@azure/msal-browser 5.6.2 → 5.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.d.ts.map +1 -1
- package/dist/cache/TokenCache.mjs +9 -9
- package/dist/cache/TokenCache.mjs.map +1 -1
- package/dist/config/Configuration.d.ts +13 -1
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +9 -2
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +4 -2
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +56 -19
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +13 -1
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +9 -2
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts +4 -2
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +56 -19
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/index.d.ts +1 -1
- package/dist/custom-auth-path/index.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +23 -3
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +8 -3
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts +2 -2
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +27 -3
- package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +1 -1
- package/dist/index.mjs.map +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +31 -11
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/cache/TokenCache.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.d.ts +13 -1
- package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/controllers/StandardController.d.ts +4 -2
- package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/index.d.ts +1 -1
- package/dist/redirect-bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts +2 -2
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +6 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/dist/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +8 -3
- package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.d.ts +2 -2
- package/dist/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/utils/BrowserUtils.mjs +27 -3
- package/dist/utils/BrowserUtils.mjs.map +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +23 -3
- package/lib/custom-auth-path/msal-custom-auth.cjs +620 -541
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +13 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts +4 -2
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/log-strings-mapping.json +31 -11
- package/lib/msal-browser.cjs +768 -683
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +768 -683
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
- package/lib/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +13 -1
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +4 -2
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/index.d.ts +1 -1
- package/lib/types/index.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/lib/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/cache/TokenCache.ts +27 -24
- package/src/config/Configuration.ts +22 -0
- package/src/controllers/StandardController.ts +84 -35
- package/src/index.ts +1 -0
- package/src/interaction_client/PlatformAuthInteractionClient.ts +55 -53
- package/src/interaction_client/SilentIframeClient.ts +4 -2
- package/src/packageMetadata.ts +1 -1
- package/src/telemetry/BrowserPerformanceClient.ts +6 -0
- package/src/telemetry/BrowserPerformanceEvents.ts +6 -0
- package/src/utils/BrowserUtils.ts +36 -4
package/lib/msal-browser.cjs
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.6.
|
|
1
|
+
/*! @azure/msal-browser v5.6.3 2026-04-01 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v16.4.
|
|
5
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -234,7 +234,7 @@ const JsonWebTokenTypes$1 = {
|
|
|
234
234
|
// Token renewal offset default in seconds
|
|
235
235
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
236
236
|
|
|
237
|
-
/*! @azure/msal-common v16.4.
|
|
237
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
238
238
|
/*
|
|
239
239
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
240
240
|
* Licensed under the MIT License.
|
|
@@ -286,7 +286,7 @@ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
|
286
286
|
const RESOURCE = "resource";
|
|
287
287
|
const CLI_DATA = "clidata";
|
|
288
288
|
|
|
289
|
-
/*! @azure/msal-common v16.4.
|
|
289
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
290
290
|
/*
|
|
291
291
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
292
292
|
* Licensed under the MIT License.
|
|
@@ -317,7 +317,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
317
317
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
318
318
|
}
|
|
319
319
|
|
|
320
|
-
/*! @azure/msal-common v16.4.
|
|
320
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
321
321
|
|
|
322
322
|
/*
|
|
323
323
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -337,7 +337,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
337
337
|
return new ClientConfigurationError(errorCode);
|
|
338
338
|
}
|
|
339
339
|
|
|
340
|
-
/*! @azure/msal-common v16.4.
|
|
340
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
341
341
|
/*
|
|
342
342
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
343
343
|
* Licensed under the MIT License.
|
|
@@ -417,7 +417,7 @@ class StringUtils {
|
|
|
417
417
|
}
|
|
418
418
|
}
|
|
419
419
|
|
|
420
|
-
/*! @azure/msal-common v16.4.
|
|
420
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
421
421
|
|
|
422
422
|
/*
|
|
423
423
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -440,7 +440,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
440
440
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
441
441
|
}
|
|
442
442
|
|
|
443
|
-
/*! @azure/msal-common v16.4.
|
|
443
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
444
444
|
/*
|
|
445
445
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
446
446
|
* Licensed under the MIT License.
|
|
@@ -494,7 +494,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
494
494
|
urlParseError: urlParseError
|
|
495
495
|
});
|
|
496
496
|
|
|
497
|
-
/*! @azure/msal-common v16.4.
|
|
497
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
498
498
|
/*
|
|
499
499
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
500
500
|
* Licensed under the MIT License.
|
|
@@ -582,7 +582,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
582
582
|
userCanceled: userCanceled
|
|
583
583
|
});
|
|
584
584
|
|
|
585
|
-
/*! @azure/msal-common v16.4.
|
|
585
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
586
586
|
|
|
587
587
|
/*
|
|
588
588
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -777,7 +777,7 @@ class ScopeSet {
|
|
|
777
777
|
}
|
|
778
778
|
}
|
|
779
779
|
|
|
780
|
-
/*! @azure/msal-common v16.4.
|
|
780
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
781
781
|
|
|
782
782
|
/*
|
|
783
783
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1155,7 +1155,7 @@ function addResource(parameters, resource) {
|
|
|
1155
1155
|
}
|
|
1156
1156
|
}
|
|
1157
1157
|
|
|
1158
|
-
/*! @azure/msal-common v16.4.
|
|
1158
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1159
1159
|
|
|
1160
1160
|
/*
|
|
1161
1161
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1264,7 +1264,7 @@ function normalizeUrlForComparison(url) {
|
|
|
1264
1264
|
}
|
|
1265
1265
|
}
|
|
1266
1266
|
|
|
1267
|
-
/*! @azure/msal-common v16.4.
|
|
1267
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1268
1268
|
|
|
1269
1269
|
/*
|
|
1270
1270
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1303,7 +1303,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
1303
1303
|
},
|
|
1304
1304
|
};
|
|
1305
1305
|
|
|
1306
|
-
/*! @azure/msal-common v16.4.
|
|
1306
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1307
1307
|
/*
|
|
1308
1308
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1309
1309
|
* Licensed under the MIT License.
|
|
@@ -1578,12 +1578,12 @@ class Logger {
|
|
|
1578
1578
|
}
|
|
1579
1579
|
}
|
|
1580
1580
|
|
|
1581
|
-
/*! @azure/msal-common v16.4.
|
|
1581
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1582
1582
|
/* eslint-disable header/header */
|
|
1583
1583
|
const name$1 = "@azure/msal-common";
|
|
1584
|
-
const version$1 = "16.4.
|
|
1584
|
+
const version$1 = "16.4.1";
|
|
1585
1585
|
|
|
1586
|
-
/*! @azure/msal-common v16.4.
|
|
1586
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1587
1587
|
/*
|
|
1588
1588
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1589
1589
|
* Licensed under the MIT License.
|
|
@@ -1603,7 +1603,7 @@ const AzureCloudInstance = {
|
|
|
1603
1603
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
1604
1604
|
};
|
|
1605
1605
|
|
|
1606
|
-
/*! @azure/msal-common v16.4.
|
|
1606
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1607
1607
|
/*
|
|
1608
1608
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1609
1609
|
* Licensed under the MIT License.
|
|
@@ -1685,7 +1685,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1685
1685
|
return updatedAccountInfo;
|
|
1686
1686
|
}
|
|
1687
1687
|
|
|
1688
|
-
/*! @azure/msal-common v16.4.
|
|
1688
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1689
1689
|
|
|
1690
1690
|
/*
|
|
1691
1691
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1765,7 +1765,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1765
1765
|
}
|
|
1766
1766
|
}
|
|
1767
1767
|
|
|
1768
|
-
/*! @azure/msal-common v16.4.
|
|
1768
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1769
1769
|
|
|
1770
1770
|
/*
|
|
1771
1771
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1922,7 +1922,7 @@ class UrlString {
|
|
|
1922
1922
|
}
|
|
1923
1923
|
}
|
|
1924
1924
|
|
|
1925
|
-
/*! @azure/msal-common v16.4.
|
|
1925
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1926
1926
|
|
|
1927
1927
|
/*
|
|
1928
1928
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2079,7 +2079,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2079
2079
|
return null;
|
|
2080
2080
|
}
|
|
2081
2081
|
|
|
2082
|
-
/*! @azure/msal-common v16.4.
|
|
2082
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2083
2083
|
/*
|
|
2084
2084
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2085
2085
|
* Licensed under the MIT License.
|
|
@@ -2087,7 +2087,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2087
2087
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2088
2088
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2089
2089
|
|
|
2090
|
-
/*! @azure/msal-common v16.4.
|
|
2090
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2091
2091
|
|
|
2092
2092
|
/*
|
|
2093
2093
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2125,7 +2125,7 @@ function createCacheError(e) {
|
|
|
2125
2125
|
}
|
|
2126
2126
|
}
|
|
2127
2127
|
|
|
2128
|
-
/*! @azure/msal-common v16.4.
|
|
2128
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2129
2129
|
|
|
2130
2130
|
/*
|
|
2131
2131
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2163,7 +2163,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
2163
2163
|
};
|
|
2164
2164
|
}
|
|
2165
2165
|
|
|
2166
|
-
/*! @azure/msal-common v16.4.
|
|
2166
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2167
2167
|
/*
|
|
2168
2168
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2169
2169
|
* Licensed under the MIT License.
|
|
@@ -2178,7 +2178,7 @@ const AuthorityType = {
|
|
|
2178
2178
|
Ciam: 3,
|
|
2179
2179
|
};
|
|
2180
2180
|
|
|
2181
|
-
/*! @azure/msal-common v16.4.
|
|
2181
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2182
2182
|
/*
|
|
2183
2183
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2184
2184
|
* Licensed under the MIT License.
|
|
@@ -2200,7 +2200,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
2200
2200
|
return null;
|
|
2201
2201
|
}
|
|
2202
2202
|
|
|
2203
|
-
/*! @azure/msal-common v16.4.
|
|
2203
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2204
2204
|
/*
|
|
2205
2205
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2206
2206
|
* Licensed under the MIT License.
|
|
@@ -2224,7 +2224,7 @@ const ProtocolMode = {
|
|
|
2224
2224
|
EAR: "EAR",
|
|
2225
2225
|
};
|
|
2226
2226
|
|
|
2227
|
-
/*! @azure/msal-common v16.4.
|
|
2227
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2228
2228
|
/**
|
|
2229
2229
|
* Returns the AccountInfo interface for this account.
|
|
2230
2230
|
*/
|
|
@@ -2399,7 +2399,7 @@ function isAccountEntity(entity) {
|
|
|
2399
2399
|
entity.hasOwnProperty("authorityType"));
|
|
2400
2400
|
}
|
|
2401
2401
|
|
|
2402
|
-
/*! @azure/msal-common v16.4.
|
|
2402
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2403
2403
|
|
|
2404
2404
|
/*
|
|
2405
2405
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3501,7 +3501,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3501
3501
|
}
|
|
3502
3502
|
}
|
|
3503
3503
|
|
|
3504
|
-
/*! @azure/msal-common v16.4.
|
|
3504
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3505
3505
|
/*
|
|
3506
3506
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3507
3507
|
* Licensed under the MIT License.
|
|
@@ -3546,12 +3546,13 @@ const IntFields = new Set([
|
|
|
3546
3546
|
"currRefreshCount",
|
|
3547
3547
|
"expiredCacheRemovedCount",
|
|
3548
3548
|
"upgradedCacheCount",
|
|
3549
|
+
"cacheMatchedAccounts",
|
|
3549
3550
|
"networkRtt",
|
|
3550
3551
|
"redirectBridgeTimeoutMs",
|
|
3551
3552
|
"redirectBridgeMessageVersion",
|
|
3552
3553
|
]);
|
|
3553
3554
|
|
|
3554
|
-
/*! @azure/msal-common v16.4.
|
|
3555
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3555
3556
|
|
|
3556
3557
|
/*
|
|
3557
3558
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3606,7 +3607,7 @@ class StubPerformanceClient {
|
|
|
3606
3607
|
}
|
|
3607
3608
|
}
|
|
3608
3609
|
|
|
3609
|
-
/*! @azure/msal-common v16.4.
|
|
3610
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3610
3611
|
|
|
3611
3612
|
/*
|
|
3612
3613
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3701,291 +3702,358 @@ function isOidcProtocolMode(config) {
|
|
|
3701
3702
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3702
3703
|
}
|
|
3703
3704
|
|
|
3704
|
-
/*! @azure/msal-common v16.4.
|
|
3705
|
-
|
|
3705
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3706
3706
|
/*
|
|
3707
3707
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3708
3708
|
* Licensed under the MIT License.
|
|
3709
3709
|
*/
|
|
3710
3710
|
/**
|
|
3711
|
-
*
|
|
3712
|
-
|
|
3713
|
-
|
|
3714
|
-
constructor(
|
|
3715
|
-
|
|
3716
|
-
this.
|
|
3717
|
-
|
|
3718
|
-
|
|
3719
|
-
|
|
3711
|
+
* This class instance helps track the memory changes facilitating
|
|
3712
|
+
* decisions to read from and write to the persistent cache
|
|
3713
|
+
*/ class TokenCacheContext {
|
|
3714
|
+
constructor(tokenCache, hasChanged) {
|
|
3715
|
+
this.cache = tokenCache;
|
|
3716
|
+
this.hasChanged = hasChanged;
|
|
3717
|
+
}
|
|
3718
|
+
/**
|
|
3719
|
+
* boolean which indicates the changes in cache
|
|
3720
|
+
*/
|
|
3721
|
+
get cacheHasChanged() {
|
|
3722
|
+
return this.hasChanged;
|
|
3723
|
+
}
|
|
3724
|
+
/**
|
|
3725
|
+
* function to retrieve the token cache
|
|
3726
|
+
*/
|
|
3727
|
+
get tokenCache() {
|
|
3728
|
+
return this.cache;
|
|
3720
3729
|
}
|
|
3721
3730
|
}
|
|
3722
3731
|
|
|
3723
|
-
/*! @azure/msal-common v16.4.
|
|
3732
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3724
3733
|
/*
|
|
3725
3734
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3726
3735
|
* Licensed under the MIT License.
|
|
3727
3736
|
*/
|
|
3728
3737
|
/**
|
|
3729
|
-
*
|
|
3730
|
-
* @public
|
|
3731
|
-
*/
|
|
3732
|
-
const noTokensFound = "no_tokens_found";
|
|
3733
|
-
/**
|
|
3734
|
-
* MSAL-defined error code indicating a native account is unavailable on the platform.
