@azure/msal-browser 5.6.2 → 5.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.d.ts.map +1 -1
- package/dist/cache/TokenCache.mjs +9 -9
- package/dist/cache/TokenCache.mjs.map +1 -1
- package/dist/config/Configuration.d.ts +13 -1
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +9 -2
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +4 -2
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +56 -19
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +13 -1
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +9 -2
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts +4 -2
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +56 -19
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/index.d.ts +1 -1
- package/dist/custom-auth-path/index.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +23 -3
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +8 -3
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts +2 -2
- package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +27 -3
- package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +1 -1
- package/dist/index.mjs.map +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +3 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +31 -11
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/cache/TokenCache.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.d.ts +13 -1
- package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/controllers/StandardController.d.ts +4 -2
- package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/index.d.ts +1 -1
- package/dist/redirect-bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts +2 -2
- package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +6 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/dist/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +8 -3
- package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.d.ts +2 -2
- package/dist/utils/BrowserUtils.d.ts.map +1 -1
- package/dist/utils/BrowserUtils.mjs +27 -3
- package/dist/utils/BrowserUtils.mjs.map +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +23 -3
- package/lib/custom-auth-path/msal-custom-auth.cjs +620 -541
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +13 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts +4 -2
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts +1 -1
- package/lib/custom-auth-path/types/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
- package/lib/log-strings-mapping.json +31 -11
- package/lib/msal-browser.cjs +768 -683
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +768 -683
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
- package/lib/types/cache/TokenCache.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +13 -1
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +4 -2
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/index.d.ts +1 -1
- package/lib/types/index.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
- package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts +5 -0
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/lib/types/utils/BrowserUtils.d.ts +2 -2
- package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/cache/TokenCache.ts +27 -24
- package/src/config/Configuration.ts +22 -0
- package/src/controllers/StandardController.ts +84 -35
- package/src/index.ts +1 -0
- package/src/interaction_client/PlatformAuthInteractionClient.ts +55 -53
- package/src/interaction_client/SilentIframeClient.ts +4 -2
- package/src/packageMetadata.ts +1 -1
- package/src/telemetry/BrowserPerformanceClient.ts +6 -0
- package/src/telemetry/BrowserPerformanceEvents.ts +6 -0
- package/src/utils/BrowserUtils.ts +36 -4
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.6.
|
|
1
|
+
/*! @azure/msal-browser v5.6.3 2026-04-01 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v16.4.
|
|
5
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -229,7 +229,7 @@ const JsonWebTokenTypes = {
|
|
|
229
229
|
// Token renewal offset default in seconds
|
|
230
230
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
231
231
|
|
|
232
|
-
/*! @azure/msal-common v16.4.
|
|
232
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
233
233
|
/*
|
|
234
234
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
235
235
|
* Licensed under the MIT License.
|
|
@@ -281,7 +281,7 @@ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
|
281
281
|
const RESOURCE = "resource";
|
|
282
282
|
const CLI_DATA = "clidata";
|
|
283
283
|
|
|
284
|
-
/*! @azure/msal-common v16.4.
|
|
284
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
285
285
|
/*
|
|
286
286
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
287
287
|
* Licensed under the MIT License.
|
|
@@ -312,7 +312,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
312
312
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
313
313
|
}
|
|
314
314
|
|
|
315
|
-
/*! @azure/msal-common v16.4.
|
|
315
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
316
316
|
|
|
317
317
|
/*
|
|
318
318
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -332,7 +332,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
332
332
|
return new ClientConfigurationError(errorCode);
|
|
333
333
|
}
|
|
334
334
|
|
|
335
|
-
/*! @azure/msal-common v16.4.
|
|
335
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
336
336
|
/*
|
|
337
337
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
338
338
|
* Licensed under the MIT License.
|
|
@@ -412,7 +412,7 @@ class StringUtils {
|
|
|
412
412
|
}
|
|
413
413
|
}
|
|
414
414
|
|
|
415
|
-
/*! @azure/msal-common v16.4.
|
|
415
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
416
416
|
|
|
417
417
|
/*
|
|
418
418
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -435,7 +435,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
435
435
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
436
436
|
}
|
|
437
437
|
|
|
438
|
-
/*! @azure/msal-common v16.4.
|
|
438
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
439
439
|
/*
|
|
440
440
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
441
441
|
* Licensed under the MIT License.
|
|
@@ -459,7 +459,7 @@ const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
|
459
459
|
const authorityMismatch = "authority_mismatch";
|
|
460
460
|
const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
461
461
|
|
|
462
|
-
/*! @azure/msal-common v16.4.
|
|
462
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
463
463
|
/*
|
|
464
464
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
465
465
|
* Licensed under the MIT License.
|
|
@@ -498,7 +498,7 @@ const methodNotImplemented = "method_not_implemented";
|
|
|
498
498
|
const resourceParameterRequired = "resource_parameter_required";
|
|
499
499
|
const misplacedResourceParam = "misplaced_resource_parameter";
|
|
500
500
|
|
|
501
|
-
/*! @azure/msal-common v16.4.
|
|
501
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
502
502
|
|
|
503
503
|
/*
|
|
504
504
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -693,7 +693,7 @@ class ScopeSet {
|
|
|
693
693
|
}
|
|
694
694
|
}
|
|
695
695
|
|
|
696
|
-
/*! @azure/msal-common v16.4.
|
|
696
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
697
697
|
|
|
698
698
|
/*
|
|
699
699
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1071,7 +1071,7 @@ function addResource(parameters, resource) {
|
|
|
1071
1071
|
}
|
|
1072
1072
|
}
|
|
1073
1073
|
|
|
1074
|
-
/*! @azure/msal-common v16.4.
|
|
1074
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1075
1075
|
|
|
1076
1076
|
/*
|
|
1077
1077
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1180,7 +1180,7 @@ function normalizeUrlForComparison(url) {
|
|
|
1180
1180
|
}
|
|
1181
1181
|
}
|
|
1182
1182
|
|
|
1183
|
-
/*! @azure/msal-common v16.4.
|
|
1183
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1184
1184
|
|
|
1185
1185
|
/*
|
|
1186
1186
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1219,7 +1219,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
1219
1219
|
},
|
|
1220
1220
|
};
|
|
1221
1221
|
|
|
1222
|
-
/*! @azure/msal-common v16.4.
|
|
1222
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1223
1223
|
/*
|
|
1224
1224
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1225
1225
|
* Licensed under the MIT License.
|
|
@@ -1480,12 +1480,12 @@ class Logger {
|
|
|
1480
1480
|
}
|
|
1481
1481
|
}
|
|
1482
1482
|
|
|
1483
|
-
/*! @azure/msal-common v16.4.
|
|
1483
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1484
1484
|
/* eslint-disable header/header */
|
|
1485
1485
|
const name$1 = "@azure/msal-common";
|
|
1486
|
-
const version$1 = "16.4.
|
|
1486
|
+
const version$1 = "16.4.1";
|
|
1487
1487
|
|
|
1488
|
-
/*! @azure/msal-common v16.4.
|
|
1488
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1489
1489
|
/*
|
|
1490
1490
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1491
1491
|
* Licensed under the MIT License.
|
|
@@ -1494,7 +1494,7 @@ const AzureCloudInstance = {
|
|
|
1494
1494
|
// AzureCloudInstance is not specified.
|
|
1495
1495
|
None: "none"};
|
|
1496
1496
|
|
|
1497
|
-
/*! @azure/msal-common v16.4.
|
|
1497
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1498
1498
|
/*
|
|
1499
1499
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1500
1500
|
* Licensed under the MIT License.
|
|
@@ -1576,7 +1576,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1576
1576
|
return updatedAccountInfo;
|
|
1577
1577
|
}
|
|
1578
1578
|
|
|
1579
|
-
/*! @azure/msal-common v16.4.
|
|
1579
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1580
1580
|
|
|
1581
1581
|
/*
|
|
1582
1582
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1656,7 +1656,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1656
1656
|
}
|
|
1657
1657
|
}
|
|
1658
1658
|
|
|
1659
|
-
/*! @azure/msal-common v16.4.
|
|
1659
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1660
1660
|
|
|
1661
1661
|
/*
|
|
1662
1662
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1813,7 +1813,7 @@ class UrlString {
|
|
|
1813
1813
|
}
|
|
1814
1814
|
}
|
|
1815
1815
|
|
|
1816
|
-
/*! @azure/msal-common v16.4.
|
|
1816
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1817
1817
|
|
|
1818
1818
|
/*
|
|
1819
1819
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1970,7 +1970,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
1970
1970
|
return null;
|
|
1971
1971
|
}
|
|
1972
1972
|
|
|
1973
|
-
/*! @azure/msal-common v16.4.
|
|
1973
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1974
1974
|
/*
|
|
1975
1975
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1976
1976
|
* Licensed under the MIT License.
|
|
@@ -1978,7 +1978,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
1978
1978
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
1979
1979
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
1980
1980
|
|
|
1981
|
-
/*! @azure/msal-common v16.4.
|
|
1981
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
1982
1982
|
|
|
1983
1983
|
/*
|
|
1984
1984
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2016,7 +2016,7 @@ function createCacheError(e) {
|
|
|
2016
2016
|
}
|
|
2017
2017
|
}
|
|
2018
2018
|
|
|
2019
|
-
/*! @azure/msal-common v16.4.
|
|
2019
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2020
2020
|
|
|
2021
2021
|
/*
|
|
2022
2022
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2054,7 +2054,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
2054
2054
|
};
|
|
2055
2055
|
}
|
|
2056
2056
|
|
|
2057
|
-
/*! @azure/msal-common v16.4.
|
|
2057
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2058
2058
|
/*
|
|
2059
2059
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2060
2060
|
* Licensed under the MIT License.
|
|
@@ -2069,7 +2069,7 @@ const AuthorityType = {
|
|
|
2069
2069
|
Ciam: 3,
|
|
2070
2070
|
};
|
|
2071
2071
|
|
|
2072
|
-
/*! @azure/msal-common v16.4.
|
|
2072
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2073
2073
|
/*
|
|
2074
2074
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2075
2075
|
* Licensed under the MIT License.
|
|
@@ -2091,7 +2091,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
2091
2091
|
return null;
|
|
2092
2092
|
}
|
|
2093
2093
|
|
|
2094
|
-
/*! @azure/msal-common v16.4.
|
|
2094
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2095
2095
|
/*
|
|
2096
2096
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2097
2097
|
* Licensed under the MIT License.
|
|
@@ -2115,7 +2115,7 @@ const ProtocolMode = {
|
|
|
2115
2115
|
EAR: "EAR",
|
|
2116
2116
|
};
|
|
2117
2117
|
|
|
2118
|
-
/*! @azure/msal-common v16.4.
|
|
2118
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2119
2119
|
/**
|
|
2120
2120
|
* Returns the AccountInfo interface for this account.
|
|
2121
2121
|
*/
|
|
@@ -2290,7 +2290,7 @@ function isAccountEntity(entity) {
|
|
|
2290
2290
|
entity.hasOwnProperty("authorityType"));
|
|
2291
2291
|
}
|
|
2292
2292
|
|
|
2293
|
-
/*! @azure/msal-common v16.4.
