@azure/msal-browser 5.6.3 → 5.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +0 -1
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +2 -3
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +2 -2
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.d.ts +1 -0
- package/dist/cache/CacheKeys.d.ts.map +1 -1
- package/dist/cache/CacheKeys.mjs +3 -2
- package/dist/cache/CacheKeys.mjs.map +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.d.ts +7 -0
- package/dist/config/Configuration.d.ts.map +1 -1
- package/dist/config/Configuration.mjs +2 -1
- package/dist/config/Configuration.mjs.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +16 -0
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +150 -20
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +2 -3
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +2 -2
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.d.ts +1 -0
- package/dist/custom-auth-path/cache/CacheKeys.d.ts.map +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +3 -2
- package/dist/custom-auth-path/cache/CacheKeys.mjs.map +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.d.ts +7 -0
- package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +2 -1
- package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts +16 -0
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +150 -20
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.d.ts.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +3 -4
- package/dist/custom-auth-path/error/NativeAuthError.mjs.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +32 -19
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +6 -2
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +6 -2
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts +14 -0
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +45 -3
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/log-strings-mapping.json +47 -15
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +5 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/redirect_bridge/index.d.ts.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs +3 -2
- package/dist/custom-auth-path/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs +8 -3
- package/dist/custom-auth-path/telemetry/BrowserRootPerformanceEvents.mjs.map +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.d.ts.map +1 -1
- package/dist/error/NativeAuthError.mjs +3 -4
- package/dist/error/NativeAuthError.mjs.map +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +32 -19
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +6 -2
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +6 -2
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts +14 -0
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +45 -3
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/log-strings-mapping.json +47 -15
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +5 -1
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/redirect-bridge/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.d.ts +1 -0
- package/dist/redirect-bridge/cache/CacheKeys.d.ts.map +1 -1
- package/dist/redirect-bridge/cache/CacheKeys.mjs +1 -1
- package/dist/redirect-bridge/config/Configuration.d.ts +7 -0
- package/dist/redirect-bridge/config/Configuration.d.ts.map +1 -1
- package/dist/redirect-bridge/config/Configuration.mjs +1 -1
- package/dist/redirect-bridge/controllers/StandardController.d.ts +16 -0
- package/dist/redirect-bridge/controllers/StandardController.d.ts.map +1 -1
- package/dist/redirect-bridge/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/redirect-bridge/encode/Base64Decode.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthError.mjs +1 -1
- package/dist/redirect-bridge/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/redirect-bridge/error/NativeAuthError.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/dist/redirect-bridge/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts +14 -0
- package/dist/redirect-bridge/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/redirect-bridge/navigation/NavigationClient.mjs +1 -1
- package/dist/redirect-bridge/packageMetadata.d.ts +1 -1
- package/dist/redirect-bridge/protocol/Authorize.d.ts.map +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.d.ts.map +1 -1
- package/dist/redirect-bridge/redirect_bridge/index.mjs +11 -7
- package/dist/redirect-bridge/redirect_bridge/index.mjs.map +1 -1
- package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/dist/redirect-bridge/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/redirect-bridge/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/dist/redirect-bridge/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/dist/redirect-bridge/utils/BrowserConstants.mjs +7 -3
- package/dist/redirect-bridge/utils/BrowserConstants.mjs.map +1 -1
- package/dist/redirect-bridge/utils/BrowserUtils.mjs +1 -1
- package/dist/redirect_bridge/index.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/dist/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/dist/telemetry/BrowserPerformanceEvents.mjs +3 -2
- package/dist/telemetry/BrowserPerformanceEvents.mjs.map +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/dist/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs +10 -3
- package/dist/telemetry/BrowserRootPerformanceEvents.mjs.map +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/log-strings-mapping.json +47 -15
- package/lib/custom-auth-path/msal-custom-auth.cjs +334 -133
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/lib/custom-auth-path/types/cache/CacheKeys.d.ts +1 -0
- package/lib/custom-auth-path/types/cache/CacheKeys.d.ts.map +1 -1
- package/lib/custom-auth-path/types/config/Configuration.d.ts +7 -0
- package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts +16 -0
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/error/NativeAuthError.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts +14 -0
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/custom-auth-path/types/redirect_bridge/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/lib/custom-auth-path/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/lib/custom-auth-path/types/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/lib/custom-auth-path/types/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/lib/log-strings-mapping.json +47 -15
- package/lib/msal-browser.cjs +343 -138
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +343 -138
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +2 -2
- package/lib/redirect-bridge/msal-redirect-bridge.js +24 -16
- package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
- package/lib/redirect-bridge/msal-redirect-bridge.min.js +2 -2
- package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts +1 -1
- package/lib/types/cache/CacheKeys.d.ts +1 -0
- package/lib/types/cache/CacheKeys.d.ts.map +1 -1
- package/lib/types/config/Configuration.d.ts +7 -0
- package/lib/types/config/Configuration.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +16 -0
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/error/NativeAuthError.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts +2 -2
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts +14 -0
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/redirect_bridge/index.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts +1 -0
- package/lib/types/telemetry/BrowserPerformanceEvents.d.ts.map +1 -1
- package/lib/types/telemetry/BrowserRootPerformanceEvents.d.ts +6 -0
- package/lib/types/telemetry/BrowserRootPerformanceEvents.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/PlatformAuthProvider.ts +1 -1
- package/src/cache/CacheKeys.ts +1 -0
- package/src/config/Configuration.ts +8 -0
- package/src/controllers/StandardController.ts +233 -35
- package/src/error/NativeAuthError.ts +1 -2
- package/src/interaction_client/PlatformAuthInteractionClient.ts +44 -23
- package/src/interaction_client/PopupClient.ts +10 -0
- package/src/interaction_client/RedirectClient.ts +10 -0
- package/src/interaction_client/SilentIframeClient.ts +123 -20
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +8 -0
- package/src/redirect_bridge/index.ts +12 -5
- package/src/telemetry/BrowserPerformanceEvents.ts +3 -0
- package/src/telemetry/BrowserRootPerformanceEvents.ts +7 -0
package/lib/msal-browser.cjs
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v5.
|
|
1
|
+
/*! @azure/msal-browser v5.7.0 2026-04-16 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v16.
|
|
5
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -234,7 +234,7 @@ const JsonWebTokenTypes$1 = {
|
|
|
234
234
|
// Token renewal offset default in seconds
|
|
235
235
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
236
236
|
|
|
237
|
-
/*! @azure/msal-common v16.
|
|
237
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
238
238
|
/*
|
|
239
239
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
240
240
|
* Licensed under the MIT License.
|
|
@@ -286,7 +286,7 @@ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
|
286
286
|
const RESOURCE = "resource";
|
|
287
287
|
const CLI_DATA = "clidata";
|
|
288
288
|
|
|
289
|
-
/*! @azure/msal-common v16.
|
|
289
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
290
290
|
/*
|
|
291
291
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
292
292
|
* Licensed under the MIT License.
|
|
@@ -317,7 +317,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
317
317
|
return new AuthError(code, additionalMessage || getDefaultErrorMessage$1(code));
|
|
318
318
|
}
|
|
319
319
|
|
|
320
|
-
/*! @azure/msal-common v16.
|
|
320
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
321
321
|
|
|
322
322
|
/*
|
|
323
323
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -337,7 +337,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
337
337
|
return new ClientConfigurationError(errorCode);
|
|
338
338
|
}
|
|
339
339
|
|
|
340
|
-
/*! @azure/msal-common v16.
|
|
340
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
341
341
|
/*
|
|
342
342
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
343
343
|
* Licensed under the MIT License.
|
|
@@ -417,7 +417,7 @@ class StringUtils {
|
|
|
417
417
|
}
|
|
418
418
|
}
|
|
419
419
|
|
|
420
|
-
/*! @azure/msal-common v16.
|
|
420
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
421
421
|
|
|
422
422
|
/*
|
|
423
423
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -440,7 +440,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
440
440
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
441
441
|
}
|
|
442
442
|
|
|
443
|
-
/*! @azure/msal-common v16.
|
|
443
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
444
444
|
/*
|
|
445
445
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
446
446
|
* Licensed under the MIT License.
|
|
@@ -494,7 +494,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
494
494
|
urlParseError: urlParseError
|
|
495
495
|
});
|
|
496
496
|
|
|
497
|
-
/*! @azure/msal-common v16.
|
|
497
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
498
498
|
/*
|
|
499
499
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
500
500
|
* Licensed under the MIT License.
|
|
@@ -582,7 +582,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
582
582
|
userCanceled: userCanceled
|
|
583
583
|
});
|
|
584
584
|
|
|
585
|
-
/*! @azure/msal-common v16.
|
|
585
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
586
586
|
|
|
587
587
|
/*
|
|
588
588
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -777,7 +777,7 @@ class ScopeSet {
|
|
|
777
777
|
}
|
|
778
778
|
}
|
|
779
779
|
|
|
780
|
-
/*! @azure/msal-common v16.
|
|
780
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
781
781
|
|
|
782
782
|
/*
|
|
783
783
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -898,18 +898,29 @@ function addSid(parameters, sid) {
|
|
|
898
898
|
parameters.set(SID, sid);
|
|
899
899
|
}
|
|
900
900
|
/**
|
|
901
|
-
*
|
|
902
|
-
*
|
|
903
|
-
|
|
904
|
-
|
|
905
|
-
|
|
906
|
-
|
|
907
|
-
|
|
908
|
-
|
|
909
|
-
|
|
910
|
-
|
|
901
|
+
* Adds claims to request parameters, conditionally excluding clientCapabilities
|
|
902
|
+
* when skipBrokerClaims is true and a brokered flow is in effect.
