@azure/msal-browser 5.6.3 → 5.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +0 -1
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +2 -3
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +2 -2
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.d.ts +1 -0
- package/dist/cache/CacheKeys.d.ts.map +1 -1
- package/dist/cache/CacheKeys.mjs +3 -2
- package/dist/cache/CacheKeys.mjs.map +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +7 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +16 -0
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +150 -20
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +2 -3
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +2 -2
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.d.ts +1 -0
- package/dist/custom-auth-path/cache/CacheKeys.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +3 -2
- package/dist/custom-auth-path/cache/CacheKeys.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +7 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts +16 -0
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +150 -20
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.d.ts.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +3 -4
- package/dist/custom-auth-path/error/NativeAuthError.mjs.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +32 -19
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +6 -2
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +6 -2
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts +14 -0
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +45 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +47 -15
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +5 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/redirect_bridge/index.d.ts.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +3 -2
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +8 -3
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs.map +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.d.ts.map +1 -1
- package/dist/error/NativeAuthError.mjs +3 -4
- package/dist/error/NativeAuthError.mjs.map +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +32 -19
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +6 -2
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +6 -2
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts +14 -0
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +45 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +47 -15
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +5 -1
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.d.ts +1 -0
- package/dist/redirect-bridge/cache/CacheKeys.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/config/Configuration.d.ts +7 -0
- package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/controllers/StandardController.d.ts +16 -0
- package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/error/NativeAuthError.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts +14 -0
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/protocol/Authorize.d.ts.map +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +11 -7
- package/dist/redirect-bridge/redirect_bridge/index.mjs.map +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/redirect-bridge/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/dist/redirect-bridge/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +7 -3
- package/dist/redirect-bridge/utils/BrowserConstants.mjs.map +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/redirect_bridge/index.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/dist/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +3 -2
- package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/dist/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +10 -3
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs.map +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +47 -15
- package/lib/custom-auth-path/msal-custom-auth.cjs +334 -133
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/lib/custom-auth-path/types/cache/CacheKeys.d.ts +1 -0
- package/lib/custom-auth-path/types/cache/CacheKeys.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +7 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts +16 -0
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/error/NativeAuthError.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts +14 -0
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/custom-auth-path/types/redirect_bridge/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/lib/custom-auth-path/types/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/lib/log-strings-mapping.json +47 -15
- package/lib/msal-browser.cjs +343 -138
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +343 -138
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +24 -16
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
- package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/lib/types/cache/CacheKeys.d.ts +1 -0
- package/lib/types/cache/CacheKeys.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +7 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +16 -0
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/error/NativeAuthError.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts +14 -0
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/redirect_bridge/index.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/lib/types/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthProvider.ts +1 -1
- package/src/cache/CacheKeys.ts +1 -0
- package/src/config/Configuration.ts +8 -0
- package/src/controllers/StandardController.ts +233 -35
- package/src/error/NativeAuthError.ts +1 -2
- package/src/interaction_client/PlatformAuthInteractionClient.ts +44 -23
- package/src/interaction_client/PopupClient.ts +10 -0
- package/src/interaction_client/RedirectClient.ts +10 -0
- package/src/interaction_client/SilentIframeClient.ts +123 -20
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +8 -0
- package/src/redirect_bridge/index.ts +12 -5
- package/src/telemetry/BrowserPerformanceEvents.ts +3 -0
- package/src/telemetry/BrowserRootPerformanceEvents.ts +7 -0
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.
|
|
1
|
+
/*! @azure/msal-browser v5.7.0 2026-04-16 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v16.
|
|
5
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -229,7 +229,7 @@ const JsonWebTokenTypes = {
|
|
|
229
229
|
// Token renewal offset default in seconds
|
|
230
230
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
231
231
|
|
|
232
|
-
/*! @azure/msal-common v16.
|
|
232
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
233
233
|
/*
|
|
234
234
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
235
235
|
* Licensed under the MIT License.
|
|
@@ -281,7 +281,7 @@ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
|
281
281
|
const RESOURCE = "resource";
|
|
282
282
|
const CLI_DATA = "clidata";
|
|
283
283
|
|
|
284
|
-
/*! @azure/msal-common v16.
|
|
284
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
285
285
|
/*
|
|
286
286
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
287
287
|
* Licensed under the MIT License.
|
|
@@ -312,7 +312,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
312
312
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
313
313
|
}
|
|
314
314
|
|
|
315
|
-
/*! @azure/msal-common v16.
|
|
315
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
316
316
|
|
|
317
317
|
/*
|
|
318
318
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -332,7 +332,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
332
332
|
return new ClientConfigurationError(errorCode);
|
|
333
333
|
}
|
|
334
334
|
|
|
335
|
-
/*! @azure/msal-common v16.
|
|
335
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
336
336
|
/*
|
|
337
337
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
338
338
|
* Licensed under the MIT License.
|
|
@@ -412,7 +412,7 @@ class StringUtils {
|
|
|
412
412
|
}
|
|
413
413
|
}
|
|
414
414
|
|
|
415
|
-
/*! @azure/msal-common v16.
|
|
415
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
416
416
|
|
|
417
417
|
/*
|
|
418
418
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -435,7 +435,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
435
435
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
436
436
|
}
|
|
437
437
|
|
|
438
|
-
/*! @azure/msal-common v16.
|
|
438
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
439
439
|
/*
|
|
440
440
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
441
441
|
* Licensed under the MIT License.
|
|
@@ -459,7 +459,7 @@ const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
|
459
459
|
const authorityMismatch = "authority_mismatch";
|
|
460
460
|
const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
461
461
|
|
|
462
|
-
/*! @azure/msal-common v16.
|
|
462
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
463
463
|
/*
|
|
464
464
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
465
465
|
* Licensed under the MIT License.
|
|
@@ -498,7 +498,7 @@ const methodNotImplemented = "method_not_implemented";
|
|
|
498
498
|
const resourceParameterRequired = "resource_parameter_required";
|
|
499
499
|
const misplacedResourceParam = "misplaced_resource_parameter";
|
|
500
500
|
|
|
501
|
-
/*! @azure/msal-common v16.
|
|
501
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
502
502
|
|
|
503
503
|
/*
|
|
504
504
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -693,7 +693,7 @@ class ScopeSet {
|
|
|
693
693
|
}
|
|
694
694
|
}
|
|
695
695
|
|
|
696
|
-
/*! @azure/msal-common v16.
|
|
696
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
697
697
|
|
|
698
698
|
/*
|
|
699
699
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -814,18 +814,29 @@ function addSid(parameters, sid) {
|
|
|
814
814
|
parameters.set(SID, sid);
|
|
815
815
|
}
|
|
816
816
|
/**
|
|
817
|
-
*
|
|
818
|
-
*
|
|
819
|
-
|
|
820
|
-
|
|
821
|
-
|
|
822
|
-
|
|
823
|
-
|
|
824
|
-
|
|
825
|
-
|
|
826
|
-
|
|
817
|
+
* Adds claims to request parameters, conditionally excluding clientCapabilities
|
|
818
|
+
* when skipBrokerClaims is true and a brokered flow is in effect.
|
|
819
|
+
* @param parameters - The request parameters map
|
|
820
|
+
* @param claims - The claims string from the request
|
|
821
|
+
* @param clientCapabilities - The client capabilities from configuration
|
|
822
|
+
* @param skipBrokerClaims - When true and BROKER_CLIENT_ID is present, excludes clientCapabilities from claims
|
|
823
|
+
*/
|
|
824
|
+
function addClaims(parameters, claims, clientCapabilities, skipBrokerClaims) {
|
|
825
|
+
// Skip clientCapabilities if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
826
|
+
const configClaims = skipBrokerClaims && parameters.has(BROKER_CLIENT_ID)
|
|
827
|
+
? undefined
|
|
828
|
+
: clientCapabilities;
|
|
829
|
+
if (!StringUtils.isEmptyObj(claims) ||
|
|
830
|
+
(configClaims && configClaims.length > 0)) {
|
|
831
|
+
const mergedClaims = addClientCapabilitiesToClaims(claims, configClaims);
|
|
832
|
+
try {
|
|
833
|
+
JSON.parse(mergedClaims);
|
|
834
|
+
}
|
|
835
|
+
catch (e) {
|
|
836
|
+
throw createClientConfigurationError(invalidClaims);
|
|
837
|
+
}
|
|
838
|
+
parameters.set(CLAIMS, mergedClaims);
|
|
827
839
|
}
|
|
828
|
-
parameters.set(CLAIMS, mergedClaims);
|
|
829
840
|
}
|
|
830
841
|
/**
|
|
831
842
|
* add correlationId
|
|
@@ -1071,7 +1082,7 @@ function addResource(parameters, resource) {
|
|
|
1071
1082
|
}
|
|
1072
1083
|
}
|
|
1073
1084
|
|
|
1074
|
-
/*! @azure/msal-common v16.
|
|
1085
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1075
1086
|
|
|
1076
1087
|
/*
|
|
1077
1088
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1180,7 +1191,7 @@ function normalizeUrlForComparison(url) {
|
|
|
1180
1191
|
}
|
|
1181
1192
|
}
|
|
1182
1193
|
|
|
1183
|
-
/*! @azure/msal-common v16.