|
|
3735
|
-
* @public
|
|
3736
|
-
*/
|
|
3737
|
-
const nativeAccountUnavailable = "native_account_unavailable";
|
|
3738
|
-
/**
|
|
3739
|
-
* MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
|
|
3740
|
-
* @public
|
|
3741
|
-
*/
|
|
3742
|
-
const refreshTokenExpired = "refresh_token_expired";
|
|
3743
|
-
/**
|
|
3744
|
-
* MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
|
|
3745
|
-
* @public
|
|
3746
|
-
*/
|
|
3747
|
-
const uxNotAllowed = "ux_not_allowed";
|
|
3748
|
-
/**
|
|
3749
|
-
* Server-originated error code indicating interaction is required to complete the request.
|
|
3750
|
-
* @public
|
|
3751
|
-
*/
|
|
3752
|
-
const interactionRequired = "interaction_required";
|
|
3753
|
-
/**
|
|
3754
|
-
* Server-originated error code indicating user consent is required.
|
|
3755
|
-
* @public
|
|
3756
|
-
*/
|
|
3757
|
-
const consentRequired = "consent_required";
|
|
3758
|
-
/**
|
|
3759
|
-
* Server-originated error code indicating user login is required.
|
|
3760
|
-
* @public
|
|
3738
|
+
* Utility functions for managing date and time operations.
|
|
3761
3739
|
*/
|
|
3762
|
-
const loginRequired = "login_required";
|
|
3763
3740
|
/**
|
|
3764
|
-
*
|
|
3765
|
-
* @public
|
|
3741
|
+
* return the current time in Unix time (seconds).
|
|
3766
3742
|
*/
|
|
3767
|
-
|
|
3743
|
+
function nowSeconds() {
|
|
3744
|
+
// Date.getTime() returns in milliseconds.
|
|
3745
|
+
return Math.round(new Date().getTime() / 1000.0);
|
|
3746
|
+
}
|
|
3768
3747
|
/**
|
|
3769
|
-
*
|
|
3770
|
-
* @
|
|
3771
|
-
*/
|
|
3772
|
-
const interruptedUser = "interrupted_user";
|
|
3773
|
-
|
|
3774
|
-
var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
3775
|
-
__proto__: null,
|
|
3776
|
-
badToken: badToken,
|
|
3777
|
-
consentRequired: consentRequired,
|
|
3778
|
-
interactionRequired: interactionRequired,
|
|
3779
|
-
interruptedUser: interruptedUser,
|
|
3780
|
-
loginRequired: loginRequired,
|
|
3781
|
-
nativeAccountUnavailable: nativeAccountUnavailable,
|
|
3782
|
-
noTokensFound: noTokensFound,
|
|
3783
|
-
refreshTokenExpired: refreshTokenExpired,
|
|
3784
|
-
uxNotAllowed: uxNotAllowed
|
|
3785
|
-
});
|
|
3786
|
-
|
|
3787
|
-
/*! @azure/msal-common v16.4.0 2026-03-27 */
|
|
3788
|
-
|
|
3789
|
-
/*
|
|
3790
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3791
|
-
* Licensed under the MIT License.
|
|
3748
|
+
* Converts JS Date object to seconds
|
|
3749
|
+
* @param date Date
|
|
3792
3750
|
*/
|
|
3751
|
+
function toSecondsFromDate(date) {
|
|
3752
|
+
// Convert date to seconds
|
|
3753
|
+
return date.getTime() / 1000;
|
|
3754
|
+
}
|
|
3793
3755
|
/**
|
|
3794
|
-
*
|
|
3756
|
+
* Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
|
|
3757
|
+
* @param seconds
|
|
3795
3758
|
*/
|
|
3796
|
-
|
|
3797
|
-
|
|
3798
|
-
|
|
3799
|
-
|
|
3800
|
-
|
|
3801
|
-
|
|
3802
|
-
interruptedUser,
|
|
3803
|
-
];
|
|
3804
|
-
const InteractionRequiredAuthSubErrorMessage = [
|
|
3805
|
-
"message_only",
|
|
3806
|
-
"additional_action",
|
|
3807
|
-
"basic_action",
|
|
3808
|
-
"user_password_expired",
|
|
3809
|
-
"consent_required",
|
|
3810
|
-
"bad_token",
|
|
3811
|
-
"ux_not_allowed",
|
|
3812
|
-
"interrupted_user",
|
|
3813
|
-
];
|
|
3759
|
+
function toDateFromSeconds(seconds) {
|
|
3760
|
+
if (seconds) {
|
|
3761
|
+
return new Date(Number(seconds) * 1000);
|
|
3762
|
+
}
|
|
3763
|
+
return new Date();
|
|
3764
|
+
}
|
|
3814
3765
|
/**
|
|
3815
|
-
*
|
|
3766
|
+
* check if a token is expired based on given UTC time in seconds.
|
|
3767
|
+
* @param expiresOn
|
|
3816
3768
|
*/
|
|
3817
|
-
|
|
3818
|
-
|
|
3819
|
-
|
|
3820
|
-
|
|
3821
|
-
|
|
3822
|
-
|
|
3823
|
-
this.correlationId = correlationId || "";
|
|
3824
|
-
this.claims = claims || "";
|
|
3825
|
-
this.name = "InteractionRequiredAuthError";
|
|
3826
|
-
this.errorNo = errorNo;
|
|
3827
|
-
}
|
|
3769
|
+
function isTokenExpired(expiresOn, offset) {
|
|
3770
|
+
// check for access token expiry
|
|
3771
|
+
const expirationSec = Number(expiresOn) || 0;
|
|
3772
|
+
const offsetCurrentTimeSec = nowSeconds() + offset;
|
|
3773
|
+
// If current time + offset is greater than token expiration time, then token is expired.
|
|
3774
|
+
return offsetCurrentTimeSec > expirationSec;
|
|
3828
3775
|
}
|
|
3829
3776
|
/**
|
|
3830
|
-
*
|
|
3831
|
-
* @param
|
|
3832
|
-
* @param
|
|
3833
|
-
* @
|
|
3777
|
+
* Checks if a cache entry is expired based on the last updated time and cache retention days.
|
|
3778
|
+
* @param lastUpdatedAt
|
|
3779
|
+
* @param cacheRetentionDays
|
|
3780
|
+
* @returns
|
|
3834
3781
|
*/
|
|
3835
|
-
function
|
|
3836
|
-
const
|
|
3837
|
-
|
|
3838
|
-
const isInteractionRequiredSubError = !!subError &&
|
|
3839
|
-
InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
|
|
3840
|
-
const isInteractionRequiredErrorDesc = !!errorString &&
|
|
3841
|
-
InteractionRequiredServerErrorMessage.some((irErrorCode) => {
|
|
3842
|
-
return errorString.indexOf(irErrorCode) > -1;
|
|
3843
|
-
});
|
|
3844
|
-
return (isInteractionRequiredErrorCode ||
|
|
3845
|
-
isInteractionRequiredErrorDesc ||
|
|
3846
|
-
isInteractionRequiredSubError);
|
|
3782
|
+
function isCacheExpired(lastUpdatedAt, cacheRetentionDays) {
|
|
3783
|
+
const cacheExpirationTimestamp = Number(lastUpdatedAt) + cacheRetentionDays * 24 * 60 * 60 * 1000;
|
|
3784
|
+
return Date.now() > cacheExpirationTimestamp;
|
|
3847
3785
|
}
|
|
3848
3786
|
/**
|
|
3849
|
-
*
|
|
3787
|
+
* If the current time is earlier than the time that a token was cached at, we must discard the token
|
|
3788
|
+
* i.e. The system clock was turned back after acquiring the cached token
|
|
3789
|
+
* @param cachedAt
|
|
3790
|
+
* @param offset
|
|
3850
3791
|
*/
|
|
3851
|
-
function
|
|
3852
|
-
|
|
3792
|
+
function wasClockTurnedBack(cachedAt) {
|
|
3793
|
+
const cachedAtSec = Number(cachedAt);
|
|
3794
|
+
return cachedAtSec > nowSeconds();
|
|
3853
3795
|
}
|
|
3854
3796
|
|
|
3855
|
-
/*! @azure/msal-common v16.4.
|
|
3797
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3856
3798
|
|
|
3857
3799
|
/*
|
|
3858
3800
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3859
3801
|
* Licensed under the MIT License.
|
|
3860
3802
|
*/
|
|
3861
3803
|
/**
|
|
3862
|
-
*
|
|
3863
|
-
* @param
|
|
3864
|
-
* @param
|
|
3865
|
-
* @param
|
|
3804
|
+
* Create IdTokenEntity
|
|
3805
|
+
* @param homeAccountId
|
|
3806
|
+
* @param authenticationResult
|
|
3807
|
+
* @param clientId
|
|
3808
|
+
* @param authority
|
|
3866
3809
|
*/
|
|
3867
|
-
function
|
|
3868
|
-
const
|
|
3869
|
-
|
|
3870
|
-
|
|
3871
|
-
:
|
|
3810
|
+
function createIdTokenEntity(homeAccountId, environment, idToken, clientId, tenantId) {
|
|
3811
|
+
const idTokenEntity = {
|
|
3812
|
+
credentialType: CredentialType.ID_TOKEN,
|
|
3813
|
+
homeAccountId: homeAccountId,
|
|
3814
|
+
environment: environment,
|
|
3815
|
+
clientId: clientId,
|
|
3816
|
+
secret: idToken,
|
|
3817
|
+
realm: tenantId,
|
|
3818
|
+
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
3819
|
+
};
|
|
3820
|
+
return idTokenEntity;
|
|
3872
3821
|
}
|
|
3873
3822
|
/**
|
|
3874
|
-
*
|
|
3875
|
-
* @param
|
|
3876
|
-
* @param
|
|
3823
|
+
* Create AccessTokenEntity
|
|
3824
|
+
* @param homeAccountId
|
|
3825
|
+
* @param environment
|
|
3826
|
+
* @param accessToken
|
|
3827
|
+
* @param clientId
|
|
3828
|
+
* @param tenantId
|
|
3829
|
+
* @param scopes
|
|
3830
|
+
* @param expiresOn
|
|
3831
|
+
* @param extExpiresOn
|
|
3877
3832
|
*/
|
|
3878
|
-
function
|
|
3879
|
-
|
|
3880
|
-
|
|
3881
|
-
|
|
3882
|
-
|
|
3883
|
-
|
|
3884
|
-
|
|
3833
|
+
function createAccessTokenEntity(homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, base64Decode, refreshOn, tokenType, userAssertionHash, keyId) {
|
|
3834
|
+
const atEntity = {
|
|
3835
|
+
homeAccountId: homeAccountId,
|
|
3836
|
+
credentialType: CredentialType.ACCESS_TOKEN,
|
|
3837
|
+
secret: accessToken,
|
|
3838
|
+
cachedAt: nowSeconds().toString(),
|
|
3839
|
+
expiresOn: expiresOn.toString(),
|
|
3840
|
+
extendedExpiresOn: extExpiresOn.toString(),
|
|
3841
|
+
environment: environment,
|
|
3842
|
+
clientId: clientId,
|
|
3843
|
+
realm: tenantId,
|
|
3844
|
+
target: scopes,
|
|
3845
|
+
tokenType: tokenType || AuthenticationScheme$1.BEARER,
|
|
3846
|
+
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
3885
3847
|
};
|
|
3886
|
-
if (
|
|
3887
|
-
|
|
3848
|
+
if (userAssertionHash) {
|
|
3849
|
+
atEntity.userAssertionHash = userAssertionHash;
|
|
3888
3850
|
}
|
|
3889
|
-
|
|
3890
|
-
|
|
3851
|
+
if (refreshOn) {
|
|
3852
|
+
atEntity.refreshOn = refreshOn.toString();
|
|
3853
|
+
}
|
|
3854
|
+
/*
|
|
3855
|
+
* Create Access Token With Auth Scheme instead of regular access token
|
|
3856
|
+
* Cast to lower to handle "bearer" from ADFS
|
|
3857
|
+
*/
|
|
3858
|
+
if (atEntity.tokenType?.toLowerCase() !==
|
|
3859
|
+
AuthenticationScheme$1.BEARER.toLowerCase()) {
|
|
3860
|
+
atEntity.credentialType =
|
|
3861
|
+
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
|
|
3862
|
+
switch (atEntity.tokenType) {
|
|
3863
|
+
case AuthenticationScheme$1.POP:
|
|
3864
|
+
// Make sure keyId is present and add it to credential
|
|
3865
|
+
const tokenClaims = extractTokenClaims(accessToken, base64Decode);
|
|
3866
|
+
if (!tokenClaims?.cnf?.kid) {
|
|
3867
|
+
throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
|
|
3868
|
+
}
|
|
3869
|
+
atEntity.keyId = tokenClaims.cnf.kid;
|
|
3870
|
+
break;
|
|
3871
|
+
case AuthenticationScheme$1.SSH:
|
|
3872
|
+
atEntity.keyId = keyId;
|
|
3873
|
+
}
|
|
3874
|
+
}
|
|
3875
|
+
return atEntity;
|
|
3891
3876
|
}
|
|
3892
3877
|
/**
|
|
3893
|
-
*
|
|
3894
|
-
* @param
|
|
3895
|
-
* @param
|
|
3878
|
+
* Create RefreshTokenEntity
|
|
3879
|
+
* @param homeAccountId
|
|
3880
|
+
* @param authenticationResult
|
|
3881
|
+
* @param clientId
|
|
3882
|
+
* @param authority
|
|
3896
3883
|
*/
|
|
3897
|
-
function
|
|
3898
|
-
|
|
3899
|
-
|
|
3884
|
+
function createRefreshTokenEntity(homeAccountId, environment, refreshToken, clientId, familyId, userAssertionHash, expiresOn) {
|
|
3885
|
+
const rtEntity = {
|
|
3886
|
+
credentialType: CredentialType.REFRESH_TOKEN,
|
|
3887
|
+
homeAccountId: homeAccountId,
|
|
3888
|
+
environment: environment,
|
|
3889
|
+
clientId: clientId,
|
|
3890
|
+
secret: refreshToken,
|
|
3891
|
+
lastUpdatedAt: Date.now().toString(),
|
|
3892
|
+
};
|
|
3893
|
+
if (userAssertionHash) {