|
|
903
|
+
* @param parameters - The request parameters map
|
|
904
|
+
* @param claims - The claims string from the request
|
|
905
|
+
* @param clientCapabilities - The client capabilities from configuration
|
|
906
|
+
* @param skipBrokerClaims - When true and BROKER_CLIENT_ID is present, excludes clientCapabilities from claims
|
|
907
|
+
*/
|
|
908
|
+
function addClaims(parameters, claims, clientCapabilities, skipBrokerClaims) {
|
|
909
|
+
// Skip clientCapabilities if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
910
|
+
const configClaims = skipBrokerClaims && parameters.has(BROKER_CLIENT_ID)
|
|
911
|
+
? undefined
|
|
912
|
+
: clientCapabilities;
|
|
913
|
+
if (!StringUtils.isEmptyObj(claims) ||
|
|
914
|
+
(configClaims && configClaims.length > 0)) {
|
|
915
|
+
const mergedClaims = addClientCapabilitiesToClaims$1(claims, configClaims);
|
|
916
|
+
try {
|
|
917
|
+
JSON.parse(mergedClaims);
|
|
918
|
+
}
|
|
919
|
+
catch (e) {
|
|
920
|
+
throw createClientConfigurationError(invalidClaims);
|
|
921
|
+
}
|
|
922
|
+
parameters.set(CLAIMS, mergedClaims);
|
|
911
923
|
}
|
|
912
|
-
parameters.set(CLAIMS, mergedClaims);
|
|
913
924
|
}
|
|
914
925
|
/**
|
|
915
926
|
* add correlationId
|
|
@@ -1155,7 +1166,7 @@ function addResource(parameters, resource) {
|
|
|
1155
1166
|
}
|
|
1156
1167
|
}
|
|
1157
1168
|
|
|
1158
|
-
/*! @azure/msal-common v16.
|
|
1169
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1159
1170
|
|
|
1160
1171
|
/*
|
|
1161
1172
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1264,7 +1275,7 @@ function normalizeUrlForComparison(url) {
|
|
|
1264
1275
|
}
|
|
1265
1276
|
}
|
|
1266
1277
|
|
|
1267
|
-
/*! @azure/msal-common v16.
|
|
1278
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1268
1279
|
|
|
1269
1280
|
/*
|
|
1270
1281
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1303,7 +1314,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
1303
1314
|
},
|
|
1304
1315
|
};
|
|
1305
1316
|
|
|
1306
|
-
/*! @azure/msal-common v16.
|
|
1317
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1307
1318
|
/*
|
|
1308
1319
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1309
1320
|
* Licensed under the MIT License.
|
|
@@ -1578,12 +1589,12 @@ class Logger {
|
|
|
1578
1589
|
}
|
|
1579
1590
|
}
|
|
1580
1591
|
|
|
1581
|
-
/*! @azure/msal-common v16.
|
|
1592
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1582
1593
|
/* eslint-disable header/header */
|
|
1583
1594
|
const name$1 = "@azure/msal-common";
|
|
1584
|
-
const version$1 = "16.
|
|
1595
|
+
const version$1 = "16.5.0";
|
|
1585
1596
|
|
|
1586
|
-
/*! @azure/msal-common v16.
|
|
1597
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1587
1598
|
/*
|
|
1588
1599
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1589
1600
|
* Licensed under the MIT License.
|
|
@@ -1603,7 +1614,7 @@ const AzureCloudInstance = {
|
|
|
1603
1614
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
1604
1615
|
};
|
|
1605
1616
|
|
|
1606
|
-
/*! @azure/msal-common v16.
|
|
1617
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1607
1618
|
/*
|
|
1608
1619
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1609
1620
|
* Licensed under the MIT License.
|
|
@@ -1685,7 +1696,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1685
1696
|
return updatedAccountInfo;
|
|
1686
1697
|
}
|
|
1687
1698
|
|
|
1688
|
-
/*! @azure/msal-common v16.
|
|
1699
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1689
1700
|
|
|
1690
1701
|
/*
|
|
1691
1702
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1765,7 +1776,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1765
1776
|
}
|
|
1766
1777
|
}
|
|
1767
1778
|
|
|
1768
|
-
/*! @azure/msal-common v16.
|
|
1779
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1769
1780
|
|
|
1770
1781
|
/*
|
|
1771
1782
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1922,7 +1933,7 @@ class UrlString {
|
|
|
1922
1933
|
}
|
|
1923
1934
|
}
|
|
1924
1935
|
|
|
1925
|
-
/*! @azure/msal-common v16.
|
|
1936
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
1926
1937
|
|
|
1927
1938
|
/*
|
|
1928
1939
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2079,7 +2090,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2079
2090
|
return null;
|
|
2080
2091
|
}
|
|
2081
2092
|
|
|
2082
|
-
/*! @azure/msal-common v16.
|
|
2093
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2083
2094
|
/*
|
|
2084
2095
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2085
2096
|
* Licensed under the MIT License.
|
|
@@ -2087,7 +2098,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2087
2098
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2088
2099
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2089
2100
|
|
|
2090
|
-
/*! @azure/msal-common v16.
|
|
2101
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2091
2102
|
|
|
2092
2103
|
/*
|
|
2093
2104
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2125,7 +2136,7 @@ function createCacheError(e) {
|
|
|
2125
2136
|
}
|
|
2126
2137
|
}
|
|
2127
2138
|
|
|
2128
|
-
/*! @azure/msal-common v16.
|
|
2139
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2129
2140
|
|
|
2130
2141
|
/*
|
|
2131
2142
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2163,7 +2174,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
2163
2174
|
};
|
|
2164
2175
|
}
|
|
2165
2176
|
|
|
2166
|
-
/*! @azure/msal-common v16.
|
|
2177
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2167
2178
|
/*
|
|
2168
2179
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2169
2180
|
* Licensed under the MIT License.
|
|
@@ -2178,7 +2189,7 @@ const AuthorityType = {
|
|
|
2178
2189
|
Ciam: 3,
|
|
2179
2190
|
};
|
|
2180
2191
|
|
|
2181
|
-
/*! @azure/msal-common v16.
|
|
2192
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2182
2193
|
/*
|
|
2183
2194
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2184
2195
|
* Licensed under the MIT License.
|
|
@@ -2200,7 +2211,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
2200
2211
|
return null;
|
|
2201
2212
|
}
|
|
2202
2213
|
|
|
2203
|
-
/*! @azure/msal-common v16.
|
|
2214
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2204
2215
|
/*
|
|
2205
2216
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2206
2217
|
* Licensed under the MIT License.
|
|
@@ -2224,7 +2235,7 @@ const ProtocolMode = {
|
|
|
2224
2235
|
EAR: "EAR",
|
|
2225
2236
|
};
|
|
2226
2237
|
|
|
2227
|
-
/*! @azure/msal-common v16.
|
|
2238
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2228
2239
|
/**
|
|
2229
2240
|
* Returns the AccountInfo interface for this account.
|
|
2230
2241
|
*/
|
|
@@ -2399,7 +2410,7 @@ function isAccountEntity(entity) {
|
|
|
2399
2410
|
entity.hasOwnProperty("authorityType"));
|
|
2400
2411
|
}
|
|
2401
2412
|
|
|
2402
|
-
/*! @azure/msal-common v16.
|
|
2413
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
2403
2414
|
|
|
2404
2415
|
/*
|
|
2405
2416
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3501,7 +3512,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3501
3512
|
}
|
|
3502
3513
|
}
|
|
3503
3514
|
|
|
3504
|
-
/*! @azure/msal-common v16.
|
|
3515
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3505
3516
|
/*
|
|
3506
3517
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3507
3518
|
* Licensed under the MIT License.
|
|
@@ -3552,7 +3563,7 @@ const IntFields = new Set([
|
|
|
3552
3563
|
"redirectBridgeMessageVersion",
|
|
3553
3564
|
]);
|
|
3554
3565
|
|
|
3555
|
-
/*! @azure/msal-common v16.
|
|
3566
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3556
3567
|
|
|
3557
3568
|
/*
|
|
3558
3569
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3607,7 +3618,7 @@ class StubPerformanceClient {
|
|
|
3607
3618
|
}
|
|
3608
3619
|
}
|
|
3609
3620
|
|
|
3610
|
-
/*! @azure/msal-common v16.
|
|
3621
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3611
3622
|
|
|
3612
3623
|
/*
|
|
3613
3624
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3702,7 +3713,7 @@ function isOidcProtocolMode(config) {
|
|
|
3702
3713
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3703
3714
|
}
|
|
3704
3715
|
|
|
3705
|
-
/*! @azure/msal-common v16.
|
|
3716
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3706
3717
|
/*
|
|
3707
3718
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3708
3719
|
* Licensed under the MIT License.
|
|
@@ -3729,7 +3740,7 @@ function isOidcProtocolMode(config) {
|
|
|
3729
3740
|
}
|
|
3730
3741
|
}
|
|
3731
3742
|
|
|
3732
|
-
/*! @azure/msal-common v16.
|
|
3743
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3733
3744
|
/*
|
|
3734
3745
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3735
3746
|
* Licensed under the MIT License.
|
|
@@ -3794,7 +3805,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
3794
3805
|
return cachedAtSec > nowSeconds();
|
|
3795
3806
|
}
|
|
3796
3807
|
|
|
3797
|
-
/*! @azure/msal-common v16.
|
|
3808
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
3798
3809
|
|
|
3799
3810
|
/*
|
|
3800
3811
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4053,7 +4064,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
4053
4064
|
return metadata.expiresAt <= nowSeconds();
|
|
4054
4065
|
}
|
|
4055
4066
|
|
|
4056
|
-
/*! @azure/msal-common v16.
|
|
4067
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4057
4068
|
/*
|
|
4058
4069
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4059
4070
|
* Licensed under the MIT License.
|
|
@@ -4124,7 +4135,7 @@ const RegionDiscoveryGetCurrentVersion = "regionDiscoveryGetCurrentVersion";
|
|
|
4124
4135
|
const CacheManagerGetRefreshToken = "cacheManagerGetRefreshToken";
|
|
4125
4136
|
const SetUserData = "setUserData";
|
|
4126
4137
|
|
|
4127
|
-
/*! @azure/msal-common v16.