|
|
1194
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1184
1195
|
|
|
1185
1196
|
/*
|
|
1186
1197
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1219,7 +1230,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
1219
1230
|
},
|
|
1220
1231
|
};
|
|
1221
1232
|
|
|
1222
|
-
/*! @azure/msal-common v16.
|
|
1233
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1223
1234
|
/*
|
|
1224
1235
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1225
1236
|
* Licensed under the MIT License.
|
|
@@ -1480,12 +1491,12 @@ class Logger {
|
|
|
1480
1491
|
}
|
|
1481
1492
|
}
|
|
1482
1493
|
|
|
1483
|
-
/*! @azure/msal-common v16.
|
|
1494
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1484
1495
|
/* eslint-disable header/header */
|
|
1485
1496
|
const name$1 = "@azure/msal-common";
|
|
1486
|
-
const version$1 = "16.
|
|
1497
|
+
const version$1 = "16.5.0";
|
|
1487
1498
|
|
|
1488
|
-
/*! @azure/msal-common v16.
|
|
1499
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1489
1500
|
/*
|
|
1490
1501
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1491
1502
|
* Licensed under the MIT License.
|
|
@@ -1494,7 +1505,7 @@ const AzureCloudInstance = {
|
|
|
1494
1505
|
// AzureCloudInstance is not specified.
|
|
1495
1506
|
None: "none"};
|
|
1496
1507
|
|
|
1497
|
-
/*! @azure/msal-common v16.
|
|
1508
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1498
1509
|
/*
|
|
1499
1510
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1500
1511
|
* Licensed under the MIT License.
|
|
@@ -1576,7 +1587,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1576
1587
|
return updatedAccountInfo;
|
|
1577
1588
|
}
|
|
1578
1589
|
|
|
1579
|
-
/*! @azure/msal-common v16.
|
|
1590
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1580
1591
|
|
|
1581
1592
|
/*
|
|
1582
1593
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1656,7 +1667,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1656
1667
|
}
|
|
1657
1668
|
}
|
|
1658
1669
|
|
|
1659
|
-
/*! @azure/msal-common v16.
|
|
1670
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1660
1671
|
|
|
1661
1672
|
/*
|
|
1662
1673
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1813,7 +1824,7 @@ class UrlString {
|
|
|
1813
1824
|
}
|
|
1814
1825
|
}
|
|
1815
1826
|
|
|
1816
|
-
/*! @azure/msal-common v16.
|
|
1827
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1817
1828
|
|
|
1818
1829
|
/*
|
|
1819
1830
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1970,7 +1981,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
1970
1981
|
return null;
|
|
1971
1982
|
}
|
|
1972
1983
|
|
|
1973
|
-
/*! @azure/msal-common v16.
|
|
1984
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1974
1985
|
/*
|
|
1975
1986
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1976
1987
|
* Licensed under the MIT License.
|
|
@@ -1978,7 +1989,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
1978
1989
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
1979
1990
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
1980
1991
|
|
|
1981
|
-
/*! @azure/msal-common v16.
|
|
1992
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1982
1993
|
|
|
1983
1994
|
/*
|
|
1984
1995
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2016,7 +2027,7 @@ function createCacheError(e) {
|
|
|
2016
2027
|
}
|
|
2017
2028
|
}
|
|
2018
2029
|
|
|
2019
|
-
/*! @azure/msal-common v16.
|
|
2030
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2020
2031
|
|
|
2021
2032
|
/*
|
|
2022
2033
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2054,7 +2065,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
2054
2065
|
};
|
|
2055
2066
|
}
|
|
2056
2067
|
|
|
2057
|
-
/*! @azure/msal-common v16.
|
|
2068
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2058
2069
|
/*
|
|
2059
2070
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2060
2071
|
* Licensed under the MIT License.
|
|
@@ -2069,7 +2080,7 @@ const AuthorityType = {
|
|
|
2069
2080
|
Ciam: 3,
|
|
2070
2081
|
};
|
|
2071
2082
|
|
|
2072
|
-
/*! @azure/msal-common v16.
|
|
2083
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2073
2084
|
/*
|
|
2074
2085
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2075
2086
|
* Licensed under the MIT License.
|
|
@@ -2091,7 +2102,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
2091
2102
|
return null;
|
|
2092
2103
|
}
|
|
2093
2104
|
|
|
2094
|
-
/*! @azure/msal-common v16.
|
|
2105
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2095
2106
|
/*
|
|
2096
2107
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2097
2108
|
* Licensed under the MIT License.
|
|
@@ -2115,7 +2126,7 @@ const ProtocolMode = {
|
|
|
2115
2126
|
EAR: "EAR",
|
|
2116
2127
|
};
|
|
2117
2128
|
|
|
2118
|
-
/*! @azure/msal-common v16.
|
|
2129
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2119
2130
|
/**
|
|
2120
2131
|
* Returns the AccountInfo interface for this account.
|
|
2121
2132
|
*/
|
|
@@ -2290,7 +2301,7 @@ function isAccountEntity(entity) {
|
|
|
2290
2301
|
entity.hasOwnProperty("authorityType"));
|
|
2291
2302
|
}
|
|
2292
2303
|
|
|
2293
|
-
/*! @azure/msal-common v16.
|
|
2304
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2294
2305
|
|
|
2295
2306
|
/*
|
|
2296
2307
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3391,7 +3402,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3391
3402
|
}
|
|
3392
3403
|
}
|
|
3393
3404
|
|
|
3394
|
-
/*! @azure/msal-common v16.
|
|
3405
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3395
3406
|
/*
|
|
3396
3407
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3397
3408
|
* Licensed under the MIT License.
|
|
@@ -3405,7 +3416,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3405
3416
|
const PerformanceEventStatus = {
|
|
3406
3417
|
InProgress: 1};
|
|
3407
3418
|
|
|
3408
|
-
/*! @azure/msal-common v16.
|
|
3419
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3409
3420
|
|
|
3410
3421
|
/*
|
|
3411
3422
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3460,7 +3471,7 @@ class StubPerformanceClient {
|
|
|
3460
3471
|
}
|
|
3461
3472
|
}
|
|
3462
3473
|
|
|
3463
|
-
/*! @azure/msal-common v16.
|
|
3474
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3464
3475
|
|
|
3465
3476
|
/*
|
|
3466
3477
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3555,7 +3566,7 @@ function isOidcProtocolMode(config) {
|
|
|
3555
3566
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3556
3567
|
}
|
|
3557
3568
|
|
|
3558
|
-
/*! @azure/msal-common v16.
|
|
3569
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3559
3570
|
/*
|
|
3560
3571
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3561
3572
|
* Licensed under the MIT License.
|
|
@@ -3582,7 +3593,7 @@ function isOidcProtocolMode(config) {
|
|
|
3582
3593
|
}
|
|
3583
3594
|
}
|
|
3584
3595
|
|
|
3585
|
-
/*! @azure/msal-common v16.
|
|
3596
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3586
3597
|
/*
|
|
3587
3598
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3588
3599
|
* Licensed under the MIT License.
|
|
@@ -3647,7 +3658,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
3647
3658
|
return cachedAtSec > nowSeconds();
|
|
3648
3659
|
}
|
|
3649
3660
|
|
|
3650
|
-
/*! @azure/msal-common v16.
|
|
3661
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3651
3662
|
|
|
3652
3663
|
/*
|
|
3653
3664
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3906,7 +3917,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
3906
3917
|
return metadata.expiresAt <= nowSeconds();
|
|
3907
3918
|
}
|
|
3908
3919
|
|
|
3909
|
-
/*! @azure/msal-common v16.
|
|
3920
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3910
3921
|
/*
|
|
3911
3922
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3912
3923
|
* Licensed under the MIT License.
|
|
@@ -3977,7 +3988,7 @@ const RegionDiscoveryGetCurrentVersion = "regionDiscoveryGetCurrentVersion";
|
|
|
3977
3988
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
3978
3989
|
const SetUserData = "setUserData";
|
|
3979
3990
|
|
|
3980
|
-
/*! @azure/msal-common v16.
|
|
3991
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3981
3992
|
/*
|
|
3982
3993
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3983
3994
|
* Licensed under the MIT License.
|
|
@@ -4070,7 +4081,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
4070
4081
|
};
|
|
4071
4082
|
};
|
|
4072
4083
|
|
|
4073
|
-
/*! @azure/msal-common v16.
|
|
4084
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4074
4085
|
|
|
4075
4086
|
/*
|
|
4076
4087
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4150,7 +4161,7 @@ class PopTokenGenerator {
|
|
|
4150
4161
|
}
|
|
4151
4162
|
}
|
|
4152
4163
|
|
|
4153
|
-
/*! @azure/msal-common v16.
|
|
4164
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4154
4165
|
/*
|
|
4155
4166
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4156
4167
|
* Licensed under the MIT License.
|
|
@@ -4201,7 +4212,7 @@ const badToken = "bad_token";
|
|
|
4201
4212
|
*/
|
|
4202
4213
|
const interruptedUser = "interrupted_user";
|
|
4203
4214
|
|
|
4204
|
-
/*! @azure/msal-common v16.