|
|
3894
|
+
rtEntity.userAssertionHash = userAssertionHash;
|
|
3900
3895
|
}
|
|
3901
|
-
if (
|
|
3902
|
-
|
|
3896
|
+
if (familyId) {
|
|
3897
|
+
rtEntity.familyId = familyId;
|
|
3903
3898
|
}
|
|
3904
|
-
|
|
3905
|
-
|
|
3906
|
-
const splitState = state.split(RESOURCE_DELIM);
|
|
3907
|
-
const libraryState = splitState[0];
|
|
3908
|
-
const userState = splitState.length > 1
|
|
3909
|
-
? splitState.slice(1).join(RESOURCE_DELIM)
|
|
3910
|
-
: "";
|
|
3911
|
-
const libraryStateString = base64Decode(libraryState);
|
|
3912
|
-
const libraryStateObj = JSON.parse(libraryStateString);
|
|
3913
|
-
return {
|
|
3914
|
-
userRequestState: userState || "",
|
|
3915
|
-
libraryState: libraryStateObj,
|
|
3916
|
-
};
|
|
3899
|
+
if (expiresOn) {
|
|
3900
|
+
rtEntity.expiresOn = expiresOn.toString();
|
|
3917
3901
|
}
|
|
3918
|
-
|
|
3919
|
-
|
|
3902
|
+
return rtEntity;
|
|
3903
|
+
}
|
|
3904
|
+
function isCredentialEntity(entity) {
|
|
3905
|
+
return (entity.hasOwnProperty("homeAccountId") &&
|
|
3906
|
+
entity.hasOwnProperty("environment") &&
|
|
3907
|
+
entity.hasOwnProperty("credentialType") &&
|
|
3908
|
+
entity.hasOwnProperty("clientId") &&
|
|
3909
|
+
entity.hasOwnProperty("secret"));
|
|
3910
|
+
}
|
|
3911
|
+
/**
|
|
3912
|
+
* Validates an entity: checks for all expected params
|
|
3913
|
+
* @param entity
|
|
3914
|
+
*/
|
|
3915
|
+
function isAccessTokenEntity(entity) {
|
|
3916
|
+
if (!entity) {
|
|
3917
|
+
return false;
|
|
3920
3918
|
}
|
|
3921
|
-
|
|
3922
|
-
|
|
3923
|
-
|
|
3924
|
-
|
|
3925
|
-
|
|
3926
|
-
|
|
3919
|
+
return (isCredentialEntity(entity) &&
|
|
3920
|
+
entity.hasOwnProperty("realm") &&
|
|
3921
|
+
entity.hasOwnProperty("target") &&
|
|
3922
|
+
(entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
|
|
3923
|
+
entity["credentialType"] ===
|
|
3924
|
+
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
|
|
3925
|
+
}
|
|
3926
|
+
/**
|
|
3927
|
+
* Validates an entity: checks for all expected params
|
|
3928
|
+
* @param entity
|
|
3927
3929
|
*/
|
|
3930
|
+
function isIdTokenEntity(entity) {
|
|
3931
|
+
if (!entity) {
|
|
3932
|
+
return false;
|
|
3933
|
+
}
|
|
3934
|
+
return (isCredentialEntity(entity) &&
|
|
3935
|
+
entity.hasOwnProperty("realm") &&
|
|
3936
|
+
entity["credentialType"] === CredentialType.ID_TOKEN);
|
|
3937
|
+
}
|
|
3928
3938
|
/**
|
|
3929
|
-
*
|
|
3939
|
+
* Validates an entity: checks for all expected params
|
|
3940
|
+
* @param entity
|
|
3930
3941
|
*/
|
|
3942
|
+
function isRefreshTokenEntity(entity) {
|
|
3943
|
+
if (!entity) {
|
|
3944
|
+
return false;
|
|
3945
|
+
}
|
|
3946
|
+
return (isCredentialEntity(entity) &&
|
|
3947
|
+
entity["credentialType"] === CredentialType.REFRESH_TOKEN);
|
|
3948
|
+
}
|
|
3931
3949
|
/**
|
|
3932
|
-
*
|
|
3950
|
+
* validates if a given cache entry is "Telemetry", parses <key,value>
|
|
3951
|
+
* @param key
|
|
3952
|
+
* @param entity
|
|
3933
3953
|
*/
|
|
3934
|
-
function
|
|
3935
|
-
|
|
3936
|
-
|
|
3954
|
+
function isServerTelemetryEntity(key, entity) {
|
|
3955
|
+
const validateKey = key.indexOf(SERVER_TELEM_CACHE_KEY) === 0;
|
|
3956
|
+
let validateEntity = true;
|
|
3957
|
+
if (entity) {
|
|
3958
|
+
validateEntity =
|
|
3959
|
+
entity.hasOwnProperty("failedRequests") &&
|
|
3960
|
+
entity.hasOwnProperty("errors") &&
|
|
3961
|
+
entity.hasOwnProperty("cacheHits");
|
|
3962
|
+
}
|
|
3963
|
+
return validateKey && validateEntity;
|
|
3937
3964
|
}
|
|
3938
3965
|
/**
|
|
3939
|
-
*
|
|
3940
|
-
* @param
|
|
3966
|
+
* validates if a given cache entry is "Throttling", parses <key,value>
|
|
3967
|
+
* @param key
|
|
3968
|
+
* @param entity
|
|
3941
3969
|
*/
|
|
3942
|
-
function
|
|
3943
|
-
|
|
3944
|
-
|
|
3970
|
+
function isThrottlingEntity(key, entity) {
|
|
3971
|
+
let validateKey = false;
|
|
3972
|
+
if (key) {
|
|
3973
|
+
validateKey = key.indexOf(THROTTLING_PREFIX) === 0;
|
|
3974
|
+
}
|
|
3975
|
+
let validateEntity = true;
|
|
3976
|
+
if (entity) {
|
|
3977
|
+
validateEntity = entity.hasOwnProperty("throttleTime");
|
|
3978
|
+
}
|
|
3979
|
+
return validateKey && validateEntity;
|
|
3945
3980
|
}
|
|
3946
3981
|
/**
|
|
3947
|
-
*
|
|
3948
|
-
|
|
3982
|
+
* Generate AppMetadata Cache Key as per the schema: appmetadata-<environment>-<client_id>
|
|
3983
|
+
*/
|
|
3984
|
+
function generateAppMetadataKey({ environment, clientId, }) {
|
|
3985
|
+
const appMetaDataKeyArray = [
|
|
3986
|
+
APP_METADATA,
|
|
3987
|
+
environment,
|
|
3988
|
+
clientId,
|
|
3989
|
+
];
|
|
3990
|
+
return appMetaDataKeyArray
|
|
3991
|
+
.join(CACHE_KEY_SEPARATOR$1)
|
|
3992
|
+
.toLowerCase();
|
|
3993
|
+
}
|
|
3994
|
+
/*
|
|
3995
|
+
* Validates an entity: checks for all expected params
|
|
3996
|
+
* @param entity
|
|
3949
3997
|
*/
|
|
3950
|
-
function
|
|
3951
|
-
if (
|
|
3952
|
-
return
|
|
3998
|
+
function isAppMetadataEntity(key, entity) {
|
|
3999
|
+
if (!entity) {
|
|
4000
|
+
return false;
|
|
3953
4001
|
}
|
|
3954
|
-
return
|
|
4002
|
+
return (key.indexOf(APP_METADATA) === 0 &&
|
|
4003
|
+
entity.hasOwnProperty("clientId") &&
|
|
4004
|
+
entity.hasOwnProperty("environment"));
|
|
3955
4005
|
}
|
|
3956
4006
|
/**
|
|
3957
|
-
*
|
|
3958
|
-
* @param
|
|
4007
|
+
* Validates an entity: checks for all expected params
|
|
4008
|
+
* @param entity
|
|
3959
4009
|
*/
|
|
3960
|
-
function
|
|
3961
|
-
|
|
3962
|
-
|
|
3963
|
-
|
|
3964
|
-
|
|
3965
|
-
|
|
4010
|
+
function isAuthorityMetadataEntity(key, entity) {
|
|
4011
|
+
if (!entity) {
|
|
4012
|
+
return false;
|
|
4013
|
+
}
|
|
4014
|
+
return (key.indexOf(AUTHORITY_METADATA_CACHE_KEY) === 0 &&
|
|
4015
|
+
entity.hasOwnProperty("aliases") &&
|
|
4016
|
+
entity.hasOwnProperty("preferred_cache") &&
|
|
4017
|
+
entity.hasOwnProperty("preferred_network") &&
|
|
4018
|
+
entity.hasOwnProperty("canonical_authority") &&
|
|
4019
|
+
entity.hasOwnProperty("authorization_endpoint") &&
|
|
4020
|
+
entity.hasOwnProperty("token_endpoint") &&
|
|
4021
|
+
entity.hasOwnProperty("issuer") &&
|
|
4022
|
+
entity.hasOwnProperty("aliasesFromNetwork") &&
|
|
4023
|
+
entity.hasOwnProperty("endpointsFromNetwork") &&
|
|
4024
|
+
entity.hasOwnProperty("expiresAt") &&
|
|
4025
|
+
entity.hasOwnProperty("jwks_uri"));
|
|
3966
4026
|
}
|
|
3967
4027
|
/**
|
|
3968
|
-
*
|
|
3969
|
-
* @param lastUpdatedAt
|
|
3970
|
-
* @param cacheRetentionDays
|
|
3971
|
-
* @returns
|
|
4028
|
+
* Reset the exiresAt value
|
|
3972
4029
|
*/
|
|
3973
|
-
function
|
|
3974
|
-
|
|
3975
|
-
|
|
4030
|
+
function generateAuthorityMetadataExpiresAt() {
|
|
4031
|
+
return (nowSeconds() +
|
|
4032
|
+
AUTHORITY_METADATA_REFRESH_TIME_SECONDS);
|
|
4033
|
+
}
|
|
4034
|
+
function updateAuthorityEndpointMetadata(authorityMetadata, updatedValues, fromNetwork) {
|
|
4035
|
+
authorityMetadata.authorization_endpoint =
|
|
4036
|
+
updatedValues.authorization_endpoint;
|
|
4037
|
+
authorityMetadata.token_endpoint = updatedValues.token_endpoint;
|
|
4038
|
+
authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
|
|
4039
|
+
authorityMetadata.issuer = updatedValues.issuer;
|
|
4040
|
+
authorityMetadata.endpointsFromNetwork = fromNetwork;
|
|
4041
|
+
authorityMetadata.jwks_uri = updatedValues.jwks_uri;
|
|
4042
|
+
}
|
|
4043
|
+
function updateCloudDiscoveryMetadata(authorityMetadata, updatedValues, fromNetwork) {
|
|
4044
|
+
authorityMetadata.aliases = updatedValues.aliases;
|
|
4045
|
+
authorityMetadata.preferred_cache = updatedValues.preferred_cache;
|
|
4046
|
+
authorityMetadata.preferred_network = updatedValues.preferred_network;
|
|
4047
|
+
authorityMetadata.aliasesFromNetwork = fromNetwork;
|
|
3976
4048
|
}
|
|
3977
4049
|
/**
|
|
3978
|
-
*
|
|
3979
|
-
* i.e. The system clock was turned back after acquiring the cached token
|
|
3980
|
-
* @param cachedAt
|
|
3981
|
-
* @param offset
|
|
4050
|
+
* Returns whether or not the data needs to be refreshed
|
|
3982
4051
|
*/
|
|
3983
|
-
function
|
|
3984
|
-
|
|
3985
|
-
return cachedAtSec > nowSeconds();
|
|
4052
|
+
function isAuthorityMetadataExpired(metadata) {
|
|
4053
|
+
return metadata.expiresAt <= nowSeconds();
|
|
3986
4054
|
}
|
|
3987
4055
|
|
|
3988
|
-
/*! @azure/msal-common v16.4.
|
|
4056
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3989
4057
|
/*
|
|
3990
4058
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3991
4059
|
* Licensed under the MIT License.
|
|
@@ -4056,7 +4124,7 @@ const RegionDiscoveryGetCurrentVersion = "regionDiscoveryGetCurrentVersion";
|
|
|
4056
4124
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
4057
4125
|
const SetUserData = "setUserData";
|
|
4058
4126
|
|
|
4059
|
-
/*! @azure/msal-common v16.4.
|
|
4127
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4060
4128
|
/*
|
|
4061
4129
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4062
4130
|
* Licensed under the MIT License.
|
|
@@ -4149,7 +4217,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
4149
4217
|
};
|
|
4150
4218
|
};
|
|
4151
4219
|
|
|
4152
|
-
/*! @azure/msal-common v16.4.
|
|
4220
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4153
4221
|
|
|
4154
4222
|
/*
|
|
4155
4223
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4229,293 +4297,226 @@ class PopTokenGenerator {
|
|
|
4229
4297
|
}
|
|
4230
4298
|
}
|
|
4231
4299
|
|
|
4232
|
-
/*! @azure/msal-common v16.4.
|
|
4300
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4233
4301
|
/*
|
|
4234
4302
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4235
4303
|
* Licensed under the MIT License.
|
|
4236
4304
|
*/
|
|
4237
4305
|
/**
|
|
4238
|
-
*
|
|
4239
|
-
*
|
|
4240
|
-
*/ class TokenCacheContext {
|
|
4241
|
-
constructor(tokenCache, hasChanged) {
|
|
4242
|
-
this.cache = tokenCache;
|
|
4243
|
-
this.hasChanged = hasChanged;
|
|
4244
|
-
}
|
|
4245
|
-
/**
|
|
4246
|
-
* boolean which indicates the changes in cache
|
|
4247
|
-
*/
|
|
4248
|
-
get cacheHasChanged() {
|
|
4249
|
-
return this.hasChanged;
|
|
4250
|
-
}
|
|
4251
|
-
/**
|
|
4252
|
-
* function to retrieve the token cache
|
|
4253
|
-
*/
|
|
4254
|
-
get tokenCache() {
|
|
4255
|
-
return this.cache;
|
|
4256
|
-
}
|
|
4257
|
-
}
|
|
4258
|
-
|
|
4259
|
-
/*! @azure/msal-common v16.4.0 2026-03-27 */
|
|
4260
|
-
|
|
4261
|
-
/*
|
|
4262
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4263
|
-
* Licensed under the MIT License.
|
|
4306
|
+
* MSAL-defined interaction required error code indicating no tokens are found in cache.