|
|
4138
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4128
4139
|
/*
|
|
4129
4140
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4130
4141
|
* Licensed under the MIT License.
|
|
@@ -4217,7 +4228,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
4217
4228
|
};
|
|
4218
4229
|
};
|
|
4219
4230
|
|
|
4220
|
-
/*! @azure/msal-common v16.
|
|
4231
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4221
4232
|
|
|
4222
4233
|
/*
|
|
4223
4234
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4297,7 +4308,7 @@ class PopTokenGenerator {
|
|
|
4297
4308
|
}
|
|
4298
4309
|
}
|
|
4299
4310
|
|
|
4300
|
-
/*! @azure/msal-common v16.
|
|
4311
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4301
4312
|
/*
|
|
4302
4313
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4303
4314
|
* Licensed under the MIT License.
|
|
@@ -4361,7 +4372,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
4361
4372
|
uxNotAllowed: uxNotAllowed
|
|
4362
4373
|
});
|
|
4363
4374
|
|
|
4364
|
-
/*! @azure/msal-common v16.
|
|
4375
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4365
4376
|
|
|
4366
4377
|
/*
|
|
4367
4378
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4429,7 +4440,7 @@ function createInteractionRequiredAuthError(errorCode, errorMessage) {
|
|
|
4429
4440
|
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
4430
4441
|
}
|
|
4431
4442
|
|
|
4432
|
-
/*! @azure/msal-common v16.
|
|
4443
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4433
4444
|
|
|
4434
4445
|
/*
|
|
4435
4446
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4448,7 +4459,7 @@ class ServerError extends AuthError {
|
|
|
4448
4459
|
}
|
|
4449
4460
|
}
|
|
4450
4461
|
|
|
4451
|
-
/*! @azure/msal-common v16.
|
|
4462
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4452
4463
|
|
|
4453
4464
|
/*
|
|
4454
4465
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4516,7 +4527,7 @@ function parseRequestState(base64Decode, state) {
|
|
|
4516
4527
|
}
|
|
4517
4528
|
}
|
|
4518
4529
|
|
|
4519
|
-
/*! @azure/msal-common v16.
|
|
4530
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4520
4531
|
|
|
4521
4532
|
/*
|
|
4522
4533
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4864,7 +4875,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
4864
4875
|
return baseAccount;
|
|
4865
4876
|
}
|
|
4866
4877
|
|
|
4867
|
-
/*! @azure/msal-common v16.
|
|
4878
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4868
4879
|
/*
|
|
4869
4880
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4870
4881
|
* Licensed under the MIT License.
|
|
@@ -4874,7 +4885,7 @@ const CcsCredentialType = {
|
|
|
4874
4885
|
UPN: "UPN",
|
|
4875
4886
|
};
|
|
4876
4887
|
|
|
4877
|
-
/*! @azure/msal-common v16.
|
|
4888
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4878
4889
|
/*
|
|
4879
4890
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4880
4891
|
* Licensed under the MIT License.
|
|
@@ -4892,7 +4903,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
4892
4903
|
}
|
|
4893
4904
|
}
|
|
4894
4905
|
|
|
4895
|
-
/*! @azure/msal-common v16.
|
|
4906
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4896
4907
|
/*
|
|
4897
4908
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4898
4909
|
* Licensed under the MIT License.
|
|
@@ -4913,7 +4924,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
4913
4924
|
};
|
|
4914
4925
|
}
|
|
4915
4926
|
|
|
4916
|
-
/*! @azure/msal-common v16.
|
|
4927
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
4917
4928
|
|
|
4918
4929
|
/*
|
|
4919
4930
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4999,7 +5010,7 @@ class ThrottlingUtils {
|
|
|
4999
5010
|
}
|
|
5000
5011
|
}
|
|
5001
5012
|
|
|
5002
|
-
/*! @azure/msal-common v16.
|
|
5013
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
5003
5014
|
|
|
5004
5015
|
/*
|
|
5005
5016
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5030,7 +5041,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
5030
5041
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
5031
5042
|
}
|
|
5032
5043
|
|
|
5033
|
-
/*! @azure/msal-common v16.
|
|
5044
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
5034
5045
|
|
|
5035
5046
|
/*
|
|
5036
5047
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5144,7 +5155,7 @@ async function sendPostRequest(thumbprint, tokenEndpoint, options, correlationId
|
|
|
5144
5155
|
return response;
|
|
5145
5156
|
}
|
|
5146
5157
|
|
|
5147
|
-
/*! @azure/msal-common v16.
|
|
5158
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
5148
5159
|
/*
|
|
5149
5160
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5150
5161
|
* Licensed under the MIT License.
|
|
@@ -5156,7 +5167,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
5156
5167
|
response.hasOwnProperty("jwks_uri"));
|
|
5157
5168
|
}
|
|
5158
5169
|
|
|
5159
|
-
/*! @azure/msal-common v16.
|
|
5170
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
5160
5171
|
/*
|
|
5161
5172
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5162
5173
|
* Licensed under the MIT License.
|
|
@@ -5166,7 +5177,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
5166
5177
|
response.hasOwnProperty("metadata"));
|
|
5167
5178
|
}
|
|
5168
5179
|
|
|
5169
|
-
/*! @azure/msal-common v16.
|
|
5180
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
5170
5181
|
/*
|
|
5171
5182
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5172
5183
|
* Licensed under the MIT License.
|
|
@@ -5176,7 +5187,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
5176
5187
|
response.hasOwnProperty("error_description"));
|
|
5177
5188
|
}
|
|
5178
5189
|
|
|
5179
|
-
/*! @azure/msal-common v16.
|
|
5190
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
5180
5191
|
|
|
5181
5192
|
/*
|
|
5182
5193
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5281,7 +5292,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
5281
5292
|
},
|
|
5282
5293
|
};
|
|
5283
5294
|
|
|
5284
|
-
/*! @azure/msal-common v16.
|
|
5295
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
5285
5296
|
|
|
5286
5297
|
/*
|
|
5287
5298
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6101,7 +6112,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
6101
6112
|
};
|
|
6102
6113
|
}
|
|
6103
6114
|
|
|
6104
|
-
/*! @azure/msal-common v16.
|
|
6115
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6105
6116
|
|
|
6106
6117
|
/*
|
|
6107
6118
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6135,7 +6146,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
6135
6146
|
}
|
|
6136
6147
|
}
|
|
6137
6148
|
|
|
6138
|
-
/*! @azure/msal-common v16.
|
|
6149
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6139
6150
|
|
|
6140
6151
|
/*
|
|
6141
6152
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6300,11 +6311,6 @@ class AuthorizationCodeClient {
|
|
|
6300
6311
|
throw createClientConfigurationError(missingSshJwk);
|
|
6301
6312
|
}
|
|
6302
6313
|
}
|
|
6303
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6304
|
-
(this.config.authOptions.clientCapabilities &&
|
|
6305
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
6306
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
6307
|
-
}
|
|
6308
6314
|
let ccsCred = undefined;
|
|
6309
6315
|
if (request.clientInfo) {
|
|
6310
6316
|
try {
|
|
@@ -6353,6 +6359,7 @@ class AuthorizationCodeClient {
|
|
|
6353
6359
|
});
|
|
6354
6360
|
}
|
|
6355
6361
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
6362
|
+
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities, request.skipBrokerClaims);
|
|
6356
6363
|
return mapToQueryString(parameters);
|
|
6357
6364
|
}
|
|
6358
6365
|
/**
|
|
@@ -6396,7 +6403,7 @@ class AuthorizationCodeClient {
|
|
|
6396
6403
|
}
|
|
6397
6404
|
}
|
|
6398
6405
|
|
|
6399
|
-
/*! @azure/msal-common v16.
|
|
6406
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6400
6407
|
|
|
6401
6408
|
/*
|
|
6402
6409
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6586,11 +6593,6 @@ class RefreshTokenClient {
|
|
|
6586
6593
|
throw createClientConfigurationError(missingSshJwk);
|
|
6587
6594
|
}
|
|
6588
6595
|
}
|
|
6589
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6590
|
-
(this.config.authOptions.clientCapabilities &&
|
|
6591
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
6592
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
6593
|
-
}
|
|
6594
6596
|
if (this.config.systemOptions.preventCorsPreflight &&
|
|
6595
6597
|
request.ccsCredential) {
|
|
6596
6598
|
switch (request.ccsCredential.type) {
|
|
@@ -6617,11 +6619,12 @@ class RefreshTokenClient {
|
|
|
6617
6619
|
});
|
|
6618
6620
|
}
|
|
6619
6621
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
6622
|
+
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities, request.skipBrokerClaims);
|
|
6620
6623
|
return mapToQueryString(parameters);
|
|
6621
6624
|
}
|
|
6622
6625
|
}
|
|
6623
6626
|
|
|
6624
|
-
/*! @azure/msal-common v16.
|
|
6627
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6625
6628
|
|
|
6626
6629
|
/*
|
|
6627
6630
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6737,7 +6740,7 @@ class SilentFlowClient {
|
|
|
6737
6740
|
}
|
|
6738
6741
|
}
|
|
6739
6742
|
|
|
6740
|
-
/*! @azure/msal-common v16.
|
|
6743
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6741
6744
|
|
|
6742
6745
|
/*
|
|
6743
6746
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6752,7 +6755,7 @@ const StubbedNetworkModule = {
|
|
|
6752
6755
|
},
|
|
6753
6756
|
};
|
|
6754
6757
|
|
|
6755
|
-
/*! @azure/msal-common v16.