|
|
4215
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4205
4216
|
|
|
4206
4217
|
/*
|
|
4207
4218
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4269,7 +4280,7 @@ function createInteractionRequiredAuthError(errorCode, errorMessage) {
|
|
|
4269
4280
|
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
4270
4281
|
}
|
|
4271
4282
|
|
|
4272
|
-
/*! @azure/msal-common v16.
|
|
4283
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4273
4284
|
|
|
4274
4285
|
/*
|
|
4275
4286
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4288,7 +4299,7 @@ class ServerError extends AuthError {
|
|
|
4288
4299
|
}
|
|
4289
4300
|
}
|
|
4290
4301
|
|
|
4291
|
-
/*! @azure/msal-common v16.
|
|
4302
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4292
4303
|
|
|
4293
4304
|
/*
|
|
4294
4305
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4356,7 +4367,7 @@ function parseRequestState(base64Decode, state) {
|
|
|
4356
4367
|
}
|
|
4357
4368
|
}
|
|
4358
4369
|
|
|
4359
|
-
/*! @azure/msal-common v16.
|
|
4370
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4360
4371
|
|
|
4361
4372
|
/*
|
|
4362
4373
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4704,7 +4715,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
4704
4715
|
return baseAccount;
|
|
4705
4716
|
}
|
|
4706
4717
|
|
|
4707
|
-
/*! @azure/msal-common v16.
|
|
4718
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4708
4719
|
/*
|
|
4709
4720
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4710
4721
|
* Licensed under the MIT License.
|
|
@@ -4714,7 +4725,7 @@ const CcsCredentialType = {
|
|
|
4714
4725
|
UPN: "UPN",
|
|
4715
4726
|
};
|
|
4716
4727
|
|
|
4717
|
-
/*! @azure/msal-common v16.
|
|
4728
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4718
4729
|
/*
|
|
4719
4730
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4720
4731
|
* Licensed under the MIT License.
|
|
@@ -4732,7 +4743,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
4732
4743
|
}
|
|
4733
4744
|
}
|
|
4734
4745
|
|
|
4735
|
-
/*! @azure/msal-common v16.
|
|
4746
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4736
4747
|
/*
|
|
4737
4748
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4738
4749
|
* Licensed under the MIT License.
|
|
@@ -4753,7 +4764,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
4753
4764
|
};
|
|
4754
4765
|
}
|
|
4755
4766
|
|
|
4756
|
-
/*! @azure/msal-common v16.
|
|
4767
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4757
4768
|
|
|
4758
4769
|
/*
|
|
4759
4770
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4839,7 +4850,7 @@ class ThrottlingUtils {
|
|
|
4839
4850
|
}
|
|
4840
4851
|
}
|
|
4841
4852
|
|
|
4842
|
-
/*! @azure/msal-common v16.
|
|
4853
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4843
4854
|
|
|
4844
4855
|
/*
|
|
4845
4856
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4870,7 +4881,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
4870
4881
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
4871
4882
|
}
|
|
4872
4883
|
|
|
4873
|
-
/*! @azure/msal-common v16.
|
|
4884
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4874
4885
|
|
|
4875
4886
|
/*
|
|
4876
4887
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4984,7 +4995,7 @@ async function sendPostRequest(thumbprint, tokenEndpoint, options, correlationId
|
|
|
4984
4995
|
return response;
|
|
4985
4996
|
}
|
|
4986
4997
|
|
|
4987
|
-
/*! @azure/msal-common v16.
|
|
4998
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4988
4999
|
/*
|
|
4989
5000
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4990
5001
|
* Licensed under the MIT License.
|
|
@@ -4996,7 +5007,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
4996
5007
|
response.hasOwnProperty("jwks_uri"));
|
|
4997
5008
|
}
|
|
4998
5009
|
|
|
4999
|
-
/*! @azure/msal-common v16.
|
|
5010
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
5000
5011
|
/*
|
|
5001
5012
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5002
5013
|
* Licensed under the MIT License.
|
|
@@ -5006,7 +5017,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
5006
5017
|
response.hasOwnProperty("metadata"));
|
|
5007
5018
|
}
|
|
5008
5019
|
|
|
5009
|
-
/*! @azure/msal-common v16.
|
|
5020
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
5010
5021
|
/*
|
|
5011
5022
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5012
5023
|
* Licensed under the MIT License.
|
|
@@ -5016,7 +5027,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
5016
5027
|
response.hasOwnProperty("error_description"));
|
|
5017
5028
|
}
|
|
5018
5029
|
|
|
5019
|
-
/*! @azure/msal-common v16.
|
|
5030
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
5020
5031
|
|
|
5021
5032
|
/*
|
|
5022
5033
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5121,7 +5132,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
5121
5132
|
},
|
|
5122
5133
|
};
|
|
5123
5134
|
|
|
5124
|
-
/*! @azure/msal-common v16.
|
|
5135
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
5125
5136
|
|
|
5126
5137
|
/*
|
|
5127
5138
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5941,7 +5952,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
5941
5952
|
};
|
|
5942
5953
|
}
|
|
5943
5954
|
|
|
5944
|
-
/*! @azure/msal-common v16.
|
|
5955
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
5945
5956
|
|
|
5946
5957
|
/*
|
|
5947
5958
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5975,7 +5986,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
5975
5986
|
}
|
|
5976
5987
|
}
|
|
5977
5988
|
|
|
5978
|
-
/*! @azure/msal-common v16.
|
|
5989
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
5979
5990
|
|
|
5980
5991
|
/*
|
|
5981
5992
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6140,11 +6151,6 @@ class AuthorizationCodeClient {
|
|
|
6140
6151
|
throw createClientConfigurationError(missingSshJwk);
|
|
6141
6152
|
}
|
|
6142
6153
|
}
|
|
6143
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6144
|
-
(this.config.authOptions.clientCapabilities &&
|
|
6145
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
6146
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
6147
|
-
}
|
|
6148
6154
|
let ccsCred = undefined;
|
|
6149
6155
|
if (request.clientInfo) {
|
|
6150
6156
|
try {
|
|
@@ -6193,6 +6199,7 @@ class AuthorizationCodeClient {
|
|
|
6193
6199
|
});
|
|
6194
6200
|
}
|
|
6195
6201
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
6202
|
+
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities, request.skipBrokerClaims);
|
|
6196
6203
|
return mapToQueryString(parameters);
|
|
6197
6204
|
}
|
|
6198
6205
|
/**
|
|
@@ -6236,7 +6243,7 @@ class AuthorizationCodeClient {
|
|
|
6236
6243
|
}
|
|
6237
6244
|
}
|
|
6238
6245
|
|
|
6239
|
-
/*! @azure/msal-common v16.
|
|
6246
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6240
6247
|
|
|
6241
6248
|
/*
|
|
6242
6249
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6426,11 +6433,6 @@ class RefreshTokenClient {
|
|
|
6426
6433
|
throw createClientConfigurationError(missingSshJwk);
|
|
6427
6434
|
}
|
|
6428
6435
|
}
|
|
6429
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6430
|
-
(this.config.authOptions.clientCapabilities &&
|
|
6431
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
6432
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
6433
|
-
}
|
|
6434
6436
|
if (this.config.systemOptions.preventCorsPreflight &&
|
|
6435
6437
|
request.ccsCredential) {
|
|
6436
6438
|
switch (request.ccsCredential.type) {
|
|
@@ -6457,11 +6459,12 @@ class RefreshTokenClient {
|
|
|
6457
6459
|
});
|
|
6458
6460
|
}
|
|
6459
6461
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
6462
|
+
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities, request.skipBrokerClaims);
|
|
6460
6463
|
return mapToQueryString(parameters);
|
|
6461
6464
|
}
|
|
6462
6465
|
}
|
|
6463
6466
|
|
|
6464
|
-
/*! @azure/msal-common v16.
|
|
6467
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6465
6468
|
|
|
6466
6469
|
/*
|
|
6467
6470
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6577,7 +6580,7 @@ class SilentFlowClient {
|
|
|
6577
6580
|
}
|
|
6578
6581
|
}
|
|
6579
6582
|
|
|
6580
|
-
/*! @azure/msal-common v16.
|
|
6583
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6581
6584
|
|
|
6582
6585
|
/*
|
|
6583
6586
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6592,7 +6595,7 @@ const StubbedNetworkModule = {
|
|
|
6592
6595
|
},
|
|
6593
6596
|
};
|
|
6594
6597
|
|
|
6595
|
-
/*! @azure/msal-common v16.
