@azure/msal-browser 5.6.2 → 5.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (376) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  4. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  7. package/dist/cache/AccountManager.mjs +1 -1
  8. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  9. package/dist/cache/BrowserCacheManager.mjs +1 -1
  10. package/dist/cache/CacheHelpers.mjs +1 -1
  11. package/dist/cache/CacheKeys.mjs +1 -1
  12. package/dist/cache/CookieStorage.mjs +1 -1
  13. package/dist/cache/DatabaseStorage.mjs +1 -1
  14. package/dist/cache/EncryptedData.mjs +1 -1
  15. package/dist/cache/LocalStorage.mjs +1 -1
  16. package/dist/cache/MemoryStorage.mjs +1 -1
  17. package/dist/cache/SessionStorage.mjs +1 -1
  18. package/dist/cache/TokenCache.d.ts.map +1 -1
  19. package/dist/cache/TokenCache.mjs +9 -9
  20. package/dist/cache/TokenCache.mjs.map +1 -1
  21. package/dist/config/Configuration.d.ts +13 -1
  22. package/dist/config/Configuration.d.ts.map +1 -1
  23. package/dist/config/Configuration.mjs +9 -2
  24. package/dist/config/Configuration.mjs.map +1 -1
  25. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  26. package/dist/controllers/StandardController.d.ts +4 -2
  27. package/dist/controllers/StandardController.d.ts.map +1 -1
  28. package/dist/controllers/StandardController.mjs +56 -19
  29. package/dist/controllers/StandardController.mjs.map +1 -1
  30. package/dist/crypto/BrowserCrypto.mjs +1 -1
  31. package/dist/crypto/CryptoOps.mjs +1 -1
  32. package/dist/crypto/PkceGenerator.mjs +1 -1
  33. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  34. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  35. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  36. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  37. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  38. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  39. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  40. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  41. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  42. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  43. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  44. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  45. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  46. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  47. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  48. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  49. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  50. package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
  51. package/dist/custom-auth-path/config/Configuration.d.ts +13 -1
  52. package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
  53. package/dist/custom-auth-path/config/Configuration.mjs +9 -2
  54. package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
  55. package/dist/custom-auth-path/controllers/StandardController.d.ts +4 -2
  56. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  57. package/dist/custom-auth-path/controllers/StandardController.mjs +56 -19
  58. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  59. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  60. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  61. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  62. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  63. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  64. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  65. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  166. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  167. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  169. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  170. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  171. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  172. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  173. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  174. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  175. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  176. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  177. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  178. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  179. package/dist/custom-auth-path/index.d.ts +1 -1
  180. package/dist/custom-auth-path/index.d.ts.map +1 -1
  181. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  182. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  183. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  184. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  185. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
  186. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  187. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  188. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  189. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  190. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  191. package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
  192. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +3 -3
  193. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
  194. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  195. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
  196. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  197. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
  198. package/dist/custom-auth-path/log-strings-mapping.json +23 -3
  199. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  200. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  201. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  202. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  203. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  204. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  205. package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
  206. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  207. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  208. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts +1 -0
  209. package/dist/custom-auth-path/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  210. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts +5 -0
  211. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  212. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +8 -3
  213. package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
  214. package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  215. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  216. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  217. package/dist/custom-auth-path/utils/BrowserUtils.d.ts +2 -2
  218. package/dist/custom-auth-path/utils/BrowserUtils.d.ts.map +1 -1
  219. package/dist/custom-auth-path/utils/BrowserUtils.mjs +27 -3
  220. package/dist/custom-auth-path/utils/BrowserUtils.mjs.map +1 -1
  221. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  222. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
  223. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  224. package/dist/encode/Base64Decode.mjs +1 -1
  225. package/dist/encode/Base64Encode.mjs +1 -1
  226. package/dist/error/BrowserAuthError.mjs +1 -1
  227. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  228. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  229. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  230. package/dist/error/NativeAuthError.mjs +1 -1
  231. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  232. package/dist/error/NestedAppAuthError.mjs +1 -1
  233. package/dist/event/EventHandler.mjs +1 -1
  234. package/dist/event/EventMessage.mjs +1 -1
  235. package/dist/event/EventType.mjs +1 -1
  236. package/dist/index.d.ts +1 -1
  237. package/dist/index.d.ts.map +1 -1
  238. package/dist/index.mjs +1 -1
  239. package/dist/index.mjs.map +1 -1
  240. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  241. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  242. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  243. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  244. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +8 -8
  245. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  246. package/dist/interaction_client/PopupClient.mjs +1 -1
  247. package/dist/interaction_client/RedirectClient.mjs +1 -1
  248. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  249. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  250. package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
  251. package/dist/interaction_client/SilentIframeClient.mjs +3 -3
  252. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  253. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  254. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  255. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  256. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  257. package/dist/log-strings-mapping.json +31 -11
  258. package/dist/naa/BridgeError.mjs +1 -1
  259. package/dist/naa/BridgeProxy.mjs +1 -1
  260. package/dist/naa/BridgeStatusCode.mjs +1 -1
  261. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  262. package/dist/navigation/NavigationClient.mjs +1 -1
  263. package/dist/network/FetchClient.mjs +1 -1
  264. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  265. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  266. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  267. package/dist/packageMetadata.d.ts +1 -1
  268. package/dist/packageMetadata.mjs +2 -2
  269. package/dist/protocol/Authorize.mjs +1 -1
  270. package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
  271. package/dist/redirect-bridge/cache/TokenCache.d.ts.map +1 -1
  272. package/dist/redirect-bridge/config/Configuration.d.ts +13 -1
  273. package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
  274. package/dist/redirect-bridge/config/Configuration.mjs +1 -1
  275. package/dist/redirect-bridge/controllers/StandardController.d.ts +4 -2
  276. package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
  277. package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
  278. package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
  279. package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
  280. package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
  281. package/dist/redirect-bridge/index.d.ts +1 -1
  282. package/dist/redirect-bridge/index.d.ts.map +1 -1
  283. package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  284. package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  285. package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
  286. package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
  287. package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
  288. package/dist/redirect-bridge/redirect_bridge/index.mjs +1 -1
  289. package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts +1 -0
  290. package/dist/redirect-bridge/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  291. package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts +5 -0
  292. package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  293. package/dist/redirect-bridge/utils/BrowserConstants.mjs +1 -1
  294. package/dist/redirect-bridge/utils/BrowserUtils.d.ts +2 -2
  295. package/dist/redirect-bridge/utils/BrowserUtils.d.ts.map +1 -1
  296. package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
  297. package/dist/redirect-bridge/utils/BrowserUtils.mjs.map +1 -1
  298. package/dist/request/RequestHelpers.mjs +1 -1
  299. package/dist/response/ResponseHandler.mjs +1 -1
  300. package/dist/telemetry/BrowserPerformanceClient.d.ts +1 -0
  301. package/dist/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  302. package/dist/telemetry/BrowserPerformanceClient.mjs +6 -1
  303. package/dist/telemetry/BrowserPerformanceClient.mjs.map +1 -1
  304. package/dist/telemetry/BrowserPerformanceEvents.d.ts +5 -0
  305. package/dist/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  306. package/dist/telemetry/BrowserPerformanceEvents.mjs +8 -3
  307. package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
  308. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  309. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  310. package/dist/utils/BrowserConstants.mjs +1 -1
  311. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  312. package/dist/utils/BrowserUtils.d.ts +2 -2
  313. package/dist/utils/BrowserUtils.d.ts.map +1 -1
  314. package/dist/utils/BrowserUtils.mjs +27 -3
  315. package/dist/utils/BrowserUtils.mjs.map +1 -1
  316. package/dist/utils/Helpers.mjs +1 -1
  317. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  318. package/lib/custom-auth-path/log-strings-mapping.json +23 -3
  319. package/lib/custom-auth-path/msal-custom-auth.cjs +620 -541
  320. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  321. package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
  322. package/lib/custom-auth-path/types/config/Configuration.d.ts +13 -1
  323. package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
  324. package/lib/custom-auth-path/types/controllers/StandardController.d.ts +4 -2
  325. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  326. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  327. package/lib/custom-auth-path/types/index.d.ts +1 -1
  328. package/lib/custom-auth-path/types/index.d.ts.map +1 -1
  329. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  330. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  331. package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  332. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  333. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  334. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  335. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts +5 -0
  336. package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  337. package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts +2 -2
  338. package/lib/custom-auth-path/types/utils/BrowserUtils.d.ts.map +1 -1
  339. package/lib/log-strings-mapping.json +31 -11
  340. package/lib/msal-browser.cjs +768 -683
  341. package/lib/msal-browser.cjs.map +1 -1
  342. package/lib/msal-browser.js +768 -683
  343. package/lib/msal-browser.js.map +1 -1
  344. package/lib/msal-browser.min.js +2 -2
  345. package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
  346. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
  347. package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
  348. package/lib/types/cache/TokenCache.d.ts.map +1 -1
  349. package/lib/types/config/Configuration.d.ts +13 -1
  350. package/lib/types/config/Configuration.d.ts.map +1 -1
  351. package/lib/types/controllers/StandardController.d.ts +4 -2
  352. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  353. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  354. package/lib/types/index.d.ts +1 -1
  355. package/lib/types/index.d.ts.map +1 -1
  356. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts +10 -10
  357. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  358. package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  359. package/lib/types/packageMetadata.d.ts +1 -1
  360. package/lib/types/telemetry/BrowserPerformanceClient.d.ts +1 -0
  361. package/lib/types/telemetry/BrowserPerformanceClient.d.ts.map +1 -1
  362. package/lib/types/telemetry/BrowserPerformanceEvents.d.ts +5 -0
  363. package/lib/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
  364. package/lib/types/utils/BrowserUtils.d.ts +2 -2
  365. package/lib/types/utils/BrowserUtils.d.ts.map +1 -1
  366. package/package.json +2 -2
  367. package/src/cache/TokenCache.ts +27 -24
  368. package/src/config/Configuration.ts +22 -0
  369. package/src/controllers/StandardController.ts +84 -35
  370. package/src/index.ts +1 -0
  371. package/src/interaction_client/PlatformAuthInteractionClient.ts +55 -53
  372. package/src/interaction_client/SilentIframeClient.ts +4 -2
  373. package/src/packageMetadata.ts +1 -1
  374. package/src/telemetry/BrowserPerformanceClient.ts +6 -0
  375. package/src/telemetry/BrowserPerformanceEvents.ts +6 -0
  376. package/src/utils/BrowserUtils.ts +36 -4
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v5.6.2 2026-03-27 */
1
+ /*! @azure/msal-browser v5.6.3 2026-04-01 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v16.4.0 2026-03-27 */
5
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -229,7 +229,7 @@ const JsonWebTokenTypes = {
229
229
  // Token renewal offset default in seconds
230
230
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
231
231
 
232
- /*! @azure/msal-common v16.4.0 2026-03-27 */
232
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
233
233
  /*
234
234
  * Copyright (c) Microsoft Corporation. All rights reserved.
235
235
  * Licensed under the MIT License.
@@ -281,7 +281,7 @@ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
281
281
  const RESOURCE = "resource";
282
282
  const CLI_DATA = "clidata";
283
283
 