|
|
4307
|
+
* @public
|
|
4264
4308
|
*/
|
|
4309
|
+
const noTokensFound = "no_tokens_found";
|
|
4265
4310
|
/**
|
|
4266
|
-
*
|
|
4267
|
-
* @
|
|
4268
|
-
* @param authenticationResult
|
|
4269
|
-
* @param clientId
|
|
4270
|
-
* @param authority
|
|
4311
|
+
* MSAL-defined error code indicating a native account is unavailable on the platform.
|
|
4312
|
+
* @public
|
|
4271
4313
|
*/
|
|
4272
|
-
|
|
4273
|
-
const idTokenEntity = {
|
|
4274
|
-
credentialType: CredentialType.ID_TOKEN,
|
|
4275
|
-
homeAccountId: homeAccountId,
|
|
4276
|
-
environment: environment,
|
|
4277
|
-
clientId: clientId,
|
|
4278
|
-
secret: idToken,
|
|
4279
|
-
realm: tenantId,
|
|
4280
|
-
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
4281
|
-
};
|
|
4282
|
-
return idTokenEntity;
|
|
4283
|
-
}
|
|
4314
|
+
const nativeAccountUnavailable = "native_account_unavailable";
|
|
4284
4315
|
/**
|
|
4285
|
-
*
|
|
4286
|
-
* @
|
|
4287
|
-
* @param environment
|
|
4288
|
-
* @param accessToken
|
|
4289
|
-
* @param clientId
|
|
4290
|
-
* @param tenantId
|
|
4291
|
-
* @param scopes
|
|
4292
|
-
* @param expiresOn
|
|
4293
|
-
* @param extExpiresOn
|
|
4316
|
+
* MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
|
|
4317
|
+
* @public
|
|
4294
4318
|
*/
|
|
4295
|
-
|
|
4296
|
-
const atEntity = {
|
|
4297
|
-
homeAccountId: homeAccountId,
|
|
4298
|
-
credentialType: CredentialType.ACCESS_TOKEN,
|
|
4299
|
-
secret: accessToken,
|
|
4300
|
-
cachedAt: nowSeconds().toString(),
|
|
4301
|
-
expiresOn: expiresOn.toString(),
|
|
4302
|
-
extendedExpiresOn: extExpiresOn.toString(),
|
|
4303
|
-
environment: environment,
|
|
4304
|
-
clientId: clientId,
|
|
4305
|
-
realm: tenantId,
|
|
4306
|
-
target: scopes,
|
|
4307
|
-
tokenType: tokenType || AuthenticationScheme$1.BEARER,
|
|
4308
|
-
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
4309
|
-
};
|
|
4310
|
-
if (userAssertionHash) {
|
|
4311
|
-
atEntity.userAssertionHash = userAssertionHash;
|
|
4312
|
-
}
|
|
4313
|
-
if (refreshOn) {
|
|
4314
|
-
atEntity.refreshOn = refreshOn.toString();
|
|
4315
|
-
}
|
|
4316
|
-
/*
|
|
4317
|
-
* Create Access Token With Auth Scheme instead of regular access token
|
|
4318
|
-
* Cast to lower to handle "bearer" from ADFS
|
|
4319
|
-
*/
|
|
4320
|
-
if (atEntity.tokenType?.toLowerCase() !==
|
|
4321
|
-
AuthenticationScheme$1.BEARER.toLowerCase()) {
|
|
4322
|
-
atEntity.credentialType =
|
|
4323
|
-
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
|
|
4324
|
-
switch (atEntity.tokenType) {
|
|
4325
|
-
case AuthenticationScheme$1.POP:
|
|
4326
|
-
// Make sure keyId is present and add it to credential
|
|
4327
|
-
const tokenClaims = extractTokenClaims(accessToken, base64Decode);
|
|
4328
|
-
if (!tokenClaims?.cnf?.kid) {
|
|
4329
|
-
throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
|
|
4330
|
-
}
|
|
4331
|
-
atEntity.keyId = tokenClaims.cnf.kid;
|
|
4332
|
-
break;
|
|
4333
|
-
case AuthenticationScheme$1.SSH:
|
|
4334
|
-
atEntity.keyId = keyId;
|
|
4335
|
-
}
|
|
4336
|
-
}
|
|
4337
|
-
return atEntity;
|
|
4338
|
-
}
|
|
4319
|
+
const refreshTokenExpired = "refresh_token_expired";
|
|
4339
4320
|
/**
|
|
4340
|
-
*
|
|
4341
|
-
* @
|
|
4342
|
-
* @param authenticationResult
|
|
4343
|
-
* @param clientId
|
|
4344
|
-
* @param authority
|
|
4321
|
+
* MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
|
|
4322
|
+
* @public
|
|
4345
4323
|
*/
|
|
4346
|
-
|
|
4347
|
-
const rtEntity = {
|
|
4348
|
-
credentialType: CredentialType.REFRESH_TOKEN,
|
|
4349
|
-
homeAccountId: homeAccountId,
|
|
4350
|
-
environment: environment,
|
|
4351
|
-
clientId: clientId,
|
|
4352
|
-
secret: refreshToken,
|
|
4353
|
-
lastUpdatedAt: Date.now().toString(),
|
|
4354
|
-
};
|
|
4355
|
-
if (userAssertionHash) {
|
|
4356
|
-
rtEntity.userAssertionHash = userAssertionHash;
|
|
4357
|
-
}
|
|
4358
|
-
if (familyId) {
|
|
4359
|
-
rtEntity.familyId = familyId;
|
|
4360
|
-
}
|
|
4361
|
-
if (expiresOn) {
|
|
4362
|
-
rtEntity.expiresOn = expiresOn.toString();
|
|
4363
|
-
}
|
|
4364
|
-
return rtEntity;
|
|
4365
|
-
}
|
|
4366
|
-
function isCredentialEntity(entity) {
|
|
4367
|
-
return (entity.hasOwnProperty("homeAccountId") &&
|
|
4368
|
-
entity.hasOwnProperty("environment") &&
|
|
4369
|
-
entity.hasOwnProperty("credentialType") &&
|
|
4370
|
-
entity.hasOwnProperty("clientId") &&
|
|
4371
|
-
entity.hasOwnProperty("secret"));
|
|
4372
|
-
}
|
|
4324
|
+
const uxNotAllowed = "ux_not_allowed";
|
|
4373
4325
|
/**
|
|
4374
|
-
*
|
|
4375
|
-
* @
|
|
4326
|
+
* Server-originated error code indicating interaction is required to complete the request.
|
|
4327
|
+
* @public
|
|
4376
4328
|
*/
|
|
4377
|
-
|
|
4378
|
-
if (!entity) {
|
|
4379
|
-
return false;
|
|
4380
|
-
}
|
|
4381
|
-
return (isCredentialEntity(entity) &&
|
|
4382
|
-
entity.hasOwnProperty("realm") &&
|
|
4383
|
-
entity.hasOwnProperty("target") &&
|
|
4384
|
-
(entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
|
|
4385
|
-
entity["credentialType"] ===
|
|
4386
|
-
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
|
|
4387
|
-
}
|
|
4329
|
+
const interactionRequired = "interaction_required";
|
|
4388
4330
|
/**
|
|
4389
|
-
*
|
|
4390
|
-
* @
|
|
4331
|
+
* Server-originated error code indicating user consent is required.
|
|
4332
|
+
* @public
|
|
4333
|
+
*/
|
|
4334
|
+
const consentRequired = "consent_required";
|
|
4335
|
+
/**
|
|
4336
|
+
* Server-originated error code indicating user login is required.
|
|
4337
|
+
* @public
|
|
4338
|
+
*/
|
|
4339
|
+
const loginRequired = "login_required";
|
|
4340
|
+
/**
|
|
4341
|
+
* Server-originated error code indicating the token is invalid or corrupted.
|
|
4342
|
+
* @public
|
|
4343
|
+
*/
|
|
4344
|
+
const badToken = "bad_token";
|
|
4345
|
+
/**
|
|
4346
|
+
* Server-originated error code indicating the user is in an interrupted state and interaction is required.
|
|
4347
|
+
* @public
|
|
4348
|
+
*/
|
|
4349
|
+
const interruptedUser = "interrupted_user";
|
|
4350
|
+
|
|
4351
|
+
var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
4352
|
+
__proto__: null,
|
|
4353
|
+
badToken: badToken,
|
|
4354
|
+
consentRequired: consentRequired,
|
|
4355
|
+
interactionRequired: interactionRequired,
|
|
4356
|
+
interruptedUser: interruptedUser,
|
|
4357
|
+
loginRequired: loginRequired,
|
|
4358
|
+
nativeAccountUnavailable: nativeAccountUnavailable,
|
|
4359
|
+
noTokensFound: noTokensFound,
|
|
4360
|
+
refreshTokenExpired: refreshTokenExpired,
|
|
4361
|
+
uxNotAllowed: uxNotAllowed
|
|
4362
|
+
});
|
|
4363
|
+
|
|
4364
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4365
|
+
|
|
4366
|
+
/*
|
|
4367
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4368
|
+
* Licensed under the MIT License.
|
|
4391
4369
|
*/
|
|
4392
|
-
function isIdTokenEntity(entity) {
|
|
4393
|
-
if (!entity) {
|
|
4394
|
-
return false;
|
|
4395
|
-
}
|
|
4396
|
-
return (isCredentialEntity(entity) &&
|
|
4397
|
-
entity.hasOwnProperty("realm") &&
|
|
4398
|
-
entity["credentialType"] === CredentialType.ID_TOKEN);
|
|
4399
|
-
}
|
|
4400
4370
|
/**
|
|
4401
|
-
*
|
|
4402
|
-
* @param entity
|
|
4371
|
+
* InteractionRequiredServerErrorMessage contains string constants used by error codes and messages returned by the server indicating interaction is required
|
|
4403
4372
|
*/
|
|
4404
|
-
|
|
4405
|
-
|
|
4406
|
-
|
|
4407
|
-
|
|
4408
|
-
|
|
4409
|
-
|
|
4410
|
-
|
|
4373
|
+
const InteractionRequiredServerErrorMessage = [
|
|
4374
|
+
interactionRequired,
|
|
4375
|
+
consentRequired,
|
|
4376
|
+
loginRequired,
|
|
4377
|
+
badToken,
|
|
4378
|
+
uxNotAllowed,
|
|
4379
|
+
interruptedUser,
|
|
4380
|
+
];
|
|
4381
|
+
const InteractionRequiredAuthSubErrorMessage = [
|
|
4382
|
+
"message_only",
|
|
4383
|
+
"additional_action",
|
|
4384
|
+
"basic_action",
|
|
4385
|
+
"user_password_expired",
|
|
4386
|
+
"consent_required",
|
|
4387
|
+
"bad_token",
|
|
4388
|
+
"ux_not_allowed",
|
|
4389
|
+
"interrupted_user",
|
|
4390
|
+
];
|
|
4411
4391
|
/**
|
|
4412
|
-
*
|
|
4413
|
-
* @param key
|
|
4414
|
-
* @param entity
|
|
4392
|
+
* Error thrown when user interaction is required.
|
|
4415
4393
|
*/
|
|
4416
|
-
|
|
4417
|
-
|
|
4418
|
-
|
|
4419
|
-
|
|
4420
|
-
|
|
4421
|
-
|
|
4422
|
-
|
|
4423
|
-
|
|
4394
|
+
class InteractionRequiredAuthError extends AuthError {
|
|
4395
|
+
constructor(errorCode, errorMessage, subError, timestamp, traceId, correlationId, claims, errorNo) {
|
|
4396
|
+
super(errorCode, errorMessage, subError);
|
|
4397
|
+
Object.setPrototypeOf(this, InteractionRequiredAuthError.prototype);
|
|
4398
|
+
this.timestamp = timestamp || "";
|
|
4399
|
+
this.traceId = traceId || "";
|
|
4400
|
+
this.correlationId = correlationId || "";
|
|
4401
|
+
this.claims = claims || "";
|
|
4402
|
+
this.name = "InteractionRequiredAuthError";
|
|
4403
|
+
this.errorNo = errorNo;
|
|
4424
4404
|
}
|
|
4425
|
-
return validateKey && validateEntity;
|
|
4426
4405
|
}
|
|
4427
4406
|
/**
|
|
4428
|
-
*
|
|
4429
|
-
* @param
|
|
4430
|
-
* @param
|
|
4407
|
+
* Helper function used to determine if an error thrown by the server requires interaction to resolve
|
|
4408
|
+
* @param errorCode
|
|
4409
|
+
* @param errorString
|
|
4410
|
+
* @param subError
|
|
4431
4411
|
*/
|
|
4432
|
-
function
|
|
4433
|
-
|
|
4434
|
-
|
|
4435
|
-
|
|
4436
|
-
|
|
4437
|
-
|
|
4438
|
-
|
|
4439
|
-
|
|
4440
|
-
|
|
4441
|
-
return
|
|
4412
|
+
function isInteractionRequiredError(errorCode, errorString, subError) {
|
|
4413
|
+
const isInteractionRequiredErrorCode = !!errorCode &&
|
|
4414
|
+
InteractionRequiredServerErrorMessage.indexOf(errorCode) > -1;
|
|
4415
|
+
const isInteractionRequiredSubError = !!subError &&
|
|
4416
|
+
InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
|
|
4417
|
+
const isInteractionRequiredErrorDesc = !!errorString &&
|
|
4418
|
+
InteractionRequiredServerErrorMessage.some((irErrorCode) => {
|
|
4419
|
+
return errorString.indexOf(irErrorCode) > -1;
|
|
4420
|
+
});
|
|
4421
|
+
return (isInteractionRequiredErrorCode ||
|
|
4422
|
+
isInteractionRequiredErrorDesc ||
|
|
4423
|
+
isInteractionRequiredSubError);
|
|
4442
4424
|
}
|
|
4443
4425
|
/**
|
|
4444
|
-
*
|
|
4426
|
+
* Creates an InteractionRequiredAuthError
|
|
4445
4427
|
*/
|
|
4446
|
-
function
|
|
4447
|
-
|
|
4448
|
-
|
|
4449
|
-
|
|
4450
|
-
|
|
4451
|
-
|
|
4452
|
-
return appMetaDataKeyArray
|
|
4453
|
-
.join(CACHE_KEY_SEPARATOR$1)
|
|
4454
|
-
.toLowerCase();
|
|
4455
|
-
}
|
|
4428
|
+
function createInteractionRequiredAuthError(errorCode, errorMessage) {
|
|
4429
|
+
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
4430
|
+
}
|
|
4431
|
+
|
|
4432
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4433
|
+
|
|
4456
4434
|
/*
|
|
4457
|
-
*
|
|
4458
|
-
*
|
|
4435
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4436
|
+
* Licensed under the MIT License.