|
|
6598
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6596
6599
|
|
|
6597
6600
|
/*
|
|
6598
6601
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6716,14 +6719,10 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
|
|
|
6716
6719
|
if (request.state) {
|
|
6717
6720
|
addState(parameters, request.state);
|
|
6718
6721
|
}
|
|
6719
|
-
if (request.claims ||
|
|
6720
|
-
(authOptions.clientCapabilities &&
|
|
6721
|
-
authOptions.clientCapabilities.length > 0)) {
|
|
6722
|
-
addClaims(parameters, request.claims, authOptions.clientCapabilities);
|
|
6723
|
-
}
|
|
6724
6722
|
if (request.embeddedClientId) {
|
|
6725
6723
|
addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
|
|
6726
6724
|
}
|
|
6725
|
+
addClaims(parameters, request.claims, authOptions.clientCapabilities, request.skipBrokerClaims);
|
|
6727
6726
|
// If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
|
|
6728
6727
|
if (authOptions.instanceAware &&
|
|
6729
6728
|
(!request.extraQueryParameters ||
|
|
@@ -6819,7 +6818,7 @@ function extractLoginHint(account) {
|
|
|
6819
6818
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
6820
6819
|
}
|
|
6821
6820
|
|
|
6822
|
-
/*! @azure/msal-common v16.
|
|
6821
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6823
6822
|
|
|
6824
6823
|
/*
|
|
6825
6824
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6852,7 +6851,7 @@ function containsResourceParam(params) {
|
|
|
6852
6851
|
return Object.prototype.hasOwnProperty.call(params, "resource");
|
|
6853
6852
|
}
|
|
6854
6853
|
|
|
6855
|
-
/*! @azure/msal-common v16.
|
|
6854
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6856
6855
|
/*
|
|
6857
6856
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6858
6857
|
* Licensed under the MIT License.
|
|
@@ -6862,7 +6861,7 @@ function containsResourceParam(params) {
|
|
|
6862
6861
|
*/
|
|
6863
6862
|
const unexpectedError = "unexpected_error";
|
|
6864
6863
|
|
|
6865
|
-
/*! @azure/msal-common v16.
|
|
6864
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6866
6865
|
|
|
6867
6866
|
/*
|
|
6868
6867
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7123,7 +7122,7 @@ class ServerTelemetryManager {
|
|
|
7123
7122
|
}
|
|
7124
7123
|
}
|
|
7125
7124
|
|
|
7126
|
-
/*! @azure/msal-common v16.
|
|
7125
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
7127
7126
|
|
|
7128
7127
|
/*
|
|
7129
7128
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7144,7 +7143,7 @@ function createJoseHeaderError(code) {
|
|
|
7144
7143
|
return new JoseHeaderError(code);
|
|
7145
7144
|
}
|
|
7146
7145
|
|
|
7147
|
-
/*! @azure/msal-common v16.
|
|
7146
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
7148
7147
|
/*
|
|
7149
7148
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7150
7149
|
* Licensed under the MIT License.
|
|
@@ -7152,7 +7151,7 @@ function createJoseHeaderError(code) {
|
|
|
7152
7151
|
const missingKidError = "missing_kid_error";
|
|
7153
7152
|
const missingAlgError = "missing_alg_error";
|
|
7154
7153
|
|
|
7155
|
-
/*! @azure/msal-common v16.
|
|
7154
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
7156
7155
|
|
|
7157
7156
|
/*
|
|
7158
7157
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7587,7 +7586,7 @@ function ensureArgumentIsJSONString(argName, argValue, correlationId) {
|
|
|
7587
7586
|
|
|
7588
7587
|
/* eslint-disable header/header */
|
|
7589
7588
|
const name = "@azure/msal-browser";
|
|
7590
|
-
const version = "5.
|
|
7589
|
+
const version = "5.7.0";
|
|
7591
7590
|
|
|
7592
7591
|
/*
|
|
7593
7592
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8143,6 +8142,7 @@ const StandardInteractionClientGetDiscoveredAuthority = "standardInteractionClie
|
|
|
8143
8142
|
* Used to acquire a token from Native component when native brokering is enabled.
|
|
8144
8143
|
*/
|
|
8145
8144
|
const NativeInteractionClientAcquireToken = "nativeInteractionClientAcquireToken";
|
|
8145
|
+
const NativeInteractionClientAcquireTokenRedirect = "nativeInteractionClientAcquireToken";
|
|
8146
8146
|
/**
|
|
8147
8147
|
* acquireTokenByRefreshToken API in RefreshTokenClient (msal-common).
|
|
8148
8148
|
*/
|
|
@@ -14189,7 +14189,12 @@ const SsoSilent = "ssoSilent";
|
|
|
14189
14189
|
// Initialize client application
|
|
14190
14190
|
const InitializeClientApplication = "initializeClientApplication";
|
|
14191
14191
|
// Update cache storage
|
|
14192
|
-
const LocalStorageUpdated = "localStorageUpdated";
|
|
14192
|
+
const LocalStorageUpdated = "localStorageUpdated";
|
|
14193
|
+
/**
|
|
14194
|
+
* SSO capability verification call (msal-browser).
|
|
14195
|
+
* Fire-and-forget SSO verification call made after interactive authentication completes.
|
|
14196
|
+
*/
|
|
14197
|
+
const SsoCapable = "ssoCapable";
|
|
14193
14198
|
|
|
14194
14199
|
/*
|
|
14195
14200
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -14206,6 +14211,7 @@ const PLATFORM_AUTH_DOM_SUPPORT = `${PREFIX}.${BROWSER_PREFIX}.platform.auth.dom
|
|
|
14206
14211
|
const VERSION_CACHE_KEY = `${PREFIX}.version`;
|
|
14207
14212
|
const ACCOUNT_KEYS = "account.keys";
|
|
14208
14213
|
const TOKEN_KEYS = "token.keys";
|
|
14214
|
+
const SSO_CAPABLE = `${PREFIX}.${BROWSER_PREFIX}.sso.capable`;
|
|
14209
14215
|
function getAccountKeysCacheKey(schema = ACCOUNT_SCHEMA_VERSION) {
|
|
14210
14216
|
if (schema < 1) {
|
|
14211
14217
|
return `${PREFIX}.${ACCOUNT_KEYS}`;
|
|
@@ -16391,7 +16397,6 @@ const userSwitch = "user_switch";
|
|
|
16391
16397
|
const USER_INTERACTION_REQUIRED = "USER_INTERACTION_REQUIRED";
|
|
16392
16398
|
const USER_CANCEL = "USER_CANCEL";
|
|
16393
16399
|
const NO_NETWORK = "NO_NETWORK";
|
|
16394
|
-
const PERSISTENT_ERROR = "PERSISTENT_ERROR";
|
|
16395
16400
|
const DISABLED = "DISABLED";
|
|
16396
16401
|
const ACCOUNT_UNAVAILABLE = "ACCOUNT_UNAVAILABLE";
|
|
16397
16402
|
const UX_NOT_ALLOWED = "UX_NOT_ALLOWED";
|
|
@@ -16415,8 +16420,7 @@ class NativeAuthError extends AuthError {
|
|
|
16415
16420
|
function isFatalNativeAuthError(error) {
|
|
16416
16421
|
if (error.ext &&
|
|
16417
16422
|
error.ext.status &&
|
|
16418
|
-
|
|
16419
|
-
error.ext.status === DISABLED)) {
|
|
16423
|
+
error.ext.status === DISABLED) {
|
|
16420
16424
|
return true;
|
|
16421
16425
|
}
|
|
16422
16426
|
if (error.ext &&
|
|
@@ -16542,12 +16546,12 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16542
16546
|
async acquireToken(request, cacheLookupPolicy) {
|
|
16543
16547
|
this.logger.trace("03qeos", this.correlationId);
|
|
16544
16548
|
// start the perf measurement
|
|
16545
|
-
const nativeATMeasurement = this.performanceClient.startMeasurement(NativeInteractionClientAcquireToken,
|
|
16549
|
+
const nativeATMeasurement = this.performanceClient.startMeasurement(NativeInteractionClientAcquireToken, this.correlationId);
|
|
16546
16550
|
const reqTimestamp = nowSeconds();
|
|
16547
16551
|
const serverTelemetryManager = initializeServerTelemetryManager(this.apiId, this.config.auth.clientId, this.correlationId, this.browserStorage, this.logger);
|
|
16548
16552
|
try {
|
|
16549
16553
|
// initialize native request
|
|
16550
|
-
const nativeRequest = await this.