|
|
2293
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2294
2294
|
|
|
2295
2295
|
/*
|
|
2296
2296
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3391,7 +3391,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3391
3391
|
}
|
|
3392
3392
|
}
|
|
3393
3393
|
|
|
3394
|
-
/*! @azure/msal-common v16.4.
|
|
3394
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3395
3395
|
/*
|
|
3396
3396
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3397
3397
|
* Licensed under the MIT License.
|
|
@@ -3405,7 +3405,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3405
3405
|
const PerformanceEventStatus = {
|
|
3406
3406
|
InProgress: 1};
|
|
3407
3407
|
|
|
3408
|
-
/*! @azure/msal-common v16.4.
|
|
3408
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3409
3409
|
|
|
3410
3410
|
/*
|
|
3411
3411
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3460,7 +3460,7 @@ class StubPerformanceClient {
|
|
|
3460
3460
|
}
|
|
3461
3461
|
}
|
|
3462
3462
|
|
|
3463
|
-
/*! @azure/msal-common v16.4.
|
|
3463
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3464
3464
|
|
|
3465
3465
|
/*
|
|
3466
3466
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3555,278 +3555,358 @@ function isOidcProtocolMode(config) {
|
|
|
3555
3555
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3556
3556
|
}
|
|
3557
3557
|
|
|
3558
|
-
/*! @azure/msal-common v16.4.
|
|
3559
|
-
|
|
3558
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3560
3559
|
/*
|
|
3561
3560
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3562
3561
|
* Licensed under the MIT License.
|
|
3563
3562
|
*/
|
|
3564
3563
|
/**
|
|
3565
|
-
*
|
|
3566
|
-
|
|
3567
|
-
|
|
3568
|
-
constructor(
|
|
3569
|
-
|
|
3570
|
-
this.
|
|
3571
|
-
|
|
3572
|
-
|
|
3573
|
-
|
|
3564
|
+
* This class instance helps track the memory changes facilitating
|
|
3565
|
+
* decisions to read from and write to the persistent cache
|
|
3566
|
+
*/ class TokenCacheContext {
|
|
3567
|
+
constructor(tokenCache, hasChanged) {
|
|
3568
|
+
this.cache = tokenCache;
|
|
3569
|
+
this.hasChanged = hasChanged;
|
|
3570
|
+
}
|
|
3571
|
+
/**
|
|
3572
|
+
* boolean which indicates the changes in cache
|
|
3573
|
+
*/
|
|
3574
|
+
get cacheHasChanged() {
|
|
3575
|
+
return this.hasChanged;
|
|
3576
|
+
}
|
|
3577
|
+
/**
|
|
3578
|
+
* function to retrieve the token cache
|
|
3579
|
+
*/
|
|
3580
|
+
get tokenCache() {
|
|
3581
|
+
return this.cache;
|
|
3574
3582
|
}
|
|
3575
3583
|
}
|
|
3576
3584
|
|
|
3577
|
-
/*! @azure/msal-common v16.4.
|
|
3585
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3578
3586
|
/*
|
|
3579
3587
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3580
3588
|
* Licensed under the MIT License.
|
|
3581
3589
|
*/
|
|
3582
3590
|
/**
|
|
3583
|
-
*
|
|
3584
|
-
* @public
|
|
3585
|
-
*/
|
|
3586
|
-
const noTokensFound = "no_tokens_found";
|
|
3587
|
-
/**
|
|
3588
|
-
* MSAL-defined error code indicating a native account is unavailable on the platform.
|
|
3589
|
-
* @public
|
|
3590
|
-
*/
|
|
3591
|
-
const nativeAccountUnavailable = "native_account_unavailable";
|
|
3592
|
-
/**
|
|
3593
|
-
* MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
|
|
3594
|
-
* @public
|
|
3591
|
+
* Utility functions for managing date and time operations.
|
|
3595
3592
|
*/
|
|
3596
|
-
const refreshTokenExpired = "refresh_token_expired";
|
|
3597
3593
|
/**
|
|
3598
|
-
*
|
|
3599
|
-
* @public
|
|
3594
|
+
* return the current time in Unix time (seconds).
|
|
3600
3595
|
*/
|
|
3601
|
-
|
|
3596
|
+
function nowSeconds() {
|
|
3597
|
+
// Date.getTime() returns in milliseconds.
|
|
3598
|
+
return Math.round(new Date().getTime() / 1000.0);
|
|
3599
|
+
}
|
|
3602
3600
|
/**
|
|
3603
|
-
*
|
|
3604
|
-
* @
|
|
3601
|
+
* Converts JS Date object to seconds
|
|
3602
|
+
* @param date Date
|
|
3605
3603
|
*/
|
|
3606
|
-
|
|
3604
|
+
function toSecondsFromDate(date) {
|
|
3605
|
+
// Convert date to seconds
|
|
3606
|
+
return date.getTime() / 1000;
|
|
3607
|
+
}
|
|
3607
3608
|
/**
|
|
3608
|
-
*
|
|
3609
|
-
* @
|
|
3609
|
+
* Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
|
|
3610
|
+
* @param seconds
|
|
3610
3611
|
*/
|
|
3611
|
-
|
|
3612
|
+
function toDateFromSeconds(seconds) {
|
|
3613
|
+
if (seconds) {
|
|
3614
|
+
return new Date(Number(seconds) * 1000);
|
|
3615
|
+
}
|
|
3616
|
+
return new Date();
|
|
3617
|
+
}
|
|
3612
3618
|
/**
|
|
3613
|
-
*
|
|
3614
|
-
* @
|
|
3619
|
+
* check if a token is expired based on given UTC time in seconds.
|
|
3620
|
+
* @param expiresOn
|
|
3615
3621
|
*/
|
|
3616
|
-
|
|
3622
|
+
function isTokenExpired(expiresOn, offset) {
|
|
3623
|
+
// check for access token expiry
|
|
3624
|
+
const expirationSec = Number(expiresOn) || 0;
|
|
3625
|
+
const offsetCurrentTimeSec = nowSeconds() + offset;
|
|
3626
|
+
// If current time + offset is greater than token expiration time, then token is expired.
|
|
3627
|
+
return offsetCurrentTimeSec > expirationSec;
|
|
3628
|
+
}
|
|
3617
3629
|
/**
|
|
3618
|
-
*
|
|
3619
|
-
* @
|
|
3630
|
+
* Checks if a cache entry is expired based on the last updated time and cache retention days.
|
|
3631
|
+
* @param lastUpdatedAt
|
|
3632
|
+
* @param cacheRetentionDays
|
|
3633
|
+
* @returns
|
|
3620
3634
|
*/
|
|
3621
|
-
|
|
3635
|
+
function isCacheExpired(lastUpdatedAt, cacheRetentionDays) {
|
|
3636
|
+
const cacheExpirationTimestamp = Number(lastUpdatedAt) + cacheRetentionDays * 24 * 60 * 60 * 1000;
|
|
3637
|
+
return Date.now() > cacheExpirationTimestamp;
|
|
3638
|
+
}
|
|
3622
3639
|
/**
|
|
3623
|
-
*
|
|
3624
|
-
*
|
|
3640
|
+
* If the current time is earlier than the time that a token was cached at, we must discard the token
|
|
3641
|
+
* i.e. The system clock was turned back after acquiring the cached token
|
|
3642
|
+
* @param cachedAt
|
|
3643
|
+
* @param offset
|
|
3625
3644
|
*/
|
|
3626
|
-
|
|
3645
|
+
function wasClockTurnedBack(cachedAt) {
|
|
3646
|
+
const cachedAtSec = Number(cachedAt);
|
|
3647
|
+
return cachedAtSec > nowSeconds();
|
|
3648
|
+
}
|
|
3627
3649
|
|
|
3628
|
-
/*! @azure/msal-common v16.4.
|
|
3650
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3629
3651
|
|
|
3630
3652
|
/*
|
|
3631
3653
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3632
3654
|
* Licensed under the MIT License.
|
|
3633
3655
|
*/
|
|
3634
3656
|
/**
|
|
3635
|
-
*
|
|
3657
|
+
* Create IdTokenEntity
|
|
3658
|
+
* @param homeAccountId
|
|
3659
|
+
* @param authenticationResult
|
|
3660
|
+
* @param clientId
|
|
3661
|
+
* @param authority
|
|
3636
3662
|
*/
|
|
3637
|
-
|
|
3638
|
-
|
|
3639
|
-
|
|
3640
|
-
|
|
3641
|
-
|
|
3642
|
-
|
|
3643
|
-
|
|
3644
|
-
|
|
3645
|
-
|
|
3646
|
-
|
|
3647
|
-
|
|
3648
|
-
|
|
3649
|
-
"user_password_expired",
|
|
3650
|
-
"consent_required",
|
|
3651
|
-
"bad_token",
|
|
3652
|
-
"ux_not_allowed",
|
|
3653
|
-
"interrupted_user",
|
|
3654
|
-
];
|
|
3663
|
+
function createIdTokenEntity(homeAccountId, environment, idToken, clientId, tenantId) {
|
|
3664
|
+
const idTokenEntity = {
|
|
3665
|
+
credentialType: CredentialType.ID_TOKEN,
|
|
3666
|
+
homeAccountId: homeAccountId,
|
|
3667
|
+
environment: environment,
|
|
3668
|
+
clientId: clientId,
|
|
3669
|
+
secret: idToken,
|
|
3670
|
+
realm: tenantId,
|
|
3671
|
+
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
3672
|
+
};
|
|
3673
|
+
return idTokenEntity;
|
|
3674
|
+
}
|
|
3655
3675
|
/**
|
|
3656
|
-
*
|
|
3676
|
+
* Create AccessTokenEntity
|
|
3677
|
+