|
|
4459
4437
|
*/
|
|
4460
|
-
function isAppMetadataEntity(key, entity) {
|
|
4461
|
-
if (!entity) {
|
|
4462
|
-
return false;
|
|
4463
|
-
}
|
|
4464
|
-
return (key.indexOf(APP_METADATA) === 0 &&
|
|
4465
|
-
entity.hasOwnProperty("clientId") &&
|
|
4466
|
-
entity.hasOwnProperty("environment"));
|
|
4467
|
-
}
|
|
4468
4438
|
/**
|
|
4469
|
-
*
|
|
4470
|
-
* @param entity
|
|
4439
|
+
* Error thrown when there is an error with the server code, for example, unavailability.
|
|
4471
4440
|
*/
|
|
4472
|
-
|
|
4473
|
-
|
|
4474
|
-
|
|
4441
|
+
class ServerError extends AuthError {
|
|
4442
|
+
constructor(errorCode, errorMessage, subError, errorNo, status) {
|
|
4443
|
+
super(errorCode, errorMessage, subError);
|
|
4444
|
+
this.name = "ServerError";
|
|
4445
|
+
this.errorNo = errorNo;
|
|
4446
|
+
this.status = status;
|
|
4447
|
+
Object.setPrototypeOf(this, ServerError.prototype);
|
|
4475
4448
|
}
|
|
4476
|
-
|
|
4477
|
-
|
|
4478
|
-
|
|
4479
|
-
|
|
4480
|
-
|
|
4481
|
-
|
|
4482
|
-
|
|
4483
|
-
|
|
4484
|
-
entity.hasOwnProperty("aliasesFromNetwork") &&
|
|
4485
|
-
entity.hasOwnProperty("endpointsFromNetwork") &&
|
|
4486
|
-
entity.hasOwnProperty("expiresAt") &&
|
|
4487
|
-
entity.hasOwnProperty("jwks_uri"));
|
|
4488
|
-
}
|
|
4449
|
+
}
|
|
4450
|
+
|
|
4451
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4452
|
+
|
|
4453
|
+
/*
|
|
4454
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4455
|
+
* Licensed under the MIT License.
|
|
4456
|
+
*/
|
|
4489
4457
|
/**
|
|
4490
|
-
*
|
|
4458
|
+
* Appends user state with random guid, or returns random guid.
|
|
4459
|
+
* @param cryptoObj
|
|
4460
|
+
* @param userState
|
|
4461
|
+
* @param meta
|
|
4491
4462
|
*/
|
|
4492
|
-
function
|
|
4493
|
-
|
|
4494
|
-
|
|
4495
|
-
}
|
|
4496
|
-
|
|
4497
|
-
authorityMetadata.authorization_endpoint =
|
|
4498
|
-
updatedValues.authorization_endpoint;
|
|
4499
|
-
authorityMetadata.token_endpoint = updatedValues.token_endpoint;
|
|
4500
|
-
authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
|
|
4501
|
-
authorityMetadata.issuer = updatedValues.issuer;
|
|
4502
|
-
authorityMetadata.endpointsFromNetwork = fromNetwork;
|
|
4503
|
-
authorityMetadata.jwks_uri = updatedValues.jwks_uri;
|
|
4463
|
+
function setRequestState(cryptoObj, userState, meta) {
|
|
4464
|
+
const libraryState = generateLibraryState(cryptoObj, meta);
|
|
4465
|
+
return userState
|
|
4466
|
+
? `${libraryState}${RESOURCE_DELIM}${userState}`
|
|
4467
|
+
: libraryState;
|
|
4504
4468
|
}
|
|
4505
|
-
|
|
4506
|
-
|
|
4507
|
-
|
|
4508
|
-
|
|
4509
|
-
|
|
4469
|
+
/**
|
|
4470
|
+
* Generates the state value used by the common library.
|
|
4471
|
+
* @param cryptoObj
|
|
4472
|
+
* @param meta
|
|
4473
|
+
*/
|
|
4474
|
+
function generateLibraryState(cryptoObj, meta) {
|
|
4475
|
+
if (!cryptoObj) {
|
|
4476
|
+
throw createClientAuthError(noCryptoObject);
|
|
4477
|
+
}
|
|
4478
|
+
// Create a state object containing a unique id and the timestamp of the request creation
|
|
4479
|
+
const stateObj = {
|
|
4480
|
+
id: cryptoObj.createNewGuid(),
|
|
4481
|
+
};
|
|
4482
|
+
if (meta) {
|
|
4483
|
+
stateObj.meta = meta;
|
|
4484
|
+
}
|
|
4485
|
+
const stateString = JSON.stringify(stateObj);
|
|
4486
|
+
return cryptoObj.base64Encode(stateString);
|
|
4510
4487
|
}
|
|
4511
4488
|
/**
|
|
4512
|
-
*
|
|
4489
|
+
* Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.
|
|
4490
|
+
* @param base64Decode
|
|
4491
|
+
* @param state
|
|
4513
4492
|
*/
|
|
4514
|
-
function
|
|
4515
|
-
|
|
4493
|
+
function parseRequestState(base64Decode, state) {
|
|
4494
|
+
if (!base64Decode) {
|
|
4495
|
+
throw createClientAuthError(noCryptoObject);
|
|
4496
|
+
}
|
|
4497
|
+
if (!state) {
|
|
4498
|
+
throw createClientAuthError(invalidState);
|
|
4499
|
+
}
|
|
4500
|
+
try {
|
|
4501
|
+
// Split the state between library state and user passed state and decode them separately
|
|
4502
|
+
const splitState = state.split(RESOURCE_DELIM);
|
|
4503
|
+
const libraryState = splitState[0];
|
|
4504
|
+
const userState = splitState.length > 1
|
|
4505
|
+
? splitState.slice(1).join(RESOURCE_DELIM)
|
|
4506
|
+
: "";
|
|
4507
|
+
const libraryStateString = base64Decode(libraryState);
|
|
4508
|
+
const libraryStateObj = JSON.parse(libraryStateString);
|
|
4509
|
+
return {
|
|
4510
|
+
userRequestState: userState || "",
|
|
4511
|
+
libraryState: libraryStateObj,
|
|
4512
|
+
};
|
|
4513
|
+
}
|
|
4514
|
+
catch (e) {
|
|
4515
|
+
throw createClientAuthError(invalidState);
|
|
4516
|
+
}
|
|
4516
4517
|
}
|
|
4517
4518
|
|
|
4518
|
-
/*! @azure/msal-common v16.4.
|
|
4519
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4519
4520
|
|
|
4520
4521
|
/*
|
|
4521
4522
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4671,7 +4672,7 @@ class ResponseHandler {
|
|
|
4671
4672
|
if (serverTokenResponse.id_token && !!idTokenClaims) {
|
|
4672
4673
|
cachedIdToken = createIdTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.id_token, this.clientId, claimsTenantId || "");
|
|
4673
4674
|
cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, request.correlationId, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
|
|
4674
|
-
this.logger);
|
|
4675
|
+
this.logger, this.performanceClient);
|
|
4675
4676
|
}
|
|
4676
4677
|
// AccessToken
|
|
4677
4678
|
let cachedAccessToken = null;
|
|
@@ -4822,17 +4823,24 @@ class ResponseHandler {
|
|
|
4822
4823
|
};
|
|
4823
4824
|
}
|
|
4824
4825
|
}
|
|
4825
|
-
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
|
|
4826
|
+
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger, performanceClient) {
|
|
4826
4827
|
logger?.verbose("09jz0t", correlationId);
|
|
4827
|
-
|
|
4828
|
-
|
|
4829
|
-
|
|
4830
|
-
|
|
4831
|
-
|
|
4832
|
-
|
|
4833
|
-
|
|
4834
|
-
|
|
4828
|
+
/*
|
|
4829
|
+
* Check if base account is already cached. Filter by homeAccountId (identifies
|
|
4830
|
+
* the user's home identity) and environment (identifies the cloud) — the two
|
|
4831
|
+
* tenant-agnostic properties that uniquely locate a base AccountEntity.
|
|
4832
|
+
*/
|
|
4833
|
+
const accountEnvironment = environment || authority.getPreferredCache();
|
|
4834
|
+
const matchedAccounts = cacheStorage.getAccountsFilteredBy({ homeAccountId, environment: accountEnvironment }, correlationId);
|
|
4835
|
+
performanceClient?.addFields({ cacheMatchedAccounts: matchedAccounts.length }, correlationId);
|
|
4836
|
+
if (matchedAccounts.length > 1) {
|
|
4837
|
+
/*
|
|
4838
|
+
* Base accounts are expected to be unique for a given homeAccountId in normal cache usage.
|
|
4839
|
+
* If multiple matches exist, ignore the cache hit rather than arbitrarily choosing one.
|
|
4840
|
+
*/
|
|
4841
|
+
logger?.warning("0x7ad1", correlationId);
|
|
4835
4842
|
}
|
|
4843
|
+
const cachedAccount = matchedAccounts.length === 1 ? matchedAccounts[0] : null;
|
|
4836
4844
|
const baseAccount = cachedAccount ||
|
|
4837
4845
|
createAccountEntity({
|
|
4838
4846
|
homeAccountId,
|
|
@@ -4856,7 +4864,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
4856
4864
|
return baseAccount;
|
|
4857
4865
|
}
|
|
4858
4866
|
|
|
4859
|
-
/*! @azure/msal-common v16.4.
|
|
4867
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4860
4868
|
/*
|
|
4861
4869
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4862
4870
|
* Licensed under the MIT License.
|
|
@@ -4866,7 +4874,7 @@ const CcsCredentialType = {
|
|
|
4866
4874
|
UPN: "UPN",
|
|
4867
4875
|
};
|
|
4868
4876
|
|
|
4869
|
-
/*! @azure/msal-common v16.4.
|
|
4877
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4870
4878
|
/*
|
|
4871
4879
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4872
4880
|
* Licensed under the MIT License.
|
|
@@ -4884,7 +4892,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
4884
4892
|
}
|
|
4885
4893
|
}
|
|
4886
4894
|
|
|
4887
|
-
/*! @azure/msal-common v16.4.
|
|
4895
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4888
4896
|
/*
|
|
4889
4897
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4890
4898
|
* Licensed under the MIT License.
|
|
@@ -4905,7 +4913,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
4905
4913
|
};
|
|
4906
4914
|
}
|
|
4907
4915
|
|
|
4908
|
-
/*! @azure/msal-common v16.4.
|
|
4916
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4909
4917
|
|
|
4910
4918
|
/*
|
|
4911
4919
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4991,7 +4999,7 @@ class ThrottlingUtils {
|
|
|
4991
4999
|
}
|
|
4992
5000
|
}
|
|
4993
5001
|
|
|
4994
|
-
/*! @azure/msal-common v16.4.
|
|
5002
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4995
5003
|
|
|
4996
5004
|
/*
|
|
4997
5005
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5022,7 +5030,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
5022
5030
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
5023
5031
|
}
|
|
5024
5032
|
|
|
5025
|
-
/*! @azure/msal-common v16.4.
|
|
5033
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5026
5034
|
|
|
5027
5035
|
/*
|
|
5028
5036
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5136,7 +5144,7 @@ async function sendPostRequest(thumbprint, tokenEndpoint, options, correlationId
|
|
|
5136
5144
|
return response;
|
|
5137
5145
|
}
|
|
5138
5146
|
|
|
5139
|
-
/*! @azure/msal-common v16.4.
|
|
5147
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5140
5148
|
/*
|
|
5141
5149
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5142
5150
|
* Licensed under the MIT License.
|
|
@@ -5148,7 +5156,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
5148
5156
|
response.hasOwnProperty("jwks_uri"));
|
|
5149
5157
|
}
|
|
5150
5158
|
|
|
5151
|
-
/*! @azure/msal-common v16.4.
|
|
5159
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5152
5160
|
/*
|
|
5153
5161
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5154
5162
|
* Licensed under the MIT License.
|
|
@@ -5158,7 +5166,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
5158
5166
|
response.hasOwnProperty("metadata"));
|
|
5159
5167
|
}
|
|
5160
5168
|
|
|
5161
|
-
/*! @azure/msal-common v16.4.
|
|
5169
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5162
5170
|
/*
|
|
5163
5171
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5164
5172
|
* Licensed under the MIT License.
|
|
@@ -5168,7 +5176,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
5168
5176
|
response.hasOwnProperty("error_description"));
|
|
5169
5177
|
}
|
|
5170
5178
|
|
|
5171
|
-
/*! @azure/msal-common v16.4.
|
|
5179
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5172
5180
|
|
|
5173
5181
|
/*
|
|
5174
5182
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5273,7 +5281,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
5273
5281
|
},
|
|
5274
5282
|
};
|
|
5275
5283
|
|
|
5276
|
-
/*! @azure/msal-common v16.4.
|
|
5284
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5277
5285
|
|
|
5278
5286
|
/*
|
|
5279
5287
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6093,7 +6101,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
6093
6101
|
};
|
|
6094
6102
|
}
|
|
6095
6103
|
|
|
6096
|
-
/*! @azure/msal-common v16.4.
|
|
6104
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6097
6105
|
|
|
6098
6106
|
/*
|
|
6099
6107
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6127,7 +6135,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
6127
6135
|
}
|
|
6128
6136
|
}
|
|
6129
6137
|
|
|
6130
|
-
/*! @azure/msal-common v16.4.
|
|
6138
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6131
6139
|
|
|
6132
6140
|
/*
|
|
6133
6141
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6388,7 +6396,7 @@ class AuthorizationCodeClient {
|
|
|
6388
6396
|
}
|
|
6389
6397
|
}
|
|
6390
6398
|
|
|
6391
|
-
/*! @azure/msal-common v16.4.
|
|
6399
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6392
6400
|
|
|
6393
6401
|
/*
|
|
6394
6402
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6613,7 +6621,7 @@ class RefreshTokenClient {
|
|
|
6613
6621
|
}
|
|
6614
6622
|
}
|
|
6615
6623
|
|
|
6616
|
-
/*! @azure/msal-common v16.4.