284
- /*! @azure/msal-common v16.4.0 2026-03-27 */
284
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
285
285
  /*
286
286
  * Copyright (c) Microsoft Corporation. All rights reserved.
287
287
  * Licensed under the MIT License.
@@ -312,7 +312,7 @@ function createAuthError(code, additionalMessage) {
312
312
  return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
313
313
  }
314
314
 
315
- /*! @azure/msal-common v16.4.0 2026-03-27 */
315
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
316
316
 
317
317
  /*
318
318
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -332,7 +332,7 @@ function createClientConfigurationError(errorCode) {
332
332
  return new ClientConfigurationError(errorCode);
333
333
  }
334
334
 
335
- /*! @azure/msal-common v16.4.0 2026-03-27 */
335
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
336
336
  /*
337
337
  * Copyright (c) Microsoft Corporation. All rights reserved.
338
338
  * Licensed under the MIT License.
@@ -412,7 +412,7 @@ class StringUtils {
412
412
  }
413
413
  }
414
414
 
415
- /*! @azure/msal-common v16.4.0 2026-03-27 */
415
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
416
416
 
417
417
  /*
418
418
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -435,7 +435,7 @@ function createClientAuthError(errorCode, additionalMessage) {
435
435
  return new ClientAuthError(errorCode, additionalMessage);
436
436
  }
437
437
 
438
- /*! @azure/msal-common v16.4.0 2026-03-27 */
438
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
439
439
  /*
440
440
  * Copyright (c) Microsoft Corporation. All rights reserved.
441
441
  * Licensed under the MIT License.
@@ -459,7 +459,7 @@ const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
459
459
  const authorityMismatch = "authority_mismatch";
460
460
  const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
461
461
 
462
- /*! @azure/msal-common v16.4.0 2026-03-27 */
462
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
463
463
  /*
464
464
  * Copyright (c) Microsoft Corporation. All rights reserved.
465
465
  * Licensed under the MIT License.
@@ -498,7 +498,7 @@ const methodNotImplemented = "method_not_implemented";
498
498
  const resourceParameterRequired = "resource_parameter_required";
499
499
  const misplacedResourceParam = "misplaced_resource_parameter";
500
500
 
501
- /*! @azure/msal-common v16.4.0 2026-03-27 */
501
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
502
502
 
503
503
  /*
504
504
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -693,7 +693,7 @@ class ScopeSet {
693
693
  }
694
694
  }
695
695
 
696
- /*! @azure/msal-common v16.4.0 2026-03-27 */
696
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
697
697
 
698
698
  /*
699
699
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1071,7 +1071,7 @@ function addResource(parameters, resource) {
1071
1071
  }
1072
1072
  }
1073
1073
 
1074
- /*! @azure/msal-common v16.4.0 2026-03-27 */
1074
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1075
1075
 
1076
1076
  /*
1077
1077
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1180,7 +1180,7 @@ function normalizeUrlForComparison(url) {
1180
1180
  }
1181
1181
  }
1182
1182
 
1183
- /*! @azure/msal-common v16.4.0 2026-03-27 */
1183
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1184
1184
 
1185
1185
  /*
1186
1186
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1219,7 +1219,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
1219
1219
  },
1220
1220
  };
1221
1221
 
1222
- /*! @azure/msal-common v16.4.0 2026-03-27 */
1222
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1223
1223
  /*
1224
1224
  * Copyright (c) Microsoft Corporation. All rights reserved.
1225
1225
  * Licensed under the MIT License.
@@ -1480,12 +1480,12 @@ class Logger {
1480
1480
  }
1481
1481
  }
1482
1482
 
1483
- /*! @azure/msal-common v16.4.0 2026-03-27 */
1483
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1484
1484
  /* eslint-disable header/header */
1485
1485
  const name$1 = "@azure/msal-common";
1486
- const version$1 = "16.4.0";
1486
+ const version$1 = "16.4.1";
1487
1487
 
1488
- /*! @azure/msal-common v16.4.0 2026-03-27 */
1488
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1489
1489
  /*
1490
1490
  * Copyright (c) Microsoft Corporation. All rights reserved.
1491
1491
  * Licensed under the MIT License.
@@ -1494,7 +1494,7 @@ const AzureCloudInstance = {
1494
1494
  // AzureCloudInstance is not specified.
1495
1495
  None: "none"};
1496
1496
 
1497
- /*! @azure/msal-common v16.4.0 2026-03-27 */
1497
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1498
1498
  /*
1499
1499
  * Copyright (c) Microsoft Corporation. All rights reserved.
1500
1500
  * Licensed under the MIT License.
@@ -1576,7 +1576,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1576
1576
  return updatedAccountInfo;
1577
1577
  }
1578
1578
 
1579
- /*! @azure/msal-common v16.4.0 2026-03-27 */
1579
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1580
1580
 
1581
1581
  /*
1582
1582
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1656,7 +1656,7 @@ function checkMaxAge(authTime, maxAge) {
1656
1656
  }
1657
1657
  }
1658
1658
 
1659
- /*! @azure/msal-common v16.4.0 2026-03-27 */
1659
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1660
1660
 
1661
1661
  /*
1662
1662
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1813,7 +1813,7 @@ class UrlString {
1813
1813
  }
1814
1814
  }
1815
1815
 
1816
- /*! @azure/msal-common v16.4.0 2026-03-27 */
1816
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1817
1817
 
1818
1818
  /*
1819
1819
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1970,7 +1970,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
1970
1970
  return null;
1971
1971
  }
1972
1972
 
1973
- /*! @azure/msal-common v16.4.0 2026-03-27 */
1973
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1974
1974
  /*
1975
1975
  * Copyright (c) Microsoft Corporation. All rights reserved.
1976
1976
  * Licensed under the MIT License.
@@ -1978,7 +1978,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
1978
1978
  const cacheQuotaExceeded = "cache_quota_exceeded";
1979
1979
  const cacheErrorUnknown = "cache_error_unknown";
1980
1980
 
1981
- /*! @azure/msal-common v16.4.0 2026-03-27 */
1981
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
1982
1982
 
1983
1983
  /*
1984
1984
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2016,7 +2016,7 @@ function createCacheError(e) {
2016
2016
  }
2017
2017
  }
2018
2018
 
2019
- /*! @azure/msal-common v16.4.0 2026-03-27 */
2019
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2020
2020
 
2021
2021
  /*
2022
2022
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2054,7 +2054,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
2054
2054
  };
2055
2055
  }
2056
2056
 
2057
- /*! @azure/msal-common v16.4.0 2026-03-27 */
2057
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2058
2058
  /*
2059
2059
  * Copyright (c) Microsoft Corporation. All rights reserved.
2060
2060
  * Licensed under the MIT License.
@@ -2069,7 +2069,7 @@ const AuthorityType = {
2069
2069
  Ciam: 3,
2070
2070
  };
2071
2071
 
2072
- /*! @azure/msal-common v16.4.0 2026-03-27 */
2072
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2073
2073
  /*
2074
2074
  * Copyright (c) Microsoft Corporation. All rights reserved.
2075
2075
  * Licensed under the MIT License.
@@ -2091,7 +2091,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
2091
2091
  return null;
2092
2092
  }
2093
2093
 
2094
- /*! @azure/msal-common v16.4.0 2026-03-27 */
2094
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2095
2095
  /*
2096
2096
  * Copyright (c) Microsoft Corporation. All rights reserved.
2097
2097
  * Licensed under the MIT License.
@@ -2115,7 +2115,7 @@ const ProtocolMode = {
2115
2115
  EAR: "EAR",
2116
2116
  };
2117
2117
 
2118
- /*! @azure/msal-common v16.4.0 2026-03-27 */
2118
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2119
2119
  /**
2120
2120
  * Returns the AccountInfo interface for this account.
2121
2121
  */
@@ -2290,7 +2290,7 @@ function isAccountEntity(entity) {
2290
2290
  entity.hasOwnProperty("authorityType"));
2291
2291
  }
2292
2292
 
2293
- /*! @azure/msal-common v16.4.0 2026-03-27 */
2293
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
2294
2294
 
2295
2295
  /*
2296
2296
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3391,7 +3391,7 @@ class DefaultStorageClass extends CacheManager {
3391
3391
  }
3392
3392
  }
3393
3393
 
3394
- /*! @azure/msal-common v16.4.0 2026-03-27 */
3394
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3395
3395
  /*
3396
3396
  * Copyright (c) Microsoft Corporation. All rights reserved.
3397
3397
  * Licensed under the MIT License.
@@ -3405,7 +3405,7 @@ class DefaultStorageClass extends CacheManager {
3405
3405
  const PerformanceEventStatus = {
3406
3406
  InProgress: 1};
3407
3407
 
3408
- /*! @azure/msal-common v16.4.0 2026-03-27 */
3408
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3409
3409
 
3410
3410
  /*
3411
3411
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3460,7 +3460,7 @@ class StubPerformanceClient {
3460
3460
  }
3461
3461
  }
3462
3462
 
3463
- /*! @azure/msal-common v16.4.0 2026-03-27 */
3463
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3464
3464
 
3465
3465
  /*
3466
3466
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3555,278 +3555,358 @@ function isOidcProtocolMode(config) {
3555
3555
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3556
3556
  }
3557
3557
 
3558
- /*! @azure/msal-common v16.4.0 2026-03-27 */
3559
-
3558
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3560
3559
  /*
3561
3560
  * Copyright (c) Microsoft Corporation. All rights reserved.
3562
3561
  * Licensed under the MIT License.
3563
3562
  */
3564
3563
  /**
3565
- * Error thrown when there is an error with the server code, for example, unavailability.
3566
- */
3567
- class ServerError extends AuthError {
3568
- constructor(errorCode, errorMessage, subError, errorNo, status) {
3569
- super(errorCode, errorMessage, subError);
3570
- this.name = "ServerError";
3571
- this.errorNo = errorNo;
3572
- this.status = status;
3573
- Object.setPrototypeOf(this, ServerError.prototype);
3564
+ * This class instance helps track the memory changes facilitating
3565
+ * decisions to read from and write to the persistent cache
3566
+ */ class TokenCacheContext {
3567
+ constructor(tokenCache, hasChanged) {
3568
+ this.cache = tokenCache;
3569
+ this.hasChanged = hasChanged;
3570
+ }
3571
+ /**
3572
+ * boolean which indicates the changes in cache
3573
+ */
3574
+ get cacheHasChanged() {
3575
+ return this.hasChanged;
3576
+ }
3577
+ /**
3578
+ * function to retrieve the token cache
3579
+ */
3580
+ get tokenCache() {
3581
+ return this.cache;
3574
3582
  }
3575
3583
  }
3576
3584
 