* @param homeAccountId
|
|
3678
|
+
* @param environment
|
|
3679
|
+
* @param accessToken
|
|
3680
|
+
* @param clientId
|
|
3681
|
+
* @param tenantId
|
|
3682
|
+
* @param scopes
|
|
3683
|
+
* @param expiresOn
|
|
3684
|
+
* @param extExpiresOn
|
|
3657
3685
|
*/
|
|
3658
|
-
|
|
3659
|
-
|
|
3660
|
-
|
|
3661
|
-
|
|
3662
|
-
|
|
3663
|
-
|
|
3664
|
-
|
|
3665
|
-
|
|
3666
|
-
|
|
3667
|
-
|
|
3686
|
+
function createAccessTokenEntity(homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, base64Decode, refreshOn, tokenType, userAssertionHash, keyId) {
|
|
3687
|
+
const atEntity = {
|
|
3688
|
+
homeAccountId: homeAccountId,
|
|
3689
|
+
credentialType: CredentialType.ACCESS_TOKEN,
|
|
3690
|
+
secret: accessToken,
|
|
3691
|
+
cachedAt: nowSeconds().toString(),
|
|
3692
|
+
expiresOn: expiresOn.toString(),
|
|
3693
|
+
extendedExpiresOn: extExpiresOn.toString(),
|
|
3694
|
+
environment: environment,
|
|
3695
|
+
clientId: clientId,
|
|
3696
|
+
realm: tenantId,
|
|
3697
|
+
target: scopes,
|
|
3698
|
+
tokenType: tokenType || AuthenticationScheme.BEARER,
|
|
3699
|
+
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
3700
|
+
};
|
|
3701
|
+
if (userAssertionHash) {
|
|
3702
|
+
atEntity.userAssertionHash = userAssertionHash;
|
|
3703
|
+
}
|
|
3704
|
+
if (refreshOn) {
|
|
3705
|
+
atEntity.refreshOn = refreshOn.toString();
|
|
3668
3706
|
}
|
|
3707
|
+
/*
|
|
3708
|
+
* Create Access Token With Auth Scheme instead of regular access token
|
|
3709
|
+
* Cast to lower to handle "bearer" from ADFS
|
|
3710
|
+
*/
|
|
3711
|
+
if (atEntity.tokenType?.toLowerCase() !==
|
|
3712
|
+
AuthenticationScheme.BEARER.toLowerCase()) {
|
|
3713
|
+
atEntity.credentialType =
|
|
3714
|
+
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
|
|
3715
|
+
switch (atEntity.tokenType) {
|
|
3716
|
+
case AuthenticationScheme.POP:
|
|
3717
|
+
// Make sure keyId is present and add it to credential
|
|
3718
|
+
const tokenClaims = extractTokenClaims(accessToken, base64Decode);
|
|
3719
|
+
if (!tokenClaims?.cnf?.kid) {
|
|
3720
|
+
throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
|
|
3721
|
+
}
|
|
3722
|
+
atEntity.keyId = tokenClaims.cnf.kid;
|
|
3723
|
+
break;
|
|
3724
|
+
case AuthenticationScheme.SSH:
|
|
3725
|
+
atEntity.keyId = keyId;
|
|
3726
|
+
}
|
|
3727
|
+
}
|
|
3728
|
+
return atEntity;
|
|
3669
3729
|
}
|
|
3670
3730
|
/**
|
|
3671
|
-
*
|
|
3672
|
-
* @param
|
|
3673
|
-
* @param
|
|
3674
|
-
* @param
|
|
3731
|
+
* Create RefreshTokenEntity
|
|
3732
|
+
* @param homeAccountId
|
|
3733
|
+
* @param authenticationResult
|
|
3734
|
+
* @param clientId
|
|
3735
|
+
* @param authority
|
|
3675
3736
|
*/
|
|
3676
|
-
function
|
|
3677
|
-
const
|
|
3678
|
-
|
|
3679
|
-
|
|
3680
|
-
|
|
3681
|
-
|
|
3682
|
-
|
|
3683
|
-
|
|
3684
|
-
|
|
3685
|
-
|
|
3686
|
-
|
|
3687
|
-
|
|
3737
|
+
function createRefreshTokenEntity(homeAccountId, environment, refreshToken, clientId, familyId, userAssertionHash, expiresOn) {
|
|
3738
|
+
const rtEntity = {
|
|
3739
|
+
credentialType: CredentialType.REFRESH_TOKEN,
|
|
3740
|
+
homeAccountId: homeAccountId,
|
|
3741
|
+
environment: environment,
|
|
3742
|
+
clientId: clientId,
|
|
3743
|
+
secret: refreshToken,
|
|
3744
|
+
lastUpdatedAt: Date.now().toString(),
|
|
3745
|
+
};
|
|
3746
|
+
if (userAssertionHash) {
|
|
3747
|
+
rtEntity.userAssertionHash = userAssertionHash;
|
|
3748
|
+
}
|
|
3749
|
+
if (familyId) {
|
|
3750
|
+
rtEntity.familyId = familyId;
|
|
3751
|
+
}
|
|
3752
|
+
if (expiresOn) {
|
|
3753
|
+
rtEntity.expiresOn = expiresOn.toString();
|
|
3754
|
+
}
|
|
3755
|
+
return rtEntity;
|
|
3756
|
+
}
|
|
3757
|
+
function isCredentialEntity(entity) {
|
|
3758
|
+
return (entity.hasOwnProperty("homeAccountId") &&
|
|
3759
|
+
entity.hasOwnProperty("environment") &&
|
|
3760
|
+
entity.hasOwnProperty("credentialType") &&
|
|
3761
|
+
entity.hasOwnProperty("clientId") &&
|
|
3762
|
+
entity.hasOwnProperty("secret"));
|
|
3688
3763
|
}
|
|
3689
3764
|
/**
|
|
3690
|
-
*
|
|
3691
|
-
|
|
3692
|
-
function createInteractionRequiredAuthError(errorCode, errorMessage) {
|
|
3693
|
-
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
3694
|
-
}
|
|
3695
|
-
|
|
3696
|
-
/*! @azure/msal-common v16.4.0 2026-03-27 */
|
|
3697
|
-
|
|
3698
|
-
/*
|
|
3699
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3700
|
-
* Licensed under the MIT License.
|
|
3701
|
-
*/
|
|
3702
|
-
/**
|
|
3703
|
-
* Appends user state with random guid, or returns random guid.
|
|
3704
|
-
* @param cryptoObj
|
|
3705
|
-
* @param userState
|
|
3706
|
-
* @param meta
|
|
3765
|
+
* Validates an entity: checks for all expected params
|
|
3766
|
+
* @param entity
|
|
3707
3767
|
*/
|
|
3708
|
-
function
|
|
3709
|
-
|
|
3710
|
-
|
|
3711
|
-
|
|
3712
|
-
|
|
3768
|
+
function isAccessTokenEntity(entity) {
|
|
3769
|
+
if (!entity) {
|
|
3770
|
+
return false;
|
|
3771
|
+
}
|
|
3772
|
+
return (isCredentialEntity(entity) &&
|
|
3773
|
+
entity.hasOwnProperty("realm") &&
|
|
3774
|
+
entity.hasOwnProperty("target") &&
|
|
3775
|
+
(entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
|
|
3776
|
+
entity["credentialType"] ===
|
|
3777
|
+
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
|
|
3713
3778
|
}
|
|
3714
3779
|
/**
|
|
3715
|
-
*
|
|
3716
|
-
* @param
|
|
3717
|
-
* @param meta
|
|
3780
|
+
* Validates an entity: checks for all expected params
|
|
3781
|
+
* @param entity
|
|
3718
3782
|
*/
|
|
3719
|
-
function
|
|
3720
|
-
if (!
|
|
3721
|
-
|
|
3722
|
-
}
|
|
3723
|
-
// Create a state object containing a unique id and the timestamp of the request creation
|
|
3724
|
-
const stateObj = {
|
|
3725
|
-
id: cryptoObj.createNewGuid(),
|
|
3726
|
-
};
|
|
3727
|
-
if (meta) {
|
|
3728
|
-
stateObj.meta = meta;
|
|
3783
|
+
function isIdTokenEntity(entity) {
|
|
3784
|
+
if (!entity) {
|
|
3785
|
+
return false;
|
|
3729
3786
|
}
|
|
3730
|
-
|
|
3731
|
-
|
|
3787
|
+
return (isCredentialEntity(entity) &&
|
|
3788
|
+
entity.hasOwnProperty("realm") &&
|
|
3789
|
+
entity["credentialType"] === CredentialType.ID_TOKEN);
|
|
3732
3790
|
}
|
|
3733
3791
|
/**
|
|
3734
|
-
*
|
|
3735
|
-
* @param
|
|
3736
|
-
* @param state
|
|
3792
|
+
* Validates an entity: checks for all expected params
|
|
3793
|
+
* @param entity
|
|
3737
3794
|
*/
|
|
3738
|
-
function
|
|
3739
|
-
if (!
|
|
3740
|
-
|
|
3741
|
-
}
|
|
3742
|
-
if (!state) {
|
|
3743
|
-
throw createClientAuthError(invalidState);
|
|
3744
|
-
}
|
|
3745
|
-
try {
|
|
3746
|
-
// Split the state between library state and user passed state and decode them separately
|
|
3747
|
-
const splitState = state.split(RESOURCE_DELIM);
|
|
3748
|
-
const libraryState = splitState[0];
|
|
3749
|
-
const userState = splitState.length > 1
|
|
3750
|
-
? splitState.slice(1).join(RESOURCE_DELIM)
|
|
3751
|
-
: "";
|
|
3752
|
-
const libraryStateString = base64Decode(libraryState);
|
|
3753
|
-
const libraryStateObj = JSON.parse(libraryStateString);
|
|
3754
|
-
return {
|
|
3755
|
-
userRequestState: userState || "",
|
|
3756
|
-
libraryState: libraryStateObj,
|
|
3757
|
-
};
|
|
3758
|
-
}
|
|
3759
|
-
catch (e) {
|
|
3760
|
-
throw createClientAuthError(invalidState);
|
|
3795
|
+
function isRefreshTokenEntity(entity) {
|
|
3796
|
+
if (!entity) {
|
|
3797
|
+
return false;
|
|
3761
3798
|
}
|
|
3762
|
-
|
|
3763
|
-
|
|
3764
|
-
|
|
3765
|
-
/*
|
|
3766
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3767
|
-
* Licensed under the MIT License.