|
|
6624
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6617
6625
|
|
|
6618
6626
|
/*
|
|
6619
6627
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6729,7 +6737,7 @@ class SilentFlowClient {
|
|
|
6729
6737
|
}
|
|
6730
6738
|
}
|
|
6731
6739
|
|
|
6732
|
-
/*! @azure/msal-common v16.4.
|
|
6740
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6733
6741
|
|
|
6734
6742
|
/*
|
|
6735
6743
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6744,7 +6752,7 @@ const StubbedNetworkModule = {
|
|
|
6744
6752
|
},
|
|
6745
6753
|
};
|
|
6746
6754
|
|
|
6747
|
-
/*! @azure/msal-common v16.4.
|
|
6755
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6748
6756
|
|
|
6749
6757
|
/*
|
|
6750
6758
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6971,7 +6979,7 @@ function extractLoginHint(account) {
|
|
|
6971
6979
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
6972
6980
|
}
|
|
6973
6981
|
|
|
6974
|
-
/*! @azure/msal-common v16.4.
|
|
6982
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6975
6983
|
|
|
6976
6984
|
/*
|
|
6977
6985
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7004,7 +7012,7 @@ function containsResourceParam(params) {
|
|
|
7004
7012
|
return Object.prototype.hasOwnProperty.call(params, "resource");
|
|
7005
7013
|
}
|
|
7006
7014
|
|
|
7007
|
-
/*! @azure/msal-common v16.4.
|
|
7015
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7008
7016
|
|
|
7009
7017
|
/*
|
|
7010
7018
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7062,7 +7070,7 @@ class AuthenticationHeaderParser {
|
|
|
7062
7070
|
}
|
|
7063
7071
|
}
|
|
7064
7072
|
|
|
7065
|
-
/*! @azure/msal-common v16.4.
|
|
7073
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7066
7074
|
/*
|
|
7067
7075
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7068
7076
|
* Licensed under the MIT License.
|
|
@@ -7079,7 +7087,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
7079
7087
|
unexpectedError: unexpectedError
|
|
7080
7088
|
});
|
|
7081
7089
|
|
|
7082
|
-
/*! @azure/msal-common v16.4.
|
|
7090
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7083
7091
|
|
|
7084
7092
|
/*
|
|
7085
7093
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7340,7 +7348,7 @@ class ServerTelemetryManager {
|
|
|
7340
7348
|
}
|
|
7341
7349
|
}
|
|
7342
7350
|
|
|
7343
|
-
/*! @azure/msal-common v16.4.
|
|
7351
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7344
7352
|
|
|
7345
7353
|
/*
|
|
7346
7354
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7361,7 +7369,7 @@ function createJoseHeaderError(code) {
|
|
|
7361
7369
|
return new JoseHeaderError(code);
|
|
7362
7370
|
}
|
|
7363
7371
|
|
|
7364
|
-
/*! @azure/msal-common v16.4.
|
|
7372
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7365
7373
|
/*
|
|
7366
7374
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7367
7375
|
* Licensed under the MIT License.
|
|
@@ -7369,7 +7377,7 @@ function createJoseHeaderError(code) {
|
|
|
7369
7377
|
const missingKidError = "missing_kid_error";
|
|
7370
7378
|
const missingAlgError = "missing_alg_error";
|
|
7371
7379
|
|
|
7372
|
-
/*! @azure/msal-common v16.4.
|
|
7380
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7373
7381
|
|
|
7374
7382
|
/*
|
|
7375
7383
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7409,7 +7417,7 @@ class JoseHeader {
|
|
|
7409
7417
|
}
|
|
7410
7418
|
}
|
|
7411
7419
|
|
|
7412
|
-
/*! @azure/msal-common v16.4.
|
|
7420
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7413
7421
|
|
|
7414
7422
|
/*
|
|
7415
7423
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7939,6 +7947,136 @@ class PerformanceClient {
|
|
|
7939
7947
|
}
|
|
7940
7948
|
}
|
|
7941
7949
|
|
|
7950
|
+
/*
|
|
7951
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7952
|
+
* Licensed under the MIT License.
|
|
7953
|
+
*/
|
|
7954
|
+
/**
|
|
7955
|
+
* acquireTokenFromCache (msal-browser).
|
|
7956
|
+
* Internal API for acquiring token from cache
|
|
7957
|
+
*/
|
|
7958
|
+
const AcquireTokenFromCache = "acquireTokenFromCache";
|
|
7959
|
+
/**
|
|
7960
|
+
* acquireTokenByRefreshToken API (msal-browser and msal-node).
|
|
7961
|
+
* Used to renew an access token using a refresh token against the token endpoint.
|
|
7962
|
+
*/
|
|
7963
|
+
const AcquireTokenByRefreshToken = "acquireTokenByRefreshToken";
|
|
7964
|
+
/**
|
|
7965
|
+
* acquireTokenSilentAsync (msal-browser).
|
|
7966
|
+
* Internal API for acquireTokenSilent.
|
|
7967
|
+
*/
|
|
7968
|
+
const AcquireTokenSilentAsync = "acquireTokenSilentAsync";
|
|
7969
|
+
/**
|
|
7970
|
+
* getPublicKeyThumbprint API in CryptoOpts class (msal-browser).
|
|
7971
|
+
* Used to generate a public/private keypair and generate a public key thumbprint for pop requests.
|
|
7972
|
+
*/
|
|
7973
|
+
const CryptoOptsGetPublicKeyThumbprint = "cryptoOptsGetPublicKeyThumbprint";
|
|
7974
|
+
/**
|
|
7975
|
+
* signJwt API in CryptoOpts class (msal-browser).
|
|
7976
|
+
* Used to signed a pop token.
|
|
7977
|
+
*/
|
|
7978
|
+
const CryptoOptsSignJwt = "cryptoOptsSignJwt";
|
|
7979
|
+
/**
|
|
7980
|
+
* acquireToken API in the SilentCacheClient class (msal-browser).
|
|
7981
|
+
* Used to read access tokens from the cache.
|
|
7982
|
+
*/
|
|
7983
|
+
const SilentCacheClientAcquireToken = "silentCacheClientAcquireToken";
|
|
7984
|
+
/**
|
|
7985
|
+
* acquireToken API in the SilentIframeClient class (msal-browser).
|
|
7986
|
+
* Used to acquire a new set of tokens from the authorize endpoint in a hidden iframe.
|
|
7987
|
+
*/
|
|
7988
|
+
const SilentIframeClientAcquireToken = "silentIframeClientAcquireToken";
|
|
7989
|
+
const AwaitConcurrentIframe = "awaitConcurrentIframe"; // Time spent waiting for a concurrent iframe to complete
|
|
7990
|
+
/**
|
|
7991
|
+
* acquireToken API in SilentRereshClient (msal-browser).
|
|
7992
|
+
* Used to acquire a new set of tokens from the token endpoint using a refresh token.
|
|
7993
|
+
*/
|
|
7994
|
+
const SilentRefreshClientAcquireToken = "silentRefreshClientAcquireToken";
|
|
7995
|
+
/**
|
|
7996
|
+
* getDiscoveredAuthority API in StandardInteractionClient class (msal-browser).
|
|
7997
|
+
* Used to load authority metadata for a request.
|
|
7998
|
+
*/
|
|
7999
|
+
const StandardInteractionClientGetDiscoveredAuthority = "standardInteractionClientGetDiscoveredAuthority";
|
|
8000
|
+
/**
|
|
8001
|
+
* acquireToken API in NativeInteractionClient class (msal-browser).
|
|
8002
|
+
* Used to acquire a token from Native component when native brokering is enabled.
|
|
8003
|
+
*/
|
|
8004
|
+
const NativeInteractionClientAcquireToken = "nativeInteractionClientAcquireToken";
|
|
8005
|
+
/**
|
|
8006
|
+
* acquireTokenByRefreshToken API in RefreshTokenClient (msal-common).
|
|
8007
|
+
*/
|
|
8008
|
+
const RefreshTokenClientAcquireTokenByRefreshToken = "refreshTokenClientAcquireTokenByRefreshToken";
|
|
8009
|
+
/**
|
|
8010
|
+
* acquireTokenBySilentIframe (msal-browser).
|
|
8011
|
+
* Internal API for acquiring token by silent Iframe
|
|
8012
|
+
*/
|
|
8013
|
+
const AcquireTokenBySilentIframe = "acquireTokenBySilentIframe";
|
|
8014
|
+
/**
|
|
8015
|
+
* Internal API for initializing base request in BaseInteractionClient (msal-browser)
|
|
8016
|
+
*/
|
|
8017
|
+
const InitializeBaseRequest = "initializeBaseRequest";
|
|
8018
|
+
/**
|
|
8019
|
+
* Internal API for initializing silent request in SilentCacheClient (msal-browser)
|
|
8020
|
+
*/
|
|
8021
|
+
const InitializeSilentRequest = "initializeSilentRequest";
|
|
8022
|
+
const InitializeCache = "initializeCache";
|
|
8023
|
+
/**
|
|
8024
|
+
* Helper function in SilentIframeClient class (msal-browser).
|
|
8025
|
+
*/
|
|
8026
|
+
const SilentIframeClientTokenHelper = "silentIframeClientTokenHelper";
|
|
8027
|
+
/**
|
|
8028
|
+
* SilentHandler
|
|
8029
|
+
*/
|
|
8030
|
+
const SilentHandlerInitiateAuthRequest = "silentHandlerInitiateAuthRequest";
|
|
8031
|
+
const SilentHandlerMonitorIframeForHash = "silentHandlerMonitorIframeForHash";
|
|
8032
|
+
const SilentHandlerLoadFrameSync = "silentHandlerLoadFrameSync";
|
|
8033
|
+
/**
|
|
8034
|
+
* Helper functions in StandardInteractionClient class (msal-browser)
|
|
8035
|
+
*/
|
|
8036
|
+
const StandardInteractionClientCreateAuthCodeClient = "standardInteractionClientCreateAuthCodeClient";
|
|
8037
|
+
const StandardInteractionClientGetClientConfiguration = "standardInteractionClientGetClientConfiguration";
|
|
8038
|
+
const StandardInteractionClientInitializeAuthorizationRequest = "standardInteractionClientInitializeAuthorizationRequest";
|
|
8039
|
+
const SilentFlowClientAcquireCachedToken = "silentFlowClientAcquireCachedToken";
|
|
8040
|
+
const GetStandardParams = "getStandardParams";
|
|
8041
|
+
const HandleCodeResponse = "handleCodeResponse";
|
|
8042
|
+
const HandleResponseEar = "handleResponseEar";
|
|
8043
|
+
const HandleResponsePlatformBroker = "handleResponsePlatformBroker";
|
|
8044
|
+
const HandleResponseCode = "handleResponseCode";
|
|
8045
|
+
const AuthClientAcquireToken = "authClientAcquireToken";
|
|
8046
|
+
const DeserializeResponse = "deserializeResponse";
|
|
8047
|
+
const AuthorityFactoryCreateDiscoveredInstance = "authorityFactoryCreateDiscoveredInstance";
|
|
8048
|
+
const AcquireTokenByCodeAsync = "acquireTokenByCodeAsync";
|
|
8049
|
+
const HandleRedirectPromiseMeasurement = "handleRedirectPromise";
|
|
8050
|
+
const HandleNativeRedirectPromiseMeasurement = "handleNativeRedirectPromise";
|
|
8051
|
+
const NativeMessageHandlerHandshake = "nativeMessageHandlerHandshake";
|
|
8052
|
+
const RemoveHiddenIframe = "removeHiddenIframe";
|
|
8053
|
+
const ImportExistingCache = "importExistingCache";
|
|
8054
|
+
/**
|
|
8055
|
+
* Crypto Operations
|
|
8056
|
+
*/
|
|
8057
|
+
const GeneratePkceCodes = "generatePkceCodes";
|
|
8058
|
+
const GenerateCodeVerifier = "generateCodeVerifier";
|
|
8059
|
+
const GenerateCodeChallengeFromVerifier = "generateCodeChallengeFromVerifier";
|
|
8060
|
+
const Sha256Digest = "sha256Digest";
|
|
8061
|
+
const GetRandomValues = "getRandomValues";
|
|
8062
|
+
const GenerateHKDF = "generateHKDF";
|
|
8063
|
+
const GenerateBaseKey = "generateBaseKey";
|
|
8064
|
+
const Base64Decode = "base64Decode";
|
|
8065
|
+
const UrlEncodeArr = "urlEncodeArr";
|
|
8066
|
+
const Encrypt = "encrypt";
|
|
8067
|
+
const Decrypt = "decrypt";
|
|
8068
|
+
const GenerateEarKey = "generateEarKey";
|
|
8069
|
+
const DecryptEarResponse = "decryptEarResponse";
|
|
8070
|
+
const LoadAccount = "loadAccount";
|
|
8071
|
+
const LoadIdToken = "loadIdToken";
|
|
8072
|
+
const LoadAccessToken = "loadAccessToken";
|
|
8073
|
+
const LoadRefreshToken = "loadRefreshToken";
|
|
8074
|
+
/**
|
|
8075
|
+
* Background telemetry measurement that tracks whether a late bridge response
|
|
8076
|
+
* arrives after the iframe timeout has already fired.
|
|
8077
|
+
*/
|
|
8078
|
+
const WaitForBridgeLateResponse = "waitForBridgeLateResponse";
|
|
8079
|
+
|
|
7942
8080
|
/*
|
|
7943
8081
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7944
8082
|
* Licensed under the MIT License.