|
|
6758
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6756
6759
|
|
|
6757
6760
|
/*
|
|
6758
6761
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6876,14 +6879,10 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
|
|
|
6876
6879
|
if (request.state) {
|
|
6877
6880
|
addState(parameters, request.state);
|
|
6878
6881
|
}
|
|
6879
|
-
if (request.claims ||
|
|
6880
|
-
(authOptions.clientCapabilities &&
|
|
6881
|
-
authOptions.clientCapabilities.length > 0)) {
|
|
6882
|
-
addClaims(parameters, request.claims, authOptions.clientCapabilities);
|
|
6883
|
-
}
|
|
6884
6882
|
if (request.embeddedClientId) {
|
|
6885
6883
|
addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
|
|
6886
6884
|
}
|
|
6885
|
+
addClaims(parameters, request.claims, authOptions.clientCapabilities, request.skipBrokerClaims);
|
|
6887
6886
|
// If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
|
|
6888
6887
|
if (authOptions.instanceAware &&
|
|
6889
6888
|
(!request.extraQueryParameters ||
|
|
@@ -6979,7 +6978,7 @@ function extractLoginHint(account) {
|
|
|
6979
6978
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
6980
6979
|
}
|
|
6981
6980
|
|
|
6982
|
-
/*! @azure/msal-common v16.
|
|
6981
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
6983
6982
|
|
|
6984
6983
|
/*
|
|
6985
6984
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7012,7 +7011,7 @@ function containsResourceParam(params) {
|
|
|
7012
7011
|
return Object.prototype.hasOwnProperty.call(params, "resource");
|
|
7013
7012
|
}
|
|
7014
7013
|
|
|
7015
|
-
/*! @azure/msal-common v16.
|
|
7014
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
7016
7015
|
|
|
7017
7016
|
/*
|
|
7018
7017
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7070,7 +7069,7 @@ class AuthenticationHeaderParser {
|
|
|
7070
7069
|
}
|
|
7071
7070
|
}
|
|
7072
7071
|
|
|
7073
|
-
/*! @azure/msal-common v16.
|
|
7072
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
7074
7073
|
/*
|
|
7075
7074
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7076
7075
|
* Licensed under the MIT License.
|
|
@@ -7087,7 +7086,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
7087
7086
|
unexpectedError: unexpectedError
|
|
7088
7087
|
});
|
|
7089
7088
|
|
|
7090
|
-
/*! @azure/msal-common v16.
|
|
7089
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
7091
7090
|
|
|
7092
7091
|
/*
|
|
7093
7092
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7348,7 +7347,7 @@ class ServerTelemetryManager {
|
|
|
7348
7347
|
}
|
|
7349
7348
|
}
|
|
7350
7349
|
|
|
7351
|
-
/*! @azure/msal-common v16.
|
|
7350
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
7352
7351
|
|
|
7353
7352
|
/*
|
|
7354
7353
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7369,7 +7368,7 @@ function createJoseHeaderError(code) {
|
|
|
7369
7368
|
return new JoseHeaderError(code);
|
|
7370
7369
|
}
|
|
7371
7370
|
|
|
7372
|
-
/*! @azure/msal-common v16.
|
|
7371
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
7373
7372
|
/*
|
|
7374
7373
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7375
7374
|
* Licensed under the MIT License.
|
|
@@ -7377,7 +7376,7 @@ function createJoseHeaderError(code) {
|
|
|
7377
7376
|
const missingKidError = "missing_kid_error";
|
|
7378
7377
|
const missingAlgError = "missing_alg_error";
|
|
7379
7378
|
|
|
7380
|
-
/*! @azure/msal-common v16.
|
|
7379
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
7381
7380
|
|
|
7382
7381
|
/*
|
|
7383
7382
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7417,7 +7416,7 @@ class JoseHeader {
|
|
|
7417
7416
|
}
|
|
7418
7417
|
}
|
|
7419
7418
|
|
|
7420
|
-
/*! @azure/msal-common v16.
|
|
7419
|
+
/*! @azure/msal-common v16.5.0 2026-04-16 */
|
|
7421
7420
|
|
|
7422
7421
|
/*
|
|
7423
7422
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8002,6 +8001,7 @@ const StandardInteractionClientGetDiscoveredAuthority = "standardInteractionClie
|
|
|
8002
8001
|
* Used to acquire a token from Native component when native brokering is enabled.
|
|
8003
8002
|
*/
|
|
8004
8003
|
const NativeInteractionClientAcquireToken = "nativeInteractionClientAcquireToken";
|
|
8004
|
+
const NativeInteractionClientAcquireTokenRedirect = "nativeInteractionClientAcquireToken";
|
|
8005
8005
|
/**
|
|
8006
8006
|
* acquireTokenByRefreshToken API in RefreshTokenClient (msal-common).
|
|
8007
8007
|
*/
|
|
@@ -8075,7 +8075,7 @@ const LoadRefreshToken = "loadRefreshToken";
|
|
|
8075
8075
|
* Background telemetry measurement that tracks whether a late bridge response
|
|
8076
8076
|
* arrives after the iframe timeout has already fired.
|
|
8077
8077
|
*/
|
|
8078
|
-
const WaitForBridgeLateResponse = "waitForBridgeLateResponse";
|
|
8078
|
+
const WaitForBridgeLateResponse$1 = "waitForBridgeLateResponse";
|
|
8079
8079
|
|
|
8080
8080
|
/*
|
|
8081
8081
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -9001,7 +9001,7 @@ async function waitForBridgeResponse(timeoutMs, logger, browserCrypto, request,
|
|
|
9001
9001
|
// Clear the active monitor
|
|
9002
9002
|
activeBridgeMonitor = null;
|
|
9003
9003
|
if (experimentalConfig?.iframeTimeoutTelemetry) {
|
|
9004
|
-
lateMeasurement = performanceClient.startMeasurement(WaitForBridgeLateResponse, correlationId);
|
|
9004
|
+
lateMeasurement = performanceClient.startMeasurement(WaitForBridgeLateResponse$1, correlationId);
|
|
9005
9005
|
timedOut$1 = true;
|
|
9006
9006
|
lateTimeoutId = window.setTimeout(() => {
|
|
9007
9007
|
lateMeasurement?.end({ success: false });
|
|
@@ -9802,7 +9802,14 @@ const InitializeClientApplication = "initializeClientApplication";
|
|
|
9802
9802
|
// Update cache storage
|
|
9803
9803
|
const LocalStorageUpdated = "localStorageUpdated";
|
|
9804
9804
|
// Load external tokens
|
|
9805
|
-
const LoadExternalTokens = "loadExternalTokens";
|
|
9805
|
+
const LoadExternalTokens = "loadExternalTokens";
|
|
9806
|
+
/**
|
|
9807
|
+
* SSO capability verification call (msal-browser).
|
|
9808
|
+
* Fire-and-forget SSO verification call made after interactive authentication completes.
|
|
9809
|
+
*/
|
|
9810
|
+
const SsoCapable = "ssoCapable";
|
|
9811
|
+
// Wait for late response from bridge after timeout has already occurred
|
|
9812
|
+
const WaitForBridgeLateResponse = "waitForBridgeLateResponse";
|
|
9806
9813
|
|
|
9807
9814
|
var BrowserRootPerformanceEvents = /*#__PURE__*/Object.freeze({
|
|
9808
9815
|
__proto__: null,
|
|
@@ -9814,7 +9821,9 @@ var BrowserRootPerformanceEvents = /*#__PURE__*/Object.freeze({
|
|
|
9814
9821
|
InitializeClientApplication: InitializeClientApplication,
|
|
9815
9822
|
LoadExternalTokens: LoadExternalTokens,
|
|
9816
9823
|
LocalStorageUpdated: LocalStorageUpdated,
|
|
9817
|
-
|
|
9824
|
+
SsoCapable: SsoCapable,
|
|
9825
|
+
SsoSilent: SsoSilent,
|
|
9826
|
+
WaitForBridgeLateResponse: WaitForBridgeLateResponse
|
|
9818
9827
|
});
|
|
9819
9828
|
|
|
9820
9829
|
/*
|
|
@@ -9833,6 +9842,7 @@ const PLATFORM_AUTH_DOM_SUPPORT = `${PREFIX}.${BROWSER_PREFIX}.platform.auth.dom
|
|
|
9833
9842
|
const VERSION_CACHE_KEY = `${PREFIX}.version`;
|
|
9834
9843
|
const ACCOUNT_KEYS = "account.keys";
|
|
9835
9844
|
const TOKEN_KEYS = "token.keys";
|
|
9845
|
+
const SSO_CAPABLE = `${PREFIX}.${BROWSER_PREFIX}.sso.capable`;
|
|
9836
9846
|
function getAccountKeysCacheKey(schema = ACCOUNT_SCHEMA_VERSION) {
|
|
9837
9847
|
if (schema < 1) {
|
|
9838
9848
|
return `${PREFIX}.${ACCOUNT_KEYS}`;
|
|
@@ -10331,7 +10341,7 @@ const EventType = {
|
|
|
10331
10341
|
|
|
10332
10342
|
/* eslint-disable header/header */
|
|
10333
10343
|
const name = "@azure/msal-browser";
|
|
10334
|
-
const version = "5.