|
|
3768
|
-
*/
|
|
3799
|
+
return (isCredentialEntity(entity) &&
|
|
3800
|
+
entity["credentialType"] === CredentialType.REFRESH_TOKEN);
|
|
3801
|
+
}
|
|
3769
3802
|
/**
|
|
3770
|
-
*
|
|
3803
|
+
* validates if a given cache entry is "Telemetry", parses <key,value>
|
|
3804
|
+
* @param key
|
|
3805
|
+
* @param entity
|
|
3771
3806
|
*/
|
|
3807
|
+
function isServerTelemetryEntity(key, entity) {
|
|
3808
|
+
const validateKey = key.indexOf(SERVER_TELEM_CACHE_KEY) === 0;
|
|
3809
|
+
let validateEntity = true;
|
|
3810
|
+
if (entity) {
|
|
3811
|
+
validateEntity =
|
|
3812
|
+
entity.hasOwnProperty("failedRequests") &&
|
|
3813
|
+
entity.hasOwnProperty("errors") &&
|
|
3814
|
+
entity.hasOwnProperty("cacheHits");
|
|
3815
|
+
}
|
|
3816
|
+
return validateKey && validateEntity;
|
|
3817
|
+
}
|
|
3772
3818
|
/**
|
|
3773
|
-
*
|
|
3819
|
+
* validates if a given cache entry is "Throttling", parses <key,value>
|
|
3820
|
+
* @param key
|
|
3821
|
+
* @param entity
|
|
3774
3822
|
*/
|
|
3775
|
-
function
|
|
3776
|
-
|
|
3777
|
-
|
|
3823
|
+
function isThrottlingEntity(key, entity) {
|
|
3824
|
+
let validateKey = false;
|
|
3825
|
+
if (key) {
|
|
3826
|
+
validateKey = key.indexOf(THROTTLING_PREFIX) === 0;
|
|
3827
|
+
}
|
|
3828
|
+
let validateEntity = true;
|
|
3829
|
+
if (entity) {
|
|
3830
|
+
validateEntity = entity.hasOwnProperty("throttleTime");
|
|
3831
|
+
}
|
|
3832
|
+
return validateKey && validateEntity;
|
|
3778
3833
|
}
|
|
3779
3834
|
/**
|
|
3780
|
-
*
|
|
3781
|
-
* @param date Date
|
|
3835
|
+
* Generate AppMetadata Cache Key as per the schema: appmetadata-<environment>-<client_id>
|
|
3782
3836
|
*/
|
|
3783
|
-
function
|
|
3784
|
-
|
|
3785
|
-
|
|
3837
|
+
function generateAppMetadataKey({ environment, clientId, }) {
|
|
3838
|
+
const appMetaDataKeyArray = [
|
|
3839
|
+
APP_METADATA,
|
|
3840
|
+
environment,
|
|
3841
|
+
clientId,
|
|
3842
|
+
];
|
|
3843
|
+
return appMetaDataKeyArray
|
|
3844
|
+
.join(CACHE_KEY_SEPARATOR$1)
|
|
3845
|
+
.toLowerCase();
|
|
3786
3846
|
}
|
|
3787
|
-
|
|
3788
|
-
*
|
|
3789
|
-
* @param
|
|
3847
|
+
/*
|
|
3848
|
+
* Validates an entity: checks for all expected params
|
|
3849
|
+
* @param entity
|
|
3790
3850
|
*/
|
|
3791
|
-
function
|
|
3792
|
-
if (
|
|
3793
|
-
return
|
|
3851
|
+
function isAppMetadataEntity(key, entity) {
|
|
3852
|
+
if (!entity) {
|
|
3853
|
+
return false;
|
|
3794
3854
|
}
|
|
3795
|
-
return
|
|
3855
|
+
return (key.indexOf(APP_METADATA) === 0 &&
|
|
3856
|
+
entity.hasOwnProperty("clientId") &&
|
|
3857
|
+
entity.hasOwnProperty("environment"));
|
|
3796
3858
|
}
|
|
3797
3859
|
/**
|
|
3798
|
-
*
|
|
3799
|
-
* @param
|
|
3860
|
+
* Validates an entity: checks for all expected params
|
|
3861
|
+
* @param entity
|
|
3800
3862
|
*/
|
|
3801
|
-
function
|
|
3802
|
-
|
|
3803
|
-
|
|
3804
|
-
|
|
3805
|
-
|
|
3806
|
-
|
|
3863
|
+
function isAuthorityMetadataEntity(key, entity) {
|
|
3864
|
+
if (!entity) {
|
|
3865
|
+
return false;
|
|
3866
|
+
}
|
|
3867
|
+
return (key.indexOf(AUTHORITY_METADATA_CACHE_KEY) === 0 &&
|
|
3868
|
+
entity.hasOwnProperty("aliases") &&
|
|
3869
|
+
entity.hasOwnProperty("preferred_cache") &&
|
|
3870
|
+
entity.hasOwnProperty("preferred_network") &&
|
|
3871
|
+
entity.hasOwnProperty("canonical_authority") &&
|
|
3872
|
+
entity.hasOwnProperty("authorization_endpoint") &&
|
|
3873
|
+
entity.hasOwnProperty("token_endpoint") &&
|
|
3874
|
+
entity.hasOwnProperty("issuer") &&
|
|
3875
|
+
entity.hasOwnProperty("aliasesFromNetwork") &&
|
|
3876
|
+
entity.hasOwnProperty("endpointsFromNetwork") &&
|
|
3877
|
+
entity.hasOwnProperty("expiresAt") &&
|
|
3878
|
+
entity.hasOwnProperty("jwks_uri"));
|
|
3807
3879
|
}
|
|
3808
3880
|
/**
|
|
3809
|
-
*
|
|
3810
|
-
* @param lastUpdatedAt
|
|
3811
|
-
* @param cacheRetentionDays
|
|
3812
|
-
* @returns
|
|
3881
|
+
* Reset the exiresAt value
|
|
3813
3882
|
*/
|
|
3814
|
-
function
|
|
3815
|
-
|
|
3816
|
-
|
|
3883
|
+
function generateAuthorityMetadataExpiresAt() {
|
|
3884
|
+
return (nowSeconds() +
|
|
3885
|
+
AUTHORITY_METADATA_REFRESH_TIME_SECONDS);
|
|
3886
|
+
}
|
|
3887
|
+
function updateAuthorityEndpointMetadata(authorityMetadata, updatedValues, fromNetwork) {
|
|
3888
|
+
authorityMetadata.authorization_endpoint =
|
|
3889
|
+
updatedValues.authorization_endpoint;
|
|
3890
|
+
authorityMetadata.token_endpoint = updatedValues.token_endpoint;
|
|
3891
|
+
authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
|
|
3892
|
+
authorityMetadata.issuer = updatedValues.issuer;
|
|
3893
|
+
authorityMetadata.endpointsFromNetwork = fromNetwork;
|
|
3894
|
+
authorityMetadata.jwks_uri = updatedValues.jwks_uri;
|
|
3895
|
+
}
|
|
3896
|
+
function updateCloudDiscoveryMetadata(authorityMetadata, updatedValues, fromNetwork) {
|
|
3897
|
+
authorityMetadata.aliases = updatedValues.aliases;
|
|
3898
|
+
authorityMetadata.preferred_cache = updatedValues.preferred_cache;
|
|
3899
|
+
authorityMetadata.preferred_network = updatedValues.preferred_network;
|
|
3900
|
+
authorityMetadata.aliasesFromNetwork = fromNetwork;
|
|
3817
3901
|
}
|
|
3818
3902
|
/**
|
|
3819
|
-
*
|
|
3820
|
-
* i.e. The system clock was turned back after acquiring the cached token
|
|
3821
|
-
* @param cachedAt
|
|
3822
|
-
* @param offset
|
|
3903
|
+
* Returns whether or not the data needs to be refreshed
|
|
3823
3904
|
*/
|
|
3824
|
-
function
|
|
3825
|
-
|
|
3826
|
-
return cachedAtSec > nowSeconds();
|
|
3905
|
+
function isAuthorityMetadataExpired(metadata) {
|
|
3906
|
+
return metadata.expiresAt <= nowSeconds();
|
|
3827
3907
|
}
|
|
3828
3908
|
|
|
3829
|
-
/*! @azure/msal-common v16.4.
|
|
3909
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3830
3910
|
/*
|
|
3831
3911
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3832
3912
|
* Licensed under the MIT License.
|
|
@@ -3897,7 +3977,7 @@ const RegionDiscoveryGetCurrentVersion = "regionDiscoveryGetCurrentVersion";
|
|
|
3897
3977
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
3898
3978
|
const SetUserData = "setUserData";
|
|
3899
3979
|
|
|
3900
|
-
/*! @azure/msal-common v16.4.
|
|
3980
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3901
3981
|
/*
|
|
3902
3982
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3903
3983
|
* Licensed under the MIT License.
|
|
@@ -3990,7 +4070,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
3990
4070
|
};
|
|
3991
4071
|
};
|
|
3992
4072
|
|
|
3993
|
-
/*! @azure/msal-common v16.4.
|
|
4073
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
3994
4074
|
|
|
3995
4075
|
/*
|
|
3996
4076
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4070,293 +4150,213 @@ class PopTokenGenerator {
|
|
|
4070
4150
|
}
|
|
4071
4151
|
}
|
|
4072
4152
|
|
|
4073
|
-
/*! @azure/msal-common v16.4.
|
|
4153
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4074
4154
|
/*
|
|
4075
4155
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4076
4156
|
* Licensed under the MIT License.
|
|
4077
4157
|
*/
|
|
4078
4158
|
/**
|
|
4079
|
-
*
|
|
4080
|
-
*
|
|
4081
|
-
*/ class TokenCacheContext {
|
|
4082
|
-
constructor(tokenCache, hasChanged) {
|
|
4083
|
-
this.cache = tokenCache;
|
|
4084
|
-
this.hasChanged = hasChanged;
|
|
4085
|
-
}
|
|
4086
|
-
/**
|
|
4087
|
-
* boolean which indicates the changes in cache
|
|
4088
|
-
*/
|
|
4089
|
-
get cacheHasChanged() {
|
|
4090
|
-
return this.hasChanged;
|
|
4091
|
-
}
|
|
4092
|
-
/**
|
|
4093
|
-
* function to retrieve the token cache
|
|
4094
|
-
*/
|
|
4095
|
-
get tokenCache() {
|
|
4096
|
-
return this.cache;
|
|
4097
|
-
}
|
|
4098
|
-
}
|
|
4099
|
-
|
|
4100
|
-
/*! @azure/msal-common v16.4.0 2026-03-27 */
|
|
4101
|
-
|
|
4102
|
-
/*
|
|
4103
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4104
|
-
* Licensed under the MIT License.
|
|
4159
|
+
* MSAL-defined interaction required error code indicating no tokens are found in cache.
|
|
4160
|
+
* @public
|
|
4105
4161
|
*/
|
|
4162
|
+
const noTokensFound = "no_tokens_found";
|
|
4106
4163
|
/**
|
|
4107
|
-
*
|
|
4108
|
-
* @
|
|
4109
|
-
* @param authenticationResult
|
|
4110
|
-
* @param clientId
|
|
4111
|
-
* @param authority
|
|
4164
|
+
* MSAL-defined error code indicating a native account is unavailable on the platform.