|
|
16554
|
+
const nativeRequest = await this.initializePlatformRequest(request);
|
|
16551
16555
|
// check if the tokens can be retrieved from internal cache
|
|
16552
16556
|
try {
|
|
16553
16557
|
const result = await this.acquireTokensFromCache(this.accountId, nativeRequest);
|
|
@@ -16561,6 +16565,10 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16561
16565
|
catch (e) {
|
|
16562
16566
|
if (cacheLookupPolicy === CacheLookupPolicy.AccessToken) {
|
|
16563
16567
|
this.logger.info("0eitbc", this.correlationId);
|
|
16568
|
+
nativeATMeasurement.end({
|
|
16569
|
+
success: false,
|
|
16570
|
+
brokerErrorCode: "cache_request_failed",
|
|
16571
|
+
});
|
|
16564
16572
|
throw e;
|
|
16565
16573
|
}
|
|
16566
16574
|
// continue with a native call for any and all errors
|
|
@@ -16582,7 +16590,6 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16582
16590
|
success: false,
|
|
16583
16591
|
errorCode: error.errorCode,
|
|
16584
16592
|
subErrorCode: error.subError,
|
|
16585
|
-
isNativeBroker: true,
|
|
16586
16593
|
});
|
|
16587
16594
|
throw error;
|
|
16588
16595
|
});
|
|
@@ -16591,6 +16598,9 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16591
16598
|
if (e instanceof NativeAuthError) {
|
|
16592
16599
|
serverTelemetryManager.setNativeBrokerErrorCode(e.errorCode);
|
|
16593
16600
|
}
|
|
16601
|
+
nativeATMeasurement.end({
|
|
16602
|
+
success: false,
|
|
16603
|
+
});
|
|
16594
16604
|
throw e;
|
|
16595
16605
|
}
|
|
16596
16606
|
}
|
|
@@ -16623,7 +16633,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16623
16633
|
// fetch the account from browser cache
|
|
16624
16634
|
const account = this.browserStorage.getBaseAccountInfo({
|
|
16625
16635
|
nativeAccountId,
|
|
16626
|
-
},
|
|
16636
|
+
}, this.correlationId);
|
|
16627
16637
|
if (!account) {
|
|
16628
16638
|
throw createClientAuthError(noAccountFound);
|
|
16629
16639
|
}
|
|
@@ -16653,7 +16663,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16653
16663
|
*/
|
|
16654
16664
|
async acquireTokenRedirect(request, rootMeasurement, options) {
|
|
16655
16665
|
this.logger.trace("0luikq", this.correlationId);
|
|
16656
|
-
const nativeRequest = await this.
|
|
16666
|
+
const nativeRequest = await this.initializePlatformRequest(request);
|
|
16657
16667
|
const navigateToLoginRequestUrl = options?.navigateToLoginRequestUrl ?? true;
|
|
16658
16668
|
try {
|
|
16659
16669
|
await this.platformAuthProvider.sendMessage(nativeRequest);
|
|
@@ -16685,7 +16695,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16685
16695
|
* @param performanceClient {IPerformanceClient?}
|
|
16686
16696
|
* @param correlationId {string?} correlation identifier
|
|
16687
16697
|
*/
|
|
16688
|
-
async handleRedirectPromise(
|
|
16698
|
+
async handleRedirectPromise() {
|
|
16689
16699
|
this.logger.trace("1c5lhw", this.correlationId);
|
|
16690
16700
|
if (!this.browserStorage.isInteractionInProgress(true)) {
|
|
16691
16701
|
this.logger.info("0le6uv", this.correlationId);
|
|
@@ -16695,9 +16705,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16695
16705
|
const cachedRequest = this.browserStorage.getCachedNativeRequest();
|
|
16696
16706
|
if (!cachedRequest) {
|
|
16697
16707
|
this.logger.verbose("0a6zjb", this.correlationId);
|
|
16698
|
-
|
|
16699
|
-
performanceClient?.addFields({ errorCode: "no_cached_request" }, correlationId);
|
|
16700
|
-
}
|
|
16708
|
+
this.performanceClient?.addFields({ errorCode: "no_cached_request" }, this.correlationId);
|
|
16701
16709
|
return null;
|
|
16702
16710
|
}
|
|
16703
16711
|
const { prompt, ...request } = cachedRequest;
|
|
@@ -16712,6 +16720,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16712
16720
|
const authResult = await this.handleNativeResponse(response, request, reqTimestamp);
|
|
16713
16721
|
const serverTelemetryManager = initializeServerTelemetryManager(this.apiId, this.config.auth.clientId, this.correlationId, this.browserStorage, this.logger);
|
|
16714
16722
|
serverTelemetryManager.clearNativeBrokerErrorCode();
|
|
16723
|
+
this.performanceClient?.addFields({ isNativeBroker: true }, this.correlationId);
|
|
16715
16724
|
return authResult;
|
|
16716
16725
|
}
|
|
16717
16726
|
catch (e) {
|
|
@@ -16980,15 +16989,23 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16980
16989
|
* Translates developer provided request object into NativeRequest object
|
|
16981
16990
|
* @param request
|
|
16982
16991
|
*/
|
|
16983
|
-
async
|
|
16984
|
-
this.logger.trace("
|
|
16992
|
+
async initializePlatformRequest(request) {
|
|
16993
|
+
this.logger.trace("1xdm2a", this.correlationId);
|
|
16985
16994
|
const canonicalAuthority = await this.getCanonicalAuthority(request);
|
|
16995
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
16996
|
+
const configClaims = request.skipBrokerClaims && !!request.embeddedClientId
|
|
16997
|
+
? undefined
|
|
16998
|
+
: this.config.auth.clientCapabilities;
|
|
16986
16999
|
// scopes are expected to be received by the native broker as "scope" and will be added to the request below. Other properties that should be dropped from the request to the native broker can be included in the object destructuring here.
|
|
16987
|
-
const { scopes, ...remainingProperties } = request;
|
|
17000
|
+
const { scopes, claims, ...remainingProperties } = request;
|
|
16988
17001
|
const scopeSet = new ScopeSet(scopes || []);
|
|
16989
17002
|
scopeSet.appendScopes(OIDC_DEFAULT_SCOPES);
|
|
17003
|
+
const mergedClaims = configClaims && configClaims.length
|
|
17004
|
+
? addClientCapabilitiesToClaims(claims, configClaims)
|
|
17005
|
+
: claims;
|
|
16990
17006
|
const validatedRequest = {
|
|
16991
17007
|
...remainingProperties,
|
|
17008
|
+
claims: mergedClaims,
|
|
16992
17009
|
accountId: this.accountId,
|
|
16993
17010
|
clientId: this.config.auth.clientId,
|
|
16994
17011
|
authority: canonicalAuthority.urlString,
|
|
@@ -17058,12 +17075,12 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
17058
17075
|
switch (this.apiId) {
|
|
17059
17076
|
case ApiId.ssoSilent:
|
|
17060
17077
|
case ApiId.acquireTokenSilent_silentFlow:
|
|
17061
|
-
this.logger.trace("
|
|
17078
|
+
this.logger.trace("12n1y2", this.correlationId);
|
|
17062
17079
|
return PromptValue.NONE;
|
|
17063
17080
|
}
|
|
17064
17081
|
// Prompt not provided, request may proceed and native broker decides if it needs to prompt
|
|
17065
17082
|
if (!prompt) {
|
|
17066
|
-
this.logger.trace("
|
|
17083
|
+
this.logger.trace("0uid1p", this.correlationId);
|
|
17067
17084
|
return undefined;
|
|
17068
17085
|
}
|
|
17069
17086
|
// If request is interactive, check if prompt provided is allowed to go directly to native broker
|
|
@@ -17071,10 +17088,10 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
17071
17088
|
case PromptValue.NONE:
|
|
17072
17089
|
case PromptValue.CONSENT:
|
|
17073
17090
|
case PromptValue.LOGIN:
|
|
17074
|
-
this.logger.trace("
|
|
17091
|
+
this.logger.trace("0i0hco", this.correlationId);
|
|
17075
17092
|
return prompt;
|
|
17076
17093
|
default:
|
|
17077
|
-
this.logger.trace("
|
|
17094
|
+
this.logger.trace("0w3tpw", this.correlationId);
|
|
17078
17095
|
throw createBrowserAuthError(nativePromptNotSupported);
|
|
17079
17096
|
}
|
|
17080
17097
|
}
|
|
@@ -17110,7 +17127,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
17110
17127
|
this.performanceClient?.addFields({
|
|
17111
17128
|
embeddedClientId: child_client_id,
|
|
17112
17129
|
embeddedRedirectUri: child_redirect_uri,
|
|
17113
|
-
},
|
|
17130
|
+
}, this.correlationId);
|
|
17114
17131
|
}
|
|
17115
17132
|
}
|
|
17116
17133
|
|
|
@@ -17197,6 +17214,10 @@ async function getStandardParameters(config, authority, request, logger, perform
|
|
|
17197
17214
|
if (request.platformBroker) {
|
|
17198
17215
|
// signal ests that this is a WAM call
|
|
17199
17216
|
addNativeBroker(parameters);
|
|
17217
|
+
// instrument JS-platform bridge specific fields
|
|
17218
|
+
performanceClient.addFields({
|
|
17219
|
+
isPlatformAuthorizeRequest: true,
|
|
17220
|
+
}, request.correlationId);
|
|
17200
17221
|
// pass the req_cnf for POP
|
|
17201
17222
|
if (request.authenticationScheme === AuthenticationScheme.POP) {
|
|
17202
17223
|
const cryptoOps = new CryptoOps(logger, performanceClient);
|
|
@@ -17666,6 +17687,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
17666
17687
|
},
|
|
17667
17688
|
instanceAware: false,
|
|
17668
17689
|
isMcp: false,
|
|
17690
|
+
verifySSO: false,
|
|
17669
17691
|
};
|
|
17670
17692
|
// Default cache options for browser
|
|
17671
17693
|
const DEFAULT_CACHE_OPTIONS = {
|
|
@@ -18200,7 +18222,7 @@ function isDomEnabledForPlatformAuth() {
|
|
|
18200
18222
|
}
|
|
18201
18223
|
}
|
|
18202
18224
|
/**
|
|
18203
|
-
* Returns boolean indicating whether or not the request should attempt to use
|
|
18225
|
+
* Returns boolean indicating whether or not the request should attempt to use platform broker
|
|
18204
18226
|
* @param logger
|
|
18205
18227
|
* @param config
|
|
18206
18228
|
* @param correlationId
|
|
@@ -18482,6 +18504,10 @@ class PopupClient extends StandardInteractionClient {
|
|
|
18482
18504
|
return;
|
|
18483
18505
|
}
|
|
18484
18506
|
}
|
|
18507
|
+
// Redirect bridge requires "state" param to work properly
|
|
18508
|
+
validRequest.state = setRequestState(this.browserCrypto, validRequest.state || "", {
|
|
18509
|
+
interactionType: InteractionType.Popup,
|
|
18510
|
+
});
|
|
18485
18511
|
// Create logout string and navigate user window to logout.