|
|
10344
|
+
const version = "5.7.0";
|
|
10335
10345
|
|
|
10336
10346
|
/*
|
|
10337
10347
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -12434,7 +12444,6 @@ const unsupportedMethod = "unsupported_method";
|
|
|
12434
12444
|
const USER_INTERACTION_REQUIRED = "USER_INTERACTION_REQUIRED";
|
|
12435
12445
|
const USER_CANCEL = "USER_CANCEL";
|
|
12436
12446
|
const NO_NETWORK = "NO_NETWORK";
|
|
12437
|
-
const PERSISTENT_ERROR = "PERSISTENT_ERROR";
|
|
12438
12447
|
const DISABLED = "DISABLED";
|
|
12439
12448
|
const ACCOUNT_UNAVAILABLE = "ACCOUNT_UNAVAILABLE";
|
|
12440
12449
|
const UX_NOT_ALLOWED = "UX_NOT_ALLOWED";
|
|
@@ -12458,8 +12467,7 @@ class NativeAuthError extends AuthError {
|
|
|
12458
12467
|
function isFatalNativeAuthError(error) {
|
|
12459
12468
|
if (error.ext &&
|
|
12460
12469
|
error.ext.status &&
|
|
12461
|
-
|
|
12462
|
-
error.ext.status === DISABLED)) {
|
|
12470
|
+
error.ext.status === DISABLED) {
|
|
12463
12471
|
return true;
|
|
12464
12472
|
}
|
|
12465
12473
|
if (error.ext &&
|
|
@@ -12585,12 +12593,12 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
12585
12593
|
async acquireToken(request, cacheLookupPolicy) {
|
|
12586
12594
|
this.logger.trace("03qeos", this.correlationId);
|
|
12587
12595
|
// start the perf measurement
|
|
12588
|
-
const nativeATMeasurement = this.performanceClient.startMeasurement(NativeInteractionClientAcquireToken,
|
|
12596
|
+
const nativeATMeasurement = this.performanceClient.startMeasurement(NativeInteractionClientAcquireToken, this.correlationId);
|
|
12589
12597
|
const reqTimestamp = nowSeconds();
|
|
12590
12598
|
const serverTelemetryManager = initializeServerTelemetryManager(this.apiId, this.config.auth.clientId, this.correlationId, this.browserStorage, this.logger);
|
|
12591
12599
|
try {
|
|
12592
12600
|
// initialize native request
|
|
12593
|
-
const nativeRequest = await this.
|
|
12601
|
+
const nativeRequest = await this.initializePlatformRequest(request);
|
|
12594
12602
|
// check if the tokens can be retrieved from internal cache
|
|
12595
12603
|
try {
|
|
12596
12604
|
const result = await this.acquireTokensFromCache(this.accountId, nativeRequest);
|
|
@@ -12604,6 +12612,10 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
12604
12612
|
catch (e) {
|
|
12605
12613
|
if (cacheLookupPolicy === CacheLookupPolicy.AccessToken) {
|
|
12606
12614
|
this.logger.info("0eitbc", this.correlationId);
|
|
12615
|
+
nativeATMeasurement.end({
|
|
12616
|
+
success: false,
|
|
12617
|
+
brokerErrorCode: "cache_request_failed",
|
|
12618
|
+
});
|
|
12607
12619
|
throw e;
|
|
12608
12620
|
}
|
|
12609
12621
|
// continue with a native call for any and all errors
|
|
@@ -12625,7 +12637,6 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
12625
12637
|
success: false,
|
|
12626
12638
|
errorCode: error.errorCode,
|
|
12627
12639
|
subErrorCode: error.subError,
|
|
12628
|
-
isNativeBroker: true,
|
|
12629
12640
|
});
|
|
12630
12641
|
throw error;
|
|
12631
12642
|
});
|
|
@@ -12634,6 +12645,9 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
12634
12645
|
if (e instanceof NativeAuthError) {
|
|
12635
12646
|
serverTelemetryManager.setNativeBrokerErrorCode(e.errorCode);
|
|
12636
12647
|
}
|
|
12648
|
+
nativeATMeasurement.end({
|
|
12649
|
+
success: false,
|
|
12650
|
+
});
|
|
12637
12651
|
throw e;
|
|
12638
12652
|
}
|
|
12639
12653
|
}
|
|
@@ -12666,7 +12680,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
12666
12680
|
// fetch the account from browser cache
|
|
12667
12681
|
const account = this.browserStorage.getBaseAccountInfo({
|
|
12668
12682
|
nativeAccountId,
|
|
12669
|
-
},
|
|
12683
|
+
}, this.correlationId);
|
|
12670
12684
|
if (!account) {
|
|
12671
12685
|
throw createClientAuthError(noAccountFound);
|
|
12672
12686
|
}
|
|
@@ -12696,7 +12710,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
12696
12710
|
*/
|
|
12697
12711
|
async acquireTokenRedirect(request, rootMeasurement, options) {
|
|
12698
12712
|
this.logger.trace("0luikq", this.correlationId);
|
|
12699
|
-
const nativeRequest = await this.
|
|
12713
|
+
const nativeRequest = await this.initializePlatformRequest(request);
|
|
12700
12714
|
const navigateToLoginRequestUrl = options?.navigateToLoginRequestUrl ?? true;
|
|
12701
12715
|
try {
|
|
12702
12716
|
await this.platformAuthProvider.sendMessage(nativeRequest);
|
|
@@ -12728,7 +12742,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
12728
12742
|
* @param performanceClient {IPerformanceClient?}
|
|
12729
12743
|
* @param correlationId {string?} correlation identifier
|
|
12730
12744
|
*/
|
|
12731
|
-
async handleRedirectPromise(
|
|
12745
|
+
async handleRedirectPromise() {
|
|
12732
12746
|
this.logger.trace("1c5lhw", this.correlationId);
|
|
12733
12747
|
if (!this.browserStorage.isInteractionInProgress(true)) {
|
|
12734
12748
|
this.logger.info("0le6uv", this.correlationId);
|
|
@@ -12738,9 +12752,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
12738
12752
|
const cachedRequest = this.browserStorage.getCachedNativeRequest();
|
|
12739
12753
|
if (!cachedRequest) {
|
|
12740
12754
|
this.logger.verbose("0a6zjb", this.correlationId);
|
|
12741
|
-
|
|
12742
|
-
performanceClient?.addFields({ errorCode: "no_cached_request" }, correlationId);
|
|
12743
|
-
}
|
|
12755
|
+
this.performanceClient?.addFields({ errorCode: "no_cached_request" }, this.correlationId);
|
|
12744
12756
|
return null;
|
|
12745
12757
|
}
|
|
12746
12758
|
const { prompt, ...request } = cachedRequest;
|
|
@@ -12755,6 +12767,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
12755
12767
|
const authResult = await this.handleNativeResponse(response, request, reqTimestamp);
|
|
12756
12768
|
const serverTelemetryManager = initializeServerTelemetryManager(this.apiId, this.config.auth.clientId, this.correlationId, this.browserStorage, this.logger);
|
|
12757
12769
|
serverTelemetryManager.clearNativeBrokerErrorCode();
|
|
12770
|
+
this.performanceClient?.addFields({ isNativeBroker: true }, this.correlationId);
|
|
12758
12771
|
return authResult;
|
|
12759
12772
|
}
|
|
12760
12773
|
catch (e) {
|
|
@@ -13023,15 +13036,23 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
13023
13036
|
* Translates developer provided request object into NativeRequest object
|
|
13024
13037
|
* @param request
|
|
13025
13038
|
*/
|
|
13026
|
-
async
|
|
13027
|
-
this.logger.trace("
|
|
13039
|
+
async initializePlatformRequest(request) {
|
|
13040
|
+
this.logger.trace("1xdm2a", this.correlationId);
|
|
13028
13041
|
const canonicalAuthority = await this.getCanonicalAuthority(request);
|
|
13042
|
+
// ignore config claims if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
13043
|
+
const configClaims = request.skipBrokerClaims && !!request.embeddedClientId
|
|
13044
|
+
? undefined
|
|
13045
|
+
: this.config.auth.clientCapabilities;
|
|
13029
13046
|
// scopes are expected to be received by the native broker as "scope" and will be added to the request below. Other properties that should be dropped from the request to the native broker can be included in the object destructuring here.
|
|
13030
|
-
const { scopes, ...remainingProperties } = request;
|
|
13047
|
+
const { scopes, claims, ...remainingProperties } = request;
|
|
13031
13048
|
const scopeSet = new ScopeSet(scopes || []);
|
|
13032
13049
|
scopeSet.appendScopes(OIDC_DEFAULT_SCOPES$1);
|
|
13050
|
+
const mergedClaims = configClaims && configClaims.length
|
|
13051
|
+
? addClientCapabilitiesToClaims$1(claims, configClaims)
|
|
13052
|
+
: claims;
|
|
13033
13053
|
const validatedRequest = {
|
|
13034
13054
|
...remainingProperties,
|
|
13055
|
+
claims: mergedClaims,
|
|
13035
13056
|
accountId: this.accountId,
|
|
13036
13057
|
clientId: this.config.auth.clientId,
|
|
13037
13058
|
authority: canonicalAuthority.urlString,
|
|
@@ -13101,12 +13122,12 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
13101
13122
|
switch (this.apiId) {
|
|
13102
13123
|
case ApiId.ssoSilent:
|
|
13103
13124
|
case ApiId.acquireTokenSilent_silentFlow:
|
|
13104
|
-
this.logger.trace("
|
|
13125
|
+
this.logger.trace("12n1y2", this.correlationId);
|
|
13105
13126
|
return PromptValue$1.NONE;
|
|
13106
13127
|
}
|
|
13107
13128
|
// Prompt not provided, request may proceed and native broker decides if it needs to prompt
|
|
13108
13129
|
if (!prompt) {
|
|
13109
|
-
this.logger.trace("
|
|
13130
|
+
this.logger.trace("0uid1p", this.correlationId);
|
|
13110
13131
|
return undefined;
|
|
13111
13132
|
}
|
|
13112
13133
|
// If request is interactive, check if prompt provided is allowed to go directly to native broker
|
|
@@ -13114,10 +13135,10 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
13114
13135
|
case PromptValue$1.NONE:
|
|
13115
13136
|
case PromptValue$1.CONSENT:
|
|
13116
13137
|
case PromptValue$1.LOGIN:
|
|
13117
|
-
this.logger.trace("
|
|
13138
|
+
this.logger.trace("0i0hco", this.correlationId);
|
|
13118
13139
|
return prompt;
|
|
13119
13140
|
default:
|
|
13120
|
-
this.logger.trace("
|
|
13141
|
+
this.logger.trace("0w3tpw", this.correlationId);
|
|
13121
13142
|
throw createBrowserAuthError(nativePromptNotSupported);
|
|
13122
13143
|
}
|
|
13123
13144
|
}
|
|
@@ -13153,7 +13174,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
13153
13174
|
this.performanceClient?.addFields({
|
|
13154
13175
|
embeddedClientId: child_client_id,
|
|
13155
13176
|
embeddedRedirectUri: child_redirect_uri,
|
|
13156
|
-
},
|
|
13177
|
+
}, this.correlationId);
|
|
13157
13178
|
}
|
|
13158
13179
|
}
|
|
13159
13180
|
|
|
@@ -13240,6 +13261,10 @@ async function getStandardParameters(config, authority, request, logger, perform
|
|
|
13240
13261
|
if (request.platformBroker) {
|
|
13241
13262
|
// signal ests that this is a WAM call
|
|
13242
13263
|
addNativeBroker(parameters);
|
|
13264
|
+
// instrument JS-platform bridge specific fields
|
|
13265
|
+
performanceClient.addFields({
|
|
13266
|
+
isPlatformAuthorizeRequest: true,
|
|
13267
|
+
}, request.correlationId);
|
|
13243
13268
|
// pass the req_cnf for POP
|
|
13244
13269
|
if (request.authenticationScheme === AuthenticationScheme$1.POP) {
|
|
13245
13270
|
const cryptoOps = new CryptoOps(logger, performanceClient);
|
|
@@ -13709,6 +13734,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
13709
13734
|
},
|
|
13710
13735
|
instanceAware: false,
|
|
13711
13736
|
isMcp: false,
|
|
13737
|
+
verifySSO: false,
|
|
13712
13738
|
};
|
|
13713
13739
|
// Default cache options for browser
|
|
13714
13740
|
const DEFAULT_CACHE_OPTIONS = {
|
|
@@ -14261,7 +14287,7 @@ function isDomEnabledForPlatformAuth() {
|
|
|
14261
14287
|
}
|
|
14262
14288
|
}
|
|
14263
14289
|
/**
|
|
14264
|
-
* Returns boolean indicating whether or not the request should attempt to use
|
|
14290
|
+
* Returns boolean indicating whether or not the request should attempt to use platform broker
|
|
14265
14291
|
* @param logger
|
|
14266
14292
|
* @param config
|
|
14267
14293
|
* @param correlationId
|
|
@@ -14543,6 +14569,10 @@ class PopupClient extends StandardInteractionClient {
|
|
|
14543
14569
|
return;
|
|
14544
14570
|
}
|
|
14545
14571
|
}
|
|
14572
|
+
// Redirect bridge requires "state" param to work properly
|
|
14573
|
+
validRequest.state = setRequestState(this.browserCrypto, validRequest.state || "", {
|
|
14574
|
+
interactionType: exports.InteractionType.Popup,
|
|
14575
|
+
});
|
|
14546
14576
|
// Create logout string and navigate user window to logout.