|
|
4165
|
+
* @public
|
|
4112
4166
|
*/
|
|
4113
|
-
|
|
4114
|
-
const idTokenEntity = {
|
|
4115
|
-
credentialType: CredentialType.ID_TOKEN,
|
|
4116
|
-
homeAccountId: homeAccountId,
|
|
4117
|
-
environment: environment,
|
|
4118
|
-
clientId: clientId,
|
|
4119
|
-
secret: idToken,
|
|
4120
|
-
realm: tenantId,
|
|
4121
|
-
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
4122
|
-
};
|
|
4123
|
-
return idTokenEntity;
|
|
4124
|
-
}
|
|
4167
|
+
const nativeAccountUnavailable = "native_account_unavailable";
|
|
4125
4168
|
/**
|
|
4126
|
-
*
|
|
4127
|
-
* @
|
|
4128
|
-
* @param environment
|
|
4129
|
-
* @param accessToken
|
|
4130
|
-
* @param clientId
|
|
4131
|
-
* @param tenantId
|
|
4132
|
-
* @param scopes
|
|
4133
|
-
* @param expiresOn
|
|
4134
|
-
* @param extExpiresOn
|
|
4169
|
+
* MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
|
|
4170
|
+
* @public
|
|
4135
4171
|
*/
|
|
4136
|
-
|
|
4137
|
-
const atEntity = {
|
|
4138
|
-
homeAccountId: homeAccountId,
|
|
4139
|
-
credentialType: CredentialType.ACCESS_TOKEN,
|
|
4140
|
-
secret: accessToken,
|
|
4141
|
-
cachedAt: nowSeconds().toString(),
|
|
4142
|
-
expiresOn: expiresOn.toString(),
|
|
4143
|
-
extendedExpiresOn: extExpiresOn.toString(),
|
|
4144
|
-
environment: environment,
|
|
4145
|
-
clientId: clientId,
|
|
4146
|
-
realm: tenantId,
|
|
4147
|
-
target: scopes,
|
|
4148
|
-
tokenType: tokenType || AuthenticationScheme.BEARER,
|
|
4149
|
-
lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
|
|
4150
|
-
};
|
|
4151
|
-
if (userAssertionHash) {
|
|
4152
|
-
atEntity.userAssertionHash = userAssertionHash;
|
|
4153
|
-
}
|
|
4154
|
-
if (refreshOn) {
|
|
4155
|
-
atEntity.refreshOn = refreshOn.toString();
|
|
4156
|
-
}
|
|
4157
|
-
/*
|
|
4158
|
-
* Create Access Token With Auth Scheme instead of regular access token
|
|
4159
|
-
* Cast to lower to handle "bearer" from ADFS
|
|
4160
|
-
*/
|
|
4161
|
-
if (atEntity.tokenType?.toLowerCase() !==
|
|
4162
|
-
AuthenticationScheme.BEARER.toLowerCase()) {
|
|
4163
|
-
atEntity.credentialType =
|
|
4164
|
-
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
|
|
4165
|
-
switch (atEntity.tokenType) {
|
|
4166
|
-
case AuthenticationScheme.POP:
|
|
4167
|
-
// Make sure keyId is present and add it to credential
|
|
4168
|
-
const tokenClaims = extractTokenClaims(accessToken, base64Decode);
|
|
4169
|
-
if (!tokenClaims?.cnf?.kid) {
|
|
4170
|
-
throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
|
|
4171
|
-
}
|
|
4172
|
-
atEntity.keyId = tokenClaims.cnf.kid;
|
|
4173
|
-
break;
|
|
4174
|
-
case AuthenticationScheme.SSH:
|
|
4175
|
-
atEntity.keyId = keyId;
|
|
4176
|
-
}
|
|
4177
|
-
}
|
|
4178
|
-
return atEntity;
|
|
4179
|
-
}
|
|
4172
|
+
const refreshTokenExpired = "refresh_token_expired";
|
|
4180
4173
|
/**
|
|
4181
|
-
*
|
|
4182
|
-
* @
|
|
4183
|
-
* @param authenticationResult
|
|
4184
|
-
* @param clientId
|
|
4185
|
-
* @param authority
|
|
4174
|
+
* MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
|
|
4175
|
+
* @public
|
|
4186
4176
|
*/
|
|
4187
|
-
|
|
4188
|
-
const rtEntity = {
|
|
4189
|
-
credentialType: CredentialType.REFRESH_TOKEN,
|
|
4190
|
-
homeAccountId: homeAccountId,
|
|
4191
|
-
environment: environment,
|
|
4192
|
-
clientId: clientId,
|
|
4193
|
-
secret: refreshToken,
|
|
4194
|
-
lastUpdatedAt: Date.now().toString(),
|
|
4195
|
-
};
|
|
4196
|
-
if (userAssertionHash) {
|
|
4197
|
-
rtEntity.userAssertionHash = userAssertionHash;
|
|
4198
|
-
}
|
|
4199
|
-
if (familyId) {
|
|
4200
|
-
rtEntity.familyId = familyId;
|
|
4201
|
-
}
|
|
4202
|
-
if (expiresOn) {
|
|
4203
|
-
rtEntity.expiresOn = expiresOn.toString();
|
|
4204
|
-
}
|
|
4205
|
-
return rtEntity;
|
|
4206
|
-
}
|
|
4207
|
-
function isCredentialEntity(entity) {
|
|
4208
|
-
return (entity.hasOwnProperty("homeAccountId") &&
|
|
4209
|
-
entity.hasOwnProperty("environment") &&
|
|
4210
|
-
entity.hasOwnProperty("credentialType") &&
|
|
4211
|
-
entity.hasOwnProperty("clientId") &&
|
|
4212
|
-
entity.hasOwnProperty("secret"));
|
|
4213
|
-
}
|
|
4177
|
+
const uxNotAllowed = "ux_not_allowed";
|
|
4214
4178
|
/**
|
|
4215
|
-
*
|
|
4216
|
-
* @
|
|
4179
|
+
* Server-originated error code indicating interaction is required to complete the request.
|
|
4180
|
+
* @public
|
|
4217
4181
|
*/
|
|
4218
|
-
|
|
4219
|
-
if (!entity) {
|
|
4220
|
-
return false;
|
|
4221
|
-
}
|
|
4222
|
-
return (isCredentialEntity(entity) &&
|
|
4223
|
-
entity.hasOwnProperty("realm") &&
|
|
4224
|
-
entity.hasOwnProperty("target") &&
|
|
4225
|
-
(entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
|
|
4226
|
-
entity["credentialType"] ===
|
|
4227
|
-
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
|
|
4228
|
-
}
|
|
4182
|
+
const interactionRequired = "interaction_required";
|
|
4229
4183
|
/**
|
|
4230
|
-
*
|
|
4231
|
-
* @
|
|
4184
|
+
* Server-originated error code indicating user consent is required.
|
|
4185
|
+
* @public
|
|
4186
|
+
*/
|
|
4187
|
+
const consentRequired = "consent_required";
|
|
4188
|
+
/**
|
|
4189
|
+
* Server-originated error code indicating user login is required.
|
|
4190
|
+
* @public
|
|
4191
|
+
*/
|
|
4192
|
+
const loginRequired = "login_required";
|
|
4193
|
+
/**
|
|
4194
|
+
* Server-originated error code indicating the token is invalid or corrupted.
|
|
4195
|
+
* @public
|
|
4196
|
+
*/
|
|
4197
|
+
const badToken = "bad_token";
|
|
4198
|
+
/**
|
|
4199
|
+
* Server-originated error code indicating the user is in an interrupted state and interaction is required.
|
|
4200
|
+
* @public
|
|
4201
|
+
*/
|
|
4202
|
+
const interruptedUser = "interrupted_user";
|
|
4203
|
+
|
|
4204
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4205
|
+
|
|
4206
|
+
/*
|
|
4207
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4208
|
+
* Licensed under the MIT License.
|
|
4232
4209
|
*/
|
|
4233
|
-
function isIdTokenEntity(entity) {
|
|
4234
|
-
if (!entity) {
|
|
4235
|
-
return false;
|
|
4236
|
-
}
|
|
4237
|
-
return (isCredentialEntity(entity) &&
|
|
4238
|
-
entity.hasOwnProperty("realm") &&
|
|
4239
|
-
entity["credentialType"] === CredentialType.ID_TOKEN);
|
|
4240
|
-
}
|
|
4241
4210
|
/**
|
|
4242
|
-
*
|
|
4243
|
-
* @param entity
|
|
4211
|
+
* InteractionRequiredServerErrorMessage contains string constants used by error codes and messages returned by the server indicating interaction is required
|
|
4244
4212
|
*/
|
|
4245
|
-
|
|
4246
|
-
|
|
4247
|
-
|
|
4248
|
-
|
|
4249
|
-
|
|
4250
|
-
|
|
4251
|
-
|
|
4213
|
+
const InteractionRequiredServerErrorMessage = [
|
|
4214
|
+
interactionRequired,
|
|
4215
|
+
consentRequired,
|
|
4216
|
+
loginRequired,
|
|
4217
|
+
badToken,
|
|
4218
|
+
uxNotAllowed,
|
|
4219
|
+
interruptedUser,
|
|
4220
|
+
];
|
|
4221
|
+
const InteractionRequiredAuthSubErrorMessage = [
|
|
4222
|
+
"message_only",
|
|
4223
|
+
"additional_action",
|
|
4224
|
+
"basic_action",
|
|
4225
|
+
"user_password_expired",
|
|
4226
|
+
"consent_required",
|
|
4227
|
+
"bad_token",
|
|
4228
|
+
"ux_not_allowed",
|
|
4229
|
+
"interrupted_user",
|
|
4230
|
+
];
|
|
4252
4231
|
/**
|
|
4253
|
-
*
|
|
4254
|
-
* @param key
|
|
4255
|
-
* @param entity
|
|
4232
|
+
* Error thrown when user interaction is required.
|
|
4256
4233
|
*/
|
|
4257
|
-
|
|
4258
|
-
|
|
4259
|
-
|
|
4260
|
-
|
|
4261
|
-
|
|
4262
|
-
|
|
4263
|
-
|
|
4264
|
-
|
|
4234
|
+
class InteractionRequiredAuthError extends AuthError {
|
|
4235
|
+
constructor(errorCode, errorMessage, subError, timestamp, traceId, correlationId, claims, errorNo) {
|
|
4236
|
+
super(errorCode, errorMessage, subError);
|
|
4237
|
+
Object.setPrototypeOf(this, InteractionRequiredAuthError.prototype);
|
|
4238
|
+
this.timestamp = timestamp || "";
|
|
4239
|
+
this.traceId = traceId || "";
|
|
4240
|
+
this.correlationId = correlationId || "";
|
|
4241
|
+
this.claims = claims || "";
|
|
4242
|
+
this.name = "InteractionRequiredAuthError";
|
|
4243
|
+
this.errorNo = errorNo;
|
|
4265
4244
|
}
|
|
4266
|
-
return validateKey && validateEntity;
|
|
4267
4245
|
}
|
|
4268
4246
|
/**
|
|
4269
|
-
*
|
|
4270
|
-
* @param
|
|
4271
|
-
* @param
|
|
4247
|
+
* Helper function used to determine if an error thrown by the server requires interaction to resolve
|
|
4248
|
+
* @param errorCode
|
|
4249
|
+
* @param errorString
|
|
4250
|
+
* @param subError
|
|
4272
4251
|
*/
|
|
4273
|
-
function
|
|
4274
|
-
|
|
4275
|
-
|
|
4276
|
-
|
|
4277
|
-
|
|
4278
|
-
|
|
4279
|
-
|
|
4280
|
-
|
|
4281
|
-
|
|
4282
|
-
return
|
|
4252
|
+
function isInteractionRequiredError(errorCode, errorString, subError) {
|
|
4253
|
+
const isInteractionRequiredErrorCode = !!errorCode &&
|
|
4254
|
+
InteractionRequiredServerErrorMessage.indexOf(errorCode) > -1;
|
|
4255
|
+
const isInteractionRequiredSubError = !!subError &&
|
|
4256
|
+
InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
|
|
4257
|
+
const isInteractionRequiredErrorDesc = !!errorString &&
|
|
4258
|
+
InteractionRequiredServerErrorMessage.some((irErrorCode) => {
|
|
4259
|
+
return errorString.indexOf(irErrorCode) > -1;
|
|
4260
|
+
});
|
|
4261
|
+
return (isInteractionRequiredErrorCode ||
|
|
4262
|
+
isInteractionRequiredErrorDesc ||
|
|
4263
|
+
isInteractionRequiredSubError);
|
|
4283
4264
|
}
|
|
4284
4265
|
/**
|
|
4285
|
-
*
|
|
4266
|
+
* Creates an InteractionRequiredAuthError
|
|
4286
4267
|
*/
|
|
4287
|
-
function
|
|
4288
|
-
|
|
4289
|
-
|
|
4290
|
-
|
|
4291
|
-
|
|
4292
|
-
|
|
4293
|
-
return appMetaDataKeyArray
|
|
4294
|
-
.join(CACHE_KEY_SEPARATOR$1)
|
|
4295
|
-
.toLowerCase();
|
|
4296
|
-
}
|
|
4268
|
+
function createInteractionRequiredAuthError(errorCode, errorMessage) {
|
|
4269
|
+
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
4270
|
+
}
|
|
4271
|
+
|
|
4272
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4273
|
+
|
|
4297
4274
|
/*
|
|
4298
|
-
*
|
|
4299
|
-
*
|
|
4275
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4276
|
+
* Licensed under the MIT License.