3577
- /*! @azure/msal-common v16.4.0 2026-03-27 */
3585
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3578
3586
  /*
3579
3587
  * Copyright (c) Microsoft Corporation. All rights reserved.
3580
3588
  * Licensed under the MIT License.
3581
3589
  */
3582
3590
  /**
3583
- * MSAL-defined interaction required error code indicating no tokens are found in cache.
3584
- * @public
3585
- */
3586
- const noTokensFound = "no_tokens_found";
3587
- /**
3588
- * MSAL-defined error code indicating a native account is unavailable on the platform.
3589
- * @public
3590
- */
3591
- const nativeAccountUnavailable = "native_account_unavailable";
3592
- /**
3593
- * MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
3594
- * @public
3591
+ * Utility functions for managing date and time operations.
3595
3592
  */
3596
- const refreshTokenExpired = "refresh_token_expired";
3597
3593
  /**
3598
- * MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
3599
- * @public
3594
+ * return the current time in Unix time (seconds).
3600
3595
  */
3601
- const uxNotAllowed = "ux_not_allowed";
3596
+ function nowSeconds() {
3597
+ // Date.getTime() returns in milliseconds.
3598
+ return Math.round(new Date().getTime() / 1000.0);
3599
+ }
3602
3600
  /**
3603
- * Server-originated error code indicating interaction is required to complete the request.
3604
- * @public
3601
+ * Converts JS Date object to seconds
3602
+ * @param date Date
3605
3603
  */
3606
- const interactionRequired = "interaction_required";
3604
+ function toSecondsFromDate(date) {
3605
+ // Convert date to seconds
3606
+ return date.getTime() / 1000;
3607
+ }
3607
3608
  /**
3608
- * Server-originated error code indicating user consent is required.
3609
- * @public
3609
+ * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
3610
+ * @param seconds
3610
3611
  */
3611
- const consentRequired = "consent_required";
3612
+ function toDateFromSeconds(seconds) {
3613
+ if (seconds) {
3614
+ return new Date(Number(seconds) * 1000);
3615
+ }
3616
+ return new Date();
3617
+ }
3612
3618
  /**
3613
- * Server-originated error code indicating user login is required.
3614
- * @public
3619
+ * check if a token is expired based on given UTC time in seconds.
3620
+ * @param expiresOn
3615
3621
  */
3616
- const loginRequired = "login_required";
3622
+ function isTokenExpired(expiresOn, offset) {
3623
+ // check for access token expiry
3624
+ const expirationSec = Number(expiresOn) || 0;
3625
+ const offsetCurrentTimeSec = nowSeconds() + offset;
3626
+ // If current time + offset is greater than token expiration time, then token is expired.
3627
+ return offsetCurrentTimeSec > expirationSec;
3628
+ }
3617
3629
  /**
3618
- * Server-originated error code indicating the token is invalid or corrupted.
3619
- * @public
3630
+ * Checks if a cache entry is expired based on the last updated time and cache retention days.
3631
+ * @param lastUpdatedAt
3632
+ * @param cacheRetentionDays
3633
+ * @returns
3620
3634
  */
3621
- const badToken = "bad_token";
3635
+ function isCacheExpired(lastUpdatedAt, cacheRetentionDays) {
3636
+ const cacheExpirationTimestamp = Number(lastUpdatedAt) + cacheRetentionDays * 24 * 60 * 60 * 1000;
3637
+ return Date.now() > cacheExpirationTimestamp;
3638
+ }
3622
3639
  /**
3623
- * Server-originated error code indicating the user is in an interrupted state and interaction is required.
3624
- * @public
3640
+ * If the current time is earlier than the time that a token was cached at, we must discard the token
3641
+ * i.e. The system clock was turned back after acquiring the cached token
3642
+ * @param cachedAt
3643
+ * @param offset
3625
3644
  */
3626
- const interruptedUser = "interrupted_user";
3645
+ function wasClockTurnedBack(cachedAt) {
3646
+ const cachedAtSec = Number(cachedAt);
3647
+ return cachedAtSec > nowSeconds();
3648
+ }
3627
3649
 
3628
- /*! @azure/msal-common v16.4.0 2026-03-27 */
3650
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3629
3651
 