|
|
14547
14577
|
const logoutUri = authClient.getLogoutUri(validRequest);
|
|
14548
14578
|
this.eventHandler.emitEvent(EventType.LOGOUT_SUCCESS, validRequest.correlationId, exports.InteractionType.Popup, validRequest);
|
|
@@ -15083,6 +15113,10 @@ class RedirectClient extends StandardInteractionClient {
|
|
|
15083
15113
|
}
|
|
15084
15114
|
}
|
|
15085
15115
|
}
|
|
15116
|
+
// Redirect bridge requires "state" param to work properly
|
|
15117
|
+
validLogoutRequest.state = setRequestState(this.browserCrypto, validLogoutRequest.state || "", {
|
|
15118
|
+
interactionType: exports.InteractionType.Redirect,
|
|
15119
|
+
});
|
|
15086
15120
|
// Create logout string and navigate user window to logout.
|
|
15087
15121
|
const logoutUri = authClient.getLogoutUri(validLogoutRequest);
|
|
15088
15122
|
if (validLogoutRequest.account?.homeAccountId) {
|
|
@@ -15331,6 +15365,38 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
15331
15365
|
return invokeAsync(handleResponseEAR, HandleResponseEar, this.logger, this.performanceClient, correlationId)(silentRequest, serverParams, this.apiId, this.config, discoveredAuthority, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15332
15366
|
}
|
|
15333
15367
|
}
|
|
15368
|
+
/**
|
|
15369
|
+
* Verifies SSO capability by making an iframe request to /authorize without exchanging the code for tokens.
|
|
15370
|
+
* This is useful for verifying SSO capability in the background without the overhead of a full token exchange.
|
|
15371
|
+
* @param request - The SSO silent request
|
|
15372
|
+
* @returns true if SSO verification was successful with a valid authorization code, false otherwise
|
|
15373
|
+
*/
|
|
15374
|
+
async verifySso(request) {
|
|
15375
|
+
const inputRequest = { ...request };
|
|
15376
|
+
if (!inputRequest.prompt) {
|
|
15377
|
+
inputRequest.prompt = PromptValue$1.NONE;
|
|
15378
|
+
}
|
|
15379
|
+
// Create silent request
|
|
15380
|
+
const silentRequest = await invokeAsync(initializeAuthorizationRequest, StandardInteractionClientInitializeAuthorizationRequest, this.logger, this.performanceClient, this.correlationId)(inputRequest, exports.InteractionType.Silent, this.config, this.browserCrypto, this.browserStorage, this.logger, this.performanceClient, this.correlationId);
|
|
15381
|
+
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, this.correlationId)({
|
|
15382
|
+
serverTelemetryManager: initializeServerTelemetryManager(this.apiId, this.config.auth.clientId, this.correlationId, this.browserStorage, this.logger),
|
|
15383
|
+
requestAuthority: silentRequest.authority,
|
|
15384
|
+
requestAzureCloudOptions: silentRequest.azureCloudOptions,
|
|
15385
|
+
requestExtraQueryParameters: silentRequest.extraQueryParameters,
|
|
15386
|
+
account: silentRequest.account,
|
|
15387
|
+
});
|
|
15388
|
+
const { serverParams } = await this.silentAuthorizeHelper(authClient, silentRequest);
|
|
15389
|
+
const correlationId = silentRequest.correlationId;
|
|
15390
|
+
// Validate the response - this checks for errors and validates state
|
|
15391
|
+
validateAuthorizationResponse(serverParams, silentRequest.state);
|
|
15392
|
+
// Verify a valid authorization code is present
|
|
15393
|
+
if (!serverParams.code) {
|
|
15394
|
+
this.logger.warning("0y34ti", correlationId);
|
|
15395
|
+
return false;
|
|
15396
|
+
}
|
|
15397
|
+
this.logger.verbose("0kkkcj", correlationId);
|
|
15398
|
+
return true;
|
|
15399
|
+
}
|
|
15334
15400
|
/**
|
|
15335
15401
|
* Currently Unsupported
|
|
15336
15402
|
*/
|
|
@@ -15345,6 +15411,16 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
15345
15411
|
* @param userRequestScopes
|
|
15346
15412
|
*/
|
|
15347
15413
|
async silentTokenHelper(authClient, request) {
|
|
15414
|
+
const { serverParams, pkceCodes } = await this.silentAuthorizeHelper(authClient, request);
|
|
15415
|
+
return invokeAsync(handleResponseCode, HandleResponseCode, this.logger, this.performanceClient, request.correlationId)(request, serverParams, pkceCodes.verifier, this.apiId, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15416
|
+
}
|
|
15417
|
+
/**
|
|
15418
|
+
* Shared helper that generates PKCE codes, builds the /authorize URL,
|
|
15419
|
+
* loads it in a hidden iframe, waits for the redirect-bridge response,
|
|
15420
|
+
* and returns the deserialized server parameters along with the PKCE codes
|
|
15421
|
+
* and the request that was sent.