|
|
18486
18512
|
const logoutUri = authClient.getLogoutUri(validRequest);
|
|
18487
18513
|
this.eventHandler.emitEvent(EventType.LOGOUT_SUCCESS, validRequest.correlationId, InteractionType.Popup, validRequest);
|
|
@@ -19022,6 +19048,10 @@ class RedirectClient extends StandardInteractionClient {
|
|
|
19022
19048
|
}
|
|
19023
19049
|
}
|
|
19024
19050
|
}
|
|
19051
|
+
// Redirect bridge requires "state" param to work properly
|
|
19052
|
+
validLogoutRequest.state = setRequestState(this.browserCrypto, validLogoutRequest.state || "", {
|
|
19053
|
+
interactionType: InteractionType.Redirect,
|
|
19054
|
+
});
|
|
19025
19055
|
// Create logout string and navigate user window to logout.
|
|
19026
19056
|
const logoutUri = authClient.getLogoutUri(validLogoutRequest);
|
|
19027
19057
|
if (validLogoutRequest.account?.homeAccountId) {
|
|
@@ -19270,6 +19300,38 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
19270
19300
|
return invokeAsync(handleResponseEAR, HandleResponseEar, this.logger, this.performanceClient, correlationId)(silentRequest, serverParams, this.apiId, this.config, discoveredAuthority, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
19271
19301
|
}
|
|
19272
19302
|
}
|
|
19303
|
+
/**
|
|
19304
|
+
* Verifies SSO capability by making an iframe request to /authorize without exchanging the code for tokens.
|
|
19305
|
+
* This is useful for verifying SSO capability in the background without the overhead of a full token exchange.
|
|
19306
|
+
* @param request - The SSO silent request
|
|
19307
|
+
* @returns true if SSO verification was successful with a valid authorization code, false otherwise
|
|
19308
|
+
*/
|
|
19309
|
+
async verifySso(request) {
|
|
19310
|
+
const inputRequest = { ...request };
|
|
19311
|
+
if (!inputRequest.prompt) {
|
|
19312
|
+
inputRequest.prompt = PromptValue.NONE;
|
|
19313
|
+
}
|
|
19314
|
+
// Create silent request
|
|
19315
|
+
const silentRequest = await invokeAsync(initializeAuthorizationRequest, StandardInteractionClientInitializeAuthorizationRequest, this.logger, this.performanceClient, this.correlationId)(inputRequest, InteractionType.Silent, this.config, this.browserCrypto, this.browserStorage, this.logger, this.performanceClient, this.correlationId);
|
|
19316
|
+
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, this.correlationId)({
|
|
19317
|
+
serverTelemetryManager: initializeServerTelemetryManager(this.apiId, this.config.auth.clientId, this.correlationId, this.browserStorage, this.logger),
|
|
19318
|
+
requestAuthority: silentRequest.authority,
|
|
19319
|
+
requestAzureCloudOptions: silentRequest.azureCloudOptions,
|
|
19320
|
+
requestExtraQueryParameters: silentRequest.extraQueryParameters,
|
|
19321
|
+
account: silentRequest.account,
|
|
19322
|
+
});
|
|
19323
|
+
const { serverParams } = await this.silentAuthorizeHelper(authClient, silentRequest);
|
|
19324
|
+
const correlationId = silentRequest.correlationId;
|
|
19325
|
+
// Validate the response - this checks for errors and validates state
|
|
19326
|
+
validateAuthorizationResponse(serverParams, silentRequest.state);
|
|
19327
|
+
// Verify a valid authorization code is present
|
|
19328
|
+
if (!serverParams.code) {
|
|
19329
|
+
this.logger.warning("0y34ti", correlationId);
|
|
19330
|
+
return false;
|
|
19331
|
+
}
|
|
19332
|
+
this.logger.verbose("0kkkcj", correlationId);
|
|
19333
|
+
return true;
|
|
19334
|
+
}
|
|
19273
19335
|
/**
|
|
19274
19336
|
* Currently Unsupported
|
|
19275
19337
|
*/
|
|
@@ -19284,6 +19346,16 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
19284
19346
|
* @param userRequestScopes
|
|
19285
19347
|
*/
|
|
19286
19348
|
async silentTokenHelper(authClient, request) {
|
|
19349
|
+
const { serverParams, pkceCodes } = await this.silentAuthorizeHelper(authClient, request);
|
|
19350
|
+
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, request.correlationId)(request, serverParams, pkceCodes.verifier, this.apiId, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
19351
|
+
}
|
|
19352
|
+
/**
|
|
19353
|
+
* Shared helper that generates PKCE codes, builds the /authorize URL,
|
|
19354
|
+
* loads it in a hidden iframe, waits for the redirect-bridge response,
|
|
19355
|
+
* and returns the deserialized server parameters along with the PKCE codes
|
|
19356
|
+
* and the request that was sent.
|
|
19357
|
+
*/
|
|
19358
|
+
async silentAuthorizeHelper(authClient, request) {
|
|
19287
19359
|
const correlationId = request.correlationId;
|
|
19288
19360
|
const pkceCodes = await invokeAsync(generatePkceCodes, GeneratePkceCodes, this.logger, this.performanceClient, correlationId)(this.performanceClient, this.logger, correlationId);
|
|
19289
19361
|
const silentRequest = {
|
|
@@ -19310,7 +19382,7 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
19310
19382
|
invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
|
|
19311
19383
|
}
|
|
19312
19384
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
19313
|
-
return
|
|
19385
|
+
return { serverParams, pkceCodes, silentRequest };
|
|
19314
19386
|
}
|
|
19315
19387
|
}
|
|
19316
19388
|
|
|
@@ -19677,22 +19749,25 @@ class StandardController {
|
|
|
19677
19749
|
}
|
|
19678
19750
|
const loggedInAccounts = this.getAllAccounts();
|
|
19679
19751
|
const platformBrokerRequest = this.browserStorage.getCachedNativeRequest();
|
|
19680
|
-
const useNative = platformBrokerRequest &&
|
|
19681
|
-
this.platformAuthProvider &&
|
|
19682
|
-
!options?.hash;
|
|
19752
|
+
const useNative = platformBrokerRequest && !options?.hash;
|
|
19683
19753
|
let rootMeasurement;
|
|
19684
19754
|
let redirectResponse;
|
|
19755
|
+
let cachedRedirectRequest;
|
|
19685
19756
|
try {
|
|
19686
19757
|
if (useNative && this.platformAuthProvider) {
|
|
19687
19758
|
const correlationId = platformBrokerRequest?.correlationId || "";
|
|
19688
19759
|
this.eventHandler.emitEvent(EventType.HANDLE_REDIRECT_START, correlationId, InteractionType.Redirect);
|
|
19689
19760
|
rootMeasurement = this.performanceClient.startMeasurement(AcquireTokenRedirect, correlationId);
|
|
19690
19761
|
this.logger.trace("12v7is", correlationId);
|
|
19762
|
+
rootMeasurement.add({
|
|
19763
|
+
isPlatformBrokerRequest: true,
|
|
19764
|
+
});
|
|
19691
19765
|
const nativeClient = new PlatformAuthInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.handleRedirectPromise, this.performanceClient, this.platformAuthProvider, platformBrokerRequest.accountId, this.nativeInternalStorage, platformBrokerRequest.correlationId);
|
|
19692
|
-
redirectResponse = invokeAsync(nativeClient.handleRedirectPromise.bind(nativeClient), HandleNativeRedirectPromiseMeasurement, this.logger, this.performanceClient, rootMeasurement.event.correlationId)(
|
|
19766
|
+
redirectResponse = invokeAsync(nativeClient.handleRedirectPromise.bind(nativeClient), HandleNativeRedirectPromiseMeasurement, this.logger, this.performanceClient, rootMeasurement.event.correlationId)();
|
|
19693
19767
|
}
|
|
19694
19768
|
else {
|
|
19695
19769
|
const [standardRequest, codeVerifier] = this.browserStorage.getCachedRequest("");
|
|
19770
|
+
cachedRedirectRequest = standardRequest;
|
|
19696
19771
|
const correlationId = standardRequest.correlationId;
|
|
19697
19772
|
this.eventHandler.emitEvent(EventType.HANDLE_REDIRECT_START, correlationId, InteractionType.Redirect);
|
|
19698
19773
|
// Reset rootMeasurement now that we have correlationId
|
|
@@ -19721,6 +19796,8 @@ class StandardController {
|
|
|
19721
19796
|
rootMeasurement.end({
|
|
19722
19797
|
success: true,
|
|
19723
19798
|
}, undefined, result.account);
|
|
19799
|
+
// Fire-and-forget SSO capability verification in background
|
|
19800
|
+
this.verifySsoCapability(cachedRedirectRequest, InteractionType.Redirect);
|
|
19724
19801
|
}
|
|
19725
19802
|
else {
|
|
19726
19803
|
/*
|
|
@@ -19786,12 +19863,14 @@ class StandardController {
|
|
|
19786
19863
|
if (this.platformAuthProvider &&
|
|
19787
19864
|
this.canUsePlatformBroker(request)) {
|
|
19788
19865
|
const nativeClient = new PlatformAuthInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.acquireTokenRedirect, this.performanceClient, this.platformAuthProvider, this.getNativeAccountId(request), this.nativeInternalStorage, correlationId);
|
|
19789
|
-
result = nativeClient
|
|
19790
|
-
.