3630
3652
  /*
3631
3653
  * Copyright (c) Microsoft Corporation. All rights reserved.
3632
3654
  * Licensed under the MIT License.
3633
3655
  */
3634
3656
  /**
3635
- * InteractionRequiredServerErrorMessage contains string constants used by error codes and messages returned by the server indicating interaction is required
3657
+ * Create IdTokenEntity
3658
+ * @param homeAccountId
3659
+ * @param authenticationResult
3660
+ * @param clientId
3661
+ * @param authority
3636
3662
  */
3637
- const InteractionRequiredServerErrorMessage = [
3638
- interactionRequired,
3639
- consentRequired,
3640
- loginRequired,
3641
- badToken,
3642
- uxNotAllowed,
3643
- interruptedUser,
3644
- ];
3645
- const InteractionRequiredAuthSubErrorMessage = [
3646
- "message_only",
3647
- "additional_action",
3648
- "basic_action",
3649
- "user_password_expired",
3650
- "consent_required",
3651
- "bad_token",
3652
- "ux_not_allowed",
3653
- "interrupted_user",
3654
- ];
3663
+ function createIdTokenEntity(homeAccountId, environment, idToken, clientId, tenantId) {
3664
+ const idTokenEntity = {
3665
+ credentialType: CredentialType.ID_TOKEN,
3666
+ homeAccountId: homeAccountId,
3667
+ environment: environment,
3668
+ clientId: clientId,
3669
+ secret: idToken,
3670
+ realm: tenantId,
3671
+ lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
3672
+ };
3673
+ return idTokenEntity;
3674
+ }
3655
3675
  /**
3656
- * Error thrown when user interaction is required.
3676
+ * Create AccessTokenEntity
3677
+ * @param homeAccountId
3678
+ * @param environment
3679
+ * @param accessToken
3680
+ * @param clientId
3681
+ * @param tenantId
3682
+ * @param scopes
3683
+ * @param expiresOn
3684
+ * @param extExpiresOn
3657
3685
  */
3658
- class InteractionRequiredAuthError extends AuthError {
3659
- constructor(errorCode, errorMessage, subError, timestamp, traceId, correlationId, claims, errorNo) {
3660
- super(errorCode, errorMessage, subError);
3661
- Object.setPrototypeOf(this, InteractionRequiredAuthError.prototype);
3662
- this.timestamp = timestamp || "";
3663
- this.traceId = traceId || "";
3664
- this.correlationId = correlationId || "";
3665
- this.claims = claims || "";
3666
- this.name = "InteractionRequiredAuthError";
3667
- this.errorNo = errorNo;
3686
+ function createAccessTokenEntity(homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, base64Decode, refreshOn, tokenType, userAssertionHash, keyId) {
3687
+ const atEntity = {
3688
+ homeAccountId: homeAccountId,
3689
+ credentialType: CredentialType.ACCESS_TOKEN,
3690
+ secret: accessToken,
3691
+ cachedAt: nowSeconds().toString(),
3692
+ expiresOn: expiresOn.toString(),
3693
+ extendedExpiresOn: extExpiresOn.toString(),
3694
+ environment: environment,
3695
+ clientId: clientId,
3696
+ realm: tenantId,
3697
+ target: scopes,
3698
+ tokenType: tokenType || AuthenticationScheme.BEARER,
3699
+ lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
3700
+ };
3701
+ if (userAssertionHash) {
3702
+ atEntity.userAssertionHash = userAssertionHash;
3703
+ }
3704
+ if (refreshOn) {
3705
+ atEntity.refreshOn = refreshOn.toString();
3668
3706
  }
3707
+ /*
3708
+ * Create Access Token With Auth Scheme instead of regular access token
3709
+ * Cast to lower to handle "bearer" from ADFS
3710
+ */
3711
+ if (atEntity.tokenType?.toLowerCase() !==
3712
+ AuthenticationScheme.BEARER.toLowerCase()) {
3713
+ atEntity.credentialType =
3714
+ CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
3715
+ switch (atEntity.tokenType) {
3716
+ case AuthenticationScheme.POP:
3717
+ // Make sure keyId is present and add it to credential
3718
+ const tokenClaims = extractTokenClaims(accessToken, base64Decode);
3719
+ if (!tokenClaims?.cnf?.kid) {
3720
+ throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
3721
+ }
3722
+ atEntity.keyId = tokenClaims.cnf.kid;
3723
+ break;
3724
+ case AuthenticationScheme.SSH:
3725
+ atEntity.keyId = keyId;
3726
+ }
3727
+ }
3728
+ return atEntity;
3669
3729
  }
3670
3730
  /**
3671
- * Helper function used to determine if an error thrown by the server requires interaction to resolve
3672
- * @param errorCode
3673
- * @param errorString
3674
- * @param subError
3731
+ * Create RefreshTokenEntity
3732
+ * @param homeAccountId
3733
+ * @param authenticationResult
3734
+ * @param clientId
3735
+ * @param authority
3675
3736
  */
3676
- function isInteractionRequiredError(errorCode, errorString, subError) {
3677
- const isInteractionRequiredErrorCode = !!errorCode &&
3678
- InteractionRequiredServerErrorMessage.indexOf(errorCode) > -1;
3679
- const isInteractionRequiredSubError = !!subError &&
3680
- InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
3681
- const isInteractionRequiredErrorDesc = !!errorString &&
3682
- InteractionRequiredServerErrorMessage.some((irErrorCode) => {
3683
- return errorString.indexOf(irErrorCode) > -1;
3684
- });
3685
- return (isInteractionRequiredErrorCode ||
3686
- isInteractionRequiredErrorDesc ||
3687
- isInteractionRequiredSubError);
3737
+ function createRefreshTokenEntity(homeAccountId, environment, refreshToken, clientId, familyId, userAssertionHash, expiresOn) {
3738
+ const rtEntity = {
3739
+ credentialType: CredentialType.REFRESH_TOKEN,
3740
+ homeAccountId: homeAccountId,
3741
+ environment: environment,
3742
+ clientId: clientId,
3743
+ secret: refreshToken,
3744
+ lastUpdatedAt: Date.now().toString(),
3745
+ };
3746
+ if (userAssertionHash) {
3747
+ rtEntity.userAssertionHash = userAssertionHash;
3748
+ }
3749
+ if (familyId) {
3750
+ rtEntity.familyId = familyId;
3751
+ }
3752
+ if (expiresOn) {
3753
+ rtEntity.expiresOn = expiresOn.toString();
3754
+ }
3755
+ return rtEntity;
3756
+ }
3757
+ function isCredentialEntity(entity) {
3758
+ return (entity.hasOwnProperty("homeAccountId") &&
3759
+ entity.hasOwnProperty("environment") &&
3760
+ entity.hasOwnProperty("credentialType") &&
3761
+ entity.hasOwnProperty("clientId") &&
3762
+ entity.hasOwnProperty("secret"));
3688
3763
  }
3689
3764
  /**
3690
- * Creates an InteractionRequiredAuthError
3691
- */
3692
- function createInteractionRequiredAuthError(errorCode, errorMessage) {
3693
- return new InteractionRequiredAuthError(errorCode, errorMessage);
3694
- }
3695
-
3696
- /*! @azure/msal-common v16.4.0 2026-03-27 */
3697
-
3698
- /*
3699
- * Copyright (c) Microsoft Corporation. All rights reserved.
3700
- * Licensed under the MIT License.
3701
- */
3702
- /**
3703
- * Appends user state with random guid, or returns random guid.
3704
- * @param cryptoObj
3705
- * @param userState
3706
- * @param meta
3765
+ * Validates an entity: checks for all expected params
3766
+ * @param entity
3707
3767
  */
3708
- function setRequestState(cryptoObj, userState, meta) {
3709
- const libraryState = generateLibraryState(cryptoObj, meta);
3710
- return userState
3711
- ? `${libraryState}${RESOURCE_DELIM}${userState}`
3712
- : libraryState;
3768
+ function isAccessTokenEntity(entity) {
3769
+ if (!entity) {
3770
+ return false;
3771
+ }
3772
+ return (isCredentialEntity(entity) &&
3773
+ entity.hasOwnProperty("realm") &&
3774
+ entity.hasOwnProperty("target") &&
3775
+ (entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
3776
+ entity["credentialType"] ===
3777
+ CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
3713
3778
  }
3714
3779
  /**
3715
- * Generates the state value used by the common library.
3716
- * @param cryptoObj
3717
- * @param meta
3780
+ * Validates an entity: checks for all expected params
3781
+ * @param entity
3718
3782
  */
3719
- function generateLibraryState(cryptoObj, meta) {
3720
- if (!cryptoObj) {
3721
- throw createClientAuthError(noCryptoObject);
3722
- }
3723
- // Create a state object containing a unique id and the timestamp of the request creation
3724
- const stateObj = {
3725
- id: cryptoObj.createNewGuid(),
3726
- };
3727
- if (meta) {
3728
- stateObj.meta = meta;
3783
+ function isIdTokenEntity(entity) {
3784
+ if (!entity) {
3785
+ return false;
3729
3786
  }
3730
- const stateString = JSON.stringify(stateObj);
3731
- return cryptoObj.base64Encode(stateString);
3787
+ return (isCredentialEntity(entity) &&
3788
+ entity.hasOwnProperty("realm") &&
3789
+ entity["credentialType"] === CredentialType.ID_TOKEN);
3732
3790
  }
3733
3791
  /**
3734
- * Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.
3735
- * @param base64Decode
3736
- * @param state
3792
+ * Validates an entity: checks for all expected params
3793
+ * @param entity
3737
3794
  */
3738
- function parseRequestState(base64Decode, state) {
3739
- if (!base64Decode) {
3740
- throw createClientAuthError(noCryptoObject);
3741
- }
3742
- if (!state) {
3743
- throw createClientAuthError(invalidState);
3744
- }
3745
- try {
3746
- // Split the state between library state and user passed state and decode them separately
3747
- const splitState = state.split(RESOURCE_DELIM);
3748
- const libraryState = splitState[0];
3749
- const userState = splitState.length > 1
3750
- ? splitState.slice(1).join(RESOURCE_DELIM)
3751
- : "";
3752
- const libraryStateString = base64Decode(libraryState);
3753
- const libraryStateObj = JSON.parse(libraryStateString);
3754
- return {
3755
- userRequestState: userState || "",
3756
- libraryState: libraryStateObj,
3757
- };
3758
- }
3759
- catch (e) {
3760
- throw createClientAuthError(invalidState);
3795
+ function isRefreshTokenEntity(entity) {
3796
+ if (!entity) {
3797
+ return false;
3761
3798
  }
3762
- }
3763
-
3764
- /*! @azure/msal-common v16.4.0 2026-03-27 */
3765
- /*
3766
- * Copyright (c) Microsoft Corporation. All rights reserved.
3767
- * Licensed under the MIT License.
3768
- */
3799
+ return (isCredentialEntity(entity) &&
3800
+ entity["credentialType"] === CredentialType.REFRESH_TOKEN);
3801
+ }
3769
3802
  /**
3770
- * Utility functions for managing date and time operations.
3803
+ * validates if a given cache entry is "Telemetry", parses <key,value>
3804
+ * @param key
3805
+ * @param entity
3771
3806
  */
3807
+ function isServerTelemetryEntity(key, entity) {
3808
+ const validateKey = key.indexOf(SERVER_TELEM_CACHE_KEY) === 0;
3809
+ let validateEntity = true;
3810
+ if (entity) {
3811
+ validateEntity =
3812
+ entity.hasOwnProperty("failedRequests") &&
3813
+ entity.hasOwnProperty("errors") &&
3814
+ entity.hasOwnProperty("cacheHits");
3815
+ }
3816
+ return validateKey && validateEntity;
3817
+ }
3772
3818
  /**
3773
- * return the current time in Unix time (seconds).
3819
+ * validates if a given cache entry is "Throttling", parses <key,value>
3820
+ * @param key
3821
+ * @param entity
3774
3822
  */
3775
- function nowSeconds() {
3776
- // Date.getTime() returns in milliseconds.
3777
- return Math.round(new Date().getTime() / 1000.0);
3823
+ function isThrottlingEntity(key, entity) {
3824
+ let validateKey = false;
3825
+ if (key) {
3826
+ validateKey = key.indexOf(THROTTLING_PREFIX) === 0;
3827
+ }
3828
+ let validateEntity = true;
3829
+ if (entity) {
3830
+ validateEntity = entity.hasOwnProperty("throttleTime");
3831
+ }
3832
+ return validateKey && validateEntity;
3778
3833
  }
3779
3834
  /**
3780
- * Converts JS Date object to seconds
3781
- * @param date Date
3835
+ * Generate AppMetadata Cache Key as per the schema: appmetadata-<environment>-<client_id>
3782
3836
  */
3783
- function toSecondsFromDate(date) {
3784
- // Convert date to seconds
3785
- return date.getTime() / 1000;
3837
+ function generateAppMetadataKey({ environment, clientId, }) {
3838
+ const appMetaDataKeyArray = [
3839
+ APP_METADATA,
3840
+ environment,
3841
+ clientId,
3842
+ ];
3843
+ return appMetaDataKeyArray
3844
+ .join(CACHE_KEY_SEPARATOR$1)
3845
+ .toLowerCase();
3786
3846
  }
3787
- /**
3788
- * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
3789
- * @param seconds
3847
+ /*
3848
+ * Validates an entity: checks for all expected params
3849
+ * @param entity
3790
3850
  */
3791
- function toDateFromSeconds(seconds) {
3792
- if (seconds) {
3793
- return new Date(Number(seconds) * 1000);
3851
+ function isAppMetadataEntity(key, entity) {
3852
+ if (!entity) {
3853
+ return false;
3794
3854
  }
3795
- return new Date();
3855
+ return (key.indexOf(APP_METADATA) === 0 &&
3856
+ entity.hasOwnProperty("clientId") &&
3857
+ entity.hasOwnProperty("environment"));
3796
3858
  }
3797
3859
  /**
3798
- * check if a token is expired based on given UTC time in seconds.
3799
- * @param expiresOn
3860
+ * Validates an entity: checks for all expected params
3861
+ * @param entity
3800
3862
  */
3801
- function isTokenExpired(expiresOn, offset) {
3802
- // check for access token expiry
3803
- const expirationSec = Number(expiresOn) || 0;
3804
- const offsetCurrentTimeSec = nowSeconds() + offset;
3805
- // If current time + offset is greater than token expiration time, then token is expired.
3806
- return offsetCurrentTimeSec > expirationSec;
3863
+ function isAuthorityMetadataEntity(key, entity) {
3864
+ if (!entity) {
3865
+ return false;
3866
+ }
3867
+ return (key.indexOf(AUTHORITY_METADATA_CACHE_KEY) === 0 &&
3868
+ entity.hasOwnProperty("aliases") &&
3869
+ entity.hasOwnProperty("preferred_cache") &&
3870
+ entity.hasOwnProperty("preferred_network") &&
3871
+ entity.hasOwnProperty("canonical_authority") &&
3872
+ entity.hasOwnProperty("authorization_endpoint") &&
3873
+ entity.hasOwnProperty("token_endpoint") &&
3874
+ entity.hasOwnProperty("issuer") &&
3875
+ entity.hasOwnProperty("aliasesFromNetwork") &&
3876
+ entity.hasOwnProperty("endpointsFromNetwork") &&
3877
+ entity.hasOwnProperty("expiresAt") &&
3878
+ entity.hasOwnProperty("jwks_uri"));
3807
3879
  }
3808
3880
  /**
3809
- * Checks if a cache entry is expired based on the last updated time and cache retention days.
3810
- * @param lastUpdatedAt
3811
- * @param cacheRetentionDays
3812
- * @returns
3881
+ * Reset the exiresAt value
3813
3882
  */
3814
- function isCacheExpired(lastUpdatedAt, cacheRetentionDays) {
3815
- const cacheExpirationTimestamp = Number(lastUpdatedAt) + cacheRetentionDays * 24 * 60 * 60 * 1000;
3816
- return Date.now() > cacheExpirationTimestamp;
3883
+ function generateAuthorityMetadataExpiresAt() {
3884
+ return (nowSeconds() +
3885
+ AUTHORITY_METADATA_REFRESH_TIME_SECONDS);
3886
+ }
3887
+ function updateAuthorityEndpointMetadata(authorityMetadata, updatedValues, fromNetwork) {
3888
+ authorityMetadata.authorization_endpoint =
3889
+ updatedValues.authorization_endpoint;
3890
+ authorityMetadata.token_endpoint = updatedValues.token_endpoint;
3891
+ authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
3892
+ authorityMetadata.issuer = updatedValues.issuer;
3893
+ authorityMetadata.endpointsFromNetwork = fromNetwork;
3894
+ authorityMetadata.jwks_uri = updatedValues.jwks_uri;
3895
+ }
3896
+ function updateCloudDiscoveryMetadata(authorityMetadata, updatedValues, fromNetwork) {
3897
+ authorityMetadata.aliases = updatedValues.aliases;
3898
+ authorityMetadata.preferred_cache = updatedValues.preferred_cache;
3899
+ authorityMetadata.preferred_network = updatedValues.preferred_network;
3900
+ authorityMetadata.aliasesFromNetwork = fromNetwork;
3817
3901
  }
3818
3902
  /**
3819
- * If the current time is earlier than the time that a token was cached at, we must discard the token
3820
- * i.e. The system clock was turned back after acquiring the cached token
3821
- * @param cachedAt
3822
- * @param offset
3903
+ * Returns whether or not the data needs to be refreshed
3823
3904
  */
3824
- function wasClockTurnedBack(cachedAt) {
3825
- const cachedAtSec = Number(cachedAt);
3826
- return cachedAtSec > nowSeconds();
3905
+ function isAuthorityMetadataExpired(metadata) {
3906
+ return metadata.expiresAt <= nowSeconds();
3827
3907
  }
3828
3908
 
3829
- /*! @azure/msal-common v16.4.0 2026-03-27 */
3909
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3830
3910
  /*
3831
3911
  * Copyright (c) Microsoft Corporation. All rights reserved.
3832
3912
  * Licensed under the MIT License.
@@ -3897,7 +3977,7 @@ const RegionDiscoveryGetCurrentVersion = "regionDiscoveryGetCurrentVersion";
3897
3977
  const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
3898
3978
  const SetUserData = "setUserData";
3899
3979
 