|
|
@@ -8845,20 +8983,35 @@ function cancelPendingBridgeResponse(logger, correlationId) {
|
|
|
8845
8983
|
activeBridgeMonitor = null;
|
|
8846
8984
|
}
|
|
8847
8985
|
}
|
|
8848
|
-
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient) {
|
|
8986
|
+
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient, experimentalConfig) {
|
|
8849
8987
|
return new Promise((resolve, reject) => {
|
|
8850
8988
|
logger.verbose("1rf6em", request.correlationId);
|
|
8851
8989
|
const correlationId = request.correlationId;
|
|
8852
8990
|
performanceClient.addFields({
|
|
8853
8991
|
redirectBridgeTimeoutMs: timeoutMs,
|
|
8992
|
+
lateResponseExperimentEnabled: experimentalConfig?.iframeTimeoutTelemetry || false,
|
|
8854
8993
|
}, correlationId);
|
|
8855
8994
|
const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
|
|
8856
8995
|
const channel = new BroadcastChannel(libraryState.id);
|
|
8857
8996
|
let responseString = undefined;
|
|
8997
|
+
let timedOut$1 = false;
|
|
8998
|
+
let lateTimeoutId;
|
|
8999
|
+
let lateMeasurement;
|
|
8858
9000
|
const timeoutId = window.setTimeout(() => {
|
|
8859
9001
|
// Clear the active monitor
|
|
8860
9002
|
activeBridgeMonitor = null;
|
|
8861
|
-
|
|
9003
|
+
if (experimentalConfig?.iframeTimeoutTelemetry) {
|
|
9004
|
+
lateMeasurement = performanceClient.startMeasurement(WaitForBridgeLateResponse, correlationId);
|
|
9005
|
+
timedOut$1 = true;
|
|
9006
|
+
lateTimeoutId = window.setTimeout(() => {
|
|
9007
|
+
lateMeasurement?.end({ success: false });
|
|
9008
|
+
clearTimeout(lateTimeoutId);
|
|
9009
|
+
channel.close();
|
|
9010
|
+
}, 60000); // 60s late response timeout to allow for telemetry of late responses
|
|
9011
|
+
}
|
|
9012
|
+
else {
|
|
9013
|
+
channel.close();
|
|
9014
|
+
}
|
|
8862
9015
|
reject(createBrowserAuthError(timedOut, "redirect_bridge_timeout"));
|
|
8863
9016
|
}, timeoutMs);
|
|
8864
9017
|
// Track this monitor so it can be cancelled if needed
|
|
@@ -8872,6 +9025,14 @@ async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request,
|
|
|
8872
9025
|
const messageVersion = event?.data && typeof event.data.v === "number"
|
|
8873
9026
|
? event.data.v
|
|
8874
9027
|
: undefined;
|
|
9028
|
+
if (timedOut$1) {
|
|
9029
|
+
lateMeasurement?.end({
|
|
9030
|
+
success: responseString ? true : false,
|
|
9031
|
+
});
|
|
9032
|
+
clearTimeout(lateTimeoutId);
|
|
9033
|
+
channel.close();
|
|
9034
|
+
return;
|
|
9035
|
+
}
|
|
8875
9036
|
performanceClient.addFields({
|
|
8876
9037
|
redirectBridgeMessageVersion: messageVersion,
|
|
8877
9038
|
}, correlationId);
|
|
@@ -9034,131 +9195,6 @@ var BrowserUtils = /*#__PURE__*/Object.freeze({
|
|
|
9034
9195
|
waitForBridgeResponse: waitForBridgeResponse
|
|
9035
9196
|
});
|
|
9036
9197
|
|
|
9037
|
-
/*
|
|
9038
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
9039
|
-
* Licensed under the MIT License.
|
|
9040
|
-
*/
|
|
9041
|
-
/**
|
|
9042
|
-
* acquireTokenFromCache (msal-browser).
|
|
9043
|
-
* Internal API for acquiring token from cache
|
|
9044
|
-
*/
|
|
9045
|
-
const AcquireTokenFromCache = "acquireTokenFromCache";
|
|
9046
|
-
/**
|
|
9047
|
-
* acquireTokenByRefreshToken API (msal-browser and msal-node).
|
|
9048
|
-
* Used to renew an access token using a refresh token against the token endpoint.
|
|
9049
|
-
*/
|
|
9050
|
-
const AcquireTokenByRefreshToken = "acquireTokenByRefreshToken";
|
|
9051
|
-
/**
|
|
9052
|
-
* acquireTokenSilentAsync (msal-browser).
|
|
9053
|
-
* Internal API for acquireTokenSilent.
|
|
9054
|
-
*/
|
|
9055
|
-
const AcquireTokenSilentAsync = "acquireTokenSilentAsync";
|
|
9056
|
-
/**
|
|
9057
|
-
* getPublicKeyThumbprint API in CryptoOpts class (msal-browser).
|
|
9058
|
-
* Used to generate a public/private keypair and generate a public key thumbprint for pop requests.
|
|
9059
|
-
*/
|
|
9060
|
-
const CryptoOptsGetPublicKeyThumbprint = "cryptoOptsGetPublicKeyThumbprint";
|
|
9061
|
-
/**
|
|
9062
|
-
* signJwt API in CryptoOpts class (msal-browser).
|
|
9063
|
-
* Used to signed a pop token.
|
|
9064
|
-
*/
|
|
9065
|
-
const CryptoOptsSignJwt = "cryptoOptsSignJwt";
|
|
9066
|
-
/**
|
|
9067
|
-
* acquireToken API in the SilentCacheClient class (msal-browser).
|
|
9068
|
-
* Used to read access tokens from the cache.
|
|
9069
|
-
*/
|
|
9070
|
-
const SilentCacheClientAcquireToken = "silentCacheClientAcquireToken";
|
|
9071
|
-
/**
|
|
9072
|
-
* acquireToken API in the SilentIframeClient class (msal-browser).
|
|
9073
|
-
* Used to acquire a new set of tokens from the authorize endpoint in a hidden iframe.
|
|
9074
|
-
*/
|
|
9075
|
-
const SilentIframeClientAcquireToken = "silentIframeClientAcquireToken";
|
|
9076
|
-
const AwaitConcurrentIframe = "awaitConcurrentIframe"; // Time spent waiting for a concurrent iframe to complete
|
|
9077
|
-
/**
|
|
9078
|
-
* acquireToken API in SilentRereshClient (msal-browser).
|
|
9079
|
-
* Used to acquire a new set of tokens from the token endpoint using a refresh token.
|
|
9080
|
-
*/
|
|
9081
|
-
const SilentRefreshClientAcquireToken = "silentRefreshClientAcquireToken";
|
|
9082
|
-
/**
|
|
9083
|
-
* getDiscoveredAuthority API in StandardInteractionClient class (msal-browser).
|
|
9084
|
-
* Used to load authority metadata for a request.
|
|
9085
|
-
*/
|
|
9086
|
-
const StandardInteractionClientGetDiscoveredAuthority = "standardInteractionClientGetDiscoveredAuthority";
|
|
9087
|
-
/**
|
|
9088
|
-
* acquireToken API in NativeInteractionClient class (msal-browser).
|
|
9089
|
-
* Used to acquire a token from Native component when native brokering is enabled.
|
|
9090
|
-
*/
|
|
9091
|
-
const NativeInteractionClientAcquireToken = "nativeInteractionClientAcquireToken";
|
|
9092
|
-
/**
|
|
9093
|
-
* acquireTokenByRefreshToken API in RefreshTokenClient (msal-common).
|
|
9094
|
-
*/
|
|
9095
|
-
const RefreshTokenClientAcquireTokenByRefreshToken = "refreshTokenClientAcquireTokenByRefreshToken";
|
|
9096
|
-
/**
|
|
9097
|
-
* acquireTokenBySilentIframe (msal-browser).
|
|
9098
|
-
* Internal API for acquiring token by silent Iframe
|
|
9099
|
-
*/
|
|
9100
|
-
const AcquireTokenBySilentIframe = "acquireTokenBySilentIframe";
|
|
9101
|
-
/**
|
|
9102
|
-
* Internal API for initializing base request in BaseInteractionClient (msal-browser)
|
|
9103
|
-
*/
|
|
9104
|
-
const InitializeBaseRequest = "initializeBaseRequest";
|
|
9105
|
-
/**
|
|
9106
|
-
* Internal API for initializing silent request in SilentCacheClient (msal-browser)
|
|
9107
|
-
*/
|
|
9108
|
-
const InitializeSilentRequest = "initializeSilentRequest";
|
|
9109
|
-
const InitializeCache = "initializeCache";
|
|
9110
|
-
/**
|
|
9111
|
-
* Helper function in SilentIframeClient class (msal-browser).
|
|
9112
|
-
*/
|
|
9113
|
-
const SilentIframeClientTokenHelper = "silentIframeClientTokenHelper";
|
|
9114
|
-
/**
|
|
9115
|
-
* SilentHandler
|
|
9116
|
-
*/
|
|
9117
|
-
const SilentHandlerInitiateAuthRequest = "silentHandlerInitiateAuthRequest";
|
|
9118
|
-
const SilentHandlerMonitorIframeForHash = "silentHandlerMonitorIframeForHash";
|
|
9119
|
-
const SilentHandlerLoadFrameSync = "silentHandlerLoadFrameSync";
|
|
9120
|
-
/**
|
|
9121
|
-
* Helper functions in StandardInteractionClient class (msal-browser)
|
|
9122
|
-
*/
|
|
9123
|
-
const StandardInteractionClientCreateAuthCodeClient = "standardInteractionClientCreateAuthCodeClient";
|
|
9124
|
-
const StandardInteractionClientGetClientConfiguration = "standardInteractionClientGetClientConfiguration";
|
|
9125
|
-
const StandardInteractionClientInitializeAuthorizationRequest = "standardInteractionClientInitializeAuthorizationRequest";
|
|
9126
|
-
const SilentFlowClientAcquireCachedToken = "silentFlowClientAcquireCachedToken";
|
|
9127
|
-
const GetStandardParams = "getStandardParams";
|
|
9128
|
-
const HandleCodeResponse = "handleCodeResponse";
|
|
9129
|
-
const HandleResponseEar = "handleResponseEar";
|
|
9130
|
-
const HandleResponsePlatformBroker = "handleResponsePlatformBroker";
|
|
9131
|
-
const HandleResponseCode = "handleResponseCode";
|
|
9132
|
-
const AuthClientAcquireToken = "authClientAcquireToken";
|
|
9133
|
-
const DeserializeResponse = "deserializeResponse";
|
|
9134
|
-
const AuthorityFactoryCreateDiscoveredInstance = "authorityFactoryCreateDiscoveredInstance";
|
|
9135
|
-
const AcquireTokenByCodeAsync = "acquireTokenByCodeAsync";
|
|
9136
|
-
const HandleRedirectPromiseMeasurement = "handleRedirectPromise";
|
|
9137
|
-
const HandleNativeRedirectPromiseMeasurement = "handleNativeRedirectPromise";
|
|
9138
|
-
const NativeMessageHandlerHandshake = "nativeMessageHandlerHandshake";
|
|
9139
|
-
const RemoveHiddenIframe = "removeHiddenIframe";
|
|
9140
|
-
const ImportExistingCache = "importExistingCache";
|
|
9141
|
-
/**
|
|
9142
|
-
* Crypto Operations
|
|
9143
|
-
*/
|
|
9144
|
-
const GeneratePkceCodes = "generatePkceCodes";
|
|
9145
|
-
const GenerateCodeVerifier = "generateCodeVerifier";
|
|
9146
|
-
const GenerateCodeChallengeFromVerifier = "generateCodeChallengeFromVerifier";
|
|
9147
|
-
const Sha256Digest = "sha256Digest";
|
|
9148
|
-
const GetRandomValues = "getRandomValues";
|
|
9149
|
-
const GenerateHKDF = "generateHKDF";
|
|
9150
|
-
const GenerateBaseKey = "generateBaseKey";
|
|
9151
|
-
const Base64Decode = "base64Decode";
|
|
9152
|
-
const UrlEncodeArr = "urlEncodeArr";
|
|
9153
|
-
const Encrypt = "encrypt";
|
|
9154
|
-
const Decrypt = "decrypt";
|
|
9155
|
-
const GenerateEarKey = "generateEarKey";
|
|
9156
|
-
const DecryptEarResponse = "decryptEarResponse";
|
|
9157
|
-
const LoadAccount = "loadAccount";
|
|
9158
|
-
const LoadIdToken = "loadIdToken";
|
|
9159
|
-
const LoadAccessToken = "loadAccessToken";
|
|
9160
|
-
const LoadRefreshToken = "loadRefreshToken";
|
|
9161
|
-
|
|
9162
9198
|
/*
|
|
9163
9199
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
9164
9200
|
* Licensed under the MIT License.
|
|
@@ -10295,7 +10331,7 @@ const EventType = {
|
|
|
10295
10331
|
|
|
10296
10332
|
/* eslint-disable header/header */
|
|
10297
10333
|
const name = "@azure/msal-browser";
|
|
10298
|
-
const version = "5.6.
|
|
10334
|
+
const version = "5.6.3";
|
|
10299
10335
|
|
|
10300
10336
|
/*
|
|
10301
10337
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -12759,9 +12795,9 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
12759
12795
|
}
|
|
12760
12796
|
// Get the preferred_cache domain for the given authority
|
|
12761
12797
|
const authority = await getDiscoveredAuthority(this.config, this.correlationId, this.performanceClient, this.browserStorage, this.logger, request.authority);
|
|
12762
|
-
const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info,
|
|
12798
|
+
const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info, authority.getPreferredCache(), // environment
|
|
12763
12799
|
idTokenClaims.tid, undefined, // auth code payload
|
|
12764
|
-
response.account.id);
|
|
12800
|
+
response.account.id, this.logger, this.performanceClient);
|
|
12765
12801
|
// Ensure expires_in is in number format
|
|
12766
12802
|
response.expires_in = Number(response.expires_in);
|
|
12767
12803
|
// generate authenticationResult
|
|
@@ -13646,7 +13682,7 @@ const DEFAULT_NATIVE_BROKER_HANDSHAKE_TIMEOUT_MS = 2000;
|
|
|
13646
13682
|
*
|
|
13647
13683
|
* @returns Configuration object
|
|
13648
13684
|
*/
|
|
13649
|
-
function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system: userInputSystem, telemetry: userInputTelemetry, }, isBrowserEnvironment) {
|
|
13685
|
+
function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system: userInputSystem, experimental: userInputExperimental, telemetry: userInputTelemetry, }, isBrowserEnvironment) {
|
|
13650
13686
|
// Default auth options for browser
|
|
13651
13687
|
const DEFAULT_AUTH_OPTIONS = {
|
|
13652
13688
|
clientId: "",
|
|
@@ -13718,6 +13754,9 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
13718
13754
|
},
|
|
13719
13755
|
client: new StubPerformanceClient(),
|
|
13720
13756
|
};
|
|
13757
|
+
const DEFAULT_EXPERIMENTAL_OPTIONS = {
|
|
13758
|
+
iframeTimeoutTelemetry: false,
|
|
13759
|
+
};
|
|
13721
13760
|
// Throw an error if user has set OIDCOptions without being in OIDC protocol mode
|
|
13722
13761
|
if (userInputSystem?.protocolMode !== ProtocolMode.OIDC &&
|
|
13723
13762
|
userInputAuth?.OIDCOptions) {
|
|
@@ -13741,6 +13780,10 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
13741
13780
|
},
|
|
13742
13781
|
cache: { ...DEFAULT_CACHE_OPTIONS, ...userInputCache },
|
|
13743
13782
|
system: providedSystemOptions,
|
|
13783
|
+
experimental: {
|
|
13784
|
+
...DEFAULT_EXPERIMENTAL_OPTIONS,
|
|
13785
|
+
...userInputExperimental,
|
|
13786
|
+
},
|
|
13744
13787
|
telemetry: { ...DEFAULT_TELEMETRY_OPTIONS, ...userInputTelemetry },
|
|
13745
13788
|
};
|
|
13746
13789
|
return overlayedConfig;
|
|
@@ -15266,7 +15309,7 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
15266
15309
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
15267
15310
|
let responseString;
|
|
15268
15311
|
try {
|
|
15269
|
-
responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
15312
|
+
responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient, this.config.experimental);
|
|
15270
15313
|
}
|
|
15271
15314
|
finally {
|
|
15272
15315
|
invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
|
|
@@ -15322,7 +15365,7 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
15322
15365
|
// Wait for response from the redirect bridge.