|
|
4300
4277
|
*/
|
|
4301
|
-
function isAppMetadataEntity(key, entity) {
|
|
4302
|
-
if (!entity) {
|
|
4303
|
-
return false;
|
|
4304
|
-
}
|
|
4305
|
-
return (key.indexOf(APP_METADATA) === 0 &&
|
|
4306
|
-
entity.hasOwnProperty("clientId") &&
|
|
4307
|
-
entity.hasOwnProperty("environment"));
|
|
4308
|
-
}
|
|
4309
4278
|
/**
|
|
4310
|
-
*
|
|
4311
|
-
* @param entity
|
|
4279
|
+
* Error thrown when there is an error with the server code, for example, unavailability.
|
|
4312
4280
|
*/
|
|
4313
|
-
|
|
4314
|
-
|
|
4315
|
-
|
|
4281
|
+
class ServerError extends AuthError {
|
|
4282
|
+
constructor(errorCode, errorMessage, subError, errorNo, status) {
|
|
4283
|
+
super(errorCode, errorMessage, subError);
|
|
4284
|
+
this.name = "ServerError";
|
|
4285
|
+
this.errorNo = errorNo;
|
|
4286
|
+
this.status = status;
|
|
4287
|
+
Object.setPrototypeOf(this, ServerError.prototype);
|
|
4316
4288
|
}
|
|
4317
|
-
|
|
4318
|
-
|
|
4319
|
-
|
|
4320
|
-
|
|
4321
|
-
|
|
4322
|
-
|
|
4323
|
-
|
|
4324
|
-
|
|
4325
|
-
entity.hasOwnProperty("aliasesFromNetwork") &&
|
|
4326
|
-
entity.hasOwnProperty("endpointsFromNetwork") &&
|
|
4327
|
-
entity.hasOwnProperty("expiresAt") &&
|
|
4328
|
-
entity.hasOwnProperty("jwks_uri"));
|
|
4329
|
-
}
|
|
4289
|
+
}
|
|
4290
|
+
|
|
4291
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4292
|
+
|
|
4293
|
+
/*
|
|
4294
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4295
|
+
* Licensed under the MIT License.
|
|
4296
|
+
*/
|
|
4330
4297
|
/**
|
|
4331
|
-
*
|
|
4298
|
+
* Appends user state with random guid, or returns random guid.
|
|
4299
|
+
* @param cryptoObj
|
|
4300
|
+
* @param userState
|
|
4301
|
+
* @param meta
|
|
4332
4302
|
*/
|
|
4333
|
-
function
|
|
4334
|
-
|
|
4335
|
-
|
|
4336
|
-
}
|
|
4337
|
-
|
|
4338
|
-
authorityMetadata.authorization_endpoint =
|
|
4339
|
-
updatedValues.authorization_endpoint;
|
|
4340
|
-
authorityMetadata.token_endpoint = updatedValues.token_endpoint;
|
|
4341
|
-
authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
|
|
4342
|
-
authorityMetadata.issuer = updatedValues.issuer;
|
|
4343
|
-
authorityMetadata.endpointsFromNetwork = fromNetwork;
|
|
4344
|
-
authorityMetadata.jwks_uri = updatedValues.jwks_uri;
|
|
4303
|
+
function setRequestState(cryptoObj, userState, meta) {
|
|
4304
|
+
const libraryState = generateLibraryState(cryptoObj, meta);
|
|
4305
|
+
return userState
|
|
4306
|
+
? `${libraryState}${RESOURCE_DELIM}${userState}`
|
|
4307
|
+
: libraryState;
|
|
4345
4308
|
}
|
|
4346
|
-
|
|
4347
|
-
|
|
4348
|
-
|
|
4349
|
-
|
|
4350
|
-
|
|
4309
|
+
/**
|
|
4310
|
+
* Generates the state value used by the common library.
|
|
4311
|
+
* @param cryptoObj
|
|
4312
|
+
* @param meta
|
|
4313
|
+
*/
|
|
4314
|
+
function generateLibraryState(cryptoObj, meta) {
|
|
4315
|
+
if (!cryptoObj) {
|
|
4316
|
+
throw createClientAuthError(noCryptoObject);
|
|
4317
|
+
}
|
|
4318
|
+
// Create a state object containing a unique id and the timestamp of the request creation
|
|
4319
|
+
const stateObj = {
|
|
4320
|
+
id: cryptoObj.createNewGuid(),
|
|
4321
|
+
};
|
|
4322
|
+
if (meta) {
|
|
4323
|
+
stateObj.meta = meta;
|
|
4324
|
+
}
|
|
4325
|
+
const stateString = JSON.stringify(stateObj);
|
|
4326
|
+
return cryptoObj.base64Encode(stateString);
|
|
4351
4327
|
}
|
|
4352
4328
|
/**
|
|
4353
|
-
*
|
|
4329
|
+
* Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.
|
|
4330
|
+
* @param base64Decode
|
|
4331
|
+
* @param state
|
|
4354
4332
|
*/
|
|
4355
|
-
function
|
|
4356
|
-
|
|
4333
|
+
function parseRequestState(base64Decode, state) {
|
|
4334
|
+
if (!base64Decode) {
|
|
4335
|
+
throw createClientAuthError(noCryptoObject);
|
|
4336
|
+
}
|
|
4337
|
+
if (!state) {
|
|
4338
|
+
throw createClientAuthError(invalidState);
|
|
4339
|
+
}
|
|
4340
|
+
try {
|
|
4341
|
+
// Split the state between library state and user passed state and decode them separately
|
|
4342
|
+
const splitState = state.split(RESOURCE_DELIM);
|
|
4343
|
+
const libraryState = splitState[0];
|
|
4344
|
+
const userState = splitState.length > 1
|
|
4345
|
+
? splitState.slice(1).join(RESOURCE_DELIM)
|
|
4346
|
+
: "";
|
|
4347
|
+
const libraryStateString = base64Decode(libraryState);
|
|
4348
|
+
const libraryStateObj = JSON.parse(libraryStateString);
|
|
4349
|
+
return {
|
|
4350
|
+
userRequestState: userState || "",
|
|
4351
|
+
libraryState: libraryStateObj,
|
|
4352
|
+
};
|
|
4353
|
+
}
|
|
4354
|
+
catch (e) {
|
|
4355
|
+
throw createClientAuthError(invalidState);
|
|
4356
|
+
}
|
|
4357
4357
|
}
|
|
4358
4358
|
|
|
4359
|
-
/*! @azure/msal-common v16.4.
|
|
4359
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4360
4360
|
|
|
4361
4361
|
/*
|
|
4362
4362
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4512,7 +4512,7 @@ class ResponseHandler {
|
|
|
4512
4512
|
if (serverTokenResponse.id_token && !!idTokenClaims) {
|
|
4513
4513
|
cachedIdToken = createIdTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.id_token, this.clientId, claimsTenantId || "");
|
|
4514
4514
|
cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, request.correlationId, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
|
|
4515
|
-
this.logger);
|
|
4515
|
+
this.logger, this.performanceClient);
|
|
4516
4516
|
}
|
|
4517
4517
|
// AccessToken
|
|
4518
4518
|
let cachedAccessToken = null;
|
|
@@ -4663,17 +4663,24 @@ class ResponseHandler {
|
|
|
4663
4663
|
};
|
|
4664
4664
|
}
|
|
4665
4665
|
}
|
|
4666
|
-
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
|
|
4666
|
+
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger, performanceClient) {
|
|
4667
4667
|
logger?.verbose("09jz0t", correlationId);
|
|
4668
|
-
|
|
4669
|
-
|
|
4670
|
-
|
|
4671
|
-
|
|
4672
|
-
|
|
4673
|
-
|
|
4674
|
-
|
|
4675
|
-
|
|
4668
|
+
/*
|
|
4669
|
+
* Check if base account is already cached. Filter by homeAccountId (identifies
|
|
4670
|
+
* the user's home identity) and environment (identifies the cloud) — the two
|
|
4671
|
+
* tenant-agnostic properties that uniquely locate a base AccountEntity.
|
|
4672
|
+
*/
|
|
4673
|
+
const accountEnvironment = environment || authority.getPreferredCache();
|
|
4674
|
+
const matchedAccounts = cacheStorage.getAccountsFilteredBy({ homeAccountId, environment: accountEnvironment }, correlationId);
|
|
4675
|
+
performanceClient?.addFields({ cacheMatchedAccounts: matchedAccounts.length }, correlationId);
|
|
4676
|
+
if (matchedAccounts.length > 1) {
|
|
4677
|
+
/*
|
|
4678
|
+
* Base accounts are expected to be unique for a given homeAccountId in normal cache usage.
|
|
4679
|
+
* If multiple matches exist, ignore the cache hit rather than arbitrarily choosing one.
|
|
4680
|
+
*/
|
|
4681
|
+
logger?.warning("0x7ad1", correlationId);
|
|
4676
4682
|
}
|
|
4683
|
+
const cachedAccount = matchedAccounts.length === 1 ? matchedAccounts[0] : null;
|
|
4677
4684
|
const baseAccount = cachedAccount ||
|
|
4678
4685
|
createAccountEntity({
|
|
4679
4686
|
homeAccountId,
|
|
@@ -4697,7 +4704,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
4697
4704
|
return baseAccount;
|
|
4698
4705
|
}
|
|
4699
4706
|
|
|
4700
|
-
/*! @azure/msal-common v16.4.
|
|
4707
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4701
4708
|
/*
|
|
4702
4709
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4703
4710
|
* Licensed under the MIT License.
|
|
@@ -4707,7 +4714,7 @@ const CcsCredentialType = {
|
|
|
4707
4714
|
UPN: "UPN",
|
|
4708
4715
|
};
|
|
4709
4716
|
|
|
4710
|
-
/*! @azure/msal-common v16.4.
|
|
4717
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4711
4718
|
/*
|
|
4712
4719
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4713
4720
|
* Licensed under the MIT License.
|
|
@@ -4725,7 +4732,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
4725
4732
|
}
|
|
4726
4733
|
}
|
|
4727
4734
|
|
|
4728
|
-
/*! @azure/msal-common v16.4.
|
|
4735
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4729
4736
|
/*
|
|
4730
4737
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4731
4738
|
* Licensed under the MIT License.
|
|
@@ -4746,7 +4753,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
4746
4753
|
};
|
|
4747
4754
|
}
|
|
4748
4755
|
|
|
4749
|
-
/*! @azure/msal-common v16.4.
|
|
4756
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4750
4757
|
|
|
4751
4758
|
/*
|
|
4752
4759
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4832,7 +4839,7 @@ class ThrottlingUtils {
|
|
|
4832
4839
|
}
|
|
4833
4840
|
}
|
|
4834
4841
|
|
|
4835
|
-
/*! @azure/msal-common v16.4.
|
|
4842
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4836
4843
|
|
|
4837
4844
|
/*
|
|
4838
4845
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4863,7 +4870,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
4863
4870
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
4864
4871
|
}
|
|
4865
4872
|
|
|
4866
|
-
/*! @azure/msal-common v16.4.