|
|
19791
|
-
|
|
19866
|
+
result = invokeAsync(nativeClient.acquireTokenRedirect.bind(nativeClient), NativeInteractionClientAcquireTokenRedirect, this.logger, this.performanceClient, correlationId)(request, atrMeasurement).catch((e) => {
|
|
19867
|
+
atrMeasurement.add({
|
|
19868
|
+
brokerErrorName: e.name,
|
|
19869
|
+
brokerErrorCode: e.errorCode,
|
|
19870
|
+
});
|
|
19792
19871
|
if (e instanceof NativeAuthError &&
|
|
19793
19872
|
isFatalNativeAuthError(e)) {
|
|
19794
|
-
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
|
|
19873
|
+
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt platform broker calls
|
|
19795
19874
|
const redirectClient = this.createRedirectClient(correlationId);
|
|
19796
19875
|
return redirectClient.acquireToken(request);
|
|
19797
19876
|
}
|
|
@@ -19857,6 +19936,9 @@ class StandardController {
|
|
|
19857
19936
|
let result;
|
|
19858
19937
|
const pkce = this.getPreGeneratedPkceCodes(correlationId);
|
|
19859
19938
|
if (this.canUsePlatformBroker(request)) {
|
|
19939
|
+
atPopupMeasurement.add({
|
|
19940
|
+
isPlatformBrokerRequest: true,
|
|
19941
|
+
});
|
|
19860
19942
|
result = this.acquireTokenNative({
|
|
19861
19943
|
...request,
|
|
19862
19944
|
correlationId,
|
|
@@ -19869,9 +19951,13 @@ class StandardController {
|
|
|
19869
19951
|
return response;
|
|
19870
19952
|
})
|
|
19871
19953
|
.catch((e) => {
|
|
19954
|
+
atPopupMeasurement.add({
|
|
19955
|
+
brokerErrorName: e.name,
|
|
19956
|
+
brokerErrorCode: e.errorCode,
|
|
19957
|
+
});
|
|
19872
19958
|
if (e instanceof NativeAuthError &&
|
|
19873
19959
|
isFatalNativeAuthError(e)) {
|
|
19874
|
-
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
|
|
19960
|
+
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt platform broker calls
|
|
19875
19961
|
const popupClient = this.createPopupClient(correlationId);
|
|
19876
19962
|
return popupClient.acquireToken(request, pkce);
|
|
19877
19963
|
}
|
|
@@ -19902,6 +19988,8 @@ class StandardController {
|
|
|
19902
19988
|
accessTokenSize: result.accessToken.length,
|
|
19903
19989
|
idTokenSize: result.idToken.length,
|
|
19904
19990
|
}, undefined, result.account);
|
|
19991
|
+
// SSO capability verification in background
|
|
19992
|
+
this.verifySsoCapability(request, InteractionType.Popup);
|
|
19905
19993
|
return result;
|
|
19906
19994
|
})
|
|
19907
19995
|
.catch((e) => {
|
|
@@ -19954,6 +20042,103 @@ class StandardController {
|
|
|
19954
20042
|
window.removeEventListener("online", listener);
|
|
19955
20043
|
window.removeEventListener("offline", listener);
|
|
19956
20044
|
}
|
|
20045
|
+
/**
|
|
20046
|
+
* Reads the cached ssoCapable value from localStorage.
|
|
20047
|
+
* @returns The cached ssoCapable boolean value, or undefined if not cached or expired.
|
|
20048
|
+
*/
|
|
20049
|
+
getCachedSsoCapable() {
|
|
20050
|
+
try {
|
|
20051
|
+
const cachedValue = window.localStorage.getItem(SSO_CAPABLE);
|
|
20052
|
+
if (cachedValue) {
|
|
20053
|
+
const parsed = JSON.parse(cachedValue);
|
|
20054
|
+
if (parsed &&
|
|
20055
|
+
typeof parsed.ssoCapable === "boolean" &&
|
|
20056
|
+
parsed.expiresOn &&
|
|
20057
|
+
Date.now() < parsed.expiresOn) {
|
|
20058
|
+
return parsed.ssoCapable;
|
|
20059
|
+
}
|
|
20060
|
+
}
|
|
20061
|
+
}
|
|
20062
|
+
catch {
|
|
20063
|
+
// If parsing fails, return undefined
|
|
20064
|
+
}
|
|
20065
|
+
return undefined;
|
|
20066
|
+
}
|
|
20067
|
+
/**
|
|
20068
|
+
* SSO capability verification in the background.
|
|
20069
|
+
* This method makes an iframe request to /authorize to verify SSO capability without calling /token.
|
|
20070
|
+
* This method does not block the caller and tracks telemetry for success/failure.
|
|
20071
|
+
* This method only executes if verifySSO is set to true in the auth configuration.
|
|
20072
|
+
* The result is cached in localStorage with a 24-hour TTL; the SSO verification call
|
|
20073
|
+
* is only attempted when the cached value is absent or expired.
|
|
20074
|
+
* @param request - The original request used for the authentication flow
|
|
20075
|
+
* @param interactionType - The interactionType of the AT operation for logging purposes
|
|
20076
|
+
*/
|
|
20077
|
+
verifySsoCapability(request, interactionType) {
|
|
20078
|
+
// Check if SSO capability verification is enabled
|
|
20079
|
+
if (!this.config.auth.verifySSO) {
|
|
20080
|
+
return;
|
|
20081
|
+
}
|
|
20082
|
+
// Check TTL: derive ssoCapable state from localStorage and skip if not expired
|
|
20083
|
+
const ssoCacheKey = SSO_CAPABLE;
|
|
20084
|
+
const SSO_CAPABLE_TTL_MS = 24 * 60 * 60 * 1000; // 24 hours
|
|
20085
|
+
const cachedSsoCapable = this.getCachedSsoCapable();
|
|
20086
|
+
if (cachedSsoCapable !== undefined) {
|
|
20087
|
+
this.logger.verbose("13poou", "");
|
|
20088
|
+
return;
|
|
20089
|
+
}
|
|
20090
|
+
const correlationId = createNewGuid();
|
|
20091
|
+
const ssoCapableMeasurement = this.performanceClient.startMeasurement(SsoCapable, correlationId);
|
|
20092
|
+
ssoCapableMeasurement.add({
|
|
20093
|
+
"ext.interactionType": interactionType,
|
|
20094
|
+
});
|
|
20095
|
+
this.logger.verbose("0pbr0i", correlationId);
|
|
20096
|
+
/*
|
|
20097
|
+
* Use setTimeout to ensure this runs in a separate macrotask after the current call stack completes
|
|
20098
|
+
* This ensures the result is returned to the caller before the SSO verification starts and doesn't affect performance
|
|
20099
|
+
*/
|
|
20100
|
+
setTimeout(() => {
|
|
20101
|
+
const ssoVerificationRequest = {
|
|
20102
|
+
...request,
|
|
20103
|
+
correlationId: correlationId,
|
|
20104
|
+
};
|
|
20105
|
+
const silentIframeClient = this.createSilentIframeClient(correlationId);
|
|
20106
|
+
silentIframeClient
|
|
20107
|
+
.verifySso(ssoVerificationRequest)
|
|
20108
|
+
.then((result) => {
|
|
20109
|
+
this.logger.verbose("1gd1iv", correlationId);
|
|
20110
|
+
// TBD to add profileTelemetry later in localStorage with 24h TTL
|
|
20111
|
+
try {
|
|
20112
|
+
const cacheEntry = JSON.stringify({
|
|
20113
|
+
ssoCapable: result,
|
|
20114
|
+
expiresOn: Date.now() + SSO_CAPABLE_TTL_MS,
|
|
20115
|
+
});
|
|
20116
|
+
window.localStorage.setItem(ssoCacheKey, cacheEntry);
|
|
20117
|
+
}
|
|
20118
|
+
catch {
|
|
20119
|
+
this.logger.warning("18lmoj", correlationId);
|
|
20120
|
+
}
|
|
20121
|
+
ssoCapableMeasurement.end({
|
|
20122
|
+
fromCache: false,
|
|
20123
|
+
success: result,
|
|
20124
|
+
}, undefined);
|
|
20125
|
+
})
|
|
20126
|
+
.catch((error) => {
|
|
20127
|
+
this.logger.warning("05g83w", correlationId);
|
|
20128
|
+
// reset the cache
|
|
20129
|
+
try {
|
|
20130
|
+
window.localStorage.removeItem(ssoCacheKey);
|
|
20131
|
+
}
|
|
20132
|
+
catch {
|
|
20133
|
+
this.logger.warning("0nlf9q", correlationId);
|
|
20134
|
+
}
|
|
20135
|
+
ssoCapableMeasurement.end({
|
|
20136
|
+
fromCache: false,
|
|
20137
|
+
success: false,
|
|
20138
|
+
}, error);
|
|