|
|
15323
15366
|
let responseString;
|
|
15324
15367
|
try {
|
|
15325
|
-
responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
15368
|
+
responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient, this.config.experimental);
|
|
15326
15369
|
}
|
|
15327
15370
|
finally {
|
|
15328
15371
|
invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
|
|
@@ -15582,22 +15625,32 @@ class StandardController {
|
|
|
15582
15625
|
this.nativeInternalStorage = new BrowserCacheManager(this.config.auth.clientId, nativeCacheOptions, this.browserCrypto, this.logger, this.performanceClient, this.eventHandler);
|
|
15583
15626
|
this.activeSilentTokenRequests = new Map();
|
|
15584
15627
|
// Register listener functions
|
|
15585
|
-
this.
|
|
15628
|
+
this.trackStateChange = this.trackStateChange.bind(this);
|
|
15586
15629
|
// Register listener functions
|
|
15587
|
-
this.
|
|
15588
|
-
this.
|
|
15630
|
+
this.trackStateChangeWithMeasurement =
|
|
15631
|
+
this.trackStateChangeWithMeasurement.bind(this);
|
|
15589
15632
|
}
|
|
15590
15633
|
static async createController(operatingContext, request) {
|
|
15591
15634
|
const controller = new StandardController(operatingContext);
|
|
15592
15635
|
await controller.initialize(request);
|
|
15593
15636
|
return controller;
|
|
15594
15637
|
}
|
|
15595
|
-
|
|
15638
|
+
trackStateChange(correlationId, event) {
|
|
15596
15639
|
if (!correlationId) {
|
|
15597
15640
|
return;
|
|
15598
15641
|
}
|
|
15599
|
-
|
|
15600
|
-
|
|
15642
|
+
if (event.type === "visibilitychange") {
|
|
15643
|
+
this.logger.info("16v6hv", correlationId);
|
|
15644
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
|
|
15645
|
+
}
|
|
15646
|
+
else if (event.type === "online") {
|
|
15647
|
+
this.logger.info("0zirfd", correlationId);
|
|
15648
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
15649
|
+
}
|
|
15650
|
+
else if (event.type === "offline") {
|
|
15651
|
+
this.logger.info("1xk9ef", correlationId);
|
|
15652
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
15653
|
+
}
|
|
15601
15654
|
}
|
|
15602
15655
|
/**
|
|
15603
15656
|
* Initializer function to perform async startup tasks such as connecting to WAM extension
|
|
@@ -15939,15 +15992,40 @@ class StandardController {
|
|
|
15939
15992
|
}
|
|
15940
15993
|
});
|
|
15941
15994
|
}
|
|
15942
|
-
|
|
15995
|
+
trackStateChangeWithMeasurement(event) {
|
|
15943
15996
|
const measurement = this.ssoSilentMeasurement ||
|
|
15944
15997
|
this.acquireTokenByCodeAsyncMeasurement;
|
|
15945
15998
|
if (!measurement) {
|
|
15946
15999
|
return;
|
|
15947
16000
|
}
|
|
15948
|
-
|
|
15949
|
-
|
|
15950
|
-
|
|
16001
|
+
if (event.type === "visibilitychange") {
|
|
16002
|
+
this.logger.info("0yzimq", measurement.event.correlationId);
|
|
16003
|
+
measurement.increment({
|
|
16004
|
+
visibilityChangeCount: 1,
|
|
16005
|
+
});
|
|
16006
|
+
}
|
|
16007
|
+
else if (event.type === "online") {
|
|
16008
|
+
this.logger.info("1caf53", measurement.event.correlationId);
|
|
16009
|
+
measurement.increment({
|
|
16010
|
+
onlineStatusChangeCount: 1,
|
|
16011
|
+
});
|
|
16012
|
+
}
|
|
16013
|
+
else if (event.type === "offline") {
|
|
16014
|
+
this.logger.info("0fdyk7", measurement.event.correlationId);
|
|
16015
|
+
measurement.increment({
|
|
16016
|
+
onlineStatusChangeCount: 1,
|
|
16017
|
+
});
|
|
16018
|
+
}
|
|
16019
|
+
}
|
|
16020
|
+
addStateChangeListeners(listener) {
|
|
16021
|
+
document.addEventListener("visibilitychange", listener);
|
|
16022
|
+
window.addEventListener("online", listener);
|
|
16023
|
+
window.addEventListener("offline", listener);
|
|
16024
|
+
}
|
|
16025
|
+
removeStateChangeListeners(listener) {
|
|
16026
|
+
document.removeEventListener("visibilitychange", listener);
|
|
16027
|
+
window.removeEventListener("online", listener);
|
|
16028
|
+
window.removeEventListener("offline", listener);
|
|
15951
16029
|
}
|
|
15952
16030
|
// #endregion
|
|
15953
16031
|
// #region Silent Flow
|
|
@@ -15981,8 +16059,9 @@ class StandardController {
|
|
|
15981
16059
|
preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
|
|
15982
16060
|
this.ssoSilentMeasurement?.increment({
|
|
15983
16061
|
visibilityChangeCount: 0,
|
|
16062
|
+
onlineStatusChangeCount: 0,
|
|
15984
16063
|
});
|
|
15985
|
-
|
|
16064
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
15986
16065
|
const loggedInAccounts = this.getAllAccounts();
|
|
15987
16066
|
this.logger.verbose("0w1b45", correlationId);
|
|
15988
16067
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Silent, validRequest);
|
|
@@ -16025,7 +16104,7 @@ class StandardController {
|
|
|
16025
16104
|
throw e;
|
|
16026
16105
|
})
|
|
16027
16106
|
.finally(() => {
|
|
16028
|
-
|
|
16107
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
16029
16108
|
});
|
|
16030
16109
|
}
|
|
16031
16110
|
/**
|
|
@@ -16132,8 +16211,9 @@ class StandardController {
|
|
|
16132
16211
|
this.performanceClient.startMeasurement(AcquireTokenByCodeAsync, correlationId);
|
|
16133
16212
|
this.acquireTokenByCodeAsyncMeasurement?.increment({
|
|
16134
16213
|
visibilityChangeCount: 0,
|
|
16214
|
+
onlineStatusChangeCount: 0,
|
|
16135
16215
|
});
|
|
16136
|
-
|
|
16216
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
16137
16217
|
const silentAuthCodeClient = this.createSilentAuthCodeClient(correlationId);
|
|
16138
16218
|
const silentTokenResult = await silentAuthCodeClient
|
|
16139
16219
|
.acquireToken(request)
|
|
@@ -16152,7 +16232,7 @@ class StandardController {
|
|
|
16152
16232
|
throw tokenRenewalError;
|
|
16153
16233
|
})
|
|
16154
16234
|
.finally(() => {
|
|
16155
|
-
|
|
16235
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
16156
16236
|
});
|
|
16157
16237
|
return silentTokenResult;
|
|
16158
16238
|
}
|
|
@@ -16614,12 +16694,12 @@ class StandardController {
|
|
|
16614
16694
|
* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
|
|
16615
16695
|
*/
|
|
16616
16696
|
async acquireTokenSilentAsync(request, account) {
|
|
16617
|
-
const
|
|
16697
|
+
const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
|
|
16618
16698
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, request.correlationId, exports.InteractionType.Silent, request);
|
|
16619
16699
|
if (request.correlationId) {
|
|
16620
|
-
this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
|
|
16700
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
|
|
16621
16701
|
}
|
|
16622
|
-
|
|
16702
|
+
this.addStateChangeListeners(trackStateChange);
|
|
16623
16703
|
const silentRequest = await invokeAsync(initializeSilentRequest, InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
|
|
16624
16704
|
const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
|
|
16625
16705
|
const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
|
|
@@ -16701,7 +16781,7 @@ class StandardController {
|
|
|
16701
16781
|
throw tokenRenewalError;
|
|
16702
16782
|
})
|
|
16703
16783
|
.finally(() => {
|
|
16704
|
-
|
|
16784
|
+
this.removeStateChangeListeners(trackStateChange);
|
|
16705
16785
|
});
|
|
16706
16786
|
}
|
|
16707
16787
|
/**
|
|
@@ -18301,7 +18381,7 @@ async function loadExternalTokens(config, request, response, options, performanc
|
|
|
18301
18381
|
const storage = new BrowserCacheManager(browserConfig.auth.clientId, browserConfig.cache, cryptoOps, logger, browserConfig.telemetry.client, new EventHandler(logger), buildStaticAuthorityOptions(browserConfig.auth));
|
|
18302
18382
|
const authorityString = request.authority || browserConfig.auth.authority;
|
|
18303
18383
|
const authority = await createDiscoveredInstance(Authority.generateAuthority(authorityString, request.azureCloudOptions), browserConfig.system.networkClient, storage, authorityOptions, logger, correlationId, performanceClient);
|
|
18304
|
-
const cacheRecordAccount = await invokeAsync(loadAccount, LoadAccount, logger, performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, storage, logger, cryptoOps, authority, idTokenClaims);
|
|
18384
|
+
const cacheRecordAccount = await invokeAsync(loadAccount, LoadAccount, logger, performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, storage, logger, cryptoOps, authority, idTokenClaims, performanceClient);
|
|
18305
18385
|
const idToken = await invokeAsync(loadIdToken, LoadIdToken, logger, performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, kmsi, correlationId, storage, logger, config.auth.clientId);
|
|
18306
18386
|
const accessToken = await invokeAsync(loadAccessToken, LoadAccessToken, logger, performanceClient, correlationId)(request, response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, kmsi, options, correlationId, storage, logger, config.auth.clientId);
|
|
18307
18387
|
const refreshToken = await invokeAsync(loadRefreshToken, LoadRefreshToken, logger, performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, kmsi, correlationId, storage, logger, config.auth.clientId, performanceClient);
|
|
@@ -18327,7 +18407,7 @@ async function loadExternalTokens(config, request, response, options, performanc
|
|
|
18327
18407
|
* @param requestHomeAccountId
|
|
18328
18408
|
* @returns `AccountEntity`
|
|
18329
18409
|
*/
|
|
18330
|
-
async function loadAccount(request, clientInfo, correlationId, storage, logger, cryptoObj, authority, idTokenClaims) {
|
|
18410
|
+
async function loadAccount(request, clientInfo, correlationId, storage, logger, cryptoObj, authority, idTokenClaims, performanceClient) {
|
|
18331
18411
|
logger.verbose("0ke46k", correlationId);
|
|
18332
18412
|
if (request.account) {
|
|
18333
18413
|
const accountEntity = createAccountEntityFromAccountInfo(request.account);
|
|
@@ -18342,7 +18422,7 @@ async function loadAccount(request, clientInfo, correlationId, storage, logger,
|
|
|
18342
18422
|
const claimsTenantId = idTokenClaims?.tid;
|
|
18343
18423
|
const cachedAccount = buildAccountToCache(storage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, authority.getPreferredCache(), claimsTenantId, undefined, // authCodePayload
|
|
18344
18424
|
undefined, // nativeAccountId
|
|
18345
|
-
logger);
|
|
18425
|
+
logger, performanceClient);
|
|
18346
18426
|
await storage.setAccount(cachedAccount, correlationId, isKmsi(idTokenClaims || {}), ApiId.loadExternalTokens);
|
|
18347
18427
|
return cachedAccount;
|
|
18348
18428
|
}
|
|
@@ -18614,6 +18694,9 @@ class BrowserPerformanceClient extends PerformanceClient {
|
|
|
18614
18694
|
getPageVisibility() {
|
|
18615
18695
|
return document.visibilityState?.toString() || null;
|
|
18616
18696
|
}
|
|
18697
|
+
getOnlineStatus() {
|
|
18698
|
+
return typeof navigator !== "undefined" ? navigator.onLine : null;
|
|
18699
|
+
}
|
|
18617
18700
|
deleteIncompleteSubMeasurements(inProgressEvent) {
|
|
18618
18701
|
void getPerfMeasurementModule()?.then((module) => {
|
|
18619
18702
|
const rootEvent = this.eventsByCorrelationId.get(inProgressEvent.event.correlationId);
|
|
@@ -18640,6 +18723,7 @@ class BrowserPerformanceClient extends PerformanceClient {
|
|
|
18640
18723
|
startMeasurement(measureName, correlationId) {
|
|
18641
18724
|
// Capture page visibilityState and then invoke start/end measurement
|
|
18642
18725
|
const startPageVisibility = this.getPageVisibility();
|
|
18726
|
+
const startOnlineStatus = this.getOnlineStatus();
|
|
18643
18727
|
const inProgressEvent = super.startMeasurement(measureName, correlationId);
|
|
18644
18728
|
const startTime = supportsBrowserPerformanceNow()
|
|
18645
18729
|
? window.performance.now()
|
|
@@ -18655,6 +18739,7 @@ class BrowserPerformanceClient extends PerformanceClient {
|
|
|
18655
18739
|
const res = inProgressEvent.end({
|
|
18656
18740
|
...event,
|
|
18657
18741
|
startPageVisibility,
|
|
18742
|
+
startOnlineStatus,
|
|
18658
18743
|
endPageVisibility: this.getPageVisibility(),
|
|
18659
18744
|
durationMs: getPerfDurationMs(startTime),
|
|
18660
18745
|
networkEffectiveType: networkInfo.effectiveType,
|