions), browserConfig.system.networkClient, storage, authorityOptions, logger, correlationId, performanceClient);
18284
- const cacheRecordAccount = await invokeAsync(loadAccount, LoadAccount, logger, performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, storage, logger, cryptoOps, authority, idTokenClaims);
18388
+ const cacheRecordAccount = await invokeAsync(loadAccount, LoadAccount, logger, performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, storage, logger, cryptoOps, authority, idTokenClaims, performanceClient);
18285
18389
  const idToken = await invokeAsync(loadIdToken, LoadIdToken, logger, performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, kmsi, correlationId, storage, logger, config.auth.clientId);
18286
18390
  const accessToken = await invokeAsync(loadAccessToken, LoadAccessToken, logger, performanceClient, correlationId)(request, response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, kmsi, options, correlationId, storage, logger, config.auth.clientId);
18287
18391
  const refreshToken = await invokeAsync(loadRefreshToken, LoadRefreshToken, logger, performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, kmsi, correlationId, storage, logger, config.auth.clientId, performanceClient);
@@ -18307,7 +18411,7 @@
18307
18411
  * @param requestHomeAccountId
18308
18412
  * @returns `AccountEntity`
18309
18413
  */
18310
- async function loadAccount(request, clientInfo, correlationId, storage, logger, cryptoObj, authority, idTokenClaims) {
18414
+ async function loadAccount(request, clientInfo, correlationId, storage, logger, cryptoObj, authority, idTokenClaims, performanceClient) {
18311
18415
  logger.verbose("0ke46k", correlationId);
18312
18416
  if (request.account) {
18313
18417
  const accountEntity = createAccountEntityFromAccountInfo(request.account);
@@ -18322,7 +18426,7 @@
18322
18426
  const claimsTenantId = idTokenClaims?.tid;
18323
18427
  const cachedAccount = buildAccountToCache(storage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, authority.getPreferredCache(), claimsTenantId, undefined, // authCodePayload
18324
18428
  undefined, // nativeAccountId
18325
- logger);
18429
+ logger, performanceClient);
18326
18430
  await storage.setAccount(cachedAccount, correlationId, isKmsi(idTokenClaims || {}), ApiId.loadExternalTokens);
18327
18431
  return cachedAccount;
18328
18432
  }
@@ -18594,6 +18698,9 @@
18594
18698
  getPageVisibility() {
18595
18699
  return document.visibilityState?.toString() || null;
18596
18700
  }
18701
+ getOnlineStatus() {
18702
+ return typeof navigator !== "undefined" ? navigator.onLine : null;
18703
+ }
18597
18704
  deleteIncompleteSubMeasurements(inProgressEvent) {
18598
18705
  void getPerfMeasurementModule()?.then((module) => {
18599
18706
  const rootEvent = this.eventsByCorrelationId.get(inProgressEvent.event.correlationId);
@@ -18620,6 +18727,7 @@
18620
18727
  startMeasurement(measureName, correlationId) {
18621
18728
  // Capture page visibilityState and then invoke start/end measurement
18622
18729
  const startPageVisibility = this.getPageVisibility();
18730
+ const startOnlineStatus = this.getOnlineStatus();
18623
18731
  const inProgressEvent = super.startMeasurement(measureName, correlationId);
18624
18732
  const startTime = supportsBrowserPerformanceNow()
18625
18733
  ? window.performance.now()
@@ -18635,6 +18743,7 @@
18635
18743
  const res = inProgressEvent.end({
18636
18744
  ...event,
18637
18745
  startPageVisibility,
18746
+ startOnlineStatus,
18638
18747
  endPageVisibility: this.getPageVisibility(),
18639
18748
  durationMs: getPerfDurationMs(startTime),
18640
18749
  networkEffectiveType: networkInfo.effectiveType,