20139
|
+
});
|
|
20140
|
+
}, 0);
|
|
20141
|
+
}
|
|
19957
20142
|
// #endregion
|
|
19958
20143
|
// #region Silent Flow
|
|
19959
20144
|
/**
|
|
@@ -19975,13 +20160,12 @@ class StandardController {
|
|
|
19975
20160
|
const correlationId = this.getRequestCorrelationId(request);
|
|
19976
20161
|
const validRequest = {
|
|
19977
20162
|
...request,
|
|
19978
|
-
// will be PromptValue.NONE or PromptValue.NO_SESSION
|
|
19979
|
-
prompt: request.prompt,
|
|
19980
20163
|
correlationId: correlationId,
|
|
19981
20164
|
};
|
|
19982
20165
|
this.ssoSilentMeasurement = this.performanceClient.startMeasurement(SsoSilent, correlationId);
|
|
19983
20166
|
this.ssoSilentMeasurement?.add({
|
|
19984
20167
|
scenarioId: request.scenarioId,
|
|
20168
|
+
ssoCapable: this.getCachedSsoCapable(),
|
|
19985
20169
|
});
|
|
19986
20170
|
preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
|
|
19987
20171
|
this.ssoSilentMeasurement?.increment({
|
|
@@ -19994,10 +20178,17 @@ class StandardController {
|
|
|
19994
20178
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, InteractionType.Silent, validRequest);
|
|
19995
20179
|
let result;
|
|
19996
20180
|
if (this.canUsePlatformBroker(validRequest)) {
|
|
20181
|
+
this.ssoSilentMeasurement?.add({
|
|
20182
|
+
isPlatformBrokerRequest: true,
|
|
20183
|
+
});
|
|
19997
20184
|
result = this.acquireTokenNative(validRequest, ApiId.ssoSilent).catch((e) => {
|
|
20185
|
+
this.ssoSilentMeasurement?.add({
|
|
20186
|
+
brokerErrorName: e.name,
|
|
20187
|
+
brokerErrorCode: e.errorCode,
|
|
20188
|
+
});
|
|
19998
20189
|
// If native token acquisition fails for availability reasons fallback to standard flow
|
|
19999
20190
|
if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
|
|
20000
|
-
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
|
|
20191
|
+
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt platform broker calls
|
|
20001
20192
|
const silentIframeClient = this.createSilentIframeClient(validRequest.correlationId);
|
|
20002
20193
|
return silentIframeClient.acquireToken(validRequest);
|
|
20003
20194
|
}
|
|
@@ -20070,7 +20261,6 @@ class StandardController {
|
|
|
20070
20261
|
this.hybridAuthCodeResponses.delete(hybridAuthCode);
|
|
20071
20262
|
atbcMeasurement.end({
|
|
20072
20263
|
success: true,
|
|
20073
|
-
isNativeBroker: result.fromPlatformBroker,
|
|
20074
20264
|
accessTokenSize: result.accessToken.length,
|
|
20075
20265
|
idTokenSize: result.idToken.length,
|
|
20076
20266
|
}, undefined, result.account);
|
|
@@ -20094,10 +20284,17 @@ class StandardController {
|
|
|
20094
20284
|
}
|
|
20095
20285
|
else if (request.nativeAccountId) {
|
|
20096
20286
|
if (this.canUsePlatformBroker(request, request.nativeAccountId)) {
|
|
20287
|
+
atbcMeasurement.add({
|
|
20288
|
+
isPlatformBrokerRequest: true,
|
|
20289
|
+
});
|
|
20097
20290
|
const result = await this.acquireTokenNative({
|
|
20098
20291
|
...request,
|
|
20099
20292
|
correlationId,
|
|
20100
20293
|
}, ApiId.acquireTokenByCode, request.nativeAccountId).catch((e) => {
|
|
20294
|
+
atbcMeasurement.add({
|
|
20295
|
+
brokerErrorName: e.name,
|
|
20296
|
+
brokerErrorCode: e.errorCode,
|
|
20297
|
+
});
|
|
20101
20298
|
// If native token acquisition fails for availability reasons fallback to standard flow
|
|
20102
20299
|
if (e instanceof NativeAuthError &&
|
|
20103
20300
|
isFatalNativeAuthError(e)) {
|
|
@@ -20148,7 +20345,6 @@ class StandardController {
|
|
|
20148
20345
|
this.acquireTokenByCodeAsyncMeasurement?.end({
|
|
20149
20346
|
success: true,
|
|
20150
20347
|
fromCache: response.fromCache,
|
|
20151
|
-
isNativeBroker: response.fromPlatformBroker,
|
|
20152
20348
|
});
|
|
20153
20349
|
return response;
|
|
20154
20350
|
})
|
|
@@ -20317,7 +20513,7 @@ class StandardController {
|
|
|
20317
20513
|
throw createBrowserAuthError(nativeConnectionNotEstablished);
|
|
20318
20514
|
}
|
|
20319
20515
|
const nativeClient = new PlatformAuthInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, apiId, this.performanceClient, this.platformAuthProvider, accountId || this.getNativeAccountId(request), this.nativeInternalStorage, correlationId);
|
|
20320
|
-
return nativeClient.acquireToken(request, cacheLookupPolicy);
|
|
20516
|
+
return invokeAsync(nativeClient.acquireToken.bind(nativeClient), NativeInteractionClientAcquireToken, this.logger, this.performanceClient, correlationId)(request, cacheLookupPolicy);
|
|
20321
20517
|
}
|
|
20322
20518
|
/**
|
|
20323
20519
|
* Returns boolean indicating if this request can use the platform broker
|
|
@@ -20331,7 +20527,7 @@ class StandardController {
|
|
|
20331
20527
|
return false;
|
|
20332
20528
|
}
|
|
20333
20529
|
if (!isPlatformAuthAllowed(this.config, this.logger, correlationId, this.platformAuthProvider, request.authenticationScheme)) {
|
|
20334
|
-
this.logger.trace("
|
|
20530
|
+
this.logger.trace("0yoy1g", correlationId);
|
|
20335
20531
|
return false;
|
|
20336
20532
|
}
|
|
20337
20533
|
if (request.prompt) {
|
|
@@ -20550,6 +20746,7 @@ class StandardController {
|
|
|
20550
20746
|
atsMeasurement.add({
|
|
20551
20747
|
cacheLookupPolicy: request.cacheLookupPolicy,
|
|
20552
20748
|
scenarioId: request.scenarioId,
|
|
20749
|
+
ssoCapable: this.getCachedSsoCapable(),
|
|
20553
20750
|
});
|
|
20554
20751
|
preflightCheck(this.initialized, atsMeasurement, this.config, request);
|
|
20555
20752
|
this.logger.verbose("0x1c4s", correlationId);
|
|
@@ -20562,7 +20759,6 @@ class StandardController {
|
|
|
20562
20759
|
atsMeasurement.end({
|
|
20563
20760
|
success: true,
|
|
20564
20761
|
fromCache: result.fromCache,
|
|
20565
|
-
isNativeBroker: result.fromPlatformBroker,
|
|
20566
20762
|
accessTokenSize: result.accessToken.length,
|
|
20567
20763
|
idTokenSize: result.idToken.length,
|
|
20568
20764
|
}, undefined, result.account);
|
|
@@ -20722,7 +20918,12 @@ class StandardController {
|
|
|
20722
20918
|
if (isPlatformAuthAllowed(this.config, this.logger, silentRequest.correlationId, this.platformAuthProvider, silentRequest.authenticationScheme) &&
|
|
20723
20919
|
silentRequest.account.nativeAccountId) {
|
|
20724
20920
|
this.logger.verbose("0sczo4", silentRequest.correlationId);
|
|
20921
|
+
this.performanceClient.addFields({ isPlatformBrokerRequest: true }, silentRequest.correlationId);
|
|
20725
20922
|
return this.acquireTokenNative(silentRequest, ApiId.acquireTokenSilent_silentFlow, silentRequest.account.nativeAccountId, cacheLookupPolicy).catch(async (e) => {
|
|
20923
|
+
this.performanceClient.addFields({
|
|
20924
|
+
brokerErrorName: e.name,
|
|
20925
|
+
brokerErrorCode: e.errorCode,
|
|
20926
|
+
}, silentRequest.correlationId);
|
|
20726
20927
|
// If native token acquisition fails for availability reasons fallback to web flow
|
|
20727
20928
|
if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
|
|
20728
20929
|
this.logger.verbose("07rkmb", silentRequest.correlationId);
|