|
|
4873
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4867
4874
|
|
|
4868
4875
|
/*
|
|
4869
4876
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4977,7 +4984,7 @@ async function sendPostRequest(thumbprint, tokenEndpoint, options, correlationId
|
|
|
4977
4984
|
return response;
|
|
4978
4985
|
}
|
|
4979
4986
|
|
|
4980
|
-
/*! @azure/msal-common v16.4.
|
|
4987
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4981
4988
|
/*
|
|
4982
4989
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4983
4990
|
* Licensed under the MIT License.
|
|
@@ -4989,7 +4996,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
4989
4996
|
response.hasOwnProperty("jwks_uri"));
|
|
4990
4997
|
}
|
|
4991
4998
|
|
|
4992
|
-
/*! @azure/msal-common v16.4.
|
|
4999
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
4993
5000
|
/*
|
|
4994
5001
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4995
5002
|
* Licensed under the MIT License.
|
|
@@ -4999,7 +5006,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
4999
5006
|
response.hasOwnProperty("metadata"));
|
|
5000
5007
|
}
|
|
5001
5008
|
|
|
5002
|
-
/*! @azure/msal-common v16.4.
|
|
5009
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5003
5010
|
/*
|
|
5004
5011
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5005
5012
|
* Licensed under the MIT License.
|
|
@@ -5009,7 +5016,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
5009
5016
|
response.hasOwnProperty("error_description"));
|
|
5010
5017
|
}
|
|
5011
5018
|
|
|
5012
|
-
/*! @azure/msal-common v16.4.
|
|
5019
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5013
5020
|
|
|
5014
5021
|
/*
|
|
5015
5022
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5114,7 +5121,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
5114
5121
|
},
|
|
5115
5122
|
};
|
|
5116
5123
|
|
|
5117
|
-
/*! @azure/msal-common v16.4.
|
|
5124
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5118
5125
|
|
|
5119
5126
|
/*
|
|
5120
5127
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5934,7 +5941,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
5934
5941
|
};
|
|
5935
5942
|
}
|
|
5936
5943
|
|
|
5937
|
-
/*! @azure/msal-common v16.4.
|
|
5944
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5938
5945
|
|
|
5939
5946
|
/*
|
|
5940
5947
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5968,7 +5975,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
5968
5975
|
}
|
|
5969
5976
|
}
|
|
5970
5977
|
|
|
5971
|
-
/*! @azure/msal-common v16.4.
|
|
5978
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
5972
5979
|
|
|
5973
5980
|
/*
|
|
5974
5981
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6229,7 +6236,7 @@ class AuthorizationCodeClient {
|
|
|
6229
6236
|
}
|
|
6230
6237
|
}
|
|
6231
6238
|
|
|
6232
|
-
/*! @azure/msal-common v16.4.
|
|
6239
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6233
6240
|
|
|
6234
6241
|
/*
|
|
6235
6242
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6454,7 +6461,7 @@ class RefreshTokenClient {
|
|
|
6454
6461
|
}
|
|
6455
6462
|
}
|
|
6456
6463
|
|
|
6457
|
-
/*! @azure/msal-common v16.4.
|
|
6464
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6458
6465
|
|
|
6459
6466
|
/*
|
|
6460
6467
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6570,7 +6577,7 @@ class SilentFlowClient {
|
|
|
6570
6577
|
}
|
|
6571
6578
|
}
|
|
6572
6579
|
|
|
6573
|
-
/*! @azure/msal-common v16.4.
|
|
6580
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6574
6581
|
|
|
6575
6582
|
/*
|
|
6576
6583
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6585,7 +6592,7 @@ const StubbedNetworkModule = {
|
|
|
6585
6592
|
},
|
|
6586
6593
|
};
|
|
6587
6594
|
|
|
6588
|
-
/*! @azure/msal-common v16.4.
|
|
6595
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6589
6596
|
|
|
6590
6597
|
/*
|
|
6591
6598
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6812,7 +6819,7 @@ function extractLoginHint(account) {
|
|
|
6812
6819
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
6813
6820
|
}
|
|
6814
6821
|
|
|
6815
|
-
/*! @azure/msal-common v16.4.
|
|
6822
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6816
6823
|
|
|
6817
6824
|
/*
|
|
6818
6825
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6845,7 +6852,7 @@ function containsResourceParam(params) {
|
|
|
6845
6852
|
return Object.prototype.hasOwnProperty.call(params, "resource");
|
|
6846
6853
|
}
|
|
6847
6854
|
|
|
6848
|
-
/*! @azure/msal-common v16.4.
|
|
6855
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6849
6856
|
/*
|
|
6850
6857
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6851
6858
|
* Licensed under the MIT License.
|
|
@@ -6855,7 +6862,7 @@ function containsResourceParam(params) {
|
|
|
6855
6862
|
*/
|
|
6856
6863
|
const unexpectedError = "unexpected_error";
|
|
6857
6864
|
|
|
6858
|
-
/*! @azure/msal-common v16.4.
|
|
6865
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
6859
6866
|
|
|
6860
6867
|
/*
|
|
6861
6868
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7116,7 +7123,7 @@ class ServerTelemetryManager {
|
|
|
7116
7123
|
}
|
|
7117
7124
|
}
|
|
7118
7125
|
|
|
7119
|
-
/*! @azure/msal-common v16.4.
|
|
7126
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7120
7127
|
|
|
7121
7128
|
/*
|
|
7122
7129
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7137,7 +7144,7 @@ function createJoseHeaderError(code) {
|
|
|
7137
7144
|
return new JoseHeaderError(code);
|
|
7138
7145
|
}
|
|
7139
7146
|
|
|
7140
|
-
/*! @azure/msal-common v16.4.
|
|
7147
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7141
7148
|
/*
|
|
7142
7149
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7143
7150
|
* Licensed under the MIT License.
|
|
@@ -7145,7 +7152,7 @@ function createJoseHeaderError(code) {
|
|
|
7145
7152
|
const missingKidError = "missing_kid_error";
|
|
7146
7153
|
const missingAlgError = "missing_alg_error";
|
|
7147
7154
|
|
|
7148
|
-
/*! @azure/msal-common v16.4.
|
|
7155
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
7149
7156
|
|
|
7150
7157
|
/*
|
|
7151
7158
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7580,7 +7587,7 @@ function ensureArgumentIsJSONString(argName, argValue, correlationId) {
|
|
|
7580
7587
|
|
|
7581
7588
|
/* eslint-disable header/header */
|
|
7582
7589
|
const name = "@azure/msal-browser";
|
|
7583
|
-
const version = "5.6.
|
|
7590
|
+
const version = "5.6.3";
|
|
7584
7591
|
|
|
7585
7592
|
/*
|
|
7586
7593
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8200,7 +8207,12 @@ const UrlEncodeArr = "urlEncodeArr";
|
|
|
8200
8207
|
const Encrypt = "encrypt";
|
|
8201
8208
|
const Decrypt = "decrypt";
|
|
8202
8209
|
const GenerateEarKey = "generateEarKey";
|
|
8203
|
-
const DecryptEarResponse = "decryptEarResponse";
|
|
8210
|
+
const DecryptEarResponse = "decryptEarResponse";
|
|
8211
|
+
/**
|
|
8212
|
+
* Background telemetry measurement that tracks whether a late bridge response
|
|
8213
|
+
* arrives after the iframe timeout has already fired.
|
|
8214
|
+
*/
|
|
8215
|
+
const WaitForBridgeLateResponse = "waitForBridgeLateResponse";
|
|
8204
8216
|
|
|
8205
8217
|
/*
|
|
8206
8218
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -9008,20 +9020,35 @@ function cancelPendingBridgeResponse(logger, correlationId) {
|
|
|
9008
9020
|
activeBridgeMonitor = null;
|
|
9009
9021
|
}
|
|
9010
9022
|
}
|
|
9011
|
-
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient) {
|
|
9023
|
+
async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient, experimentalConfig) {
|
|
9012
9024
|
return new Promise((resolve, reject) => {
|
|
9013
9025
|
logger.verbose("1rf6em", request.correlationId);
|
|
9014
9026
|
const correlationId = request.correlationId;
|
|
9015
9027
|
performanceClient.addFields({
|
|
9016
9028
|
redirectBridgeTimeoutMs: timeoutMs,
|
|
9029
|
+
lateResponseExperimentEnabled: experimentalConfig?.iframeTimeoutTelemetry || false,
|
|
9017
9030
|
}, correlationId);
|
|
9018
9031
|
const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
|
|
9019
9032
|
const channel = new BroadcastChannel(libraryState.id);
|
|
9020
9033
|
let responseString = undefined;
|
|
9034
|
+
let timedOut$1 = false;
|
|
9035
|
+
let lateTimeoutId;
|
|
9036
|
+
let lateMeasurement;
|
|
9021
9037
|
const timeoutId = window.setTimeout(() => {
|
|
9022
9038
|
// Clear the active monitor
|
|
9023
9039
|
activeBridgeMonitor = null;
|
|
9024
|
-
|
|
9040
|
+
if (experimentalConfig?.iframeTimeoutTelemetry) {
|
|
9041
|
+
lateMeasurement = performanceClient.startMeasurement(WaitForBridgeLateResponse, correlationId);
|
|
9042
|
+
timedOut$1 = true;
|
|
9043
|
+
lateTimeoutId = window.setTimeout(() => {
|
|
9044
|
+
lateMeasurement?.end({ success: false });
|
|
9045
|
+
clearTimeout(lateTimeoutId);
|
|
9046
|
+
channel.close();
|
|
9047
|
+
}, 60000); // 60s late response timeout to allow for telemetry of late responses
|
|
9048
|
+
}
|
|
9049
|
+
else {
|
|
9050
|
+
channel.close();
|
|
9051
|
+
}
|
|
9025
9052
|
reject(createBrowserAuthError(timedOut, "redirect_bridge_timeout"));
|
|
9026
9053
|
}, timeoutMs);
|
|
9027
9054
|
// Track this monitor so it can be cancelled if needed
|
|
@@ -9035,6 +9062,14 @@ async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request,
|
|
|
9035
9062
|
const messageVersion = event?.data && typeof event.data.v === "number"
|
|
9036
9063
|
? event.data.v
|
|
9037
9064
|
: undefined;
|
|
9065
|
+
if (timedOut$1) {
|
|
9066
|
+
lateMeasurement?.end({
|
|
9067
|
+
success: responseString ? true : false,
|
|
9068
|
+
});
|
|
9069
|
+
clearTimeout(lateTimeoutId);
|
|
9070
|
+
channel.close();
|
|
9071
|
+
return;
|
|
9072
|
+
}
|
|
9038
9073
|
performanceClient.addFields({
|
|
9039
9074
|
redirectBridgeMessageVersion: messageVersion,
|
|
9040
9075
|
}, correlationId);
|
|
@@ -16717,9 +16752,9 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16717
16752
|
}
|
|
16718
16753
|
// Get the preferred_cache domain for the given authority
|
|
16719
16754
|
const authority = await getDiscoveredAuthority(this.config, this.correlationId, this.performanceClient, this.browserStorage, this.logger, request.authority);
|
|
16720
|
-
const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info,
|
|
16755
|
+
const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info, authority.getPreferredCache(), // environment
|
|
16721
16756
|
idTokenClaims.tid, undefined, // auth code payload
|
|
16722
|
-
response.account.id);
|
|
16757
|
+
response.account.id, this.logger, this.performanceClient);
|
|
16723
16758
|
// Ensure expires_in is in number format
|
|
16724
16759
|
response.expires_in = Number(response.expires_in);
|
|
16725
16760
|
// generate authenticationResult
|
|
@@ -17604,7 +17639,7 @@ const DEFAULT_NATIVE_BROKER_HANDSHAKE_TIMEOUT_MS = 2000;
|
|
|
17604
17639
|
*
|
|
17605
17640
|
* @returns Configuration object
|
|
17606
17641
|
*/
|
|
17607
|
-
function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system: userInputSystem, telemetry: userInputTelemetry, }, isBrowserEnvironment) {
|
|
17642
|
+
function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system: userInputSystem, experimental: userInputExperimental, telemetry: userInputTelemetry, }, isBrowserEnvironment) {
|
|
17608
17643
|
// Default auth options for browser
|
|
17609
17644
|
const DEFAULT_AUTH_OPTIONS = {
|
|
17610
17645
|
clientId: "",
|
|
@@ -17676,6 +17711,9 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
17676
17711
|
},
|
|
17677
17712
|
client: new StubPerformanceClient(),
|
|
17678
17713
|
};
|
|
17714
|
+
const DEFAULT_EXPERIMENTAL_OPTIONS = {
|
|
17715
|
+
iframeTimeoutTelemetry: false,
|
|
17716
|
+
};
|
|
17679
17717
|
// Throw an error if user has set OIDCOptions without being in OIDC protocol mode
|
|
17680
17718
|
if (userInputSystem?.protocolMode !== ProtocolMode.OIDC &&
|
|
17681
17719
|
userInputAuth?.OIDCOptions) {
|
|
@@ -17699,6 +17737,10 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
17699
17737
|
},
|
|
17700
17738
|
cache: { ...DEFAULT_CACHE_OPTIONS, ...userInputCache },
|
|
17701
17739
|
system: providedSystemOptions,
|
|
17740
|
+
experimental: {
|
|
17741
|
+
...DEFAULT_EXPERIMENTAL_OPTIONS,
|
|
17742
|
+
...userInputExperimental,
|
|
17743
|
+
},
|
|
17702
17744
|
telemetry: { ...DEFAULT_TELEMETRY_OPTIONS, ...userInputTelemetry },
|
|
17703
17745
|
};
|
|
17704
17746
|
return overlayedConfig;
|
|
@@ -19206,7 +19248,7 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
19206
19248
|
const responseType = this.config.auth.OIDCOptions.responseMode;
|
|
19207
19249
|
let responseString;
|
|
19208
19250
|
try {
|
|
19209
|
-
responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
19251
|
+
responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient, this.config.experimental);
|
|
19210
19252
|
}
|
|
19211
19253
|
finally {
|
|
19212
19254
|
invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
|
|
@@ -19262,7 +19304,7 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
19262
19304
|
// Wait for response from the redirect bridge.