3900
- /*! @azure/msal-common v16.4.0 2026-03-27 */
3980
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3901
3981
  /*
3902
3982
  * Copyright (c) Microsoft Corporation. All rights reserved.
3903
3983
  * Licensed under the MIT License.
@@ -3990,7 +4070,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
3990
4070
  };
3991
4071
  };
3992
4072
 
3993
- /*! @azure/msal-common v16.4.0 2026-03-27 */
4073
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
3994
4074
 
3995
4075
  /*
3996
4076
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4070,293 +4150,213 @@ class PopTokenGenerator {
4070
4150
  }
4071
4151
  }
4072
4152
 
4073
- /*! @azure/msal-common v16.4.0 2026-03-27 */
4153
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4074
4154
  /*
4075
4155
  * Copyright (c) Microsoft Corporation. All rights reserved.
4076
4156
  * Licensed under the MIT License.
4077
4157
  */
4078
4158
  /**
4079
- * This class instance helps track the memory changes facilitating
4080
- * decisions to read from and write to the persistent cache
4081
- */ class TokenCacheContext {
4082
- constructor(tokenCache, hasChanged) {
4083
- this.cache = tokenCache;
4084
- this.hasChanged = hasChanged;
4085
- }
4086
- /**
4087
- * boolean which indicates the changes in cache
4088
- */
4089
- get cacheHasChanged() {
4090
- return this.hasChanged;
4091
- }
4092
- /**
4093
- * function to retrieve the token cache
4094
- */
4095
- get tokenCache() {
4096
- return this.cache;
4097
- }
4098
- }
4099
-
4100
- /*! @azure/msal-common v16.4.0 2026-03-27 */
4101
-
4102
- /*
4103
- * Copyright (c) Microsoft Corporation. All rights reserved.
4104
- * Licensed under the MIT License.
4159
+ * MSAL-defined interaction required error code indicating no tokens are found in cache.
4160
+ * @public
4105
4161
  */
4162
+ const noTokensFound = "no_tokens_found";
4106
4163
  /**
4107
- * Create IdTokenEntity
4108
- * @param homeAccountId
4109
- * @param authenticationResult
4110
- * @param clientId
4111
- * @param authority
4164
+ * MSAL-defined error code indicating a native account is unavailable on the platform.
4165
+ * @public
4112
4166
  */
4113
- function createIdTokenEntity(homeAccountId, environment, idToken, clientId, tenantId) {
4114
- const idTokenEntity = {
4115
- credentialType: CredentialType.ID_TOKEN,
4116
- homeAccountId: homeAccountId,
4117
- environment: environment,
4118
- clientId: clientId,
4119
- secret: idToken,
4120
- realm: tenantId,
4121
- lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
4122
- };
4123
- return idTokenEntity;
4124
- }
4167
+ const nativeAccountUnavailable = "native_account_unavailable";
4125
4168
  /**
4126
- * Create AccessTokenEntity
4127
- * @param homeAccountId
4128
- * @param environment
4129
- * @param accessToken
4130
- * @param clientId
4131
- * @param tenantId
4132
- * @param scopes
4133
- * @param expiresOn
4134
- * @param extExpiresOn
4169
+ * MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
4170
+ * @public
4135
4171
  */
4136
- function createAccessTokenEntity(homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, base64Decode, refreshOn, tokenType, userAssertionHash, keyId) {
4137
- const atEntity = {
4138
- homeAccountId: homeAccountId,
4139
- credentialType: CredentialType.ACCESS_TOKEN,
4140
- secret: accessToken,
4141
- cachedAt: nowSeconds().toString(),
4142
- expiresOn: expiresOn.toString(),
4143
- extendedExpiresOn: extExpiresOn.toString(),
4144
- environment: environment,
4145
- clientId: clientId,
4146
- realm: tenantId,
4147
- target: scopes,
4148
- tokenType: tokenType || AuthenticationScheme.BEARER,
4149
- lastUpdatedAt: Date.now().toString(), // Set the last updated time to now
4150
- };
4151
- if (userAssertionHash) {
4152
- atEntity.userAssertionHash = userAssertionHash;
4153
- }
4154
- if (refreshOn) {
4155
- atEntity.refreshOn = refreshOn.toString();
4156
- }
4157
- /*
4158
- * Create Access Token With Auth Scheme instead of regular access token
4159
- * Cast to lower to handle "bearer" from ADFS
4160
- */
4161
- if (atEntity.tokenType?.toLowerCase() !==
4162
- AuthenticationScheme.BEARER.toLowerCase()) {
4163
- atEntity.credentialType =
4164
- CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
4165
- switch (atEntity.tokenType) {
4166
- case AuthenticationScheme.POP:
4167
- // Make sure keyId is present and add it to credential
4168
- const tokenClaims = extractTokenClaims(accessToken, base64Decode);
4169
- if (!tokenClaims?.cnf?.kid) {
4170
- throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
4171
- }
4172
- atEntity.keyId = tokenClaims.cnf.kid;
4173
- break;
4174
- case AuthenticationScheme.SSH:
4175
- atEntity.keyId = keyId;
4176
- }
4177
- }
4178
- return atEntity;
4179
- }
4172
+ const refreshTokenExpired = "refresh_token_expired";
4180
4173
  /**
4181
- * Create RefreshTokenEntity
4182
- * @param homeAccountId
4183
- * @param authenticationResult
4184
- * @param clientId
4185
- * @param authority
4174
+ * MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
4175
+ * @public
4186
4176
  */
4187
- function createRefreshTokenEntity(homeAccountId, environment, refreshToken, clientId, familyId, userAssertionHash, expiresOn) {
4188
- const rtEntity = {
4189
- credentialType: CredentialType.REFRESH_TOKEN,
4190
- homeAccountId: homeAccountId,
4191
- environment: environment,
4192
- clientId: clientId,
4193
- secret: refreshToken,
4194
- lastUpdatedAt: Date.now().toString(),
4195
- };
4196
- if (userAssertionHash) {
4197
- rtEntity.userAssertionHash = userAssertionHash;
4198
- }
4199
- if (familyId) {
4200
- rtEntity.familyId = familyId;
4201
- }
4202
- if (expiresOn) {
4203
- rtEntity.expiresOn = expiresOn.toString();
4204
- }
4205
- return rtEntity;
4206
- }
4207
- function isCredentialEntity(entity) {
4208
- return (entity.hasOwnProperty("homeAccountId") &&
4209
- entity.hasOwnProperty("environment") &&
4210
- entity.hasOwnProperty("credentialType") &&
4211
- entity.hasOwnProperty("clientId") &&
4212
- entity.hasOwnProperty("secret"));
4213
- }
4177
+ const uxNotAllowed = "ux_not_allowed";
4214
4178
  /**
4215
- * Validates an entity: checks for all expected params
4216
- * @param entity
4179
+ * Server-originated error code indicating interaction is required to complete the request.
4180
+ * @public
4217
4181
  */
4218
- function isAccessTokenEntity(entity) {
4219
- if (!entity) {
4220
- return false;
4221
- }
4222
- return (isCredentialEntity(entity) &&
4223
- entity.hasOwnProperty("realm") &&
4224
- entity.hasOwnProperty("target") &&
4225
- (entity["credentialType"] === CredentialType.ACCESS_TOKEN ||
4226
- entity["credentialType"] ===
4227
- CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME));
4228
- }
4182
+ const interactionRequired = "interaction_required";
4229
4183
  /**
4230
- * Validates an entity: checks for all expected params
4231
- * @param entity
4184
+ * Server-originated error code indicating user consent is required.
4185
+ * @public
4186
+ */
4187
+ const consentRequired = "consent_required";
4188
+ /**
4189
+ * Server-originated error code indicating user login is required.
4190
+ * @public
4191
+ */
4192
+ const loginRequired = "login_required";
4193
+ /**
4194
+ * Server-originated error code indicating the token is invalid or corrupted.
4195
+ * @public
4196
+ */
4197
+ const badToken = "bad_token";
4198
+ /**
4199
+ * Server-originated error code indicating the user is in an interrupted state and interaction is required.
4200
+ * @public
4201
+ */
4202
+ const interruptedUser = "interrupted_user";
4203
+
4204
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4205
+
4206
+ /*
4207
+ * Copyright (c) Microsoft Corporation. All rights reserved.
4208
+ * Licensed under the MIT License.
4232
4209
  */
4233
- function isIdTokenEntity(entity) {
4234
- if (!entity) {
4235
- return false;
4236
- }
4237
- return (isCredentialEntity(entity) &&
4238
- entity.hasOwnProperty("realm") &&
4239
- entity["credentialType"] === CredentialType.ID_TOKEN);
4240
- }
4241
4210
  /**
4242
- * Validates an entity: checks for all expected params
4243
- * @param entity
4211
+ * InteractionRequiredServerErrorMessage contains string constants used by error codes and messages returned by the server indicating interaction is required
4244
4212
  */
4245
- function isRefreshTokenEntity(entity) {
4246
- if (!entity) {
4247
- return false;
4248
- }
4249
- return (isCredentialEntity(entity) &&
4250
- entity["credentialType"] === CredentialType.REFRESH_TOKEN);
4251
- }
4213
+ const InteractionRequiredServerErrorMessage = [
4214
+ interactionRequired,
4215
+ consentRequired,
4216
+ loginRequired,
4217
+ badToken,
4218
+ uxNotAllowed,
4219
+ interruptedUser,
4220
+ ];
4221
+ const InteractionRequiredAuthSubErrorMessage = [
4222
+ "message_only",
4223
+ "additional_action",
4224
+ "basic_action",
4225
+ "user_password_expired",
4226
+ "consent_required",
4227
+ "bad_token",
4228
+ "ux_not_allowed",
4229
+ "interrupted_user",
4230
+ ];
4252
4231
  /**
4253
- * validates if a given cache entry is "Telemetry", parses <key,value>
4254
- * @param key
4255
- * @param entity
4232
+ * Error thrown when user interaction is required.
4256
4233
  */
4257
- function isServerTelemetryEntity(key, entity) {
4258
- const validateKey = key.indexOf(SERVER_TELEM_CACHE_KEY) === 0;
4259
- let validateEntity = true;
4260
- if (entity) {
4261
- validateEntity =
4262
- entity.hasOwnProperty("failedRequests") &&
4263
- entity.hasOwnProperty("errors") &&
4264
- entity.hasOwnProperty("cacheHits");
4234
+ class InteractionRequiredAuthError extends AuthError {
4235
+ constructor(errorCode, errorMessage, subError, timestamp, traceId, correlationId, claims, errorNo) {
4236
+ super(errorCode, errorMessage, subError);
4237
+ Object.setPrototypeOf(this, InteractionRequiredAuthError.prototype);
4238
+ this.timestamp = timestamp || "";
4239
+ this.traceId = traceId || "";
4240
+ this.correlationId = correlationId || "";
4241
+ this.claims = claims || "";
4242
+ this.name = "InteractionRequiredAuthError";
4243
+ this.errorNo = errorNo;
4265
4244
  }
4266
- return validateKey && validateEntity;
4267
4245
  }
4268
4246
  /**
4269
- * validates if a given cache entry is "Throttling", parses <key,value>
4270
- * @param key
4271
- * @param entity
4247
+ * Helper function used to determine if an error thrown by the server requires interaction to resolve
4248
+ * @param errorCode
4249
+ * @param errorString
4250
+ * @param subError
4272
4251
  */
4273
- function isThrottlingEntity(key, entity) {
4274
- let validateKey = false;
4275
- if (key) {
4276
- validateKey = key.indexOf(THROTTLING_PREFIX) === 0;
4277
- }
4278
- let validateEntity = true;
4279
- if (entity) {
4280
- validateEntity = entity.hasOwnProperty("throttleTime");
4281
- }
4282
- return validateKey && validateEntity;
4252
+ function isInteractionRequiredError(errorCode, errorString, subError) {
4253
+ const isInteractionRequiredErrorCode = !!errorCode &&
4254
+ InteractionRequiredServerErrorMessage.indexOf(errorCode) > -1;
4255
+ const isInteractionRequiredSubError = !!subError &&
4256
+ InteractionRequiredAuthSubErrorMessage.indexOf(subError) > -1;
4257
+ const isInteractionRequiredErrorDesc = !!errorString &&
4258
+ InteractionRequiredServerErrorMessage.some((irErrorCode) => {
4259
+ return errorString.indexOf(irErrorCode) > -1;
4260
+ });
4261
+ return (isInteractionRequiredErrorCode ||
4262
+ isInteractionRequiredErrorDesc ||
4263
+ isInteractionRequiredSubError);
4283
4264
  }
4284
4265
  /**
4285
- * Generate AppMetadata Cache Key as per the schema: appmetadata-<environment>-<client_id>
4266
+ * Creates an InteractionRequiredAuthError
4286
4267
  */
4287
- function generateAppMetadataKey({ environment, clientId, }) {
4288
- const appMetaDataKeyArray = [
4289
- APP_METADATA,
4290
- environment,
4291
- clientId,
4292
- ];
4293
- return appMetaDataKeyArray
4294
- .join(CACHE_KEY_SEPARATOR$1)
4295
- .toLowerCase();
4296
- }
4268
+ function createInteractionRequiredAuthError(errorCode, errorMessage) {
4269
+ return new InteractionRequiredAuthError(errorCode, errorMessage);
4270
+ }
4271
+
4272
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4273
+
4297
4274
  /*
4298
- * Validates an entity: checks for all expected params
4299
- * @param entity
4275
+ * Copyright (c) Microsoft Corporation. All rights reserved.
4276
+ * Licensed under the MIT License.
4300
4277
  */
4301
- function isAppMetadataEntity(key, entity) {
4302
- if (!entity) {
4303
- return false;
4304
- }
4305
- return (key.indexOf(APP_METADATA) === 0 &&
4306
- entity.hasOwnProperty("clientId") &&
4307
- entity.hasOwnProperty("environment"));
4308
- }
4309
4278
  /**
4310
- * Validates an entity: checks for all expected params
4311
- * @param entity
4279
+ * Error thrown when there is an error with the server code, for example, unavailability.
4312
4280
  */
4313
- function isAuthorityMetadataEntity(key, entity) {
4314
- if (!entity) {
4315
- return false;
4281
+ class ServerError extends AuthError {
4282
+ constructor(errorCode, errorMessage, subError, errorNo, status) {
4283
+ super(errorCode, errorMessage, subError);
4284
+ this.name = "ServerError";
4285
+ this.errorNo = errorNo;
4286
+ this.status = status;
4287
+ Object.setPrototypeOf(this, ServerError.prototype);
4316
4288
  }
4317
- return (key.indexOf(AUTHORITY_METADATA_CACHE_KEY) === 0 &&
4318
- entity.hasOwnProperty("aliases") &&
4319
- entity.hasOwnProperty("preferred_cache") &&
4320
- entity.hasOwnProperty("preferred_network") &&
4321
- entity.hasOwnProperty("canonical_authority") &&
4322
- entity.hasOwnProperty("authorization_endpoint") &&
4323
- entity.hasOwnProperty("token_endpoint") &&
4324
- entity.hasOwnProperty("issuer") &&
4325
- entity.hasOwnProperty("aliasesFromNetwork") &&
4326
- entity.hasOwnProperty("endpointsFromNetwork") &&
4327
- entity.hasOwnProperty("expiresAt") &&
4328
- entity.hasOwnProperty("jwks_uri"));
4329
- }
4289
+ }
4290
+
4291
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4292
+
4293
+ /*
4294
+ * Copyright (c) Microsoft Corporation. All rights reserved.
4295
+ * Licensed under the MIT License.
4296
+ */
4330
4297
  /**
4331
- * Reset the exiresAt value
4298
+ * Appends user state with random guid, or returns random guid.
4299
+ * @param cryptoObj
4300
+ * @param userState
4301
+ * @param meta
4332
4302
  */
4333
- function generateAuthorityMetadataExpiresAt() {
4334
- return (nowSeconds() +
4335
- AUTHORITY_METADATA_REFRESH_TIME_SECONDS);
4336
- }
4337
- function updateAuthorityEndpointMetadata(authorityMetadata, updatedValues, fromNetwork) {
4338
- authorityMetadata.authorization_endpoint =
4339
- updatedValues.authorization_endpoint;
4340
- authorityMetadata.token_endpoint = updatedValues.token_endpoint;
4341
- authorityMetadata.end_session_endpoint = updatedValues.end_session_endpoint;
4342
- authorityMetadata.issuer = updatedValues.issuer;
4343
- authorityMetadata.endpointsFromNetwork = fromNetwork;
4344
- authorityMetadata.jwks_uri = updatedValues.jwks_uri;
4303
+ function setRequestState(cryptoObj, userState, meta) {
4304
+ const libraryState = generateLibraryState(cryptoObj, meta);
4305
+ return userState
4306
+ ? `${libraryState}${RESOURCE_DELIM}${userState}`
4307
+ : libraryState;
4345
4308
  }
4346
- function updateCloudDiscoveryMetadata(authorityMetadata, updatedValues, fromNetwork) {
4347
- authorityMetadata.aliases = updatedValues.aliases;
4348
- authorityMetadata.preferred_cache = updatedValues.preferred_cache;
4349
- authorityMetadata.preferred_network = updatedValues.preferred_network;
4350
- authorityMetadata.aliasesFromNetwork = fromNetwork;
4309
+ /**
4310
+ * Generates the state value used by the common library.
4311
+ * @param cryptoObj
4312
+ * @param meta
4313
+ */
4314
+ function generateLibraryState(cryptoObj, meta) {
4315
+ if (!cryptoObj) {
4316
+ throw createClientAuthError(noCryptoObject);
4317
+ }
4318
+ // Create a state object containing a unique id and the timestamp of the request creation
4319
+ const stateObj = {
4320
+ id: cryptoObj.createNewGuid(),
4321
+ };
4322
+ if (meta) {
4323
+ stateObj.meta = meta;
4324
+ }
4325
+ const stateString = JSON.stringify(stateObj);
4326
+ return cryptoObj.base64Encode(stateString);
4351
4327
  }
4352
4328
  /**
4353
- * Returns whether or not the data needs to be refreshed
4329
+ * Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.
4330
+ * @param base64Decode
4331
+ * @param state
4354
4332
  */
4355
- function isAuthorityMetadataExpired(metadata) {
4356
- return metadata.expiresAt <= nowSeconds();
4333
+ function parseRequestState(base64Decode, state) {
4334
+ if (!base64Decode) {
4335
+ throw createClientAuthError(noCryptoObject);
4336
+ }
4337
+ if (!state) {
4338
+ throw createClientAuthError(invalidState);
4339
+ }
4340
+ try {
4341
+ // Split the state between library state and user passed state and decode them separately
4342
+ const splitState = state.split(RESOURCE_DELIM);
4343
+ const libraryState = splitState[0];
4344
+ const userState = splitState.length > 1
4345
+ ? splitState.slice(1).join(RESOURCE_DELIM)
4346
+ : "";
4347
+ const libraryStateString = base64Decode(libraryState);
4348
+ const libraryStateObj = JSON.parse(libraryStateString);
4349
+ return {
4350
+ userRequestState: userState || "",
4351
+ libraryState: libraryStateObj,
4352
+ };
4353
+ }
4354
+ catch (e) {
4355
+ throw createClientAuthError(invalidState);
4356
+ }
4357
4357
  }
4358
4358
 