|
|
15422
|
+
*/
|
|
15423
|
+
async silentAuthorizeHelper(authClient, request) {
|
|
15348
15424
|
const correlationId = request.correlationId;
|
|
15349
15425
|
const pkceCodes = await invokeAsync(generatePkceCodes, GeneratePkceCodes, this.logger, this.performanceClient, correlationId)(this.performanceClient, this.logger, correlationId);
|
|
15350
15426
|
const silentRequest = {
|
|
@@ -15371,7 +15447,7 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
15371
15447
|
invoke(removeHiddenIframe, RemoveHiddenIframe, this.logger, this.performanceClient, correlationId)(iframe);
|
|
15372
15448
|
}
|
|
15373
15449
|
const serverParams = invoke(deserializeResponse, DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger, this.correlationId);
|
|
15374
|
-
return
|
|
15450
|
+
return { serverParams, pkceCodes, silentRequest };
|
|
15375
15451
|
}
|
|
15376
15452
|
}
|
|
15377
15453
|
|
|
@@ -15750,22 +15826,25 @@ class StandardController {
|
|
|
15750
15826
|
}
|
|
15751
15827
|
const loggedInAccounts = this.getAllAccounts();
|
|
15752
15828
|
const platformBrokerRequest = this.browserStorage.getCachedNativeRequest();
|
|
15753
|
-
const useNative = platformBrokerRequest &&
|
|
15754
|
-
this.platformAuthProvider &&
|
|
15755
|
-
!options?.hash;
|
|
15829
|
+
const useNative = platformBrokerRequest && !options?.hash;
|
|
15756
15830
|
let rootMeasurement;
|
|
15757
15831
|
let redirectResponse;
|
|
15832
|
+
let cachedRedirectRequest;
|
|
15758
15833
|
try {
|
|
15759
15834
|
if (useNative && this.platformAuthProvider) {
|
|
15760
15835
|
const correlationId = platformBrokerRequest?.correlationId || "";
|
|
15761
15836
|
this.eventHandler.emitEvent(EventType.HANDLE_REDIRECT_START, correlationId, exports.InteractionType.Redirect);
|
|
15762
15837
|
rootMeasurement = this.performanceClient.startMeasurement(AcquireTokenRedirect, correlationId);
|
|
15763
15838
|
this.logger.trace("12v7is", correlationId);
|
|
15839
|
+
rootMeasurement.add({
|
|
15840
|
+
isPlatformBrokerRequest: true,
|
|
15841
|
+
});
|
|
15764
15842
|
const nativeClient = new PlatformAuthInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.handleRedirectPromise, this.performanceClient, this.platformAuthProvider, platformBrokerRequest.accountId, this.nativeInternalStorage, platformBrokerRequest.correlationId);
|
|
15765
|
-
redirectResponse = invokeAsync(nativeClient.handleRedirectPromise.bind(nativeClient), HandleNativeRedirectPromiseMeasurement, this.logger, this.performanceClient, rootMeasurement.event.correlationId)(
|
|
15843
|
+
redirectResponse = invokeAsync(nativeClient.handleRedirectPromise.bind(nativeClient), HandleNativeRedirectPromiseMeasurement, this.logger, this.performanceClient, rootMeasurement.event.correlationId)();
|
|
15766
15844
|
}
|
|
15767
15845
|
else {
|
|
15768
15846
|
const [standardRequest, codeVerifier] = this.browserStorage.getCachedRequest("");
|
|
15847
|
+
cachedRedirectRequest = standardRequest;
|
|
15769
15848
|
const correlationId = standardRequest.correlationId;
|
|
15770
15849
|
this.eventHandler.emitEvent(EventType.HANDLE_REDIRECT_START, correlationId, exports.InteractionType.Redirect);
|
|
15771
15850
|
// Reset rootMeasurement now that we have correlationId
|
|
@@ -15794,6 +15873,8 @@ class StandardController {
|
|
|
15794
15873
|
rootMeasurement.end({
|
|
15795
15874
|
success: true,
|
|
15796
15875
|
}, undefined, result.account);
|
|
15876
|
+
// Fire-and-forget SSO capability verification in background
|
|
15877
|
+
this.verifySsoCapability(cachedRedirectRequest, exports.InteractionType.Redirect);
|
|
15797
15878
|
}
|
|
15798
15879
|
else {
|
|
15799
15880
|
/*
|
|
@@ -15859,12 +15940,14 @@ class StandardController {
|
|
|
15859
15940
|
if (this.platformAuthProvider &&
|
|
15860
15941
|
this.canUsePlatformBroker(request)) {
|
|
15861
15942
|
const nativeClient = new PlatformAuthInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.acquireTokenRedirect, this.performanceClient, this.platformAuthProvider, this.getNativeAccountId(request), this.nativeInternalStorage, correlationId);
|
|
15862
|
-
result = nativeClient
|
|
15863
|
-
.
|
|
15864
|
-
|
|
15943
|
+
result = invokeAsync(nativeClient.acquireTokenRedirect.bind(nativeClient), NativeInteractionClientAcquireTokenRedirect, this.logger, this.performanceClient, correlationId)(request, atrMeasurement).catch((e) => {
|
|
15944
|
+
atrMeasurement.add({
|
|
15945
|
+
brokerErrorName: e.name,
|
|
15946
|
+
brokerErrorCode: e.errorCode,
|
|
15947
|
+
});
|
|
15865
15948
|
if (e instanceof NativeAuthError &&
|
|
15866
15949
|
isFatalNativeAuthError(e)) {
|
|
15867
|
-
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
|
|
15950
|
+
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt platform broker calls
|
|
15868
15951
|
const redirectClient = this.createRedirectClient(correlationId);
|
|
15869
15952
|
return redirectClient.acquireToken(request);
|
|
15870
15953
|
}
|
|
@@ -15930,6 +16013,9 @@ class StandardController {
|
|
|
15930
16013
|
let result;
|
|
15931
16014
|
const pkce = this.getPreGeneratedPkceCodes(correlationId);
|
|
15932
16015
|
if (this.canUsePlatformBroker(request)) {
|
|
16016
|
+
atPopupMeasurement.add({
|
|
16017
|
+
isPlatformBrokerRequest: true,
|
|
16018
|
+
});
|
|
15933
16019
|
result = this.acquireTokenNative({
|
|
15934
16020
|
...request,
|
|
15935
16021
|
correlationId,
|
|
@@ -15942,9 +16028,13 @@ class StandardController {
|
|
|
15942
16028
|
return response;
|
|
15943
16029
|
})
|
|
15944
16030
|
.catch((e) => {
|
|
16031
|
+
atPopupMeasurement.add({
|
|
16032
|
+
brokerErrorName: e.name,
|
|
16033
|
+
brokerErrorCode: e.errorCode,
|
|
16034
|
+
});
|
|
15945
16035
|
if (e instanceof NativeAuthError &&
|
|
15946
16036
|
isFatalNativeAuthError(e)) {
|
|
15947
|
-
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
|
|
16037
|
+
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt platform broker calls
|
|
15948
16038
|
const popupClient = this.createPopupClient(correlationId);
|
|
15949
16039
|
return popupClient.acquireToken(request, pkce);
|
|
15950
16040
|
}
|
|
@@ -15975,6 +16065,8 @@ class StandardController {
|
|
|
15975
16065
|
accessTokenSize: result.accessToken.length,
|
|
15976
16066
|
idTokenSize: result.idToken.length,
|
|
15977
16067
|
}, undefined, result.account);
|
|
16068
|
+
// SSO capability verification in background
|
|
16069
|
+
this.verifySsoCapability(request, exports.InteractionType.Popup);
|
|
15978
16070
|
return result;
|
|
15979
16071
|
})
|
|
15980
16072
|
.catch((e) => {
|
|
@@ -16027,6 +16119,103 @@ class StandardController {
|
|
|
16027
16119
|
window.removeEventListener("online", listener);
|
|
16028
16120
|
window.removeEventListener("offline", listener);
|
|
16029
16121
|
}
|
|
16122
|
+
/**
|
|
16123
|
+
* Reads the cached ssoCapable value from localStorage.
|
|
16124
|
+
* @returns The cached ssoCapable boolean value, or undefined if not cached or expired.
|
|
16125
|
+
*/
|
|
16126
|
+
getCachedSsoCapable() {
|
|
16127
|
+
try {
|
|
16128
|
+
const cachedValue = window.localStorage.getItem(SSO_CAPABLE);
|
|
16129
|
+
if (cachedValue) {
|
|
16130
|
+
const parsed = JSON.parse(cachedValue);
|
|
16131
|
+
if (parsed &&
|
|
16132
|
+
typeof parsed.ssoCapable === "boolean" &&
|
|
16133
|
+
parsed.expiresOn &&
|
|
16134
|
+
Date.now() < parsed.expiresOn) {
|
|
16135
|
+
return parsed.ssoCapable;
|
|
16136
|
+
}
|
|
16137
|
+
}
|
|
16138
|
+
}
|
|
16139
|
+
catch {
|
|
16140
|
+
// If parsing fails, return undefined
|
|
16141
|
+
}
|
|
16142
|
+
return undefined;
|
|
16143
|
+
}
|
|
16144
|
+
/**
|
|
16145
|
+
* SSO capability verification in the background.
|
|
16146
|
+
* This method makes an iframe request to /authorize to verify SSO capability without calling /token.
|
|
16147
|
+
* This method does not block the caller and tracks telemetry for success/failure.
|
|
16148
|
+
* This method only executes if verifySSO is set to true in the auth configuration.
|
|
16149
|
+
* The result is cached in localStorage with a 24-hour TTL; the SSO verification call
|
|
16150
|
+
* is only attempted when the cached value is absent or expired.