|
|
19263
19305
|
let responseString;
|
|
19264
19306
|
try {
|
|
19265
|
-
responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
|
|
19307
|
+
responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient, this.config.experimental);
|
|
19266
19308
|
}
|
|
19267
19309
|
finally {
|
|
19268
19310
|
invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
|
|
@@ -19510,22 +19552,32 @@ class StandardController {
|
|
|
19510
19552
|
this.nativeInternalStorage = new BrowserCacheManager(this.config.auth.clientId, nativeCacheOptions, this.browserCrypto, this.logger, this.performanceClient, this.eventHandler);
|
|
19511
19553
|
this.activeSilentTokenRequests = new Map();
|
|
19512
19554
|
// Register listener functions
|
|
19513
|
-
this.
|
|
19555
|
+
this.trackStateChange = this.trackStateChange.bind(this);
|
|
19514
19556
|
// Register listener functions
|
|
19515
|
-
this.
|
|
19516
|
-
this.
|
|
19557
|
+
this.trackStateChangeWithMeasurement =
|
|
19558
|
+
this.trackStateChangeWithMeasurement.bind(this);
|
|
19517
19559
|
}
|
|
19518
19560
|
static async createController(operatingContext, request) {
|
|
19519
19561
|
const controller = new StandardController(operatingContext);
|
|
19520
19562
|
await controller.initialize(request);
|
|
19521
19563
|
return controller;
|
|
19522
19564
|
}
|
|
19523
|
-
|
|
19565
|
+
trackStateChange(correlationId, event) {
|
|
19524
19566
|
if (!correlationId) {
|
|
19525
19567
|
return;
|
|
19526
19568
|
}
|
|
19527
|
-
|
|
19528
|
-
|
|
19569
|
+
if (event.type === "visibilitychange") {
|
|
19570
|
+
this.logger.info("16v6hv", correlationId);
|
|
19571
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
|
|
19572
|
+
}
|
|
19573
|
+
else if (event.type === "online") {
|
|
19574
|
+
this.logger.info("0zirfd", correlationId);
|
|
19575
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
19576
|
+
}
|
|
19577
|
+
else if (event.type === "offline") {
|
|
19578
|
+
this.logger.info("1xk9ef", correlationId);
|
|
19579
|
+
this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
|
|
19580
|
+
}
|
|
19529
19581
|
}
|
|
19530
19582
|
/**
|
|
19531
19583
|
* Initializer function to perform async startup tasks such as connecting to WAM extension
|
|
@@ -19867,15 +19919,40 @@ class StandardController {
|
|
|
19867
19919
|
}
|
|
19868
19920
|
});
|
|
19869
19921
|
}
|
|
19870
|
-
|
|
19922
|
+
trackStateChangeWithMeasurement(event) {
|
|
19871
19923
|
const measurement = this.ssoSilentMeasurement ||
|
|
19872
19924
|
this.acquireTokenByCodeAsyncMeasurement;
|
|
19873
19925
|
if (!measurement) {
|
|
19874
19926
|
return;
|
|
19875
19927
|
}
|
|
19876
|
-
|
|
19877
|
-
|
|
19878
|
-
|
|
19928
|
+
if (event.type === "visibilitychange") {
|
|
19929
|
+
this.logger.info("0yzimq", measurement.event.correlationId);
|
|
19930
|
+
measurement.increment({
|
|
19931
|
+
visibilityChangeCount: 1,
|
|
19932
|
+
});
|
|
19933
|
+
}
|
|
19934
|
+
else if (event.type === "online") {
|
|
19935
|
+
this.logger.info("1caf53", measurement.event.correlationId);
|
|
19936
|
+
measurement.increment({
|
|
19937
|
+
onlineStatusChangeCount: 1,
|
|
19938
|
+
});
|
|
19939
|
+
}
|
|
19940
|
+
else if (event.type === "offline") {
|
|
19941
|
+
this.logger.info("0fdyk7", measurement.event.correlationId);
|
|
19942
|
+
measurement.increment({
|
|
19943
|
+
onlineStatusChangeCount: 1,
|
|
19944
|
+
});
|
|
19945
|
+
}
|
|
19946
|
+
}
|
|
19947
|
+
addStateChangeListeners(listener) {
|
|
19948
|
+
document.addEventListener("visibilitychange", listener);
|
|
19949
|
+
window.addEventListener("online", listener);
|
|
19950
|
+
window.addEventListener("offline", listener);
|
|
19951
|
+
}
|
|
19952
|
+
removeStateChangeListeners(listener) {
|
|
19953
|
+
document.removeEventListener("visibilitychange", listener);
|
|
19954
|
+
window.removeEventListener("online", listener);
|
|
19955
|
+
window.removeEventListener("offline", listener);
|
|
19879
19956
|
}
|
|
19880
19957
|
// #endregion
|
|
19881
19958
|
// #region Silent Flow
|
|
@@ -19909,8 +19986,9 @@ class StandardController {
|
|
|
19909
19986
|
preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
|
|
19910
19987
|
this.ssoSilentMeasurement?.increment({
|
|
19911
19988
|
visibilityChangeCount: 0,
|
|
19989
|
+
onlineStatusChangeCount: 0,
|
|
19912
19990
|
});
|
|
19913
|
-
|
|
19991
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
19914
19992
|
const loggedInAccounts = this.getAllAccounts();
|
|
19915
19993
|
this.logger.verbose("0w1b45", correlationId);
|
|
19916
19994
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, InteractionType.Silent, validRequest);
|
|
@@ -19953,7 +20031,7 @@ class StandardController {
|
|
|
19953
20031
|
throw e;
|
|
19954
20032
|
})
|
|
19955
20033
|
.finally(() => {
|
|
19956
|
-
|
|
20034
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
19957
20035
|
});
|
|
19958
20036
|
}
|
|
19959
20037
|
/**
|
|
@@ -20060,8 +20138,9 @@ class StandardController {
|
|
|
20060
20138
|
this.performanceClient.startMeasurement(AcquireTokenByCodeAsync, correlationId);
|
|
20061
20139
|
this.acquireTokenByCodeAsyncMeasurement?.increment({
|
|
20062
20140
|
visibilityChangeCount: 0,
|
|
20141
|
+
onlineStatusChangeCount: 0,
|
|
20063
20142
|
});
|
|
20064
|
-
|
|
20143
|
+
this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20065
20144
|
const silentAuthCodeClient = this.createSilentAuthCodeClient(correlationId);
|
|
20066
20145
|
const silentTokenResult = await silentAuthCodeClient
|
|
20067
20146
|
.acquireToken(request)
|
|
@@ -20080,7 +20159,7 @@ class StandardController {
|
|
|
20080
20159
|
throw tokenRenewalError;
|
|
20081
20160
|
})
|
|
20082
20161
|
.finally(() => {
|
|
20083
|
-
|
|
20162
|
+
this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
|
|
20084
20163
|
});
|
|
20085
20164
|
return silentTokenResult;
|
|
20086
20165
|
}
|
|
@@ -20542,12 +20621,12 @@ class StandardController {
|
|
|
20542
20621
|
* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
|
|
20543
20622
|
*/
|
|
20544
20623
|
async acquireTokenSilentAsync(request, account) {
|
|
20545
|
-
const
|
|
20624
|
+
const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
|
|
20546
20625
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, request.correlationId, InteractionType.Silent, request);
|
|
20547
20626
|
if (request.correlationId) {
|
|
20548
|
-
this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
|
|
20627
|
+
this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
|
|
20549
20628
|
}
|
|
20550
|
-
|
|
20629
|
+
this.addStateChangeListeners(trackStateChange);
|
|
20551
20630
|
const silentRequest = await invokeAsync(initializeSilentRequest, InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
|
|
20552
20631
|
const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
|
|
20553
20632
|
const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
|
|
@@ -20629,7 +20708,7 @@ class StandardController {
|
|
|
20629
20708
|
throw tokenRenewalError;
|
|
20630
20709
|
})
|
|
20631
20710
|
.finally(() => {
|
|
20632
|
-
|
|
20711
|
+
this.removeStateChangeListeners(trackStateChange);
|
|
20633
20712
|
});
|
|
20634
20713
|
}
|
|
20635
20714
|
/**
|