4359
- /*! @azure/msal-common v16.4.0 2026-03-27 */
4359
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4360
4360
 
4361
4361
  /*
4362
4362
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4512,7 +4512,7 @@ class ResponseHandler {
4512
4512
  if (serverTokenResponse.id_token && !!idTokenClaims) {
4513
4513
  cachedIdToken = createIdTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.id_token, this.clientId, claimsTenantId || "");
4514
4514
  cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, request.correlationId, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
4515
- this.logger);
4515
+ this.logger, this.performanceClient);
4516
4516
  }
4517
4517
  // AccessToken
4518
4518
  let cachedAccessToken = null;
@@ -4663,17 +4663,24 @@ class ResponseHandler {
4663
4663
  };
4664
4664
  }
4665
4665
  }
4666
- function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
4666
+ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger, performanceClient) {
4667
4667
  logger?.verbose("09jz0t", correlationId);
4668
- // Check if base account is already cached
4669
- const accountKeys = cacheStorage.getAccountKeys();
4670
- const baseAccountKey = accountKeys.find((accountKey) => {
4671
- return accountKey.startsWith(homeAccountId);
4672
- });
4673
- let cachedAccount = null;
4674
- if (baseAccountKey) {
4675
- cachedAccount = cacheStorage.getAccount(baseAccountKey, correlationId);
4668
+ /*
4669
+ * Check if base account is already cached. Filter by homeAccountId (identifies
4670
+ * the user's home identity) and environment (identifies the cloud) the two
4671
+ * tenant-agnostic properties that uniquely locate a base AccountEntity.
4672
+ */
4673
+ const accountEnvironment = environment || authority.getPreferredCache();
4674
+ const matchedAccounts = cacheStorage.getAccountsFilteredBy({ homeAccountId, environment: accountEnvironment }, correlationId);
4675
+ performanceClient?.addFields({ cacheMatchedAccounts: matchedAccounts.length }, correlationId);
4676
+ if (matchedAccounts.length > 1) {
4677
+ /*
4678
+ * Base accounts are expected to be unique for a given homeAccountId in normal cache usage.
4679
+ * If multiple matches exist, ignore the cache hit rather than arbitrarily choosing one.
4680
+ */
4681
+ logger?.warning("0x7ad1", correlationId);
4676
4682
  }
4683
+ const cachedAccount = matchedAccounts.length === 1 ? matchedAccounts[0] : null;
4677
4684
  const baseAccount = cachedAccount ||
4678
4685
  createAccountEntity({
4679
4686
  homeAccountId,
@@ -4697,7 +4704,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
4697
4704
  return baseAccount;
4698
4705
  }
4699
4706
 