|
|
16151
|
+
* @param request - The original request used for the authentication flow
|
|
16152
|
+
* @param interactionType - The interactionType of the AT operation for logging purposes
|
|
16153
|
+
*/
|
|
16154
|
+
verifySsoCapability(request, interactionType) {
|
|
16155
|
+
// Check if SSO capability verification is enabled
|
|
16156
|
+
if (!this.config.auth.verifySSO) {
|
|
16157
|
+
return;
|
|
16158
|
+
}
|
|
16159
|
+
// Check TTL: derive ssoCapable state from localStorage and skip if not expired
|
|
16160
|
+
const ssoCacheKey = SSO_CAPABLE;
|
|
16161
|
+
const SSO_CAPABLE_TTL_MS = 24 * 60 * 60 * 1000; // 24 hours
|
|
16162
|
+
const cachedSsoCapable = this.getCachedSsoCapable();
|
|
16163
|
+
if (cachedSsoCapable !== undefined) {
|
|
16164
|
+
this.logger.verbose("13poou", "");
|
|
16165
|
+
return;
|
|
16166
|
+
}
|
|
16167
|
+
const correlationId = createNewGuid();
|
|
16168
|
+
const ssoCapableMeasurement = this.performanceClient.startMeasurement(SsoCapable, correlationId);
|
|
16169
|
+
ssoCapableMeasurement.add({
|
|
16170
|
+
"ext.interactionType": interactionType,
|
|
16171
|
+
});
|
|
16172
|
+
this.logger.verbose("0pbr0i", correlationId);
|
|
16173
|
+
/*
|
|
16174
|
+
* Use setTimeout to ensure this runs in a separate macrotask after the current call stack completes
|
|
16175
|
+
* This ensures the result is returned to the caller before the SSO verification starts and doesn't affect performance
|
|
16176
|
+
*/
|
|
16177
|
+
setTimeout(() => {
|
|
16178
|
+
const ssoVerificationRequest = {
|
|
16179
|
+
...request,
|
|
16180
|
+
correlationId: correlationId,
|
|
16181
|
+
};
|
|
16182
|
+
const silentIframeClient = this.createSilentIframeClient(correlationId);
|
|
16183
|
+
silentIframeClient
|
|
16184
|
+
.verifySso(ssoVerificationRequest)
|
|
16185
|
+
.then((result) => {
|
|
16186
|
+
this.logger.verbose("1gd1iv", correlationId);
|
|
16187
|
+
// TBD to add profileTelemetry later in localStorage with 24h TTL
|
|
16188
|
+
try {
|
|
16189
|
+
const cacheEntry = JSON.stringify({
|
|
16190
|
+
ssoCapable: result,
|
|
16191
|
+
expiresOn: Date.now() + SSO_CAPABLE_TTL_MS,
|
|
16192
|
+
});
|
|
16193
|
+
window.localStorage.setItem(ssoCacheKey, cacheEntry);
|
|
16194
|
+
}
|
|
16195
|
+
catch {
|
|
16196
|
+
this.logger.warning("18lmoj", correlationId);
|
|
16197
|
+
}
|
|
16198
|
+
ssoCapableMeasurement.end({
|
|
16199
|
+
fromCache: false,
|
|
16200
|
+
success: result,
|
|
16201
|
+
}, undefined);
|
|
16202
|
+
})
|
|
16203
|
+
.catch((error) => {
|
|
16204
|
+
this.logger.warning("05g83w", correlationId);
|
|
16205
|
+
// reset the cache
|
|
16206
|
+
try {
|
|
16207
|
+
window.localStorage.removeItem(ssoCacheKey);
|
|
16208
|
+
}
|
|
16209
|
+
catch {
|
|
16210
|
+
this.logger.warning("0nlf9q", correlationId);
|
|
16211
|
+
}
|
|
16212
|
+
ssoCapableMeasurement.end({
|
|
16213
|
+
fromCache: false,
|
|
16214
|
+
success: false,
|
|
16215
|
+
}, error);
|
|
16216
|
+
});
|
|
16217
|
+
}, 0);
|
|
16218
|
+
}
|
|
16030
16219
|
// #endregion
|
|
16031
16220
|
// #region Silent Flow
|
|
16032
16221
|
/**
|
|
@@ -16048,13 +16237,12 @@ class StandardController {
|
|
|
16048
16237
|
const correlationId = this.getRequestCorrelationId(request);
|
|
16049
16238
|
const validRequest = {
|
|
16050
16239
|
...request,
|
|
16051
|
-
// will be PromptValue.NONE or PromptValue.NO_SESSION
|
|
16052
|
-
prompt: request.prompt,
|
|
16053
16240
|
correlationId: correlationId,
|
|
16054
16241
|
};
|
|
16055
16242
|
this.ssoSilentMeasurement = this.performanceClient.startMeasurement(SsoSilent, correlationId);
|
|
16056
16243
|
this.ssoSilentMeasurement?.add({
|
|
16057
16244
|
scenarioId: request.scenarioId,
|
|
16245
|
+
ssoCapable: this.getCachedSsoCapable(),
|
|
16058
16246
|
});
|
|
16059
16247
|
preflightCheck(this.initialized, this.ssoSilentMeasurement, this.config, validRequest);
|
|
16060
16248
|
this.ssoSilentMeasurement?.increment({
|
|
@@ -16067,10 +16255,17 @@ class StandardController {
|
|
|
16067
16255
|
this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, correlationId, exports.InteractionType.Silent, validRequest);
|
|
16068
16256
|
let result;
|
|
16069
16257
|
if (this.canUsePlatformBroker(validRequest)) {
|
|
16258
|
+
this.ssoSilentMeasurement?.add({
|
|
16259
|
+
isPlatformBrokerRequest: true,
|
|
16260
|
+
});
|
|
16070
16261
|
result = this.acquireTokenNative(validRequest, ApiId.ssoSilent).catch((e) => {
|
|
16262
|
+
this.ssoSilentMeasurement?.add({
|
|
16263
|
+
brokerErrorName: e.name,
|
|
16264
|
+
brokerErrorCode: e.errorCode,
|
|
16265
|
+
});
|
|
16071
16266
|
// If native token acquisition fails for availability reasons fallback to standard flow
|
|
16072
16267
|
if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
|
|
16073
|
-
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
|
|
16268
|
+
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt platform broker calls
|
|
16074
16269
|
const silentIframeClient = this.createSilentIframeClient(validRequest.correlationId);
|
|
16075
16270
|
return silentIframeClient.acquireToken(validRequest);
|
|
16076
16271
|
}
|
|
@@ -16143,7 +16338,6 @@ class StandardController {
|
|
|
16143
16338
|
this.hybridAuthCodeResponses.delete(hybridAuthCode);
|
|
16144
16339
|
atbcMeasurement.end({
|
|
16145
16340
|
success: true,
|
|
16146
|
-
isNativeBroker: result.fromPlatformBroker,
|
|
16147
16341
|
accessTokenSize: result.accessToken.length,
|
|
16148
16342
|
idTokenSize: result.idToken.length,
|
|
16149
16343
|
}, undefined, result.account);
|
|
@@ -16167,10 +16361,17 @@ class StandardController {
|
|
|
16167
16361
|
}
|
|
16168
16362
|
else if (request.nativeAccountId) {
|
|
16169
16363
|
if (this.canUsePlatformBroker(request, request.nativeAccountId)) {
|
|
16364
|
+
atbcMeasurement.add({
|
|
16365
|
+
isPlatformBrokerRequest: true,
|
|
16366
|
+
});
|
|
16170
16367
|
const result = await this.acquireTokenNative({
|
|
16171
16368
|
...request,
|
|
16172
16369
|
correlationId,
|
|
16173
16370
|
}, ApiId.acquireTokenByCode, request.nativeAccountId).catch((e) => {
|
|
16371
|
+
atbcMeasurement.add({
|
|
16372
|
+
brokerErrorName: e.name,
|
|
16373
|
+
brokerErrorCode: e.errorCode,
|
|
16374
|
+
});
|
|
16174
16375
|
// If native token acquisition fails for availability reasons fallback to standard flow
|
|
16175
16376
|
if (e instanceof NativeAuthError &&
|
|
16176
16377
|
isFatalNativeAuthError(e)) {
|
|
@@ -16221,7 +16422,6 @@ class StandardController {
|
|
|
16221
16422
|
this.acquireTokenByCodeAsyncMeasurement?.end({
|
|
16222
16423
|
success: true,
|
|
16223
16424
|
fromCache: response.fromCache,
|
|
16224
|
-
isNativeBroker: response.fromPlatformBroker,
|
|
16225
16425
|
});
|
|
16226
16426
|
return response;
|
|
16227
16427
|
})
|
|
@@ -16390,7 +16590,7 @@ class StandardController {
|
|
|
16390
16590
|
throw createBrowserAuthError(nativeConnectionNotEstablished);
|
|
16391
16591
|
}
|
|
16392
16592
|
const nativeClient = new PlatformAuthInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, apiId, this.performanceClient, this.platformAuthProvider, accountId || this.getNativeAccountId(request), this.nativeInternalStorage, correlationId);
|
|
16393
|
-
return nativeClient.acquireToken(request, cacheLookupPolicy);
|
|
16593
|
+
return invokeAsync(nativeClient.acquireToken.bind(nativeClient), NativeInteractionClientAcquireToken, this.logger, this.performanceClient, correlationId)(request, cacheLookupPolicy);
|
|
16394
16594
|
}
|
|
16395
16595
|
/**
|
|
16396
16596
|
* Returns boolean indicating if this request can use the platform broker
|
|
@@ -16404,7 +16604,7 @@ class StandardController {
|
|
|
16404
16604
|
return false;
|
|
16405
16605
|
}
|
|
16406
16606
|
if (!isPlatformAuthAllowed(this.config, this.logger, correlationId, this.platformAuthProvider, request.authenticationScheme)) {
|
|
16407
|
-
this.logger.trace("
|
|
16607
|
+
this.logger.trace("0yoy1g", correlationId);
|
|
16408
16608
|
return false;
|
|
16409
16609
|
}
|
|
16410
16610
|
if (request.prompt) {
|
|
@@ -16623,6 +16823,7 @@ class StandardController {
|
|
|
16623
16823
|
atsMeasurement.add({
|
|
16624
16824
|
cacheLookupPolicy: request.cacheLookupPolicy,
|
|
16625
16825
|
scenarioId: request.scenarioId,
|
|
16826
|
+
ssoCapable: this.getCachedSsoCapable(),
|
|
16626
16827
|
});
|
|
16627
16828
|
preflightCheck(this.initialized, atsMeasurement, this.config, request);
|
|
16628
16829
|
this.logger.verbose("0x1c4s", correlationId);
|
|
@@ -16635,7 +16836,6 @@ class StandardController {
|
|
|
16635
16836
|
atsMeasurement.end({
|
|
16636
16837
|
success: true,
|
|
16637
16838
|
fromCache: result.fromCache,
|
|
16638
|
-
isNativeBroker: result.fromPlatformBroker,
|
|
16639
16839
|
accessTokenSize: result.accessToken.length,
|
|
16640
16840
|
idTokenSize: result.idToken.length,
|
|
16641
16841
|
}, undefined, result.account);
|
|
@@ -16795,7 +16995,12 @@ class StandardController {
|
|
|
16795
16995
|
if (isPlatformAuthAllowed(this.config, this.logger, silentRequest.correlationId, this.platformAuthProvider, silentRequest.authenticationScheme) &&
|
|
16796
16996
|
silentRequest.account.nativeAccountId) {
|
|
16797
16997
|
this.logger.verbose("0sczo4", silentRequest.correlationId);
|
|
16998
|
+
this.performanceClient.addFields({ isPlatformBrokerRequest: true }, silentRequest.correlationId);
|
|
16798
16999
|
return this.acquireTokenNative(silentRequest, ApiId.acquireTokenSilent_silentFlow, silentRequest.account.nativeAccountId, cacheLookupPolicy).catch(async (e) => {
|
|
17000
|
+
this.performanceClient.addFields({
|
|
17001
|
+
brokerErrorName: e.name,
|
|
17002
|
+
brokerErrorCode: e.errorCode,
|
|
17003
|
+
}, silentRequest.correlationId);
|
|
16799
17004
|
// If native token acquisition fails for availability reasons fallback to web flow
|
|
16800
17005
|
if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
|
|
16801
17006
|
this.logger.verbose("07rkmb", silentRequest.correlationId);
|