4700
- /*! @azure/msal-common v16.4.0 2026-03-27 */
4707
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4701
4708
  /*
4702
4709
  * Copyright (c) Microsoft Corporation. All rights reserved.
4703
4710
  * Licensed under the MIT License.
@@ -4707,7 +4714,7 @@ const CcsCredentialType = {
4707
4714
  UPN: "UPN",
4708
4715
  };
4709
4716
 
4710
- /*! @azure/msal-common v16.4.0 2026-03-27 */
4717
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4711
4718
  /*
4712
4719
  * Copyright (c) Microsoft Corporation. All rights reserved.
4713
4720
  * Licensed under the MIT License.
@@ -4725,7 +4732,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
4725
4732
  }
4726
4733
  }
4727
4734
 
4728
- /*! @azure/msal-common v16.4.0 2026-03-27 */
4735
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4729
4736
  /*
4730
4737
  * Copyright (c) Microsoft Corporation. All rights reserved.
4731
4738
  * Licensed under the MIT License.
@@ -4746,7 +4753,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
4746
4753
  };
4747
4754
  }
4748
4755
 
4749
- /*! @azure/msal-common v16.4.0 2026-03-27 */
4756
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4750
4757
 
4751
4758
  /*
4752
4759
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4832,7 +4839,7 @@ class ThrottlingUtils {
4832
4839
  }
4833
4840
  }
4834
4841
 
4835
- /*! @azure/msal-common v16.4.0 2026-03-27 */
4842
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4836
4843
 
4837
4844
  /*
4838
4845
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4863,7 +4870,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
4863
4870
  return new NetworkError(error, httpStatus, responseHeaders);
4864
4871
  }
4865
4872
 
4866
- /*! @azure/msal-common v16.4.0 2026-03-27 */
4873
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4867
4874
 
4868
4875
  /*
4869
4876
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4977,7 +4984,7 @@ async function sendPostRequest(thumbprint, tokenEndpoint, options, correlationId
4977
4984
  return response;
4978
4985
  }
4979
4986
 
4980
- /*! @azure/msal-common v16.4.0 2026-03-27 */
4987
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4981
4988
  /*
4982
4989
  * Copyright (c) Microsoft Corporation. All rights reserved.
4983
4990
  * Licensed under the MIT License.
@@ -4989,7 +4996,7 @@ function isOpenIdConfigResponse(response) {
4989
4996
  response.hasOwnProperty("jwks_uri"));
4990
4997
  }
4991
4998
 
4992
- /*! @azure/msal-common v16.4.0 2026-03-27 */
4999
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
4993
5000
  /*
4994
5001
  * Copyright (c) Microsoft Corporation. All rights reserved.
4995
5002
  * Licensed under the MIT License.
@@ -4999,7 +5006,7 @@ function isCloudInstanceDiscoveryResponse(response) {
4999
5006
  response.hasOwnProperty("metadata"));
5000
5007
  }
5001
5008
 
5002
- /*! @azure/msal-common v16.4.0 2026-03-27 */
5009
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
5003
5010
  /*
5004
5011
  * Copyright (c) Microsoft Corporation. All rights reserved.
5005
5012
  * Licensed under the MIT License.
@@ -5009,7 +5016,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
5009
5016
  response.hasOwnProperty("error_description"));
5010
5017
  }
5011
5018
 
5012
- /*! @azure/msal-common v16.4.0 2026-03-27 */
5019
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
5013
5020
 
5014
5021
  /*
5015
5022
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5114,7 +5121,7 @@ RegionDiscovery.IMDS_OPTIONS = {
5114
5121
  },
5115
5122
  };
5116
5123
 
5117
- /*! @azure/msal-common v16.4.0 2026-03-27 */
5124
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
5118
5125
 
5119
5126
  /*
5120
5127
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5934,7 +5941,7 @@ function buildStaticAuthorityOptions(authOptions) {
5934
5941
  };
5935
5942
  }
5936
5943
 
5937
- /*! @azure/msal-common v16.4.0 2026-03-27 */
5944
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
5938
5945
 
5939
5946
  /*
5940
5947
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5968,7 +5975,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
5968
5975
  }
5969
5976
  }
5970
5977
 
5971
- /*! @azure/msal-common v16.4.0 2026-03-27 */
5978
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
5972
5979
 
5973
5980
  /*
5974
5981
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6229,7 +6236,7 @@ class AuthorizationCodeClient {
6229
6236
  }
6230
6237
  }
6231
6238
 
6232
- /*! @azure/msal-common v16.4.0 2026-03-27 */
6239
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6233
6240
 
6234
6241
  /*
6235
6242
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6454,7 +6461,7 @@ class RefreshTokenClient {
6454
6461
  }
6455
6462
  }
6456
6463
 
6457
- /*! @azure/msal-common v16.4.0 2026-03-27 */
6464
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6458
6465
 
6459
6466
  /*
6460
6467
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6570,7 +6577,7 @@ class SilentFlowClient {
6570
6577
  }
6571
6578
  }
6572
6579
 
6573
- /*! @azure/msal-common v16.4.0 2026-03-27 */
6580
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6574
6581
 
6575
6582
  /*
6576
6583
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6585,7 +6592,7 @@ const StubbedNetworkModule = {
6585
6592
  },
6586
6593
  };
6587
6594
 
6588
- /*! @azure/msal-common v16.4.0 2026-03-27 */
6595
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6589
6596
 
6590
6597
  /*
6591
6598
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6812,7 +6819,7 @@ function extractLoginHint(account) {
6812
6819
  return account.loginHint || account.idTokenClaims?.login_hint || null;
6813
6820
  }
6814
6821
 
6815
- /*! @azure/msal-common v16.4.0 2026-03-27 */
6822
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6816
6823
 
6817
6824
  /*
6818
6825
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6845,7 +6852,7 @@ function containsResourceParam(params) {
6845
6852
  return Object.prototype.hasOwnProperty.call(params, "resource");
6846
6853
  }
6847
6854
 
6848
- /*! @azure/msal-common v16.4.0 2026-03-27 */
6855
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6849
6856
  /*
6850
6857
  * Copyright (c) Microsoft Corporation. All rights reserved.
6851
6858
  * Licensed under the MIT License.
@@ -6855,7 +6862,7 @@ function containsResourceParam(params) {
6855
6862
  */
6856
6863
  const unexpectedError = "unexpected_error";
6857
6864
 
6858
- /*! @azure/msal-common v16.4.0 2026-03-27 */
6865
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
6859
6866
 
6860
6867
  /*
6861
6868
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7116,7 +7123,7 @@ class ServerTelemetryManager {
7116
7123
  }
7117
7124
  }
7118
7125
 
7119
- /*! @azure/msal-common v16.4.0 2026-03-27 */
7126
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
7120
7127
 
7121
7128
  /*
7122
7129
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7137,7 +7144,7 @@ function createJoseHeaderError(code) {
7137
7144
  return new JoseHeaderError(code);
7138
7145
  }
7139
7146
 
7140
- /*! @azure/msal-common v16.4.0 2026-03-27 */
7147
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
7141
7148
  /*
7142
7149
  * Copyright (c) Microsoft Corporation. All rights reserved.
7143
7150
  * Licensed under the MIT License.
@@ -7145,7 +7152,7 @@ function createJoseHeaderError(code) {
7145
7152
  const missingKidError = "missing_kid_error";
7146
7153
  const missingAlgError = "missing_alg_error";
7147
7154
 
7148
- /*! @azure/msal-common v16.4.0 2026-03-27 */
7155
+ /*! @azure/msal-common v16.4.1 2026-04-01 */
7149
7156
 
7150
7157
  /*
7151
7158
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7580,7 +7587,7 @@ function ensureArgumentIsJSONString(argName, argValue, correlationId) {
7580
7587
 
7581
7588
  /* eslint-disable header/header */
7582
7589
  const name = "@azure/msal-browser";
7583
- const version = "5.6.2";
7590
+ const version = "5.6.3";
7584
7591
 
7585
7592
  /*
7586
7593
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8200,7 +8207,12 @@ const UrlEncodeArr = "urlEncodeArr";
8200
8207
  const Encrypt = "encrypt";
8201
8208
  const Decrypt = "decrypt";
8202
8209
  const GenerateEarKey = "generateEarKey";
8203
- const DecryptEarResponse = "decryptEarResponse";
8210
+ const DecryptEarResponse = "decryptEarResponse";
8211
+ /**
8212
+ * Background telemetry measurement that tracks whether a late bridge response
8213
+ * arrives after the iframe timeout has already fired.
8214
+ */
8215
+ const WaitForBridgeLateResponse = "waitForBridgeLateResponse";
8204
8216
 
8205
8217
  /*
8206
8218
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -9008,20 +9020,35 @@ function cancelPendingBridgeResponse(logger, correlationId) {
9008
9020
  activeBridgeMonitor = null;
9009
9021
  }
9010
9022
  }
9011
- async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient) {
9023
+ async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request, performanceClient, experimentalConfig) {
9012
9024
  return new Promise((resolve, reject) => {
9013
9025
  logger.verbose("1rf6em", request.correlationId);
9014
9026
  const correlationId = request.correlationId;
9015
9027
  performanceClient.addFields({
9016
9028
  redirectBridgeTimeoutMs: timeoutMs,
9029
+ lateResponseExperimentEnabled: experimentalConfig?.iframeTimeoutTelemetry || false,
9017
9030
  }, correlationId);
9018
9031
  const { libraryState } = parseRequestState(browserCrypto.base64Decode, request.state || "");
9019
9032
  const channel = new BroadcastChannel(libraryState.id);
9020
9033
  let responseString = undefined;
9034
+ let timedOut$1 = false;
9035
+ let lateTimeoutId;
9036
+ let lateMeasurement;
9021
9037
  const timeoutId = window.setTimeout(() => {
9022
9038
  // Clear the active monitor
9023
9039
  activeBridgeMonitor = null;
9024
- channel.close();
9040
+ if (experimentalConfig?.iframeTimeoutTelemetry) {
9041
+ lateMeasurement = performanceClient.startMeasurement(WaitForBridgeLateResponse, correlationId);
9042
+ timedOut$1 = true;
9043
+ lateTimeoutId = window.setTimeout(() => {
9044
+ lateMeasurement?.end({ success: false });
9045
+ clearTimeout(lateTimeoutId);
9046
+ channel.close();
9047
+ }, 60000); // 60s late response timeout to allow for telemetry of late responses
9048
+ }
9049
+ else {
9050
+ channel.close();
9051
+ }
9025
9052
  reject(createBrowserAuthError(timedOut, "redirect_bridge_timeout"));
9026
9053
  }, timeoutMs);
9027
9054
  // Track this monitor so it can be cancelled if needed
@@ -9035,6 +9062,14 @@ async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request,
9035
9062
  const messageVersion = event?.data && typeof event.data.v === "number"
9036
9063
  ? event.data.v
9037
9064
  : undefined;
9065
+ if (timedOut$1) {
9066
+ lateMeasurement?.end({
9067
+ success: responseString ? true : false,
9068
+ });
9069
+ clearTimeout(lateTimeoutId);
9070
+ channel.close();
9071
+ return;
9072
+ }
9038
9073
  performanceClient.addFields({
9039
9074
  redirectBridgeMessageVersion: messageVersion,
9040
9075
  }, correlationId);
@@ -16717,9 +16752,9 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
16717
16752
  }
16718
16753
  // Get the preferred_cache domain for the given authority
16719
16754
  const authority = await getDiscoveredAuthority(this.config, this.correlationId, this.performanceClient, this.browserStorage, this.logger, request.authority);
16720
- const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info, undefined, // environment
16755
+ const baseAccount = buildAccountToCache(this.browserStorage, authority, homeAccountIdentifier, base64Decode, this.correlationId, idTokenClaims, response.client_info, authority.getPreferredCache(), // environment
16721
16756
  idTokenClaims.tid, undefined, // auth code payload
16722
- response.account.id);
16757
+ response.account.id, this.logger, this.performanceClient);
16723
16758
  // Ensure expires_in is in number format
16724
16759
  response.expires_in = Number(response.expires_in);
16725
16760
  // generate authenticationResult
@@ -17604,7 +17639,7 @@ const DEFAULT_NATIVE_BROKER_HANDSHAKE_TIMEOUT_MS = 2000;
17604
17639
  *
17605
17640
  * @returns Configuration object
17606
17641
  */
17607
- function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system: userInputSystem, telemetry: userInputTelemetry, }, isBrowserEnvironment) {
17642
+ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system: userInputSystem, experimental: userInputExperimental, telemetry: userInputTelemetry, }, isBrowserEnvironment) {
17608
17643
  // Default auth options for browser
17609
17644
  const DEFAULT_AUTH_OPTIONS = {
17610
17645
  clientId: "",
@@ -17676,6 +17711,9 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
17676
17711
  },
17677
17712
  client: new StubPerformanceClient(),
17678
17713
  };
17714
+ const DEFAULT_EXPERIMENTAL_OPTIONS = {
17715
+ iframeTimeoutTelemetry: false,
17716
+ };
17679
17717
  // Throw an error if user has set OIDCOptions without being in OIDC protocol mode
17680
17718
  if (userInputSystem?.protocolMode !== ProtocolMode.OIDC &&
17681
17719
  userInputAuth?.OIDCOptions) {
@@ -17699,6 +17737,10 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
17699
17737
  },
17700
17738
  cache: { ...DEFAULT_CACHE_OPTIONS, ...userInputCache },
17701
17739
  system: providedSystemOptions,
17740
+ experimental: {
17741
+ ...DEFAULT_EXPERIMENTAL_OPTIONS,
17742
+ ...userInputExperimental,
17743
+ },
17702
17744
  telemetry: { ...DEFAULT_TELEMETRY_OPTIONS, ...userInputTelemetry },
17703
17745
  };
17704
17746
  return overlayedConfig;
@@ -19206,7 +19248,7 @@ class SilentIframeClient extends StandardInteractionClient {
19206
19248
  const responseType = this.config.auth.OIDCOptions.responseMode;
19207
19249
  let responseString;
19208
19250
  try {
19209
- responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
19251
+ responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient, this.config.experimental);
19210
19252
  }
19211
19253
  finally {
19212
19254
  invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
@@ -19262,7 +19304,7 @@ class SilentIframeClient extends StandardInteractionClient {
19262
19304
  // Wait for response from the redirect bridge.
19263
19305
  let responseString;
19264
19306
  try {
19265
- responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient);
19307
+ responseString = await invokeAsync(waitForBridgeResponse, SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(this.config.system.iframeBridgeTimeout, this.logger, this.browserCrypto, request, this.performanceClient, this.config.experimental);
19266
19308
  }
19267
19309
  finally {
19268
19310
  invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
@@ -19510,22 +19552,32 @@ class StandardController {
19510
19552
  this.nativeInternalStorage = new BrowserCacheManager(this.config.auth.clientId, nativeCacheOptions, this.browserCrypto, this.logger, this.performanceClient, this.eventHandler);
19511
19553
  this.activeSilentTokenRequests = new Map();
19512
19554
  // Register listener functions
19513
- this.trackPageVisibility = this.trackPageVisibility.bind(this);
19555
+ this.trackStateChange = this.trackStateChange.bind(this);
19514
19556
  // Register listener functions
19515
- this.trackPageVisibilityWithMeasurement =
19516
- this.trackPageVisibilityWithMeasurement.bind(this);
19557
+ this.trackStateChangeWithMeasurement =
19558
+ this.trackStateChangeWithMeasurement.bind(this);
19517
19559
  }
19518
19560
  static async createController(operatingContext, request) {
19519
19561
  const controller = new StandardController(operatingContext);
19520
19562
  await controller.initialize(request);
19521
19563
  return controller;
19522
19564
  }
19523
- trackPageVisibility(correlationId) {
19565
+ trackStateChange(correlationId, event) {
19524
19566
  if (!correlationId) {
19525
19567
  return;
19526
19568
  }
19527
- this.logger.info("16v6hv", correlationId);
19528
- this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
19569
+ if (event.type === "visibilitychange") {
19570
+ this.logger.info("16v6hv", correlationId);
19571
+ this.performanceClient.incrementFields({ visibilityChangeCount: 1 }, correlationId);
19572
+ }
19573
+ else if (event.type === "online") {
19574
+ this.logger.info("0zirfd", correlationId);
19575
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
19576
+ }
19577
+ else if (event.type === "offline") {
19578
+ this.logger.info("1xk9ef", correlationId);
19579
+ this.performanceClient.incrementFields({ onlineStatusChangeCount: 1 }, correlationId);
19580
+ }
19529
19581
  }
19530
19582
  /**
19531
19583
  * Initializer function to perform async startup tasks such as connecting to WAM extension
@@ -19867,15 +19919,40 @@ class StandardController {
19867
19919
  }
19868
19920
  });
19869
19921
  }
19870
- trackPageVisibilityWithMeasurement() {
19922
+ trackStateChangeWithMeasurement(event) {
19871
19923
  const measurement = this.ssoSilentMeasurement ||
19872
19924
  this.acquireTokenByCodeAsyncMeasurement;
19873
19925
  if (!measurement) {
19874
19926
  return;
19875
19927
  }
19876
- measurement.increment({
19877
- visibilityChangeCount: 1,
19878
- });
19928
+ if (event.type === "visibilitychange") {
19929
+ this.logger.info("0yzimq", measurement.event.correlationId);
19930
+ measurement.increment({
19931
+ visibilityChangeCount: 1,
19932
+ });
19933
+ }
19934
+ else if (event.type === "online") {
19935
+ this.logger.info("1caf53", measurement.event.correlationId);
19936
+ measurement.increment({
19937
+ onlineStatusChangeCount: 1,
19938
+ });
19939
+ }
19940
+ else if (event.type === "offline") {
19941
+ this.logger.info("0fdyk7", measurement.event.correlationId);
19942
+ measurement.increment({
19943
+ onlineStatusChangeCount: 1,
19944
+ });
19945
+ }
19946
+ }
19947
+ addStateChangeListeners(listener) {
19948
+ document.addEventListener("visibilitychange", listener);
19949
+ window.addEventListener("online", listener);
19950
+ window.addEventListener("offline", listener);
19951
+ }
19952
+ removeStateChangeListeners(listener) {
19953
+ document.removeEventListener("visibilitychange", listener);
19954
+ window.removeEventListener("online", listener);
19955
+ window.removeEventListener("offline", listener);
19879
19956
  }
19880
19957
  // #endregion
19881
19958
  // #region Silent Flow
@@ -19909,8 +19986,9 @@ class StandardController {
19909
19986
  preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
19910
19987
  this.ssoSilentMeasurement?.increment({
19911
19988
  visibilityChangeCount: 0,
19989
+ onlineStatusChangeCount: 0,
19912
19990
  });
19913
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
19991
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
19914
19992
  const loggedInAccounts = this.getAllAccounts();
19915
19993
  this.logger.verbose("0w1b45", correlationId);
19916
19994
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, InteractionType.Silent, validRequest);
@@ -19953,7 +20031,7 @@ class StandardController {
19953
20031
  throw e;
19954
20032
  })
19955
20033
  .finally(() => {
19956
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
20034
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
19957
20035
  });
19958
20036
  }
19959
20037
  /**
@@ -20060,8 +20138,9 @@ class StandardController {
20060
20138
  this.performanceClient.startMeasurement(AcquireTokenByCodeAsync, correlationId);
20061
20139
  this.acquireTokenByCodeAsyncMeasurement?.increment({
20062
20140
  visibilityChangeCount: 0,
20141
+ onlineStatusChangeCount: 0,
20063
20142
  });
20064
- document.addEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
20143
+ this.addStateChangeListeners(this.trackStateChangeWithMeasurement);
20065
20144
  const silentAuthCodeClient = this.createSilentAuthCodeClient(correlationId);
20066
20145
  const silentTokenResult = await silentAuthCodeClient
20067
20146
  .acquireToken(request)
@@ -20080,7 +20159,7 @@ class StandardController {
20080
20159
  throw tokenRenewalError;
20081
20160
  })
20082
20161
  .finally(() => {
20083
- document.removeEventListener("visibilitychange", this.trackPageVisibilityWithMeasurement);
20162
+ this.removeStateChangeListeners(this.trackStateChangeWithMeasurement);
20084
20163
  });
20085
20164
  return silentTokenResult;
20086
20165
  }
@@ -20542,12 +20621,12 @@ class StandardController {
20542
20621
  * @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
20543
20622
  */
20544
20623
  async acquireTokenSilentAsync(request, account) {
20545
- const trackPageVisibility = () => this.trackPageVisibility(request.correlationId);
20624
+ const trackStateChange = (event) => this.trackStateChange(request.correlationId, event);
20546
20625
  this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, request.correlationId, InteractionType.Silent, request);
20547
20626
  if (request.correlationId) {
20548
- this.performanceClient.incrementFields({ visibilityChangeCount: 0 }, request.correlationId);
20627
+ this.performanceClient.incrementFields({ visibilityChangeCount: 0, onlineStatusChangeCount: 0 }, request.correlationId);
20549
20628
  }
20550
- document.addEventListener("visibilitychange", trackPageVisibility);
20629
+ this.addStateChangeListeners(trackStateChange);
20551
20630
  const silentRequest = await invokeAsync(initializeSilentRequest, InitializeSilentRequest, this.logger, this.performanceClient, request.correlationId)(request, account, this.config, this.performanceClient, this.logger);
20552
20631
  const cacheLookupPolicy = request.cacheLookupPolicy || CacheLookupPolicy.Default;
20553
20632
  const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
@@ -20629,7 +20708,7 @@ class StandardController {
20629
20708
  throw tokenRenewalError;
20630
20709
  })
20631
20710
  .finally(() => {
20632
- document.removeEventListener("visibilitychange", trackPageVisibility);
20711
+ this.removeStateChangeListeners(trackStateChange);
20633
20712
  });
20634
20713
  }
20635
20714
  /**